2024-07-04_e22f57c31c57d9d30b35db43d54d90ab_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-04_e22f57c31c57d9d30b35db43d54d90ab_icedid
Size

2.7MB
MD5

e22f57c31c57d9d30b35db43d54d90ab
SHA1

a6a67c7571900ebe9b421e462a7a63ddc5882cc4
SHA256

fc7d857dbb0a5334e8a2993feded32833671f5e17a4b4e500eacafc4d07928a5
SHA512

d15546b3987864a145a6277e17eab04afa1ee6e1dcefa4991d373ba7e9d94a501ec556f272e9b854b395b3d393e6556e0cac2febabb2118597159947c7a67e44
SSDEEP

49152:wr8FgQm8lrts0Fn1NW17gchoDCBW9M7Ojtu8dK3E:PBrlNWNgcCCBMGqUU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-04_e22f57c31c57d9d30b35db43d54d90ab_icedid

Files

2024-07-04_e22f57c31c57d9d30b35db43d54d90ab_icedid
.exe windows:4 windows x86 arch:x86

d4354a153ad0f0db625d720ea3fd1fd3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imlib

?GetRegistryFont@@YAXPAUHKEY__@@IIPAUtagLOGFONTW@@@Z
?SetRegistryListData@@YAXPAUHKEY__@@IIAAUtagLISTMASTER@@@Z
?SetRegistryFont@@YAXPAUHKEY__@@IIAAUtagLOGFONTW@@@Z
?GetRegistryListData@@YAXPAUHKEY__@@IIPAUtagLISTMASTER@@@Z
?GetRegistryInt@@YAKPAUHKEY__@@IIK@Z
?Copy@XCopyFolder@@QAEHPB_W0@Z
??0XCopyFolder@@QAE@XZ
?CheckPath@XCopyFolder@@QAEHPB_W@Z
?MessageBreak@@YAXXZ
?CreateDirectoryIfNotExist@@YAHPB_W@Z
?SetRegistryString@@YAHPAUHKEY__@@IIPB_W@Z
?DeleteEmptyFolder@@YAXPB_W@Z
?GetRegistryString@@YA?AV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PAUHKEY__@@IIPB_W@Z
?CheckEmailAddress@@YAHPB_W@Z
?DeleteAllFilesInDirectory@@YAXPB_WH@Z
?SetRegistryInt@@YAHPAUHKEY__@@IIK@Z
?OpenLocalFileEx@@YAHPB_W@Z

imsdlg

?ResponseTime@@YAHPAUtagRESPONSETIME@@@Z
?IMRole@@YAHPAUtagIMROLE@@@Z
?ImcConfig@@YAXPAUHWND__@@PAVXConfig@@PB_W2@Z
?SystemOptions@@YAXPAUHWND__@@PAUtagSYSTEMOPTIONS@@PAUtagSMTPSETUP@@H@Z

ipworks6

FileMailer_Create
FileMailer_Set
FileMailer_Do
MIME_Create
MIME_Destroy
MIME_Get
MIME_Set
MIME_Do
NetCode_Create
NetCode_Destroy
NetCode_Set
NetCode_Get
NetCode_Do
POP_Create
POP_Destroy
FileMailer_Destroy

kernel32

GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetStringTypeA
GetConsoleMode
GetConsoleCP
SetStdHandle
GetVersionExW
SizeofResource
LockResource
LoadResource
FindResourceW
MultiByteToWideChar
FindClose
FindNextFileW
FindFirstFileW
WideCharToMultiByte
lstrlenW
LeaveCriticalSection
EnterCriticalSection
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetFileAttributesW
LoadLibraryW
GetProfileIntW
GetTimeFormatW
GetDateFormatW
SearchPathW
GetTempPathW
GetModuleHandleW
GetProcAddress
SetLastError
GetLastError
Sleep
SetCurrentDirectoryW
GetFileTime
CopyFileW
GetTickCount
ResumeThread
CloseHandle
CreateMutexW
WinExec
WaitForSingleObject
FreeLibrary
GetModuleFileNameW
GetWindowsDirectoryW
InitializeCriticalSection
DeleteCriticalSection
DeleteFileW
CreateDirectoryW
SetFileAttributesW
RemoveDirectoryW
lstrlenA
MoveFileW
InterlockedExchange
MulDiv
GetCurrentThreadId
LoadLibraryA
LocalFree
FormatMessageW
GlobalSize
SetThreadPriority
SetEvent
SuspendThread
CreateEventW
GetCurrentProcessId
GetStringTypeExW
GetThreadLocale
lstrcmpiW
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationW
GetFullPathNameW
GetShortPathNameW
CreateFileW
FreeResource
GetVersionExA
lstrcmpW
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
InterlockedDecrement
GetModuleHandleA
lstrcmpA
SetFileTime
GetTempFileNameW
GetDiskFreeSpaceW
GlobalGetAtomNameW
GetVersion
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
VirtualProtect
CompareStringA
GetLocaleInfoW
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
FileTimeToSystemTime
SystemTimeToFileTime
SetErrorMode
FileTimeToLocalFileTime
LocalFileTimeToFileTime
GlobalFlags
FindResourceExW
GetCurrentDirectoryW
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
RtlUnwind
GetSystemTimeAsFileTime
RaiseException
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
ExitThread
CreateThread
ExitProcess
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
LCMapStringA
LCMapStringW

user32

EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
CharUpperW
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
MessageBoxW
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
ValidateRect
GetMenuState
WinHelpW
AppendMenuW
InsertMenuW
GetMenuItemCount
DrawTextW
BeginDeferWindowPos
DrawIconEx
GetIconInfo
SetWindowsHookExW
CallNextHookEx
EqualRect
ReleaseCapture
GetSysColorBrush
RegisterClassExW
SetCapture
GetCapture
SetWindowRgn
DrawFrameControl
CopyRect
OffsetRect
IsDialogMessageW
SetWindowTextW
ReuseDDElParam
UnpackDDElParam
GetMenuItemInfoW
EnableWindow
GetClientRect
SendMessageW
GetSystemMetrics
IsRectEmpty
UnhookWindowsHookEx
ClientToScreen
LoadCursorW
InflateRect
GetClassNameW
TrackPopupMenu
DestroyIcon
LoadIconW
SetParent
SetActiveWindow
RedrawWindow
SystemParametersInfoW
IsWindow
GetFocus
DrawEdge
PtInRect
ShowCaret
SendDlgItemMessageA
SendDlgItemMessageW
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckDlgButton
GetDlgItemInt
SetCursor
SetFocus
GetDC
GetForegroundWindow
GetWindowTextW
GetWindowTextLengthW
GetClassLongW
SetRect
IsChild
GetSysColor
SetDlgItemInt
SetDlgItemTextW
GetMenuStringW
GetWindowRect
InvalidateRect
PostMessageW
SetRectEmpty
GetSubMenu
LoadMenuW
IsIconic
SetTimer
KillTimer
SetForegroundWindow
OpenIcon
FindWindowW
RemovePropW
SetPropW
RegisterWindowMessageW
GetMenuItemID
RemoveMenu
GetCursorPos
SetMenuDefaultItem
CreateMenu
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
UnregisterClassA
GetDoubleClickTime
GetClipboardData
MapVirtualKeyExW
IsCharLowerW
DestroyCursor
MoveWindow
ShowWindow
GetKeyNameTextW
MapVirtualKeyW
TabbedTextOutW
DrawTextExW
GrayStringW
GetWindowDC
BeginPaint
EndPaint
DrawIcon
TranslateAcceleratorW
SetMenu
BringWindowToTop
CreatePopupMenu
InsertMenuItemW
LoadAcceleratorsW
LockWindowUpdate
GetDCEx
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
CharNextW
MessageBeep
IsClipboardFormatAvailable
UnionRect
GetSystemMenu
DeleteMenu
UnregisterClassW
RegisterClipboardFormatW
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
WaitMessage
MapDialogRect
GetAsyncKeyState
WindowFromPoint
GetWindowRgn
SubtractRect
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CharUpperBuffW
CopyIcon
EnableScrollBar
FrameRect
SetCursorPos
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetMenuDefaultItem
SetClassLongW
GetUpdateRect
DrawStateW
IsMenu
CopyImage
IsZoomed
DestroyAcceleratorTable
DrawFocusRect
LoadImageW
GetParent
FillRect
UpdateWindow
ReleaseDC
LoadBitmapW
wsprintfW
GetPropW
PostThreadMessageW
GetDesktopWindow
GetWindow
DestroyMenu

gdi32

GetWindowOrgEx
GetViewportOrgEx
SetPixelV
SetPaletteEntries
GetBoundsRect
FillRgn
PtInRegion
Rectangle
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Polyline
GetTextFaceW
StartDocW
StartPage
EndPage
EndDoc
DeleteDC
GetTextExtentPoint32W
ExtTextOutW
SelectObject
CreatePen
CreateFontIndirectW
CreateSolidBrush
SetPixel
GetObjectW
GetPixel
BitBlt
CreateCompatibleDC
CreateDCW
ExtFloodFill
GetCurrentObject
GetRgnBox
EnumFontFamiliesExW
GetTextMetricsW
GetMapMode
SetRectRgn
Ellipse
LPtoDP
DPtoLP
CreateEllipticRgn
SelectPalette
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
PatBlt
CreateRectRgnIndirect
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CopyMetaFileW
GetTextColor
GetBkColor
RoundRect
FrameRgn
OffsetRgn
EqualRgn
CombineRgn
CreateRoundRectRgn
CreatePolygonRgn
CreateRectRgn
GetStockObject
SetStretchBltMode
StretchBlt
CreateDIBSection
DeleteObject
SetDIBColorTable
GetDeviceCaps
SetMapMode
CreateCompatibleBitmap

msimg32

AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegSetValueW
RegOpenKeyW
RegQueryValueExW
SetFileSecurityW
GetFileSecurityW
RegCreateKeyExW
RegOpenKeyExA
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegCreateKeyW
RegQueryValueExA
RegCloseKey
OpenSCManagerW
RegOpenKeyExW
CloseServiceHandle
OpenServiceW
RegEnumKeyExW
RegQueryInfoKeyW
RegEnumValueW

shell32

SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
ExtractIconW
DragQueryFileW
DragFinish
SHGetFileInfoW
ShellExecuteW
SHAppBarMessage
Shell_NotifyIconW
ShellExecuteExW
SHCreateDirectoryExW

comctl32

ImageList_DrawEx
ord17
ImageList_GetIconSize
ImageList_Destroy
ImageList_GetImageCount
ImageList_Create
ImageList_GetIcon
ImageList_ReplaceIcon

shlwapi

PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

CoTaskMemFree
CreateILockBytesOnHGlobal
CoRevokeClassObject
OleDuplicateData
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoCreateInstance
CoGetClassObject
ReleaseStgMedium
CoInitialize
CoUninitialize
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
OleLockRunning
DoDragDrop
OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop

oleaut32

VarUdateFromDate
SysAllocString
OleCreateFontIndirect
SafeArrayDestroy
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringLen

ws2_32

connect
gethostbyname
gethostname
WSAStartup
WSACleanup
listen
ioctlsocket
select
recv
send
closesocket
inet_ntoa
ntohs
getpeername
socket
inet_addr
bind
htons
accept
WSAGetLastError
sendto
htonl
WSAAsyncSelect
getsockname
setsockopt
recvfrom
WSASetLastError

activeds

ord9
ord4
ord5
ord15

gdiplus

GdipAlloc
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdipFree
GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdiplusShutdown
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipSaveImageToFile
GdipDisposeImage
GdipCreateBitmapFromFile
GdipDeleteGraphics

winmm

PlaySoundW

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 387KB - Virtual size: 386KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 145KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4354a153ad0f0db625d720ea3fd1fd3

Headers

File Characteristics

Imports

imlib

imsdlg

ipworks6

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

activeds

gdiplus

winmm

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 387KB - Virtual size: 386KB

.data Size: 145KB - Virtual size: 245KB

.rsrc Size: 200KB - Virtual size: 199KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 387KB - Virtual size: 386KB

.data
Size: 145KB - Virtual size: 245KB

.rsrc
Size: 200KB - Virtual size: 199KB