2024-04-30_ecdd28f9e87214dff1ee0757618ba024_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-30_ecdd28f9e87214dff1ee0757618ba024_icedid
Size

11.8MB
MD5

ecdd28f9e87214dff1ee0757618ba024
SHA1

ca5b159e2b7373907ff34070d03108bcb545537b
SHA256

b656ed8811a3dc047580f8687dc0bccaa9a2485e7e635f312a0c23b80369bf7d
SHA512

69f668adce3980d2344865c441360d090a0eb1477177020b3d4150a66ee257c286dada8a5e75358d1c349bf172da5d39e6111bce7962faee4fa9b62527922da9
SSDEEP

196608:4stidATDfh/yDyRWWF2CYj9qDh32eQgEkYOVQq:fsy/8G1VV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-30_ecdd28f9e87214dff1ee0757618ba024_icedid

Files

2024-04-30_ecdd28f9e87214dff1ee0757618ba024_icedid
.exe windows:4 windows x86 arch:x86

2416de73182f600b50a1dc5edac0155c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

hhctrl.ocx

ord14

libexslt

exsltRegisterAll

libxml2

xmlInitParser
xmlCleanupParser
xmlStrlen
xmlXPathNewContext
xmlBufferFree
xmlNodeDump
xmlBufferCreate
xmlNodeSetName
xmlNodeSetContent
xmlXPathOrderDocElems
xmlUnsetProp
xmlXPathInit
xmlXPathEvalExpression
xmlXPathFreeObject
xmlXPathFreeContext
xmlAddChild
xmlNewText
xmlNewDocNode
xmlValidateName
xmlFree
xmlGetProp
xmlNewProp
xmlSetProp
xmlHasProp
xmlDocCopyNode
xmlGetNodePath
xmlFreeNode
xmlUnlinkNode
xmlDocGetRootElement
xmlDocSetRootElement
xmlNewDoc
xmlSetStructuredErrorFunc
xmlSetGenericErrorFunc
xmlReadFile
xmlKeepBlanksDefault
xmlReadIO
xmlSaveFormatFileEnc
xmlSaveFormatFileTo
xmlFreeDoc
xmlSchemaCleanupTypes
xmlSchemaFreeParserCtxt
xmlSchemaFree
xmlSchemaFreeValidCtxt
xmlSchemaValidateDoc
xmlSchemaNewValidCtxt
xmlSchemaParse
xmlSchemaNewDocParserCtxt
xmlSAXUserParseFile
xmlOutputBufferCreateIO
xmlNodeGetContent

libxslt

xsltApplyStylesheet
xsltFreeStylesheet
xsltSaveResultToFilename
xsltParseStylesheetFile
xsltSaveResultToString
xsltNewTransformContext
xsltFreeTransformContext
xsltSetGenericErrorFunc

kernel32

MapViewOfFile
OpenFileMappingA
CreateFileMappingA
UnmapViewOfFile
GlobalAddAtomA
GetShortPathNameA
HeapFree
OpenProcess
TerminateProcess
GetCurrentProcessId
CreateProcessA
GetExitCodeProcess
CreatePipe
GetVersionExA
GetLocaleInfoA
GetUserDefaultLCID
EscapeCommFunction
SetupComm
SetCommMask
GetOverlappedResult
WaitCommEvent
lstrcatA
lstrcpyA
GetFileAttributesA
GetVolumeInformationA
GetFullPathNameA
LocalFileTimeToFileTime
GetFileTime
lstrcpynA
GetTempFileNameA
GetDiskFreeSpaceA
GlobalSize
ResetEvent
GlobalDeleteAtom
GlobalFindAtomA
GlobalGetAtomNameA
FreeResource
GetModuleFileNameW
lstrcmpA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
MoveFileA
DeleteFileA
GetThreadLocale
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
SetFileAttributesA
VirtualProtect
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
SetErrorMode
FindResourceExA
RtlUnwind
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
ExitProcess
GetCommandLineA
GetStartupInfoA
WriteConsoleW
GetStdHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
SetEnvironmentVariableA
RemoveDirectoryA
GetConsoleCP
GetConsoleMode
GetFileInformationByHandle
PeekNamedPipe
SetStdHandle
HeapSize
DebugBreak
VirtualFree
HeapDestroy
HeapCreate
GetACP
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
LoadLibraryW
LCMapStringA
LCMapStringW
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
GetLocaleInfoW
SetEvent
CreateEventA
TryEnterCriticalSection
CreateThread
ReleaseMutex
WaitForSingleObject
OpenMutexA
CreateMutexA
FindNextFileA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
CopyFileA
GetDriveTypeA
GetPrivateProfileSectionA
WritePrivateProfileSectionA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetComputerNameA
GetSystemTime
GetCurrentThreadId
GetTickCount
SleepEx
LoadLibraryA
GetProcAddress
SetLastError
SetFileTime
DosDateTimeToFileTime
SystemTimeToFileTime
GetCurrentProcess
DuplicateHandle
GetFileType
SetFilePointer
GetCommModemStatus
GetCommState
SetCommState
GetCommTimeouts
SetCommTimeouts
ReadFile
WriteFile
ClearCommError
PurgeComm
DeviceIoControl
GlobalLock
GlobalUnlock
MulDiv
GlobalAlloc
GlobalFree
GetTimeZoneInformation
LocalAlloc
LocalHandle
LocalFree
GetCurrentDirectoryA
SetCurrentDirectoryA
CreateFileA
CloseHandle
CreateDirectoryA
FormatMessageA
GetProcessHeap
HeapAlloc
Sleep
LockResource
RaiseException
IsDBCSLeadByte
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetModuleFileNameA
GetModuleHandleA
DeleteCriticalSection
InterlockedDecrement
InterlockedIncrement
GetLastError
lstrlenA
lstrcmpiA
GetStringTypeExA
WideCharToMultiByte
lstrlenW
CompareStringA
CompareStringW
MultiByteToWideChar
InterlockedExchange
GetVersion
CreateDirectoryExA
GetProfileIntA
SetEnvironmentVariableW
CreateFileW
lstrcmpW

user32

GetDC
EnableWindow
ReleaseDC
SetRect
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
CopyRect
GetSysColor
CharNextA
GetSystemMenu
ReleaseCapture
PostMessageA
LoadCursorA
GetSystemMetrics
CharUpperA
GetCapture
ClientToScreen
SetCapture
ShowCursor
RedrawWindow
FindWindowExA
keybd_event
GetCaretPos
FrameRect
ClipCursor
SystemParametersInfoA
OffsetRect
LoadIconA
GetMonitorInfoA
MonitorFromRect
PtInRect
IntersectRect
UnionRect
EqualRect
GetWindowRect
GetClassLongA
SetCursor
ScreenToClient
ChildWindowFromPoint
GetMenuItemCount
GetMenuStringA
GetMenu
GetCursorPos
GetParent
GetKeyState
LoadMenuA
SetMenu
DrawMenuBar
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
UpdateWindow
GetScrollPos
SetScrollPos
InflateRect
RegisterClipboardFormatA
GetWindowDC
GetClientRect
InvalidateRect
IsWindow
KillTimer
SetTimer
LoadImageA
DispatchMessageA
LoadBitmapA
IsZoomed
TranslateMessage
PeekMessageA
ValidateRect
IsWindowVisible
wsprintfA
SetCursorPos
DlgDirSelectExA
DrawEdge
IsIconic
ShowOwnedPopups
GetDesktopWindow
SetWindowPos
GetActiveWindow
GetFocus
IsChild
DeleteMenu
GetSubMenu
GetMenuItemID
CreateMenu
AppendMenuA
GetMenuItemInfoA
InsertMenuA
GetWindow
GetTopWindow
GetSysColorBrush
TranslateAcceleratorA
SetActiveWindow
GetDlgCtrlID
GetWindowTextA
GetWindowTextLengthA
ModifyMenuA
IsClipboardFormatAvailable
CreatePopupMenu
UnhookWindowsHookEx
CallNextHookEx
SetWindowsHookExA
DrawIconEx
DestroyIcon
GetAsyncKeyState
wvsprintfA
PostThreadMessageA
MessageBeep
GetNextDlgGroupItem
LockWindowUpdate
GetDCEx
InvalidateRgn
CopyAcceleratorTableA
UnregisterClassA
SetWindowContextHelpId
MapDialogRect
SetParent
WaitMessage
SetWindowRgn
DrawIcon
IsRectEmpty
FindWindowA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
EndPaint
BeginPaint
FillRect
PostQuitMessage
WindowFromPoint
DestroyCursor
GetMessageA
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
CheckDlgButton
UnpackDDElParam
ReuseDDElParam
DestroyMenu
GetWindowThreadProcessId
IsWindowEnabled
LoadAcceleratorsA
InsertMenuItemA
SetRectEmpty
BringWindowToTop
ShowWindow
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetForegroundWindow
GetLastActivePopup
GetDlgItem
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcA
CallWindowProcA
GetWindowLongA
SetWindowLongA
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableMenuItem
CheckMenuItem
SendMessageA
GetMenuState

gdi32

ExtSelectClipRgn
CreatePatternBrush
SelectPalette
CreateRectRgnIndirect
SetRectRgn
CombineRgn
CreateEllipticRgn
LPtoDP
Ellipse
StretchBlt
BitBlt
GetObjectA
GetCurrentObject
GetMapMode
Polygon
CreateCompatibleDC
CreateCompatibleBitmap
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetTextColor
GetRgnBox
CreateFontA
SelectObject
CreateDIBSection
DeleteObject
LineTo
MoveToEx
CreatePen
GetTextExtentPoint32A
GetTextMetricsA
GetBitmapBits
StartDocA
StartPage
EndPage
AbortDoc
EndDoc
CreateFontIndirectA
GetDeviceCaps
SetPixelFormat
DescribePixelFormat
ChoosePixelFormat
SwapBuffers
GetDIBits
GetObjectType
DeleteDC
GetStockObject
DPtoLP
GdiFlush
SetDIBitsToDevice
SetDIBits
GetPixel
EnumFontFamiliesExA
SetMapMode
CreateSolidBrush
PatBlt
CopyMetaFileA
CreateDCA
CreateBitmap
GetClipBox
SetTextColor
SetBkColor
SaveDC
RestoreDC
SetBkMode
SetStretchBltMode
ExcludeClipRect
IntersectClipRect
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetBkColor

comdlg32

GetFileTitleA

winspool.drv

EnumPrintersA
OpenPrinterA
DocumentPropertiesA
ClosePrinter
GetPrinterA

advapi32

RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyA
GetUserNameA
RegQueryValueExA
RegCreateKeyA
RegSetValueA
DeregisterEventSource
ReportEventA
RegisterEventSourceA
GetKernelObjectSecurity
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
GetSecurityDescriptorLength
SetFileSecurityA
GetFileSecurityA
RegOpenKeyA
RegEnumKeyA
RegQueryValueA

shell32

SHGetFileInfoA
DragAcceptFiles
ShellExecuteA
DragFinish
DragQueryFileA
ExtractIconA
SHChangeNotify

comctl32

ord17

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoDisconnectObject
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CLSIDFromProgID
OleRun
OleUninitialize
CoFreeUnusedLibraries
CoCreateGuid
CoInitialize
CoUninitialize
OleInitialize
CoRevokeClassObject
OleSetClipboard
RevokeDragDrop
OleGetClipboard
DoDragDrop
RegisterDragDrop
CoLockObjectExternal
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
ReleaseStgMedium
OleDuplicateData
CreateStreamOnHGlobal
CLSIDFromString
CoCreateInstance

oleaut32

SysFreeString
SysStringByteLen
VarUI4FromStr
SysAllocStringLen
SysAllocStringByteLen
GetErrorInfo
DispCallFunc
VariantInit
VariantClear
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayGetLBound
VariantCopy
SafeArrayPutElement
SafeArrayCreate
LoadRegTypeLi
LoadTypeLi
SysStringLen
SysAllocString
VariantChangeType
SafeArrayGetElemsize
SafeArrayGetDim
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect

ws2_32

sendto
recvfrom
WSAAsyncSelect
listen
select
WSAGetLastError
closesocket
recv
send
connect
htons
inet_addr
gethostbyname
socket
gethostname
getpeername
getsockname
bind
htonl
ntohs
accept
WSACleanup
WSAStartup
inet_ntoa
WSASetLastError

winmm

mixerGetNumDevs
mixerGetDevCapsA
auxGetDevCapsA
auxGetNumDevs
waveInGetDevCapsA
waveInGetNumDevs
midiOutGetDevCapsA
waveOutGetNumDevs
waveOutGetDevCapsA
waveOutGetVolume
mciSendStringA
mciGetErrorStringA
waveOutSetVolume
midiInGetDevCapsA
midiInGetNumDevs
midiOutGetNumDevs

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstanceIdA

wininet

InternetQueryOptionA

psapi

EnumDeviceDrivers
EnumProcessModules
GetDeviceDriverBaseNameA
GetModuleFileNameExA

opengl32

glCallLists
glGenLists
glNewList
glTexCoord2f
glVertex2d
glVertex2i
glTranslated
glEndList
glIsTexture
glPushAttrib
glBlendFunc
glColor4f
glColor3f
glPopAttrib
glClearColor
glClearDepth
glClear
glDisable
glDepthMask
glMatrixMode
glPushMatrix
glGetIntegerv
glLoadIdentity
glOrtho
glBegin
glColor3ub
glVertex3d
glEnd
glEnable
glPopMatrix
glGetString
glMaterialf
glTranslatef
glHint
glGetError
glCallList
glListBase
glBindTexture
glColor3fv
glTexParameteri
glGetDoublev
glLoadName
glPopName
glColor4fv
glPushName
glLightModelfv
glVertex3f
glMaterialfv
glVertex3dv
glNormal3dv
glShadeModel
glDepthFunc
glTexGeni
glRotated
glScaled
glStencilOp
glStencilFunc
glRotatef
glNormal3f
glDepthRange
glMultMatrixd
glDisableClientState
glDrawArrays
glDrawElements
glLightModeli
glTexCoordPointer
glColorPointer
glNormalPointer
glVertexPointer
glEnableClientState
glColor4ub
glColorMaterial
glLineStipple
glTexImage2D
glGenTextures
glDeleteTextures
glCopyTexSubImage2D
glPolygonOffset
glColorMask
glCullFace
glLoadMatrixd
glViewport
wglMakeCurrent
glReadBuffer
glDrawBuffer
wglGetCurrentContext
wglGetCurrentDC
glAlphaFunc
glTexGendv
wglGetProcAddress
glDeleteLists
glFinish
glFlush
glMateriali
glInitNames
glRenderMode
glSelectBuffer
glReadPixels
wglCreateContext
wglDeleteContext
glLightfv

glu32

gluProject
gluDeleteQuadric
gluQuadricTexture
gluCylinder
gluDisk
gluQuadricOrientation
gluNewQuadric
gluLookAt
gluNewNurbsRenderer
gluUnProject
gluPerspective
gluPickMatrix
gluBuild2DMipmaps
gluOrtho2D

msimg32

TransparentBlt

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

mpr

WNetEnumResourceA
WNetGetLastErrorA
WNetUseConnectionA
WNetOpenEnumA
WNetCloseEnum
WNetGetConnectionA

Sections

.text
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 152KB - Virtual size: 541KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2416de73182f600b50a1dc5edac0155c

Headers

File Characteristics

Imports

hhctrl.ocx

libexslt

libxml2

libxslt

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

winmm

setupapi

wininet

psapi

opengl32

glu32

msimg32

version

mpr

Sections

.text Size: 6.4MB - Virtual size: 6.4MB

.rdata Size: 1.5MB - Virtual size: 1.5MB

.data Size: 152KB - Virtual size: 541KB

.rsrc Size: 3.8MB - Virtual size: 3.8MB

.text
Size: 6.4MB - Virtual size: 6.4MB

.rdata
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 152KB - Virtual size: 541KB

.rsrc
Size: 3.8MB - Virtual size: 3.8MB