2024-08-20_816e57ed15f0489321428ab04f8cf45c_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-20_816e57ed15f0489321428ab04f8cf45c_icedid
Size

1.9MB
MD5

816e57ed15f0489321428ab04f8cf45c
SHA1

43d173a8e133399e1634fafae604a80bbaa9fc35
SHA256

113bdfa2f75895a111bdf65001944a3e409d6c6cebf8c52b5ce6dbcf89cd2772
SHA512

88eeb5229f9fcce62f0b3d5454599f196b2c75e97a989fa5f8be681640e72cdbc94d2c7a51707d8cad9634aaa755a3d6ae6d1197ff1528a23557b7e8632e01c8
SSDEEP

49152:FYvJ/HHk8g2z2fXLL96fPK1qYN6KGCekZMdYLMTMStsP/p7HBWZ:FY/HHkJ24X16fPSqYN6KGCMYQMStsP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-20_816e57ed15f0489321428ab04f8cf45c_icedid

Files

2024-08-20_816e57ed15f0489321428ab04f8cf45c_icedid
.exe windows:5 windows x86 arch:x86

6fe254ba40950ce03b7f83ccb8d6d3dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

R:\program32\SESetActiveVersion.pdb

Imports

msi

ord70
ord158
ord159
ord32
ord45
ord43
ord92
ord129
ord131
ord141
ord119
ord160
ord118
ord115
ord8
ord166

kernel32

LCMapStringW
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
IsProcessorFeaturePresent
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
SetEnvironmentVariableA
InterlockedCompareExchange
IsValidCodePage
GetOEMCP
GetLocaleInfoA
GetACP
InterlockedDecrement
GetCurrentProcess
GetProcAddress
GetModuleHandleW
LocalFree
GetCPInfo
SizeofResource
LockResource
LoadResource
FindResourceW
FindFirstFileW
GetLastError
FindClose
GetCurrentThread
lstrlenW
GetConsoleWindow
MultiByteToWideChar
MulDiv
FormatMessageW
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
CopyFileW
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapSize
HeapQueryInformation
CreateThread
ExitThread
ExitProcess
HeapReAlloc
RaiseException
RtlUnwind
HeapAlloc
GetSystemTimeAsFileTime
HeapFree
DecodePointer
EncodePointer
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
GlobalFree
SetLastError
WideCharToMultiByte
InterlockedExchange
LoadLibraryExW
GetLocaleInfoW
FreeLibrary
lstrcmpW
GetUserDefaultLCID
VirtualProtect
SearchPathW
Sleep
GetProfileIntW
GetNumberFormatW
GetWindowsDirectoryW
GetTickCount
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
GetFileAttributesExW
GetTempPathW
GetTempFileNameW
SetErrorMode
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
lstrcmpiW
DeleteFileW
GlobalFlags
GetSystemDirectoryW
GetCurrentDirectoryW
FileTimeToSystemTime
GetThreadLocale
lstrlenA
GlobalGetAtomNameW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedIncrement
ReleaseActCtx
CreateActCtxW
GlobalFindAtomW
GetVersionExW
CompareStringW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetCurrentProcessId
DeactivateActCtx
GlobalAddAtomW
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcpyW
FreeResource
lstrcmpA
GlobalDeleteAtom
GetCurrentThreadId
GetModuleFileNameW
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
ActivateActCtx
LoadLibraryW

user32

CopyIcon
FrameRect
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetIconInfo
HideCaret
InvertRect
RegisterClipboardFormatW
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
SetClassLongW
DestroyAcceleratorTable
SetParent
UnpackDDElParam
ReuseDDElParam
LoadImageW
LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
GetMenuDefaultItem
SetMenuDefaultItem
CreatePopupMenu
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
IsZoomed
GetAsyncKeyState
NotifyWinEvent
SetWindowRgn
GetSystemMenu
UnregisterClassW
CopyImage
DestroyMenu
GetMenuItemInfoW
InflateRect
CharUpperW
DestroyIcon
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
IntersectRect
SetRect
CopyAcceleratorTableW
OffsetRect
CharNextW
KillTimer
SetTimer
RealChildWindowFromPoint
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoW
SetRectEmpty
DeleteMenu
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
GetSysColorBrush
EndPaint
BeginPaint
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
MapVirtualKeyW
GetKeyNameTextW
ReleaseDC
GetDC
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CharUpperBuffW
CheckDlgButton
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
CopyRect
PtInRect
LoadMenuW
GetClassNameW
InvalidateRect
FillRect
DrawStateW
GetWindowThreadProcessId
GetLastActivePopup
ShowOwnedPopups
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetWindowRgn
DestroyCursor
SubtractRect
MapVirtualKeyExW
IsCharLowerW
GetDoubleClickTime
GetUpdateRect
IsClipboardFormatAvailable
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
CreateMenu
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
PostThreadMessageW
RegisterWindowMessageW
GetWindow
SetWindowContextHelpId
GetParent
MapDialogRect
SetWindowPos
PostQuitMessage
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
GetWindowRect
IsRectEmpty
UpdateWindow
SetCursor
LoadCursorW
DrawIcon
GetSystemMetrics
IsIconic
SendMessageW
GetClientRect
PostMessageW
LoadIconW
EnableWindow
SendMessageTimeoutW
MessageBoxW
GetWindowDC

gdi32

CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
SelectPalette
GetObjectType
CreatePen
CreateHatchBrush
CreateDIBitmap
CreateFontIndirectW
CreateCompatibleBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
GetBkColor
GetTextColor
GetRgnBox
GetTextExtentPoint32W
SetRectRgn
CombineRgn
DPtoLP
CreateRoundRectRgn
CreateDIBSection
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetTextFaceW
SetPixelV
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
PatBlt
CreateRectRgnIndirect
SetBkColor
SetTextColor
GetStockObject
GetObjectW
CreateSolidBrush
DeleteObject
CreateBitmap
CreateDCW
GetMapMode
GetDeviceCaps
CopyMetaFileW

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegSetValueExW
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegOpenKeyExW
RegQueryValueExW
RegDeleteValueW
RegCloseKey
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
OpenThreadToken
RegCreateKeyExW
RegDeleteKeyValueW
RegDeleteKeyExW
RegEnumKeyExW
RegSetKeyValueW

shell32

DragQueryFileW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
SHAppBarMessage
ShellExecuteW
DragFinish
SHGetFileInfoW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
OleUninitialize
CoTaskMemFree
OleRun
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoUninitialize
CoInitialize
CoFreeUnusedLibraries
OleInitialize
CoInitializeEx
CreateStreamOnHGlobal
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoRegisterMessageFilter
CoRevokeClassObject
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard

oleaut32

VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SystemTimeToVariantTime
VariantInit
VariantChangeType
VariantClear
VarBstrFromDate
OleCreateFontIndirect
SysStringByteLen
SysAllocStringLen
SysAllocString
SysStringLen
SysFreeString
SysAllocStringByteLen
GetErrorInfo

oledlg

OleUIBusyW

gdiplus

GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 323KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 26KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 246KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6fe254ba40950ce03b7f83ccb8d6d3dc

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msi

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 323KB - Virtual size: 323KB

.data Size: 26KB - Virtual size: 56KB

.rsrc Size: 53KB - Virtual size: 52KB

.reloc Size: 246KB - Virtual size: 248KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 323KB - Virtual size: 323KB

.data
Size: 26KB - Virtual size: 56KB

.rsrc
Size: 53KB - Virtual size: 52KB

.reloc
Size: 246KB - Virtual size: 248KB