2024-05-11_fa5fe637c443dde1078d0ccd049d1295_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-11_fa5fe637c443dde1078d0ccd049d1295_icedid
Size

348KB
MD5

fa5fe637c443dde1078d0ccd049d1295
SHA1

ce7865fb04125324312608fec21e0c64104765de
SHA256

da6ff4a072d95508b4afebd7e84579fb2ae68798ceccce65606c880badfce9c0
SHA512

0337d900610417a0413268834c4d0fed3628a20b424b90e6d03c6f95f75f0eaf9cb1cba24d28e003e726383c6d1a9944142df9ea6799f015cd3b49604513a7cd
SSDEEP

6144:mRkR+uvrQHfR0b2YFmXL3NffTU5tTzmJNC6t3:mqR+uvcRWELdffTU59MNC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-11_fa5fe637c443dde1078d0ccd049d1295_icedid

Files

2024-05-11_fa5fe637c443dde1078d0ccd049d1295_icedid
.exe windows:4 windows x86 arch:x86

5fd32ab9fab2a8b0c5ea786d7eefdc2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\MVSP\NurieMak\Release\NurieMak.pdb

Imports

gdiplus

GdipCloneBrush
GdiplusStartup
GdipFree
GdipAlloc
GdipDisposeImage
GdipGetImageType
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCloneImage
GdipDeleteBrush
GdipDeleteGraphics
GdipCreateSolidFill
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToFile
GdiplusShutdown
GdipDrawImageRectI
GdipFillRectangleI
GdipSetInterpolationMode
GdipCreateFromHDC

kernel32

GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileW
GetVolumeInformationW
CreateFileW
GetShortPathNameW
FileTimeToLocalFileTime
LocalFileTimeToFileTime
FindResourceExW
SetErrorMode
GetStartupInfoW
RtlUnwind
HeapFree
ExitProcess
HeapAlloc
HeapReAlloc
TerminateProcess
SetEndOfFile
HeapSize
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetStringTypeExW
MoveFileW
GetCurrentDirectoryW
SystemTimeToFileTime
FileTimeToSystemTime
InterlockedIncrement
GlobalFlags
lstrcmpiW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
VirtualProtect
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
SetFileTime
GetFileAttributesW
CloseHandle
GetCurrentThread
lstrcmpA
lstrcmpiA
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
LoadLibraryExW
InterlockedDecrement
GetModuleFileNameW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetVersion
GlobalGetAtomNameW
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetLastError
lstrcpyW
GlobalAlloc
FormatMessageW
LocalFree
GlobalFree
WideCharToMultiByte
GlobalLock
GlobalUnlock
MulDiv
SetLastError
lstrcpynW
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
GetModuleHandleA
LoadLibraryA
FreeLibrary
lstrlenW
lstrcatW
lstrcmpW
GetModuleHandleW
GetVersionExA
MultiByteToWideChar
GetTempPathW
LoadLibraryW
GetProcAddress
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteFileW

user32

LoadAcceleratorsW
ReleaseCapture
SetCursor
DestroyMenu
LoadMenuW
ReuseDDElParam
UnpackDDElParam
wsprintfW
PostQuitMessage
ShowOwnedPopups
ValidateRect
TranslateMessage
GetMessageW
FindWindowW
DrawIcon
SetWindowRgn
SetCapture
GetAsyncKeyState
MapDialogRect
GetMenuItemInfoW
GetSysColorBrush
GetDCEx
LockWindowUpdate
DeleteMenu
DestroyIcon
CharUpperW
SetParent
InsertMenuItemW
CreatePopupMenu
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorW
GetCursorPos
WindowFromPoint
KillTimer
SetTimer
SetRect
GetMenuStringW
InsertMenuW
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetMenuItemBitmaps
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
IsWindowEnabled
ShowWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
CheckRadioButton
CheckDlgButton
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
IsWindow
SetFocus
IsChild
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
MessageBoxW
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
GetMenu
PostMessageW
GetSubMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoW
RegisterClassW
UnregisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetWindowLongW
SetWindowLongW
SetWindowPos
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
PtInRect
EmptyClipboard
SetClipboardData
GetClientRect
GetClipboardData
CloseClipboard
IsClipboardFormatAvailable
OpenClipboard
UpdateWindow
SystemParametersInfoW
LoadIconW
LoadCursorW
IsZoomed
OffsetRect
GetDlgItem
GetKeyState
GetParent
GetWindow
GetFocus
SendMessageW
GetSysColor
EnableWindow
InvalidateRect
DrawFocusRect
DrawFrameControl
FillRect
InflateRect
CopyRect
UnhookWindowsHookEx

gdi32

DeleteDC
CreatePatternBrush
GetDeviceCaps
CreateSolidBrush
CreateDCW
GetBkColor
CreateRectRgnIndirect
PatBlt
GetTextMetricsW
CreateEllipticRgn
ScaleWindowExtEx
LPtoDP
Ellipse
CreateFontIndirectW
SetRectRgn
CombineRgn
EnumFontFamiliesExW
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetPixel
BitBlt
IntersectClipRect
ExcludeClipRect
SetMapMode
CreateRectRgn
SelectClipRgn
DeleteObject
SetBkMode
RestoreDC
SaveDC
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetStockObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetTextExtentPoint32W

comdlg32

GetFileTitleW
ChooseColorW
CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW
PrintDlgW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegSetValueW
RegOpenKeyW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
SetFileSecurityW
GetFileSecurityW
RegCreateKeyW
RegCloseKey

shell32

DragAcceptFiles
DragQueryFileW
SHGetFileInfoW
ExtractIconW
DragFinish
ShellExecuteW

comctl32

ord17
ImageList_Destroy
ImageList_Draw
ImageList_GetImageInfo
PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW

shlwapi

PathFindExtensionW
PathIsUNCW
PathFindFileNameW
PathStripToRootW

oleaut32

VariantInit
VariantChangeType
VariantClear

Sections

.text
Size: 196KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5fd32ab9fab2a8b0c5ea786d7eefdc2c

Headers

File Characteristics

PDB Paths

Imports

gdiplus

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

Sections

.text Size: 196KB - Virtual size: 194KB

.rdata Size: 60KB - Virtual size: 57KB

.data Size: 8KB - Virtual size: 22KB

.rsrc Size: 80KB - Virtual size: 77KB

.text
Size: 196KB - Virtual size: 194KB

.rdata
Size: 60KB - Virtual size: 57KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 80KB - Virtual size: 77KB