2024-07-04_b7570e41251aa5f26389a8ae6b5c890f_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-04_b7570e41251aa5f26389a8ae6b5c890f_icedid
Size

61.7MB
MD5

b7570e41251aa5f26389a8ae6b5c890f
SHA1

c8f219c316c924336afe265ff1500865b44ce111
SHA256

c7b07d168ab1d84fc34787547a2d22d60ac8ae398cccb4943fce1d8d1d6e9e33
SHA512

5b989c429f8af19f9ab55b83d7593948806e79fa310ad0eb695e16e8e4a929049dc10db4d06bd6607796eb39d4acf020a999d09d0c049fc5279148ff20681d9a
SSDEEP

393216:KAkqIruNW0sWUT+ItbukNLpd5+cr22luMgtbukNLpd5+cr22luDT0Q9dmuDyzGtI:/kxuwhB5LRt7gB5LRtA1DymlFjGQk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-04_b7570e41251aa5f26389a8ae6b5c890f_icedid

Files

2024-07-04_b7570e41251aa5f26389a8ae6b5c890f_icedid
.exe windows:6 windows x86 arch:x86

b4e138da5c91e030661b82767dfbfd7d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Builds\_work\3\s\Development\DS\Solution\Release\SOM.pdb

Imports

kernel32

GetTimeZoneInformation
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
LCMapStringW
ExitProcess
GetStdHandle
GetFileType
SetStdHandle
FreeEnvironmentStringsW
FindFirstFileExW
GetCommandLineW
GetCommandLineA
CreateDirectoryW
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
VirtualQuery
GetSystemInfo
RtlUnwind
FindNextFileW
GetACP
GetOEMCP
GetCPInfo
HeapQueryInformation
IsValidCodePage
SetEnvironmentVariableW
GetStringTypeW
WriteConsoleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
SearchPathW
GetProfileIntW
GetTempPathW
GetTickCount
VerifyVersionInfoW
VerSetConditionMask
FindResourceExW
lstrcpyW
SetErrorMode
SystemTimeToTzSpecificLocalTime
GetEnvironmentStringsW
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
FileTimeToSystemTime
GlobalGetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
WritePrivateProfileStringW
GetPrivateProfileIntW
GetVersionExW
GetCurrentThread
ResumeThread
SetThreadPriority
lstrcmpA
GetThreadLocale
lstrcmpiW
DuplicateHandle
UnlockFile
SetEndOfFile
ReadFile
LockFile
GetFullPathNameW
GetFileSize
FlushFileBuffers
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetCurrentThreadId
EncodePointer
CopyFileW
MulDiv
GlobalSize
SetLastError
DeleteCriticalSection
HeapSize
HeapReAlloc
RaiseException
DecodePointer
CreateProcessW
GetCurrentDirectoryW
SetCurrentDirectoryW
OpenFileMappingW
CreateMutexW
IsBadReadPtr
LoadLibraryA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetLocalTime
GetSystemTime
Module32NextW
Module32FirstW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
WideCharToMultiByte
GetSystemDirectoryW
OpenProcess
TerminateProcess
GetCurrentProcessId
Sleep
GetVolumeInformationW
ExpandEnvironmentStringsW
CreateEventW
WaitForSingleObject
SetEvent
FormatMessageW
LocalFree
OutputDebugStringA
FindFirstFileW
FindClose
lstrlenW
lstrlenA
GlobalFree
GlobalLock
GlobalUnlock
GlobalAlloc
OutputDebugStringW
GetSystemDefaultLangID
MultiByteToWideChar
MoveFileW
GetPrivateProfileStringW
GetModuleFileNameA
VirtualFree
VirtualAlloc
GetSystemWindowsDirectoryW
WriteFile
SetFilePointerEx
SetFilePointer
SetFileAttributesW
GetTempFileNameW
GetShortPathNameW
GetFileAttributesExW
GetFileAttributesW
DeleteFileW
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapFree
HeapAlloc
FindResourceW
SizeofResource
GetModuleHandleW
LockResource
LoadResource
GetModuleHandleA
GetModuleFileNameW
FreeLibrary
GetWindowsDirectoryW
GetCurrentProcess
GetLastError
CloseHandle
CreateFileW
LoadLibraryW
GetProcAddress
QueryPerformanceFrequency
LoadLibraryExA

user32

LoadCursorW
GetSysColorBrush
GetWindowThreadProcessId
SystemParametersInfoW
GetMenuItemInfoW
DestroyMenu
MapDialogRect
SetWindowContextHelpId
SetCursor
ShowOwnedPopups
PostQuitMessage
TranslateMessage
GetMessageW
OffsetRect
SetRectEmpty
SendDlgItemMessageA
CharUpperW
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassLongW
PtInRect
EqualRect
MapWindowPoints
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
SetActiveWindow
SetMenu
GetMenu
GetCapture
GetKeyState
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
IsDialogMessageW
SetWindowLongW
GetWindowLongW
GetWindowTextLengthW
SetWindowTextW
IsWindowEnabled
SetFocus
GetDlgCtrlID
CheckDlgButton
CopyImage
GetAsyncKeyState
IsCharLowerW
SendMessageW
EnableWindow
CopyRect
GetParent
SetDlgItemTextW
GetDlgItem
SetWindowPos
MoveWindow
ShowWindow
IsWindow
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
IntersectRect
InflateRect
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
TrackMouseEvent
DestroyIcon
LoadImageW
DeleteMenu
SetTimer
KillTimer
WaitMessage
SetCapture
ReleaseCapture
WindowFromPoint
CharNextW
CopyAcceleratorTableW
InvalidateRgn
IsRectEmpty
GetNextDlgGroupItem
MessageBeep
CreatePopupMenu
DrawTextW
RemoveMenu
GetMenuDefaultItem
DrawFocusRect
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
MapVirtualKeyW
GetKeyNameTextW
EnumDisplayMonitors
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateW
SetClassLongW
SetWindowRgn
SetParent
DrawEdge
RealChildWindowFromPoint
UpdateWindow
InvalidateRect
RedrawWindow
GetClientRect
GetWindowRect
GetSysColor
SetLayeredWindowAttributes
IsWindowVisible
FillRect
FindWindowA
SetRect
MessageBoxA
FindWindowW
MessageBoxW
IsIconic
GetSystemMetrics
DrawIcon
GetDesktopWindow
LoadIconW
GetForegroundWindow
GetClassInfoW
RegisterWindowMessageW
PostMessageW
LoadMenuW
GetSubMenu
TrackPopupMenu
SetForegroundWindow
GetWindowTextW
GetCursorPos
FindWindowExW
GetClassNameW
GetKeyboardLayout
GetWindow
GetAncestor
UnregisterClassW
GetMenuStringW
GetMenuState
GetMenuItemID
GetMenuItemCount
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
InsertMenuW
AppendMenuW
DestroyAcceleratorTable
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
PostThreadMessageW
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
UnionRect
RegisterClipboardFormatW
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
FrameRect
CopyIcon
SetCursorPos
BringWindowToTop
GetSystemMenu
IsZoomed
DrawFrameControl

gdi32

GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
GetTextMetricsW
GetBkColor
GetTextColor
GetRgnBox
EnumFontFamiliesExW
CreatePalette
GetSystemPaletteEntries
RealizePalette
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
CreateBitmap
BitBlt
GetDeviceCaps
CreateDCW
CopyMetaFileW
CreateSolidBrush
StretchDIBits
GetPaletteEntries
SetDIBColorTable
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
CreateCompatibleDC
GetObjectW
PatBlt
GetTextExtentPoint32W
GetStockObject
CreatePen
CreateFontIndirectW
CreateRectRgnIndirect
GetNearestPaletteIndex

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegEnumKeyExW
RegOpenKeyExW
RegQueryValueW
RegEnumKeyW
RegEnumValueW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
RegFlushKey
RegSetValueExW
RegSetValueExA
RegDeleteValueW
RegCreateKeyW
RegQueryValueExA
RegOpenKeyExA
RegQueryValueExW

shell32

SHGetSpecialFolderPathW
SHGetFileInfoW
ShellExecuteW
FindExecutableW
ShellExecuteExW
SHEvaluateSystemCommandTemplate
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileW
DragFinish
SHBrowseForFolderW
SHAppBarMessage

comctl32

_TrackMouseEvent

shlwapi

PathAppendW
PathRemoveFileSpecW
PathFileExistsW
PathFindFileNameA
PathFindFileNameW
PathFindExtensionW
PathRemoveBlanksW
PathRemoveExtensionW
PathStripToRootW
PathUnquoteSpacesW
StrCmpIW
AssocQueryStringW
StrStrIW
StrStrW
PathMakePrettyW
StrFormatKBSizeW
PathStripPathW
PathIsUNCW

uxtheme

DrawThemeText
GetThemePartSize
GetWindowTheme
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
IsAppThemed

ole32

OleIsCurrentClipboard
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
OleFlushClipboard
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoInitializeEx
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal
CoInitialize

oleaut32

VarBstrFromDate
VariantCopy
OleCreateFontIndirect
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
SysAllocString
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString
VariantInit

oledlg

OleUIBusyW

gdiplus

GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipDrawImageRectI
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdipSetInterpolationMode
GdipCreateBitmapFromFile
GdipAlloc
GdipFree
GdiplusStartup
GdipBitmapLockBits

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

iphlpapi

GetAdaptersInfo

wintrust

WinVerifyTrust

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 394KB - Virtual size: 394KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4e138da5c91e030661b82767dfbfd7d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

version

iphlpapi

wintrust

oleacc

imm32

winmm

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 394KB - Virtual size: 394KB

.data Size: 68KB - Virtual size: 101KB

.rsrc Size: 101KB - Virtual size: 101KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 394KB - Virtual size: 394KB

.data
Size: 68KB - Virtual size: 101KB

.rsrc
Size: 101KB - Virtual size: 101KB