2025-02-06_d6e95ea8f31ba46a6f727bdf83a96fae_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2025-02-06_d6e95ea8f31ba46a6f727bdf83a96fae_icedid
Size

975KB
MD5

d6e95ea8f31ba46a6f727bdf83a96fae
SHA1

1992a37080a11a3c43b7bcc5a527b41ac11dd2e8
SHA256

56728a946a4dc1a75fce903ddd6167b20c027be74fb5c60ab36144ee20ed6b8e
SHA512

d0d0c57e0d045663de7daadf411abd2ba249dadd0a9679f71420b2ff7a19b2ae7ca98f4691be38b5acd9443d4ed5f4309e2462121a367121ff5aaa672c367240
SSDEEP

24576:kOdjwZ61RM+jD+KK2FyIFt19TSuv8mdMDyDPB:Z261y+jD+KK2bvTJ8mdMDyDPB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-02-06_d6e95ea8f31ba46a6f727bdf83a96fae_icedid

Files

2025-02-06_d6e95ea8f31ba46a6f727bdf83a96fae_icedid
.exe windows:5 windows x86 arch:x86

adc432b2a8ba0a5b192de7e84bde4215

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\main\driver\bin\DriverWizard.pdb

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

psapi

EnumProcesses
GetModuleFileNameExA
EnumProcessModules

gdiplus

GdiplusShutdown
GdipCreateFromHDC
GdipDeleteGraphics
GdipDrawImageRectI
GdipFree
GdipAlloc
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipDisposeImage
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdiplusStartup

kernel32

GlobalFree
lstrcmpA
CompareStringA
LoadLibraryExA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
GlobalDeleteAtom
GlobalAddAtomA
VirtualProtect
FindNextFileA
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
FreeResource
FlushFileBuffers
LockFile
UnlockFile
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
FindResourceExA
GetCPInfo
GetOEMCP
GetFileSizeEx
SetErrorMode
RtlUnwind
HeapFree
HeapAlloc
RemoveDirectoryA
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoA
GetTimeFormatA
GetDateFormatA
VirtualAlloc
ExitProcess
SetStdHandle
GetFileType
lstrlenA
SetHandleCount
IsValidCodePage
LCMapStringA
GetStringTypeA
GetStringTypeW
HeapCreate
VirtualFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetDriveTypeA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CompareStringW
RaiseException
FreeLibrary
LoadLibraryA
GetProcAddress
MoveFileExA
GetLastError
GetCurrentProcess
GetVersionExA
FindResourceA
SizeofResource
LockResource
LoadResource
WideCharToMultiByte
FileTimeToSystemTime
ReleaseMutex
CreateMutexW
MulDiv
MultiByteToWideChar
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetVersionExW
GetLocalTime
OutputDebugStringW
QueryPerformanceCounter
InterlockedExchangeAdd
InterlockedExchange
GetCurrentThreadId
GetStdHandle
SetCurrentDirectoryW
GetCurrentDirectoryW
GetModuleHandleW
GetCurrentProcessId
CreateProcessW
GetModuleFileNameW
LoadLibraryW
GetTempPathW
GetWindowsDirectoryW
GetSystemDirectoryW
SetFileTime
SetFileAttributesW
GetTempFileNameW
CreateDirectoryW
GetFileSize
DeleteFileA
SetFilePointer
WriteFile
SetEndOfFile
CreateFileW
LCMapStringW
InterlockedDecrement
InterlockedIncrement
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetCommandLineA
GetLocaleInfoA
GetModuleFileNameA
CloseHandle
CreateFileA
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
Sleep
GlobalUnlock
GlobalLock
GlobalAlloc
GetModuleHandleA
LocalFree
LocalAlloc
FormatMessageA
GetSystemDirectoryA
GetWindowsDirectoryA
GetFileAttributesA
SetFileAttributesA
FindClose
FindFirstFileA
WaitForSingleObject
FileTimeToLocalFileTime
MoveFileExW
GetTickCount
GetFileTime
CompareFileTime
GetCurrentDirectoryA
GetExitCodeThread
TerminateThread
CreateThread
GetDefaultCommConfigA
GetACP
DeviceIoControl
MoveFileA
CreateDirectoryA
SetLastError
ReadFile
CreatePipe
SetHandleInformation
OpenProcess
GetProfileStringA
WriteProfileStringA
SetEnvironmentVariableA
CreateProcessA
WritePrivateProfileSectionA
GetPrivateProfileSectionA
CopyFileA
GetTempPathA
GetTempFileNameA
HeapSize

user32

UnregisterClassA
DestroyMenu
LoadCursorA
GetSysColorBrush
DrawFocusRect
CharUpperA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
EndPaint
BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
LoadIconA
WinHelpA
GetClassLongA
GetClassNameA
GetForegroundWindow
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
CopyRect
PtInRect
DefWindowProcA
CallWindowProcA
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
MoveWindow
SetWindowLongA
GetDlgCtrlID
IsWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SendDlgItemMessageA
CheckRadioButton
CheckDlgButton
SetPropA
GetCapture
SetActiveWindow
MapDialogRect
SetWindowPos
ShowWindow
GetPropA
RemovePropA
SetFocus
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetSystemMetrics
wvsprintfW
wvsprintfA
GetAsyncKeyState
KillTimer
SetTimer
InvalidateRect
ReleaseDC
GetWindowDC
GetDC
LoadBitmapA
PostMessageA
GetParent
GetWindowRect
SendNotifyMessageA
EnableWindow
GetClientRect
FillRect
GetSysColor
GetWindow
SendMessageA
ExitWindowsEx
GetDesktopWindow
MessageBoxA
GetDlgItem

gdi32

DeleteDC
CreateCompatibleDC
GetStockObject
CreateFontIndirectA
DPtoLP
GetTextMetricsA
EnumFontFamiliesExA
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
BitBlt
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
GetTextExtentPoint32A
GetDeviceCaps
CreateBitmap
GetClipBox
CreateSolidBrush
SetTextColor

comdlg32

GetFileTitleA

winspool.drv

EnumPrinterDriversA
ClosePrinter
OpenPrinterA
AddPortA
EnumMonitorsA
GetPrinterA
ord201
EnumPrintersA
DeletePrinter
DeletePrinterConnectionA
SetJobA
EnumJobsA
DeletePrinterDriverA
SetPrinterA
DocumentPropertiesA
DocumentPropertiesW
EnumPortsA
ord202
GetPrinterDriverDirectoryA
GetPrintProcessorDirectoryA
ConfigurePortA
AddPrinterA

advapi32

QueryServiceStatus
RegQueryValueA
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryValueExW
RegOpenKeyExW
ReportEventW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
RegisterEventSourceW
DeregisterEventSource
RegOpenKeyA
RegEnumKeyA
EnumServicesStatusA
OpenServiceA
OpenSCManagerA
QueryServiceConfigA
DeleteService
AdjustTokenPrivileges
ControlService
StartServiceA
CloseServiceHandle
GetExplicitEntriesFromAclA
EqualSid
SetEntriesInAclA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetKeySecurity
GetAclInformation
RegGetKeySecurity
GetSecurityDescriptorDacl
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegEnumValueA
RegEnumKeyExA
RegDeleteKeyA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
AllocateAndInitializeSid
FreeSid
OpenProcessToken
LookupPrivilegeValueA

shell32

SHGetFolderLocation
ord155
SHChangeNotify
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
ShellExecuteExA

comctl32

ord17

shlwapi

PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA

ole32

CreateStreamOnHGlobal

oleaut32

SysAllocStringLen
VariantInit
VariantChangeType
VariantClear

Sections

.text
Size: 604KB - Virtual size: 604KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 197KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

adc432b2a8ba0a5b192de7e84bde4215

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

psapi

gdiplus

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

Sections

.text Size: 604KB - Virtual size: 604KB

.rdata Size: 153KB - Virtual size: 153KB

.data Size: 13KB - Virtual size: 29KB

.rsrc Size: 197KB - Virtual size: 200KB

.text
Size: 604KB - Virtual size: 604KB

.rdata
Size: 153KB - Virtual size: 153KB

.data
Size: 13KB - Virtual size: 29KB

.rsrc
Size: 197KB - Virtual size: 200KB