2024-04-29_bbff144b96edad8fe82a912b67aaa159_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-29_bbff144b96edad8fe82a912b67aaa159_icedid
Size

1.1MB
MD5

bbff144b96edad8fe82a912b67aaa159
SHA1

72da00763e0ae8491c077ff75ea0e0a47c198a94
SHA256

12b2a1a1c25c9a758104ff3944766f90614cdedd9ec6524be95e10c0f7ed3bf5
SHA512

0dc1da86447cfbc9921956f6696fdd209c23d128b59961fb3399a9823d8255f6642a0d9ec0e9f6e872bea3cdd000992a92a1fc7b338f952bc6f68ebd3a72909a
SSDEEP

12288:kTij3MZLQanyoHO4q/S02FvlP24hj7uEge+zC9qOc0tgPuqGwpR66u3Pl0gvS:zj3MVQYyeXqGFN/5ge+G940Euuat0g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-29_bbff144b96edad8fe82a912b67aaa159_icedid

Files

2024-04-29_bbff144b96edad8fe82a912b67aaa159_icedid
.exe windows:4 windows x86 arch:x86

7924cc08eb2dfdaaa69bf2feca5f1c81

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\4.1.73.0\Vpi40\src\CDBrowser\Debug\Browser.pdb

Imports

kernel32

GetTempFileNameW
GetProcAddress
LoadLibraryW
SetCurrentDirectoryW
GetModuleFileNameW
FindClose
FindFirstFileW
FindResourceW
SizeofResource
LockResource
LoadResource
GetVersionExW
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
LocalFree
FormatMessageW
GetLastError
LoadLibraryExW
GetModuleHandleW
FreeResource
GetLocaleInfoW
GetUserDefaultLangID
EnumResourceLanguagesW
GetVersion
ConvertDefaultLocale
lstrcpyW
GetCurrentThreadId
GetCurrentThread
lstrlenW
lstrcmpiA
lstrcmpA
WideCharToMultiByte
GlobalDeleteAtom
GlobalAlloc
lstrcmpW
GlobalLock
OpenEventA
lstrcpyA
OutputDebugStringW
FileTimeToLocalFileTime
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
MultiByteToWideChar
GlobalAddAtomW
CloseHandle
WaitForSingleObject
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetStdHandle
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
IsValidCodePage
IsValidLocale
GetStringTypeW
GetStringTypeA
GetDateFormatA
GetTimeFormatA
LCMapStringW
LCMapStringA
IsBadCodePtr
GetProcessHeap
GetCPInfo
GetOEMCP
SetUnhandledExceptionFilter
HeapReAlloc
HeapAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetConsoleCtrlHandler
FatalAppExitA
VirtualFree
HeapFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
VirtualQuery
GetSystemInfo
VirtualAlloc
ExitThread
CreateThread
HeapValidate
ExitProcess
TerminateProcess
GetModuleFileNameA
OutputDebugStringA
GetStdHandle
DebugBreak
RtlUnwind
GetStartupInfoW
LocalLock
LocalUnlock
FindResourceExW
SetFileAttributesW
LocalFileTimeToFileTime
GetDiskFreeSpaceW
FreeLibrary
GetFileTime
SetFileTime
GetFileAttributesW
SystemTimeToFileTime
FileTimeToSystemTime
GetProfileIntW
VirtualProtect
GetShortPathNameW
GetStringTypeExW
GetFullPathNameW
GetVolumeInformationW
DeleteFileW
MoveFileW
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
SetEvent
GetCurrentProcess
DuplicateHandle
IsBadReadPtr
IsBadWritePtr
IsBadStringPtrA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
TlsAlloc
InitializeCriticalSection
LocalAlloc
SetErrorMode
GlobalFlags
InterlockedIncrement
GetCurrentDirectoryW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
InterlockedDecrement
RaiseException
DeleteCriticalSection
GetModuleHandleA
lstrlenA
LoadLibraryA
lstrcatW
GlobalGetAtomNameW
lstrcmpiW
GlobalFindAtomW
GetVersionExA
SetLastError
MulDiv
CopyFileW
GlobalSize
lstrcpynW
ResumeThread
GetThreadPriority
SetThreadPriority
GlobalUnlock
GlobalFree
CreateEventW
SuspendThread

user32

DestroyIcon
CharUpperW
UnpackDDElParam
ReuseDDElParam
DestroyMenu
TranslateAcceleratorW
LoadAcceleratorsW
GetWindowThreadProcessId
ReleaseCapture
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
GetSysColor
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
WinHelpW
GetClassInfoW
RegisterClassW
UnregisterClassW
TrackPopupMenuEx
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthW
GetWindowTextW
GetDlgCtrlID
CreateWindowExW
GetClassLongW
GetClassInfoExW
GetClassNameW
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
GetMessageTime
GetMessagePos
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
wsprintfW
OpenIcon
CloseWindow
LoadIconW
LoadCursorW
PostThreadMessageW
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
GetWindowContextHelpId
SetWindowContextHelpId
SendNotifyMessageW
GetForegroundWindow
SetForegroundWindow
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
FlashWindow
WindowFromPoint
wsprintfA
GetParent
IsChild
GetLastActivePopup
GetTopWindow
GetWindow
FindWindowExW
FindWindowW
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
DlgDirSelectComboBoxExW
DlgDirSelectExW
DlgDirListComboBoxW
DlgDirListW
SetCapture
GetCapture
KillTimer
SetTimer
DrawCaption
DrawAnimatedRects
EnableScrollBar
RedrawWindow
LockWindowUpdate
MessageBoxW
GetSystemMetrics
LoadStringW
PostQuitMessage
SetCursor
DispatchMessageW
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageA
IsWindowUnicode
GetMessageA
DispatchMessageA
SubtractRect
UnionRect
InflateRect
GetDCEx
ShowOwnedPopups
IsWindowVisible
ValidateRgn
InvalidateRgn
InvalidateRect
GetUpdateRgn
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ScreenToClient
GetClipboardFormatNameA
GetClipboardFormatNameW
GetAsyncKeyState
SetRectEmpty
GetDialogBaseUnits
SystemParametersInfoW
ClientToScreen
MapWindowPoints
GetClientRect
GetWindowRect
BringWindowToTop
GetWindowRgn
SetWindowRgn
ArrangeIconicWindows
IsZoomed
IsIconic
HiliteMenuItem
GetSystemMenu
DrawMenuBar
SetMenu
GetMenu
DragDetect
CheckMenuRadioItem
GetMenuContextHelpId
SetMenuContextHelpId
LoadMenuIndirectW
LoadMenuW
RemoveMenu
ModifyMenuW
InsertMenuItemW
InsertMenuW
GetSubMenu
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuStringW
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
AppendMenuW
GetKeyNameTextW
MapVirtualKeyW
IsClipboardFormatAvailable
MessageBeep
SetParent
SetRect
PtInRect
IsRectEmpty
UnregisterClassA
GetMessageW
ValidateRect
SetWindowsHookExW
GetCursorPos
PeekMessageW
CallNextHookEx
GetKeyState
GetFocus
SetMenuItemBitmaps
LoadBitmapW
GetMenuCheckMarkDimensions
MapDialogRect
IsWindow
SendMessageW
PostMessageW
TabbedTextOutW
DeleteMenu
IsMenu
CreatePopupMenu
CreateMenu
ScrollDC
GrayStringW
GetTabbedTextExtentW
DrawTextExW
DrawTextW
DrawFocusRect
DrawFrameControl
DrawEdge
DrawStateW
DrawIcon
InvertRect
FrameRect
FillRect
ExcludeUpdateRgn
WindowFromDC
GetSysColorBrush
EndDialog
GetDesktopWindow
GetActiveWindow
SetActiveWindow
EnableWindow
CreateDialogIndirectParamW
DestroyWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
WaitMessage

gdi32

CreateSolidBrush
ExtCreatePen
CreatePenIndirect
CreatePen
GetObjectType
UnrealizeObject
GetStockObject
GetObjectW
ExtTextOutW
CloseEnhMetaFile
CreateEnhMetaFileW
CloseMetaFile
CreateMetaFileW
CreateBitmap
GetViewportOrgEx
GetViewportExtEx
GetWindowOrgEx
GetWindowExtEx
DPtoLP
LPtoDP
FillRgn
FrameRgn
InvertRgn
PaintRgn
PtVisible
RectVisible
GetCurrentPositionEx
Arc
Polyline
Chord
Ellipse
Pie
Polygon
PolyPolygon
Rectangle
RoundRect
PatBlt
BitBlt
StretchBlt
GetPixel
SetPixel
FloodFill
ExtFloodFill
TextOutW
GetTextExtentPoint32W
GetTextAlign
GetTextFaceW
GetTextMetricsW
GetTextCharacterExtra
GetCharWidthW
GetFontLanguageInfo
GetCharacterPlacementW
GetAspectRatioFilterEx
Escape
SetBoundsRect
GetBoundsRect
ResetDCW
GetOutlineTextMetricsW
GetCharABCWidthsW
GetFontData
GetKerningPairsW
GetGlyphOutlineW
StartDocW
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
MaskBlt
PlgBlt
SetPixelV
CreateHatchBrush
GetArcDirection
PolyPolyline
GetColorAdjustment
GetCurrentObject
PolyBezier
DrawEscape
ExtEscape
GetCharABCWidthsFloatW
GetCharWidthFloatW
AbortPath
BeginPath
CloseFigure
EndPath
FillPath
FlattenPath
GetMiterLimit
GetPath
SetMiterLimit
StrokeAndFillPath
StrokePath
WidenPath
GdiComment
PlayEnhMetaFile
CopyMetaFileW
GetDCOrgEx
GetClipBox
SetTextColor
SetBkColor
DeleteDC
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
CreateBrushIndirect
CreatePatternBrush
CreateDIBPatternBrushPt
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
DeleteObject
GetClipRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
EnumMetaFile
PlayMetaFile
StretchDIBits
EnumFontFamiliesExW
CreateFontIndirectW
CreateFontW
CreateBitmapIndirect
SetBitmapBits
GetBitmapBits
SetBitmapDimensionEx
GetBitmapDimensionEx
CreateCompatibleBitmap
CreateDiscardableBitmap
CreatePalette
CreateHalftonePalette
GetPaletteEntries
SetPaletteEntries
AnimatePalette
GetNearestPaletteIndex
ResizePalette
CreateRectRgn
CreateRectRgnIndirect
CreateEllipticRgn
CreateEllipticRgnIndirect
CreatePolygonRgn
CreatePolyPolygonRgn
CreateRoundRectRgn
PathToRegion
ExtCreateRegion
GetRegionData
SetRectRgn
CombineRgn
EqualRgn
OffsetRgn
GetRgnBox
PtInRegion
RectInRegion
CreateDCW
CreateICW
CreateCompatibleDC
GetDeviceCaps
GetBrushOrgEx
GetMapMode
SetBrushOrgEx
EnumObjects
SelectObject
GetNearestColor
RealizePalette
UpdateColors
GetBkColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
AngleArc

comdlg32

GetFileTitleW
GetOpenFileNameW
ChooseColorW
ReplaceTextW
FindTextW
PageSetupDlgW
PrintDlgW
CommDlgExtendedError
GetSaveFileNameW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW
GetJobW

advapi32

OpenThreadToken
SetThreadToken
RegCloseKey
RegSetValueExW
RegCreateKeyW
RegQueryValueExW
RegOpenKeyW
RegOpenKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegSetValueW
RegCreateKeyExW
RegDeleteValueW
SetFileSecurityW
GetFileSecurityW
RevertToSelf

shell32

DragFinish
DragQueryFileW
SHGetFileInfoW
ExtractIconW
DragAcceptFiles

comctl32

ImageList_GetDragImage
ImageList_DragEnter
ImageList_DragLeave
ImageList_SetImageCount
ImageList_Copy
ImageList_Write
ImageList_Read
ImageList_DragShowNolock
ImageList_LoadImageW
ImageList_Create
ImageList_Destroy
ord13
CreatePropertySheetPageW
DestroyPropertySheetPage
PropertySheetW
ord17
ord8
ImageList_SetDragCursorImage
ImageList_DragMove
ImageList_EndDrag
ImageList_BeginDrag
ImageList_SetOverlayImage
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_DrawEx
ImageList_Draw
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Replace
ImageList_Remove
ImageList_AddMasked
ImageList_Add
ImageList_GetImageCount
ImageList_Merge
ImageList_GetImageInfo
ord14

shlwapi

PathRemoveExtensionW
PathFindFileNameW
PathIsUNCW
PathFindExtensionW
PathStripToRootW

ole32

CoTaskMemFree
CreateBindCtx
CoTaskMemAlloc
OleDuplicateData
CoCreateInstance
StringFromGUID2
CLSIDFromString
SetConvertStg
OleRun
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoReleaseMarshalData
CoMarshalInterface
CreateStreamOnHGlobal
CoUnmarshalInterface
CoRevokeClassObject
CoRegisterClassObject
CoTreatAsClass
ReleaseStgMedium
CLSIDFromProgID
CoDisconnectObject

oleaut32

VarDateFromUdate
SystemTimeToVariantTime
VarUdateFromDate
VariantTimeToSystemTime
DosDateTimeToVariantTime
LoadTypeLi
VarBstrFromDate
VarDateFromStr
VarDecFromStr
VarBstrFromDec
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
SysAllocString
VariantCopy
SafeArrayCreate
SafeArrayRedim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElemsize
SafeArrayGetDim
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysFreeString

Sections

.text
Size: 796KB - Virtual size: 792KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7924cc08eb2dfdaaa69bf2feca5f1c81

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

Sections

.text Size: 796KB - Virtual size: 792KB

.rdata Size: 264KB - Virtual size: 260KB

.data Size: 12KB - Virtual size: 26KB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 796KB - Virtual size: 792KB

.rdata
Size: 264KB - Virtual size: 260KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 20KB - Virtual size: 16KB