C:\tfs\Nifty\Stats\Commercial\stats.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-06-29_7c87b179145ed24d527a5427a1e1a9a8_icedid.exe
Resource
win7-20240611-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
2024-06-29_7c87b179145ed24d527a5427a1e1a9a8_icedid.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
2024-06-29_7c87b179145ed24d527a5427a1e1a9a8_icedid
-
Size
19.2MB
-
MD5
7c87b179145ed24d527a5427a1e1a9a8
-
SHA1
f296f4be0ff14d21ceefbd19ebab03236521737d
-
SHA256
0686920eca2e2248edf75231b732131ba43c4d7fbd72267e224a74b5e3f6aa90
-
SHA512
d68df7d33e5f9a9991dd9ddb1664e3ac4d4cb8d30ba72c6356855a549d96208cfdf7b848e89b92be1f392cef04503bb7e9f39788178ad4c8bad179187bcb404e
-
SSDEEP
393216:R/MqkftLtvIxTeMFTv5uN+hfPWpTppRT9V:lkftLtvIxKMdBhfPWpTp/
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-06-29_7c87b179145ed24d527a5427a1e1a9a8_icedid
Files
-
2024-06-29_7c87b179145ed24d527a5427a1e1a9a8_icedid.exe windows:6 windows x86 arch:x86
5c63a65bf6be80b7940746845ede0b4b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
odbc32
ord9
ord72
ord141
ord43
ord111
ord4
ord18
ord30
ord108
ord16
ord12
ord75
ord139
ord24
ord29
ord20
ord176
ord31
ord58
ord5
ord136
ord119
wininet
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetGetLastResponseInfoW
InternetReadFile
InternetSetFilePointer
InternetWriteFile
InternetQueryDataAvailable
InternetSetStatusCallbackW
InternetCombineUrlW
InternetGetCookieExW
FindNextUrlCacheEntryW
DeleteUrlCacheEntryW
FindCloseUrlCache
FindFirstUrlCacheEntryW
InternetQueryOptionW
InternetSetOptionW
FtpPutFileW
FtpCreateDirectoryW
FtpSetCurrentDirectoryW
HttpOpenRequestW
HttpAddRequestHeadersW
HttpSendRequestW
HttpQueryInfoW
dbghelp
MiniDumpWriteDump
kernel32
InitializeCriticalSectionAndSpinCount
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GlobalGetAtomNameW
SuspendThread
SystemTimeToFileTime
GetThreadLocale
SetErrorMode
GetVersionExW
GlobalReAlloc
GlobalHandle
LocalReAlloc
GlobalFlags
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
VirtualProtect
GetFileSizeEx
FlushFileBuffers
GetFullPathNameW
GetVolumeInformationW
LockFile
UnlockFile
GetDiskFreeSpaceW
GetCurrentDirectoryW
LocalLock
LocalUnlock
VerSetConditionMask
VerifyVersionInfoW
GetProfileIntW
SearchPathW
FormatMessageA
GetLocaleInfoEx
SetCurrentDirectoryW
FindFirstFileExW
SetFileInformationByHandle
AreFileApisANSI
GlobalAddAtomW
GetFileInformationByHandleEx
GetStringTypeW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
LCMapStringEx
CompareStringEx
GetCPInfo
GetPrivateProfileStringW
TryEnterCriticalSection
HeapCreate
UnlockFileEx
CreateMutexW
HeapValidate
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
CreateFileA
WaitForSingleObjectEx
DeleteFileA
HeapCompact
LockFileEx
OpenThread
GetThreadContext
SetThreadContext
FlushInstructionCache
Thread32First
Thread32Next
VirtualAlloc
VirtualFree
WakeAllConditionVariable
SleepConditionVariableSRW
UnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
GetStartupInfoW
FindFirstChangeNotificationW
FindCloseChangeNotification
CreateThread
GetVersionExA
GetUserDefaultLangID
GetTimeFormatW
GetPriorityClass
SetPriorityClass
GetThreadPriority
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
GetSystemDirectoryW
EncodePointer
OutputDebugStringA
lstrcmpA
IsWow64Process
QueryPerformanceCounter
TlsFree
CreateProcessA
WriteConsoleW
SetEnvironmentVariableW
WritePrivateProfileStringW
GetPrivateProfileIntW
CompareStringW
TlsGetValue
QueryPerformanceFrequency
TlsAlloc
GetCurrentThread
SetEvent
GetFileAttributesExW
CreateEventW
GetVersion
GetFullPathNameA
SetThreadPriority
GetLongPathNameW
SetLastError
TlsSetValue
SetHandleInformation
CreateDirectoryW
GetEnvironmentVariableW
K32GetModuleFileNameExW
GetSystemTime
GetUserDefaultLCID
FlushViewOfFile
SetEndOfFile
GetProcessHeap
HeapDestroy
DecodePointer
HeapAlloc
HeapReAlloc
HeapSize
HeapFree
GetCurrencyFormatW
GetNumberFormatW
GetFileAttributesW
WaitForMultipleObjects
PeekNamedPipe
ReadFile
MoveFileW
GetLocaleInfoW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
TerminateProcess
OpenProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
IsBadReadPtr
GetModuleHandleA
lstrcmpiW
LoadLibraryW
GetWindowsDirectoryW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GlobalFindAtomW
WinExec
FreeLibrary
LoadLibraryExW
GlobalFree
IsBadWritePtr
CopyFileW
GetExitCodeProcess
K32GetProcessMemoryInfo
DuplicateHandle
CreatePipe
FindClose
FindNextFileW
FindFirstFileW
lstrlenW
FileTimeToDosDateTime
SetUnhandledExceptionFilter
IsDebuggerPresent
GetFileTime
VirtualQuery
GetSystemTimeAsFileTime
lstrcpyW
CreateProcessW
GlobalMemoryStatusEx
GetFileSize
FileTimeToLocalFileTime
GetSystemInfo
RaiseException
lstrcatW
OutputDebugStringW
GetCurrentThreadId
SetFilePointer
GetModuleFileNameW
GetCurrentProcess
GetCommandLineW
RtlCaptureContext
GetCurrentProcessId
GetModuleHandleW
GetProcAddress
DeleteFileW
GetTempFileNameW
GetTempPathW
FormatMessageW
LocalAlloc
LocalFree
InitializeCriticalSectionEx
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
ResumeThread
WaitForSingleObject
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalSize
GetDateFormatW
GetTickCount64
CloseHandle
WriteFile
CreateFileW
GetTickCount
FindResourceExW
WideCharToMultiByte
MulDiv
MultiByteToWideChar
Sleep
FindResourceW
LoadResource
LockResource
SizeofResource
FindNextChangeNotification
RtlUnwind
GetTimeZoneInformation
SetFilePointerEx
SetStdHandle
GetFileType
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetConsoleMode
ReadConsoleW
GetCommandLineA
HeapQueryInformation
GetStdHandle
ExitProcess
LCMapStringW
IsValidLocale
EnumSystemLocalesW
RemoveDirectoryW
GetConsoleOutputCP
GetDriveTypeW
IsValidCodePage
GetACP
user32
GetLastActivePopup
GetTopWindow
GetClassLongW
MapWindowPoints
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
ScrollWindow
ValidateRect
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
IsIconic
SetWindowPlacement
GetWindowPlacement
IsMenu
GetClassInfoExW
CallWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
IntersectRect
InflateRect
IsDialogMessageW
GetWindowTextLengthW
SetWindowTextW
GetDlgCtrlID
SendDlgItemMessageW
CheckDlgButton
SetDlgItemTextW
ShowWindow
LoadMenuW
EndPaint
BeginPaint
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
AppendMenuW
GetMenuStringW
SetScrollRange
SetWindowLongW
CreateWindowExW
DestroyWindow
ReleaseCapture
SetCapture
RegisterClassW
SetScrollPos
GetScrollPos
UnregisterClassW
PostQuitMessage
SetWindowsHookExW
GetMenuState
PtInRect
IsRectEmpty
GetWindowTextW
IsWindowEnabled
ChildWindowFromPoint
WindowFromPoint
SetWindowRgn
SetRectEmpty
SystemParametersInfoW
LoadImageW
DestroyCursor
DrawEdge
IsZoomed
SetCursorPos
SetWindowContextHelpId
MapDialogRect
GetSysColor
DestroyIcon
CopyIcon
FillRect
CreateIconIndirect
ReleaseDC
GetIconInfo
EqualRect
RemoveMenu
SetWindowPos
RedrawWindow
UpdateWindow
SetFocus
GetMenuItemID
GetMenuItemCount
KillTimer
GetDC
DeleteMenu
CreatePopupMenu
SetRect
OffsetRect
SetForegroundWindow
IsWindowVisible
CreateDialogIndirectParamW
EndDialog
GetNextDlgTabItem
GetActiveWindow
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
SendDlgItemMessageA
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
UnhookWindowsHookEx
GetDlgItem
LoadIconW
GetClassNameW
GetCursorPos
SetParent
wvsprintfW
wsprintfW
CallNextHookEx
SetScrollInfo
GetScrollInfo
WinHelpW
MonitorFromWindow
GetMonitorInfoW
DestroyMenu
CharNextW
GetMenuItemInfoW
ShowOwnedPopups
GetSysColorBrush
InsertMenuItemW
GetWindowThreadProcessId
IsCharAlphaNumericW
GetCursor
SystemParametersInfoA
LoadMenuIndirectW
SendMessageW
GetSystemMetrics
GetClientRect
GetWindowRect
IsWindow
EndDeferWindowPos
DeferWindowPos
ScreenToClient
BeginDeferWindowPos
UnpackDDElParam
ReuseDDElParam
GetMessageW
IsChild
GetWindowLongW
LoadCursorW
DefWindowProcW
GetClassInfoW
SetTimer
GetFocus
GetSystemMenu
InvalidateRect
EnableWindow
PostMessageW
CopyRect
GetParent
SetCursor
InsertMenuW
ClientToScreen
GetKeyState
MapVirtualKeyW
GetKeyboardState
GetKeyboardLayout
RealChildWindowFromPoint
CopyImage
GetAsyncKeyState
ToAsciiEx
GetSubMenu
OpenClipboard
GetClipboardData
CloseClipboard
EmptyClipboard
RegisterClipboardFormatW
SetClipboardData
MessageBoxW
MoveWindow
GetWindowDC
GetWindow
MsgWaitForMultipleObjects
PeekMessageW
TranslateMessage
DispatchMessageW
PostThreadMessageW
GetDesktopWindow
GetKeyNameTextW
TrackMouseEvent
CharUpperW
UnionRect
CopyAcceleratorTableW
InvalidateRgn
GetTabbedTextExtentW
CreateMenu
GetDCEx
LockWindowUpdate
GetNextDlgGroupItem
MessageBeep
IsClipboardFormatAvailable
GetMenuDefaultItem
DrawFocusRect
DrawIconEx
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
SetClassLongW
SetLayeredWindowAttributes
EnumDisplayMonitors
DrawStateW
GetWindowRgn
WindowFromDC
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
GetUpdateRect
CharUpperBuffW
ModifyMenuW
GetDoubleClickTime
SetMenuDefaultItem
DestroyAcceleratorTable
CreateAcceleratorTableW
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
WaitMessage
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
FrameRect
DrawFrameControl
DrawIcon
gdi32
RestoreDC
SaveDC
ExtSelectClipRgn
SelectPalette
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
StartDocW
ExtCreatePen
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
GetMapMode
PatBlt
SetRectRgn
DPtoLP
CreateEllipticRgn
Ellipse
CreateHatchBrush
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
GetCharWidthW
StretchDIBits
GetBkColor
GetTextColor
GetRgnBox
GetTextAlign
GetViewportOrgEx
RectVisible
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetDIBits
SetPixel
SetDIBColorTable
Polygon
Polyline
Rectangle
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
RoundRect
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextFaceW
CreateDCW
CopyMetaFileW
GetStockObject
CreatePolygonRgn
CreateRoundRectRgn
OffsetRgn
CombineRgn
CreateRectRgn
SelectClipRgn
FillRgn
FrameRgn
TextOutW
SetTextJustification
GetTextMetricsW
SetBkColor
SetBkMode
MoveToEx
CreatePen
SetTextColor
StretchBlt
CreateBitmap
CreateSolidBrush
PtVisible
PlayMetaFile
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetCurrentPositionEx
GetClipBox
ExcludeClipRect
Escape
CreatePatternBrush
ExtCreateRegion
GetDCOrgEx
GetMetaFileW
CloseEnhMetaFile
CreateEnhMetaFileW
DeleteEnhMetaFile
GetEnhMetaFileW
PlayEnhMetaFile
GetTextCharset
CreateEllipticRgnIndirect
SetBrushOrgEx
GdiFlush
EnumFontFamiliesExW
GetDeviceCaps
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateDIBSection
DeleteDC
SelectObject
GetObjectW
DeleteObject
CreateFontIndirectW
LPtoDP
LineTo
GetTextExtentPoint32W
msimg32
AlphaBlend
TransparentBlt
winspool.drv
DocumentPropertiesW
OpenPrinterW
ClosePrinter
advapi32
RegOpenKeyExW
RegQueryValueExW
GetUserNameW
RegOpenKeyW
RegSetValueExW
RegDeleteValueW
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
RegQueryValueW
RegDeleteKeyW
SystemFunction036
RegEnumValueW
RegEnumKeyW
RegCloseKey
IsTextUnicode
RegCreateKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
shell32
SHFileOperationW
SHGetDataFromIDListW
SHAppBarMessage
SHBrowseForFolderW
SHGetMalloc
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetFileInfoW
DragFinish
DragQueryFileW
Shell_NotifyIconW
ShellExecuteW
comctl32
ImageList_GetImageInfo
ImageList_ReplaceIcon
ImageList_Duplicate
ImageList_GetImageCount
ImageList_GetIcon
ImageList_AddMasked
_TrackMouseEvent
ord17
shlwapi
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindFileNameW
UrlUnescapeW
PathFindExtensionW
StrFormatKBSizeW
uxtheme
OpenThemeData
IsThemeBackgroundPartiallyTransparent
DrawThemeBackground
GetWindowTheme
GetThemeSysColor
GetThemePartSize
DrawThemeParentBackground
GetCurrentThemeName
GetThemeColor
DrawThemeText
IsAppThemed
CloseThemeData
ole32
OleDraw
CLSIDFromString
ReleaseStgMedium
OleDuplicateData
CoInitializeEx
CoCreateGuid
PropVariantClear
CoUninitialize
CoInitialize
CoTaskMemRealloc
CoTaskMemFree
CoGetClassObject
CreateStreamOnHGlobal
CoTaskMemAlloc
OleRun
CoCreateInstance
CLSIDFromProgID
OleInitialize
OleUninitialize
CoDisconnectObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleLoadFromStream
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleSaveToStream
OleLockRunning
OleTranslateAccelerator
IsAccelerator
WriteClassStm
CoFreeUnusedLibraries
oleaut32
SysAllocStringLen
SafeArrayDestroy
SafeArrayAccessData
SafeArrayCreateVector
SysStringByteLen
SysStringLen
SysAllocStringByteLen
SysAllocString
VarUdateFromDate
VariantCopy
VariantInit
VariantClear
VariantChangeType
SysFreeString
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayCreate
VarUI4FromStr
SafeArrayGetElemsize
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayUnaccessData
VarCyFromStr
LoadTypeLi
OleCreateFontIndirect
OleCreatePictureIndirect
VarDateFromStr
SafeArrayGetDim
VarI4FromStr
VarR8FromStr
VarBstrFromR8
VarDiv
VarMul
GetErrorInfo
oledlg
OleUIBusyW
urlmon
CoInternetSetFeatureEnabled
UrlMkSetSessionOption
CoInternetGetSession
gdiplus
GdipSetLineWrapMode
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipSetStringFormatLineAlign
GdipSetRenderingOrigin
GdipCreateHatchBrush
GdipDrawImageI
GdipSetClipRectI
GdipDrawLine
GdipDrawLineI
GdipSetPenDashOffset
GdipAddPathPolygonI
GdipAddPathLineI
GdipResetClip
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipSetInterpolationMode
GdipDrawImageRectI
GdiplusShutdown
GdipDrawEllipseI
GdipFillEllipseI
GdipDrawRectangleI
GdipFillRectangleI
GdipCreateLineBrushFromRectI
GdipSetStringFormatTrimming
GdipAddPathArc
GdipDrawPath
GdipFillPath
GdipAddPathLine
GdipIsVisiblePathPoint
GdipDeleteStringFormat
GdipCreateStringFormat
GdipCreateLineBrushFromRect
GdipDrawString
GdipClosePathFigure
GdipFillRectangle
GdipMeasureString
GdipResetPath
GdipGetPathLastPoint
GdipAddPathPie
GdipDeletePath
GdipCreatePath
GdipDeleteFont
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdipDeleteCachedBitmap
GdipDrawCachedBitmap
GdipCreateCachedBitmap
GdipDeleteGraphics
GdipCreateFromHDC
GdipDrawPie
GdipSetLineColors
GdipAddPathLine2I
GdipDisposeImage
GdipFree
GdipAlloc
GdipCloneImage
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipGetImageEncoders
GdipGetImageEncodersSize
GdiplusStartup
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateHBITMAPFromBitmap
GdipGetImageWidth
GdipGetImageHeight
GdipCreatePen1
GdipDeletePen
GdipGetImageGraphicsContext
GdipSetSmoothingMode
GdipCreateLineBrush
GdipDeleteBrush
GdipCloneBrush
GdipStartPathFigure
GdipSaveImageToFile
GdipCreateSolidFill
GdipSetPenDashStyle
GdipSetPenBrushFill
GdipCreateLineBrushI
GdipSetPenColor
GdipFillPie
ws2_32
__WSAFDIsSet
ntohl
getaddrinfo
freeaddrinfo
getnameinfo
socket
gethostbyname
setsockopt
recvfrom
sendto
accept
listen
htonl
bind
ntohs
connect
htons
getsockopt
select
ioctlsocket
send
recv
shutdown
closesocket
WSAGetLastError
inet_ntoa
WSACleanup
WSAStartup
inet_addr
getsockname
crypt32
CertGetNameStringW
CertVerifyTimeValidity
CertCloseStore
CertFreeCertificateContext
CertDuplicateCertificateContext
CertOpenSystemStoreW
CertFindChainInStore
CertGetCertificateChain
CertVerifyCertificateChainPolicy
CertFindCertificateInStore
oleacc
AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject
imm32
ImmReleaseContext
ImmGetOpenStatus
ImmGetContext
winmm
PlaySoundW
rpcrt4
UuidCreate
UuidToStringW
RpcStringFreeW
Sections
.text Size: 6.7MB - Virtual size: 6.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 162KB - Virtual size: 214KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 11.0MB - Virtual size: 11.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ