C:\Src\ExamDiff\Win32\Release\ExamDiff.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-06-24_f0dbddef61fd4f1577a32f86c0d01e09_icedid.exe
Resource
win7-20240221-en
windows7-x64
7 signatures
150 seconds
Behavioral task
behavioral2
Sample
2024-06-24_f0dbddef61fd4f1577a32f86c0d01e09_icedid.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
5 signatures
150 seconds
General
-
Target
2024-06-24_f0dbddef61fd4f1577a32f86c0d01e09_icedid
-
Size
24.4MB
-
MD5
f0dbddef61fd4f1577a32f86c0d01e09
-
SHA1
c1a4992998d4c527daefbde5ae05a912bc551357
-
SHA256
3a4b27c61461d9e1c55296627ca62ae5a4ff4b1e7b486d449fc0f93561e4df9f
-
SHA512
3c5f5fc1a026bde99f1a834c2966a33a32e42003fc4c27a8c71623c83a5abc71713dbb6b4af1da2c5eb32121d885b36a32c6158993058954c3b61dd5c5826cf7
-
SSDEEP
196608:N2V40phTdtUuS7+BNjuT2VkErArEzoYKN2:oV4YhZtUt7/I0EEYK
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-06-24_f0dbddef61fd4f1577a32f86c0d01e09_icedid
Files
-
2024-06-24_f0dbddef61fd4f1577a32f86c0d01e09_icedid.exe windows:5 windows x86 arch:x86
71bf17146b9cac2b26f3c9a7b04fab7f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mpr
WNetGetConnectionW
iphlpapi
GetAdaptersInfo
winhttp
WinHttpOpen
WinHttpSetTimeouts
WinHttpConnect
WinHttpReadData
WinHttpCloseHandle
WinHttpOpenRequest
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpQueryDataAvailable
kernel32
WaitForSingleObjectEx
UnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeCriticalSection
GlobalGetAtomNameW
ReleaseSemaphore
GlobalReAlloc
GetProfileIntW
CompareStringA
GetFileAttributesExW
UnlockFile
LockFile
FlushFileBuffers
SuspendThread
CompareStringW
UnregisterWaitEx
QueryDepthSList
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GlobalFindAtomW
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SignalObjectAndWait
CreateTimerQueue
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetConsoleCP
EnumSystemLocalesW
IsValidLocale
HeapQueryInformation
TzSpecificLocalTimeToSystemTime
PeekNamedPipe
SetCurrentDirectoryW
SetEnvironmentVariableW
SetEnvironmentVariableA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
SetConsoleMode
ReadConsoleInputA
GetCommandLineA
SetFilePointerEx
SetStdHandle
ReadConsoleW
GetConsoleMode
GetFileType
InterlockedFlushSList
RtlUnwind
GetUserDefaultLangID
GetPrivateProfileSectionNamesW
GetCurrencyFormatW
EnumResourceLanguagesW
EnumResourceTypesW
EnumResourceNamesW
CreateThread
SwitchToThread
GetNativeSystemInfo
GetStringTypeW
TryEnterCriticalSection
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GlobalFlags
SetErrorMode
GlobalAddAtomW
GlobalDeleteAtom
LoadLibraryExW
EncodePointer
OutputDebugStringA
QueryPerformanceFrequency
QueryPerformanceCounter
GetThreadTimes
SetVolumeLabelW
GetDiskFreeSpaceW
GetCurrentDirectoryW
ExpandEnvironmentStringsA
LoadLibraryExA
VirtualQuery
VirtualProtect
GetCPInfo
VirtualAlloc
VirtualFree
SetEndOfFile
lstrlenA
GetCurrentThread
GetThreadPriority
ReadDirectoryChangesW
GetQueuedCompletionStatus
CancelIo
PostQueuedCompletionStatus
CreateIoCompletionPort
FreeResource
GetModuleHandleA
GetSystemInfo
CopyFileExW
DecodePointer
HeapReAlloc
HeapSize
GetSystemTimeAsFileTime
lstrcmpA
GetTimeZoneInformation
GetCPInfoExW
EnumSystemCodePagesW
GetPrivateProfileSectionW
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
ReplaceFileW
LocalAlloc
GetFileTime
FindCloseChangeNotification
FindNextChangeNotification
FindFirstChangeNotificationW
WinExec
SetThreadPriority
InterlockedExchange
GetLocalTime
SetUnhandledExceptionFilter
GetGeoInfoW
GetUserGeoID
MoveFileW
LocalReAlloc
GetTimeFormatW
GetDateFormatW
ExitProcess
GetThreadLocale
UnmapViewOfFile
GetFileSizeEx
MapViewOfFile
CreateFileMappingW
ExpandEnvironmentStringsW
GetFileSize
GetNumberFormatW
GetWindowsDirectoryW
WaitForMultipleObjects
OpenProcess
GetSystemDirectoryW
CompareFileTime
CopyFileW
WriteConsoleW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetShortPathNameW
DuplicateHandle
GetProcessHeap
SetLastError
GlobalFree
LocalFree
FormatMessageW
GetFullPathNameW
TerminateThread
SetConsoleTextAttribute
SetConsoleWindowInfo
FillConsoleOutputAttribute
SetConsoleScreenBufferSize
GetConsoleScreenBufferInfo
GetStdHandle
AllocConsole
Sleep
SystemTimeToTzSpecificLocalTime
TerminateProcess
SetFileAttributesW
CreateDirectoryW
GetExitCodeProcess
ResetEvent
GetDriveTypeW
FileTimeToLocalFileTime
FileTimeToSystemTime
LCMapStringW
LoadLibraryA
GetStringTypeExW
GetUserDefaultLCID
lstrlenW
GetTempFileNameW
GetTempPathW
SearchPathW
lstrcmpW
WriteFile
SetFilePointer
ReadFile
CreateFileW
ResumeThread
GetCurrentThreadId
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GlobalSize
lstrcpynW
GetTickCount
HeapCreate
HeapAlloc
HeapDestroy
HeapFree
lstrcmpiW
FindClose
FindNextFileW
DeleteFileW
FindFirstFileW
GetCurrentProcessId
GetSystemTime
GetPrivateProfileIntW
WritePrivateProfileSectionW
GetCurrentProcess
GlobalAlloc
MulDiv
GlobalLock
GlobalUnlock
GetFileAttributesW
GetACP
GetLocaleInfoW
InterlockedDecrement
InterlockedIncrement
InterlockedPushEntrySList
TlsSetValue
TlsGetValue
TlsFree
InterlockedPopEntrySList
InitializeSListHead
TlsAlloc
SetEvent
InterlockedCompareExchange
CreateEventW
FreeLibrary
LoadLibraryW
CreateProcessW
lstrcatW
lstrcpyW
CloseHandle
ReleaseMutex
WaitForSingleObject
CreateMutexW
GetCommandLineW
GetVersionExW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLastError
RaiseException
WideCharToMultiByte
GetVolumeInformationW
GetComputerNameW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
OutputDebugStringW
GlobalHandle
GetNumaHighestNodeNumber
user32
IsWindowEnabled
MessageBeep
GetWindowThreadProcessId
MsgWaitForMultipleObjects
GetMessageW
MsgWaitForMultipleObjectsEx
GetForegroundWindow
GetKeyboardLayout
SetWindowTextW
GetWindowTextW
IntersectRect
PostQuitMessage
PeekMessageW
MessageBoxW
WindowFromPoint
UnionRect
LoadBitmapW
SendMessageTimeoutW
GetFocus
SetKeyboardState
GetKeyboardState
SetClassLongW
GetClassLongW
CharLowerBuffW
SetFocus
CloseDesktop
CreateDesktopW
LoadStringW
SetRect
GetWindowLongW
GetMenuItemInfoW
GetDlgCtrlID
IsWindowVisible
GetWindow
EndDeferWindowPos
BeginDeferWindowPos
DeferWindowPos
GetClipboardData
SetWindowLongW
LockWindowUpdate
SetWindowPos
IsZoomed
GetComboBoxInfo
FrameRect
ChildWindowFromPointEx
ChildWindowFromPoint
DrawFocusRect
MapWindowPoints
GetMessagePos
DrawMenuBar
DrawStateW
wsprintfW
SetScrollInfo
wsprintfA
CopyIcon
ShowScrollBar
AttachThreadInput
GetMenuItemID
GetPriorityClipboardFormat
EnumDisplayMonitors
EnumChildWindows
IsIconic
GetMenuDefaultItem
GetClassNameW
IsChild
GetActiveWindow
HideCaret
GetDlgItem
UnregisterClassW
DestroyWindow
CheckMenuItem
RegisterClassW
CreateWindowExW
PostThreadMessageW
MoveWindow
TranslateAcceleratorW
ShowCaret
CreateCaret
EndPaint
BeginPaint
SetCaretPos
VkKeyScanW
SetScrollPos
ScrollWindowEx
GetScrollInfo
DestroyCaret
BringWindowToTop
GetAsyncKeyState
IsClipboardFormatAvailable
CharNextExA
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
UnpackDDElParam
CreateIconIndirect
GetWindowDC
DrawEdge
CharToOemBuffA
OemToCharBuffA
SendDlgItemMessageA
GetMenuStringW
GetMenuState
InsertMenuW
RemoveMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
GetMessageTime
CallWindowProcW
GetClassInfoExW
IsMenu
GetWindowPlacement
SetWindowPlacement
GetMenu
SetMenu
TrackPopupMenu
RegisterWindowMessageW
GetWindowRect
EnableWindow
SendMessageW
PtInRect
InvalidateRect
TrackPopupMenuEx
SetActiveWindow
ValidateRect
ScrollWindow
GrayStringW
DrawTextExW
TabbedTextOutW
GetCursor
DrawTextW
GetScrollPos
SetScrollRange
GetScrollRange
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
AdjustWindowRectEx
GetTopWindow
WinHelpW
MonitorFromWindow
ShowWindow
SetDlgItemTextW
CheckDlgButton
IsDlgButtonChecked
IsDialogMessageW
GetKeyNameTextW
MapVirtualKeyW
CharUpperW
GetDialogBaseUnits
CreateDialogIndirectParamW
EndDialog
GetNextDlgTabItem
ShowOwnedPopups
SetCursorPos
DestroyMenu
LoadAcceleratorsW
InsertMenuItemW
ReuseDDElParam
DrawIcon
NotifyWinEvent
WaitMessage
SetParent
GetTabbedTextExtentW
GetDCEx
RealChildWindowFromPoint
WindowFromDC
CreateMenu
MapDialogRect
GetClassInfoW
DispatchMessageW
TranslateMessage
CharPrevW
CharNextW
LoadIconW
GetDesktopWindow
CharLowerW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
EqualRect
ReleaseCapture
RegisterClassExW
GetSysColorBrush
DefWindowProcW
SetWindowRgn
SetRectEmpty
DrawFrameControl
GetMonitorInfoW
MonitorFromPoint
IsRectEmpty
SetCapture
GetCapture
KillTimer
SetTimer
SetMenuDefaultItem
DeleteMenu
GetMenuItemCount
AppendMenuW
CreatePopupMenu
GetSystemMenu
EnableMenuItem
GetSubMenu
LoadMenuW
LoadImageW
DestroyIcon
CreateIconFromResourceEx
GetIconInfo
EnableScrollBar
ClientToScreen
RedrawWindow
SetForegroundWindow
GetClientRect
GetParent
GetSysColor
GetKeyState
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
OffsetRect
SystemParametersInfoW
GetDC
ReleaseDC
GetSystemMetrics
RegisterClipboardFormatW
SetCursor
UpdateWindow
InflateRect
DrawIconEx
FillRect
ScreenToClient
GetCursorPos
InvertRect
mouse_event
GetDoubleClickTime
OpenInputDesktop
GetUserObjectInformationW
GetWindowRgn
LookupIconIdFromDirectoryEx
IsWindowUnicode
GetWindowLongA
SetWindowLongA
ToUnicodeEx
GetKeyboardLayoutList
IsCharLowerW
VkKeyScanExW
MapVirtualKeyExW
EnumWindows
GetClipboardFormatNameW
GetTabbedTextExtentA
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SetWindowContextHelpId
InvalidateRgn
GetNextDlgGroupItem
GetLastActivePopup
CopyRect
DestroyCursor
LoadCursorW
PostMessageW
IsWindow
gdi32
EndPage
EndDoc
AbortDoc
CreateFontW
Polygon
StretchDIBits
SetTextAlign
TextOutA
GetBkMode
CreateBitmap
CreatePatternBrush
GetTextExtentExPointW
GetCurrentObject
SetTextJustification
CopyMetaFileW
ExcludeClipRect
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SetMapMode
SetLayout
GetLayout
StartPage
SetROP2
SetStretchBltMode
PolyBezierTo
SetViewportExtEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetMapMode
SetRectRgn
CreateEllipticRgn
Ellipse
CreateDIBSection
LPtoDP
GetCharWidthW
GetROP2
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetWindowOrgEx
GetTextFaceW
StartDocW
SetAbortProc
CreateDCW
SetBrushOrgEx
DPtoLP
SetViewportOrgEx
GetViewportOrgEx
LineTo
MoveToEx
SetBkMode
ExtTextOutA
SetTextColor
SetBkColor
EnumFontFamiliesExW
PatBlt
CreateRectRgnIndirect
GetPixel
GetTextColor
GetTextMetricsW
CreateHatchBrush
CreatePen
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
Rectangle
BitBlt
GetBkColor
SetPixel
SetDIBits
CreateSolidBrush
GetTextExtentPoint32W
GetDeviceCaps
DeleteObject
GetObjectW
GetBitmapBits
CreateCompatibleDC
CreateCompatibleBitmap
StretchBlt
CreateFontIndirectW
GetStockObject
OffsetRgn
FrameRgn
CreatePolygonRgn
CreateRoundRectRgn
CreateRectRgn
RoundRect
GetObjectA
GetTextExtentPoint32A
CloseFigure
FillPath
StrokeAndFillPath
ChoosePixelFormat
SetPixelFormat
GdiFlush
CombineRgn
EqualRgn
SetPolyFillMode
GetDIBits
SelectObject
CreateBrushIndirect
BeginPath
EndPath
StrokePath
GetBitmapDimensionEx
GetBoundsRect
PtInRegion
ExtCreateRegion
Polyline
ExtFloodFill
GetRgnBox
DeleteDC
advapi32
CryptAcquireContextA
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
OpenProcessToken
IsTextUnicode
RegDeleteValueW
RegOpenKeyW
RegDeleteKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegEnumValueW
LookupPrivilegeValueW
AdjustTokenPrivileges
SetFileSecurityW
GetFileSecurityW
RegEnumKeyW
RegSetValueW
CryptGenRandom
CryptReleaseContext
RegOpenKeyExA
RegQueryValueExA
SetNamedSecurityInfoW
GetNamedSecurityInfoW
RegQueryValueW
comctl32
_TrackMouseEvent
ImageList_AddMasked
ImageList_Add
ImageList_GetImageCount
ImageList_GetIcon
ImageList_GetIconSize
ImageList_SetBkColor
ImageList_Draw
ImageList_GetImageInfo
ImageList_LoadImageW
ord13
ord14
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragMove
ImageList_DragLeave
ImageList_EndDrag
ImageList_DragShowNolock
ord17
ImageList_Destroy
ImageList_Duplicate
ImageList_DrawEx
ImageList_ReplaceIcon
shlwapi
PathCombineW
UrlUnescapeW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
UrlCreateFromPathW
UrlEscapeW
StrCmpIW
StrCmpLogicalW
StrStrW
SHStrDupW
uxtheme
SetWindowTheme
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeParentBackground
oleaut32
GetErrorInfo
VariantChangeTypeEx
SysAllocString
SysFreeString
VariantInit
VariantClear
VarDateFromStr
VariantTimeToSystemTime
SystemTimeToVariantTime
VarUdateFromDate
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElement
SysStringByteLen
SysAllocStringByteLen
SafeArrayDestroy
VarBstrFromDate
VarCmp
SysAllocStringLen
VariantChangeType
SysStringLen
VariantCopy
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnaccessData
OleLoadPicturePath
SafeArrayCreateVector
LoadTypeLi
OleCreateFontIndirect
oledlg
OleUIBusyW
OleUIAddVerbMenuW
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
oleacc
AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject
glu32
gluProject
gluPerspective
gluLookAt
gluUnProject
opengl32
glColor4f
glEnd
glGetFloatv
glGetIntegerv
glLoadMatrixf
glMatrixMode
glTranslated
wglCreateContext
wglDeleteContext
wglMakeCurrent
glAccum
glBlendFunc
glClear
glClearAccum
glClearColor
glClearDepth
glColorMaterial
glCullFace
glEnable
glFinish
glFlush
glFrontFace
glGetDoublev
glHint
glIsEnabled
glLightModelfv
glLightfv
glLoadIdentity
glMaterialfv
glPopAttrib
glPopMatrix
glPushAttrib
glPushMatrix
glReadPixels
glShadeModel
glViewport
glDisable
glLineWidth
glVertex3d
glMultMatrixd
glNormal3d
glRotated
glDeleteLists
glBegin
Exports
Exports
tree_sitter_bash
tree_sitter_c_sharp
tree_sitter_cpp
tree_sitter_css
tree_sitter_html
tree_sitter_java
tree_sitter_javascript
tree_sitter_json
tree_sitter_php
tree_sitter_python
tree_sitter_ruby
tree_sitter_typescript
Sections
.text Size: 7.2MB - Virtual size: 7.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 13.7MB - Virtual size: 13.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 130KB - Virtual size: 818KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3.4MB - Virtual size: 3.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ