2024-02-04_1d4f2703f6128fa8f77ec7a60ca99356_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-04_1d4f2703f6128fa8f77ec7a60ca99356_icedid
Size

684KB
MD5

1d4f2703f6128fa8f77ec7a60ca99356
SHA1

c909f20910f5c658f0cd83d8ceeabbde9863219f
SHA256

f45fa6b8ba41e85a2568029ccd0546730dc91bee4857634f4c087148331054e5
SHA512

b6d4539b51da3b0ce8fa4cbfdb036fad64fcb2694a38024909973049d692aa608a33b62fdc82ec5701e9758e27ecc45a0863f0a890de2e0cf4353a4013321159
SSDEEP

12288:Bj8N0M9fpSR1BNxm6Gf1WrQF1vC1Ak0fw2T5fH:VWtSRzN3BrQFB3fNJH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-04_1d4f2703f6128fa8f77ec7a60ca99356_icedid

Files

2024-02-04_1d4f2703f6128fa8f77ec7a60ca99356_icedid
.exe windows:5 windows x86 arch:x86

3bcc0a40734c681207c4634467f27b36

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\weather_2014.09.23 修改完报读（日志问题）\Release\Weather.pdb

Imports

kernel32

HeapFree
ExitThread
CreateThread
GetSystemTimeAsFileTime
HeapReAlloc
RtlUnwind
RaiseException
ExitProcess
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
GetFileAttributesW
HeapAlloc
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetProcessHeap
SetEnvironmentVariableA
GetStartupInfoW
GetFileTime
GetCPInfo
GetFileSizeEx
FileTimeToLocalFileTime
SetErrorMode
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
FileTimeToSystemTime
GetThreadLocale
GetModuleHandleA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrlenA
lstrcmpA
CreateEventW
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
LoadLibraryW
CompareStringW
LoadLibraryA
FreeLibrary
lstrcmpW
GetModuleHandleW
GetProcAddress
GetVersionExA
FreeResource
SetLastError
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
lstrcpynW
lstrcpyW
lstrlenW
ReleaseMutex
GetLastError
CreateMutexW
CreateProcessA
GetTickCount
GlobalFree
GlobalAlloc
CloseHandle
InterlockedDecrement
Sleep
GetCurrentProcessId
GetCurrentThreadId
InterlockedIncrement
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
FindResourceW
LoadResource
LockResource
SizeofResource
GetModuleFileNameW
WideCharToMultiByte
IsDebuggerPresent
MultiByteToWideChar

user32

RegisterClipboardFormatW
PostThreadMessageW
InvalidateRect
CopyAcceleratorTableW
IsRectEmpty
CharNextW
ReleaseCapture
SetCapture
LoadCursorW
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
TabbedTextOutW
DestroyMenu
GetWindowThreadProcessId
SetCursor
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
GetMessageW
TranslateMessage
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageW
MapWindowPoints
TrackPopupMenu
GetKeyState
SetMenu
UpdateWindow
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
EnableWindow
SendMessageW
SetRect
KillTimer
AdjustWindowRectEx
EqualRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
CopyRect
GetMenu
SetWindowPos
OffsetRect
IntersectRect
UnregisterClassW
CharUpperW
InvalidateRgn
MessageBeep
GetNextDlgGroupItem
SendDlgItemMessageW
SetTimer
GetMessagePos
GetWindowRect
PtInRect
TrackMouseEvent
GetDC
ReleaseDC
GetWindowLongW
SetWindowLongW
UpdateLayeredWindow
GetParent
LoadIconW
GetSystemMenu
AppendMenuW
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
PostMessageW
SystemParametersInfoW
IsWindowVisible
GetCursorPos
LoadMenuW
CheckMenuItem
GetSubMenu
SetForegroundWindow
GetMenuItemCount
GetMenuItemID
GetMenuState
EndDialog
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
IsWindow
DestroyWindow
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DrawTextW

gdi32

ExtSelectClipRgn
GetStockObject
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutW
RectVisible
PtVisible
CreateCompatibleDC
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
ExtTextOutW
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
DeleteDC
SelectObject
CreateCompatibleBitmap

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW

shell32

Shell_NotifyIconW

comctl32

InitCommonControlsEx

shlwapi

PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW

oledlg

OleUIBusyW

ole32

CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard

oleaut32

SysFreeString
VariantInit
VariantCopy
VariantClear
VariantChangeType
SysStringLen
SysAllocStringLen
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString

urlmon

URLOpenBlockingStreamW

gdiplus

GdipDrawString
GdipSetTextRenderingHint
GdipDeleteFont
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreateFromHDC
GdipDeleteGraphics
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipDrawImagePointRectI
GdipDrawImageRectI
GdipReleaseDC
GdiplusStartup
GdiplusShutdown
GdipGetImageWidth
GdipGetImageHeight

ws2_32

__WSAFDIsSet
recv
WSACleanup
inet_ntoa
gethostbyname
gethostname
WSAStartup
send
setsockopt
getsockopt
select
connect
ioctlsocket
closesocket
sendto
inet_addr
htons
socket

winmm

timeKillEvent
timeSetEvent

imagehlp

MakeSureDirectoryPathExists

iphlpapi

GetNetworkParams
GetAdaptersInfo
SendARP

Sections

.text
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3bcc0a40734c681207c4634467f27b36

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

gdiplus

ws2_32

winmm

imagehlp

iphlpapi

Sections

.text Size: 296KB - Virtual size: 296KB

.rdata Size: 138KB - Virtual size: 137KB

.data Size: 33KB - Virtual size: 48KB

.rsrc Size: 215KB - Virtual size: 215KB

.text
Size: 296KB - Virtual size: 296KB

.rdata
Size: 138KB - Virtual size: 137KB

.data
Size: 33KB - Virtual size: 48KB

.rsrc
Size: 215KB - Virtual size: 215KB