2024-02-03_6c6ead0b4685aa112703464e049ac016_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-02-03_6c6ead0b4685aa112703464e049ac016_icedid
Size

424KB
MD5

6c6ead0b4685aa112703464e049ac016
SHA1

1c1c35d5733d57bcda6ac32eb5900ff4d709ee92
SHA256

6cd3dccb3bd39c4d762816aa38f914ab817f189e132d1285cdbf33e9aaef67c2
SHA512

6760741b27577a502537e253a0f9623ee5ca388845b50edf458bd582c659a575e1c3fe3db70d18312a22d2a9a0be417dafe34d6789df20a0a21d336083b97ee0
SSDEEP

6144:4abhDkzV+z3ItUUiCFYcK/7X0XfGkDmrDI3Z4KFzq+EP78YaAy2+1Oo:4YhozVKIixT7XFPc3CixEP7Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
2024-02-03_6c6ead0b4685aa112703464e049ac016_icedid

Files

2024-02-03_6c6ead0b4685aa112703464e049ac016_icedid
.exe windows:4 windows x86 arch:x86

8c471737d4ce5b46ac449fd535d18851

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Dodo\Downloads\WebPageSnapShot\Release\WebPageSnapShot.pdb

Imports

kernel32

GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
VirtualQuery
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
InterlockedExchange
GetSystemInfo
VirtualProtect
HeapSize
TerminateProcess
HeapReAlloc
ExitProcess
RtlUnwind
HeapAlloc
HeapFree
GetStartupInfoW
SetErrorMode
LocalFileTimeToFileTime
FileTimeToLocalFileTime
GetCurrentDirectoryW
GetShortPathNameW
CreateFileW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetStringTypeExW
DeleteFileW
MoveFileW
SystemTimeToFileTime
FileTimeToSystemTime
InterlockedIncrement
RaiseException
InterlockedDecrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
lstrcmpiW
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
SetFileTime
GetFileAttributesW
GetTickCount
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
CloseHandle
GetCurrentThread
lstrcmpA
lstrcmpiA
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
GetLastError
SetLastError
MulDiv
lstrcpyW
FormatMessageW
LocalFree
GetModuleFileNameW
GlobalAlloc
GlobalFree
FreeResource
GetCurrentThreadId
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
GetModuleHandleA
LoadLibraryA
FreeLibrary
lstrcatW
lstrcmpW
GetModuleHandleW
GetVersionExA
MultiByteToWideChar
GetVersion
lstrcpynW
GlobalLock
lstrlenW
GlobalUnlock
GlobalGetAtomNameW
GlobalAddAtomW
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
VirtualAlloc
LoadLibraryW
GetProcAddress
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
GetTimeZoneInformation

user32

GetNextDlgGroupItem
MessageBeep
PostThreadMessageW
GetSysColorBrush
GetMenuItemInfoW
InflateRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
LoadCursorW
SetCapture
KillTimer
SetTimer
ClientToScreen
SetWindowRgn
DrawIcon
FillRect
FindWindowW
SystemParametersInfoW
RegisterClipboardFormatW
SetWindowContextHelpId
MapDialogRect
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
ShowOwnedPopups
PostQuitMessage
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetMenuStringW
InsertMenuW
SetParent
GetSystemMenu
AppendMenuW
DeleteMenu
IsRectEmpty
IsZoomed
SetMenuItemBitmaps
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
MoveWindow
SetWindowTextW
IsDialogMessageW
CreateWindowExW
SetWindowsHookExW
DestroyIcon
GetClassInfoExW
GetClassLongW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
IsChild
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
MessageBoxW
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
GetClientRect
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
RegisterClassW
UnregisterClassW
DefWindowProcW
CallWindowProcW
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSystemMetrics
PtInRect
RegisterWindowMessageW
wsprintfW
LoadMenuW
DestroyMenu
GetClassNameW
GetSysColor
SetWindowPos
WinHelpW
SetFocus
GetActiveWindow
GetFocus
EqualRect
GetDlgItem
SetWindowLongW
GetKeyState
CharUpperW
CharNextW
InvalidateRgn
CopyAcceleratorTableW
GetDlgCtrlID
GetMenu
UnpackDDElParam
ReuseDDElParam
LoadIconW
GetClassInfoW
SetCursor
PeekMessageW
GetCapture
ReleaseCapture
LoadAcceleratorsW
GetParent
LockWindowUpdate
GetDCEx
WindowFromPoint
SetRect
CallNextHookEx
SetActiveWindow
IsWindowVisible
InvalidateRect
IsIconic
InsertMenuItemW
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreatePopupMenu
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
GetLastActivePopup
BringWindowToTop
PostMessageW
SetMenu
ShowWindow
GetWindowLongW
IsWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
SendMessageW
TranslateAcceleratorW
EnableWindow
UpdateWindow
SetPropW

gdi32

CreateSolidBrush
CreateFontIndirectW
CreateRectRgnIndirect
PatBlt
SetRectRgn
CombineRgn
GetMapMode
GetBkColor
GetRgnBox
GetStockObject
CreateRectRgn
SelectClipRgn
IntersectClipRect
GetViewportExtEx
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetPixel
BitBlt
GetTextColor
CreateCompatibleBitmap
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
DeleteObject
Ellipse
LPtoDP
CreateEllipticRgn
GetDeviceCaps
GetTextExtentPoint32W
GetTextMetricsW
SelectObject
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateCompatibleDC
GetWindowExtEx

comdlg32

GetFileTitleW
PrintDlgW
GetSaveFileNameW
CommDlgExtendedError
GetOpenFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

GetFileSecurityW
RegCloseKey
RegSetValueW
RegOpenKeyW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegCreateKeyExW
RegSetValueExW
RegCreateKeyW
SetFileSecurityW
RegDeleteValueW

shell32

DragQueryFileW
SHGetFileInfoW
ExtractIconW
DragFinish

comctl32

ord17
ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy

shlwapi

PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject

oleaut32

SysAllocStringLen
OleCreateFontIndirect
VariantCopy
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SystemTimeToVariantTime
SysStringLen
SysFreeString
SysAllocString
VariantInit
VariantChangeType
VariantClear

gdiplus

GdipGetImageEncoders
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipSaveImageToFile
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipGetDC
GdipReleaseDC
GdipCloneImage
GdipGetImageEncodersSize
GdiplusStartup
GdiplusShutdown

Exports

Exports

y6ithgrhhytt

Sections

.text
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c471737d4ce5b46ac449fd535d18851

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

Exports

Exports

Sections

.text Size: 232KB - Virtual size: 229KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 12KB - Virtual size: 24KB

.rsrc Size: 108KB - Virtual size: 105KB

.text
Size: 232KB - Virtual size: 229KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 12KB - Virtual size: 24KB

.rsrc
Size: 108KB - Virtual size: 105KB