2024-02-14_b2041ccc47b84f9404261a06806871e6_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-14_b2041ccc47b84f9404261a06806871e6_icedid
Size

544KB
MD5

b2041ccc47b84f9404261a06806871e6
SHA1

d6cae5c37ad9a0bd9f0fe0b980debd6cdafd8130
SHA256

88c545d37a3312dfe444b4361c3ef449fb487cf41bee75d347eaac5987aff7bd
SHA512

ed743bdc3787680dbf4322bfac62a4e9c721bbe19f31fa506f7b69ee6ee283bcc4e7b596d7a9c5304b36190297e3cc2b22285d9b18d9e6f41df2c6162b281226
SSDEEP

6144:3bTx6wj5FBUswRj4mFlsAJPEf8mDN17rXJ:rTtFFBRsj4mgAxEfDDNFX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-14_b2041ccc47b84f9404261a06806871e6_icedid

Files

2024-02-14_b2041ccc47b84f9404261a06806871e6_icedid
.exe windows:4 windows x86 arch:x86

0a0fb4ef999a38a27fb0b5a7440977ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\worksvn\Usb移动存储介质管理系统\源码\trunk\用户端\基于过滤驱动版本v1.0\应用层\MsgDlg\Release\MsgDlg.pdb

Imports

kernel32

QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetUnhandledExceptionFilter
IsBadWritePtr
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
VirtualFree
HeapCreate
HeapDestroy
HeapSize
GetVersionExA
TerminateProcess
HeapReAlloc
GetCommandLineA
GetStartupInfoA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
RtlUnwind
ExitProcess
HeapAlloc
HeapFree
GetTickCount
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FileTimeToSystemTime
GetOEMCP
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
lstrcmpA
CloseHandle
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
GetProcAddress
CompareStringW
CompareStringA
GetLastError
GetPrivateProfileStringA
GetModuleFileNameA
WritePrivateProfileStringA
lstrlenW
FreeResource
GetCPInfo
lstrlenA
lstrcmpiA
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
MultiByteToWideChar
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersion
GetStringTypeA

user32

SetParent
RegisterClipboardFormatA
PostThreadMessageA
GetDCEx
ReleaseCapture
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
wsprintfA
CreateDialogIndirectParamA
EndDialog
EndPaint
BeginPaint
GetWindowDC
GetMessageA
TranslateMessage
ValidateRect
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
GetDlgItem
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxA
TrackPopupMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
AdjustWindowRectEx
EqualRect
GetClassInfoA
RegisterClassA
UnregisterClassA
CallWindowProcA
SetWindowPos
IntersectRect
IsIconic
GetWindowPlacement
GetWindow
DefWindowProcA
GetDlgCtrlID
GetKeyState
GetCursorPos
IsChild
GetCapture
ScreenToClient
DeferWindowPos
IsWindow
SetRectEmpty
PtInRect
SetWindowLongA
GetMenuStringA
DestroyMenu
CharUpperA
LoadIconA
KillTimer
SetTimer
LoadCursorA
PostMessageA
SetCursor
DestroyCursor
GetWindowLongA
WindowFromPoint
GetParent
GetNextDlgTabItem
GetActiveWindow
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
IsRectEmpty
CharNextA
InvalidateRect
ClientToScreen
GetClientRect
GetWindowRect
SendMessageA
DrawFocusRect
FrameRect
OffsetRect
InflateRect
IsMenu
DrawStateA
GetMenuItemInfoA
GetSystemMetrics
SystemParametersInfoA
DrawIconEx
DestroyIcon
SetCapture
PeekMessageA
LockWindowUpdate
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
EnableWindow
GetDesktopWindow
ReleaseDC
GetDC
ModifyMenuA
GetSubMenu
GetMenuState
GetMenuItemID
GetMenuItemCount
AppendMenuA
CreatePopupMenu
CreateMenu
DrawEdge
LoadBitmapA
GetSysColorBrush
FillRect
GetSysColor
CopyRect
SetRect
GetTopWindow

gdi32

ExtSelectClipRgn
CreatePatternBrush
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
GetTextColor
SaveDC
GetClipBox
GetBkColor
CreateFontA
GetCharWidthA
StretchDIBits
StretchBlt
CreateBitmap
SetBkColor
SetTextColor
GetStockObject
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
RestoreDC
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
GetRgnBox
DeleteDC
GetTextExtentPoint32W
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetTextExtentPoint32A
SetPixel
GetPixel
PatBlt
Ellipse
GetBkMode
GetDeviceCaps
GetObjectA
CreateCompatibleBitmap
CreateFontIndirectA
CreatePen
CreateCompatibleDC
CreateDIBSection
SelectObject
BitBlt
CreateSolidBrush
DeleteObject
SetBkMode

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegCloseKey
RegOpenKeyExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA

shell32

ShellExecuteExA

comctl32

ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_GetIcon
ImageList_Draw
_TrackMouseEvent
ord17
ImageList_Destroy
ImageList_Create
ImageList_AddMasked

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize

oleaut32

OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
SysAllocStringByteLen
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString

winmm

PlaySoundA
sndPlaySoundA

Sections

.text
Size: 208KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 268KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a0fb4ef999a38a27fb0b5a7440977ec

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

winmm

Sections

.text Size: 208KB - Virtual size: 204KB

.rdata Size: 52KB - Virtual size: 48KB

.data Size: 12KB - Virtual size: 22KB

.rsrc Size: 268KB - Virtual size: 264KB

.text
Size: 208KB - Virtual size: 204KB

.rdata
Size: 52KB - Virtual size: 48KB

.data
Size: 12KB - Virtual size: 22KB

.rsrc
Size: 268KB - Virtual size: 264KB