2024-09-13_fe0af5bd967e3b2b357443edd3cec5bb_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-09-13_fe0af5bd967e3b2b357443edd3cec5bb_icedid
Size

1.6MB
MD5

fe0af5bd967e3b2b357443edd3cec5bb
SHA1

60d5ba2e5e9159ede348f5c596555495641ae518
SHA256

c0605642497bc9182cc5a389fb1f9fb11cdd0c7e91fd1d30c219e4297073abd4
SHA512

dbf434f291165435e00eee6be42534954979b1d02489d6d2b08b2669ef956df68da54a568ad40b04a9d6a4d35b2858a0a0262d4fd257392fb6286c470813ba51
SSDEEP

49152:tax/5WWEDmwdmntUNltc4OtimFlf+mVYBvWa/DaPKH+NrfcmtuifX+MzADtBP4Ag:m/oWymwdeUNltcT3Flf+mV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-13_fe0af5bd967e3b2b357443edd3cec5bb_icedid

Files

2024-09-13_fe0af5bd967e3b2b357443edd3cec5bb_icedid
.exe windows:5 windows x86 arch:x86

daba65751c7a1011ee35f25356b1c40e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

N:\Core\Source\ComTaskMaster\ReleaseStaticUnicode\CTskMstr.pdb

Imports

kernel32

InterlockedIncrement
MultiByteToWideChar
FindResourceW
GetCommandLineW
GetModuleHandleW
GetModuleFileNameW
LoadLibraryExW
CreateEventW
lstrcmpiW
CloseHandle
SizeofResource
LoadResource
Sleep
WaitForSingleObject
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetLastError
GetCurrentThreadId
GetCurrentThread
CreateThread
RaiseException
GetCurrentProcess
GetProcAddress
FreeLibrary
LockResource
MoveFileExW
GetLocalTime
lstrlenW
SetEnvironmentVariableA
WriteConsoleW
LCMapStringW
OutputDebugStringW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
GetStringTypeW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
GetProcessHeap
GetStdHandle
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
GetModuleHandleExW
ExitProcess
HeapQueryInformation
HeapSize
ExitThread
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapReAlloc
RtlUnwind
HeapAlloc
HeapFree
IsProcessorFeaturePresent
IsDebuggerPresent
FindResourceExW
VirtualProtect
SearchPathW
GetProfileIntW
GetTickCount
InterlockedCompareExchange
InterlockedExchange
InterlockedDecrement
DecodePointer
GetTempPathW
GetTempFileNameW
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
lstrcpyW
GetCurrentDirectoryW
SetLastError
WideCharToMultiByte
lstrcmpA
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalAlloc
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
LocalAlloc
LocalReAlloc
LocalFree
GetCurrentProcessId
GlobalSize
MulDiv
FormatMessageW
CopyFileW
GlobalGetAtomNameW
FileTimeToSystemTime
GetFileAttributesW
OutputDebugStringA
GetVersion
GetModuleHandleA
LoadLibraryW
CreateFileW
FindClose
FindFirstFileW
FlushFileBuffers
GetFileSize
GetFullPathNameW
GetVolumeInformationW
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
LoadLibraryA
FileTimeToLocalFileTime
GetFileAttributesExW
GetFileSizeEx
GetFileTime
SetFileAttributesW
EncodePointer
GetSystemDirectoryW
FreeResource
GlobalDeleteAtom
lstrcmpW
GlobalAddAtomW
GlobalFindAtomW
SetThreadPriority
ResumeThread
GlobalFlags
GetVersionExW
CompareStringW
GetUserDefaultUILanguage

user32

PostMessageW
WaitMessage
SetTimer
KillTimer
EnableWindow
SendMessageW
IsWindowEnabled
GetWindowLongW
GetParent
GetWindowThreadProcessId
GetLastActivePopup
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
GetWindowTextW
GetWindowTextLengthW
GetSystemMetrics
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetDC
GetWindowDC
ReleaseDC
BeginPaint
EndPaint
ClientToScreen
ScreenToClient
GetSysColor
FillRect
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
RegisterWindowMessageW
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
IsWindow
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
GetDlgItem
GetDlgCtrlID
SetFocus
GetKeyState
GetCapture
GetMenu
SetMenu
TrackPopupMenu
UpdateWindow
SetActiveWindow
GetForegroundWindow
SetForegroundWindow
ValidateRect
RedrawWindow
ScrollWindow
PeekMessageW
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropW
GetPropW
RemovePropW
GetClientRect
GetWindowRect
AdjustWindowRectEx
MapWindowPoints
CopyRect
EqualRect
PtInRect
SetWindowLongW
GetClassLongW
GetClassNameW
GetTopWindow
GetWindow
SetWindowsHookExW
CallNextHookEx
LoadIconW
SetScrollInfo
GetScrollInfo
WinHelpW
MonitorFromWindow
GetMonitorInfoW
ShowWindow
UnhookWindowsHookEx
CheckDlgButton
SetWindowTextW
IsDialogMessageW
GetActiveWindow
GetCursorPos
GetSysColorBrush
LoadCursorW
GetDesktopWindow
RealChildWindowFromPoint
InflateRect
IntersectRect
DestroyMenu
GetMenuItemInfoW
SystemParametersInfoW
CopyImage
SendDlgItemMessageA
PostQuitMessage
DestroyIcon
ShowOwnedPopups
SetCursor
DeleteMenu
InvalidateRect
IsIconic
GetNextDlgGroupItem
SetCapture
ReleaseCapture
WindowFromPoint
DrawFocusRect
SetRectEmpty
OffsetRect
IsRectEmpty
LoadImageW
DrawIconEx
GetIconInfo
GetNextDlgTabItem
MessageBeep
GetAsyncKeyState
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
MapVirtualKeyW
CreateDialogIndirectParamW
EndDialog
LoadMenuW
SetLayeredWindowAttributes
EnumDisplayMonitors
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateW
DrawEdge
DrawFrameControl
SetWindowRgn
UnionRect
IsMenu
UpdateLayeredWindow
MonitorFromPoint
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
GetKeyNameTextW
TrackMouseEvent
GetComboBoxInfo
IsZoomed
GetSystemMenu
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
SetCursorPos
SetRect
SetParent
LockWindowUpdate
SetClassLongW
GetDoubleClickTime
CopyIcon
SetMenuDefaultItem
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
FrameRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsClipboardFormatAvailable
GetUpdateRect
SubtractRect
CreateMenu
MapDialogRect
DestroyCursor
GetWindowRgn
DrawIcon
LoadStringW
MessageBoxW
CharNextW
CharUpperW
MoveWindow
PostThreadMessageW
DispatchMessageW
TranslateMessage
GetMessageW
SetScrollPos

advapi32

GetLengthSid
ChangeServiceConfigW
LockServiceDatabase
UnlockServiceDatabase
TraceEvent
StartServiceCtrlDispatcherW
SetServiceStatus
RegisterServiceCtrlHandlerW
OpenServiceW
OpenSCManagerW
DeleteService
CloseEventLog
DeregisterEventSource
RegisterEventSourceW
ReportEventW
OpenProcessToken
OpenThreadToken
GetTokenInformation
IsValidSid
CopySid
InitializeSecurityDescriptor
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
CloseServiceHandle
ControlService
CreateServiceW

ole32

CoRevokeClassObject
CoResumeClassObjects
CoAddRefServerProcess
CoReleaseServerProcess
CoInitializeSecurity
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
StringFromGUID2
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
OleRun
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
CoInitialize
ReleaseStgMedium
OleDuplicateData
CoRegisterClassObject
CoInitializeEx
CoUninitialize

oleaut32

RegisterTypeLi
UnRegisterTypeLi
LoadRegTypeLi
LoadTypeLi
VarUI4FromStr
SystemTimeToVariantTime
SysFreeString
VariantTimeToSystemTime
SysAllocString
CreateErrorInfo
SetErrorInfo
GetErrorInfo
VariantInit
VarBstrFromDate
VariantChangeType
VariantClear
SysAllocStringLen
SysStringLen

gdi32

RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceW
OffsetRgn
CreateRoundRectRgn
GetObjectW
CopyMetaFileW
CreateDCW
GetDeviceCaps
BitBlt
CreateBitmap
CreateCompatibleDC
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetRgnBox
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateFontIndirectW
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextExtentPoint32W
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
GetTextMetricsW
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

uxtheme

DrawThemeParentBackground
OpenThemeData
CloseThemeData
GetThemePartSize
GetWindowTheme
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
DrawThemeText

wsock32

WSAStartup
WSACleanup
WSASetLastError

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

gdiplus

GdipFree
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipAlloc
GdipDrawImageRectI

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

rpcrt4

UuidToStringW
RpcStringFreeW

shell32

SHAppBarMessage
SHBrowseForFolderW
DragFinish
DragQueryFileW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteW
SHGetFileInfoW

shlwapi

PathRemoveFileSpecW
StrFormatKBSizeW
PathFindFileNameW
PathFindExtensionW
PathIsUNCW
PathStripToRootW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 325KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

daba65751c7a1011ee35f25356b1c40e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

ole32

oleaut32

gdi32

msimg32

winspool.drv

uxtheme

wsock32

oleacc

gdiplus

imm32

winmm

rpcrt4

shell32

shlwapi

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 325KB - Virtual size: 324KB

.data Size: 25KB - Virtual size: 56KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 325KB - Virtual size: 324KB

.data
Size: 25KB - Virtual size: 56KB

.rsrc
Size: 8KB - Virtual size: 8KB