C:\cdexbuild\Release\CDex.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-07-09_c167101a98387034c2b7f5aea586c929_icedid.exe
Resource
win7-20240708-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
2024-07-09_c167101a98387034c2b7f5aea586c929_icedid.exe
Resource
win10v2004-20240704-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
2024-07-09_c167101a98387034c2b7f5aea586c929_icedid
-
Size
4.6MB
-
MD5
c167101a98387034c2b7f5aea586c929
-
SHA1
4debaf2ca2f3409358d70da56f50d60a74ea4ea9
-
SHA256
47ad4cec7536f5bc0cfa04bd27e9a23384ca97b2edc484d7c96f70eb9d70309e
-
SHA512
c7e733e5f5d8240a11de542bd8a9dfbc47ee63b5db280811891832d6422f0b1e553b408b938d20642b2aaf25b2586571d68adf2920f4f4a0c7f6252b085bc729
-
SSDEEP
98304:ZvuPYzEp3MjoFtdFJMLZfgEBKXqahDJ71WRO/yVLPvSheGyy4eddr+k8Fww1RwwP:tugzmXryWh9WPvSheGyy4edBAwwnwwnP
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-07-09_c167101a98387034c2b7f5aea586c929_icedid
Files
-
2024-07-09_c167101a98387034c2b7f5aea586c929_icedid.exe windows:5 windows x86 arch:x86
0dfea1066854e9489ac206b61a9d67e5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
msacm32
acmGetVersion
acmDriverEnum
acmDriverOpen
acmDriverClose
acmDriverDetailsA
acmFormatEnumA
acmStreamOpen
acmStreamClose
acmStreamConvert
acmStreamPrepareHeader
acmStreamUnprepareHeader
acmMetrics
winmm
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite
waveOutReset
waveOutGetPosition
waveInGetNumDevs
waveInGetDevCapsA
waveInOpen
waveInClose
waveInPrepareHeader
waveInUnprepareHeader
waveInAddBuffer
waveInStart
waveInReset
waveOutClose
waveOutOpen
mixerSetControlDetails
mixerGetControlDetailsA
mixerGetLineInfoA
mixerClose
mixerOpen
mixerGetDevCapsA
mixerGetNumDevs
mciGetErrorStringA
mciSendCommandA
mixerGetLineControlsA
PlaySoundA
wsock32
WSASetLastError
gethostname
gethostbyname
setsockopt
inet_ntoa
WSAGetLastError
kernel32
ReplaceFileA
SystemTimeToFileTime
GetUserDefaultLCID
VirtualProtect
GlobalReAlloc
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LocalReAlloc
GetAtomNameA
GetACP
GlobalFlags
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
lstrcmpA
GetOEMCP
GetCPInfo
GetFileAttributesExA
GetFileSizeEx
LocalFileTimeToFileTime
SetFileAttributesA
SetErrorMode
GetCurrentDirectoryA
FindResourceExW
VerSetConditionMask
VerifyVersionInfoA
GetProfileIntA
SearchPathA
LocalLock
LocalUnlock
RtlUnwind
IsDebuggerPresent
IsProcessorFeaturePresent
ExitProcess
GetModuleHandleExW
AreFileApisANSI
GetSystemTimeAsFileTime
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetDriveTypeW
SetEnvironmentVariableA
SetCurrentDirectoryA
GetCommandLineA
GetSystemInfo
VirtualAlloc
VirtualQuery
CreateThread
ExitThread
SetStdHandle
GetFileType
HeapQueryInformation
GetConsoleCP
GetConsoleMode
FatalAppExitA
GetStartupInfoW
ReadConsoleW
SetFilePointerEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CreateEventW
TerminateProcess
CreateSemaphoreW
IsValidCodePage
SetConsoleCtrlHandler
GetTimeZoneInformation
CreateDirectoryW
GetStringTypeW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
WriteConsoleW
OutputDebugStringW
CreateFileW
GetCurrentThread
GetStringTypeExA
GetThreadLocale
lstrcmpiA
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameA
GetFileSize
CreateFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
LoadLibraryW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetTempFileNameA
GetModuleHandleA
GetModuleFileNameW
FreeResource
GetSystemDirectoryW
EncodePointer
CreateMutexA
ReleaseMutex
SuspendThread
SetThreadPriority
GetCurrentThreadId
CreateEventA
MulDiv
GlobalSize
SetLastError
FormatMessageA
LoadLibraryExA
FlushFileBuffers
WriteFile
QueryPerformanceCounter
MoveFileA
CreateDirectoryA
GetDiskFreeSpaceA
GetShortPathNameA
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
DecodePointer
GetComputerNameA
CreateSemaphoreA
ReleaseSemaphore
LocalFree
LocalAlloc
ResumeThread
GetVolumeInformationA
GetDriveTypeA
lstrcpynA
SetThreadLocale
FindNextFileA
FindFirstFileA
FindClose
WaitForMultipleObjects
GetProcAddress
LoadLibraryA
lstrlenA
lstrcatA
lstrcpyA
WinExec
MultiByteToWideChar
GetVersionExA
GetSystemDirectoryA
FindResourceA
GlobalFree
GlobalUnlock
GlobalHandle
QueryPerformanceFrequency
CopyFileA
DeleteFileA
GetTempPathA
GetVersion
SetConsoleTitleA
GetConsoleTitleA
FreeConsole
AllocConsole
GetStdHandle
GetExitCodeProcess
GetCurrentProcessId
CreatePipe
DuplicateHandle
ReadFile
GetWindowsDirectoryA
WritePrivateProfileStringA
CreateProcessA
GetModuleFileNameA
GetTickCount
CloseHandle
GetCurrentProcess
GlobalLock
GlobalAlloc
InterlockedDecrement
InterlockedIncrement
GetPrivateProfileStringA
FreeLibrary
WideCharToMultiByte
FindResourceW
SizeofResource
LoadResource
ResetEvent
LockResource
GetPrivateProfileIntA
OutputDebugStringA
Sleep
WaitForSingleObject
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetLastError
TerminateThread
SetFileTime
GetFileTime
GetModuleHandleW
GetFileAttributesA
GetUserDefaultUILanguage
user32
PostThreadMessageA
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
CreateAcceleratorTableA
DestroyAcceleratorTable
SetCursorPos
SetClassLongA
GetDoubleClickTime
SetMenuDefaultItem
CharUpperBuffA
FrameRect
EnumChildWindows
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
IsClipboardFormatAvailable
GetUpdateRect
SubtractRect
SendNotifyMessageA
InSendMessage
CreateMenu
GetWindowRgn
WindowFromDC
GetTabbedTextExtentA
GetTabbedTextExtentW
DeleteMenu
GetSystemMenu
MonitorFromPoint
SetParent
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
LoadImageA
IntersectRect
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
WindowFromPoint
IsZoomed
GetAsyncKeyState
LoadCursorW
IsRectEmpty
SetWindowRgn
DrawIcon
IsIconic
SetRect
SystemParametersInfoA
GetMenuItemInfoA
DestroyMenu
SetRectEmpty
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
GetSystemMetrics
CharUpperA
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
WaitMessage
MapVirtualKeyA
GetKeyNameTextA
GetWindowThreadProcessId
GetDesktopWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
SetWindowTextA
ScrollWindowEx
IsWindowEnabled
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
MoveWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
EqualRect
CopyRect
MapWindowPoints
MessageBoxA
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetComboBoxInfo
SetPropA
ShowScrollBar
GetScrollRange
ScrollWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
SetFocus
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
GetFocus
SendDlgItemMessageA
UnhookWindowsHookEx
MsgWaitForMultipleObjectsEx
CallNextHookEx
SetWindowsHookExA
ValidateRect
GetActiveWindow
GetMessageA
GetMenuState
GetMenuStringA
EnableScrollBar
SetScrollRange
GetScrollPos
SetScrollPos
DestroyIcon
LoadIconW
OffsetRect
IsWindowVisible
RedrawWindow
GrayStringA
DrawTextA
UnregisterClassA
DrawTextExA
GetIconInfo
GetSysColorBrush
PeekMessageA
DispatchMessageA
TranslateMessage
LoadBitmapW
IsDialogMessageA
ChildWindowFromPoint
TabbedTextOutA
DrawEdge
RemoveMenu
AppendMenuA
InsertMenuA
CheckMenuItem
CreatePopupMenu
GetDlgCtrlID
SetWindowPos
GetWindow
ModifyMenuA
GetMenuItemCount
GetMenuItemID
CopyIcon
DestroyCursor
LoadCursorA
PtInRect
GetSysColor
SetCursor
ReleaseDC
GetDC
ReleaseCapture
SetCapture
ScreenToClient
InvalidateRect
GetDlgItem
InflateRect
FillRect
GetWindowLongA
IsWindow
MessageBeep
FindWindowA
TrackMouseEvent
UpdateLayeredWindow
IsMenu
DrawFrameControl
LoadImageW
DrawStateA
EnumDisplayMonitors
SetLayeredWindowAttributes
RegisterClipboardFormatA
GetMenuDefaultItem
NotifyWinEvent
InvertRect
HideCaret
DrawIconEx
DrawFocusRect
LockWindowUpdate
ShowWindow
GetParent
GetCursorPos
GetSubMenu
LoadMenuW
KillTimer
SetTimer
GetKeyState
EmptyClipboard
GetDCEx
UnionRect
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
CharNextA
LoadAcceleratorsW
GetDialogBaseUnits
CopyImage
GetPropA
RealChildWindowFromPoint
SetClipboardData
CloseClipboard
OpenClipboard
ExitWindowsEx
FindWindowExA
UpdateWindow
GetWindowRect
GetClientRect
EnableWindow
PostMessageA
SendMessageA
GetCapture
gdi32
CreateBitmap
CopyMetaFileA
CreateDCA
SetBkColor
SetTextColor
CreateRectRgnIndirect
PatBlt
CreateDIBPatternBrushPt
CreateHatchBrush
CreatePen
CreatePatternBrush
DeleteDC
ExcludeClipRect
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetObjectType
GetPixel
ModifyWorldTransform
SetColorAdjustment
StartDocA
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SetTextCharacterExtra
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
DPtoLP
CreateEllipticRgn
Ellipse
CreateDIBSection
LPtoDP
GetBkColor
GetCharWidthA
CombineRgn
ExtTextOutA
SetRectRgn
GetTextColor
GetRgnBox
EnumFontFamiliesExA
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
SetDIBColorTable
CreatePolygonRgn
Polygon
Polyline
OffsetRgn
CreateRoundRectRgn
GetCurrentObject
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
GetViewportOrgEx
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextExtentPointA
GetTextExtentPoint32W
GetTextFaceA
CloseMetaFile
CreateMetaFileA
DeleteMetaFile
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetGraphicsMode
SetMapperFlags
SetBkMode
TextOutA
RectVisible
PtVisible
Escape
CreateRectRgn
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteObject
Rectangle
GetDeviceCaps
SetWorldTransform
EnumMetaFile
PlayMetaFileRecord
SetTextJustification
GetTextMetricsA
CreateFontA
GetObjectA
GetTextExtentPoint32A
CreateFontIndirectA
CreateSolidBrush
RealizePalette
GetStockObject
SetStretchBltMode
StretchDIBits
SetDIBitsToDevice
SelectPalette
GetMapMode
CreatePalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
SetTextAlign
msimg32
AlphaBlend
TransparentBlt
winspool.drv
DocumentPropertiesA
ClosePrinter
GetJobA
OpenPrinterA
advapi32
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegOpenKeyExA
RegQueryValueA
RegCreateKeyExA
RegEnumKeyExA
GetFileSecurityA
SetFileSecurityA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
OpenProcessToken
RegSetValueA
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegEnumValueA
shell32
SHGetDesktopFolder
DragQueryFileA
DragFinish
DragAcceptFiles
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFolderPathA
SHGetFileInfoA
SHAddToRecentDocs
ShellExecuteExA
SHAppBarMessage
ShellExecuteA
SHGetSpecialFolderLocation
ExtractIconA
comctl32
ord8
ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_Draw
ImageList_GetImageInfo
ImageList_Remove
ImageList_AddMasked
ImageList_GetIcon
shlwapi
PathAppendA
PathFileExistsW
PathIsUNCA
PathStripToRootA
PathFindExtensionA
PathFindFileNameA
PathRemoveExtensionA
UrlUnescapeA
PathRemoveFileSpecW
StrFormatKBSizeA
uxtheme
GetThemeColor
GetCurrentThemeName
GetThemeSysColor
GetWindowTheme
DrawThemeParentBackground
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeText
ole32
StringFromCLSID
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
CLSIDFromString
CreateFileMoniker
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
OleLockRunning
OleSetMenuDescriptor
DoDragDrop
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleRun
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
StringFromGUID2
CoInitializeEx
PropVariantCopy
CLSIDFromProgID
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
WriteClassStg
ReadClassStg
CreateBindCtx
CoTreatAsClass
RevokeDragDrop
CreateGenericComposite
CreateItemMoniker
WriteClassStm
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
GetHGlobalFromILockBytes
OleRegGetMiscStatus
OleRegEnumVerbs
OleQueryLinkFromData
OleQueryCreateFromData
OleIsRunning
CoGetMalloc
GetRunningObjectTable
CreateDataAdviseHolder
CreateOleAdviseHolder
OleCreateMenuDescriptor
CoTaskMemFree
CoTaskMemAlloc
oleaut32
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayRedim
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
LoadRegTypeLi
SysStringByteLen
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VariantClear
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarDecFromStr
OleCreateFontIndirect
SysAllocString
SysAllocStringByteLen
SysAllocStringLen
SafeArrayGetElement
VariantInit
RegisterTypeLi
SysStringLen
SysReAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCreate
VariantChangeType
VariantCopy
LoadTypeLi
SafeArrayUnaccessData
SysFreeString
oledlg
ord8
ws2_32
sendto
socket
WSAStartup
WSACleanup
select
send
recvfrom
recv
ntohs
inet_ntoa
inet_addr
htons
htonl
getsockname
getpeername
connect
closesocket
bind
accept
WSAAsyncSelect
version
GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA
oleacc
AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject
wininet
GopherFindFirstFileA
GopherCreateLocatorA
FtpCommandA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
FtpCreateDirectoryA
FtpOpenFileA
FtpRenameFileA
FtpDeleteFileA
FtpPutFileA
FtpGetFileA
FtpFindFirstFileA
InternetSetStatusCallback
InternetGetLastResponseInfoA
GopherOpenFileA
InternetFindNextFileA
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetOpenUrlA
InternetConnectA
InternetCloseHandle
InternetOpenA
HttpSendRequestA
InternetCrackUrlA
InternetQueryOptionA
InternetErrorDlg
InternetGetCookieA
InternetCanonicalizeUrlA
GopherGetAttributeA
HttpOpenRequestA
InternetSetOptionExA
HttpAddRequestHeadersA
InternetSetCookieA
HttpQueryInfoA
HttpEndRequestA
HttpSendRequestExA
gdiplus
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipCloneImage
GdipCreateBitmapFromFile
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImagePaletteSize
GdipGetImageHeight
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImageWidth
imm32
ImmReleaseContext
ImmGetContext
ImmGetOpenStatus
Sections
.text Size: 2.9MB - Virtual size: 2.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 762KB - Virtual size: 762KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 72KB - Virtual size: 488KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 851KB - Virtual size: 850KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ