c:\Temp\M_ShellE\MSEReg\Release.143\Win32\MSEReg.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-08-18_fc84e84bbdfb20bfaf6c304b60bcc079_icedid.exe
Resource
win7-20240729-en
windows7-x64
5 signatures
150 seconds
Behavioral task
behavioral2
Sample
2024-08-18_fc84e84bbdfb20bfaf6c304b60bcc079_icedid.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
4 signatures
150 seconds
General
-
Target
2024-08-18_fc84e84bbdfb20bfaf6c304b60bcc079_icedid
-
Size
3.9MB
-
MD5
fc84e84bbdfb20bfaf6c304b60bcc079
-
SHA1
d128177b39fbf14d6a42c84b988ee3e3147928f4
-
SHA256
570ea1a2a79b1ab3e293070a0eb6986c5a4fcb7cc4a43e4f6ecbfc7f89b3857b
-
SHA512
d0ff6b1f4a5e2891865b5a7751bc6797f7976f92e2f2f5d8bb5eb2b6404b10db46a69e509dc0c2a104dc7f4b41aee9584cec95b4c155f4a5c9a6d602d5a5d1f9
-
SSDEEP
98304:5O5B1w2M/j/0HD00SnaqjctM7TLtf22WUAaGmj:AT1MKDiXLc2WUAa
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-08-18_fc84e84bbdfb20bfaf6c304b60bcc079_icedid
Files
-
2024-08-18_fc84e84bbdfb20bfaf6c304b60bcc079_icedid.exe windows:6 windows x86 arch:x86
379479747fdff8be695ce6a175cc7d15
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
gdiplus
GdipCreateFromHDC
GdipDeleteGraphics
GdipCreateLineBrushI
GdipFillRectangle
GdipFillRectangleI
GdipFillPie
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdiplusShutdown
GdipSetSmoothingMode
GdipFree
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipDrawImageRectI
GdipGetImageWidth
GdipAlloc
kernel32
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetStdHandle
QueryPerformanceFrequency
VirtualQuery
VirtualAlloc
SetStdHandle
HeapQueryInformation
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
UnhandledExceptionFilter
ExitThread
CreateThread
PeekNamedPipe
GetFileInformationByHandle
GetFileType
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetCPInfo
CompareStringEx
LCMapStringEx
GetLocaleInfoEx
GetStringTypeW
FormatMessageA
RaiseException
OutputDebugStringW
SetUnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
ReleaseSRWLockExclusive
LocalUnlock
LocalLock
ReplaceFileW
GetTempFileNameW
SearchPathW
GetProfileIntW
GetTickCount64
FindResourceExW
lstrcpyW
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
SetErrorMode
GlobalFlags
GetAtomNameW
AcquireSRWLockExclusive
GlobalGetAtomNameW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
LocalAlloc
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CompareStringA
GetCurrentThread
GetVersionExW
ResumeThread
SuspendThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
GetCurrentThreadId
EncodePointer
lstrcmpA
FindNextFileW
SystemTimeToFileTime
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
SetFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
GetThreadLocale
GetStringTypeExW
MoveFileW
lstrcmpiW
LoadLibraryA
LoadLibraryExW
GetModuleHandleA
DuplicateHandle
OutputDebugStringA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
DeleteFileW
CreateFileW
GetCurrentProcessId
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
SetLastError
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
DecodePointer
GetCurrentProcess
GetUserDefaultLCID
LCMapStringW
GetACP
WideCharToMultiByte
MultiByteToWideChar
VerifyVersionInfoW
GetComputerNameW
CopyFileW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrlenW
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
GetWindowsDirectoryW
GetSystemDirectoryW
GetTickCount
GetSystemInfo
GlobalMemoryStatusEx
OpenProcess
CreateProcessW
Sleep
CreateMutexW
GetLastError
CloseHandle
GetTempPathW
SetFileAttributesW
RemoveDirectoryW
GetVolumeInformationW
GetShortPathNameW
GetLongPathNameW
GetLogicalDrives
GetFileAttributesW
GetDriveTypeW
GetDiskFreeSpaceW
CreateDirectoryW
GetCurrentDirectoryW
VerSetConditionMask
FindResourceW
SizeofResource
LockResource
LoadResource
ExitProcess
GetConsoleOutputCP
GetConsoleMode
GetDateFormatW
GetTimeFormatW
IsValidLocale
WriteConsoleW
EnumSystemLocalesW
ReadConsoleW
SetFilePointerEx
GetTimeZoneInformation
SetCurrentDirectoryW
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetConsoleCtrlHandler
FreeLibraryAndExitThread
user32
BringWindowToTop
WindowFromPoint
KillTimer
SetTimer
GetAsyncKeyState
CopyImage
RealChildWindowFromPoint
LoadCursorW
GetSysColorBrush
NotifyWinEvent
DrawFocusRect
SendDlgItemMessageA
GetMenuItemInfoW
DestroyMenu
MapDialogRect
SetWindowContextHelpId
SetCursor
ShowOwnedPopups
PostQuitMessage
LoadMenuW
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetTabbedTextExtentW
IsZoomed
GetCursorPos
GetActiveWindow
TranslateMessage
GetMessageW
IsDialogMessageW
SetWindowTextW
ScrollWindowEx
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExW
GetWindow
GetTopWindow
GetClassLongW
SetWindowLongW
PtInRect
EqualRect
MapWindowPoints
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
ReleaseCapture
SetActiveWindow
UpdateWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
GetWindowRgn
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
DispatchMessageW
RegisterWindowMessageW
IntersectRect
UnhookWindowsHookEx
CharUpperW
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongW
MessageBoxW
IsWindowEnabled
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
RemoveMenu
WindowFromDC
CreateMenu
InSendMessage
MonitorFromRect
GetSysColor
FillRect
CopyRect
InflateRect
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
UnregisterClassW
GetWindowTextLengthW
AppendMenuW
GetSystemMenu
EnableWindow
PostMessageW
SystemParametersInfoW
DrawIconEx
DestroyIcon
LoadIconW
LoadAcceleratorsW
TranslateAcceleratorW
CreatePopupMenu
InsertMenuItemW
LoadImageW
GetMenuBarInfo
UnpackDDElParam
ReuseDDElParam
GetDialogBaseUnits
DeleteMenu
WaitMessage
SetCapture
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
TrackMouseEvent
SetParent
GetKeyNameTextW
MapVirtualKeyW
UnionRect
GetMenuDefaultItem
RegisterClipboardFormatW
GetForegroundWindow
SendNotifyMessageW
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
EnumChildWindows
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffW
ModifyMenuW
GetDoubleClickTime
wsprintfW
PeekMessageW
SendMessageW
IsWindow
IsWindowVisible
IsIconic
GetSystemMetrics
DrawIcon
SetForegroundWindow
GetDC
ReleaseDC
InvalidateRect
GetWindowTextW
GetClientRect
GetWindowRect
MessageBeep
SetRect
SetRectEmpty
OffsetRect
IsRectEmpty
GetDesktopWindow
FindWindowW
EnumWindows
GetClassNameW
LoadBitmapW
SetMenuDefaultItem
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
DestroyCursor
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
PostThreadMessageW
LockWindowUpdate
GetDCEx
FrameRect
CopyIcon
SetCursorPos
DrawFrameControl
DrawEdge
SetWindowRgn
SetClassLongW
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
InvertRect
HideCaret
EnableScrollBar
SetFocus
GetIconInfo
gdi32
GetEnhMetaFileW
GetEnhMetaFileHeader
PlayEnhMetaFile
GetTextMetricsW
GetObjectW
CopyMetaFileW
CreateDCW
CreateBitmap
CreateDIBPatternBrushPt
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
Escape
ExcludeClipRect
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextColor
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocW
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
TextOutW
DeleteEnhMetaFile
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateRectRgnIndirect
GetMapMode
PatBlt
SetRectRgn
DPtoLP
GetTextExtentPoint32W
GetTextAlign
GetBkColor
GetTextColor
GetRgnBox
EnumFontFamiliesExW
CreateFontW
GetCharWidthW
StretchDIBits
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
CreatePolygonRgn
Polyline
CreateRoundRectRgn
LPtoDP
OffsetRgn
GetCurrentObject
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextFaceW
CreateEnhMetaFileW
CloseEnhMetaFile
GetStockObject
GetMetaFileW
GetDeviceCaps
DeleteMetaFile
CreateMetaFileW
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
CloseMetaFile
BitBlt
Polygon
RoundRect
ExtTextOutW
Rectangle
Ellipse
msimg32
AlphaBlend
TransparentBlt
winspool.drv
ClosePrinter
DocumentPropertiesW
OpenPrinterW
GetJobW
advapi32
SetFileSecurityW
GetFileSecurityW
RegQueryValueW
RegEnumKeyW
RegSetValueW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
GetUserNameW
shell32
SHGetFileInfoW
SHGetMalloc
SHGetPathFromIDListW
SHGetFolderPathW
SHBrowseForFolderW
SHGetDesktopFolder
DragQueryFileW
DragFinish
SHAddToRecentDocs
ShellExecuteExW
SHAppBarMessage
SHGetSpecialFolderLocation
ExtractIconW
ShellExecuteW
shlwapi
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathRemoveFileSpecW
UrlUnescapeW
StrFormatKBSizeW
PathRemoveExtensionW
PathStripToRootW
uxtheme
GetCurrentThemeName
GetThemeColor
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
GetWindowTheme
IsAppThemed
GetThemePartSize
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeText
GetThemeSysColor
ole32
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
CreateDataAdviseHolder
CoGetMalloc
OleQueryCreateFromData
OleCreateLinkFromData
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
StringFromGUID2
OleCreateFromData
OleCreate
CreateItemMoniker
CreateGenericComposite
GetHGlobalFromILockBytes
OleSetClipboard
WriteClassStm
OleRegEnumVerbs
OleRegGetMiscStatus
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateFileMoniker
StgIsStorageFile
StgOpenStorage
OleCreateLinkToFile
OleLockRunning
OleSetMenuDescriptor
PropVariantCopy
RevokeDragDrop
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateGuid
CoCreateInstance
CoInitializeEx
CoUninitialize
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
OleQueryLinkFromData
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoRegisterMessageFilter
StgCreateDocfile
OleIsCurrentClipboard
OleFlushClipboard
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleRun
CoFreeUnusedLibraries
OleIsRunning
GetRunningObjectTable
OleInitialize
OleUninitialize
CreateStreamOnHGlobal
CoRegisterClassObject
CoRevokeClassObject
OleCreateStaticFromData
CreateOleAdviseHolder
oleaut32
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayRedim
SafeArrayCopy
SafeArrayPtrOfIndex
VariantCopy
VarDateFromStr
VarCyFromStr
SafeArrayAllocData
VarBstrFromDate
VarBstrFromDec
VarDecFromStr
OleCreateFontIndirect
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayPutElement
SystemTimeToVariantTime
SysStringLen
SysReAllocStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
SysAllocString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SafeArrayAllocDescriptor
SafeArrayCreate
VarBstrFromCy
SysFreeString
VariantTimeToSystemTime
SysStringByteLen
oledlg
OleUIBusyW
oleacc
AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject
wininet
InternetErrorDlg
InternetGetCookieW
InternetSetCookieW
HttpQueryInfoW
HttpEndRequestW
HttpSendRequestExW
HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
GopherGetAttributeW
GopherOpenFileW
GopherFindFirstFileW
GopherCreateLocatorW
FtpCommandW
FtpGetCurrentDirectoryW
FtpSetCurrentDirectoryW
FtpRemoveDirectoryW
FtpCreateDirectoryW
FtpOpenFileW
FtpRenameFileW
FtpDeleteFileW
FtpPutFileW
FtpGetFileW
FtpFindFirstFileW
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetSetOptionW
InternetQueryOptionW
InternetFindNextFileW
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetOpenUrlW
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetCanonicalizeUrlW
InternetCrackUrlW
imm32
ImmReleaseContext
ImmGetOpenStatus
ImmGetContext
winmm
PlaySoundW
Sections
.text Size: 3.2MB - Virtual size: 3.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 675KB - Virtual size: 674KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 39KB - Virtual size: 63KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ