2024-02-02_60c426d5a55410009c156a908c44f81f_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-02_60c426d5a55410009c156a908c44f81f_icedid
Size

568KB
MD5

60c426d5a55410009c156a908c44f81f
SHA1

ef5f4054d854b2f151ff77c1bb8de45b235f95fc
SHA256

a84dcf2d3e0d60b48147e630f77e587d00835957133507c2afc3b4fde10fea6f
SHA512

3d62e4816a7772bc31fa94cb4f529f9894bca68933614d9e2246b9852c981abd6b88797f42ad4720ee6b0e86ca9b5fdea8d382410109879cf5d2145fd36a144a
SSDEEP

12288:qn4HQeFQupmCHQAfwWVNgWE9CefmCjv8MalW17PFMlqjCNyOomlAYTwl:qn4weFQupmCHQAfwWVyWYffmYCW17Cl2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-02_60c426d5a55410009c156a908c44f81f_icedid

Files

2024-02-02_60c426d5a55410009c156a908c44f81f_icedid
.exe windows:4 windows x86 arch:x86

ad90b6a413f64e5a0608c2f793086bee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\MyProjects\flower quest\Release\Flower Quest.pdb

Imports

kernel32

FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
CreateFileA
GetModuleFileNameA
GetProcAddress
LoadLibraryA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
InterlockedDecrement
InterlockedIncrement
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
FindClose
LocalReAlloc
TlsFree
lstrcatA
GetModuleHandleA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
lstrcmpA
GlobalFlags
GetCurrentThreadId
lstrcmpW
FreeLibrary
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCPInfo
GetOEMCP
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapSize
TerminateProcess
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
lstrcpyA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
SetLastError
GlobalFree
FindResourceA
LoadResource
LockResource
SizeofResource
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
GetWindowsDirectoryA
Sleep
CreateMutexA
CloseHandle
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
TlsSetValue
InterlockedExchange

user32

LoadBitmapA
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
ModifyMenuA
SetMenuItemBitmaps
DestroyMenu
PostQuitMessage
RemovePropA
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
SetForegroundWindow
GetMenu
PostMessageA
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
DefWindowProcA
SetWindowLongA
SetWindowPos
IsIconic
GetWindowPlacement
CopyRect
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetWindowsHookExA
CallNextHookEx
DispatchMessageA
GetKeyState
PeekMessageA
ValidateRect
GetWindow
GetWindowRect
PtInRect
GetFocus
GetWindowTextA
SetWindowTextA
GetClassNameA
SendMessageA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
GetDC
CharUpperA
SetCursorPos
LoadCursorA
SetCursor
GetCursorPos
ReleaseDC
GetSysColor
GetSysColorBrush
UnregisterClassA
GetSystemMetrics
GetMenuState
RegisterWindowMessageA
ClientToScreen
GetClientRect
MessageBoxA
SystemParametersInfoA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
SetPropA
CallWindowProcA
GetPropA
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetDlgCtrlID

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA

winmm

timeEndPeriod
timeGetTime
timeBeginPeriod

hge

hgeCreate

dinput

DirectInputCreateA

bass

BASS_SampleStop
BASS_ChannelStop
BASS_ChannelIsActive
BASS_SampleGetChannel
BASS_MusicLoad
BASS_ChannelSlideAttributes
BASS_ErrorGetCode
BASS_SampleGetInfo
BASS_SampleSetInfo
BASS_ChannelSetAttributes
BASS_Start
BASS_Pause
BASS_Stop
BASS_Free
BASS_SampleLoad
BASS_Init
BASS_GetDeviceDescription
BASS_GetVersion
BASS_ChannelPlay

ijl15

ord3
ord4
ord2

comctl32

ord17

shlwapi

PathStripToRootA
PathIsUNCA
PathFindFileNameA

oleacc

LresultFromObject
CreateStdAccessibleObject

gdi32

SetBkColor
SetTextColor
RestoreDC
SaveDC
DeleteObject
GetClipBox
SetViewportExtEx
GetStockObject
CreateBitmap
DeleteDC
SetMapMode
PtVisible
ScaleWindowExtEx
SetWindowExtEx
GetDeviceCaps
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
ScaleViewportExtEx

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

comdlg32

GetFileTitleA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 440KB - Virtual size: 436KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 134.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad90b6a413f64e5a0608c2f793086bee

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

winmm

hge

dinput

bass

ijl15

comctl32

shlwapi

oleacc

gdi32

winspool.drv

comdlg32

oleaut32

Sections

.text Size: 440KB - Virtual size: 436KB

.rdata Size: 68KB - Virtual size: 66KB

.data Size: 32KB - Virtual size: 134.6MB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 440KB - Virtual size: 436KB

.rdata
Size: 68KB - Virtual size: 66KB

.data
Size: 32KB - Virtual size: 134.6MB

.rsrc
Size: 24KB - Virtual size: 23KB