2024-11-24_8d02e3da707575f6a26329c3a899f386_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-11-24_8d02e3da707575f6a26329c3a899f386_icedid
Size

971KB
MD5

8d02e3da707575f6a26329c3a899f386
SHA1

0777bea85c96ec974e5ea68d93099cda3e2b5282
SHA256

04b0aaf88daa9cc5d90506f75531f6670d33ea33e9459bb6867837b5cd766045
SHA512

00eb9a75b6ff0691465f41e92c389810ef7f0048577fb661b9a31040629abe4b52afbc475dc89796fd6423d0014c558731ed21fcc242e45afd3f820a2bd7f95a
SSDEEP

12288:Rdq2982XqwpszV8ski5NeT0sjVZWtYz2QghDmvQhmHo9LWlXW4Y8c5O:RQ291fLski5N6ZWyz2QglbmHo9LG7c5O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
2024-11-24_8d02e3da707575f6a26329c3a899f386_icedid

Files

2024-11-24_8d02e3da707575f6a26329c3a899f386_icedid
.exe windows:5 windows x86 arch:x86

d6052ac9a0f65e4ec92487ecf484fb12

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\User\Desktop\2008\30.7.20\TabDrives\TabDrives\Release\TabDrives.pdb

Imports

kernel32

TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
HeapDestroy
VirtualFree
HeapSize
GetSystemTimeAsFileTime
FatalAppExitA
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
CreateThread
ExitThread
SizeofResource
Sleep
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetDateFormatA
GetTimeFormatA
RaiseException
RtlUnwind
GetProfileIntA
GetTickCount
SetErrorMode
GetFileSizeEx
SetFileAttributesA
LocalFileTimeToFileTime
CreateFileA
GetShortPathNameA
GetVolumeInformationA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
GetStringTypeExA
DeleteFileA
MoveFileA
GetCurrentDirectoryA
SystemTimeToFileTime
GetThreadLocale
GetModuleHandleW
GetAtomNameA
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
InterlockedDecrement
GetModuleFileNameW
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
FormatMessageA
LocalFree
lstrlenW
MulDiv
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
CompareStringA
lstrcmpW
GetVersionExA
FreeResource
lstrlenA
GlobalLock
GlobalUnlock
GetCurrentProcessId
GlobalGetAtomNameA
GlobalAddAtomA
MultiByteToWideChar
GetLogicalDrives
FindNextFileA
FindClose
GetDriveTypeA
lstrcpyA
FindFirstFileA
CloseHandle
GetLastError
SetLastError
GetModuleHandleA
LoadLibraryA
FileTimeToLocalFileTime
FileTimeToSystemTime
ExitProcess
LoadLibraryExW
GetProcAddress
LoadLibraryExA
GetCurrentProcess
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
QueryPerformanceCounter

user32

MessageBeep
GetNextDlgGroupItem
SetCapture
InvalidateRgn
CopyAcceleratorTableA
CharNextA
UnregisterClassA
GetDialogBaseUnits
CharUpperA
DestroyIcon
WindowFromPoint
KillTimer
SetTimer
UnionRect
SetParent
IsRectEmpty
GetSysColorBrush
LoadCursorA
DestroyCursor
GetMenuItemInfoA
InflateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
SetWindowContextHelpId
MapDialogRect
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
ShowOwnedPopups
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
GetMenuStringA
InsertMenuA
RemoveMenu
MapVirtualKeyA
GetKeyNameTextA
ScrollWindowEx
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
EnableMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
IsChild
SendNotifyMessageA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
MessageBoxA
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
PtInRect
GetDC
ReleaseDC
GetWindowRect
IsZoomed
GetSystemMetrics
GetClassNameA
EnableWindow
SendMessageA
UpdateWindow
LoadIconA
GetSystemMenu
GetSysColor
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
GetMenuBarInfo
WinHelpA
SetWindowPos
SetFocus
GetWindowThreadProcessId
GetActiveWindow
IsWindowEnabled
EqualRect
GetDlgItem
SetWindowLongA
WaitMessage
IsClipboardFormatAvailable
RegisterClipboardFormatA
LockWindowUpdate
GetDCEx
GetTabbedTextExtentA
PostThreadMessageA
CreateMenu
WindowFromDC
InSendMessage
SetWindowRgn
SetWindowsHookExA
DrawIcon
DeleteMenu
AppendMenuA
CheckMenuItem
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetClientRect
TranslateAcceleratorA
IsWindow
GetWindowLongA
ShowWindow
GetWindow
GetDesktopWindow
SetMenu
PostMessageA
BringWindowToTop
GetLastActivePopup
GetMenu
CopyRect
SetRectEmpty
OffsetRect
IntersectRect
GetClassInfoA
CreatePopupMenu
InsertMenuItemA
IsIconic
InvalidateRect
IsWindowVisible
SetActiveWindow
GetParent
LoadAcceleratorsA
ReleaseCapture
GetCapture
PeekMessageA
SetCursor
GetKeyState
GetDlgCtrlID
SetRect

gdi32

RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateDIBPatternBrushPt
CreatePatternBrush
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
PtVisible
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
GetViewportOrgEx
Rectangle
SetRectRgn
CombineRgn
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
CreateEllipticRgn
LPtoDP
Ellipse
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetTextExtentPointA
GetWindowOrgEx
CreateMetaFileA
CloseMetaFile
DeleteMetaFile
BitBlt
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
CreatePen
CreateFontIndirectA
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
StartDocA
DPtoLP
CreateDCA
CopyMetaFileA
GetDeviceCaps
PatBlt
CreateRectRgnIndirect
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
StretchDIBits
DeleteDC
GetObjectA
CreateFontA
GetCharWidthA
DeleteObject
GetTextExtentPoint32A
GetTextMetricsA
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
LineTo

comdlg32

GetFileTitleA

winspool.drv

GetJobA
DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueA
RegCloseKey
RegCreateKeyA

shell32

SHGetFileInfoA
DragFinish
DragQueryFileA
ExtractIconA
ShellAboutA

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

oledlg

ord8

ole32

OleCreateStaticFromData
OleCreate
OleLoad
GetHGlobalFromILockBytes
OleSetContainedObject
OleCreateFromFile
OleCreateLinkToFile
OleGetIconOfClass
CreateItemMoniker
CreateGenericComposite
OleIsRunning
GetRunningObjectTable
CoLockObjectExternal
CreateFileMoniker
CoGetMalloc
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
CreateOleAdviseHolder
CreateDataAdviseHolder
OleGetClipboard
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
OleSetMenuDescriptor
OleQueryCreateFromData
OleQueryLinkFromData
DoDragDrop
OleSave
OleCreateLinkFromData
CoFreeUnusedLibraries
OleUninitialize
OleRun
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
CoInitializeEx
CoUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoCreateInstance
StringFromGUID2
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
OleCreateFromData
OleLockRunning
CreateStreamOnHGlobal
OleSaveToStream
OleInitialize
WriteClassStm

oleaut32

SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen
VarDateFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarCyFromStr
OleCreateFontIndirect
SysAllocString
VarBstrFromDate

Sections

.text
Size: 627KB - Virtual size: 626KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6052ac9a0f65e4ec92487ecf484fb12

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 627KB - Virtual size: 626KB

.rdata Size: 153KB - Virtual size: 152KB

.data Size: 15KB - Virtual size: 30KB

.rsrc Size: 174KB - Virtual size: 174KB

.text
Size: 627KB - Virtual size: 626KB

.rdata
Size: 153KB - Virtual size: 152KB

.data
Size: 15KB - Virtual size: 30KB

.rsrc
Size: 174KB - Virtual size: 174KB