2024-08-10_f83ba878d6bb57a8100f0a58a42c5f94_bkransomware_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-10_f83ba878d6bb57a8100f0a58a42c5f94_bkransomware_icedid
Size

1.9MB
MD5

f83ba878d6bb57a8100f0a58a42c5f94
SHA1

99f524a6dcca689a3110f579be7b7ae981b61069
SHA256

a65828c8faccb1922d0a43011121fe4c734b1387f2a8e34d80729b5446a147ff
SHA512

299ca7f0b8ceae909cae423aa4198059abbbc3470c2dbfff88af94f630b5c76d96d123e543a44111bbd9fb79f00dca01a5adcae449a468afadc27195c2a7d3d4
SSDEEP

49152:74y0vpHYdQGqGHTxKEjJQCnY2Uqmes7vFSbxZf6gGqmppDes:743pHYdBqOxKEjOC5mes7vFSbx56gGq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-10_f83ba878d6bb57a8100f0a58a42c5f94_bkransomware_icedid

Files

2024-08-10_f83ba878d6bb57a8100f0a58a42c5f94_bkransomware_icedid
.exe windows:5 windows x86 arch:x86

0b499e5ed3fa795ff875939a801f6822

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\workspace\19\fpm\svn\Release\OfficeFPM.pdb

Imports

kernel32

GetTimeZoneInformation
GetStdHandle
GetStringTypeW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetDriveTypeW
GetConsoleCP
GetConsoleMode
ReadConsoleW
IsValidCodePage
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
OutputDebugStringW
GetCurrentDirectoryW
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
ExitThread
CreateThread
HeapQueryInformation
GetFileType
SetStdHandle
RtlUnwind
VirtualQuery
VirtualAlloc
GetSystemInfo
GetCommandLineA
GetFileAttributesA
GetModuleHandleExW
ExitProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathA
GetProfileIntA
GetTickCount
Sleep
GetTempFileNameA
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
lstrcpyA
GetWindowsDirectoryA
GetACP
GetCPInfo
GetOEMCP
GetUserDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryA
GlobalFindAtomA
FindResourceA
lstrcmpW
FreeResource
GetSystemDirectoryW
EncodePointer
GlobalDeleteAtom
LoadLibraryExW
GetVersionExA
SetThreadPriority
GetCurrentThreadId
GlobalFlags
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
UnhandledExceptionFilter
FreeLibrary
GlobalAddAtomA
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GlobalGetAtomNameA
lstrcmpA
GetCurrentProcessId
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CompareStringA
GetVolumeInformationA
MoveFileA
LoadLibraryW
LoadLibraryA
lstrcmpiA
GetModuleHandleW
GetModuleFileNameW
GetCurrentProcess
DuplicateHandle
OutputDebugStringA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
CreateFileA
FileTimeToSystemTime
GetProcAddress
GetModuleHandleA
FindNextFileA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
SetLastError
MultiByteToWideChar
CopyFileA
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
DecodePointer
HeapSize
RaiseException
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
GetPrivateProfileStringA
WaitForSingleObject
ResumeThread
TerminateProcess
AssignProcessToJobObject
CreateProcessA
SetInformationJobObject
CloseHandle
QueryInformationJobObject
CreateJobObjectA
FormatMessageA
GetLastError
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetModuleFileNameA
CreateDirectoryA
SetFilePointerEx

user32

GetWindowRgn
DrawIcon
SetRect
SetCursorPos
CopyAcceleratorTableA
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
WaitMessage
PostThreadMessageA
GetSystemMenu
IsZoomed
GetComboBoxInfo
LoadMenuW
TrackMouseEvent
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
MonitorFromPoint
UpdateLayeredWindow
IsMenu
UnionRect
SetWindowRgn
DrawFrameControl
DrawEdge
LoadImageW
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
GetKeyNameTextA
MapVirtualKeyA
NotifyWinEvent
LoadCursorW
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
MessageBeep
GetIconInfo
DrawIconEx
LoadImageA
IsRectEmpty
OffsetRect
SetRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
GetMenuDefaultItem
CreatePopupMenu
GetMenuItemInfoA
DestroyMenu
GetNextDlgTabItem
CreateDialogIndirectParamA
InvalidateRect
KillTimer
SetTimer
DeleteMenu
SetCursor
ShowOwnedPopups
SystemParametersInfoA
CopyImage
IntersectRect
InflateRect
GetMonitorInfoA
MonitorFromWindow
DestroyCursor
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
GetTopWindow
GetClassLongA
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetClientRect
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
SetForegroundWindow
IsIconic
PostQuitMessage
PostMessageA
FillRect
ScreenToClient
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
IsDialogMessageA
SetWindowLongA
SendDlgItemMessageA
CheckDlgButton
GetDlgItem
SetWindowPos
MoveWindow
ShowWindow
IsWindow
GetScrollPos
SetScrollPos
SetFocus
CallNextHookEx
SetWindowsHookExA
GetCursorPos
ValidateRect
GetKeyState
MapDialogRect
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
FrameRect
CharUpperBuffA
RegisterClipboardFormatA
ModifyMenuA
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
SetClassLongA
LockWindowUpdate
WinHelpA
SetParent
GetActiveWindow
IsWindowVisible
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
RealChildWindowFromPoint
GetWindow
GetClassNameA
GetDesktopWindow
PtInRect
ClientToScreen
GetWindowRect
SetWindowTextA
GetFocus
GetDlgCtrlID
DestroyIcon
GetWindowTextLengthA
GetWindowTextA
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongA
MessageBoxA
IsWindowEnabled
EnableWindow
SendMessageA
LoadCursorA
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
UnhookWindowsHookEx
GetSystemMetrics
CharUpperA
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
EndDialog

gdi32

SetTextAlign
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateFontIndirectA
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextExtentPoint32A
GetTextMetricsA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
ExtTextOutA
EnumFontFamiliesExA
GetRgnBox
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceA
SetTextColor
SetROP2
TextOutA
MoveToEx
GetObjectA
Rectangle
CopyMetaFileA
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
CreateBitmap
BitBlt
DeleteObject
GetDeviceCaps
CreateDCA

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

DragQueryFileA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHAppBarMessage
DragFinish
SHChangeNotify
SHBrowseForFolderA
ShellExecuteA
SHGetDesktopFolder

shlwapi

PathStripToRootA
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathIsUNCA
StrFormatKBSizeA

uxtheme

DrawThemeParentBackground
GetThemePartSize
GetWindowTheme
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeText

ole32

CoInitializeEx
CoInitialize
CoUninitialize
CoCreateInstance
CoDisconnectObject
CreateStreamOnHGlobal
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
DoDragDrop
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
ReleaseStgMedium

oleaut32

SysFreeString
SysAllocString
VariantInit
VarBstrFromDate
VariantChangeType
VariantCopy
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringLen
SysStringLen
LoadTypeLi
SysAllocStringByteLen

pthreadvc2

pthread_attr_setstacksize
pthread_attr_init
pthread_create
pthread_join

ws2_32

htons
socket
WSAGetLastError
WSACleanup
setsockopt
inet_addr
WSAStartup
bind
closesocket
listen

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCreateBitmapFromStream

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 310KB - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 181KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0b499e5ed3fa795ff875939a801f6822

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

pthreadvc2

ws2_32

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 310KB - Virtual size: 309KB

.data Size: 24KB - Virtual size: 62KB

.rsrc Size: 68KB - Virtual size: 68KB

.reloc Size: 181KB - Virtual size: 184KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 310KB - Virtual size: 309KB

.data
Size: 24KB - Virtual size: 62KB

.rsrc
Size: 68KB - Virtual size: 68KB

.reloc
Size: 181KB - Virtual size: 184KB