2025-01-30_251e521989a80d3133cd9c0ffb578f1a_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2025-01-30_251e521989a80d3133cd9c0ffb578f1a_icedid
Size

1.2MB
MD5

251e521989a80d3133cd9c0ffb578f1a
SHA1

e094d71e6dbf5cc56d74449795dbea1673558a9e
SHA256

bd29422c41ad50130d7c320c828eba8e7839ca41b10e47af89dde791e7d25d92
SHA512

e5913d1129cbb1a931cc422e0a5dcea7a33c679813f262e226810eafd644d75e7da98efd15abc2bfa1b5e79c7cca3c7fc60d0c7a8be5300d169fe72a78b60c61
SSDEEP

24576://ZdbDOlOZNbl5algpUERS6spC8wbh1Ko:/brbl5alqUERS6spMh1Ko

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-01-30_251e521989a80d3133cd9c0ffb578f1a_icedid

Files

2025-01-30_251e521989a80d3133cd9c0ffb578f1a_icedid
.exe windows:4 windows x86 arch:x86

2c012d8615e7bda73249605de82d4301

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\Project\VectorPlus\Source\Setup\CmSetup2\Release\CmSetup2.pdb

Imports

kernel32

GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetTimeFormatA
GetDateFormatA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
VirtualFree
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetCurrentDirectoryA
GetDriveTypeA
HeapCreate
HeapDestroy
GetSystemDirectoryA
MoveFileExA
LocalLock
LocalUnlock
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapSize
InterlockedDecrement
GetFileType
SetStdHandle
CreateThread
ExitThread
HeapReAlloc
GetSystemTimeAsFileTime
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
SetErrorMode
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetFileTime
GetThreadLocale
FileTimeToLocalFileTime
FileTimeToSystemTime
GetTickCount
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrcmpA
GetModuleHandleA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
VerSetConditionMask
VerifyVersionInfoW
VirtualQuery
MoveFileW
SetFilePointer
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
CreateEventW
GetLogicalDriveStringsW
GetDiskFreeSpaceW
CreateProcessW
WaitForSingleObject
GetExitCodeProcess
TerminateProcess
GetFileSize
CreateDirectoryW
MoveFileExW
RemoveDirectoryW
DeviceIoControl
CopyFileW
SetFileTime
SetFileAttributesW
ReadFile
LocalAlloc
Sleep
GetProcessHeap
HeapAlloc
HeapFree
GetCurrentThread
GetBinaryTypeW
WinExec
GetCurrentProcess
GetSystemDirectoryW
GetTempFileNameW
GetTempPathW
GetComputerNameW
WideCharToMultiByte
DeleteFileW
GetPrivateProfileStringW
MulDiv
GetPrivateProfileSectionNamesW
GetPrivateProfileIntW
GetDriveTypeW
GetDiskFreeSpaceExW
FindFirstFileW
FindNextFileW
FindClose
GetFileSizeEx
GetFileAttributesW
WritePrivateProfileStringW
FormatMessageW
LocalFree
ExitProcess
GetLocalTime
OutputDebugStringW
lstrcatW
lstrcpyW
GetModuleFileNameW
LoadLibraryExW
FreeLibrary
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
RaiseException
CreateMutexW
ReleaseMutex
CreateFileW
WriteFile
CloseHandle
GetLastError
SetLastError
GetProcAddress
GetModuleHandleW
LoadLibraryW
FreeResource
GetCPInfo
lstrlenA
lstrcmpiW
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
GetVersion
GetVersionExW
lstrlenW
EnumSystemLocalesA

user32

PostQuitMessage
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
GetMessageW
TranslateMessage
ValidateRect
GetCursorPos
DestroyMenu
GetMenuStringW
CreateDialogIndirectParamW
EndDialog
IsWindowEnabled
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
EnableWindow
SendMessageW
MessageBoxA
wsprintfA
UnregisterClassA
wsprintfW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
TrackPopupMenu
GetKeyState
GetMenu
CreateWindowExW
GetClassInfoExW
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
EnumThreadWindows
GetClassNameW
EnumWindows
ExitWindowsEx
MessageBeep
IsWindow
IsWindowVisible
SetRectEmpty
IsRectEmpty
RegisterClipboardFormatW
MapDialogRect
CharUpperW
LoadCursorW
UnregisterClassW
ReleaseCapture
GetDCEx
GetClassInfoW
RegisterClassW
KillTimer
LockWindowUpdate
SetCapture
PostThreadMessageW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
SetParent
SetActiveWindow
GetClientRect
UpdateWindow
LoadIconW
SetRect
CopyRect
LoadBitmapW
FillRect
DrawEdge
CreateMenu
CreatePopupMenu
AppendMenuW
GetMenuItemCount
GetMenuItemID
GetMenuState
GetSubMenu
ModifyMenuW
GetDC
ReleaseDC
GetDesktopWindow
GetSysColor
GetSysColorBrush
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
DestroyIcon
DrawIconEx
SystemParametersInfoW
GetSystemMetrics
GetMenuItemInfoW
GetParent
IsMenu
DrawStateW
CreateIconIndirect
GetIconInfo
InflateRect
SetTimer
RedrawWindow
GetAsyncKeyState
GetTabbedTextExtentW
GetLastActivePopup
MessageBoxW
CharNextW
FindWindowExW
ShowWindow
BringWindowToTop
SetForegroundWindow
DestroyCursor
LoadImageW
PostMessageW
SetCursor
GetWindowLongW
WindowFromPoint
GetNextDlgTabItem
GetActiveWindow
InvalidateRect
ClientToScreen
GetWindowRect
DrawFocusRect
FrameRect
OffsetRect
SetWindowContextHelpId

gdi32

GetMapMode
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreatePatternBrush
GetTextColor
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
GetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetRgnBox
ExtSelectClipRgn
CreateRectRgn
SelectClipRgn
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
CreatePen
CreateSolidBrush
CreateFontIndirectW
CreateCompatibleBitmap
GetObjectW
CreateCompatibleDC
GetDeviceCaps
GetBkMode
Ellipse
PatBlt
BitBlt
GetPixel
SetPixel
GetTextExtentPoint32W
DeleteDC
DeleteObject
SelectObject
CreateDIBSection
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
GetStockObject
SetTextColor
SetBkColor
CreateBitmap
GetClipBox
GetTextMetricsW
GetCharWidthW
CreateFontW
StretchDIBits
GetBkColor
SaveDC
RestoreDC
SetBkMode
GetWindowExtEx

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegQueryValueW
RegOpenKeyW
LsaOpenPolicy
LsaAddAccountRights
LsaClose
DeleteService
ChangeServiceConfigW
ControlService
StartServiceW
CreateServiceW
ChangeServiceConfig2W
QueryServiceStatus
OpenServiceW
CloseServiceHandle
OpenSCManagerW
GetFileSecurityW
AddAccessAllowedAceEx
GetSecurityDescriptorControl
SetFileSecurityW
RegSetKeySecurity
SetSecurityDescriptorDacl
LookupAccountNameW
SetSecurityDescriptorOwner
GetUserNameW
InitializeSecurityDescriptor
AddAccessAllowedAce
AddAccessDeniedAce
InitializeAcl
GetLengthSid
IsValidSid
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueW
RegConnectRegistryW
RegEnumKeyW
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenThreadToken
GetAce
AddAce
GetAclInformation
GetSecurityDescriptorDacl

shell32

ShellExecuteW
SHGetMalloc
SHBrowseForFolderW
SHGetFolderLocation
SHGetDiskFreeSpaceExW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHFileOperationW
ShellExecuteExW

comctl32

_TrackMouseEvent

shlwapi

StrStrIW
PathCompactPathW
StrCpyNW
SHDeleteKeyW
PathFileExistsW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW

oledlg

OleUIBusyW

ole32

CLSIDFromProgID
CLSIDFromString
CoGetClassObject
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoInitialize
CoUninitialize
CoTaskMemFree
CoTaskMemRealloc
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemAlloc
CoCreateInstance
OleRun
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes

oleaut32

VarUI4FromStr
SysAllocStringLen
SysStringLen
SystemTimeToVariantTime
OleCreateFontIndirect
VariantTimeToSystemTime
SafeArrayDestroy
VariantClear
VariantChangeType
VariantCopy
VariantInit
SysFreeString
SysStringByteLen
SysAllocStringByteLen
SysAllocString
GetErrorInfo

urlmon

CreateURLMoniker

iphlpapi

GetIfTable
SendARP
GetIfEntry
GetIpAddrTable

winmm

PlaySoundW

ws2_32

setsockopt
bind
socket
getsockname
WSAEventSelect
ntohs
htons
sendto
WSAGetLastError
closesocket
WSAStartup
getsockopt
htonl
WSACleanup
ntohl
inet_addr
gethostbyname
inet_ntoa

mpr

WNetEnumResourceW
WNetCancelConnection2W
WNetOpenEnumW

netapi32

NetUserAdd
NetUserSetInfo
NetLocalGroupDel
NetLocalGroupAdd
NetUserDel
NetLocalGroupGetInfo
NetApiBufferFree
NetUseAdd
NetShareDel
NetLocalGroupAddMembers
NetUserEnum
NetUserGetInfo
NetShareAdd

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

activeds

ord3

Sections

.text
Size: 644KB - Virtual size: 643KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 232KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2c012d8615e7bda73249605de82d4301

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

iphlpapi

winmm

ws2_32

mpr

netapi32

version

activeds

Sections

.text Size: 644KB - Virtual size: 643KB

.rdata Size: 232KB - Virtual size: 230KB

.data Size: 20KB - Virtual size: 36KB

.rsrc Size: 308KB - Virtual size: 308KB

.text
Size: 644KB - Virtual size: 643KB

.rdata
Size: 232KB - Virtual size: 230KB

.data
Size: 20KB - Virtual size: 36KB

.rsrc
Size: 308KB - Virtual size: 308KB