2024-10-14_cb1b1fca6a674b6168886ca0b2606bbe_bkransomware_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-14_cb1b1fca6a674b6168886ca0b2606bbe_bkransomware_icedid
Size

2.4MB
MD5

cb1b1fca6a674b6168886ca0b2606bbe
SHA1

745da25e748f3047eff928675259a72998a7c833
SHA256

9c79ada0fa760303525b979306aff437837e1cae6368382e08687fd2f037675e
SHA512

4a62e2be31ab596109abc88c94c1bfd3ecbd27b9ee0efd21cf46e6a791636ade4420e3546f275f6323c01277c324d3bdd551b341855aa1d6f9a86fef08df11d8
SSDEEP

49152:hz7/UlqUrwjXWxV2vem/RhUsBqSIAnyIINEU5GPNMdrCoEEbeP5Klkr6zqwD7zo1:hz7uqUsXWxV2vJ/bpBqSIyRIG12drCdZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-10-14_cb1b1fca6a674b6168886ca0b2606bbe_bkransomware_icedid

Files

2024-10-14_cb1b1fca6a674b6168886ca0b2606bbe_bkransomware_icedid
.exe windows:5 windows x86 arch:x86

4d5ce567204cc7fb30c53be4efd07d14

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\GIT-VirtualPrinter\GNPDFPrint\Release\GNPDFPrint.pdb

Imports

kernel32

HeapQueryInformation
GetSystemInfo
VirtualAlloc
VirtualQuery
GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsValidCodePage
GetOEMCP
GetCPInfo
ExitThread
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
WriteConsoleW
SetEnvironmentVariableA
CreateThread
AreFileApisANSI
ExitProcess
GetModuleHandleExW
RtlUnwind
GetFileType
SetStdHandle
IsProcessorFeaturePresent
IsDebuggerPresent
FindResourceExW
GetUserDefaultLCID
VirtualProtect
Sleep
GetProfileIntW
GetTickCount
SearchPathW
lstrcpyW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
CompareStringW
SetErrorMode
GetFileAttributesW
FileTimeToSystemTime
GlobalGetAtomNameW
GlobalSize
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalFindAtomW
EncodePointer
GlobalAddAtomW
ResumeThread
SetThreadPriority
FreeResource
CompareStringA
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GetCurrentThreadId
GetCurrentThread
GetThreadLocale
lstrcmpiW
LoadLibraryExW
GetModuleHandleA
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFileSize
FlushFileBuffers
SetLastError
LoadLibraryExA
FindNextFileW
FindFirstFileW
OutputDebugStringA
OutputDebugStringW
GetSystemDirectoryW
FileTimeToLocalFileTime
FindClose
FileTimeToDosDateTime
GetWindowsDirectoryW
GetStdHandle
VerifyVersionInfoW
MulDiv
GetVersionExW
GetSystemTimeAsFileTime
GetModuleHandleW
GetCurrentProcess
VerSetConditionMask
LoadLibraryW
GetLocaleInfoW
CreateFileMappingW
GlobalUnlock
GetACP
InitializeCriticalSection
GlobalLock
TryEnterCriticalSection
GetFileAttributesExW
GetFileTime
GetFileSizeEx
GetTempPathW
ReadFile
WriteFile
GetTempFileNameW
GetFullPathNameW
DeleteCriticalSection
DecodePointer
EnterCriticalSection
HeapSize
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
GetPrivateProfileIntW
CreateProcessW
SetCurrentDirectoryW
GetCurrentDirectoryW
DeleteFileW
CopyFileW
GlobalAlloc
LocalFree
LocalAlloc
GlobalFree
GetCommandLineW
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GetLocalTime
WaitForSingleObject
CreateEventA
OpenEventA
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
GetCurrentProcessId
ProcessIdToSessionId
GetModuleFileNameW
GetPrivateProfileStringW
WritePrivateProfileStringW
CloseHandle
CreateFileW
FormatMessageW
GetLastError
WideCharToMultiByte
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
GetStringTypeW
RaiseException
FlushInstructionCache

user32

InsertMenuW
GetMenuState
GetMenuStringW
IntersectRect
InflateRect
SendDlgItemMessageA
MapVirtualKeyW
GetKeyNameTextW
EndPaint
BeginPaint
TabbedTextOutW
GrayStringW
DrawTextExW
IsDialogMessageW
SetWindowTextW
CheckDlgButton
SetDlgItemTextW
WinHelpW
GetScrollInfo
SetScrollInfo
UnhookWindowsHookEx
GetTopWindow
GetClassNameW
GetClassLongW
PtInRect
EqualRect
CopyRect
MapWindowPoints
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
GetForegroundWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
SetMenu
GetMenu
GetCapture
SetFocus
SetWindowPlacement
GetWindowPlacement
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
GetSubMenu
LoadMenuW
ShowOwnedPopups
CallNextHookEx
SetWindowsHookExW
ValidateRect
GetKeyState
IsWindowVisible
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
LoadBitmapW
GetMenuCheckMarkDimensions
UpdateLayeredWindow
GetFocus
SetActiveWindow
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
AppendMenuW
CreateDialogIndirectParamW
IsWindow
MapDialogRect
SetWindowContextHelpId
OffsetRect
MessageBeep
RedrawWindow
IsZoomed
PostQuitMessage
CharUpperW
GetLastActivePopup
GetWindowThreadProcessId
MessageBoxW
IsWindowEnabled
ClientToScreen
DestroyWindow
SetCursor
EnumDisplayMonitors
CloseClipboard
ScreenToClient
IsIconic
DrawTextW
SetForegroundWindow
CopyImage
GetParent
LoadCursorW
GetWindowLongW
SystemParametersInfoW
EnableMenuItem
EmptyClipboard
MonitorFromWindow
SetWindowLongW
DestroyCursor
GetDesktopWindow
GetCursorPos
ShowWindow
RemoveMenu
OpenClipboard
AdjustWindowRectEx
DeferWindowPos
BeginDeferWindowPos
CharUpperBuffW
SetCursorPos
DrawFocusRect
UpdateWindow
SetClipboardData
GetClientRect
GetWindowRect
EnableWindow
LoadIconW
DrawFrameControl
DrawEdge
DrawIconEx
UnionRect
GetMenuItemInfoW
EnableScrollBar
GetNextDlgGroupItem
SetRect
EndDeferWindowPos
SetMenuItemInfoW
GetMonitorInfoW
CheckMenuItem
MoveWindow
UnregisterClassW
GetDlgCtrlID
GetWindow
GetWindowDC
GetSystemMetrics
InvalidateRect
PostMessageW
FillRect
GetSysColor
GetDC
SetWindowPos
WaitMessage
SetCapture
ReleaseCapture
WindowFromPoint
DeleteMenu
RealChildWindowFromPoint
SetTimer
GetWindowRgn
DrawIcon
GetComboBoxInfo
CreateMenu
GetDoubleClickTime
InvertRect
HideCaret
GetIconInfo
ReleaseDC
SendMessageW
GetUpdateRect
SubtractRect
MapVirtualKeyExW
IsCharLowerW
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
IsClipboardFormatAvailable
FrameRect
CopyIcon
SetMenuDefaultItem
GetMenuDefaultItem
EndDialog
KillTimer
InvalidateRgn
CharNextW
SetClassLongW
LockWindowUpdate
RegisterClipboardFormatW
EnumChildWindows
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
PostThreadMessageW
ModifyMenuW
IsMenu
NotifyWinEvent
SetWindowRgn
GetSystemMenu
GetAsyncKeyState
TrackMouseEvent
IsRectEmpty
DrawStateW
GetSysColorBrush
SetLayeredWindowAttributes
MonitorFromPoint
SetParent
ReuseDDElParam
UnpackDDElParam
LoadImageW
DestroyIcon
SetRectEmpty
InsertMenuItemW
DestroyMenu
CreatePopupMenu
TranslateAcceleratorW
LoadAcceleratorsW
SetMenuItemBitmaps
BringWindowToTop

gdi32

SetBkMode
SetDIBColorTable
GetDIBits
CreateFontIndirectW
LineTo
GetTextExtentPoint32W
MoveToEx
CreateBitmap
SetBkColor
SetTextColor
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
CreateCompatibleBitmap
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
CopyMetaFileW
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetTextMetricsW
RealizePalette
SetPixel
CreateRoundRectRgn
GetRgnBox
OffsetRgn
GetTextColor
GetBkColor
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
Rectangle
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RoundRect
ExtFloodFill
SetPaletteEntries
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
CreateDIBSection
StretchDIBits
GetObjectW
EndDoc
EndPage
AbortDoc
StartPage
SetWorldTransform
SetGraphicsMode
ResetDCW
StartDocW
CreateSolidBrush
GetDeviceCaps
CreateDCW
BitBlt
StretchBlt
SetStretchBltMode
DeleteDC
CreateCompatibleDC
SetWindowExtEx
SelectObject
DeleteObject

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetOpenFileNameW

winspool.drv

ord203
DocumentPropertiesW
GetPrinterW
SetFormW
AddFormW
GetFormW
ClosePrinter
OpenPrinterW
EnumFormsW
EnumPrintersW

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
InitializeSecurityDescriptor
RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
SetSecurityDescriptorDacl

shell32

CommandLineToArgvW
ord75
ShellExecuteW
SHGetDesktopFolder
SHGetFileInfoW
DragQueryFileW
DragFinish
SHAppBarMessage
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
SHBrowseForFolderW

comctl32

InitCommonControlsEx

shlwapi

PathFileExistsW
PathRemoveFileSpecW
PathAddBackslashW
PathIsRelativeW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathFindFileNameW
StrFormatKBSizeW

uxtheme

GetThemeSysColor
GetCurrentThemeName
GetThemeColor
IsAppThemed
GetThemePartSize
CloseThemeData
OpenThemeData
IsThemeBackgroundPartiallyTransparent
DrawThemeBackground
DrawThemeParentBackground
DrawThemeText
GetWindowTheme

ole32

ReleaseStgMedium
OleDuplicateData
CoInitializeEx
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoTaskMemFree
CoInitialize
CreateStreamOnHGlobal
CoUninitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
CoRevokeClassObject
CoCreateInstance
OleLockRunning
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CoTaskMemAlloc
CoDisconnectObject

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantChangeType
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
LoadTypeLi
VariantClear
SysAllocStringLen
SysFreeString
SysAllocString
VariantInit

oledlg

OleUIBusyW

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectI

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 375KB - Virtual size: 374KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 30KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 207KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4d5ce567204cc7fb30c53be4efd07d14

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

version

oleacc

imm32

winmm

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 375KB - Virtual size: 374KB

.data Size: 30KB - Virtual size: 67KB

.rsrc Size: 83KB - Virtual size: 82KB

.reloc Size: 207KB - Virtual size: 208KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 375KB - Virtual size: 374KB

.data
Size: 30KB - Virtual size: 67KB

.rsrc
Size: 83KB - Virtual size: 82KB

.reloc
Size: 207KB - Virtual size: 208KB