2024-05-13_fd673efba372918b3430de0580b4a28b_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-13_fd673efba372918b3430de0580b4a28b_icedid
Size

2.9MB
MD5

fd673efba372918b3430de0580b4a28b
SHA1

08f4dcfa900d3fdd6b60701055e0033ce4039673
SHA256

94078c7c1f7c165a9bebf139634a1c2a021b8ff431970085380a234268992aae
SHA512

3c71d99eb7e5d7bdbb5f6ed8f7c36f476e30452e9d825f151ca67ef42c5834e536057e42deee693835cc0a4b3c6efa06a6fc9d16edba74b22059c1255dfa65af
SSDEEP

49152:cyFhhkLbS/KjRr615MuIaEMlls9S7hsM9ZdMlJfP33TweIDpHiJFPo0vFdnF1i45:cAhkfS/KQrMu3EClsc7hsio3Po0vFdnf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-13_fd673efba372918b3430de0580b4a28b_icedid

Files

2024-05-13_fd673efba372918b3430de0580b4a28b_icedid
.exe windows:5 windows x86 arch:x86

c8cee23e2115d71a0127c1c2f669a720

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Desktop\VC6_Cpp_MFC\Release\rial.pdb

Imports

kernel32

GetStringTypeW
EnumSystemLocalesW
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStdHandle
ExitProcess
GetFileType
SetStdHandle
QueryPerformanceFrequency
GetConsoleCP
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
VirtualQuery
GetSystemInfo
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
OutputDebugStringW
GetTimeZoneInformation
GetConsoleMode
ReadConsoleW
FindFirstFileExA
FindFirstFileExW
FindNextFileA
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetConsoleCtrlHandler
WriteConsoleW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetFilePointerEx
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
LocalUnlock
LocalLock
ReplaceFileA
GetTempFileNameA
GetDiskFreeSpaceA
Sleep
SearchPathA
GetProfileIntA
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
SystemTimeToTzSpecificLocalTime
SetFileTime
SetFileAttributesA
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
GetWindowsDirectoryA
GetTickCount
FindResourceExW
lstrcpyA
GetStringTypeExA
GetVolumeInformationA
MoveFileA
lstrcmpiA
GetShortPathNameA
LoadLibraryExA
GetCurrentProcess
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameA
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
GetCurrentDirectoryA
GetACP
GetCPInfo
GetOEMCP
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
GetAtomNameA
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
SystemTimeToFileTime
FileTimeToSystemTime
GetUserDefaultLCID
LeaveCriticalSection
EnterCriticalSection
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
GetVersionExA
GetCurrentThread
ResumeThread
SuspendThread
SetThreadPriority
CreateEventA
WaitForSingleObject
SetEvent
GetModuleFileNameA
GetCurrentProcessId
GetThreadLocale
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
lstrcmpW
GlobalDeleteAtom
LoadLibraryW
LoadLibraryA
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeResource
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
OutputDebugStringA
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
SetLastError
MultiByteToWideChar
WideCharToMultiByte
FindResourceW
SizeofResource
LoadResource
LockResource
CreateFileA
CloseHandle
ReadFile
WriteFile
GetFileSize
VirtualFree
VirtualAlloc
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
DecodePointer
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
HeapQueryInformation
CreateFileW

user32

CreatePopupMenu
RegisterClipboardFormatA
LoadImageW
TrackMouseEvent
MessageBeep
GetNextDlgGroupItem
LoadCursorW
WindowFromPoint
WaitMessage
CharUpperA
DestroyIcon
KillTimer
SetTimer
DeleteMenu
GetDialogBaseUnits
IsRectEmpty
IntersectRect
SetRect
InvalidateRgn
InvalidateRect
CopyAcceleratorTableA
ReleaseCapture
SetCapture
GetAsyncKeyState
CopyImage
SystemParametersInfoA
InflateRect
GetMenuItemInfoA
DestroyMenu
RealChildWindowFromPoint
LoadCursorA
GetSysColorBrush
SetRectEmpty
FillRect
ClientToScreen
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
MapDialogRect
SetWindowContextHelpId
SetCursor
ShowOwnedPopups
PostQuitMessage
GetCursorPos
TranslateMessage
GetMessageA
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
GetWindowThreadProcessId
IsDialogMessageA
SetWindowTextA
ScrollWindowEx
IsWindowEnabled
SendDlgItemMessageA
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
OffsetRect
CharNextA
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
GetWindowLongA
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxA
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
BringWindowToTop
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuW
EnableWindow
UnregisterClassA
SendMessageA
IsIconic
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
LoadMenuA
InsertMenuItemA
LoadImageA
GetMenuBarInfo
UnpackDDElParam
ReuseDDElParam
DrawFocusRect
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
MapVirtualKeyA
GetKeyNameTextA
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongA
SetWindowRgn
SetParent
OpenClipboard
GetMenuDefaultItem
GetSystemMetrics
DrawIcon
GetClientRect
LoadIconW
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
GetParent
LoadBitmapW
RegisterWindowMessageA
DispatchMessageA
PeekMessageA
GetMessagePos
GetMessageTime
PostMessageA
DefWindowProcA
CallWindowProcA
RegisterClassA
GetClassInfoA
IsZoomed
GetClassInfoExA
CreateWindowExA
IsWindow
IsMenu
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
GetSystemMenu
SetCursorPos
CopyIcon
FrameRect
PostThreadMessageA
UnionRect
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
GetDCEx
EnumChildWindows
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
SendNotifyMessageA
MonitorFromRect
InSendMessage
CreateMenu
WindowFromDC
GetWindowRgn
DestroyCursor
GetTabbedTextExtentA
GetTabbedTextExtentW
DrawFrameControl
DrawEdge
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard

gdi32

CreateSolidBrush
DeleteDC
DeleteObject
Escape
ExcludeClipRect
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocA
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
TextOutA
ExtTextOutA
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
GetTextExtentPoint32A
CreateRectRgn
GetRgnBox
GetTextMetricsA
CombineRgn
GetMapMode
PatBlt
SetRectRgn
DPtoLP
EnumFontFamiliesExA
CreateCompatibleBitmap
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
CreateFontA
GetCharWidthA
StretchDIBits
Rectangle
OffsetRgn
GetCurrentObject
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileA
DeleteMetaFile
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextExtentPointA
GetTextExtentPoint32W
GetTextFaceA
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
CreateCompatibleDC
BitBlt
GetTextColor
GetStockObject
GetObjectA
SetTextColor
SetBkColor
CreateBitmap
GetDeviceCaps
CreateDCA
CreateRectRgnIndirect
GetBkColor
CopyMetaFileA

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA
GetJobA

advapi32

GetFileSecurityA
SetFileSecurityA
RegEnumKeyExA
RegOpenKeyExW
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegSetValueA
RegCloseKey

shell32

SHAddToRecentDocs
ExtractIconA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteExA
SHAppBarMessage
SHBrowseForFolderA
SHGetMalloc
ShellExecuteA
DragFinish
DragQueryFileA
SHGetDesktopFolder

shlwapi

PathFindFileNameA
PathRemoveExtensionA
PathIsUNCA
PathRemoveFileSpecW
PathStripToRootA
StrFormatKBSizeA
PathFindExtensionA

uxtheme

GetThemeSysColor
DrawThemeText
GetWindowTheme
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed

ole32

OleFlushClipboard
OleIsCurrentClipboard
CoRegisterClassObject
CreateStreamOnHGlobal
CoInitializeEx
OleUninitialize
CoRegisterMessageFilter
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
PropVariantCopy
OleSetMenuDescriptor
CoGetMalloc
OleSetClipboard
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
CreateFileMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
WriteClassStm
GetHGlobalFromILockBytes
CreateGenericComposite
CreateItemMoniker
OleCreate
OleLockRunning
OleInitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
OleCreateFromData
OleCreateLinkFromData
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
StringFromGUID2
CoInitialize
CoCreateGuid
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
OleRun
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleIsRunning
OleQueryCreateFromData
OleQueryLinkFromData
CoRevokeClassObject
CoUninitialize

oleaut32

LoadTypeLi
VarDecFromStr
VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDateFromStr
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
RegisterTypeLi
SafeArrayRedim
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantTimeToSystemTime
LoadRegTypeLi
SysReAllocStringLen
VariantCopy
OleCreateFontIndirect
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
VariantClear
SysStringLen
SysFreeString
SysAllocString
SafeArrayGetDim
SystemTimeToVariantTime

oledlg

ord8

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

gdiplus

GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipGetImageHeight

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 517KB - Virtual size: 517KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c8cee23e2115d71a0127c1c2f669a720

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

wininet

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 517KB - Virtual size: 517KB

.data Size: 32KB - Virtual size: 51KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 517KB - Virtual size: 517KB

.data
Size: 32KB - Virtual size: 51KB

.rsrc
Size: 16KB - Virtual size: 15KB