2024-06-01_bf1debae1aa9b2e62c46536ed912c606_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-01_bf1debae1aa9b2e62c46536ed912c606_icedid
Size

3.6MB
MD5

bf1debae1aa9b2e62c46536ed912c606
SHA1

82c2ef001b4f333ab4214435e0bf2c39f98444c0
SHA256

71e7bb275097d08b16b19981cda15b6925f9957ae4179c7152e6474cfac16e21
SHA512

6523064f7c39301311bd5361ca6fa6a507ea6b0ba5b7e88da7078d16cfa5265d9367e19213ce9ddcc649c664c83362510e7f0b4dc71b9f6f2e4412b2355399e5
SSDEEP

98304:04wKc6alzK/5gZtT4inFuFTEU32gilsNt0SN4AD:04Q64FRnqb3Rt0SN4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-01_bf1debae1aa9b2e62c46536ed912c606_icedid

Files

2024-06-01_bf1debae1aa9b2e62c46536ed912c606_icedid
.exe windows:6 windows x86 arch:x86

b2297579b236f29945035098c4b7eb3b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Jenkins\workspace\Midas_9.3.0\midasUR\PQuery\Release\PQuery.pdb

Imports

mpr

WNetGetConnectionA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
GetDriveTypeW
EnumSystemLocalesW
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
GetCommandLineW
GetFileType
SetStdHandle
FreeLibraryAndExitThread
SetFilePointerEx
GetEnvironmentStringsW
GetFullPathNameW
VirtualQuery
VirtualAlloc
GetSystemInfo
SetConsoleCtrlHandler
GetModuleHandleExW
ExitProcess
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetStringTypeW
LCMapStringW
CompareStringW
SwitchToThread
OutputDebugStringW
ReadConsoleW
FindFirstFileExW
FindNextFileW
ExitThread
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
LocalUnlock
LocalLock
Sleep
SearchPathA
IsValidCodePage
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
GetWindowsDirectoryA
lstrcpyA
FindResourceExW
GetCurrentDirectoryA
GetACP
SetErrorMode
SetFileAttributesA
LocalFileTimeToFileTime
GetFileSizeEx
GetFileAttributesExA
GetCPInfo
GetOEMCP
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
GetAtomNameA
LocalReAlloc
LocalAlloc
GlobalHandle
TlsSetValue
TlsGetValue
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
GlobalReAlloc
VirtualProtect
GetUserDefaultLCID
SystemTimeToFileTime
ReplaceFileA
GetTempFileNameA
SetFileTime
GetFileTime
GetFileAttributesA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
GetProfileIntA
GetTickCount
lstrcmpA
GetStringTypeExA
GetThreadLocale
GetVolumeInformationA
MoveFileA
lstrcmpiA
GetShortPathNameA
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
DeleteFileA
CreateFileA
ResumeThread
SuspendThread
SetThreadPriority
CreateEventA
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
GetCurrentProcessId
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
lstrcmpW
GlobalDeleteAtom
LoadLibraryW
LoadLibraryExW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
OutputDebugStringA
MultiByteToWideChar
CopyFileA
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
SetLastError
LoadLibraryExA
ExpandEnvironmentStringsA
GetCommandLineA
FormatMessageW
FormatMessageA
LocalFree
GetProcAddress
FreeLibrary
GetVersionExA
TlsFree
TlsAlloc
TerminateThread
QueueUserAPC
WaitForMultipleObjects
WaitForSingleObject
SetEvent
LeaveCriticalSection
EnterCriticalSection
PostQueuedCompletionStatus
CloseHandle
GetDiskFreeSpaceA
FindNextFileA
FindFirstFileA
FindClose
LoadLibraryA
WideCharToMultiByte
FindResourceW
SizeofResource
LockResource
LoadResource
GetModuleFileNameA
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
RaiseException
DecodePointer
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
WriteConsoleW
CreateFileW
CreateThread

user32

PostQuitMessage
ClipCursor
CreateMenu
CopyAcceleratorTableA
PostThreadMessageA
IsRectEmpty
UnionRect
SetRect
KillTimer
SetTimer
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
LoadImageA
DestroyIcon
OffsetRect
SetRectEmpty
InvalidateRect
InsertMenuItemA
DestroyMenu
CreatePopupMenu
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
LoadCursorW
LoadCursorA
WindowFromPoint
SetCursor
ReleaseCapture
SetCapture
WaitMessage
GetDesktopWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
IntersectRect
InflateRect
GetSystemMetrics
CharUpperA
GetCursorPos
GetActiveWindow
TranslateMessage
GetMessageA
GetWindowThreadProcessId
IsDialogMessageA
SetWindowTextA
ScrollWindowEx
IsWindowEnabled
SendDlgItemMessageA
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
GetWindowLongA
PtInRect
ShowOwnedPopups
CopyRect
MapWindowPoints
MessageBoxA
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
SetParent
GetKeyNameTextA
MapVirtualKeyA
TrackMouseEvent
LoadImageW
EnableWindow
UnregisterClassA
SendMessageA
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
PeekMessageA
DispatchMessageA
RegisterWindowMessageA
LoadBitmapW
DestroyCursor
IsClipboardFormatAvailable
GetSysColorBrush
RealChildWindowFromPoint
GetMenuItemInfoA
SystemParametersInfoA
CopyImage
GetDialogBaseUnits
GetSystemMenu
DeleteMenu
GetDCEx
CharNextA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
LoadAcceleratorsW
LoadMenuW
SetWindowContextHelpId
MapDialogRect
GetAsyncKeyState
InSendMessage
EqualRect
WindowFromDC
RegisterClipboardFormatA
UpdateWindow
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
EnumClipboardFormats
EmptyClipboard
GetClientRect
PostMessageA
GetParent
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetDC
GetWindowDC
GetTabbedTextExtentW
ReleaseDC
BeginPaint
EndPaint
ClientToScreen
ScreenToClient
GetSysColor
FillRect
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
GetMenuDefaultItem
LockWindowUpdate
DrawFocusRect
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
SetLayeredWindowAttributes
EnumDisplayMonitors
DrawStateA
SetClassLongA
DrawEdge
DrawFrameControl
IsZoomed
SetCursorPos
CopyIcon
FrameRect
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
CreateAcceleratorTableA
DestroyAcceleratorTable
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
CharUpperBuffA
GetUpdateRect
EnumChildWindows
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
MonitorFromRect
GetWindowRgn
GetTabbedTextExtentA
SetWindowRgn
DrawIcon
SendNotifyMessageA

gdi32

GetClipBox
GetClipRgn
GetCurrentPositionEx
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextColor
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocA
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
GetObjectA
MoveToEx
TextOutA
ExtTextOutA
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateFontIndirectA
CreateRectRgnIndirect
GetMapMode
ExcludeClipRect
SetRectRgn
DPtoLP
CreateCompatibleBitmap
GetBkColor
GetCharWidthA
StretchDIBits
SetBrushOrgEx
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetViewportOrgEx
Rectangle
CloseMetaFile
CreateMetaFileA
DeleteMetaFile
GetTextExtentPoint32A
GetTextMetricsA
UnrealizeObject
GetTextColor
GetRgnBox
EnumFontFamiliesExA
GetWindowOrgEx
CreateEllipticRgn
Ellipse
CreateDIBSection
LPtoDP
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextExtentPointA
GetTextExtentPoint32W
GetTextFaceA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
SetDIBColorTable
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
OffsetRgn
GetCurrentObject
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
Escape
DeleteObject
DeleteDC
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
CreateCompatibleDC
CreateBitmap
BitBlt
GetDeviceCaps
CreateDCA
CreateFontA
PatBlt
CopyMetaFileA
CreateSolidBrush

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesA
GetJobA
OpenPrinterA
ClosePrinter

advapi32

RegEnumKeyExA
RegEnumValueA
GetFileSecurityA
SetFileSecurityA
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExW
RegSetValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHGetMalloc
ShellExecuteA
SHGetDesktopFolder
SHGetSpecialFolderLocation
ExtractIconA
SHAppBarMessage
DragFinish
DragQueryFileA
SHGetFileInfoA
DragAcceptFiles
SHBrowseForFolderA
SHGetPathFromIDListA
SHAddToRecentDocs
ShellExecuteExA

shlwapi

PathRemoveFileSpecW
PathRemoveExtensionA
PathFindFileNameA
PathFindExtensionA
PathStripToRootA
PathIsUNCA
StrFormatKBSizeA

uxtheme

IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
OpenThemeData
CloseThemeData
DrawThemeParentBackground
DrawThemeBackground
GetThemePartSize
DrawThemeText

ole32

PropVariantCopy
StgCreateDocfile
StgOpenStorage
StgOpenStorageOnILockBytes
StgIsStorageFile
CreateILockBytesOnHGlobal
CreateFileMoniker
CreateItemMoniker
GetRunningObjectTable
OleRun
OleIsRunning
OleSetContainedObject
CLSIDFromProgID
OleRegGetMiscStatus
OleRegEnumVerbs
OleGetClipboard
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
WriteClassStm
CreateDataAdviseHolder
CreateGenericComposite
CoDisconnectObject
CoFreeUnusedLibraries
CoRevokeClassObject
CoRegisterClassObject
CoInitialize
CoCreateGuid
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleSaveToStream
CreateOleAdviseHolder
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoCreateInstance
CoInitializeEx
CoUninitialize
SetConvertStg
OleRegGetUserType
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemAlloc
StringFromCLSID
OleUninitialize
OleInitialize
CoTaskMemFree
StringFromGUID2
CoGetClassObject
CoRegisterMessageFilter
OleQueryLinkFromData
OleQueryCreateFromData
OleLoad
GetHGlobalFromILockBytes
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleSave
CoGetMalloc
OleSetMenuDescriptor
OleGetIconOfClass
OleLockRunning
CLSIDFromString
ReleaseStgMedium

oleaut32

VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDateFromStr
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnlock
SafeArrayLock
SafeArrayRedim
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
VariantCopy
SysAllocString
VarDecFromStr
VariantChangeType
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
SysFreeString
VariantClear
VariantInit
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayDestroy
SafeArrayCreate
SysReAllocStringLen
SysStringLen

oledlg

ord8

ws2_32

WSACleanup
WSASetLastError
WSAStartup
gethostname
WSAGetLastError

gdiplus

GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipDrawImageI
GdipGetImagePaletteSize

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 593KB - Virtual size: 593KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 409KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b2297579b236f29945035098c4b7eb3b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mpr

version

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

ws2_32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 593KB - Virtual size: 593KB

.data Size: 36KB - Virtual size: 56KB

.rsrc Size: 409KB - Virtual size: 408KB

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 593KB - Virtual size: 593KB

.data
Size: 36KB - Virtual size: 56KB

.rsrc
Size: 409KB - Virtual size: 408KB