2024-01-28_5743cb6fd7c699cc8fef971b4dfb0026_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-01-28_5743cb6fd7c699cc8fef971b4dfb0026_icedid
Size

2.6MB
MD5

5743cb6fd7c699cc8fef971b4dfb0026
SHA1

8c5603580f979bfb8617d448be4afe9ed0735f03
SHA256

4aa6eccce36efe3c901708155f63f5c2a1f81433bbc171079046fea12ff8e477
SHA512

704cd95b0455edc3ab9bddc7ed9d184ffb0fa9e4737d045fa50048d327bfe2828fd17bdb56e5dcab117915629d6784f645b160e790cc2ee458a92e6cf1d543fe
SSDEEP

49152:MjZbeFjNfCZB7p25gNb5mgOCcopLkEm9Q9k24rvlIk6quiaz:EZ8jYBEwb5mg9cOLkxa4Ln68Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-28_5743cb6fd7c699cc8fef971b4dfb0026_icedid

Files

2024-01-28_5743cb6fd7c699cc8fef971b4dfb0026_icedid
.exe windows:4 windows x86 arch:x86

f8143c3bc3201fd3daa6281b5ac8e774

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\MainBuild\Integral\Client\IMedia\Release\IMedia.pdb

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

RtlUnwind
HeapReAlloc
VirtualProtect
VirtualAlloc
VirtualQuery
CreateDirectoryA
TerminateProcess
RemoveDirectoryA
FindNextFileA
GetStartupInfoA
GetCommandLineA
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
SetEnvironmentVariableA
SetEnvironmentVariableW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CloseHandle
ReadFile
SetFilePointer
CreateFileA
GetLastError
HeapAlloc
WriteFile
OutputDebugStringA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
MultiByteToWideChar
RaiseException
InitializeCriticalSection
DeleteCriticalSection
lstrlenA
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceA
GetModuleHandleA
lstrcmpiA
lstrlenW
lstrcpyA
GetModuleFileNameA
InterlockedIncrement
InterlockedDecrement
lstrcpynA
IsDBCSLeadByte
EnterCriticalSection
LeaveCriticalSection
GetTempPathA
MulDiv
GetTickCount
GetVersion
CompareStringA
CompareStringW
HeapFree
ExitProcess
GetDiskFreeSpaceA
GetFileTime
GetFileAttributesA
SetErrorMode
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WritePrivateProfileStringA
SystemTimeToFileTime
GetOEMCP
GetThreadPriority
WaitForMultipleObjects
CreateSemaphoreA
ReleaseSemaphore
GetComputerNameA
GlobalMemoryStatus
GetLocalTime
DeviceIoControl
GetModuleHandleW
CompareFileTime
GetSystemTime
ReleaseMutex
CreateMutexA
GetFileSize
GetCPInfo
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcmpA
SetLastError
lstrcatA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
CreateThread
CreateEventA
WaitForSingleObject
ResetEvent
SetEvent
FileTimeToLocalFileTime
GetDateFormatA
GetTimeFormatA
FileTimeToSystemTime
Sleep
GetProcAddress
LoadLibraryA
IsProcessorFeaturePresent
GetSystemInfo
LoadLibraryExA
FreeLibrary
DeleteFileA

user32

GetDCEx
LoadCursorA
GetSysColorBrush
RegisterClipboardFormatA
SetWindowContextHelpId
MapDialogRect
GetMessageA
TranslateMessage
ValidateRect
ShowOwnedPopups
PostQuitMessage
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
TabbedTextOutA
MoveWindow
SetWindowTextA
IsDialogMessageA
SetParent
GetSystemMenu
DeleteMenu
IsRectEmpty
IsZoomed
GetMenuItemInfoA
WindowFromPoint
SetRect
UnpackDDElParam
ReuseDDElParam
SetCursor
ReleaseCapture
InvalidateRect
InsertMenuItemA
ShowWindow
GetDesktopWindow
IsWindowEnabled
wsprintfA
TranslateAcceleratorA
TranslateMDISysAccel
GetActiveWindow
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
RegisterWindowMessageA
WinHelpA
LockWindowUpdate
SetWindowsHookExA
CallNextHookEx
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
MsgWaitForMultipleObjects
GetMessagePos
PeekMessageA
MapWindowPoints
MessageBoxA
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetForegroundWindow
GetSubMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
GetParent
EqualRect
DeferWindowPos
GetClassInfoA
GetDlgCtrlID
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
SetCapture
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetSystemMetrics
GetWindow
SetRectEmpty
UnionRect
FrameRect
IsWindow
CopyRect
RegisterClassA
CreateWindowExA
DestroyWindow
MessageBeep
PostThreadMessageA
GetCapture
DefWindowProcA
UpdateWindow
CharUpperA
RedrawWindow
ReleaseDC
GetDC
DrawTextA
GetCursorPos
GetSysColor
ScreenToClient
ClientToScreen
PostMessageA
InflateRect
PtInRect
EnableWindow
DestroyMenu
GetDlgItem
CharNextA
OffsetRect
FillRect
LoadMenuA
LoadAcceleratorsA
LoadIconA
KillTimer
SetTimer
IsWindowVisible
GetClientRect
GetWindowRect
BringWindowToTop
IsIconic
SetMenu
GetMenu
SendMessageA
RemoveMenu
InsertMenuA
GetMenuState
CheckMenuItem
AppendMenuA
CreatePopupMenu
LoadStringA
UnregisterClassA
GetQueueStatus
GetClassLongA

gdi32

SetPixelV
CreateSolidBrush
GdiFlush
GetClipBox
GetObjectA
GetCharWidthA
CreateRectRgnIndirect
PatBlt
GetTextMetricsA
SaveDC
RestoreDC
ExcludeClipRect
IntersectClipRect
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
SetBkMode
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SetRectRgn
CombineRgn
GetMapMode
GetRgnBox
BitBlt
GetCurrentObject
SetMapMode
SetTextColor
SetBkColor
GetTextExtentPoint32A
ExtTextOutA
CreateFontA
GetTextColor
GetBkColor
GetDeviceCaps
CreateFontIndirectA
StartDocA
StartPage
GetBitmapBits
StretchDIBits
EndPage
EndDoc
CreateBitmap
CreateDIBSection
GetStockObject
SetStretchBltMode
StretchBlt
CreateCompatibleDC
DeleteDC
GetDIBits
CreateCompatibleBitmap
PtVisible
SelectObject
DeleteObject

msimg32

AlphaBlend

comdlg32

GetFileTitleA
GetOpenFileNameA
PrintDlgA
CommDlgExtendedError
GetSaveFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

GetUserNameA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegEnumKeyExA
RegDeleteValueA
RegQueryInfoKeyA
RegQueryValueExA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegQueryValueA

shell32

DragQueryFileA
DragAcceptFiles
DragFinish
SHGetFileInfoA

comctl32

ImageList_ReplaceIcon
ord17
ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy
ImageList_Create

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoCreateInstance
StringFromGUID2
CoTaskMemRealloc
CoRevokeClassObject
StringFromCLSID
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoUninitialize
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleIsCurrentClipboard
CoRegisterMessageFilter
OleFlushClipboard
CoRegisterClassObject

oleaut32

VarUI4FromStr
OleCreateFontIndirect
SystemTimeToVariantTime
VariantCopy
VarBstrCat
SetErrorInfo
RegisterTypeLi
UnRegisterTypeLi
SysStringLen
LoadRegTypeLi
LoadTypeLi
VariantChangeType
VariantInit
VariantClear
SysFreeString
SysStringByteLen
SysAllocStringLen
SafeArrayDestroy
SafeArrayUnaccessData
SysAllocString
SafeArrayAccessData
SafeArrayCreate
SysAllocStringByteLen
CreateErrorInfo

winmm

timeSetEvent
timeKillEvent
timeBeginPeriod
timeEndPeriod

Exports

Exports

??0CXPAFile@@QAE@XZ
??1CXPAFile@@QAE@XZ
??4CXPAFile@@QAEAAV0@ABV0@@Z
?Close@CXPAFile@@QAEHXZ
?CommonOpen@CXPAFile@@AAEHXZ
?FindSampleTimeRange@CXPAFile@@AAEXAA_J0@Z
?GetCurrentPosition@CXPAFile@@QAEHPA_J@Z
?GetDuration@CXPAFile@@QAEHPA_J@Z
?GetFileDescription@CXPAFile@@QAEPBGXZ
?GetFileSize@CXPAFile@@QAE_JXZ
?GetMaximumSampleTime@CXPAFile@@QAEHPA_J@Z
?GetMediaDesc@CXPAFile@@QAEHHPAUXPA_MEDIA_DESCRIPTION@@PAH@Z
?GetMinimumSampleTime@CXPAFile@@QAEHPA_J@Z
?GetSample@CXPAFile@@QAEHHPAEPAH01PA_JH@Z
?GetSampleByTime@CXPAFile@@QAEHHPAEPAH01PA_J@Z
?GetSampleCount@CXPAFile@@QAEHHPAK@Z
?GetSampleInfo@CXPAFile@@QAEHHHPAX@Z
?GetStreamCount@CXPAFile@@QAEHPAH@Z
?GetStreamInfo@CXPAFile@@QAEHHPAKPA_J1@Z
?GetStreamName@CXPAFile@@QAEPBGH@Z
?GetValidChannels@CXPAFile@@QAEHPAHH@Z
?Open@CXPAFile@@QAEHPAD@Z
?OpenFromOffset@CXPAFile@@QAEHPAX_J@Z
?OpenWrite@CXPAFile@@QAEHPADPAUXPA_FILE_DESCRIPTION@@@Z
?Seek@CXPAFile@@QAEH_J@Z
?WriteSample@CXPAFile@@QAEHPAUXPA_MEDIA_DESCRIPTION@@_JPAEJK@Z

Sections

.text
Size: 604KB - Virtual size: 602KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8143c3bc3201fd3daa6281b5ac8e774

Headers

File Characteristics

PDB Paths

Imports

version

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

winmm

Exports

Exports

Sections

.text Size: 604KB - Virtual size: 602KB

.rdata Size: 128KB - Virtual size: 124KB

.data Size: 24KB - Virtual size: 3.7MB

.rsrc Size: 176KB - Virtual size: 173KB

.text
Size: 604KB - Virtual size: 602KB

.rdata
Size: 128KB - Virtual size: 124KB

.data
Size: 24KB - Virtual size: 3.7MB

.rsrc
Size: 176KB - Virtual size: 173KB