2024-06-14_6cf860ea8e599cf41bb436b93638a395_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-14_6cf860ea8e599cf41bb436b93638a395_icedid
Size

5.4MB
MD5

6cf860ea8e599cf41bb436b93638a395
SHA1

0dc79c3aa41fb4d12f1b454fe13a5db502495213
SHA256

1e9bcb46825ada12aad1aa4e26cecf3c8ecbe905fe1e777d6fd4bf6f34024579
SHA512

1a538bf702332685d2e987511afa1cdb3c468a88bc313d4ff2cad1c2a51bad955b89d67ac65a0f5069df67b929b86ce326cc41378d0595a7bb704afa0a2991b4
SSDEEP

49152:obrLbBJWxbyN/vaXinnxOk8pzw96kJlheS8hbIgDr1y6QTkSlgoESnJ5NTvpT6rD:oblyQySx8JiaS8hNH4uSlgoz6S6J1J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-14_6cf860ea8e599cf41bb436b93638a395_icedid

Files

2024-06-14_6cf860ea8e599cf41bb436b93638a395_icedid
.exe windows:4 windows x86 arch:x86

4ed5d8247048d12610045eacfe81bd8d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetGetLastResponseInfoA
InternetQueryOptionA

crypt32

CertFreeCertificateContext
CertCloseStore
CertOpenStore
CryptDecodeObjectEx
CryptImportPublicKeyInfo
CertGetCertificateContextProperty
CertSetCertificateContextProperty
CertEnumCertificateContextProperties
CertFindCertificateInStore
CryptExportPublicKeyInfo
CertComparePublicKeyInfo
CertControlStore
CertCompareIntegerBlob
CertEnumSystemStoreLocation
CertEnumSystemStore
CertGetNameStringA

ws2_32

closesocket
send
recv
shutdown
WSAGetLastError
WSASetLastError

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
FreeResource
GlobalSize
GetModuleFileNameW
lstrcmpA
VirtualProtect
EnumResourceLanguagesA
ConvertDefaultLocale
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetThreadLocale
LocalUnlock
LocalLock
GetProfileIntA
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
MoveFileA
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
LocalFileTimeToFileTime
SetErrorMode
RtlUnwind
GetTimeFormatA
GetDateFormatA
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
HeapReAlloc
VirtualQuery
SetConsoleCtrlHandler
SetStdHandle
GetFileInformationByHandle
PeekNamedPipe
GetCommandLineA
GetStartupInfoA
HeapSize
GetACP
IsValidCodePage
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
SetHandleCount
GetConsoleCP
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetLocaleInfoW
SetEnvironmentVariableA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
ReadConsoleInputA
FlushConsoleInputBuffer
GetLastError
GetFileAttributesA
FreeLibrary
LoadLibraryExA
SizeofResource
LockResource
LoadResource
FindResourceA
WideCharToMultiByte
LocalFree
FormatMessageA
LocalAlloc
GetCurrentDirectoryA
HeapFree
HeapAlloc
GetProcessHeap
MulDiv
GetCPInfo
GetOEMCP
lstrlenA
InterlockedDecrement
CloseHandle
ReleaseSemaphore
InterlockedIncrement
GetTickCount
GetModuleFileNameA
lstrcmpiA
WaitForSingleObject
CopyFileA
DeleteCriticalSection
InitializeCriticalSection
ResumeThread
CreateThread
LoadLibraryA
GetModuleHandleA
GlobalDeleteAtom
GetProcAddress
SetLastError
MultiByteToWideChar
lstrlenW
InterlockedExchange
GetVersion
CompareStringA
CompareStringW
GetStringTypeExA
DeleteFileA
CreateFileA
WriteFile
lstrcpynA
GetTempFileNameA
GetTempPathA
GetVersionExA
lstrcatA
lstrcpyA
ReadFile
SetFileAttributesA
SetFilePointer
GetSystemTime
GetTimeZoneInformation
FileTimeToSystemTime
FileTimeToLocalFileTime
SystemTimeToFileTime
GetSystemTimeAsFileTime
CreateEventA
GetCurrentThreadId
GetLocalTime
SetCurrentDirectoryA
ResetEvent
lstrcmpW
GetCurrentProcess
ReleaseMutex
CreateMutexA
LeaveCriticalSection
EnterCriticalSection
GetDriveTypeA
GetVolumeInformationA
FindFirstFileA
FindNextFileA
FindClose
GetFullPathNameA
GetLocaleInfoA
GetConsoleScreenBufferInfo
GetStdHandle
SetConsoleMode
GetConsoleMode
SetFileTime
GetFileTime
GlobalUnlock
GlobalLock
GlobalAlloc
GetFileSize
CreateDirectoryA
GetDiskFreeSpaceA
GetLogicalDrives
SetEvent
FlushFileBuffers
CreateSemaphoreA
GlobalFree
QueryPerformanceCounter
QueryPerformanceFrequency
UnmapViewOfFile
MapViewOfFile
GetOverlappedResult
CancelIo
CreateFileMappingA
RemoveDirectoryA
GetShortPathNameA
GetWindowsDirectoryA
GlobalMemoryStatus
GetSystemInfo
FindResourceExA
GetCurrentThread
OutputDebugStringA
WaitForMultipleObjects
Sleep
GetCurrentProcessId
GetFileType
VirtualFree
VirtualAlloc
SetEnvironmentVariableW

user32

UnregisterClassA
DestroyIcon
GetDCEx
GetMenuStringA
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
IsWindowEnabled
GetNextDlgTabItem
EndDialog
LoadIconA
SendDlgItemMessageA
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
GetClassInfoExA
RegisterClassA
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
CallWindowProcA
IsIconic
GetWindowPlacement
GetWindow
MsgWaitForMultipleObjectsEx
CharToOemA
OemToCharA
LoadStringA
MessageBoxA
GetCursorPos
ScreenToClient
LoadMenuA
EnableMenuItem
InsertMenuA
IsRectEmpty
SystemParametersInfoA
IsWindowVisible
LockWindowUpdate
DrawTextA
CharUpperA
SetWindowTextA
SetWindowLongA
BeginPaint
EndPaint
GetDlgItem
LoadImageA
GetSystemMetrics
SetWindowPos
AdjustWindowRectEx
BeginDeferWindowPos
EndDeferWindowPos
SetParent
RedrawWindow
EqualRect
GetCursor
GetMessageA
ReleaseCapture
SetCapture
GetCapture
CheckMenuItem
IsChild
PtInRect
CopyRect
CreateWindowExA
BringWindowToTop
GetMenu
GetSubMenu
GetMenuItemID
AppendMenuA
DeleteMenu
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
TranslateMessage
GetParent
DrawFocusRect
InflateRect
SetRectEmpty
SetCursor
GetWindowLongA
IntersectRect
SetRect
GetSystemMenu
RemoveMenu
SetTimer
UpdateWindow
GetSysColor
IsWindow
GetClassInfoA
DefWindowProcA
LoadCursorA
GetSysColorBrush
ClipCursor
PostThreadMessageA
CreateMenu
CopyAcceleratorTableA
MessageBeep
IsClipboardFormatAvailable
ShowScrollBar
GetFocus
EnableScrollBar
InvalidateRect
FillRect
OffsetRect
GetClientRect
GetWindowRect
LoadBitmapA
PostMessageA
GetTabbedTextExtentA
GetDC
WindowFromPoint
SetCursorPos
DestroyCursor
KillTimer
DrawIcon
SetWindowRgn
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
UnpackDDElParam
ReuseDDElParam
InsertMenuItemA
CreatePopupMenu
SetMenu
TranslateAcceleratorA
GetMenuItemInfoA
WindowFromDC
InSendMessage
ShowOwnedPopups
RegisterClipboardFormatA
LoadAcceleratorsA
DestroyMenu
ValidateRect
PostQuitMessage
GetMenuState
MapDialogRect
GetAsyncKeyState
GetWindowThreadProcessId
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
ScrollWindowEx
ShowWindow
MoveWindow
IsDialogMessageA
SetDlgItemTextA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
FindWindowA
ModifyMenuA
ReleaseDC
SendMessageA
wsprintfA
EnableWindow
IsZoomed
GetUserObjectInformationW
GetProcessWindowStation
RegisterWindowMessageA
GetMenuItemCount

gdi32

UnrealizeObject
GetTextFaceA
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetNearestColor
GetWindowOrgEx
EnumFontFamiliesExA
DeleteMetaFile
CloseMetaFile
CreateMetaFileA
SetBrushOrgEx
GetBkColor
StretchDIBits
CreateFontA
GetViewportOrgEx
CombineRgn
SetRectRgn
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
Ellipse
CreateEllipticRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutA
RectVisible
PtVisible
StartDocA
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetTextAlign
LineTo
IntersectClipRect
ExcludeClipRect
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateDCA
CopyMetaFileA
SetTextColor
GetClipBox
SelectPalette
RealizePalette
CreateDIBitmap
CreatePalette
GetMapMode
SetMapMode
SetBkColor
DeleteDC
CreateBitmap
LPtoDP
StretchBlt
SelectObject
PatBlt
DPtoLP
DeleteObject
BitBlt
CreateCompatibleDC
CreateRectRgnIndirect
CreateCompatibleBitmap
CreateSolidBrush
GetStockObject
GetObjectA
GetTextAlign
GetCurrentPositionEx
ExtTextOutA
MoveToEx
GetCharWidthA
GetTextExtentPoint32A
GetTextMetricsA
Rectangle
Arc
GetTextColor
GetDeviceCaps
CreateFontIndirectA
CreatePen
CreatePatternBrush

comdlg32

GetFileTitleA
CommDlgExtendedError
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

OpenPrinterA
GetJobA
DocumentPropertiesA
ClosePrinter

advapi32

RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegSetValueA
SetFileSecurityA
GetFileSecurityA
AllocateAndInitializeSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
GetLengthSid
FreeSid
CryptGenRandom
GetSecurityDescriptorControl
GetSecurityDescriptorLength
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetKernelObjectSecurity
SetKernelObjectSecurity
IsValidSecurityDescriptor
GetSecurityDescriptorDacl
IsValidAcl
GetSecurityDescriptorSacl
GetSecurityDescriptorOwner
IsValidSid
GetSecurityDescriptorGroup
CryptAcquireContextA
CryptSetProvParam
CryptVerifySignatureA
CryptSignHashA
CryptEncrypt
CryptGetHashParam
CryptGenKey
CryptHashData
CryptImportKey
CryptExportKey
CryptGetKeyParam
CryptCreateHash
CryptDestroyHash
CryptGetUserKey
CryptGetProvParam
CryptDecrypt
CryptDestroyKey
CryptContextAddRef
CryptReleaseContext
RegEnumValueA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyA
RegDeleteValueA

shell32

ShellExecuteA
DragQueryFileA
DragFinish
SHGetSpecialFolderLocation
SHGetFileInfoA
ExtractIconA
SHGetPathFromIDListA

comctl32

ImageList_GetIconSize
ImageList_DrawEx

shlwapi

PathFindFileNameA
PathFindExtensionA
PathStripToRootA
PathIsUNCA

oledlg

ord8

ole32

OleLockRunning
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateGenericComposite
OleSaveToStream
WriteClassStm
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CreateDataAdviseHolder
CreateOleAdviseHolder
RevokeDragDrop
RegisterDragDrop
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CreateItemMoniker
OleRun
CoLockObjectExternal
GetRunningObjectTable
OleIsRunning
OleRegGetUserType
WriteClassStg
StgCreateDocfile
CoTaskMemFree
CreateStreamOnHGlobal
CoCreateGuid
StgIsStorageFile
StgOpenStorage
CreateFileMoniker
CoDisconnectObject
OleRegGetMiscStatus
OleRegEnumVerbs
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx

oleaut32

VariantCopy
SysAllocString
SysAllocStringByteLen
SysStringLen
SysFreeString
OleLoadPicture
VariantChangeType
SysAllocStringLen
VariantInit
VariantClear
LoadTypeLi

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 764KB - Virtual size: 761KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 437KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ed5d8247048d12610045eacfe81bd8d

Headers

DLL Characteristics

File Characteristics

Imports

wininet

crypt32

ws2_32

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 3.5MB - Virtual size: 3.5MB

.rdata Size: 764KB - Virtual size: 761KB

.data Size: 100KB - Virtual size: 437KB

.rsrc Size: 1.0MB - Virtual size: 1.0MB

.text
Size: 3.5MB - Virtual size: 3.5MB

.rdata
Size: 764KB - Virtual size: 761KB

.data
Size: 100KB - Virtual size: 437KB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB