2024-06-25_1e14dd081dc128e7f9eb5957d1679c5e_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-25_1e14dd081dc128e7f9eb5957d1679c5e_icedid
Size

3.4MB
MD5

1e14dd081dc128e7f9eb5957d1679c5e
SHA1

85f81fd66137f387ef1b3c2cba8bc809e211836e
SHA256

36b6647994c488d0fdc44183261c40edb1b17ab55268e3fc8f787ca7b53b0edc
SHA512

a86c195541472f5aec317e7bc51ef2396ec99d5f5472566b8c50ab62950e1e1b4ee9e23fbcc87eeec9dc2eab7422c99bf7e5248030ccc1becb5f507b76fef26d
SSDEEP

98304:J7po5JHkc4xEwMuWuiXnPgkXlJMWVoJKshjoxZMmfjv6QgVSNaBkq37okAGFdNef:J7po5JHkc4xEwMuWuiXnPgkXlJMWVoJq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-25_1e14dd081dc128e7f9eb5957d1679c5e_icedid

Files

2024-06-25_1e14dd081dc128e7f9eb5957d1679c5e_icedid
.exe windows:5 windows x86 arch:x86

b977b445abaa09e2362d20797040a41b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathRemoveFileSpecW
PathFindFileNameW
PathStripToRootW
SHDeleteKeyW
PathFindExtensionW
StrCmpNIW
PathIsUNCW

winmm

sndPlaySoundW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

ws2_32

socket
WSACleanup
WSAGetLastError
WSAAsyncSelect
htonl
inet_addr
WSACancelBlockingCall
getsockname
ntohs
connect
htons
bind
listen
inet_ntoa
accept
select
closesocket
sendto
recvfrom
setsockopt
ioctlsocket
getsockopt
gethostbyaddr
gethostname
gethostbyname
WSASetLastError
getservbyname
getservbyport
recv
WSAAsyncGetHostByAddr
WSAAsyncGetHostByName
send
shutdown
WSAStartup

wininet

InternetCrackUrlW

kernel32

GetSystemTimeAsFileTime
GetVersionExW
ExpandEnvironmentStringsA
GlobalSize
GetModuleHandleA
GetVersionExA
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
lstrcmpA
SuspendThread
GetProfileIntW
CreateMutexW
ReleaseMutex
VirtualProtect
GetThreadLocale
FlushFileBuffers
LockFile
UnlockFile
DuplicateHandle
GetVolumeInformationW
GetFullPathNameW
FileTimeToDosDateTime
WritePrivateProfileStringW
GetPrivateProfileStringW
InterlockedExchange
CompareStringA
EnumResourceLanguagesW
ConvertDefaultLocale
GetDiskFreeSpaceW
SetErrorMode
TlsGetValue
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
FindResourceExW
LocalFileTimeToFileTime
GetFileSizeEx
GetStartupInfoW
RtlUnwind
HeapFree
ExitThread
CreateThread
HeapAlloc
HeapReAlloc
ExitProcess
GetTimeFormatA
GetDateFormatA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetStdHandle
GetFileType
HeapSize
VirtualAlloc
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
SetEnvironmentVariableW
CreateFileA
GetCurrentDirectoryA
GetDriveTypeA
GetProcessHeap
GetFileTime
GetSystemInfo
OutputDebugStringW
VirtualQuery
GetSystemTime
SetFileAttributesW
WaitForMultipleObjects
GetExitCodeProcess
SetFileTime
SystemTimeToFileTime
GetFileAttributesExW
GlobalMemoryStatus
GetCommandLineW
GetComputerNameW
MoveFileW
FlushViewOfFile
SetEndOfFile
GetCurrentProcessId
Beep
GetSystemDirectoryA
LoadLibraryA
GetLocaleInfoW
GetCurrentThreadId
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
DeviceIoControl
FreeResource
LocalAlloc
MulDiv
GetWindowsDirectoryW
RaiseException
GetVersion
CreateProcessW
GetTimeZoneInformation
WriteFile
SetFilePointer
FormatMessageW
GetTickCount
GetModuleFileNameW
SetCurrentDirectoryW
WideCharToMultiByte
lstrlenW
GlobalFree
GetTempPathW
CopyFileW
GetCurrentDirectoryW
GetTempFileNameW
GetFileSize
ReadFile
LocalFree
lstrcmpW
TerminateThread
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLogicalDrives
GetDriveTypeW
GlobalAlloc
GlobalLock
GlobalUnlock
LoadLibraryExW
DeleteFileW
FindNextFileW
RemoveDirectoryW
FindFirstFileW
FindClose
CreateDirectoryW
lstrcatW
GetQueuedCompletionStatus
ReadDirectoryChangesW
GetCurrentThread
GetThreadPriority
SetThreadPriority
PostQueuedCompletionStatus
GetFileAttributesW
SetLastError
CreateFileW
CreateIoCompletionPort
GetCurrentProcess
GetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ResetEvent
LoadLibraryW
GetProcAddress
FreeLibrary
CreateEventW
SetEvent
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
ResumeThread
lstrcpyW
lstrcpynW
MultiByteToWideChar
lstrlenA
WaitForSingleObject
Sleep
CloseHandle
LoadResource
LockResource
SizeofResource
FindResourceW
GlobalReAlloc

user32

SetDlgItemInt
IsDialogMessageW
GetWindowThreadProcessId
CreateDialogIndirectParamW
ValidateRect
GetDCEx
GetAsyncKeyState
CharUpperW
IsClipboardFormatAvailable
PostQuitMessage
SetWindowContextHelpId
IsRectEmpty
IsZoomed
UnregisterClassW
GetSysColorBrush
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
GetDlgItemInt
SendDlgItemMessageA
WinHelpW
IsChild
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetForegroundWindow
GetLastActivePopup
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetScrollRange
GetScrollPos
GetClassInfoExW
AdjustWindowRectEx
GetScrollInfo
SetScrollInfo
SetWindowPlacement
CallWindowProcW
GetMenu
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetMenuCheckMarkDimensions
SetWindowPos
IsWindowEnabled
EndPaint
BeginPaint
GetWindowDC
GetMenuStringW
GetMenuItemID
EqualRect
BeginDeferWindowPos
EndDeferWindowPos
DeferWindowPos
wvsprintfW
DrawEdge
GrayStringW
DrawTextExW
TabbedTextOutW
WaitForInputIdle
RegisterWindowMessageW
SetScrollPos
BringWindowToTop
TrackPopupMenu
MapDialogRect
MoveWindow
EndDialog
DialogBoxParamW
GetClassInfoW
GetKeyboardLayout
SetWindowTextW
IsDlgButtonChecked
SetWindowLongW
SetDlgItemTextW
ShowWindow
GetDlgItemTextW
SetRect
GetTopWindow
DrawIconEx
IsWindowVisible
FlashWindow
GetSystemMenu
DrawMenuBar
RemoveMenu
IsMenu
DrawIcon
LoadBitmapW
EnumWindows
GetClassNameW
GetWindowTextW
GetDlgCtrlID
SetRectEmpty
TranslateAcceleratorW
DestroyAcceleratorTable
LoadAcceleratorsW
LoadStringW
MessageBoxW
GetMenuState
GetMenuItemCount
SetMenuItemBitmaps
UnionRect
IsIconic
InsertMenuW
SetForegroundWindow
SetActiveWindow
UpdateWindow
RegisterClipboardFormatW
ModifyMenuW
DeleteMenu
DestroyMenu
DestroyCursor
DestroyIcon
SetCursor
GetClipboardData
GetDlgItem
IntersectRect
wsprintfW
DrawTextW
ScreenToClient
AppendMenuW
CreatePopupMenu
GetCursorPos
ShowCaret
HideCaret
SetCaretPos
CreateCaret
OpenClipboard
GetCapture
EnableMenuItem
CheckMenuItem
EmptyClipboard
SetClipboardData
CloseClipboard
DestroyCaret
GetKeyState
ShowScrollBar
KillTimer
SetTimer
MsgWaitForMultipleObjects
MessageBeep
GetMessageW
PostThreadMessageW
CreateWindowExW
RegisterClassW
DestroyWindow
LoadIconW
DefWindowProcW
GetDesktopWindow
GetFocus
PeekMessageW
TranslateMessage
DispatchMessageW
IsWindow
SetCapture
RedrawWindow
PtInRect
LoadCursorW
ReleaseCapture
DrawFrameControl
GetSystemMetrics
GetWindowLongW
EnableWindow
PostMessageW
TrackPopupMenuEx
SendMessageW
GetSubMenu
FillRect
GetSysColor
ReleaseDC
GetDC
CreateIconIndirect
GetIconInfo
LoadImageW
LoadMenuW
CopyRect
InflateRect
OffsetRect
FrameRect
DrawStateW
DrawFocusRect
GetWindowRect
GetClientRect
ClientToScreen
InvalidateRect
GetActiveWindow
GetNextDlgTabItem
GetParent
WindowFromPoint
SendDlgItemMessageW

gdi32

SetRectRgn
CombineRgn
GetMapMode
GetPixel
GetCharWidthW
CreateFontW
StretchDIBits
EnumFontFamiliesExW
GetTextColor
GetRgnBox
CreatePatternBrush
GetObjectW
ExtSelectClipRgn
CreateRectRgnIndirect
GetDeviceCaps
GetDIBits
Polygon
GetBkColor
CreatePen
MoveToEx
LineTo
StretchBlt
GetTextMetricsW
PatBlt
CreateFontIndirectW
CreateSolidBrush
GetTextExtentPoint32W
SetPixel
CreateCompatibleBitmap
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
CreateBitmap
CreateCompatibleDC
SelectObject
SetBkColor
BitBlt
SetTextColor
DeleteDC
GetStockObject
DeleteObject
SelectClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetBkMode
RestoreDC
SaveDC
CopyMetaFileW
CreateRectRgn
GetCurrentObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible

comdlg32

GetOpenFileNameW
GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegOpenKeyExA
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegOpenKeyW
RegQueryValueExW
RegOpenKeyExW
GetFileSecurityW
SetFileSecurityW
RegDeleteKeyW
AdjustTokenPrivileges
RegQueryValueExA
GetUserNameW
RegQueryValueW
RegEnumValueW
RegEnumKeyW
RegDeleteValueW

shell32

CommandLineToArgvW
Shell_NotifyIconW
ShellExecuteW
SHGetFolderPathW
DragAcceptFiles
SHFileOperationW
SHGetMalloc
DragQueryFileW
SHGetFileInfoW
DragFinish
ExtractIconExW
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteExW

comctl32

_TrackMouseEvent
ImageList_Draw
ImageList_AddMasked
ImageList_GetIconSize
PropertySheetW
CreatePropertySheetPageW
ImageList_Destroy
ImageList_Add
ImageList_Create

oledlg

OleUIBusyW

ole32

CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
RevokeDragDrop
RegisterDragDrop
DoDragDrop
CoCreateInstance
CoUninitialize
CoInitializeEx
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
StringFromGUID2
CoCreateGuid
CoInitialize
CoTaskMemAlloc
OleGetClipboard
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoRevokeClassObject

oleaut32

OleCreateFontIndirect
SafeArrayDestroy
OleLoadPicture
VariantInit
SysFreeString
SysAllocStringByteLen
SysStringByteLen
SysAllocString
VarBstrCmp
SysAllocStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantClear
SysStringLen
VarBstrCat
VariantChangeType
VariantCopy

crypt32

CertVerifyCertificateChainPolicy
CertFindChainInStore
CryptFindOIDInfo
CertGetIntendedKeyUsage
CertGetPublicKeyLength
CertNameToStrW
CertGetNameStringW
CertGetCertificateChain
CertFindCertificateInStore
CertDeleteCertificateFromStore
CertOpenStore
CertFreeCertificateContext
CertEnumSystemStore
CertEnumCertificatesInStore
CertCloseStore
CertDuplicateCertificateContext
CertFreeCertificateChain
CertVerifyTimeValidity
CertOpenSystemStoreW

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 371KB - Virtual size: 371KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b977b445abaa09e2362d20797040a41b

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

winmm

version

ws2_32

wininet

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

crypt32

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 27KB - Virtual size: 64KB

.rsrc Size: 371KB - Virtual size: 371KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 27KB - Virtual size: 64KB

.rsrc
Size: 371KB - Virtual size: 371KB