2024-05-03_81f1bff08a1a16967bb2a4ab2ad4fe84_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-03_81f1bff08a1a16967bb2a4ab2ad4fe84_icedid
Size

2.9MB
MD5

81f1bff08a1a16967bb2a4ab2ad4fe84
SHA1

b5f0d7eec012e6286ad34daa51ee145fadf78b58
SHA256

cb7a801434b6b40083efbef9fbaa80abb483839dae52da89c0b4f874f780f109
SHA512

f180644ada2b5b1738d193c12d7793536f108a164fca6a9963a7277c1fa22c447f5f78c40349874164e8189b514dafa1154ea42363d6175208b80eda400f5c9e
SSDEEP

49152:IdWgN6ewkpfLuUUVvUF6r31JHeX/4aPwjHmN1PukvMp5qUTTe:IdpluUqNhJHeXxCHWVpvMu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-03_81f1bff08a1a16967bb2a4ab2ad4fe84_icedid

Files

2024-05-03_81f1bff08a1a16967bb2a4ab2ad4fe84_icedid
.exe windows:4 windows x86 arch:x86

d28476c3bfcc1a7df66bb41c305d61a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

d3dx9_35

D3DXQuaternionMultiply
D3DXIntersectTri
D3DXMatrixRotationYawPitchRoll
D3DXQuaternionRotationAxis
D3DXMatrixOrthoLH
D3DXMatrixLookAtLH
D3DXLoadSurfaceFromFileInMemory
D3DXLoadSurfaceFromSurface
D3DXMatrixDecompose
D3DXCreateTextureFromFileInMemoryEx
D3DXMatrixPerspectiveFovLH
D3DXQuaternionSlerp
D3DXMatrixRotationZ
D3DXVec3TransformCoord
D3DXVec2Normalize
D3DXPlaneFromPoints
D3DXMatrixTranslation
D3DXMatrixRotationX
D3DXMatrixTransformation2D
D3DXMatrixRotationY
D3DXPlaneFromPointNormal
D3DXQuaternionNormalize
D3DXAssembleShader
D3DXMatrixTransformation
D3DXQuaternionInverse
D3DXPlaneNormalize
D3DXMatrixRotationQuaternion
D3DXSphereBoundProbe
D3DXSaveSurfaceToFileA
D3DXGetImageInfoFromFileInMemory
D3DXCreateTexture
D3DXVec3UnprojectArray
D3DXPlaneIntersectLine
D3DXVec3Project
D3DXVec3Normalize
D3DXMatrixScaling
D3DXMatrixTranspose
D3DXMatrixMultiply
D3DXMatrixInverse

winmm

mmioOpenA
timeGetTime
mmioClose
mmioDescend
mmioSeek
mmioSetInfo
mmioAdvance
mmioGetInfo
mmioAscend
mmioRead

advapi32

RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
CryptGetHashParam
CryptVerifySignatureA
RegEnumValueA
RegCreateKeyExA
GetUserNameA
CryptImportKey
RegSetValueExA
RegCreateKeyA
RegDeleteValueA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
CryptCreateHash
CryptHashData
CryptAcquireContextA
CryptDeriveKey
CryptEncrypt
CryptDestroyKey
CryptDestroyHash
CryptReleaseContext
OpenSCManagerA
OpenServiceA
ChangeServiceConfigA
CloseServiceHandle
ControlService
QueryServiceConfigA
StartServiceA

imm32

ImmSetConversionStatus
ImmGetCompositionStringA
ImmGetContext
ImmNotifyIME
ImmReleaseContext
ImmGetConversionStatus
ImmGetCandidateListA

dsound

ord11

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

dbghelp

GetTimestampForLoadedLibrary
StackWalk
EnumerateLoadedModules

d3d9

Direct3DCreate9

kernel32

GetLocalTime
SetUnhandledExceptionFilter
UnmapViewOfFile
GlobalFree
ResetEvent
GlobalAlloc
GetFileSize
MapViewOfFile
CreateFileMappingA
MulDiv
GetProcAddress
OutputDebugStringA
FormatMessageA
GetComputerNameA
lstrcpyA
LoadLibraryA
TerminateProcess
GetExitCodeThread
Module32Next
Module32First
FindClose
FindNextFileA
FindFirstFileA
GetSystemDefaultLangID
VirtualQuery
FreeLibrary
LoadLibraryExA
VirtualFree
VirtualProtect
VirtualAlloc
SetEndOfFile
QueryPerformanceFrequency
QueryPerformanceCounter
HeapFree
HeapAlloc
GetProcessHeap
WriteFile
CreateMutexA
GetExitCodeProcess
WaitForMultipleObjects
OpenEventA
CopyFileA
MoveFileExA
lstrcatA
GetCurrentThreadId
GetCurrentProcessId
OpenMutexA
TerminateThread
ReleaseMutex
ExitProcess
GetSystemDirectoryA
GetModuleFileNameW
OpenFileMappingA
GetCurrentDirectoryA
GetTempFileNameA
GetTempPathA
DuplicateHandle
SetStdHandle
CreatePipe
GetStdHandle
PeekNamedPipe
InterlockedIncrement
lstrcpynA
GlobalUnlock
GlobalLock
SetLastError
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
FreeResource
InterlockedDecrement
MoveFileA
FlushFileBuffers
LockFile
UnlockFile
GetVolumeInformationA
GetFullPathNameA
EnumResourceLanguagesA
ConvertDefaultLocale
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
SetErrorMode
RtlUnwind
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
GetDriveTypeA
GetStartupInfoA
GetCommandLineA
HeapReAlloc
GetFileType
HeapSize
HeapDestroy
HeapCreate
IsBadWritePtr
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetEnvironmentVariableA
GetLocaleInfoW
GetCurrentProcess
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
RaiseException
GetLastError
InitializeCriticalSection
DeleteCriticalSection
GetVersion
lstrcmpiA
lstrlenA
CompareStringA
CompareStringW
GetStringTypeExA
SizeofResource
LockResource
LoadResource
FindResourceA
GetSystemTime
GetTickCount
EnterCriticalSection
LeaveCriticalSection
SetEvent
IsDBCSLeadByteEx
ResumeThread
SetThreadPriority
CreateThread
Sleep
CreateProcessA
DeleteFileA
CloseHandle
WaitForSingleObject
CreateEventA
GetSystemInfo
ReadFile
CreateFileA
SetThreadLocale
SetFilePointer
lstrcmpA
GetModuleFileNameA
CreateDirectoryA
CreateToolhelp32Snapshot
LocalFree
LocalUnlock
LocalLock
LocalAlloc
IsBadReadPtr
GetModuleHandleA
GetCurrentThread

user32

AdjustWindowRectEx
GetSysColor
GetMenu
MapWindowPoints
GetMessagePos
GetMessageTime
DestroyWindow
GetTopWindow
SetActiveWindow
GetLastActivePopup
IsWindow
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassInfoExA
GetClassLongA
CreateWindowExA
GetCapture
WinHelpA
RegisterWindowMessageA
LoadBitmapA
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
ModifyMenuA
SetMenuItemBitmaps
MapDialogRect
SetWindowContextHelpId
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetWindowDC
BeginPaint
EndPaint
GetNextDlgTabItem
CreateDialogIndirectParamA
GetDesktopWindow
GetNextDlgGroupItem
MessageBeep
CopyAcceleratorTableA
InvalidateRgn
GetSysColorBrush
DestroyMenu
CharNextA
RegisterClipboardFormatA
PostThreadMessageA
GetWindowPlacement
ShowWindow
DialogBoxParamA
EndDialog
SetWindowTextA
GetDlgItem
SetWindowPos
SetParent
SetForegroundWindow
LoadCursorA
EnumDisplaySettingsA
EnableWindow
DestroyCursor
ActivateKeyboardLayout
SetCursor
KillTimer
GetDC
IsIconic
SetWindowsHookExA
LoadAcceleratorsA
PeekMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
WaitMessage
UnhookWindowsHookEx
CallNextHookEx
LoadIconA
GetForegroundWindow
UpdateWindow
PostMessageA
SendMessageA
SetRectEmpty
GetAsyncKeyState
GetKeyState
MessageBoxA
PostQuitMessage
AdjustWindowRect
SetWindowLongA
EqualRect
IntersectRect
MapVirtualKeyA
SetRect
ReleaseCapture
ClipCursor
GetCursorPos
ShowCursor
SetCursorPos
ScreenToClient
ClientToScreen
InflateRect
OffsetRect
PtInRect
CopyRect
UnregisterClassA
CharUpperA
GetClassInfoA
RegisterClassA
GetSystemMetrics
GetWindow
GetWindowTextLengthA
GetWindowTextA
SetFocus
IsWindowEnabled
MoveWindow
GetDlgCtrlID
IsDialogMessageA
SendDlgItemMessageA
GetMessageA
GetActiveWindow
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
DestroyCaret
GetWindowLongA
ValidateRect
GetCaretBlinkTime
GetWindowRect
IsChild
DefWindowProcA
GetParent
SystemParametersInfoA
ChildWindowFromPointEx
GetFocus
InvalidateRect
ReleaseDC
IsRectEmpty
GetKeyboardLayout
wsprintfA
EnumChildWindows
SetCapture
IsWindowVisible
GetClientRect
DeleteMenu
SetTimer
CallWindowProcA

gdi32

SelectObject
DeleteObject
CreateFontA
CreateCompatibleDC
CreateDIBSection
GetTextColor
GetBkColor
GetMapMode
GetRgnBox
CreateRectRgnIndirect
GetStockObject
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
SetMapMode
RestoreDC
SaveDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
BitBlt
CreateFontIndirectA
DeleteDC

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

shell32

ShellExecuteA

comctl32

ord17

shlwapi

PathStripToRootA
PathFindExtensionA
PathFindFileNameA
PathIsUNCA

oledlg

ord8

ole32

OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoCreateInstance
CoInitialize
CoUninitialize
CoTaskMemFree
CoSetProxyBlanket
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc

oleaut32

SysFreeString
VariantInit
VariantClear
SysAllocString
SysStringLen
OleCreateFontIndirect
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocStringByteLen
VariantChangeType
VariantCopy
SysAllocStringLen

ws2_32

socket
gethostbyname
connect
recv
send
htons
getsockname
inet_ntoa
WSAStartup
WSAGetLastError
WSAAsyncSelect
inet_addr
setsockopt
ioctlsocket
WSASocketA
WSACleanup
sendto
closesocket
WSASend

iphlpapi

GetAdaptersInfo

gdiplus

GdiplusShutdown
GdiplusStartup
GdipSetStringFormatFlags
GdipSetTextRenderingHint
GdipCreateFontFromDC
GdipMeasureString
GdipDrawString
GdipCreateFromHDC
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipCreateSolidFill
GdipDeleteFont
GdipDeleteGraphics
GdipDeleteStringFormat
GdipCreateStringFormat
GdipFree
GdipAlloc
GdipDeleteBrush

Exports

Exports

fcEXP

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d28476c3bfcc1a7df66bb41c305d61a3

Headers

File Characteristics

Imports

d3dx9_35

winmm

advapi32

imm32

dsound

version

dbghelp

d3d9

kernel32

user32

gdi32

comdlg32

winspool.drv

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

iphlpapi

gdiplus

Exports

Exports

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 252KB - Virtual size: 252KB

.data Size: 173KB - Virtual size: 315KB

.rsrc Size: 91KB - Virtual size: 90KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 252KB - Virtual size: 252KB

.data
Size: 173KB - Virtual size: 315KB

.rsrc
Size: 91KB - Virtual size: 90KB