2024-02-18_137c72d4fbf836edf77c7104650298c8_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-18_137c72d4fbf836edf77c7104650298c8_icedid
Size

240KB
MD5

137c72d4fbf836edf77c7104650298c8
SHA1

5e13931cde5fc6ef48b488fc0817ef1c2771da48
SHA256

ad1817b2c0389ae647a36d644b03e1a63d2c8bb0d3f0bc44554fe1ad08c47871
SHA512

791e6dd25e7ccface9f4ba767d4ac7ae08315d5187a30f705bc80bb65317fee73de548c8a49e5bf30a715e3b9aed450f9740914e92e83faa2f83f393481fbce8
SSDEEP

6144:nocyRAkMgRqEG9DdrPYBqfeMqiQ0I54k:MRANgRqEG9EFiG54k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-18_137c72d4fbf836edf77c7104650298c8_icedid

Files

2024-02-18_137c72d4fbf836edf77c7104650298c8_icedid
.exe windows:4 windows x86 arch:x86

0ec65106b34123b730d5d83e4ecac45d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Source\NEXT\NSISPromotion\GomEncDnInstaller\GomEncDnInstaller\Release\GomEncDnInstaller.pdb

Imports

kernel32

HeapAlloc
HeapReAlloc
GetSystemTimeAsFileTime
ExitThread
CreateThread
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
SetStdHandle
GetFileType
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
GetCurrentProcessId
LCMapStringA
LCMapStringW
IsBadWritePtr
SetUnhandledExceptionFilter
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
ExitProcess
RtlUnwind
GetStartupInfoW
SetErrorMode
FlushFileBuffers
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalReAlloc
GlobalFlags
lstrcmpiW
LocalAlloc
RaiseException
InterlockedDecrement
MulDiv
FormatMessageW
LocalFree
ResumeThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcpyW
GetLocaleInfoW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
GetModuleHandleA
LoadLibraryA
lstrcatW
lstrcmpW
GetModuleHandleW
GetVersionExA
FreeResource
SetThreadPriority
WriteFile
Sleep
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WritePrivateProfileStringW
GetCommandLineW
GetModuleFileNameW
GetTickCount
GetTempPathW
CreateDirectoryW
SetLastError
GetVersion
GetCurrentThread
GetCurrentProcess
LoadLibraryW
GetProcAddress
FreeLibrary
lstrcpynW
MultiByteToWideChar
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
lstrlenW
GetFileAttributesW
GetLastError
GetFileSize
CreateFileW
SetFilePointer
ReadFile
CloseHandle
WideCharToMultiByte
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
WaitForSingleObject
TerminateProcess
DeleteFileW
FindResourceW
LoadResource
LockResource
QueryPerformanceCounter
SizeofResource

user32

wsprintfW
LoadCursorW
GetSysColorBrush
EndPaint
BeginPaint
ReleaseDC
GetDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
DestroyMenu
GetMessageW
ValidateRect
SetCursor
PostQuitMessage
SetMenuItemBitmaps
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
ShowWindow
SetWindowTextW
IsDialogMessageW
WinHelpW
GetCapture
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxW
TrackPopupMenu
GetKeyState
IsWindowVisible
UpdateWindow
GetMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
GetClassInfoW
RegisterClassW
UnregisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SystemParametersInfoA
PtInRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
PostMessageW
RegisterWindowMessageW
GetWindowTextW
GetForegroundWindow
SetWindowLongW
ClientToScreen
GetWindowPlacement
GetWindowLongW
SetWindowPos
SendDlgItemMessageW
GetWindowRect
DestroyIcon
CopyRect
PeekMessageW
TranslateMessage
DispatchMessageW
GetCursorPos
GetSystemMetrics
LoadIconW
SetForegroundWindow
GetClientRect
IsIconic
SendMessageW
LoadMenuW
GetSubMenu
DrawIcon
EnableWindow
SendDlgItemMessageA

gdi32

SetMapMode
RestoreDC
SaveDC
GetStockObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutW
RectVisible
PtVisible
GetDeviceCaps
CreateBitmap
GetObjectW
SetTextColor
GetClipBox
SelectObject
DeleteObject
SetBkColor
ExtTextOutW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegOpenKeyW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegQueryValueW
RegCloseKey
RegEnumKeyW
RegDeleteKeyW

shell32

Shell_NotifyIconW
ShellExecuteExW

comctl32

ord17

shlwapi

PathFindFileNameW
PathFindExtensionW

oleaut32

VariantInit
VariantClear
VariantChangeType

wininet

InternetCrackUrlW
InternetCloseHandle
InternetReadFile
InternetQueryDataAvailable
HttpQueryInfoW
InternetOpenUrlW
InternetSetOptionW
InternetOpenW
InternetCanonicalizeUrlW

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gtzzbhl
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0ec65106b34123b730d5d83e4ecac45d

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

wininet

Sections

.text Size: 104KB - Virtual size: 104KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 8KB - Virtual size: 21KB

.rsrc Size: 92KB - Virtual size: 92KB

gtzzbhl Size: - Virtual size: 4KB

.text
Size: 104KB - Virtual size: 104KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 8KB - Virtual size: 21KB

.rsrc
Size: 92KB - Virtual size: 92KB

gtzzbhl
Size: - Virtual size: 4KB