2024-05-02_fdf67bb9eb660ab5726f677b97a593b4_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-02_fdf67bb9eb660ab5726f677b97a593b4_icedid
Size

5.6MB
MD5

fdf67bb9eb660ab5726f677b97a593b4
SHA1

83bdaf9bcb44184eab5f4f508faae06ce17e6cdc
SHA256

792ef26c06b7917f7c91f4d4d861e9afbdc7a2351b76bbf3d951146522b9aff0
SHA512

03bc109e1fb4c2fcb1ce661b92f0dd06e70da439b9794a4d2e4fd5f4a2c3c6df28def2c8e1e9e2f775402d4e980684a8fed9fddc534e1563f6eadf328bb7005f
SSDEEP

98304:U0/zIQ2fIqF202wd4Tu4dHQ2C69F4SYy3NrA:U0rIv69F4SYy9r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-02_fdf67bb9eb660ab5726f677b97a593b4_icedid

Files

2024-05-02_fdf67bb9eb660ab5726f677b97a593b4_icedid
.exe windows:6 windows x86 arch:x86

62aa4cacc782b0982c6d8171a029a2eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Source\svn\Software\utilities-windows\WinSSD\Release\WinSSD.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

ws2_32

WSACleanup
WSAStartup
WSAGetLastError
InetPtonW
setsockopt
send
recv
htons
connect
closesocket
socket

kernel32

WakeAllConditionVariable
SleepConditionVariableSRW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetUserDefaultLCID
ReplaceFileW
GetTempFileNameW
GetDiskFreeSpaceW
GetTempPathW
GetProfileIntW
GetTickCount64
SearchPathW
GetWindowsDirectoryW
SetErrorMode
SystemTimeToTzSpecificLocalTime
SetFileTime
SetFileAttributesW
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
AcquireSRWLockExclusive
GetFileAttributesW
FileTimeToLocalFileTime
VerifyVersionInfoW
VerSetConditionMask
GetCurrentDirectoryW
FindResourceExW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
lstrcpyW
SystemTimeToFileTime
FileTimeToSystemTime
GetAtomNameW
GlobalGetAtomNameW
GetTimeZoneInformation
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
ReleaseSRWLockExclusive
LocalUnlock
LocalLock
GetFileAttributesExW
OutputDebugStringW
RaiseException
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
QueryPerformanceFrequency
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
SetStdHandle
GetFileType
GetCommandLineA
GetCommandLineW
HeapQueryInformation
GetSystemInfo
VirtualAlloc
VirtualQuery
GetStdHandle
ExitProcess
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CompareStringA
lstrcmpA
GetCurrentThread
GetVersionExW
GetThreadLocale
GetStringTypeExW
MoveFileW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetVolumeInformationW
GetShortPathNameW
GetFullPathNameW
GetTickCount
FlushFileBuffers
FindFirstFileW
FindClose
DeleteFileW
GetCurrentProcessId
VirtualProtect
ResumeThread
SuspendThread
SetThreadPriority
SetEvent
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryW
LoadLibraryA
LoadLibraryExW
GetModuleHandleA
GetModuleFileNameW
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
OutputDebugStringA
WideCharToMultiByte
CopyFileW
MulDiv
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
SetLastError
CreateDirectoryW
FormatMessageW
SetCommTimeouts
SetCommState
SetCommMask
SetCommConfig
PurgeComm
GetCommTimeouts
GetCommState
GetCommModemStatus
GetCommConfig
EscapeCommFunction
ClearCommError
LocalFree
DeviceIoControl
WriteFile
GetProcAddress
GetModuleHandleW
WaitCommEvent
CreateEventW
WaitForSingleObject
GetOverlappedResult
CloseHandle
ReadFile
GetFileSize
CreateFileW
MultiByteToWideChar
GetExitCodeThread
Sleep
FindResourceW
SizeofResource
LockResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
DecodePointer
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
SetConsoleCtrlHandler
WriteConsoleW

user32

CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
ModifyMenuW
LockWindowUpdate
CharUpperBuffW
RegisterClipboardFormatW
SetRect
FrameRect
CopyIcon
SetCursorPos
DrawFrameControl
DrawEdge
SetParent
SetClassLongW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
InvertRect
HideCaret
GetIconInfo
DrawIconEx
DrawFocusRect
GetNextDlgGroupItem
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
EnumDisplayMonitors
SetLayeredWindowAttributes
MonitorFromPoint
UnionRect
EnableScrollBar
UpdateLayeredWindow
IsRectEmpty
SetMenuDefaultItem
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
SetWindowRgn
DeleteMenu
IsZoomed
IntersectRect
GetDialogBaseUnits
CopyImage
RealChildWindowFromPoint
LoadImageW
TrackMouseEvent
GetSysColorBrush
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
SystemParametersInfoW
InflateRect
GetMenuItemInfoW
DestroyMenu
ShowOwnedPopups
CharUpperW
InvalidateRect
DrawStateW
GetWindowThreadProcessId
FillRect
ClientToScreen
GetWindowDC
TabbedTextOutW
GrayStringW
DestroyAcceleratorTable
DrawTextW
ReleaseDC
GetDC
MapVirtualKeyW
GetKeyNameTextW
MapDialogRect
GetAsyncKeyState
GetCursorPos
TranslateMessage
GetMessageW
LoadMenuW
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IsDialogMessageW
SetWindowTextW
ScrollWindowEx
IsWindowEnabled
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
GetWindowLongW
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
CopyAcceleratorTableW
PostThreadMessageW
GetComboBoxInfo
IsCharLowerW
MapVirtualKeyExW
GetDoubleClickTime
IsClipboardFormatAvailable
GetUpdateRect
DestroyCursor
MonitorFromRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
EnumChildWindows
UpdateWindow
TrackPopupMenuEx
SendNotifyMessageW
InSendMessage
WindowFromDC
CreateMenu
SubtractRect
GetTabbedTextExtentW
GetWindowRgn
DrawTextExW
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
DispatchMessageW
GetDCEx
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
OffsetRect
SetRectEmpty
SendDlgItemMessageA
RemoveMenu
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
AppendMenuW
GetSystemMenu
KillTimer
SetTimer
PostQuitMessage
LoadIconW
GetClientRect
DrawIcon
GetSystemMetrics
IsIconic
GetParent
GetFocus
MessageBoxW
PeekMessageW
LoadCursorW
ChildWindowFromPoint
GetCursor
SetCursor
MessageBeep
PostMessageW
LoadBitmapW
SendMessageW
EnableWindow
UnregisterClassW
RegisterWindowMessageW
DestroyIcon

gdi32

MoveToEx
TextOutW
ExtTextOutW
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
GetLayout
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
GetTextMetricsW
EnumFontFamiliesExW
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
CreateRoundRectRgn
CreateCompatibleBitmap
CreateDIBSection
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
GetDIBits
SetPixel
StretchBlt
SetDIBColorTable
CreateEllipticRgn
ExtCreatePen
GetTextColor
CreatePolygonRgn
Polygon
Polyline
LPtoDP
GetRgnBox
OffsetRgn
GetCurrentObject
Rectangle
GetCharWidthW
StretchDIBits
ExtFloodFill
SetPaletteEntries
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
SetPixelV
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextFaceW
SetLayout
SetMapMode
SetGraphicsMode
SetArcDirection
SelectClipPath
PolyDraw
ArcTo
StartDocW
SetColorAdjustment
ModifyWorldTransform
SetWorldTransform
EnumMetaFile
PlayMetaFileRecord
SetTextJustification
SetTextAlign
SetTextCharacterExtra
SetStretchBltMode
SetROP2
Ellipse
SetTextColor
SetMapperFlags
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
Escape
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
CreateCompatibleDC
BitBlt
PatBlt
CreateRectRgnIndirect
GetObjectW
SetPolyFillMode
SetBkColor
CreateBitmap
GetDeviceCaps
CreateDCW
CopyMetaFileW
DeleteObject
CreateFontW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

GetJobW
DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegDeleteValueW
RegCreateKeyExW
SetFileSecurityW
GetFileSecurityW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegCloseKey
RegDeleteKeyW
RegSetValueW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW

shell32

SHGetFileInfoW
SHAddToRecentDocs
ExtractIconW
DragQueryFileW
DragFinish
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
SHBrowseForFolderW
SHGetMalloc
SHAppBarMessage
SHGetDesktopFolder
SHGetKnownFolderPath

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathIsUNCW
PathRemoveExtensionW
PathRemoveFileSpecW
StrFormatKBSizeW
PathFindFileNameW
PathStripToRootW

uxtheme

IsAppThemed
GetCurrentThemeName
DrawThemeText
DrawThemeParentBackground
GetThemePartSize
GetThemeSysColor
GetWindowTheme
IsThemeBackgroundPartiallyTransparent
EnableThemeDialogTexture
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData

ole32

CoCreateInstance
CoCreateGuid
CoInitialize
StringFromGUID2
CoDisconnectObject
CLSIDFromString
CreateStreamOnHGlobal
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
PropVariantCopy
OleSetMenuDescriptor
OleLockRunning
StgCreateDocfile
StgOpenStorage
StgOpenStorageOnILockBytes
StgIsStorageFile
CreateILockBytesOnHGlobal
CreateFileMoniker
OleRegGetMiscStatus
CoInitializeEx
CoUninitialize
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleRegEnumVerbs
OleCreateMenuDescriptor
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
OleSave
OleSaveToStream
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
StgCreateDocfileOnILockBytes
WriteClassStm
GetHGlobalFromILockBytes
CreateGenericComposite
CreateItemMoniker
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleSetContainedObject
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
CoRegisterClassObject
CoGetClassObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleQueryCreateFromData
OleQueryLinkFromData
CoGetMalloc
OleIsRunning
GetRunningObjectTable
CreateOleAdviseHolder
CreateDataAdviseHolder
OleRun
OleGetIconOfClass
OleLoad

oleaut32

VarDecFromStr
VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDateFromStr
VariantCopy
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysReAllocStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
SysAllocString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
SysFreeString
SafeArrayCopy

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

winmm

PlaySoundW

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

oledlg

OleUIBusyW

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 557KB - Virtual size: 557KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62aa4cacc782b0982c6d8171a029a2eb

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

ws2_32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

winmm

imm32

oledlg

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 557KB - Virtual size: 557KB

.data Size: 31KB - Virtual size: 55KB

.rsrc Size: 2.6MB - Virtual size: 2.6MB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 557KB - Virtual size: 557KB

.data
Size: 31KB - Virtual size: 55KB

.rsrc
Size: 2.6MB - Virtual size: 2.6MB