2024-06-14_d130a1955953516a83e38af54c181b87_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-14_d130a1955953516a83e38af54c181b87_icedid
Size

3.3MB
MD5

d130a1955953516a83e38af54c181b87
SHA1

b66f3dd10da0f9bd2d16cf00a4de70c0f95606dd
SHA256

0673bf9b1334ada28d86412b52933edfbec89917c758225e9b4c2898dafb5a6f
SHA512

50a3d041e4a11915bbb3c66e524c83f44a80fe6c6cf2ee89e7b5c93dcb2ff6dc2a674c438fd64fbfd95fb640e5dc2aa8ecdfad60c0b9a6fccf9a85620ebb9117
SSDEEP

49152:9eQsXumYKy/2bYNsGSTnJQj1Jeqc2BVcfCaoT95Mjq8p:kLP1RYNsGZF2boT95Mjq8p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-14_d130a1955953516a83e38af54c181b87_icedid

Files

2024-06-14_d130a1955953516a83e38af54c181b87_icedid
.exe windows:5 windows x86 arch:x86

300f86bdb539e58e1ddb411951079598

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringW
GetStringTypeA
GetStringTypeW
LCMapStringA
SetStdHandle
GetProcessHeap
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryA
InitializeCriticalSectionAndSpinCount
GetStartupInfoA
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetDriveTypeA
SetEnvironmentVariableA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapSize
ExitProcess
CreateThread
HeapReAlloc
RaiseException
RtlUnwind
GetDriveTypeW
HeapAlloc
HeapFree
GetFileType
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetStartupInfoW
SetErrorMode
GetFileSizeEx
LocalFileTimeToFileTime
GetFileAttributesExW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetProfileIntW
LocalSize
TerminateThread
GetExitCodeThread
OpenProcess
LoadLibraryExA
LoadLibraryExW
EnumResourceTypesW
ReadFile
lstrcmpiW
GetStringTypeExW
MoveFileW
GetCurrentDirectoryW
lstrlenA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
SystemTimeToFileTime
GlobalGetAtomNameW
GetModuleHandleA
InterlockedIncrement
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
SetFileTime
WritePrivateProfileStringW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
CompareStringA
InterlockedDecrement
WaitForSingleObject
SetThreadPriority
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GlobalFree
MulDiv
ResumeThread
Sleep
GetUserDefaultLCID
GetPrivateProfileStringW
EnumResourceNamesW
CreateFileW
CloseHandle
GetComputerNameExW
GetWindowsDirectoryW
GetSystemDirectoryW
GetVersionExW
LocalFree
GlobalAlloc
GetShortPathNameW
GetLongPathNameW
GlobalUnlock
GlobalLock
WriteFile
GetLocaleInfoW
GetTimeFormatW
GetDateFormatW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileW
GetFileAttributesW
FormatMessageW
GetThreadLocale
FreeLibrary
GetACP
InterlockedExchange
GetPrivateProfileIntW
SetLastError
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetLastError
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
FreeResource
GetCurrentProcessId
GetTempPathW
GetTickCount
DeleteFileW
LockResource
GetCommandLineW
SizeofResource
LoadResource
FindResourceW
GetModuleFileNameW
CreateDirectoryW

user32

DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
GetDC
ReleaseDC
GetKeyNameTextW
MapVirtualKeyW
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetTopWindow
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
GetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
PostQuitMessage
GetSystemMetrics
GetWindow
GetMenuState
AppendMenuW
GetMenuItemID
GetDlgItem
EndDeferWindowPos
BeginDeferWindowPos
SetActiveWindow
GetLastActivePopup
GetWindowTextLengthW
SetFocus
RemovePropW
GetPropW
SetPropW
GetClassLongW
CallNextHookEx
InsertMenuW
SetWindowsHookExW
GetCapture
IsChild
WinHelpW
SendDlgItemMessageA
GetMessageW
SendDlgItemMessageW
IsDialogMessageW
MoveWindow
ShowWindow
IsWindowEnabled
CheckMenuItem
EnableMenuItem
ModifyMenuW
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
GetActiveWindow
GetDesktopWindow
ValidateRect
MapDialogRect
SendMessageW
EnableWindow
UpdateWindow
LoadImageW
GetFocus
PostMessageW
LoadIconW
CreateAcceleratorTableW
RedrawWindow
SetTimer
KillTimer
GetClientRect
LoadMenuW
GetSubMenu
GetCursorPos
SetWindowLongW
GetWindowRect
IsWindow
InvalidateRect
LoadCursorW
RegisterWindowMessageW
DrawTextW
CopyRect
IsRectEmpty
GetSysColor
ClientToScreen
PtInRect
WindowFromPoint
TabbedTextOutW
DrawTextExW
GrayStringW
ScreenToClient
DispatchMessageW
PeekMessageW
TranslateMessage
IsClipboardFormatAvailable
UnpackDDElParam
SetWindowContextHelpId
ShowOwnedPopups
GetWindowThreadProcessId
CopyAcceleratorTableW
SetRect
InvalidateRgn
SetCapture
ReleaseCapture
SystemParametersInfoW
FillRect
DrawIcon
SetWindowRgn
GetWindowDC
BeginPaint
EndPaint
TranslateAcceleratorW
BringWindowToTop
SetRectEmpty
CreatePopupMenu
InsertMenuItemW
LoadAcceleratorsW
DestroyMenu
ReuseDDElParam
LockWindowUpdate
GetDCEx
PostThreadMessageW
UnionRect
SetParent
GetSystemMenu
RegisterClipboardFormatW
CharUpperW
DestroyIcon
MessageBeep
GetNextDlgGroupItem
CharNextW
DeleteMenu
UnregisterClassW
GetSysColorBrush
GetMenuItemInfoW
InflateRect
GetWindowPlacement
GetForegroundWindow
TranslateMDISysAccel
DrawMenuBar
MessageBoxW
EnumChildWindows
GetClassNameW
SetWindowTextW
GetWindowTextW
SetMenuItemInfoW
GetMenuStringW
GetMenuItemCount
DrawStateW
GetParent
SetCursor
DestroyCursor
CreateIconFromResourceEx
CopyIcon
GetIconInfo
CreateIconIndirect
DrawIconEx
IsZoomed
wsprintfW
DrawFrameControl
DrawFocusRect
InvertRect
GetMenuDefaultItem
DestroyAcceleratorTable
MapVirtualKeyExW
GetKeyboardLayout
IsCharLowerW
GetKeyboardLayoutList
GetKeyboardState
ToUnicodeEx
IsMenu
HideCaret
ShowCaret
GetWindowRgn
LookupIconIdFromDirectoryEx
DrawEdge
SendMessageTimeoutW
LoadStringW
SetWindowLongA
IsWindowUnicode
GetWindowLongA
EnumWindows
EnableScrollBar
CallWindowProcA
DefWindowProcA
DefFrameProcA
DefFrameProcW
DefDlgProcA
DefDlgProcW
DefMDIChildProcA
DefMDIChildProcW
RegisterClassA
SetCursorPos
GetCursor
SetClassLongW
GetDoubleClickTime

gdi32

SetStretchBltMode
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
DeleteObject
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
SelectPalette
RestoreDC
GetObjectType
CreatePen
CreateSolidBrush
SetRectRgn
CombineRgn
GetTextMetricsW
GetBkColor
GetTextColor
StretchDIBits
SetBkMode
SetWindowOrgEx
SaveDC
Ellipse
LPtoDP
DPtoLP
CreateEllipticRgn
GetRgnBox
PatBlt
CreateRectRgnIndirect
CreateBitmap
SetBkColor
GetClipBox
GetDeviceCaps
CreateFontW
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetStockObject
StretchBlt
CreateDIBSection
GetDIBits
SetPixel
SetDIBits
Polygon
EnumFontFamiliesExW
PtInRegion
GetTextCharsetInfo
OffsetRgn
GetBitmapBits
GetViewportOrgEx
SetBrushOrgEx
CreatePalette
CreateDIBitmap
GetWindowOrgEx
CreatePolygonRgn
RoundRect
CreateFontIndirectW
SelectObject
CreateCompatibleBitmap
GetMapMode
GetTextCharacterExtra
GetTextExtentPoint32W
GetObjectW
BitBlt
SetTextColor
CreateCompatibleDC

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueW
IsTextUnicode
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegCreateKeyW
GetFileSecurityW
SetFileSecurityW
GetUserNameW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegSetValueW

shell32

SHGetFileInfoW
ExtractIconW
SHGetFolderPathW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderPathW
SHFileOperationW
DragFinish
DragQueryFileW
ShellExecuteW

comctl32

InitCommonControlsEx
ImageList_Destroy
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_DrawEx
_TrackMouseEvent
FlatSB_GetScrollProp
ImageList_GetImageInfo
ImageList_DrawIndirect
ImageList_GetBkColor

shlwapi

UrlCanonicalizeA
UrlUnescapeW
UrlCanonicalizeW
PathCreateFromUrlW
UrlIsW
PathCombineW
StrCmpIW
UrlUnescapeA
StrFormatByteSizeW
PathAddBackslashW
StrStrIW
PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathStripToRootW
PathIsUNCW
StrStrIA

oledlg

OleUIBusyW
OleUIAddVerbMenuW

ole32

OleIsCurrentClipboard
CoRevokeClassObject
OleFlushClipboard
OleUninitialize
CoInitializeEx
CoUninitialize
CoDisconnectObject
CoFreeUnusedLibraries
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CoTaskMemAlloc
CLSIDFromProgID
CoTaskMemFree
CoCreateInstance
CreateStreamOnHGlobal
OleInitialize
CoInitialize
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop

oleaut32

OleCreateFontIndirect
LoadTypeLi
VariantCopy
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
VariantChangeType
SysStringByteLen
SysAllocStringByteLen
VariantInit
VariantClear
SysAllocStringLen
SysStringLen
SysFreeString
SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime

urlmon

URLDownloadToCacheFileW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

dbghelp

ImageDirectoryEntryToData

winmm

PlaySoundW
mciSendCommandW

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 334KB - Virtual size: 333KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

300f86bdb539e58e1ddb411951079598

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

version

dbghelp

winmm

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 334KB - Virtual size: 333KB

.data Size: 45KB - Virtual size: 65KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 334KB - Virtual size: 333KB

.data
Size: 45KB - Virtual size: 65KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB