2024-05-14_efa4c304f4e5bc5e8ae170f2abf43da2_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-14_efa4c304f4e5bc5e8ae170f2abf43da2_icedid
Size

747KB
MD5

efa4c304f4e5bc5e8ae170f2abf43da2
SHA1

7e8dc0962142ca2f41e107cf66f73970c860912d
SHA256

05fc89aa3b3fca7e5f53f4d40ddf269306b187b4c5f2565b66c17f0db4cc76b5
SHA512

176b7e1a37b8f55f4ae88d4e23e2bdfe3868b5db2e5f98af3417cb6e912a8e228b9c67ab93176864b192543864b3298bafb9afa476c65697481142f1aaba6ab2
SSDEEP

12288:rBmz7Lxqn2ve2kPuD8cLT8RHCJK72a3xhaY52S+CP1juf:rBmzpDX8cLKHAK7xaY52SfjQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-14_efa4c304f4e5bc5e8ae170f2abf43da2_icedid

Files

2024-05-14_efa4c304f4e5bc5e8ae170f2abf43da2_icedid
.exe windows:5 windows x86 arch:x86

526f5e23fb20396a69bf6fca8dca6a9c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Team Builds\RelayFax\RFBuild - All Languages\Sources\rfviewer\Release\RFViewer.pdb

Imports

tiff32

ord72
ord45
ord73

imgman32

ord18
ord39
ord37
ord9
ord40
ord29
ord42
ord22
ord5
ord2
ord10
ord43

kernel32

IsDebuggerPresent
FatalAppExitA
VirtualFree
HeapCreate
HeapDestroy
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetACP
IsValidCodePage
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
RaiseException
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
UnhandledExceptionFilter
TerminateProcess
HeapSize
CreateThread
ExitThread
ExitProcess
Sleep
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
GetTimeZoneInformation
VirtualProtect
SizeofResource
LockResource
LoadResource
FindResourceA
WideCharToMultiByte
FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
CreateFileA
GlobalFree
CopyFileA
GetTempFileNameA
GetTempPathA
SetLastError
GetLastError
lstrlenA
MultiByteToWideChar
GlobalAddAtomA
GlobalGetAtomNameA
GetModuleHandleA
GetCurrentProcessId
GlobalUnlock
GlobalLock
GetVersionExA
lstrcmpW
CompareStringA
GlobalDeleteAtom
HeapFree
GetStartupInfoA
GetCommandLineA
HeapAlloc
RtlUnwind
GetProfileIntA
GetTickCount
SetErrorMode
GetFileSizeEx
SetFileAttributesA
LocalFileTimeToFileTime
GetFileAttributesExA
FileTimeToLocalFileTime
GetCurrentDirectoryA
GetShortPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
GetStringTypeExA
DeleteFileA
MoveFileA
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
GetModuleHandleW
GetAtomNameA
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetDiskFreeSpaceA
GetFullPathNameA
GetFileTime
SetFileTime
GetFileAttributesA
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GetModuleFileNameA
GlobalSize
GlobalAlloc
FormatMessageA
LocalFree
lstrlenW
MulDiv
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
InterlockedDecrement
GetModuleFileNameW
FreeResource
GetCurrentThreadId
GlobalFindAtomA
SetStdHandle

user32

RegisterClipboardFormatA
SendNotifyMessageA
WaitMessage
IsClipboardFormatAvailable
GetDialogBaseUnits
LockWindowUpdate
GetDCEx
GetTabbedTextExtentA
PostThreadMessageA
CreateMenu
CopyAcceleratorTableA
WindowFromDC
InSendMessage
CharUpperA
UnregisterClassA
UnionRect
GetSysColorBrush
MapVirtualKeyA
GetKeyNameTextA
GetMenuItemInfoA
DestroyIcon
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
ShowOwnedPopups
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
WindowFromPoint
SetParent
GetSystemMenu
DeleteMenu
SetRect
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
KillTimer
SetTimer
SetWindowRgn
DrawIcon
FillRect
GetCursorPos
LoadCursorA
DestroyCursor
SetCursorPos
SetCapture
ClientToScreen
ScrollWindowEx
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
MessageBoxA
GetClassInfoExA
RegisterClassA
ScreenToClient
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcA
CallWindowProcA
GetWindowPlacement
GetSystemMetrics
GetClassNameA
UnpackDDElParam
ReuseDDElParam
PostMessageA
IsZoomed
LoadStringA
SendMessageA
GetClientRect
LoadMenuA
DestroyMenu
GetMenuBarInfo
WinHelpA
SetFocus
GetWindowThreadProcessId
IsWindowEnabled
EqualRect
GetDlgItem
GetDlgCtrlID
GetKeyState
LoadIconA
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
SetActiveWindow
IsWindowVisible
IsIconic
InsertMenuItemA
CreatePopupMenu
GetClassInfoA
SetRectEmpty
GetLastActivePopup
SetMenu
GetDesktopWindow
GetWindow
InvalidateRect
EnableWindow
GetSysColor
GetWindowRect
GetParent
CopyRect
PtInRect
InflateRect
OffsetRect
IntersectRect
SystemParametersInfoA
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetDC
ReleaseDC
UpdateWindow
DefFrameProcA
GetMenu
DefMDIChildProcA
GetMenuItemID
GetSubMenu
GetMenuItemCount
CreateWindowExA
DrawMenuBar
GetActiveWindow
BringWindowToTop
TranslateMDISysAccel
TranslateAcceleratorA
IsWindow
SetWindowLongA
GetWindowLongA
SetWindowPos
RedrawWindow
AdjustWindowRectEx
ShowWindow
IsRectEmpty

gdi32

SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
SelectClipRgn
GetClipRgn
SelectObject
CreateRectRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
StartDocA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
SetStretchBltMode
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
GetStockObject
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
SetRectRgn
GetMapMode
GetViewportOrgEx
Rectangle
GetCharWidthA
CreateFontA
StretchDIBits
GetBkColor
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetTextAlign
GetTextFaceA
GetTextExtentPointA
GetWindowOrgEx
CreateMetaFileA
CloseMetaFile
DeleteMetaFile
SetPolyFillMode
SetROP2
SetBkMode
RestoreDC
SaveDC
CreateDCA
CopyMetaFileA
Ellipse
LPtoDP
DPtoLP
CreateEllipticRgn
GetTextExtentPoint32A
SelectPalette
RealizePalette
GetDeviceCaps
PolylineTo
CreateRectRgnIndirect
PatBlt
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateCompatibleDC
CreateCompatibleBitmap
FillRgn
CombineRgn
CreateFontIndirectA
DeleteObject
GetTextMetricsA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
GetJobA
ClosePrinter

advapi32

GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegSetValueA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegCreateKeyA

shell32

DragFinish
DragQueryFileA
ExtractIconA
SHGetFileInfoA
DragAcceptFiles

shlwapi

PathFindExtensionA
PathRemoveExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathStripToRootA
PathIsUNCA

oledlg

ord8

ole32

OleCreateFromFile
OleCreateLinkToFile
OleGetIconOfClass
CreateItemMoniker
CreateGenericComposite
OleIsRunning
GetRunningObjectTable
CoLockObjectExternal
OleRun
CreateFileMoniker
CoGetMalloc
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
CreateOleAdviseHolder
CreateDataAdviseHolder
OleGetClipboard
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
OleSetMenuDescriptor
OleQueryCreateFromData
OleQueryLinkFromData
DoDragDrop
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoGetClassObject
CoRegisterClassObject
CoRevokeClassObject
CoRegisterMessageFilter
CLSIDFromProgID
OleSetContainedObject
OleCreateFromData
OleLockRunning
CreateStreamOnHGlobal
OleSaveToStream
WriteClassStm
OleSave
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
CLSIDFromString
StringFromGUID2
CoDisconnectObject
CoInitializeEx
CoCreateInstance
CoUninitialize
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
GetHGlobalFromILockBytes
StgOpenStorageOnILockBytes
OleLoad
OleCreate
OleCreateLinkFromData
OleCreateStaticFromData

oleaut32

VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen
VarDateFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromDate
SysAllocString
VariantClear

Sections

.text
Size: 563KB - Virtual size: 562KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

526f5e23fb20396a69bf6fca8dca6a9c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

tiff32

imgman32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 563KB - Virtual size: 562KB

.rdata Size: 141KB - Virtual size: 140KB

.data Size: 14KB - Virtual size: 28KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 563KB - Virtual size: 562KB

.rdata
Size: 141KB - Virtual size: 140KB

.data
Size: 14KB - Virtual size: 28KB

.rsrc
Size: 28KB - Virtual size: 28KB