2024-01-28_de9bac62dc12ddd365b3404855ded830_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-28_de9bac62dc12ddd365b3404855ded830_icedid
Size

288KB
MD5

de9bac62dc12ddd365b3404855ded830
SHA1

bd3889b88bcb5c5ee2644a59309d610303cb67a2
SHA256

f0be3c163156043c8a61a166dbe3f6a15f75c51d832959d0f3fd986144233722
SHA512

030eb8bcc0d1246007b43c21b4532c6fffea586aa333b3e92482bedafcc940e0cfb8b1510ae4333fd2df8239f7c010b7f060739ffe3f16ce2dc44e0bb9830add
SSDEEP

6144:MrhTx6BdXKFhr0zx2gc5sukphC8DX9T6LHaEPtx1xHo:MFTwhKFizx2T2z6aEPtx1G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-28_de9bac62dc12ddd365b3404855ded830_icedid

Files

2024-01-28_de9bac62dc12ddd365b3404855ded830_icedid
.exe windows:4 windows x86 arch:x86

cdda9c4ae9dab7c17530b5a00680cc2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\mojimei\TATA项目\SplashStart\SplashStart\Release\SplashStart.pdb

Imports

kernel32

FindFirstFileW
GetVolumeInformationW
GetFullPathNameW
CreateFileW
LoadLibraryW
EnumResourceLanguagesW
GetVersion
ConvertDefaultLocale
WritePrivateProfileStringW
LocalFree
FormatMessageW
LocalAlloc
FindClose
GlobalHandle
LocalReAlloc
GlobalFlags
InterlockedIncrement
SetErrorMode
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesW
GetFileTime
CloseHandle
lstrcpyW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
ReadFile
lstrcmpiW
InterlockedDecrement
lstrcpynW
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
FreeLibrary
lstrlenW
lstrcatW
lstrcmpW
GetModuleHandleW
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
FlushFileBuffers
GetSystemInfo
VirtualProtect
GetTimeZoneInformation
SetStdHandle
LCMapStringW
WideCharToMultiByte
LCMapStringA
GetStringTypeW
GetStringTypeA
SetFilePointer
IsBadCodePtr
IsBadReadPtr
VirtualQuery
IsBadWritePtr
VirtualAlloc
GetCPInfo
GetOEMCP
InitializeCriticalSection
LoadLibraryA
HeapSize
HeapReAlloc
EnterCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
HeapAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapFree
VirtualFree
HeapCreate
HeapDestroy
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThread
SetLastError
TlsAlloc
DeleteCriticalSection
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
MultiByteToWideChar
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
WriteFile
GetCurrentProcess
TerminateProcess
GetProcAddress
GetLastError
GetCurrentThreadId
ExitThread
RaiseException
ExitProcess
RtlUnwind
GetVersionExA
GetStartupInfoW
GetModuleHandleA
GetModuleFileNameW
FindResourceW
LoadResource
SizeofResource
LockResource
GlobalLock
GlobalUnlock
MulDiv
GlobalFree
CreateEventW
ResumeThread
GlobalAlloc
SetEvent
ResetEvent
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
CreateThread
WaitForSingleObject
GlobalReAlloc

user32

RegisterClipboardFormatW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
IsRectEmpty
CharNextW
ReleaseCapture
SetCapture
LoadCursorW
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
MapDialogRect
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetMessageW
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
SetCursor
PostQuitMessage
wsprintfW
CharUpperW
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetMenuItemBitmaps
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
GetFocus
IsWindow
SetFocus
IsChild
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
MessageBoxW
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
GetParent
EqualRect
PostThreadMessageW
IsWindowEnabled
GetClassInfoW
RegisterClassW
UnregisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
PtInRect
GetWindow
SetWindowLongW
GetSystemMetrics
LoadIconW
SetTimer
GetClientRect
IsIconic
GetSystemMenu
PostMessageW
SendMessageW
AppendMenuW
DrawIcon
SetRect
CopyRect
GetDC
ReleaseDC
GetSysColor
FillRect
EnableWindow
InvalidateRect

gdi32

GetMapMode
GetBkColor
GetTextColor
GetRgnBox
CreateRectRgnIndirect
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetStockObject
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
BitBlt
SetMapMode
RestoreDC
SaveDC
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
CreateSolidBrush
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
TextOutW

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegCloseKey
RegOpenKeyW
RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW

comctl32

ord17

shlwapi

PathIsUNCW
PathFindExtensionW
PathStripToRootW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

OleLoadPicture
VariantCopy
SysAllocString
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SysStringLen
SysFreeString
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen

Sections

.text
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cdda9c4ae9dab7c17530b5a00680cc2c

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 160KB - Virtual size: 158KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 68KB - Virtual size: 68KB

.text
Size: 160KB - Virtual size: 158KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 68KB - Virtual size: 68KB