2024-04-27_419f3daec473ec05cc1f8c2603e7a26c_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-27_419f3daec473ec05cc1f8c2603e7a26c_icedid
Size

1.8MB
MD5

419f3daec473ec05cc1f8c2603e7a26c
SHA1

41cabfd2bdbe95f724c2ead9425c778f5f04442c
SHA256

af6bd86c4d689c0a1e8ca703f6d4ed15d7bff975845ed7384e389c338f28878c
SHA512

4d3f496ee419d2efa87da733e6fe12661480167a2ad461542b422d17fbc1ed368654f01ec9152acaf50eefc945592c6acc3c2db7575b0e844f79e076b95d1f8c
SSDEEP

49152:oQdMcSaEJ9/ru6pAuhV5E5UDBd8FjLXtnXO12:ecSXJ9zQuhV5E5UDz8BbtXO12

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-27_419f3daec473ec05cc1f8c2603e7a26c_icedid

Files

2024-04-27_419f3daec473ec05cc1f8c2603e7a26c_icedid
.exe windows:5 windows x86 arch:x86

463c30187a2294d1ebc927fb2de0e47b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
CompareStringW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
IsValidCodePage
GetACP
HeapCreate
VirtualFree
GetConsoleMode
GetConsoleCP
SizeofResource
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStdHandle
SetHandleCount
HeapSize
GetFileType
SetStdHandle
CreateThread
GetLocaleInfoW
VirtualQuery
GetSystemInfo
VirtualAlloc
RaiseException
GetStartupInfoA
GetCommandLineA
GetDateFormatA
GetTimeFormatA
ExitProcess
RtlUnwind
GetSystemTimeAsFileTime
HeapFree
HeapReAlloc
HeapAlloc
FindResourceExA
VirtualProtect
SearchPathA
Sleep
GetProfileIntA
GetTempPathA
GetTickCount
lstrcpyA
SetErrorMode
GetCurrentDirectoryA
GetFileSizeEx
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileAttributesExA
GetSystemDirectoryW
LoadLibraryW
GetOEMCP
GetCPInfo
GetModuleHandleW
InterlockedIncrement
WriteConsoleW
GetConsoleOutputCP
ExitThread
WriteConsoleA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GlobalFlags
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateFileA
GetShortPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
GetThreadLocale
GetStringTypeExA
MoveFileA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryExA
InterlockedExchange
lstrcmpA
InterlockedDecrement
GetModuleFileNameW
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
GetModuleFileNameA
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
FreeResource
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
CompareStringA
lstrcmpW
GetVersionExA
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
FormatMessageA
LocalFree
lstrlenW
MulDiv
lstrlenA
GlobalLock
GlobalUnlock
GetCurrentProcessId
GetProcAddress
GetModuleHandleA
LoadLibraryA
GlobalGetAtomNameA
GlobalAddAtomA
GetLastError
SetLastError
MultiByteToWideChar
DeleteFileA
FindNextFileA
FindClose
FindFirstFileA
CreateDirectoryA
SetCurrentDirectoryA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SetEnvironmentVariableA

user32

CopyIcon
FrameRect
EmptyClipboard
CloseClipboard
SetClipboardData
LoadImageA
CopyImage
OpenClipboard
SetCursorPos
CreateAcceleratorTableA
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
SetClassLongA
DestroyAcceleratorTable
RegisterClipboardFormatA
LockWindowUpdate
GetMenuDefaultItem
SetMenuDefaultItem
IsMenu
UpdateLayeredWindow
EnableScrollBar
NotifyWinEvent
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
CharNextA
DestroyIcon
SetParent
GetSystemMenu
GetSysColorBrush
DrawStateA
SetWindowRgn
DrawIcon
GetMenuItemInfoA
CharUpperA
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
ValidateRect
MapVirtualKeyA
GetKeyNameTextA
WaitMessage
GetMessageA
TranslateMessage
SetCapture
InflateRect
UnionRect
IsZoomed
GetCursorPos
WindowFromPoint
KillTimer
SetTimer
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
CharUpperBuffA
SendDlgItemMessageA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
PtInRect
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
GetSystemMetrics
GetWindowDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetMenuState
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
GetClassNameA
GetSysColor
UnpackDDElParam
ReuseDDElParam
DestroyMenu
WinHelpA
SetWindowPos
SetFocus
GetWindowThreadProcessId
GetActiveWindow
IsWindowEnabled
GetDlgItem
SetWindowLongA
PostThreadMessageA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
IsClipboardFormatAvailable
GetUpdateRect
GetDoubleClickTime
GetIconInfo
IsCharLowerA
GetDlgCtrlID
GetKeyState
SetCursor
GetCapture
ReleaseCapture
LoadAcceleratorsA
GetParent
SetActiveWindow
InvalidateRect
InsertMenuItemA
GetMenuItemID
MapVirtualKeyExA
SubtractRect
DestroyCursor
RegisterWindowMessageA
GetWindowRgn
GetMenuItemCount
CreatePopupMenu
GetClassInfoA
IntersectRect
OffsetRect
SetRectEmpty
GetMenu
BringWindowToTop
PostMessageA
SetMenu
GetDesktopWindow
GetWindow
GetWindowLongA
TranslateAcceleratorA
CopyRect
EnumChildWindows
ShowWindow
ReleaseDC
GetDC
EndPaint
BeginPaint
GetClientRect
GetWindowRect
LoadMenuA
GetSubMenu
DeleteMenu
GetAsyncKeyState
MessageBoxA
PeekMessageA
PostQuitMessage
DefWindowProcA
UnregisterClassA
LoadIconA
LoadCursorA
SetForegroundWindow
GetLastActivePopup
FindWindowA
IsIconic
IsWindow
IsWindowVisible
UpdateWindow
EqualRect
SetRect
EnableWindow
RedrawWindow
SendMessageA
IsRectEmpty

gdi32

CreateSolidBrush
CreateHatchBrush
GetDCOrgEx
GetCharWidthA
CreateFontA
StretchDIBits
GetBkColor
CreateFontIndirectA
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
CreateEllipticRgn
GetTextColor
GetRgnBox
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
CreateRoundRectRgn
CreateDIBSection
CreatePolygonRgn
Polyline
Polygon
OffsetRgn
SetDIBColorTable
RealizePalette
StretchBlt
RoundRect
ExtFloodFill
SetPaletteEntries
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExA
GetTextFaceA
SetPixelV
GetObjectA
CreatePalette
GetObjectType
SelectClipRgn
GetViewportExtEx
SelectPalette
CreateBitmap
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPaletteEntries
GetTextExtentPoint32A
DeleteObject
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CopyMetaFileA
GetDeviceCaps
LPtoDP
DPtoLP
GetWindowExtEx
GetStockObject
SetDCPenColor
Ellipse
SelectObject
GetCurrentObject
GetTextMetricsA
SetPixel
CreateRectRgn
CreatePen
GetPixel
BitBlt
Rectangle
CreateCompatibleDC
CreateCompatibleBitmap

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegQueryValueA
RegSetValueA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA
RegCreateKeyA
RegCloseKey
RegOpenKeyA
RegEnumKeyA

shell32

DragFinish
DragQueryFileA
SHGetFileInfoA
ExtractIconA
SHAppBarMessage
ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetFolderPathA

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindExtensionA
PathRemoveFileSpecW
PathStripToRootA
PathIsUNCA
PathFindFileNameA
UrlUnescapeA

oledlg

ord8

ole32

ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CLSIDFromProgID
CLSIDFromString
CoUninitialize
CoCreateInstance
CoInitializeEx
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CreateStreamOnHGlobal
OleInitialize
CoTaskMemFree
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard

oleaut32

VariantTimeToSystemTime
SysAllocString
OleCreateFontIndirect
SafeArrayDestroy
VariantCopy
SysAllocStringByteLen
SysFreeString
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
VarUdateFromDate
SystemTimeToVariantTime

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCloneImage

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

wininet

InternetCloseHandle
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetOpenUrlA
InternetConnectA
FtpOpenFileA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
HttpQueryInfoA
FtpGetFileA
FtpSetCurrentDirectoryA
InternetQueryDataAvailable
InternetQueryOptionA

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

463c30187a2294d1ebc927fb2de0e47b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

oleacc

wininet

imm32

winmm

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 330KB - Virtual size: 329KB

.data Size: 31KB - Virtual size: 59KB

.rsrc Size: 33KB - Virtual size: 33KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 330KB - Virtual size: 329KB

.data
Size: 31KB - Virtual size: 59KB

.rsrc
Size: 33KB - Virtual size: 33KB