2024-02-18_6ca4e87ff9993ea3f66be9ef0a50cc31_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-02-18_6ca4e87ff9993ea3f66be9ef0a50cc31_icedid
Size

3.3MB
MD5

6ca4e87ff9993ea3f66be9ef0a50cc31
SHA1

b28b09062243e7914344442b81b00379f10c1f72
SHA256

bff0a515d41bb715cdaad1382b20eb264f7ba279750a994515c73dca15b6bd18
SHA512

e1a857595525961cc4115f3d65dd05baff7a568b1757a02de4ae7614e3ef879d8b65e6bad36d76fa11991215e41d5e774313f5838536f6c2b183868d4577ca92
SSDEEP

98304:Wq9XyeJabiQCOamSfDmaKv/YR8rluYgLkLiUZaH6u+sUTQ:Wq9XyeJabiQCOamSfDmaKvA2rluVLkLs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-18_6ca4e87ff9993ea3f66be9ef0a50cc31_icedid

Files

2024-02-18_6ca4e87ff9993ea3f66be9ef0a50cc31_icedid
.exe windows:4 windows x86 arch:x86

2650c4f8a50614271d2bc032270f6c52

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Camfrog\Camfrog Software Project\Camfrog Client\Client\Release\Camfrog Video Chat.pdb

Imports

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegEnumKeyExA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA

language

GetStringFromID
GetHINSTANCE

vs_connect

get_device_name
get_current_device
set_current_device
turn_preview
go_down
pause_audio_stream
clear_receiver_audio
startup_DLL
clear_sender_audio
close_cfs_video_channel
close_cfs
open_cfs_video_channel
pause_video_stream
startup_cfs
set_OSD_image
get_video_frame
p2p_receiver_startup
set_UDP_server
close_p2p
startup_p2p
p2p_sender_startup
startup_p2p_receiver
get_device_count

notifydll

RemovePopup
AddPopup
SetPopupHWND

svr_protocol

break_connect
send_command
start_connect
on_init_dll
udp_responders

winmm

mixerOpen
mixerGetNumDevs
mixerGetDevCapsA
mixerGetLineControlsA
mixerGetLineInfoA
mixerSetControlDetails
mixerGetControlDetailsA
PlaySoundA
mixerClose

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

f_exch

_fe_set_UDP_server
_fe_process_receive
_fe_init
_fe_receive_finalize
_fe_send_go
_fe_process_send
_fe_start_receive
_fe_start_send
_fe_done
_fe_receive_go

kernel32

FreeResource
LocalFree
lstrcpynA
FormatMessageA
SetLastError
InterlockedDecrement
lstrcmpW
lstrcatA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
VirtualProtect
lstrcmpA
lstrcpyA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
FileTimeToSystemTime
LocalAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
InterlockedIncrement
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
GlobalMemoryStatus
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
SetErrorMode
HeapAlloc
HeapFree
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitProcess
RtlUnwind
GetSystemTimeAsFileTime
GetTimeZoneInformation
HeapReAlloc
ExitThread
CreateThread
GetStartupInfoA
GetCommandLineA
TerminateProcess
HeapSize
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
GetStdHandle
SetHandleCount
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetStdHandle
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
InterlockedExchange
GetCurrentProcessId
QueryPerformanceCounter
CreateEventA
ResumeThread
SetEvent
ResetEvent
MoveFileA
GetACP
SetFilePointer
WriteFile
FlushFileBuffers
GetLocalTime
DeleteFileA
GetTimeFormatA
GetDateFormatA
GetFileSize
GlobalReAlloc
GlobalFree
UnmapViewOfFile
LoadLibraryA
GetProcAddress
GetLocaleInfoA
GetThreadLocale
FreeLibrary
GetTickCount
OpenFileMappingA
MapViewOfFile
CreateDirectoryA
GetCurrentDirectoryA
GlobalAlloc
GlobalLock
GlobalUnlock
GetModuleFileNameA
IsDebuggerPresent
CreateFileA
ReadFile
CloseHandle
WinExec
CreateMutexA
WaitForSingleObject
ReleaseMutex
MulDiv
CreateProcessA
FindResourceA
LoadResource
LockResource
SizeofResource
GetCurrentThreadId
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
GetVersionExA
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
MultiByteToWideChar

user32

IsDialogMessageA
SetWindowTextA
GetDlgCtrlID
MoveWindow
SetFocus
GetWindowTextA
GetWindowTextLengthA
GetWindow
GetWindowPlacement
SetWindowPlacement
RegisterClassA
GetClassInfoA
SetScrollInfo
GetScrollInfo
DeferWindowPos
AdjustWindowRectEx
GetKeyState
TrackPopupMenu
PeekMessageA
GetMessagePos
GetMessageTime
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
DispatchMessageA
GetLastActivePopup
IsChild
RemovePropA
GetPropA
SetPropA
GetClassInfoExA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
GetCapture
WinHelpA
SetMenuItemBitmaps
GetWindowDC
BeginPaint
EndPaint
MapDialogRect
ValidateRect
TranslateMessage
GetMessageA
PostQuitMessage
SetRectEmpty
SetWindowContextHelpId
RegisterClipboardFormatA
GetSysColorBrush
CharNextA
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
PostThreadMessageA
GetDCEx
SetParent
CreateDialogIndirectParamA
GetDlgItem
EndDialog
CallWindowProcA
IsRectEmpty
MessageBeep
MapWindowPoints
LockWindowUpdate
GrayStringA
DrawTextExA
TabbedTextOutA
UpdateWindow
GetClassNameA
IsZoomed
GetScrollPos
GetKeyboardState
SetKeyboardState
IsClipboardFormatAvailable
GetClipboardData
ScreenToClient
RegisterHotKey
RegisterWindowMessageA
GetLastInputInfo
GetAsyncKeyState
TranslateAcceleratorA
SetWindowPos
LoadAcceleratorsA
GetCursorPos
EmptyClipboard
CloseClipboard
SetClipboardData
ReleaseCapture
IsWindowEnabled
SetActiveWindow
OpenInputDesktop
GetUserObjectInformationA
CloseDesktop
SetLayeredWindowAttributes
FlashWindowEx
GetForegroundWindow
OpenClipboard
GetDesktopWindow
GetFocus
SetCapture
GetSystemMenu
DrawMenuBar
RemoveMenu
ModifyMenuA
InsertMenuA
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
AppendMenuA
LoadBitmapA
EqualRect
IntersectRect
SetRect
PtInRect
FindWindowA
ShowWindow
GetSubMenu
TrackPopupMenuEx
IsWindow
DestroyMenu
LoadCursorA
DestroyCursor
LoadImageA
GetIconInfo
CreateIconIndirect
SetCursor
DestroyIcon
WindowFromPoint
GetNextDlgTabItem
GetActiveWindow
InvalidateRect
ClientToScreen
DrawFocusRect
DrawFrameControl
FrameRect
InflateRect
DrawStateA
GetMenuStringA
SetMenuItemInfoA
GetSysColor
SystemParametersInfoA
GetMenuCheckMarkDimensions
ReleaseDC
GetDC
SetMenu
GetMenu
LoadMenuA
GetMenuItemInfoA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
DrawTextA
DrawEdge
FillRect
CopyRect
wsprintfA
GetSystemMetrics
SetForegroundWindow
KillTimer
SetTimer
IsWindowVisible
GetClientRect
IsIconic
DrawIcon
RedrawWindow
DestroyWindow
RegisterClassExA
CreateWindowExA
SetWindowLongA
PostMessageA
GetWindowLongA
DefWindowProcA
MessageBoxA
UnregisterClassA
EnableWindow
LoadIconA
SendMessageA
GetWindowRect
OffsetRect
CharUpperA
SendDlgItemMessageA
UnregisterHotKey
UnhookWindowsHookEx
GetParent

gdi32

CreatePen
GetCurrentObject
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
Rectangle
SetWindowOrgEx
SetViewportOrgEx
GetViewportOrgEx
SetBkMode
CreateDCA
CreateFontA
CreateHalftonePalette
GetDIBColorTable
GetClipBox
SaveDC
RestoreDC
SetMapMode
ExcludeClipRect
IntersectClipRect
CombineRgn
CreatePalette
SetPixel
LineTo
MoveToEx
SetTextAlign
CreateDIBSection
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
CreateRectRgnIndirect
SetRectRgn
GetMapMode
GetTextMetricsA
GetBkColor
GetTextColor
GetRgnBox
SelectPalette
RealizePalette
StretchBlt
CreateSolidBrush
GetTextExtentPoint32A
CreateBitmap
SelectObject
SetBkColor
SetTextColor
DeleteDC
GetStockObject
DeleteObject
GetPixel
BitBlt
PatBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
GetDeviceCaps
CreateFontIndirectA

msimg32

TransparentBlt

comdlg32

GetSaveFileNameA
GetFileTitleA
ChooseFontA
GetOpenFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
ShellExecuteA
Shell_NotifyIconA
ShellExecuteExA

comctl32

ImageList_Destroy
_TrackMouseEvent
ord17
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_GetImageInfo
ImageList_Draw
ImageList_Create

shlwapi

PathStripToRootA
PathFindFileNameA
PathFindExtensionA
StrToIntA
SHCopyKeyA
PathIsUNCA

oledlg

ord8

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
CoInitialize
CoCreateInstance
OleCreateStaticFromData
OleDuplicateData
ReleaseStgMedium
OleSetContainedObject
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString

oleaut32

OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString
VarBstrCmp
VariantInit
VariantClear
VariantChangeType
SysAllocStringLen
SysAllocString
VarBstrFromDate
VarDateFromStr
SysAllocStringByteLen
SysStringByteLen
OleLoadPicture
SysStringLen
VariantCopy
SafeArrayDestroy

ws2_32

bind
connect
send
recv
WSAStartup
WSACleanup
socket
accept
WSAAsyncSelect
WSAAsyncGetHostByName
closesocket
WSACancelAsyncRequest
htonl
inet_addr
WSASetLastError
htons
WSAGetLastError
ioctlsocket

wininet

InternetGetConnectedState

Sections

.text
Size: 964KB - Virtual size: 962KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2650c4f8a50614271d2bc032270f6c52

Headers

File Characteristics

PDB Paths

Imports

advapi32

language

vs_connect

notifydll

svr_protocol

winmm

version

f_exch

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

wininet

Sections

.text Size: 964KB - Virtual size: 962KB

.rdata Size: 204KB - Virtual size: 202KB

.data Size: 44KB - Virtual size: 73KB

.rsrc Size: 2.1MB - Virtual size: 2.1MB

.text
Size: 964KB - Virtual size: 962KB

.rdata
Size: 204KB - Virtual size: 202KB

.data
Size: 44KB - Virtual size: 73KB

.rsrc
Size: 2.1MB - Virtual size: 2.1MB