2024-09-30_0d5cfb7373a0469b4379a8636f902261_bkransomware_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-30_0d5cfb7373a0469b4379a8636f902261_bkransomware_icedid
Size

2.3MB
MD5

0d5cfb7373a0469b4379a8636f902261
SHA1

77fe16fbfe0385ba6e26c8644225699ede7304fe
SHA256

19026a2ce290a035b776611df18c97cd74d7d6c1d889ca499c0c9ae51f346dd0
SHA512

c17ca486c1e1dc19f07a213d7c34669ecaf8172dd6b06eeb8014bdcd0c7bc5440cb05df1fb8b1f864052180001dc9c0d3a9c642f64ac5e583ab696961e274a50
SSDEEP

49152:WDD0FZs/Yl7dYUMQ+fCi6p6O8IFeII8uxV1XL4LDmg27RnWGj:eD0FZs/U73MQ+fCi6AeeT8uxV1XaD52j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-30_0d5cfb7373a0469b4379a8636f902261_bkransomware_icedid

Files

2024-09-30_0d5cfb7373a0469b4379a8636f902261_bkransomware_icedid
.exe windows:6 windows x86 arch:x86

b1245beea05bda7852c30e3f3c96dbae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces

kernel32

GetACP
GetOEMCP
GetCPInfo
GetTimeZoneInformation
GetStringTypeW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
OutputDebugStringW
LCMapStringW
WriteConsoleW
SetEnvironmentVariableA
CreateFileW
CloseHandle
GetLastError
DeviceIoControl
SetEvent
WaitForSingleObject
CreateEventW
Sleep
LoadResource
LockResource
SizeofResource
FormatMessageW
TerminateProcess
FindResourceW
MultiByteToWideChar
VerSetConditionMask
LocalFree
VerifyVersionInfoW
ExpandEnvironmentStringsW
CreateMutexW
GetCurrentProcess
GetCurrentThreadId
GetModuleFileNameW
IsValidCodePage
RaiseException
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
InitializeCriticalSectionEx
DeleteCriticalSection
GetVersion
GetVersionExW
SetLastError
GlobalAlloc
GlobalSize
GlobalLock
GlobalUnlock
GlobalFree
MulDiv
CopyFileW
WideCharToMultiByte
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
GetStdHandle
GetFileType
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
IsProcessorFeaturePresent
IsDebuggerPresent
ExitThread
CreateThread
GetSystemTimeAsFileTime
GetModuleHandleExW
OutputDebugStringA
DecodePointer
GetModuleHandleA
GetModuleHandleW
GetProcAddress
ExitProcess
RtlUnwind
GetCommandLineW
FindResourceExW
VirtualProtect
SearchPathW
GetProfileIntW
GetTempPathW
GetTempFileNameW
lstrcpyW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
SetErrorMode
GetWindowsDirectoryW
lstrcmpiW
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
DeleteFileW
GetCurrentDirectoryW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
FileTimeToSystemTime
GlobalGetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetTickCount
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetCurrentThread
GetCurrentProcessId
ResumeThread
SuspendThread
SetThreadPriority
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeResource
FreeLibrary
GetSystemDirectoryW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
EncodePointer
LoadLibraryW
LoadLibraryA

user32

DestroyCursor
GetWindowRgn
SetRect
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
IsZoomed
GetComboBoxInfo
TrackMouseEvent
MonitorFromPoint
UpdateLayeredWindow
IsMenu
SetWindowRgn
DrawFrameControl
DrawEdge
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
UnionRect
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
MessageBeep
GetIconInfo
DrawIconEx
IsRectEmpty
DrawFocusRect
GetNextDlgGroupItem
ReuseDDElParam
UnpackDDElParam
OffsetRect
SetRectEmpty
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
GetMenuDefaultItem
CreatePopupMenu
PostThreadMessageW
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
CharUpperW
DestroyIcon
InvalidateRect
CopyImage
RealChildWindowFromPoint
IntersectRect
LoadCursorW
GetSysColorBrush
SendDlgItemMessageA
InflateRect
GetMenuItemInfoW
DestroyMenu
RegisterClipboardFormatW
SetCursor
ShowOwnedPopups
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetWindowThreadProcessId
TranslateMessage
GetMessageW
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IsDialogMessageW
MapDialogRect
IsWindowEnabled
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassLongW
SetWindowLongW
PtInRect
EqualRect
MapWindowPoints
ScreenToClient
MessageBoxW
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
ValidateRect
GetForegroundWindow
UpdateWindow
SetMenu
GetMenu
GetCapture
GetKeyState
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
LoadBitmapW
GetParent
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetFocus
GetWindow
GetWindowLongW
GetWindowTextLengthW
GetWindowTextW
GetScrollPos
SetScrollPos
SetFocus
CopyRect
ReleaseDC
GetDC
MapVirtualKeyW
GetKeyNameTextW
RemoveMenu
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
FrameRect
CharUpperBuffW
CopyIcon
GetDoubleClickTime
SetClassLongW
InsertMenuW
GetMenuItemCount
SetCursorPos
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
LockWindowUpdate
SetWindowTextW
GetMenuStringW
SystemParametersInfoW
LoadImageW
GetClassNameW
FindWindowW
EnumChildWindows
SetParent
GetCursorPos
GetWindowRect
SetMenuDefaultItem
TrackPopupMenu
DeleteMenu
ModifyMenuW
GetMenuItemID
GetSubMenu
EnableMenuItem
CheckMenuItem
GetMenuState
LoadMenuW
KillTimer
SetTimer
DrawAnimatedRects
UnregisterClassW
GetClientRect
DrawIcon
AppendMenuW
GetSystemMenu
GetSystemMetrics
IsIconic
IsWindow
EnumWindows
SetForegroundWindow
SetActiveWindow
PostMessageW
SendMessageTimeoutW
RegisterWindowMessageW
GetUserObjectInformationW
GetThreadDesktop
GetSysColor
RedrawWindow
PostQuitMessage
LoadIconW
EnableWindow
SendMessageW
FillRect

gdi32

GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
PatBlt
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
CombineRgn
GetClipBox
SetRectRgn
DPtoLP
GetTextMetricsW
CreateCompatibleBitmap
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExW
GetRgnBox
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceW
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
GetObjectW
SetTextColor
SetBkColor
CreateRectRgnIndirect
GetDeviceCaps
CreateDCW
CopyMetaFileW
CreateSolidBrush
CreateBitmap

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
OpenProcessToken
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
GetUserNameW
GetTokenInformation

shell32

SHAppBarMessage
Shell_NotifyIconW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
ShellExecuteW
DragFinish
DragQueryFileW
SHGetDesktopFolder

shlwapi

PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathRemoveFileSpecW

uxtheme

DrawThemeParentBackground
GetWindowTheme
GetThemeSysColor
IsAppThemed
DrawThemeText
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
GetCurrentThemeName
OpenThemeData
CloseThemeData
GetThemeColor

ole32

CoInitializeEx
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoDisconnectObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoInitialize
RevokeDragDrop
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CoTaskMemFree
PropVariantClear
CoCreateInstance
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
CoCreateGuid

oleaut32

VarBstrFromDate
VariantCopy
SysStringLen
LoadTypeLi
SysAllocString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
VariantTimeToSystemTime
SystemTimeToVariantTime

oledlg

OleUIBusyW

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectI

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 325KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 676KB - Virtual size: 680KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b1245beea05bda7852c30e3f3c96dbae

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 325KB - Virtual size: 324KB

.data Size: 24KB - Virtual size: 54KB

.rsrc Size: 676KB - Virtual size: 680KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 325KB - Virtual size: 324KB

.data
Size: 24KB - Virtual size: 54KB

.rsrc
Size: 676KB - Virtual size: 680KB