2024-05-05_8e659d827a0498f42f7bbdaedeca3f2e_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-05_8e659d827a0498f42f7bbdaedeca3f2e_icedid
Size

17.7MB
MD5

8e659d827a0498f42f7bbdaedeca3f2e
SHA1

891115e1fa1a1c3af563e09f1de1aaab199f1135
SHA256

12ec08d5bf68d4656a752486067deb8359f926fa6a8cdfb60d95ca79d6164831
SHA512

649b6ea7c6bd4f84e3fc13a1f82f0f3e005febcccb2c20720dbc4002a861d07204781ebe5d3c3bb173659af894d86710df142ecd804f1e4ffc7bfc337bc04219
SSDEEP

393216:30D3iqRpRpRpRpD3pIJ4IEludIABdtqLkum3OQ:30D3i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-05_8e659d827a0498f42f7bbdaedeca3f2e_icedid

Files

2024-05-05_8e659d827a0498f42f7bbdaedeca3f2e_icedid
.exe windows:5 windows x86 arch:x86

605962dcc5d247f0399d9f8691561208

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\RagState\Output\Release\RagState.pdb

Imports

kernel32

SetFilePointerEx
OutputDebugStringW
LCMapStringW
GetConsoleMode
WriteConsoleW
SetEnvironmentVariableA
GetStringTypeW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
GetProcessHeap
GetStdHandle
GetSystemTimeAsFileTime
VirtualQuery
VirtualAlloc
SizeofResource
GetSystemInfo
GetFileType
SetStdHandle
HeapQueryInformation
HeapSize
GetTimeZoneInformation
GetModuleHandleExW
ExitProcess
ExitThread
CreateThread
HeapReAlloc
RaiseException
HeapAlloc
HeapFree
RtlUnwind
IsProcessorFeaturePresent
IsDebuggerPresent
GetCommandLineW
FindResourceExW
VirtualProtect
SearchPathW
GetProfileIntW
Sleep
GetTempPathW
GetTempFileNameW
VerifyVersionInfoW
VerSetConditionMask
GetTickCount
SetErrorMode
lstrcpyW
GetWindowsDirectoryW
GetCurrentDirectoryW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
GetConsoleCP
ReadConsoleW
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
GetFileTime
GetFileSizeEx
GetFileAttributesExW
CreateFileW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetThreadLocale
GlobalGetAtomNameW
LocalReAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InterlockedIncrement
GlobalFlags
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetVersionExW
GetCurrentThread
InterlockedExchange
ResumeThread
SuspendThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
CloseHandle
FileTimeToSystemTime
LocalAlloc
FileTimeToLocalFileTime
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
GetCurrentThreadId
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
DecodePointer
EncodePointer
InterlockedDecrement
WideCharToMultiByte
CopyFileW
FormatMessageW
LocalFree
GlobalSize
GetCurrentProcessId
MulDiv
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetVersion
SetLastError
OutputDebugStringA
GetFileAttributesW
MoveFileW
DeleteFileW
InitializeCriticalSectionAndSpinCount
FindClose
FindFirstFileW
GetModuleFileNameW
MultiByteToWideChar
FreeResource
FreeLibrary
GetLastError
LoadLibraryW
GlobalFree
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
FindResourceW
LoadResource
LockResource

user32

CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
SetParent
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
PostThreadMessageW
IsZoomed
GetComboBoxInfo
TrackMouseEvent
MonitorFromPoint
UpdateLayeredWindow
IsMenu
UnionRect
DrawFrameControl
DrawEdge
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
GetKeyNameTextW
RegisterClipboardFormatW
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
MapVirtualKeyW
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
DrawIconEx
LoadImageW
SetRectEmpty
DrawFocusRect
GetMenuDefaultItem
CreatePopupMenu
DestroyIcon
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
InvalidateRgn
CopyAcceleratorTableW
OffsetRect
CharNextW
DeleteMenu
WindowFromPoint
WaitMessage
CharUpperW
CopyImage
UnregisterClassW
GetSysColorBrush
RealChildWindowFromPoint
SystemParametersInfoW
GetMenuItemInfoW
DestroyMenu
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
GetCursorPos
TranslateMessage
GetMessageW
IntersectRect
InflateRect
SendDlgItemMessageA
LoadMenuW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetWindowRgn
SetScrollInfo
CallNextHookEx
SetWindowsHookExW
GetTopWindow
GetClassNameW
GetClassLongW
PtInRect
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
PostMessageW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
IsDialogMessageW
GetWindow
SetWindowLongW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetFocus
SetFocus
GetDlgCtrlID
CheckDlgButton
SetWindowPos
MoveWindow
ShowWindow
UnhookWindowsHookEx
RemoveMenu
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
GetLastActivePopup
GetWindowThreadProcessId
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
DestroyCursor
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
FrameRect
TabbedTextOutW
GrayStringW
CharUpperBuffW
ModifyMenuW
SetMenuDefaultItem
CopyIcon
SetClassLongW
LockWindowUpdate
SetCursorPos
GetScrollInfo
DestroyAcceleratorTable
DrawTextExW
DrawTextW
GetDesktopWindow
GetWindowLongW
IsWindowEnabled
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetActiveWindow
MessageBoxA
UpdateWindow
AppendMenuW
GetSystemMenu
GetKeyState
DrawIcon
GetClientRect
IsIconic
LoadIconW
ReleaseDC
GetDC
MessageBoxW
GetAsyncKeyState
GetDoubleClickTime
SetTimer
KillTimer
SetRect
SetWindowRgn
LoadCursorW
SetCursor
InvalidateRect
FillRect
IsWindowVisible
GetSystemMetrics
EnableWindow
SetActiveWindow
SetCapture
ReleaseCapture
GetParent
SendMessageW
GetWindowRect
LoadBitmapW
ShowOwnedPopups

gdi32

MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CopyMetaFileW
CreateFontIndirectW
CreateRectRgnIndirect
GetMapMode
SetRectRgn
DPtoLP
GetTextMetricsW
GetRgnBox
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
StretchBlt
SetDIBColorTable
CreateEllipticRgn
CreatePolygonRgn
Polygon
Polyline
EnumFontFamiliesExW
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceW
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
SetBkColor
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
Ellipse
GetObjectW
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetObjectType
GetDeviceCaps
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
GetTextColor
GetBkColor
CreateDCW
CreateFontW
SetDIBitsToDevice
SetPixel
PatBlt
CreateBitmap
GetTextExtentPoint32W
GetCharABCWidthsW
CreatePen
GetPixel
DeleteDC
DeleteObject
CombineRgn
ExtCreateRegion
SelectObject
CreateDIBSection
Rectangle
CreateSolidBrush
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
SetBkMode

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegSetValueExW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegOpenKeyW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW

shell32

SHBrowseForFolderW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileW
SHAppBarMessage
ShellExecuteW
DragFinish

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
UrlUnescapeW
PathRemoveFileSpecW

uxtheme

IsThemeBackgroundPartiallyTransparent
GetWindowTheme
DrawThemeText
DrawThemeParentBackground
OpenThemeData
GetThemeSysColor
GetThemePartSize
IsAppThemed
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData

ole32

OleFlushClipboard
CoCreateInstance
CoRevokeClassObject
CoInitialize
CreateStreamOnHGlobal
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
DoDragDrop
CoRegisterMessageFilter
OleIsCurrentClipboard
CoInitializeEx
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoTaskMemAlloc
CoTaskMemFree
OleDuplicateData
ReleaseStgMedium
CoUninitialize
CoCreateGuid
CLSIDFromString
CLSIDFromProgID
CoGetClassObject

oleaut32

SysFreeString
OleCreateFontIndirect
VarBstrFromDate
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen

oledlg

OleUIBusyW

wininet

HttpOpenRequestW
HttpSendRequestW
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetGetConnectedState

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipDrawImageRectI

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 398KB - Virtual size: 397KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.4MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12.2MB - Virtual size: 12.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

605962dcc5d247f0399d9f8691561208

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

wininet

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 398KB - Virtual size: 397KB

.data Size: 3.4MB - Virtual size: 4.9MB

.rsrc Size: 12.2MB - Virtual size: 12.2MB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 398KB - Virtual size: 397KB

.data
Size: 3.4MB - Virtual size: 4.9MB

.rsrc
Size: 12.2MB - Virtual size: 12.2MB