2024-06-17_f8f9ef04d921d6230ad4e07cc98f3a00_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-17_f8f9ef04d921d6230ad4e07cc98f3a00_icedid
Size

2.9MB
MD5

f8f9ef04d921d6230ad4e07cc98f3a00
SHA1

b48ba44526be91b85f5f7527c4b7f47cb4577ebc
SHA256

c5dce260fc8f3459b854ae6d0b060091e6cac071c7d06a961c83d2c9069c0548
SHA512

76702a6a7ee0072f0ef5443e400a73680d398bea289c39343120466214e0ac2704fde15e2b00824de428196845c10739f7b90daa11f1517c5929b8a85377384a
SSDEEP

49152:Ny5UcqBJVOxMmcIMTesJXDcKu593Q7hmhid3MSkxndTpET/6Ukn:Ny5UyvccsJXolg7T9Onik

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-17_f8f9ef04d921d6230ad4e07cc98f3a00_icedid

Files

2024-06-17_f8f9ef04d921d6230ad4e07cc98f3a00_icedid
.exe windows:5 windows x86 arch:x86

ecf79f83f313206cad99d3d985aa6ac1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Dev\TextPad\Release\TextPad.pdb

Imports

user32

LockWindowUpdate
ValidateRect
CreateIconIndirect
EqualRect
UnionRect
GetIconInfo
DestroyIcon
SystemParametersInfoA
LoadImageA
DestroyWindow
AttachThreadInput
GetWindowThreadProcessId
IsCharAlphaA
DrawTextA
RegisterWindowMessageA
GetClassInfoA
GetDlgCtrlID
TileWindows
InvalidateRgn
IsCharAlphaNumericA
MoveWindow
AdjustWindowRectEx
SetDlgItemTextA
GetActiveWindow
CreateWindowExA
MapDialogRect
EnumChildWindows
GetSysColorBrush
TrackPopupMenu
DestroyMenu
SetMenuItemBitmaps
AppendMenuA
WindowFromPoint
DrawEdge
DrawStateA
FrameRect
DrawFrameControl
LoadBitmapA
CreatePopupMenu
GetMessagePos
ReuseDDElParam
UnpackDDElParam
SetMenu
GetMenu
ChangeClipboardChain
InsertMenuA
GetForegroundWindow
FlashWindow
LoadMenuA
CheckMenuItem
FlashWindowEx
MessageBeep
SendNotifyMessageA
SetClipboardViewer
RedrawWindow
GetKeyboardState
ToAscii
GetKeyNameTextA
MapVirtualKeyA
GetSubMenu
TranslateAcceleratorA
GetMessageA
DestroyAcceleratorTable
CopyAcceleratorTableA
CreateAcceleratorTableA
RemovePropA
CallWindowProcA
GetPropA
SetPropA
ReleaseDC
GetDC
GetDoubleClickTime
BringWindowToTop
IntersectRect
OffsetRect
GetClassNameA
IsDialogMessageA
MessageBoxA
keybd_event
GetDCEx
InflateRect
SetMenuDefaultItem
IsWindowEnabled
SetCursor
IsRectEmpty
RegisterClassA
LoadIconA
LoadCursorA
DefWindowProcA
SetActiveWindow
OemToCharA
GetMenuStringA
GetMenuState
GetMenuItemID
EnableMenuItem
RemoveMenu
GetSystemMenu
wvsprintfA
DispatchMessageA
TranslateMessage
PeekMessageA
ScreenToClient
GetDlgItem
GetWindowTextA
IsCharUpperA
CharLowerA
SetWindowPos
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetCursorPos
GetCursorPos
GetSystemMetrics
SetWindowLongA
GetSysColor
DrawFocusRect
GetDialogBaseUnits
IsWindowVisible
CopyRect
IsCharLowerA
CharUpperA
SetClipboardData
GetClipboardData
CloseClipboard
OpenClipboard
RegisterClipboardFormatA
CharToOemBuffA
OemToCharBuffA
MonitorFromPoint
GetMonitorInfoA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
CheckRadioButton
GetDlgItemTextA
SendDlgItemMessageA
IsDlgButtonChecked
SetWindowTextA
ScrollWindowEx
GetWindowTextLengthA
GetWindowPlacement
SetWindowPlacement
SetScrollInfo
GetScrollInfo
GetClassInfoExA
ShowScrollBar
GetScrollPos
GetScrollRange
SetScrollRange
ScrollWindow
MapWindowPoints
GetTopWindow
GetMenuCheckMarkDimensions
InsertMenuItemA
LoadAcceleratorsA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
PostQuitMessage
ShowOwnedPopups
ReleaseCapture
SetCapture
SetTimer
ClientToScreen
KillTimer
SetRect
GetCaretPos
HideCaret
ShowCaret
DestroyCaret
CreateCaret
FillRect
PtInRect
IsWindow
GetAsyncKeyState
GetMessageTime
IsChild
InvalidateRect
SetCaretPos
SetRectEmpty
GetClientRect
ReplyMessage
InSendMessage
SetFocus
GetFocus
GetWindowRect
GetWindowLongA
GetWindow
GetDesktopWindow
GetLastActivePopup
FindWindowA
WinHelpA
DestroyCursor
TabbedTextOutA
DrawTextExA
GrayStringA
GetWindowDC
BeginPaint
EndPaint
GetMenuItemInfoA
DrawIcon
SetWindowRgn
UnregisterClassA
SetParent
GetCapture
WaitMessage
PostThreadMessageA
CreateMenu
GetTabbedTextExtentA
GetKeyboardLayout
DrawIconEx
SetClassLongA
GetWindowRgn
IsMenu
InvertRect
GetMenuDefaultItem
CreateIconFromResourceEx
LookupIconIdFromDirectoryEx
GetMenuStringW
GetCursor
CopyIcon
SetWindowLongW
GetWindowLongW
IsWindowUnicode
ToAsciiEx
GetKeyboardLayoutList
MapVirtualKeyExA
GetClipboardFormatNameA
SendMessageTimeoutA
CharNextA
SetWindowContextHelpId
GetNextDlgGroupItem
GetMenuItemCount
DeleteMenu
ModifyMenuA
GetKeyState
SetForegroundWindow
IsZoomed
IsIconic
SetScrollPos
PostMessageA
UpdateWindow
IsClipboardFormatAvailable
EmptyClipboard
GetParent
SendMessageA
EnableWindow
ShowWindow
wsprintfA
LoadStringA

kernel32

_lwrite
_lopen
_lcreat
_lread
_llseek
EnumResourceNamesA
EnumResourceTypesA
TerminateThread
GetExitCodeThread
_lclose
CompareStringW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetTimeZoneInformation
SetHandleCount
GetStdHandle
VirtualFree
HeapCreate
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
HeapSize
ExitProcess
VirtualQuery
VirtualAlloc
RaiseException
CreateThread
ExitThread
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetFileType
PeekNamedPipe
GetFileInformationByHandle
IsValidCodePage
GetACP
HeapReAlloc
HeapCompact
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
FindResourceExA
GetOEMCP
GetModuleHandleW
GetFileSizeEx
LocalFileTimeToFileTime
GetProfileIntA
GlobalFlags
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
TlsFree
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceA
GetTickCount
lstrcmpA
lstrlenA
lstrcpyA
CreateFileA
CreateFileMappingA
MapViewOfFile
CloseHandle
UnmapViewOfFile
SuspendThread
ResumeThread
GetLastError
GetLocaleInfoA
GlobalAddAtomA
FreeLibrary
FindFirstFileA
GetFileAttributesA
CopyFileA
FindNextFileA
FindClose
GetShortPathNameA
DeleteFileA
CreateProcessA
InterlockedIncrement
GlobalLock
GlobalUnlock
GlobalHandle
GlobalFree
GlobalAlloc
MulDiv
MultiByteToWideChar
WaitForSingleObject
ReleaseMutex
CreateMutexA
GetFullPathNameA
lstrcmpiA
GetDriveTypeA
GetVersionExA
HeapAlloc
GetProcessHeap
HeapFree
lstrcatA
GetSystemInfo
lstrcpynA
GetTempPathA
GetTempFileNameA
SetFileAttributesA
Sleep
GetEnvironmentVariableA
GetEnvironmentStrings
ExpandEnvironmentStringsA
FreeEnvironmentStringsA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetFileSize
SetFilePointer
SetEndOfFile
FlushFileBuffers
GetDiskFreeSpaceA
GetFileTime
SetFileTime
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
SetEvent
WaitForMultipleObjects
FindNextChangeNotification
FindCloseChangeNotification
ResetEvent
FindFirstChangeNotificationA
FormatMessageA
LocalFree
GetCurrentDirectoryA
SetCurrentDirectoryA
CreateDirectoryA
FileTimeToSystemTime
FileTimeToLocalFileTime
MoveFileA
GetVolumeInformationA
GetSystemTime
SystemTimeToFileTime
GetUserDefaultLCID
LoadLibraryA
GetCurrentThread
GetCurrentProcess
GetCurrentProcessId
CreateEventA
GetUserDefaultLangID
GetCPInfo
GlobalGetAtomNameA
GlobalDeleteAtom
DeleteAtom
GlobalReAlloc
SetThreadLocale
EnumResourceLanguagesA
InterlockedDecrement
GetLocalTime
SetEnvironmentVariableA
SetUnhandledExceptionFilter
GetCurrentThreadId
SetErrorMode
GetTimeFormatA
GetDateFormatA
SetLastError
FreeResource
CompareStringA
DuplicateHandle
GetExitCodeProcess
ReadFile
LocalReAlloc
GetComputerNameA
GetLogicalDrives
InterlockedExchange
SetThreadPriority
lstrlenW
GlobalSize
GetModuleFileNameW
lstrcmpW
GlobalFindAtomA
ConvertDefaultLocale
VirtualProtect
GetStringTypeExA
GetThreadLocale
WriteFile
LockFile
UnlockFile
LocalAlloc
TlsGetValue
TlsAlloc
TlsSetValue
CreatePipe

gdi32

ExtCreateRegion
DPtoLP
GetDeviceCaps
StartDocA
SetAbortProc
FillRgn
CreatePolygonRgn
SetROP2
CreatePen
PatBlt
CreateHatchBrush
CreateSolidBrush
Polygon
StretchBlt
CreateDIBSection
GetBitmapBits
GetRgnBox
RoundRect
GetDIBits
GetWindowOrgEx
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
StretchDIBits
LPtoDP
CreateEllipticRgn
Rectangle
GetViewportOrgEx
GetMapMode
SetRectRgn
SelectPalette
CreatePatternBrush
ExtSelectClipRgn
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutA
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
GetClipBox
CreateDCA
CopyMetaFileA
ExtCreatePen
GetTextExtentPointA
CreateFontA
Ellipse
ExtFloodFill
SetDIBitsToDevice
SetStretchBltMode
RealizePalette
CreatePalette
CreateRectRgnIndirect
CombineRgn
CreateRectRgn
CreateICA
GetTextFaceA
EnumFontFamiliesExA
DeleteDC
ExtTextOutA
GetTextAlign
GetTextExtentPoint32A
SetPixel
GetCurrentObject
SetTextColor
EnumObjects
GetCharWidthA
GetTextCharset
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetTextColor
GetBkColor
PtInRegion
GetTextExtentExPointA
GetNearestColor
CreateFontIndirectA
DeleteObject
GetTextMetricsA
SelectObject
GetStockObject
RectInRegion
AbortDoc
EndDoc
EndPage
StartPage
GetObjectA

oleaut32

VariantClear
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SysStringLen
SystemTimeToVariantTime
VarUdateFromDate
VariantChangeTypeEx
OleLoadPicturePath
OleCreateFontIndirect
SysAllocString
VarBstrFromDate
VarDateFromStr
SafeArrayDestroy
VariantCopy
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
LoadTypeLi
SysAllocStringLen
VariantInit
VariantChangeType
VariantTimeToSystemTime

advapi32

RegConnectRegistryA
RegQueryValueExA
RegCloseKey
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegCreateKeyExA
RegSetValueExA
RegEnumValueA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
IsTextUnicode
GetFileSecurityA
SetFileSecurityA
OpenThreadToken
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
RegCreateKeyA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegSetValueA
RegOpenKeyExA
RegQueryInfoKeyA
FreeSid

winspool.drv

GetJobA
OpenPrinterA
ClosePrinter
DocumentPropertiesA

mpr

WNetOpenEnumA
WNetEnumResourceA
WNetCloseEnum
WNetGetUniversalNameA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

shlwapi

PathFindFileNameA
PathRemoveFileSpecW
PathStripToRootA
PathIsUNCA
PathFindExtensionA

winmm

PlaySoundA

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 476KB - Virtual size: 476KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 34KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 354KB - Virtual size: 353KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ecf79f83f313206cad99d3d985aa6ac1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

user32

kernel32

gdi32

oleaut32

advapi32

winspool.drv

mpr

version

shlwapi

winmm

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 476KB - Virtual size: 476KB

.data Size: 34KB - Virtual size: 57KB

.rsrc Size: 354KB - Virtual size: 353KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 476KB - Virtual size: 476KB

.data
Size: 34KB - Virtual size: 57KB

.rsrc
Size: 354KB - Virtual size: 353KB