Static task
static1
Behavioral task
behavioral1
Sample
2024-05-20_d292582a928d2d3bfa8c28fe7e24af61_icedid_magniber.exe
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral2
Sample
2024-05-20_d292582a928d2d3bfa8c28fe7e24af61_icedid_magniber.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
General
-
Target
2024-05-20_d292582a928d2d3bfa8c28fe7e24af61_icedid_magniber
-
Size
6.6MB
-
MD5
d292582a928d2d3bfa8c28fe7e24af61
-
SHA1
a958a37d3829d375b99ff96402df1bcd80d86ef5
-
SHA256
000d78cf2e1ce976463388d06b33148ac7d2708c9e1c1d93da95903540f15858
-
SHA512
e6d92375a5766f2f882f6fb7fc573296699327be56c7db4740afb68021468af9c7bddbe8eb7205d58e015540a939a8897f11c09af1e4f901c4726c1434b386ad
-
SSDEEP
196608:CLM7KFujdajVZjC6Ba5dUB3n0JU1ayRpvlQj6j:clo0jVr0JIaGpvCj6j
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-05-20_d292582a928d2d3bfa8c28fe7e24af61_icedid_magniber
Files
-
2024-05-20_d292582a928d2d3bfa8c28fe7e24af61_icedid_magniber.exe windows:6 windows x86 arch:x86
071a51b63baeae24f9bb2f2b82553a76
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
rpcrt4
RpcSmSetClientAllocFree
NdrClientInitializeNew
NdrConformantStringUnmarshall
NdrRpcSmClientFree
RpcErrorResetEnumeration
kernel32
SystemTimeToTzSpecificLocalTime
VerSetConditionMask
VerifyVersionInfoA
GetDiskFreeSpaceA
ReplaceFileA
GetUserDefaultLCID
GetTempPathA
GetProfileIntA
SearchPathA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
GetCPInfo
SetConsoleCtrlHandler
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
FindNextFileW
GetOEMCP
FindFirstFileExA
GetFileTime
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
EnumSystemLocalesW
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStdHandle
ExitProcess
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
VirtualQuery
VirtualAlloc
GetSystemInfo
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
CompareStringEx
GetStringTypeW
GetLocaleInfoEx
LCMapStringEx
OutputDebugStringW
SetFileAttributesA
GetFileSizeEx
FileTimeToLocalFileTime
GetTimeZoneInformation
VirtualProtect
FileTimeToSystemTime
GetAtomNameA
GetStringTypeExA
GetThreadLocale
MoveFileA
GetShortPathNameA
LoadLibraryExA
DuplicateHandle
GetVolumeInformationA
UnlockFile
SetEndOfFile
LockFile
GetFullPathNameA
FlushFileBuffers
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetACP
lstrcmpiA
LocalUnlock
LocalLock
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalFlags
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CreateSemaphoreA
WaitForMultipleObjects
CreateMutexA
ReleaseMutex
ReleaseSemaphore
GlobalFindAtomA
lstrcmpW
FormatMessageA
MulDiv
GlobalSize
GetCurrentProcessId
GlobalAddAtomA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CompareStringA
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
GetVersionExA
GetCurrentThread
ResumeThread
SuspendThread
SetThreadPriority
CreateEventA
SetEvent
GlobalFree
GlobalLock
GlobalUnlock
LoadLibraryW
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
GetSystemDirectoryW
SetLastError
EncodePointer
OutputDebugStringA
LocalFree
LocalAlloc
CopyFileA
FindNextFileA
FindFirstFileA
FindClose
GetCurrentThreadId
FindResourceExW
MultiByteToWideChar
GetVolumeInformationW
SystemTimeToFileTime
SetFileTime
SetFilePointer
LocalFileTimeToFileTime
GetFileAttributesA
SetErrorMode
GetCurrentDirectoryA
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
RaiseException
DecodePointer
TerminateThread
Process32Next
OpenFileMappingA
MapViewOfFile
lstrcpynA
ReadFile
GetBinaryTypeA
GetModuleHandleA
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CreateDirectoryA
CreateProcessA
WaitForSingleObject
WriteFile
DeleteFileA
CreateFileA
LoadLibraryA
lstrlenA
lstrcatA
lstrcpyA
WinExec
FreeLibrary
GetWindowsDirectoryA
WideCharToMultiByte
FindResourceW
FindResourceA
SizeofResource
LockResource
LoadResource
GetConsoleAliasW
EnumDateFormatsExEx
GetNLSVersionEx
GetFileMUIPath
GetFileMUIInfo
SetThreadUILanguage
EnumSystemGeoID
LCIDToLocaleName
GetTimeFormatA
IsBadCodePtr
SetDllDirectoryA
Wow64EnableWow64FsRedirection
GetTempFileNameA
GlobalGetAtomNameA
EndUpdateResourceW
GetFirmwareEnvironmentVariableW
DeleteBoundaryDescriptor
GetProcAddress
CreateThreadpoolTimer
ReleaseMutexWhenCallbackReturns
GetSystemFileCacheSize
UnmapViewOfFile
SetSystemTimeAdjustment
GetNativeSystemInfo
SetThreadPriorityBoost
Sleep
SleepEx
SleepConditionVariableCS
InitOnceComplete
InitializeCriticalSection
AddVectoredContinueHandler
GetLastError
CloseHandle
IsDebuggerPresent
UnlockFileEx
SetFileAttributesW
GetFileSize
GetFileAttributesExA
CompareFileTime
SetCurrentDirectoryW
GetCommandLineW
GetCommandLineA
WriteConsoleW
FindFirstFileExW
CreateFileW
user32
UpdateLayeredWindow
UnionRect
FrameRect
SetCursorPos
GetSystemMenu
LoadMenuW
IsZoomed
DrawFrameControl
DrawEdge
SetParent
SetWindowRgn
SetClassLongA
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
DrawIconEx
IsRectEmpty
DrawFocusRect
GetNextDlgGroupItem
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
LoadImageA
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
GetMenuDefaultItem
CreatePopupMenu
MapDialogRect
GetAsyncKeyState
GetMenuItemInfoA
DestroyMenu
LoadImageW
TrackMouseEvent
LoadCursorW
ReleaseCapture
SetCapture
WaitMessage
CharUpperA
DestroyIcon
DeleteMenu
CopyImage
GetDialogBaseUnits
SetRect
GetTabbedTextExtentA
IsClipboardFormatAvailable
GetSysColorBrush
RealChildWindowFromPoint
MsgWaitForMultipleObjectsEx
WindowFromPoint
IntersectRect
IsDialogMessageA
SetWindowTextA
ScrollWindowEx
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
GetWindow
GetTopWindow
GetClassNameA
GetClassLongA
EqualRect
GetComboBoxInfo
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
PostThreadMessageA
MessageBoxA
SendMessageA
IsIconic
EnableWindow
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
RegisterClipboardFormatA
CharUpperBuffA
GetUpdateRect
GetDCEx
EnumChildWindows
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
SendNotifyMessageA
MonitorFromRect
InSendMessage
GetSystemMetrics
DrawIcon
GetClientRect
GetWindowRect
GetSysColor
LoadIconW
GetMessagePos
IsWindow
SetTimer
KillTimer
GetDC
ReleaseDC
InvalidateRect
MessageBeep
SetCursor
ScreenToClient
InflateRect
PtInRect
SetWindowLongA
GetParent
LoadCursorA
CopyIcon
OffsetRect
wsprintfA
PostMessageA
UnregisterClassA
AttachThreadInput
SetForegroundWindow
AllowSetForegroundWindow
LockSetForegroundWindow
SystemParametersInfoA
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
LoadBitmapW
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongA
GetDesktopWindow
MonitorFromPoint
CreateMenu
GetWindowRgn
DestroyCursor
GetTabbedTextExtentW
MapWindowPoints
WindowFromDC
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
IsWindowVisible
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
PostQuitMessage
ShowOwnedPopups
GetWindowThreadProcessId
GetLastActivePopup
GetKeyNameTextA
MapVirtualKeyA
CopyRect
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
UnhookWindowsHookEx
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetWindowDC
BeginPaint
EndPaint
ClientToScreen
FillRect
SendDlgItemMessageA
CallWindowProcA
DefWindowProcA
GetMessageTime
RegisterWindowMessageA
SetRectEmpty
gdi32
EndPage
AbortDoc
SetAbortProc
CreateCompatibleBitmap
CreateFontA
StretchDIBits
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
StartPage
Rectangle
GetRgnBox
OffsetRgn
GetCurrentObject
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileA
DeleteMetaFile
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextExtentPointA
GetTextExtentPoint32W
GetTextFaceA
EnumMetaFile
PlayMetaFileRecord
SetTextJustification
EndDoc
GetCharWidthA
GetTextMetricsA
DPtoLP
SetRectRgn
GetMapMode
CombineRgn
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
PolylineTo
PolyBezierTo
ExtTextOutA
TextOutA
MoveToEx
ExtCreatePen
SetArcDirection
SelectClipPath
PolyDraw
ArcTo
StartDocA
SetColorAdjustment
ModifyWorldTransform
ExcludeClipRect
GetClipBox
GetClipRgn
GetCurrentPositionEx
EnumFontFamiliesExA
GetObjectType
SetTextAlign
SetTextColor
SetTextCharacterExtra
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetGraphicsMode
SetMapperFlags
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
CreateFontIndirectA
GetStockObject
GetTextExtentPoint32A
GetObjectA
CreateBitmap
CreateRectRgnIndirect
PatBlt
CopyMetaFileA
CreateDCA
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateDIBPatternBrushPt
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
SetWorldTransform
Escape
msimg32
TransparentBlt
AlphaBlend
comdlg32
PrintDlgA
PrintDlgW
winspool.drv
GetJobA
DocumentPropertiesA
OpenPrinterA
ClosePrinter
advapi32
GetFileSecurityA
SetFileSecurityA
RegEnumKeyExA
RegEnumValueA
RegSetValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
CryptGetKeyParam
CryptSetKeyParam
CryptDestroyKey
CryptReleaseContext
RegCreateKeyExA
RegOpenKeyExW
StartServiceA
QueryServiceStatus
OpenServiceA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
ChangeServiceConfig2A
RegUnLoadKeyA
RegLoadKeyA
LookupPrivilegeValueA
OpenProcessToken
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
shell32
ShellExecuteA
SHGetFolderPathA
SHAddToRecentDocs
ExtractIconA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHGetMalloc
SHBrowseForFolderA
SHAppBarMessage
ShellExecuteExA
shlwapi
PathAppendA
SHSetValueA
SHGetValueA
PathFindExtensionA
PathFindFileNameA
PathRemoveExtensionA
PathIsUNCA
PathStripToRootA
StrFormatKBSizeA
PathRemoveFileSpecW
uxtheme
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetWindowTheme
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetThemePartSize
IsAppThemed
ole32
StgCreateDocfile
StgIsStorageFile
CreateILockBytesOnHGlobal
CreateFileMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
StgCreateDocfileOnILockBytes
WriteClassStm
StgOpenStorage
CoTreatAsClass
CreateGenericComposite
CreateItemMoniker
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
GetHGlobalFromILockBytes
OleLockRunning
OleSetMenuDescriptor
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleGetIconOfClass
OleRun
OleFlushClipboard
OleSetClipboard
PropVariantCopy
CreateStreamOnHGlobal
CoInitializeEx
CLSIDFromString
StringFromGUID2
CoDisconnectObject
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoInitialize
CoCreateInstance
CoUninitialize
CoCreateGuid
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleIsRunning
CoGetMalloc
OleQueryLinkFromData
OleQueryCreateFromData
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CoGetClassObject
CoRegisterClassObject
CoRevokeClassObject
CoRegisterMessageFilter
CLSIDFromProgID
StgOpenStorageOnILockBytes
oleaut32
LoadRegTypeLi
RegisterTypeLi
SysStringLen
SysReAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayRedim
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
VariantChangeType
SafeArrayGetLBound
SysAllocStringLen
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VariantCopy
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarDecFromStr
SysAllocString
LoadTypeLi
VariantClear
VariantInit
SysAllocStringByteLen
SysStringByteLen
SysFreeString
SafeArrayLock
oledlg
ord8
secur32
QueryContextAttributesW
ApplyControlToken
SaslIdentifyPackageA
InitializeSecurityContextA
InitSecurityInterfaceW
SetCredentialsAttributesA
wininet
InternetCanonicalizeUrlA
SetUrlCacheEntryGroupW
FindNextUrlCacheEntryA
InternetCanonicalizeUrlW
FtpRemoveDirectoryW
HttpAddRequestHeadersW
netapi32
NetUserEnum
gdiplus
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipCreateBitmapFromStream
oleacc
LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject
imm32
ImmReleaseContext
ImmGetOpenStatus
ImmGetContext
winmm
PlaySoundA
Sections
.text Size: 2.6MB - Virtual size: 2.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 603KB - Virtual size: 603KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 36KB - Virtual size: 60KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3.3MB - Virtual size: 3.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ