2024-02-17_c07d95eef4ddf51f4a171802db2b942d_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-02-17_c07d95eef4ddf51f4a171802db2b942d_icedid
Size

1.0MB
MD5

c07d95eef4ddf51f4a171802db2b942d
SHA1

469e858ee9b7bedc233d62a28b1b09b843afb79a
SHA256

84002b4c57042d25e6d443a1d9b6c653836d8676d2a2b17d7adb349d8385fd18
SHA512

f24f8bf843d8d2bf66c6d2eaaff6eb67979f4dd592e292a2af5a584bd494c286d3b06805d932ead54bd7c09f5ccae1db65a6982d7bed2acf03e47004a38b8be5
SSDEEP

24576:nRoe+LSzNp4wj9D25kgkn4lzmLpbXfh4mVu:RojL/a9mkIoPh4Au

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-17_c07d95eef4ddf51f4a171802db2b942d_icedid

Files

2024-02-17_c07d95eef4ddf51f4a171802db2b942d_icedid
.exe windows:5 windows x86 arch:x86

cb9322ce5d5ff7e9a36e983f3fc38615

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\15000\ใหม่\MX_CODE แก้เวล99จุติทบรอบ\MHAutoPatch\MHAutoPatch.pdb

Imports

kernel32

UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileW
SetEnvironmentVariableA
CompareStringW
GetProcessHeap
GetLocaleInfoW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
LCMapStringW
LCMapStringA
GetTimeZoneInformation
GetConsoleOutputCP
WriteConsoleA
InitializeCriticalSectionAndSpinCount
GetStringTypeW
GetStringTypeA
HeapReAlloc
HeapSize
HeapAlloc
VirtualFree
HeapFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
QueryPerformanceCounter
IsValidCodePage
GetACP
LoadLibraryW
GetConsoleMode
GetConsoleCP
SetHandleCount
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
GetStdHandle
DebugBreak
GetFileType
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
ExitThread
CreateThread
ExitProcess
IsBadReadPtr
HeapValidate
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
RtlUnwind
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTickCount
GetFileTime
GetFileSizeEx
GetFileAttributesA
FileTimeToSystemTime
GetModuleHandleW
VirtualProtect
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedIncrement
GetAtomNameA
GetOEMCP
GetCPInfo
GlobalFlags
InterlockedDecrement
GetModuleFileNameW
SetErrorMode
LocalAlloc
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
MulDiv
FormatMessageA
LocalFree
WritePrivateProfileStringA
GlobalUnlock
GlobalFree
GetCurrentProcessId
CreateEventA
SetEvent
InterlockedExchange
GlobalLock
GlobalAlloc
lstrcmpA
GetCurrentThread
GetLocaleInfoA
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetThreadLocale
lstrlenA
SuspendThread
ResumeThread
SetThreadPriority
WideCharToMultiByte
SizeofResource
CompareStringA
SetLastError
LoadLibraryA
FindResourceA
LoadResource
LockResource
FreeResource
lstrcmpW
FreeLibrary
GetLastError
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
Sleep
GetProcAddress
GetVersionExA
IsDBCSLeadByte
GetCurrentDirectoryA
WaitForSingleObject
MultiByteToWideChar
CreateProcessA
CloseHandle
GetCurrentProcess
TerminateProcess
OpenEventA

user32

GetMenuState
GetMenuItemID
EndDialog
CreateDialogIndirectParamA
GetWindowThreadProcessId
SetCursor
GetCursorPos
GetMessageA
TranslateMessage
PostQuitMessage
CharNextA
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
LoadCursorA
PostThreadMessageA
EnableWindow
SetWindowContextHelpId
GetForegroundWindow
SetForegroundWindow
GetLastActivePopup
GetNextDlgTabItem
GetNextDlgGroupItem
GetDesktopWindow
SetCapture
GetActiveWindow
KillTimer
SetTimer
RedrawWindow
ShowOwnedPopups
IsWindowVisible
ValidateRect
InvalidateRgn
InvalidateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
GetSubMenu
ClientToScreen
BringWindowToTop
DrawTextA
GetMenuCheckMarkDimensions
LoadBitmapA
SetMenuItemBitmaps
TabbedTextOutA
PostMessageA
MapDialogRect
RegisterWindowMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
LoadIconA
SendDlgItemMessageA
GetClientRect
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
GetTopWindow
IsChild
GetParent
GetWindow
GetCapture
WinHelpA
TrackPopupMenu
GetDlgItem
GetWindowTextA
GetKeyState
DestroyWindow
SendMessageA
GetDlgCtrlID
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
DrawTextExA
GrayStringA
MessageBoxA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
SetMenu
GetMenu
GetMessageTime
GetMessagePos
IsWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
OffsetRect
GetMenuItemCount
IsMenu
GetSysColorBrush
FillRect
IntersectRect
SystemParametersInfoA
DrawIcon
BeginPaint
GetSystemMetrics
InflateRect
SetRect
PtInRect
EnumDisplaySettingsA
GetMonitorInfoA
EnumDisplayMonitors
GetWindowRect
GetWindowPlacement
IsIconic
CreatePopupMenu
CheckMenuItem
EnableMenuItem
GetMenuItemInfoA
InsertMenuItemA
ModifyMenuA
LoadMenuA
CharUpperA
GetClipboardFormatNameA
UnpackDDElParam
DestroyMenu
SetRectEmpty
ReleaseCapture
CopyAcceleratorTableA
LoadAcceleratorsA
TranslateAcceleratorA
ReuseDDElParam
IsRectEmpty
RegisterClipboardFormatA
UnregisterClassA
MessageBeep

gdi32

CreatePatternBrush
CreateFontIndirectA
CreateCompatibleBitmap
CreateRectRgnIndirect
GetRgnBox
CreateCompatibleDC
SelectObject
GetBkColor
GetTextColor
GetMapMode
GetViewportExtEx
GetWindowExtEx
DPtoLP
PtVisible
RectVisible
BitBlt
GetPixel
TextOutA
GetTextExtentPoint32A
Escape
DeleteDC
SaveDC
RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetObjectType
GetStockObject
GetDeviceCaps
ExtTextOutA
GetObjectA
SetBkColor
CreateBitmap
SetTextColor
GetClipBox
ExtSelectClipRgn
DeleteObject
CreateSolidBrush

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RevertToSelf
RegCloseKey
RegQueryValueExA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
SetThreadToken
OpenThreadToken

shell32

DragFinish
DragQueryFileA
ShellExecuteA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
UrlUnescapeA
PathFindExtensionA

oledlg

ord8

ole32

CoTaskMemAlloc
StringFromCLSID
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
StringFromGUID2
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRevokeClassObject
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID

oleaut32

SystemTimeToVariantTime
VariantChangeType
VariantInit
SysAllocStringLen
OleCreateFontIndirect
SysFreeString
SysStringLen
SysAllocStringByteLen
SysAllocString
SafeArrayDestroy
VariantCopy
VariantTimeToSystemTime
VariantClear

urlmon

URLDownloadToFileA

gdiplus

GdipCloneImage
GdipDrawImageRectI
GdipCreateFromHDC
GdipDisposeImage
GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown

wininet

InternetCanonicalizeUrlA
InternetQueryOptionA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
InternetGetLastResponseInfoA
HttpQueryInfoA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetSetOptionExA
InternetCrackUrlA

Sections

.text
Size: 692KB - Virtual size: 691KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 235KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb9322ce5d5ff7e9a36e983f3fc38615

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

gdiplus

wininet

Sections

.text Size: 692KB - Virtual size: 691KB

.rdata Size: 235KB - Virtual size: 235KB

.data Size: 13KB - Virtual size: 40KB

.rsrc Size: 104KB - Virtual size: 104KB

.text
Size: 692KB - Virtual size: 691KB

.rdata
Size: 235KB - Virtual size: 235KB

.data
Size: 13KB - Virtual size: 40KB

.rsrc
Size: 104KB - Virtual size: 104KB