2024-01-27_5079ea38bc864c1760b81586fcc09c38_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-01-27_5079ea38bc864c1760b81586fcc09c38_icedid
Size

1.3MB
MD5

5079ea38bc864c1760b81586fcc09c38
SHA1

c8144659c35c3e7f3048a2cc0f3a34ec466bf2b4
SHA256

05e34b5d84d920d491e0b7e6d5f0ca7fb14389d3fbf142815a49577f9222f5d0
SHA512

4e24ce530343420b81752a54eae5c0edce54a61b522d7d23b1f3d939a660236cb9c6691f0ecab85f20ca94b19306b7df9b2919ba92fedf924cd13a7eb548eff2
SSDEEP

24576:OU42xXiG1OXOh6ZJwFtKAI0HB+Z1HpGIhZg+6b7YUTMm0toSThxnfY4Pj:OfG1CqtKAhUZ1kIhZD6kbDJj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-27_5079ea38bc864c1760b81586fcc09c38_icedid

Files

2024-01-27_5079ea38bc864c1760b81586fcc09c38_icedid
.exe windows:4 windows x86 arch:x86

4dbb4aa9e43191a42da73980379a4b5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\src\SmartHide\trunk\src\winUI\TrialRelease\casinni.winUI.pdb

Imports

wininet

InternetQueryDataAvailable
HttpAddRequestHeadersA
InternetGetLastResponseInfoA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetOpenA
InternetCanonicalizeUrlA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
InternetConnectA
InternetCrackUrlA

psapi

GetModuleBaseNameA
EnumProcesses
EnumProcessModules

kernel32

HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetTimeZoneInformation
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetEnvironmentVariableA
GetLocaleInfoW
GetACP
GetLocaleInfoA
HeapDestroy
GetThreadLocale
GetVersionExA
MultiByteToWideChar
HeapSize
GetFileType
SetStdHandle
GetCommandLineA
HeapReAlloc
ExitThread
GetDateFormatA
GetTimeFormatA
GetSystemTimeAsFileTime
ExitProcess
RtlUnwind
VirtualAlloc
GetCurrentDirectoryA
SetErrorMode
GetOEMCP
GetCPInfo
WideCharToMultiByte
RaiseException
GetLastError
InitializeCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceA
GetVersion
lstrcmpiA
lstrlenW
lstrlenA
InterlockedDecrement
TerminateThread
CloseHandle
Sleep
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
GlobalFlags
GetFileTime
GetFileAttributesA
SetFileAttributesA
SetFileTime
LocalAlloc
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
SuspendThread
SetThreadPriority
GetVolumeInformationA
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FindFirstFileA
FileTimeToLocalFileTime
FindNextFileA
FindClose
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
FormatMessageA
LocalFree
FreeResource
SetLastError
FlushInstructionCache
InterlockedExchange
CreateThread
CompareStringA
CompareStringW
GetTickCount
SetProcessWorkingSetSize
GetCurrentProcess
lstrcpynA
lstrcatA
lstrcpyA
VirtualProtect
GetSystemInfo
GetCurrentProcessId
WriteProcessMemory
VirtualQuery
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentThreadId
SetCurrentDirectoryA
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionA
WritePrivateProfileStringA
IsBadReadPtr
lstrcmpA
GetSystemTime
FileTimeToSystemTime
GetWindowsDirectoryA
LoadLibraryA
GetProcAddress
CreateFileA
GetFileSize
GetTempFileNameA
GetTempPathA
CreateDirectoryA
GetLongPathNameA
GetFullPathNameA
WinExec
CancelWaitableTimer
GetLocalTime
LocalFileTimeToFileTime
DeleteFileA
SystemTimeToFileTime
CompareFileTime
GetStartupInfoA
GetStdHandle
CreateProcessA
OpenProcess
TerminateProcess
CopyFileA
GlobalLock
GlobalUnlock
MulDiv
GlobalFree
CreateEventA
ResumeThread
CreateWaitableTimerA
SetWaitableTimer
WaitForMultipleObjects
GlobalAlloc
SetEvent
WaitForSingleObject
ResetEvent
GetModuleHandleA
LoadLibraryExA
FreeLibrary
EnterCriticalSection
GetModuleFileNameA
LeaveCriticalSection
CreateMutexA
InterlockedIncrement
IsDBCSLeadByte

user32

PostQuitMessage
TranslateMessage
SetRectEmpty
WindowFromPoint
wsprintfA
GrayStringA
TabbedTextOutA
ModifyMenuA
CheckMenuItem
GetMenuCheckMarkDimensions
SetWindowTextA
IsDialogMessageA
WinHelpA
GetClassInfoExA
SendDlgItemMessageA
IsChild
GetWindowTextLengthA
GetForegroundWindow
GetLastActivePopup
GetTopWindow
GetMessageTime
PeekMessageA
RegisterClassA
CreateDialogIndirectParamA
GetDlgItem
GetNextDlgTabItem
EndDialog
CreateIconIndirect
DrawTextExA
GetCapture
GetMessagePos
MapWindowPoints
GetMenuItemID
GetSubMenu
DestroyCursor
CopyIcon
DrawMenuBar
GetWindowPlacement
ValidateRect
IntersectRect
GetWindowWord
SetRect
GetFocus
SetFocus
EnumChildWindows
DrawStateA
DestroyIcon
DrawFrameControl
GetWindowLongW
SetWindowLongW
IsWindowUnicode
LoadStringA
SetScrollRange
SetScrollInfo
SetScrollPos
GetScrollRange
GetScrollPos
GetScrollInfo
EnableScrollBar
SetCapture
ReleaseCapture
UpdateWindow
SetTimer
RegisterClassExA
PtInRect
GetIconInfo
KillTimer
DestroyWindow
BeginPaint
EndPaint
CreateWindowExA
LockWindowUpdate
SetMenu
GetWindow
GetWindowInfo
ShowWindow
CharUpperBuffA
EnableMenuItem
DestroyMenu
InflateRect
DrawTextA
GetClassLongA
DrawIconEx
ClientToScreen
ScreenToClient
IsRectEmpty
InsertMenuItemA
GetKeyState
CopyAcceleratorTableA
UnhookWindowsHookEx
GetSysColorBrush
GetMessageA
DispatchMessageA
SetWindowsHookExA
GetMenuState
CallNextHookEx
IsMenu
AdjustWindowRectEx
GetMenu
RemovePropA
SetWindowRgn
IsZoomed
GetClassNameA
IsWindowVisible
BeginDeferWindowPos
EndDeferWindowPos
MapDialogRect
SetWindowContextHelpId
InvalidateRgn
GetDCEx
DeferWindowPos
GetWindowRgn
EqualRect
MessageBoxA
CharNextA
BroadcastSystemMessageA
RegisterWindowMessageA
CallWindowProcA
GetWindowDC
ReleaseDC
SetPropA
GetWindowTextA
GetPropA
DefWindowProcA
SetWindowLongA
RedrawWindow
GetWindowLongA
GetDlgCtrlID
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
ShowScrollBar
SetParent
GetDC
SystemParametersInfoA
GetSysColor
FillRect
GetClassInfoA
GetDesktopWindow
GetMenuItemInfoA
GetMenuItemCount
DrawEdge
CopyRect
SetWindowPos
GetParent
GetCursorPos
GetSystemMetrics
LoadImageA
GetCursor
IsWindowEnabled
GetActiveWindow
SetActiveWindow
LoadIconA
SetForegroundWindow
GetClientRect
BringWindowToTop
IsIconic
GetSystemMenu
SetMenuItemBitmaps
AppendMenuA
CreatePopupMenu
DrawIcon
LoadBitmapA
GetWindowRect
PostMessageA
IsWindow
InvalidateRect
SendMessageA
OffsetRect
UnregisterClassA
SetCursor
EnableWindow
LoadCursorA
CharUpperA
CharLowerA
PostThreadMessageA
MoveWindow
CallWindowProcW

gdi32

CreateDIBSection
RectVisible
StretchDIBits
SetStretchBltMode
SetDIBitsToDevice
ExtSelectClipRgn
GetClipBox
ExcludeClipRect
LineTo
MoveToEx
CreatePen
SelectClipRgn
GetClipRgn
IntersectClipRect
PtInRegion
GetRgnBox
GetTextMetricsA
UnrealizeObject
PatBlt
SetBrushOrgEx
ExtTextOutA
SetMapMode
CreateDIBitmap
GetViewportExtEx
GetWindowExtEx
PtVisible
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetCharWidthA
GetMapMode
GetBkColor
GetTextColor
GetTextExtentPointA
GetStockObject
SaveDC
RestoreDC
Polygon
SelectPalette
RealizePalette
SetBkColor
CreateICA
GetDIBits
GetRegionData
ExtCreateRegion
CombineRgn
CreateRectRgnIndirect
DPtoLP
OffsetRgn
SetRectRgn
CreateRectRgn
GetDeviceCaps
CreateCompatibleBitmap
GetTextExtentPoint32A
SetBkMode
CreateSolidBrush
SetTextColor
TextOutA
GetPixel
SetPixel
DeleteDC
DeleteObject
GetObjectA
ExtFloodFill
FloodFill
StretchBlt
CreateFontA
CreatePatternBrush
CreateFontIndirectA
CreateBitmap
CreateCompatibleDC
SelectObject
BitBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegEnumKeyA
RegDeleteKeyA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA

shell32

SHGetSpecialFolderPathA
ShellExecuteA
ord680
ExtractIconExA
Shell_NotifyIconA

comctl32

_TrackMouseEvent
ord17
ImageList_GetIconSize
ImageList_DrawEx
ImageList_Draw
ImageList_GetIcon
ImageList_Destroy
ImageList_GetImageCount

shlwapi

PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFileExistsA
UrlUnescapeA

oledlg

ord8

ole32

CLSIDFromProgID
CoInitialize
StringFromGUID2
CoCreateInstance
CoRegisterClassObject
CoRevokeClassObject
CreateStreamOnHGlobal
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

VariantChangeType
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
SysAllocStringByteLen
SysAllocStringLen
VariantInit
SysFreeString
VarUI4FromStr
LoadRegTypeLi
SysStringLen
OleLoadPicture
SysAllocString
UnRegisterTypeLi
RegisterTypeLi
VariantClear
OleCreateFontIndirect
LoadTypeLi

htmlayout

HTMLayoutGetRootElement
HTMLayoutSelectElements
HTMLayoutUpdateElement
HTMLayoutSetElementHtml
HTMLayoutLoadFile
HTMLayout_UnuseElement
HTMLayout_UseElement
HTMLayoutGetElementHwnd
HTMLayoutVisitElements
HTMLayoutScrollToView
HTMLayoutCombineURL
HTMLayoutGetParentElement
HTMLayoutGetElementState
HTMLayoutGetElementIndex
HTMLayoutGetChildrenCount
HTMLayoutGetNthChild
HTMLayoutSetElementState
HTMLayoutSetAttributeByName
HTMLayoutSetStyleAttribute
HTMLayoutDataReady
HTMLayoutClassNameA
HTMLayoutSetCallback
HTMLayoutGetElementType
HTMLayoutGetAttributeByName
HTMLayoutLoadHtml

dbghelp

ImageDirectoryEntryToData

Sections

.text
Size: 656KB - Virtual size: 655KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 156KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 472KB - Virtual size: 471KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4dbb4aa9e43191a42da73980379a4b5b

Headers

File Characteristics

PDB Paths

Imports

wininet

psapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

htmlayout

dbghelp

Sections

.text Size: 656KB - Virtual size: 655KB

.rdata Size: 156KB - Virtual size: 152KB

.data Size: 16KB - Virtual size: 33KB

.rsrc Size: 472KB - Virtual size: 471KB

.text
Size: 656KB - Virtual size: 655KB

.rdata
Size: 156KB - Virtual size: 152KB

.data
Size: 16KB - Virtual size: 33KB

.rsrc
Size: 472KB - Virtual size: 471KB