2024-09-29_a130177594e782e5d3bd225c2b891cfb_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-09-29_a130177594e782e5d3bd225c2b891cfb_icedid
Size

2.8MB
MD5

a130177594e782e5d3bd225c2b891cfb
SHA1

0d8df87afd02ae07abb322d755a663d1c4635798
SHA256

c35c0001c554e8eb03379b5e101c6c7e0f01673addc8c09948afab2937418e10
SHA512

891357ff57f307793bf04fb9b80cc58a7fd59f998eadbc2d22c708d36ae72fc73ccf2e16696a0eb2072e207b41f6ed45c3014d65c4e4f2844fbab96aa06e237d
SSDEEP

49152:ebWaWOg0sZApbMPFxGTijwPaD2ljI6OWONelLOpUGGEiILcnZhAM8ZCS+K4LyvzW:eqaWOg0bpYPFxJMPaD2lnVONelfAZCSS

Score

1^/10

Malware Config

Signatures

Files

2024-09-29_a130177594e782e5d3bd225c2b891cfb_icedid
.exe windows:6 windows x86 arch:x86

2dcb234047fbd78c01dfb6bfabda5f1b

Code Sign

61:36:76:7a:d1:04:27:75:b0:b9:be:90:89:cd:c2:03
Certificate

Issuer

CN=SSL.com Code Signing Intermediate CA RSA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

07/03/2023, 14:37

Not After

05/03/2025, 14:37

Subject

CN=Softutils s.r.o.,O=Softutils s.r.o.,L=Prague,C=CZ

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

64:33:51:d3:c7:38:9f:08
Certificate

Issuer

CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

24/06/2016, 20:44

Not After

24/06/2031, 20:44

Subject

CN=SSL.com Code Signing Intermediate CA RSA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

68:be:6c:01:83:93:e9:2d:47:5d:ee:be:3b:23:d7:39:67:e4:56:78:e2:6f:bf:ab:3c:e5:d5:79:1f:d6:70:39
Signer

Actual PE Digest

68:be:6c:01:83:93:e9:2d:47:5d:ee:be:3b:23:d7:39:67:e4:56:78:e2:6f:bf:ab:3c:e5:d5:79:1f:d6:70:39

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\_users\Petr\Projects\Work\WINWORK\MacroCommander\src\components\RunMacro\Release\RunMacro.pdb

Imports

kernel32

IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStdHandle
ExitProcess
GetFileType
SetStdHandle
QueryPerformanceFrequency
GetCommandLineW
GetCommandLineA
GetTimeZoneInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
VirtualQuery
VirtualAlloc
GetSystemInfo
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
RaiseException
OutputDebugStringW
EnumSystemLocalesW
GetStringTypeW
GetConsoleOutputCP
ReadConsoleW
SetFilePointerEx
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetConsoleCtrlHandler
CreateFileW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetConsoleMode
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
LocalUnlock
LocalLock
GetTickCount
GetUserDefaultLCID
ReplaceFileA
GetTempFileNameA
GetDiskFreeSpaceA
SearchPathA
GetProfileIntA
GetTickCount64
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
GetWindowsDirectoryA
FindResourceExW
lstrcpyA
GetACP
GetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetCPInfo
GetOEMCP
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
SetErrorMode
SystemTimeToTzSpecificLocalTime
SetFileTime
SetFileAttributesA
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
GetVersionExA
GetCurrentThread
GlobalFindAtomA
FindResourceA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
EncodePointer
GlobalFlags
FreeLibrary
GetStringTypeExA
MoveFileA
lstrcmpiA
GetShortPathNameA
LoadLibraryA
LoadLibraryExA
GetCurrentProcess
DuplicateHandle
GetVolumeInformationA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
CreateFileA
GlobalAddAtomA
ResumeThread
SuspendThread
SetThreadPriority
GetCurrentThreadId
CreateEventA
WaitForSingleObject
SetEvent
GetThreadLocale
SystemTimeToFileTime
FileTimeToSystemTime
GetAtomNameA
GlobalGetAtomNameA
lstrcmpA
CompareStringA
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
GetModuleFileNameA
GetCurrentProcessId
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
MultiByteToWideChar
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
SetLastError
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
DecodePointer
WideCharToMultiByte
OpenMutexA
FindResourceW
SizeofResource
LockResource
CloseHandle
LoadResource
Sleep
CreateMutexA
HeapQueryInformation
WriteConsoleW

user32

LoadCursorW
InvertRect
HideCaret
EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
LoadImageA
IsRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
GetDialogBaseUnits
LoadImageW
TrackMouseEvent
IntersectRect
InvalidateRect
KillTimer
SetTimer
DeleteMenu
SetCursor
ShowOwnedPopups
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
OffsetRect
SetRectEmpty
CopyImage
SystemParametersInfoA
InflateRect
GetMenuItemInfoA
DestroyMenu
FillRect
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
PostQuitMessage
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
GetTopWindow
GetClassLongA
EqualRect
CopyRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetClientRect
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenuEx
TrackPopupMenu
NotifyWinEvent
GetMenu
GetCapture
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
PostMessageA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageA
SetWindowLongA
ScrollWindowEx
SendDlgItemMessageA
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
CloseClipboard
SetClipboardData
EmptyClipboard
UnpackDDElParam
MessageBoxA
UnregisterClassA
GetMenuStringA
GetMenuState
GetDlgItemInt
SetDlgItemInt
GetDlgItem
SetWindowPos
MoveWindow
ShowWindow
IsWindow
GetScrollPos
SetScrollPos
SetFocus
RealChildWindowFromPoint
GetWindow
GetClassNameA
GetDesktopWindow
PtInRect
ClientToScreen
DrawStateA
SetClassLongA
SetWindowRgn
SetParent
DrawEdge
DrawFrameControl
IsZoomed
LoadMenuW
GetSystemMenu
BringWindowToTop
SetCursorPos
CopyIcon
FrameRect
DrawIcon
CreatePopupMenu
GetMenuDefaultItem
MapVirtualKeyA
GetKeyNameTextA
SetLayeredWindowAttributes
EnumDisplayMonitors
SetMenu
OpenClipboard
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
UnhookWindowsHookEx
SendMessageA
EnableWindow
IsWindowEnabled
GetWindowLongA
GetParent
GetWindowThreadProcessId
GetLastActivePopup
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
LoadCursorA
GetWindowTextA
GetWindowTextLengthA
GetMessageA
GetMenuBarInfo
TranslateMessage
DispatchMessageA
PeekMessageA
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
DestroyIcon
CharUpperA
GetDlgCtrlID
GetFocus
SetWindowTextA
GetWindowRect
ReuseDDElParam
GetComboBoxInfo
PostThreadMessageA
WaitMessage
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
SetRect
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
RegisterClipboardFormatA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
EnumChildWindows
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
SendNotifyMessageA
MonitorFromRect
InSendMessage
CreateMenu
WindowFromDC
GetWindowRgn
DestroyCursor
GetDCEx
GetTabbedTextExtentA
GetTabbedTextExtentW
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
MonitorFromPoint
UpdateLayeredWindow
UnionRect

gdi32

Escape
ExcludeClipRect
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocA
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
TextOutA
ExtTextOutA
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
GetTextExtentPoint32A
CombineRgn
CreateRectRgnIndirect
CreateSolidBrush
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsA
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
GetCurrentObject
CreateFontA
GetCharWidthA
StretchDIBits
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileA
DeleteMetaFile
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextExtentPointA
GetTextExtentPoint32W
GetTextFaceA
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
CreateCompatibleDC
BitBlt
GetObjectA
SetTextColor
SetBkColor
CreateBitmap
DeleteDC
GetDeviceCaps
CreateDCA
GetMapMode
DeleteObject
CopyMetaFileA

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesA
GetJobA
OpenPrinterA

advapi32

GetFileSecurityA
SetFileSecurityA
RegEnumValueA
RegOpenKeyExW
RegEnumKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegSetValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey

shell32

SHBrowseForFolderA
SHGetMalloc
DragFinish
DragQueryFileA
SHGetDesktopFolder
SHAppBarMessage
SHGetPathFromIDListA
ShellExecuteA
SHAddToRecentDocs
SHGetFileInfoA
ExtractIconA
SHGetSpecialFolderLocation
ShellExecuteExA

shlwapi

PathRemoveFileSpecW
PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathRemoveExtensionA
PathFindFileNameA
StrFormatKBSizeA

uxtheme

GetWindowTheme
DrawThemeText
DrawThemeParentBackground
OpenThemeData
GetThemePartSize
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetThemeSysColor

ole32

OleSetMenuDescriptor
StgOpenStorage
StgOpenStorageOnILockBytes
StgIsStorageFile
CreateILockBytesOnHGlobal
CreateFileMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
OleLockRunning
WriteClassStm
GetHGlobalFromILockBytes
CreateGenericComposite
CoGetClassObject
CreateItemMoniker
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
StgCreateDocfileOnILockBytes
PropVariantCopy
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
OleRun
OleSetClipboard
CreateStreamOnHGlobal
CoInitializeEx
CoInitialize
CoCreateGuid
CoUninitialize
CLSIDFromString
CoCreateInstance
CoDisconnectObject
StringFromGUID2
SetConvertStg
OleRegGetUserType
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleIsRunning
CoGetMalloc
OleQueryLinkFromData
OleQueryCreateFromData
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
CoRegisterClassObject
StgCreateDocfile
ReleaseStgMedium

oleaut32

VarDecFromStr
VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDateFromStr
VariantChangeType
VariantCopy
VariantClear
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SysAllocString
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
SafeArrayDestroy
VariantInit
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen
SysAllocStringLen
SysStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
SysAllocStringByteLen
SysStringByteLen
SysFreeString
SafeArrayGetLBound
SafeArrayDestroyData

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipCreateBitmapFromFileICM

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

oledlg

ord8

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512KB - Virtual size: 512KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2dcb234047fbd78c01dfb6bfabda5f1b

Code Sign

61:36:76:7a:d1:04:27:75:b0:b9:be:90:89:cd:c2:03Certificate

Extended Key Usages

Key Usages

64:33:51:d3:c7:38:9f:08Certificate

Extended Key Usages

Key Usages

68:be:6c:01:83:93:e9:2d:47:5d:ee:be:3b:23:d7:39:67:e4:56:78:e2:6f:bf:ab:3c:e5:d5:79:1f:d6:70:39Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

oledlg

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 512KB - Virtual size: 512KB

.data Size: 30KB - Virtual size: 49KB

.rsrc Size: 2KB - Virtual size: 2KB

61:36:76:7a:d1:04:27:75:b0:b9:be:90:89:cd:c2:03
Certificate

64:33:51:d3:c7:38:9f:08
Certificate

68:be:6c:01:83:93:e9:2d:47:5d:ee:be:3b:23:d7:39:67:e4:56:78:e2:6f:bf:ab:3c:e5:d5:79:1f:d6:70:39
Signer

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 512KB - Virtual size: 512KB

.data
Size: 30KB - Virtual size: 49KB

.rsrc
Size: 2KB - Virtual size: 2KB