2024-05-05_3257a68face9f49325d4dda46c2da666_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-05_3257a68face9f49325d4dda46c2da666_icedid
Size

556KB
MD5

3257a68face9f49325d4dda46c2da666
SHA1

0ccae3c27b8ff5366ca7f7fc73ce30c89ad50610
SHA256

3214c44d760c33b4f2b5ca54db310d30eb190b8bc2f147f003059760321a53b0
SHA512

e40f89a5835c9822a7f29ebd738623f1f2fa22fd5b09d869e69feb7a9dc4e8ac5ab46377427b2442c8fa982144dac66058355783341bdb9dea0870cfa21d10f3
SSDEEP

12288:mBLefY3+AryKh6OyQ7JVZBr7+ED137r37Bg:mBDYOyQtVT/+wvl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-05_3257a68face9f49325d4dda46c2da666_icedid

Files

2024-05-05_3257a68face9f49325d4dda46c2da666_icedid
.exe windows:4 windows x86 arch:x86

eff3cbb5b0dce584c22df09befb3fa3b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ltkrn14nu

ord197

ltwvc14nu

?LoadLibraries@LBase@@SAKKK@Z
?Trim@LBitmapBase@@UAEHHHII@Z
?LoadResize@LBitmapBase@@UAEHPAGHHHKHPAU_LOADFILEOPTION@@PAUstruct_file_information@@@Z
??1LBitmapBase@@UAE@XZ
?Save@LBitmapBase@@UAEHPAGHHHIPAU_SAVEFILEOPTION@@@Z
?Load@LBitmapBase@@UAEHPAGHHHPAUstruct_file_information@@@Z
??0LBitmapBase@@QAE@XZ
?Combine@LBitmapBase@@UAEHPAV1@HHHHHHK@Z
?Create@LBitmapBase@@UAEHIIIIPAUtagRGBQUAD@@IIPAEK@Z
?GetWidth@LBitmapBase@@QAEHXZ
?GetHeight@LBitmapBase@@QAEHXZ
?Load@LBitmapBase@@UAEHPAGHHPAU_LOADFILEOPTION@@PAUstruct_file_information@@@Z
?GetMemSize@LBitmapBase@@QAEKXZ
?UnloadLibraries@LBase@@SAXKK@Z

kernel32

SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
GetVolumeInformationW
GetFullPathNameW
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesW
GetFileTime
GetStartupInfoW
RtlUnwind
ExitProcess
TerminateProcess
ExitThread
CreateThread
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
GetTimeZoneInformation
IsBadWritePtr
LCMapStringA
LCMapStringW
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
WritePrivateProfileStringW
GlobalFlags
lstrcmpiW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GlobalGetAtomNameW
SuspendThread
SetThreadPriority
GetCurrentThread
GetModuleFileNameW
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
WideCharToMultiByte
SetLastError
MulDiv
lstrcpyW
FormatMessageW
lstrcpynW
LocalFree
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetModuleHandleA
lstrcatW
lstrcmpW
IsProcessorFeaturePresent
HeapReAlloc
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
GlobalMemoryStatus
GetDiskFreeSpaceA
GetEnvironmentStringsW
GetEnvironmentStrings
lstrlenA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
DeviceIoControl
GetVersionExA
GetModuleHandleW
LoadLibraryA
InterlockedCompareExchange
HeapSize
HeapFree
GetProcessHeap
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetFileSize
SetEvent
GetTickCount
GetTempPathW
CreateDirectoryW
LoadLibraryW
GetProcAddress
FreeLibrary
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetLocalTime
SystemTimeToFileTime
FileTimeToSystemTime
MultiByteToWideChar
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
DeleteFileW
FindFirstFileW
FindClose
GetSystemTime
ReadFile
CreateFileW
GlobalFree
GlobalUnlock
GlobalSize
WriteFile
GlobalAlloc
GlobalLock
ResetEvent
Sleep
WaitForSingleObject
ResumeThread
CreateMutexW
CloseHandle
GetLastError
CreateEventW
lstrlenW
FindResourceW
LoadResource
LockResource
SizeofResource
GetSystemTimeAsFileTime

user32

CharNextW
CharUpperW
SetCapture
LoadCursorW
GetSysColorBrush
UnpackDDElParam
ReuseDDElParam
ReleaseCapture
LoadAcceleratorsW
InsertMenuItemW
CreatePopupMenu
BringWindowToTop
SetMenu
TranslateAcceleratorW
SetRectEmpty
wsprintfW
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
SetWindowContextHelpId
MapDialogRect
GetMessageW
TranslateMessage
ValidateRect
ShowOwnedPopups
SetCursor
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
ModifyMenuW
CheckMenuItem
GetMenuCheckMarkDimensions
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
BeginPaint
GetWindowDC
ReleaseDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetMenuState
IsRectEmpty
WinHelpW
GetCapture
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetClientRect
EnableWindow
TrackMouseEvent
FillRect
GetWindowRect
InvalidateRect
IsWindow
LoadBitmapW
GetDC
SendMessageTimeoutW
PostMessageW
EnumWindows
EnableMenuItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
MessageBoxW
TrackPopupMenu
GetKeyState
UpdateWindow
CopyAcceleratorTableW
GetMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetClassInfoW
RegisterClassW
GetDlgCtrlID
RegisterClipboardFormatW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
GetSubMenu
LoadMenuW
IsWindowVisible
SetTimer
KillTimer
SetForegroundWindow
SendMessageW
PostThreadMessageW
LoadIconW
RegisterWindowMessageW
GetCursorPos
SetRect
EqualRect
GetParent
UnregisterClassW
PostQuitMessage
GetWindow
PtInRect
CopyRect
GetSystemMetrics
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
SetWindowLongW
GetWindowLongW
CallWindowProcW
DefWindowProcW
EndPaint

gdi32

CreateFontIndirectW
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
CreateBitmap
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
GetDeviceCaps
CreateDIBitmap
DeleteObject
GetTextExtentPoint32W
SetPixel
GetPixel
StretchBlt
CreateCompatibleBitmap
GetBitmapBits
CreateBitmapIndirect
GetStockObject
CreateFontW
CreateSolidBrush
BitBlt
CreateCompatibleDC
GetObjectW
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
SetMapMode
SetStretchBltMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyW
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegOpenKeyW
RegDeleteKeyW
RegCloseKey
RegQueryValueW
RegEnumKeyW

shell32

DragFinish
DragQueryFileW

comctl32

ImageList_AddMasked
ImageList_Draw
ord17
ImageList_GetImageInfo
ImageList_Destroy
ImageList_Create

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
StrStrIW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoGetClassObject
CLSIDFromString
CLSIDFromProgID
StgOpenStorageOnILockBytes
CoTaskMemAlloc
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemFree
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject

oleaut32

VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
OleCreateFontIndirect
VariantInit
VariantChangeType
VariantClear
VarBstrCmp
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocString

Sections

.text
Size: 312KB - Virtual size: 309KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eff3cbb5b0dce584c22df09befb3fa3b

Headers

File Characteristics

Imports

ltkrn14nu

ltwvc14nu

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 312KB - Virtual size: 309KB

.rdata Size: 76KB - Virtual size: 74KB

.data Size: 24KB - Virtual size: 57KB

.rsrc Size: 140KB - Virtual size: 137KB

.text
Size: 312KB - Virtual size: 309KB

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 24KB - Virtual size: 57KB

.rsrc
Size: 140KB - Virtual size: 137KB