2024-10-02_ac4b198c817075220bcbadd2bb343e91_bkransomware_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-02_ac4b198c817075220bcbadd2bb343e91_bkransomware_icedid
Size

1.9MB
MD5

ac4b198c817075220bcbadd2bb343e91
SHA1

b8bf2706eb8e5390cbbc3e5bb9e4565d1209affc
SHA256

e52a2e34de58522114fb709db428060841684f46e3fe792324605993655b69e2
SHA512

ac0502f08c45de4815b73826cc57768d3c329e9533a098dc6278c83b4a4276a82c2d955c4d72f79b6a76a964ec9e64dee690597783800268ae8425370d2af9a1
SSDEEP

49152:rrdAtLNbTDCtCzXgwMYXZpvJXIWMco/hMjuEa2xqTxVP/P0T:ratLNbTDOC8wMYXZ9JKc+hMjBa2xqToT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-10-02_ac4b198c817075220bcbadd2bb343e91_bkransomware_icedid

Files

2024-10-02_ac4b198c817075220bcbadd2bb343e91_bkransomware_icedid
.exe windows:5 windows x86 arch:x86

6997fd8c119ef8e730700d5571c4512a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\Checkpoints\TPDrv\headgit2\Access\SynMood\Win32\Release\SynMood.pdb

Imports

kernel32

GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
GetStringTypeW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStartupInfoW
ReadConsoleW
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
ExitThread
IsProcessorFeaturePresent
RtlUnwind
GetCommandLineW
SetFilePointerEx
LoadResource
DecodePointer
RaiseException
GetLastError
WriteConsoleW
SetEnvironmentVariableA
LCMapStringW
OutputDebugStringW
IsDebuggerPresent
FindResourceExW
VirtualProtect
SearchPathW
GetProfileIntW
Sleep
GetTempPathW
GetTempFileNameW
VerifyVersionInfoW
VerSetConditionMask
lstrcpyW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
GetWindowsDirectoryW
FileTimeToSystemTime
GlobalGetAtomNameW
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
DeleteFileW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
GlobalFindAtomW
LoadLibraryA
EncodePointer
CopyFileW
FormatMessageW
MulDiv
GlobalSize
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GlobalDeleteAtom
GlobalAlloc
LoadLibraryExW
GetVersionExW
GetCurrentThread
ResumeThread
GlobalLock
GetModuleHandleW
GetModuleHandleA
FreeResource
OutputDebugStringA
GetCurrentProcessId
lstrcmpA
ExpandEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
QueryPerformanceCounter
FindFirstFileW
GetCurrentDirectoryW
GetSystemDirectoryW
GetModuleHandleExW
lstrcmpiW
lstrcmpW
FindClose
GetFileSize
GetCurrentThreadId
TerminateProcess
LocalFree
LocalAlloc
IsWow64Process
GetTickCount
TerminateThread
SetThreadPriority
CreateThread
CreateEventW
WaitForSingleObjectEx
WaitForSingleObject
SetEvent
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeviceIoControl
SetLastError
DeactivateActCtx
ActivateActCtx
ReleaseActCtx
CreateActCtxW
FindResourceW
LoadLibraryW
SizeofResource
LockResource
GetProcAddress
GetModuleFileNameW
FreeLibrary
TlsSetValue
TlsGetValue
TlsAlloc
ExitProcess
GetCurrentProcess
GetFileAttributesW
GlobalFree
GlobalUnlock
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
CloseHandle
CreateFileW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetStdHandle

user32

GetClientRect
LoadIconW
PeekMessageW
PostMessageW
DefWindowProcW
RegisterClassW
CreateWindowExW
DestroyWindow
GetClassInfoExW
IsWindow
GetWindowPlacement
IsWindowVisible
SetFocus
GetForegroundWindow
SetForegroundWindow
GetWindowTextW
GetWindowRect
MessageBeep
GetCursorPos
WindowFromPoint
GetWindowLongW
GetClassLongW
GetDesktopWindow
GetParent
InvalidateRect
ReleaseDC
GetDC
DrawIcon
GetSystemMetrics
GetWindowThreadProcessId
GetWindow
IsWindowEnabled
MessageBoxW
GetLastActivePopup
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
SetActiveWindow
GetMessageW
TranslateMessage
DispatchMessageW
GetKeyState
ValidateRect
SetWindowsHookExW
CallNextHookEx
ShowOwnedPopups
SetCursor
GetMenuStringW
EnableWindow
SetTimer
IsIconic
PostQuitMessage
SendMessageW
UnregisterClassW
EmptyClipboard
DrawStateW
DrawEdge
DrawFrameControl
SetWindowRgn
UnionRect
IsMenu
UpdateLayeredWindow
MonitorFromPoint
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
TrackMouseEvent
GetComboBoxInfo
IsZoomed
GetSystemMenu
PostThreadMessageW
WaitMessage
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
SetCursorPos
GetWindowRgn
DestroyCursor
MapDialogRect
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
FrameRect
CharUpperBuffW
RegisterClipboardFormatW
ModifyMenuW
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
SetClassLongW
LockWindowUpdate
SetParent
GetClassNameW
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadMenuW
GetKeyNameTextW
MapVirtualKeyW
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
GetIconInfo
DrawIconEx
LoadImageW
IsRectEmpty
OffsetRect
SetRectEmpty
DrawFocusRect
ReleaseCapture
SetCapture
GetNextDlgGroupItem
GetMenuDefaultItem
CreatePopupMenu
GetMenuItemInfoW
DestroyMenu
IntersectRect
InflateRect
CharUpperW
DestroyIcon
KillTimer
DeleteMenu
SystemParametersInfoW
CopyImage
SendDlgItemMessageA
LoadCursorW
GetSysColorBrush
RealChildWindowFromPoint
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
SetWindowLongW
PtInRect
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
SetWindowPos
IsChild
GetClassInfoW
CallWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
FillRect
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
UnhookWindowsHookEx
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
SetRect

advapi32

RegisterTraceGuidsW
UnregisterTraceGuids
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
TraceMessage
RegCloseKey
RegCreateKeyW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegQueryValueW

ole32

RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
CoCreateInstance
CLSIDFromProgID
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid
CoUninitialize
CoInitialize

shell32

SHAppBarMessage
DragFinish
DragQueryFileW
SHBrowseForFolderW
ShellExecuteW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetFileInfoW

oleaut32

SysFreeString
SysAllocString
VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
VariantChangeType
VariantInit
SysAllocStringLen
VariantClear

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathRemoveFileSpecW
PathFindExtensionW

gdi32

CreateDIBitmap
CreatePalette
DeleteObject
GetDeviceCaps
GetDIBits
GetSystemPaletteEntries
RealizePalette
SelectPalette
StretchDIBits
CreateDIBSection
CreateBitmap
CopyMetaFileW
CreateDCW
BitBlt
CreateCompatibleDC
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
DeleteDC
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetObjectW
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
GetTextMetricsW
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetNearestPaletteIndex
GetPaletteEntries
GetBkColor
CreateCompatibleBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExW
GetRgnBox
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

uxtheme

GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground
DrawThemeText
GetThemePartSize
GetWindowTheme

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipGetImageWidth
GdipGetImageGraphicsContext
GdipCloneImage
GdipGetImageHeight
GdipFree
GdipAlloc
GdiplusShutdown
GdipBitmapLockBits
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdiplusStartup
GdipCreateBitmapFromStream
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCreateBitmapFromScan0
GdipDisposeImage

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 323KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 25KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 189KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6997fd8c119ef8e730700d5571c4512a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

ole32

shell32

oleaut32

shlwapi

gdi32

msimg32

winspool.drv

uxtheme

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 323KB - Virtual size: 322KB

.data Size: 25KB - Virtual size: 133KB

.rsrc Size: 30KB - Virtual size: 30KB

.reloc Size: 189KB - Virtual size: 192KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 323KB - Virtual size: 322KB

.data
Size: 25KB - Virtual size: 133KB

.rsrc
Size: 30KB - Virtual size: 30KB

.reloc
Size: 189KB - Virtual size: 192KB