2024-04-29_0df1b1861a44ad93ca20744c1d0c7530_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-29_0df1b1861a44ad93ca20744c1d0c7530_icedid
Size

8.9MB
MD5

0df1b1861a44ad93ca20744c1d0c7530
SHA1

19da5fc0001c3d406f9459fcd15f11a2a0bbe817
SHA256

0bbc8b92a85cc3dd04920915735bb4980400a9bacef15b0e0bcd7d17d21a6446
SHA512

8b66f29a70fdea2e43eaf07fa61f8ed3be01f248ff617ba18948026db3a45f7f2844024d2a7a0c83cee074d82e73e316537d729df29b558f2c8735326ff0e731
SSDEEP

196608:6ZgqXGXQyT5uPY4IUPUpUGm+cJmGbhtw9I+1Tjj6TeFOLz/PJWk:WVXGXQyAIomUGmzmGbc9bTjdFWbPJWk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-29_0df1b1861a44ad93ca20744c1d0c7530_icedid

Files

2024-04-29_0df1b1861a44ad93ca20744c1d0c7530_icedid
.exe windows:5 windows x86 arch:x86

460c3ffeb37c36b0b898abf8c16321ae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetTimeZoneInformation
GetStringTypeW
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
TerminateProcess
IsDebuggerPresent
UnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
SizeofResource
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapSize
HeapQueryInformation
HeapReAlloc
CreateThread
ExitThread
HeapAlloc
EncodePointer
DecodePointer
ExitProcess
RtlUnwind
RaiseException
GetSystemTimeAsFileTime
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
VirtualProtect
SearchPathW
Sleep
GetProfileIntW
InitializeCriticalSectionAndSpinCount
GetNumberFormatW
GetWindowsDirectoryW
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GetFileAttributesExW
SetErrorMode
GetTickCount
FileTimeToSystemTime
GetFullPathNameW
HeapFree
WriteConsoleW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
lstrcmpiW
lstrcpyW
DeleteFileW
GlobalFlags
GetCurrentDirectoryW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
lstrlenA
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GlobalGetAtomNameW
FreeResource
GlobalFindAtomW
GetVersionExW
CompareStringW
GetCurrentProcessId
GlobalAddAtomW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
ResumeThread
SetThreadPriority
lstrcmpA
GlobalDeleteAtom
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
ActivateActCtx
LoadLibraryW
DeactivateActCtx
WideCharToMultiByte
lstrcmpW
GetModuleHandleW
GetProcAddress
InterlockedExchange
FreeLibrary
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
MulDiv
SetLastError
GetThreadLocale
InterlockedIncrement
GetFileAttributesW
MultiByteToWideChar
GetTempPathW
GetTempFileNameW
CreateDirectoryW
GetModuleFileNameW
GetCurrentThreadId
CreateProcessW
WaitForSingleObject
CloseHandle
GetLastError
FindResourceW
LoadResource
LockResource
SetEnvironmentVariableA

user32

CreateMenu
IsMenu
UpdateLayeredWindow
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
PostThreadMessageW
CopyImage
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateW
SetClassLongW
GetAsyncKeyState
NotifyWinEvent
DestroyAcceleratorTable
RedrawWindow
SetWindowRgn
IsZoomed
RegisterClipboardFormatW
UnregisterClassW
MessageBeep
GetNextDlgGroupItem
UnionRect
SetParent
GetSystemMenu
MapVirtualKeyW
GetKeyNameTextW
GetMenuItemInfoW
InflateRect
CharUpperW
WaitMessage
WindowFromPoint
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoW
KillTimer
SetTimer
RealChildWindowFromPoint
DeleteMenu
LoadCursorW
GetSysColorBrush
SetCapture
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableW
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
SetWindowContextHelpId
MapDialogRect
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
MoveWindow
SetWindowTextW
IsDialogMessageW
SetMenuDefaultItem
CheckDlgButton
UnpackDDElParam
ReuseDDElParam
LoadMenuW
DestroyMenu
LoadImageW
DestroyIcon
ReleaseCapture
LoadAcceleratorsW
InvalidateRect
InsertMenuItemW
CreatePopupMenu
IntersectRect
SetRectEmpty
BringWindowToTop
GetDesktopWindow
ShowWindow
TranslateAcceleratorW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
GetWindowRect
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
GetWindowThreadProcessId
IsClipboardFormatAvailable
FrameRect
GetWindowRgn
DestroyCursor
SubtractRect
MapVirtualKeyExW
IsCharLowerW
GetDoubleClickTime
CharUpperBuffW
GetLastActivePopup
IsWindowEnabled
ShowOwnedPopups
SetCursor
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
CopyIcon
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetUpdateRect
PeekMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
PostQuitMessage
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
IsWindow
GetWindowLongW
GetParent
OffsetRect
PtInRect
CopyRect
GetDlgCtrlID
GetWindow
CharNextW
GetSystemMetrics
LoadIconW
EnableWindow
GetClientRect
IsIconic
PostMessageW
SendMessageW
DrawIcon
LoadStringW
FindWindowW
SetWindowPos
SetWindowsHookExW
MessageBoxW
GetDlgItem
SetDlgItemTextW
UnhookWindowsHookEx
CallNextHookEx
EndPaint

gdi32

CreateSolidBrush
CreateHatchBrush
CreateRectRgnIndirect
GetRgnBox
CreateDIBitmap
CreateFontIndirectW
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
GetTextExtentPoint32W
PatBlt
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
SetPixel
Rectangle
EnumFontFamiliesExW
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceW
SetPixelV
TextOutW
RectVisible
PtVisible
CreatePen
GetObjectType
SelectPalette
CreatePatternBrush
ExtTextOutW
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
StretchBlt
GetStockObject
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateCompatibleDC
CreateCompatibleBitmap
SetBkColor
SetTextColor
CreateBitmap
CreateDCW
CopyMetaFileW
GetTextColor
GetBkColor
GetDeviceCaps
GetObjectW
Escape

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegCloseKey
RegEnumValueW
RegQueryValueW

shell32

SHAppBarMessage
DragFinish
DragQueryFileW
SHGetFileInfoW
SHBrowseForFolderW
ShellExecuteW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetDesktopFolder

comctl32

ImageList_GetIconSize

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW

ole32

OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoInitializeEx
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoInitialize
CoUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
DoDragDrop
CoCreateInstance
CreateStreamOnHGlobal

oleaut32

SysAllocStringLen
VarBstrFromDate
SafeArrayDestroy
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantInit
VariantChangeType
VariantClear
SysAllocString
SysFreeString
OleCreateFontIndirect
VariantCopy

oledlg

OleUIBusyW

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 278KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

460c3ffeb37c36b0b898abf8c16321ae

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 278KB - Virtual size: 278KB

.data Size: 25KB - Virtual size: 54KB

.rsrc Size: 3.9MB - Virtual size: 3.9MB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 278KB - Virtual size: 278KB

.data
Size: 25KB - Virtual size: 54KB

.rsrc
Size: 3.9MB - Virtual size: 3.9MB