2024-10-03_2b48a3f16af7b7e30d2369ed13029fbb_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-03_2b48a3f16af7b7e30d2369ed13029fbb_icedid
Size

10.4MB
MD5

2b48a3f16af7b7e30d2369ed13029fbb
SHA1

3527aad9506b75c4134349fd0352b92b952951c6
SHA256

5f4ab70fab7914880f60fe1904e7bd80db5eb63d2a9c93ca69975812c29606f4
SHA512

f1a2b91817b0e46acadb42552fe5bf8257f311f77384bccd8d4136889f2c2b0c5cf7640e9cacfcc73e7778f4f160ba7bc8dfbb975ca87c034125f3a4aa641083
SSDEEP

196608:OJk+y/mnifVKkfaZ/l+7Y1rtECg8jZ/l+7Y1rtECg84:OS/SitXCf+U7EHEf+U7EH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-10-03_2b48a3f16af7b7e30d2369ed13029fbb_icedid

Files

2024-10-03_2b48a3f16af7b7e30d2369ed13029fbb_icedid
.exe windows:4 windows x86 arch:x86

b4b38348a60993c9461cd733f9f91a1e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
GlobalGetAtomNameW
GetFileSizeEx
GlobalFlags
GetSystemDefaultUILanguage
SetErrorMode
GetUserDefaultLCID
UnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
GetStartupInfoW
WriteConsoleW
SetEnvironmentVariableW
UnlockFile
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetDriveTypeW
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
SetFilePointerEx
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
LCMapStringW
GetStdHandle
GetFileType
SetStdHandle
HeapQueryInformation
VirtualQuery
GetSystemInfo
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
RtlUnwind
GetCPInfo
CompareStringEx
LCMapStringEx
GetStringTypeW
SetEndOfFile
LockFile
GetVolumeInformationW
FlushFileBuffers
GetThreadLocale
GetPrivateProfileIntW
SuspendThread
GlobalFindAtomW
GlobalAddAtomW
GlobalDeleteAtom
GetSystemDirectoryW
EncodePointer
OutputDebugStringA
GetACP
OpenEventW
OpenMutexW
CreateMutexW
GlobalFree
lstrlenA
ExitProcess
CompareStringW
EnumResourceLanguagesW
EnumResourceTypesW
EnumResourceNamesW
GetPrivateProfileSectionNamesW
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrcmpA
ResumeThread
SetThreadPriority
CreateThread
CreateDirectoryW
GetLocaleInfoW
GetTimeFormatW
GetDateFormatW
GetModuleHandleA
LocalUnlock
LocalLock
GetVersionExW
VirtualFree
VirtualAlloc
ExpandEnvironmentStringsW
SetFilePointer
GlobalLock
DuplicateHandle
GlobalUnlock
GlobalAlloc
lstrcatW
lstrcpyW
GetNativeSystemInfo
GetVersion
SetUnhandledExceptionFilter
K32GetModuleFileNameExW
K32EnumProcessModules
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
QueryFullProcessImageNameW
GetModuleHandleExW
GetModuleFileNameW
GetModuleFileNameA
GetCurrentThread
GetProcessTimes
CreateSemaphoreExW
CreateMutexExW
OpenSemaphoreW
WaitForSingleObjectEx
ReleaseMutex
ReleaseSemaphore
OutputDebugStringW
DebugBreak
IsDebuggerPresent
FileTimeToLocalFileTime
CompareFileTime
GetTempFileNameW
GetFullPathNameW
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
FormatMessageW
GetWindowsDirectoryW
SetFileAttributesW
RemoveDirectoryW
IsBadWritePtr
IsBadReadPtr
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
MoveFileExW
SystemTimeToFileTime
GetSystemTime
CreateProcessW
GetExitCodeProcess
GetComputerNameW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileAttributesExW
InitializeCriticalSectionAndSpinCount
LoadLibraryW
GetLongPathNameW
GetExitCodeThread
GetTickCount
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
RaiseException
DecodePointer
lstrcmpW
SearchPathW
ReadFile
GetFileSize
GetCommandLineW
GetLocalTime
Sleep
GetCurrentDirectoryW
lstrcpynW
LoadLibraryExW
VirtualProtect
LoadLibraryA
FreeLibrary
lstrlenW
OpenProcess
TerminateProcess
GetLastError
MulDiv
VerifyVersionInfoW
VerSetConditionMask
LocalFree
LocalAlloc
GetProcAddress
GetTickCount64
WideCharToMultiByte
GetCurrentThreadId
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetUserDefaultUILanguage
GetModuleHandleW
GetCurrentProcess
GetTempPathW
WriteFile
DeleteFileW
MultiByteToWideChar
GetCurrentProcessId
CreateFileW
FindResourceW
SizeofResource
LockResource
LoadResource
TerminateThread
WaitForMultipleObjects
CreateEventW
WaitForSingleObject
ResetEvent
SetEvent
SetLastError
CloseHandle
FreeEnvironmentStringsW

user32

CopyAcceleratorTableW
LoadAcceleratorsW
IsWindowEnabled
MapVirtualKeyExW
GetKeyNameTextW
GetKeyboardState
IsCharLowerW
CharUpperW
IsIconic
GetKeyboardLayout
GetKeyboardLayoutList
ToUnicodeEx
GetMenuItemCount
GetMenuItemInfoW
GetMenuItemID
SetParent
GetTopWindow
UpdateWindow
LoadMenuW
MapVirtualKeyW
wsprintfW
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
CreateIconIndirect
CreateIconFromResourceEx
LoadBitmapW
DrawStateW
RegisterClipboardFormatW
GetNextDlgTabItem
GetSysColorBrush
AdjustWindowRectEx
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetDesktopWindow
InvertRect
LockWindowUpdate
GetDCEx
TabbedTextOutW
GrayStringW
DrawTextExW
GetSubMenu
ReleaseCapture
SetCapture
GetCapture
WinHelpW
IsDialogMessageW
GetWindow
GetLastActivePopup
MessageBeep
RedrawWindow
DrawIcon
EnableMenuItem
GetSystemMenu
GetAsyncKeyState
GetDialogBaseUnits
CheckDlgButton
CreateDialogIndirectParamW
MoveWindow
DestroyWindow
PostQuitMessage
WaitMessage
PeekMessageW
DispatchMessageW
IsZoomed
LoadStringW
EnumDisplaySettingsW
FindWindowExW
FindWindowW
MessageBoxW
WaitForInputIdle
SetFocus
EmptyClipboard
SetClipboardData
CloseClipboard
CheckMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableWindow
GetWindowTextW
EnumWindows
SendDlgItemMessageA
BringWindowToTop
ShowWindow
CreateWindowExW
DefWindowProcW
GetMessageW
CharLowerBuffW
CharLowerBuffA
FillRect
InsertMenuW
SetWindowTextW
GetDlgItem
CharLowerW
CopyIcon
ClientToScreen
KillTimer
SetTimer
SetForegroundWindow
GetMenuDefaultItem
TrackPopupMenu
IsWindowVisible
UnregisterClassW
GetActiveWindow
EqualRect
IsRectEmpty
DrawFocusRect
IsClipboardFormatAvailable
MapWindowPoints
IsMenu
IsChild
GetDlgCtrlID
GetWindowRgn
HideCaret
ShowCaret
SetActiveWindow
SetWindowRgn
UnionRect
GetMenuStringW
LookupIconIdFromDirectoryEx
GetCursor
WindowFromPoint
DrawEdge
SetRectEmpty
GetForegroundWindow
SystemParametersInfoW
SetClassLongW
CopyRect
AppendMenuW
CreatePopupMenu
GetMessagePos
DrawFrameControl
GetWindowThreadProcessId
SendMessageTimeoutW
SetWindowLongW
SetWindowPos
LoadIconW
GetIconInfo
DrawIconEx
LoadImageW
DestroyIcon
GetDoubleClickTime
GetMenu
SetMenu
GetMenuState
GetClassLongW
SetCursorPos
CallWindowProcW
IsWindowUnicode
GetWindowLongA
SetWindowLongA
GetTabbedTextExtentA
MapDialogRect
GetWindowPlacement
SetWindowPlacement
TranslateMessage
TranslateAcceleratorW
GetScrollPos
SendMessageW
GetSysColor
GetParent
EnumChildWindows
GetFocus
GetSystemMetrics
DrawTextW
GetDC
ReleaseDC
BeginPaint
EndPaint
InvalidateRgn
GetWindowTextLengthW
GetClientRect
GetWindowRect
GetCursorPos
FrameRect
InflateRect
IntersectRect
PtInRect
GetWindowLongW
GetClassNameW
RegisterWindowMessageW
PostMessageW
IsWindow
GetKeyState
InvalidateRect
SetCursor
ScreenToClient
SetRect
OffsetRect
LoadCursorW
SetMenuItemInfoW
GetMessageTime
RegisterClassW
GetClassInfoW
OpenClipboard
GetClassInfoExW
ValidateRect
PostThreadMessageW
GetNextDlgGroupItem
RealChildWindowFromPoint
DeleteMenu
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateMDISysAccel
DefFrameProcW
DrawMenuBar
SetWindowContextHelpId
DestroyMenu
CharNextW
GetWindowDC
ShowOwnedPopups
EndDialog
GetMonitorInfoW
MonitorFromWindow
RemovePropW
GetPropW
SetPropW
SetScrollRange

gdi32

GetCharWidthW
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetTextAlign
GetTextExtentPoint32A
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
ExtSelectClipRgn
BeginPath
CloseFigure
EndPath
FillPath
StrokeAndFillPath
StrokePath
MoveToEx
PolyBezierTo
OffsetViewportOrgEx
GetRgnBox
GetBkColor
RestoreDC
RealizePalette
SaveDC
SetDIBitsToDevice
ExcludeClipRect
SelectClipRgn
Ellipse
SetMapMode
SetTextAlign
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
ScaleViewportExtEx
ScaleWindowExtEx
GetMapMode
SetRectRgn
DPtoLP
StretchDIBits
CreatePatternBrush
CombineRgn
Polyline
CreateFontW
GetViewportOrgEx
GetBitmapBits
ExtCreateRegion
PtInRegion
CreateRectRgn
GetTextMetricsW
GetCurrentObject
CreateDIBSection
SetStretchBltMode
StretchBlt
GetDIBits
CreateBitmap
Polygon
TextOutW
SetPixel
RectVisible
PtVisible
GetPixel
Escape
EnumFontFamiliesExW
CreateRectRgnIndirect
BitBlt
DeleteDC
CreateDCW
GetTextColor
RoundRect
Rectangle
GetTextExtentPoint32W
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
DeleteObject
CreatePen
ExtTextOutW
SetTextColor
SetBkMode
SetBkColor
SelectObject
PatBlt
GetStockObject
GetDeviceCaps
CreateFontIndirectW
CreateSolidBrush

msimg32

GradientFill

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumValueW
RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExW
RegDeleteValueW
RegSetValueExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryInfoKeyW
RegDeleteKeyW
GetTokenInformation
IsValidSid
RegQueryValueW
RegEnumKeyW
RegCloseKey
RegEnumKeyExW
ConvertSidToStringSidW

shell32

ShellExecuteW
ExtractIconExW
SHGetFileInfoW
CommandLineToArgvW
SHFileOperationW
SHGetPathFromIDListW
SHCreateDirectoryExW
SHGetSpecialFolderPathW
ShellExecuteExW
SHGetMalloc
SHGetSpecialFolderLocation
DragQueryFileW
DragFinish

comctl32

ImageList_Draw
ImageList_GetIconSize
ord410
ord412
ord413
ord381
ImageList_AddMasked
_TrackMouseEvent
ImageList_ReplaceIcon
InitCommonControlsEx
ImageList_GetIcon
ImageList_Destroy
ImageList_GetImageCount
ImageList_Add
ImageList_DrawEx
ImageList_GetImageInfo

shlwapi

PathRemoveArgsW
PathUnquoteSpacesW
PathFileExistsW
PathParseIconLocationW
PathIsDirectoryW
StrFormatByteSizeW
PathAddBackslashW
PathRemoveFileSpecW
PathMatchSpecW
PathStripPathW
ord487
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
UrlUnescapeW

uxtheme

OpenThemeData
DrawThemeParentBackground
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
BufferedPaintSetAlpha
CloseThemeData
DrawThemeBackground
GetThemeBackgroundContentRect
GetThemeColor
GetThemeInt
SetWindowTheme
BeginBufferedPaint
EndBufferedPaint

ole32

CoInitialize
CoCreateGuid
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoGetClassObject
StgCreateDocfileOnILockBytes
CoTaskMemAlloc
PropVariantClear
CoTaskMemFree
CoCreateInstance
CoInitializeEx
CoUninitialize
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoRegisterMessageFilter

oleaut32

SafeArrayAccessData
SafeArrayUnaccessData
VariantInit
VariantClear
VariantCopy
SysStringLen
SysStringByteLen
SysAllocStringByteLen
OleLoadPicturePath
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantChangeTypeEx
VarDateFromStr
VarBstrFromDate
VarUdateFromDate
VariantChangeType
SafeArrayGetLBound
SysAllocStringLen
SafeArrayGetDim
SafeArrayGetElemsize
LoadTypeLi
SafeArrayGetUBound
SafeArrayDestroy
OleCreateFontIndirect
SysFreeString
SysAllocString

oledlg

OleUIAddVerbMenuW
OleUIBusyW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

gdiplus

GdipImageRotateFlip
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromHICON
GdipGetImageHeight
GdipAlloc
GdipFree
GdipCreatePath
GdipDeletePath
GdipResetPath
GdipStartPathFigure
GdipClosePathFigure
GdipAddPathArcI
GdipCreatePen1
GdipDeletePen
GdipSetPenDashStyle
GdipCreateFromHDC
GdipDeleteGraphics
GdipDrawRectangleI
GdipDrawPath
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipDisposeImage
GdipGetImageWidth

winmm

PlaySoundW

oleacc

LresultFromObject
CreateStdAccessibleObject

wininet

InternetSetStatusCallbackW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetGetLastResponseInfoW
InternetSetOptionW
InternetQueryOptionW
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetOpenUrlW
InternetCloseHandle
InternetOpenW

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 426KB - Virtual size: 425KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vdqc
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4b38348a60993c9461cd733f9f91a1e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

version

gdiplus

winmm

oleacc

wininet

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 426KB - Virtual size: 425KB

.data Size: 37KB - Virtual size: 55KB

.rsrc Size: 4.1MB - Virtual size: 4.1MB

.vdqc Size: 1024B - Virtual size: 604B

.idata Size: 15KB - Virtual size: 15KB

.rsrc Size: 4.1MB - Virtual size: 4.1MB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 426KB - Virtual size: 425KB

.data
Size: 37KB - Virtual size: 55KB

.rsrc
Size: 4.1MB - Virtual size: 4.1MB

.vdqc
Size: 1024B - Virtual size: 604B

.idata
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 4.1MB - Virtual size: 4.1MB