General

Malware Config

Signatures

Files

• 2024-06-30_3c8015a01733ba4fe06f0aea6d3837fc_icedid

  .exe windows:4 windows x86 arch:x86

  854954ae2446c735e350e04dc3748bc1

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  ws2_32

  socket

  ioctlsocket

  connect

  inet_addr

  WSAGetLastError

  ntohl

  htonl

  closesocket

  send

  recv

  __WSAFDIsSet

  select

  getsockopt

  listen

  bind

  accept

  getsockname

  WSASetLastError

  ntohs

  WSACleanup

  WSAStartup

  gethostbyname

  htons

  kernel32

  lstrlenW

  VirtualProtect

  GlobalFlags

  GlobalHandle

  GlobalReAlloc

  LocalReAlloc

  GetProcessVersion

  GetCPInfo

  GetOEMCP

  GetFileTime

  SetErrorMode

  WritePrivateProfileStringA

  FindResourceExA

  RtlUnwind

  SetEnvironmentVariableW

  GetCurrentDirectoryW

  SetCurrentDirectoryW

  GetTimeZoneInformation

  GetCurrentThread

  GetSystemTimeAsFileTime

  RaiseException

  HeapReAlloc

  RemoveDirectoryA

  SetEnvironmentVariableA

  SetCurrentDirectoryA

  GetFileInformationByHandle

  PeekNamedPipe

  GetFileType

  GetStartupInfoA

  GetCommandLineA

  ExitThread

  HeapSize

  GetEnvironmentVariableA

  HeapDestroy

  HeapCreate

  VirtualFree

  VirtualAlloc

  IsBadWritePtr

  LCMapStringA

  LCMapStringW

  SetUnhandledExceptionFilter

  SetStdHandle

  SetHandleCount

  GetStdHandle

  UnhandledExceptionFilter

  FreeEnvironmentStringsA

  FreeEnvironmentStringsW

  GetEnvironmentStrings

  GetEnvironmentStringsW

  GetStringTypeA

  GetStringTypeW

  IsBadReadPtr

  IsBadCodePtr

  CompareStringA

  CompareStringW

  GetTickCount

  GetProfileIntA

  GetThreadLocale

  GetFullPathNameA

  FindFirstFileA

  UnlockFile

  LockFile

  DuplicateHandle

  lstrcmpA

  SuspendThread

  SetThreadPriority

  ResumeThread

  FileTimeToLocalFileTime

  GlobalGetAtomNameA

  GlobalAddAtomA

  GlobalFindAtomA

  GlobalDeleteAtom

  lstrcpyA

  InterlockedIncrement

  CreateProcessA

  SetThreadExecutionState

  GetVolumeInformationW

  CompareFileTime

  GetDiskFreeSpaceW

  GetDiskFreeSpaceA

  GetSystemInfo

  InterlockedDecrement

  GetComputerNameA

  FindResourceA

  SizeofResource

  LoadResource

  LockResource

  GetCurrentDirectoryA

  GetACP

  GetSystemDefaultLangID

  GetUserDefaultLangID

  GetVolumeInformationA

  DeleteCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  InitializeCriticalSection

  lstrcpynA

  CreateThread

  SleepEx

  ReadFile

  CreateDirectoryA

  CopyFileW

  MoveFileA

  LocalAlloc

  SetLastError

  CreateDirectoryW

  GetFileAttributesExW

  FileTimeToSystemTime

  CreateWaitableTimerA

  SetWaitableTimer

  CancelWaitableTimer

  SetFileAttributesW

  FlushFileBuffers

  DeviceIoControl

  TlsFree

  TlsAlloc

  TlsSetValue

  GetCurrentThreadId

  TlsGetValue

  TerminateProcess

  SetEvent

  lstrlenA

  SetFileAttributesA

  DeleteFileA

  GetWindowsDirectoryW

  FormatMessageA

  lstrcmpiA

  GetLocaleInfoA

  GetDriveTypeW

  GetVersion

  GetCurrentProcessId

  MoveFileW

  RemoveDirectoryW

  GetSystemTime

  SystemTimeToFileTime

  SetFileTime

  LoadLibraryW

  MoveFileExW

  GetModuleHandleA

  WriteFile

  GetProcessHeap

  HeapFree

  HeapAlloc

  OpenProcess

  lstrcatA

  GetFileSize

  CreateFileMappingA

  MapViewOfFile

  UnmapViewOfFile

  SetFilePointer

  SetEndOfFile

  GetSystemDirectoryW

  DeleteFileW

  GetWindowsDirectoryA

  GetVersionExA

  GetExitCodeProcess

  CreateFileA

  GetCurrentProcess

  CreateProcessW

  GetModuleFileNameW

  CreateEventA

  WaitForMultipleObjects

  ResetEvent

  GlobalAlloc

  GlobalFree

  FindFirstFileW

  FindNextFileW

  FindClose

  CreateFileW

  CreateMutexA

  OpenMutexA

  WaitForSingleObject

  ReleaseMutex

  CloseHandle

  GetSystemDirectoryA

  GetModuleFileNameA

  GetFileAttributesA

  CopyFileA

  LoadLibraryA

  GetProcAddress

  FreeLibrary

  Sleep

  GlobalSize

  GlobalLock

  GlobalUnlock

  GetFileAttributesW

  GetLastError

  FormatMessageW

  LocalFree

  WideCharToMultiByte

  MultiByteToWideChar

  MulDiv

  ExitProcess

  GetProfileStringA

  GetLocalTime

  user32

  IsRectEmpty

  InflateRect

  CharUpperA

  IsClipboardFormatAvailable

  ValidateRect

  GrayStringA

  DrawTextA

  TabbedTextOutA

  GetMenuCheckMarkDimensions

  GetMenuState

  SetMenuItemBitmaps

  MapWindowPoints

  AdjustWindowRectEx

  DeferWindowPos

  BeginDeferWindowPos

  EndDeferWindowPos

  GetTopWindow

  IsChild

  WinHelpA

  GetClassInfoA

  GetClassLongA

  GetMessageTime

  GetLastActivePopup

  GetWindowPlacement

  IsDialogMessageA

  SendDlgItemMessageA

  GetDlgItemTextA

  GetNextDlgTabItem

  EndDialog

  CreateDialogIndirectParamA

  GetActiveWindow

  DrawFrameControl

  SetRect

  SystemParametersInfoW

  DrawStateA

  DeleteMenu

  DrawIconEx

  IntersectRect

  GetSysColorBrush

  FillRect

  FrameRect

  PeekMessageA

  SetActiveWindow

  ModifyMenuA

  UnionRect

  ClientToScreen

  WindowFromPoint

  DrawTextW

  SetDlgItemTextA

  CopyIcon

  GetKeyboardLayoutList

  PostQuitMessage

  GetMessageA

  TranslateMessage

  DispatchMessageA

  GetDlgItemTextW

  UpdateWindow

  IsWindowEnabled

  SetCursorPos

  GetClassNameA

  CreateDialogParamW

  CreateDialogParamA

  SetPropA

  GetPropA

  RemovePropA

  DefWindowProcA

  CreateWindowExA

  RegisterClassA

  DefDlgProcA

  DestroyWindow

  GetWindowDC

  BeginPaint

  EndPaint

  RegisterWindowMessageA

  RegisterClipboardFormatA

  RemoveMenu

  DrawFocusRect

  GetMessagePos

  ScreenToClient

  LoadCursorA

  SetCursor

  EqualRect

  GetCapture

  ReleaseCapture

  SetCapture

  CreatePopupMenu

  AppendMenuW

  SystemParametersInfoA

  GetDlgCtrlID

  GetKeyState

  ModifyMenuW

  TrackPopupMenu

  IsIconic

  GetSystemMetrics

  DrawIcon

  OffsetRect

  EnableMenuItem

  SetClipboardViewer

  CheckMenuItem

  LoadImageW

  LoadImageA

  DestroyMenu

  ChangeClipboardChain

  GetWindow

  GetMenu

  SetWindowsHookExA

  CallNextHookEx

  UnhookWindowsHookEx

  SetWindowLongA

  CallWindowProcA

  EnumWindows

  SetForegroundWindow

  IsWindowVisible

  wsprintfW

  MessageBoxW

  MessageBoxA

  LoadBitmapA

  GetMenuItemCount

  GetMenuItemID

  GetSubMenu

  AppendMenuA

  CheckMenuRadioItem

  GetCursorPos

  PtInRect

  LockWindowUpdate

  GetDCEx

  GetNextDlgGroupItem

  CopyAcceleratorTableA

  CharNextA

  PostThreadMessageA

  GetAsyncKeyState

  SetRectEmpty

  MapDialogRect

  DestroyIcon

  SetWindowContextHelpId

  GetClientRect

  CopyRect

  FindWindowA

  GetWindowThreadProcessId

  MsgWaitForMultipleObjects

  GetParent

  SetParent

  KillTimer

  SetTimer

  GetFocus

  SetFocus

  SendMessageW

  InvalidateRect

  wsprintfA

  PostMessageA

  GetForegroundWindow

  ExitWindowsEx

  ReleaseDC

  MessageBeep

  ShowWindow

  GetWindowTextLengthA

  MoveWindow

  SetDlgItemTextW

  GetWindowTextLengthW

  GetWindowTextA

  IsWindow

  GetWindowRect

  CreateWindowExW

  SetWindowPos

  SetWindowTextA

  DefWindowProcW

  GetDesktopWindow

  GetDlgItem

  GetSysColor

  SetWindowTextW

  SendMessageA

  GetDC

  GetWindowTextW

  EnableWindow

  LoadIconA

  LoadStringA

  IsWindowUnicode

  ExcludeUpdateRgn

  ShowCaret

  HideCaret

  UnregisterClassA

  GetWindowLongA

  gdi32

  GetTextColor

  GetBkColor

  EnumFontFamiliesExA

  SetWindowExtEx

  ScaleViewportExtEx

  SetViewportExtEx

  OffsetViewportOrgEx

  SetViewportOrgEx

  CopyMetaFileA

  GetCharWidthA

  StretchDIBits

  CombineRgn

  SetRectRgn

  CreateRectRgnIndirect

  PatBlt

  Escape

  ExtTextOutA

  TextOutA

  RectVisible

  PtVisible

  CreatePatternBrush

  GetWindowExtEx

  GetViewportExtEx

  CreateRectRgn

  IntersectClipRect

  ExcludeClipRect

  LPtoDP

  DPtoLP

  GetTextMetricsA

  CreateCompatibleBitmap

  DeleteObject

  SelectObject

  StretchBlt

  BitBlt

  DeleteDC

  GetStockObject

  CreateCompatibleDC

  GetDIBits

  CreateDIBSection

  SelectClipRgn

  GetObjectA

  CreateFontIndirectA

  TranslateCharsetInfo

  CreateSolidBrush

  GetTextExtentPoint32W

  GetTextExtentPointA

  CreateDIBitmap

  GetTextExtentPoint32A

  GetDeviceCaps

  CreateFontA

  RestoreDC

  SaveDC

  CreateBitmap

  GetClipBox

  SetBkMode

  SetBkColor

  SetTextColor

  SetStretchBltMode

  CreateFontIndirectW

  GetMapMode

  SetMapMode

  ScaleWindowExtEx

  comdlg32

  GetSaveFileNameW

  GetSaveFileNameA

  GetFileTitleA

  GetOpenFileNameW

  advapi32

  RegDeleteKeyW

  RegQueryValueExA

  RegOpenKeyExA

  RegDeleteValueA

  RegSetValueExA

  RegCreateKeyExA

  RegEnumKeyA

  RegQueryInfoKeyA

  RegDeleteKeyA

  RegEnumKeyExA

  RegQueryValueExW

  RegSetValueExW

  RegDeleteValueW

  RegNotifyChangeKeyValue

  AdjustTokenPrivileges

  LookupPrivilegeValueA

  OpenProcessToken

  RegFlushKey

  RegCreateKeyExW

  GetUserNameW

  RegLoadKeyA

  RegRestoreKeyA

  GetUserNameA

  RegSaveKeyA

  OpenSCManagerA

  OpenServiceA

  CloseServiceHandle

  RegCloseKey

  RegEnumKeyW

  DuplicateTokenEx

  GetLengthSid

  SetTokenInformation

  CreateProcessAsUserW

  GetTokenInformation

  GetSidSubAuthorityCount

  GetSidSubAuthority

  RegEnumValueA

  shell32

  Shell_NotifyIconW

  SHGetMalloc

  SHGetDesktopFolder

  Shell_NotifyIconA

  SHBrowseForFolderW

  SHGetPathFromIDListW

  SHFileOperationW

  SHFileOperationA

  ShellExecuteW

  FindExecutableW

  ShellExecuteExA

  ShellExecuteExW

  SHGetFileInfoW

  SHGetFileInfoA

  SHBrowseForFolderA

  SHGetPathFromIDListA

  ShellExecuteA

  comctl32

  ImageList_AddMasked

  ImageList_Add

  ImageList_Remove

  ord17

  ord8

  ImageList_BeginDrag

  ImageList_DragShowNolock

  ImageList_DragMove

  ImageList_EndDrag

  ImageList_DragLeave

  ImageList_Draw

  ImageList_DragEnter

  ImageList_GetIcon

  ImageList_Destroy

  ImageList_Create

  PropertySheetA

  DestroyPropertySheetPage

  CreatePropertySheetPageA

  oledlg

  ord8

  ole32

  OleUninitialize

  OleInitialize

  CreateStreamOnHGlobal

  CoTaskMemFree

  CoUninitialize

  CoSetProxyBlanket

  OleGetClipboard

  CoRevokeClassObject

  CoRegisterClassObject

  CoGetObject

  StringFromGUID2

  CoInitialize

  ReleaseStgMedium

  OleFlushClipboard

  OleIsCurrentClipboard

  DoDragDrop

  CoFreeUnusedLibraries

  CLSIDFromProgID

  CreateILockBytesOnHGlobal

  StgCreateDocfileOnILockBytes

  StgOpenStorageOnILockBytes

  CoGetClassObject

  CoRegisterMessageFilter

  CoTaskMemAlloc

  OleDuplicateData

  CoDisconnectObject

  RevokeDragDrop

  CoLockObjectExternal

  RegisterDragDrop

  CoCreateInstance

  CLSIDFromString

  olepro32

  ord251

  ord253

  oleaut32

  SysAllocString

  SysAllocStringByteLen

  VariantTimeToSystemTime

  VariantChangeType

  VariantCopy

  VariantInit

  VariantClear

  LoadTypeLibEx

  SafeArrayGetUBound

  SafeArrayGetLBound

  SafeArrayGetElement

  LoadTypeLi

  SysStringLen

  SysAllocStringLen

  SysFreeString

  wininet

  InternetSetCookieA

  InternetGetCookieA

  InternetCrackUrlA

  InternetCanonicalizeUrlA

  GetUrlCacheEntryInfoW

  InternetCanonicalizeUrlW

  InternetCombineUrlA

  Sections

  .text

  Size: 2.3MB - Virtual size: 2.3MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 448KB - Virtual size: 444KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 200KB - Virtual size: 223KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 972KB - Virtual size: 971KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ