c:\Temp\M_ShellE\MSEReg\Release.141\Win32\MSEReg.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-07-23_316f3d258d635cf158f6b8015c0d66e7_icedid.exe
Resource
win7-20240705-en
windows7-x64
4 signatures
150 seconds
Behavioral task
behavioral2
Sample
2024-07-23_316f3d258d635cf158f6b8015c0d66e7_icedid.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
2024-07-23_316f3d258d635cf158f6b8015c0d66e7_icedid
-
Size
3.7MB
-
MD5
316f3d258d635cf158f6b8015c0d66e7
-
SHA1
711e7d67dd6ce8ad402405e0206ef9b555eed50d
-
SHA256
3683ce3fbf4b4e0ab77fa37c5ff246d2344d186a0c02e3971ba265349809788a
-
SHA512
7d1db9c5ef7cfb460bb38785d35cb2a9474c22ca4c082470e880044bcbf60f4fb2a6d3005786dd9c6086a12b40c70f2486926b544d61baae774f18a37f312024
-
SSDEEP
98304:KFppSqN0L83askRXKVcYNyF9AjJMNh8Rhq:220mpXOX82MNh8z
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-07-23_316f3d258d635cf158f6b8015c0d66e7_icedid
Files
-
2024-07-23_316f3d258d635cf158f6b8015c0d66e7_icedid.exe windows:5 windows x86 arch:x86
447f1c427d776d08b2347da24dec0252
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
gdiplus
GdipCreateFromHDC
GdipDeleteGraphics
GdipCreateLineBrushI
GdipFillRectangle
GdipFillRectangleI
GdipFillPie
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdiplusShutdown
GdipSetSmoothingMode
GdipFree
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipDrawImageRectI
GdipGetImageWidth
GdipAlloc
kernel32
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetConsoleMode
GetConsoleCP
ExitProcess
GetModuleFileNameA
GetStdHandle
QueryPerformanceFrequency
VirtualQuery
VirtualAlloc
SetStdHandle
HeapQueryInformation
TerminateProcess
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetFullPathNameA
PeekNamedPipe
GetFileType
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetCPInfo
SwitchToThread
GetStringTypeW
OutputDebugStringW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ResetEvent
LocalUnlock
LocalLock
ReplaceFileW
GetTempFileNameW
SearchPathW
GetProfileIntW
FindResourceExW
lstrcpyW
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
SetErrorMode
GlobalFlags
GetAtomNameW
GlobalGetAtomNameW
WaitForSingleObjectEx
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
CompareStringA
GetCurrentThread
GetVersionExW
ResumeThread
SuspendThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
FreeResource
GetCurrentThreadId
EncodePointer
lstrcmpA
FindNextFileW
SystemTimeToFileTime
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
SetFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
GetThreadLocale
GetStringTypeExW
MoveFileW
lstrcmpiW
LoadLibraryA
LoadLibraryExW
GetModuleHandleA
DuplicateHandle
OutputDebugStringA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
DeleteFileW
CreateFileW
GetCurrentProcessId
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
SetLastError
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
DecodePointer
GetCurrentProcess
GetUserDefaultLCID
LCMapStringW
WideCharToMultiByte
MultiByteToWideChar
GetACP
VerifyVersionInfoW
GetComputerNameW
GetVolumeInformationW
CopyFileW
GetFileAttributesW
SetFileAttributesW
RemoveDirectoryW
CreateDirectoryW
GetDiskFreeSpaceW
GetCurrentDirectoryW
GetWindowsDirectoryW
GetTempPathW
GetSystemDirectoryW
GetDriveTypeW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
FindResourceW
CreateProcessW
GetModuleHandleW
GetModuleFileNameW
LoadLibraryW
CreateMutexW
lstrlenW
GetTickCount
GetSystemInfo
CloseHandle
GetLogicalDrives
SizeofResource
LoadResource
Sleep
GetLastError
OpenProcess
GetLongPathNameW
GetShortPathNameW
GlobalMemoryStatusEx
GetProcAddress
FreeLibrary
LockResource
VerSetConditionMask
ReadConsoleW
SetFilePointerEx
GetDateFormatW
GetTimeFormatW
WriteConsoleW
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
SetCurrentDirectoryW
FindFirstFileExA
FindFirstFileExW
FindNextFileA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetConsoleCtrlHandler
GetCommandLineW
user32
KillTimer
SetTimer
GetAsyncKeyState
CopyImage
RealChildWindowFromPoint
LoadCursorW
GetSysColorBrush
NotifyWinEvent
DrawFocusRect
SendDlgItemMessageA
GetMenuItemInfoW
DestroyMenu
MapDialogRect
SetWindowContextHelpId
SetCursor
ShowOwnedPopups
PostQuitMessage
LoadMenuW
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetTabbedTextExtentW
IsZoomed
GetCursorPos
GetActiveWindow
TranslateMessage
GetMessageW
IsDialogMessageW
SetWindowTextW
ScrollWindowEx
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExW
GetWindow
GetTopWindow
GetClassLongW
SetWindowLongW
PtInRect
EqualRect
MapWindowPoints
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
GetForegroundWindow
WindowFromPoint
UpdateWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
RegisterClipboardFormatW
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
DispatchMessageW
RegisterWindowMessageW
IntersectRect
UnhookWindowsHookEx
CharUpperW
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongW
MessageBoxW
IsWindowEnabled
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
RemoveMenu
DestroyCursor
GetWindowRgn
WindowFromDC
CreateMenu
GetSysColor
FillRect
CopyRect
InflateRect
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
UnregisterClassW
GetWindowTextLengthW
AppendMenuW
GetSystemMenu
EnableWindow
PostMessageW
SystemParametersInfoW
DrawIconEx
DestroyIcon
LoadIconW
BringWindowToTop
ReleaseCapture
LoadAcceleratorsW
TranslateAcceleratorW
CreatePopupMenu
InsertMenuItemW
LoadImageW
GetMenuBarInfo
UnpackDDElParam
ReuseDDElParam
GetDialogBaseUnits
DeleteMenu
WaitMessage
SetCapture
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
TrackMouseEvent
SetParent
GetKeyNameTextW
MapVirtualKeyW
UnionRect
SetActiveWindow
InSendMessage
MonitorFromRect
SendNotifyMessageW
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
EnumChildWindows
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffW
wsprintfW
PeekMessageW
SendMessageW
IsWindow
IsWindowVisible
IsIconic
GetSystemMetrics
DrawIcon
SetForegroundWindow
GetDC
ReleaseDC
InvalidateRect
GetWindowTextW
GetClientRect
GetWindowRect
MessageBeep
SetRect
SetRectEmpty
OffsetRect
IsRectEmpty
GetDesktopWindow
FindWindowW
EnumWindows
GetClassNameW
LoadBitmapW
ModifyMenuW
GetDoubleClickTime
SetMenuDefaultItem
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
GetMenuDefaultItem
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
PostThreadMessageW
LockWindowUpdate
GetDCEx
FrameRect
CopyIcon
SetCursorPos
DrawFrameControl
DrawEdge
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetWindowRgn
SetClassLongW
EnumDisplayMonitors
SetLayeredWindowAttributes
InvertRect
HideCaret
EnableScrollBar
GetDlgCtrlID
GetIconInfo
gdi32
GetEnhMetaFileW
GetEnhMetaFileHeader
PlayEnhMetaFile
GetTextMetricsW
GetObjectW
CopyMetaFileW
CreateDCW
CreateBitmap
CreateDIBPatternBrushPt
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
Escape
ExcludeClipRect
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextColor
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocW
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
TextOutW
DeleteEnhMetaFile
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateRectRgnIndirect
GetMapMode
PatBlt
SetRectRgn
DPtoLP
GetTextExtentPoint32W
GetTextAlign
GetBkColor
GetTextColor
GetRgnBox
EnumFontFamiliesExW
CreateFontW
GetCharWidthW
StretchDIBits
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
CreatePolygonRgn
Polyline
CreateRoundRectRgn
LPtoDP
OffsetRgn
GetCurrentObject
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextFaceW
CloseEnhMetaFile
Rectangle
GetStockObject
GetMetaFileW
GetDeviceCaps
DeleteMetaFile
CreateMetaFileW
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
CloseMetaFile
BitBlt
Polygon
RoundRect
ExtTextOutW
CreateEnhMetaFileW
Ellipse
msimg32
AlphaBlend
TransparentBlt
winspool.drv
ClosePrinter
DocumentPropertiesW
OpenPrinterW
GetJobW
advapi32
SetFileSecurityW
GetFileSecurityW
RegQueryValueW
RegEnumKeyW
RegSetValueW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
GetUserNameW
shell32
SHGetFileInfoW
SHGetMalloc
SHGetPathFromIDListW
SHGetFolderPathW
SHBrowseForFolderW
SHGetDesktopFolder
DragQueryFileW
DragFinish
SHAddToRecentDocs
ShellExecuteExW
SHAppBarMessage
SHGetSpecialFolderLocation
ExtractIconW
ShellExecuteW
shlwapi
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathRemoveFileSpecW
UrlUnescapeW
StrFormatKBSizeW
PathRemoveExtensionW
PathStripToRootW
uxtheme
GetCurrentThemeName
GetThemeColor
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
GetWindowTheme
IsAppThemed
GetThemePartSize
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeText
GetThemeSysColor
ole32
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleCreateLinkFromData
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
StringFromGUID2
OleCreateFromData
OleCreate
CreateItemMoniker
CreateGenericComposite
GetHGlobalFromILockBytes
OleSetClipboard
WriteClassStm
OleRegEnumVerbs
OleRegGetMiscStatus
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateFileMoniker
StgIsStorageFile
StgOpenStorage
OleCreateLinkToFile
OleLockRunning
OleSetMenuDescriptor
PropVariantCopy
RevokeDragDrop
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateGuid
CoCreateInstance
CoInitializeEx
CoUninitialize
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
OleQueryCreateFromData
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoRegisterMessageFilter
StgCreateDocfile
OleIsCurrentClipboard
OleFlushClipboard
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleRun
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleQueryLinkFromData
CoGetMalloc
CreateStreamOnHGlobal
CoRegisterClassObject
CoRevokeClassObject
OleCreateStaticFromData
OleIsRunning
oleaut32
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayGetElemsize
VariantCopy
VarDateFromStr
VarCyFromStr
VarBstrFromCy
SafeArrayDestroyDescriptor
VarBstrFromDec
VarDecFromStr
OleCreateFontIndirect
SafeArrayCreate
SafeArrayAllocData
SafeArrayGetDim
SafeArrayRedim
SafeArrayDestroy
SafeArrayPtrOfIndex
SystemTimeToVariantTime
SysStringLen
SysReAllocStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
SysAllocString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SafeArrayAllocDescriptor
SafeArrayDestroyData
VarBstrFromDate
SysFreeString
SysStringByteLen
VariantTimeToSystemTime
oledlg
OleUIBusyW
mpr
WNetGetConnectionW
oleacc
AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject
wininet
InternetErrorDlg
InternetGetCookieW
InternetSetCookieW
HttpQueryInfoW
HttpEndRequestW
HttpSendRequestExW
HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
GopherGetAttributeW
GopherOpenFileW
GopherFindFirstFileW
GopherCreateLocatorW
FtpCommandW
FtpGetCurrentDirectoryW
FtpSetCurrentDirectoryW
FtpRemoveDirectoryW
FtpCreateDirectoryW
FtpOpenFileW
FtpRenameFileW
FtpDeleteFileW
FtpPutFileW
FtpGetFileW
FtpFindFirstFileW
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetSetOptionW
InternetQueryOptionW
InternetFindNextFileW
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetOpenUrlW
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetCanonicalizeUrlW
InternetCrackUrlW
imm32
ImmReleaseContext
ImmGetOpenStatus
ImmGetContext
winmm
PlaySoundW
Sections
.text Size: 3.0MB - Virtual size: 3.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 676KB - Virtual size: 675KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 39KB - Virtual size: 63KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ