2024-02-19_473823333aea7ed4d2846e9197bc6b85_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-19_473823333aea7ed4d2846e9197bc6b85_icedid
Size

556KB
MD5

473823333aea7ed4d2846e9197bc6b85
SHA1

e08256a48d9fc6cc39f949a79085cd0eff659fa4
SHA256

1ac02a628fff13fbf226b15a99226f66c0b3e2a6854dc6e82d65a9dd8a8909ef
SHA512

1075482f590d440508dc5919c9f4e3fa26c82cc1769c737c35a2a78ea2a461d643f978948f8d76f693fc780d33d3884ac5a2f91611208f2525dcfac38d843f69
SSDEEP

12288:C9HNmNTxnyCbTEyyVwsqke94nyPR6n55WloFmzrAIfQqn69ATXtSAR:C9ARxnurt0EnLWZzrAIY+6+TXc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-19_473823333aea7ed4d2846e9197bc6b85_icedid

Files

2024-02-19_473823333aea7ed4d2846e9197bc6b85_icedid
.exe windows:4 windows x86 arch:x86

813239080044b769042c5f02005f2bee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\DesktopWork\Launcher\NyxLauncher\Release\NyxLauncher.pdb

Imports

kernel32

HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
VirtualQuery
TerminateProcess
GetTimeFormatA
GetDateFormatA
GetStartupInfoA
GetCommandLineA
ExitThread
CreateThread
GetSystemTimeAsFileTime
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
RtlUnwind
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetStdHandle
GetLocaleInfoW
SetEnvironmentVariableA
SetErrorMode
GetFileTime
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GlobalFlags
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
InterlockedDecrement
InterlockedIncrement
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
GetProcAddress
SetLastError
GlobalAlloc
FormatMessageA
lstrcpynA
LocalFree
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
MoveFileA
WaitForMultipleObjects
SetEndOfFile
ReadFile
GetFileSize
SetFileAttributesA
SetFilePointer
GetCurrentThreadId
WriteFile
CreateFileA
CreateEventA
SetEvent
WaitForSingleObject
CreateDirectoryA
GetFileAttributesA
GetModuleHandleA
GetModuleFileNameA
FindFirstFileA
FindNextFileA
FindClose
FindResourceExA
GetFullPathNameA
CreateProcessA
CloseHandle
LeaveCriticalSection
EnterCriticalSection
GetTickCount
Sleep
GetCurrentProcessId
ExitProcess
DeleteFileA
OutputDebugStringA
GetSystemInfo
GlobalMemoryStatus
MulDiv
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
QueryPerformanceCounter
GetTimeZoneInformation
QueryPerformanceFrequency
GetProcessHeap

user32

GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
IsChild
GetForegroundWindow
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxA
GetKeyState
IsWindowVisible
UpdateWindow
GetMenu
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
CallWindowProcA
IntersectRect
GetWindowPlacement
GetFocus
GetDlgCtrlID
IsDialogMessageA
SendDlgItemMessageA
GetWindowTextLengthA
GetWindowTextA
GetWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
RegisterClipboardFormatA
CreateDialogIndirectParamA
IsWindow
IsWindowEnabled
GetParent
EndDialog
wsprintfA
SetRectEmpty
LoadImageA
GetSysColor
SetCapture
ReleaseCapture
SystemParametersInfoA
SetTimer
SetCursor
GetCursorPos
PtInRect
EqualRect
FrameRect
InflateRect
SetWindowRgn
CopyRect
SetWindowTextA
IsRectEmpty
KillTimer
LoadCursorA
ScreenToClient
MoveWindow
OffsetRect
CreateWindowExA
SetWindowLongA
GetWindowLongA
DefWindowProcA
PeekMessageA
TranslateMessage
DispatchMessageA
GetWindowRect
GetClientRect
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
DrawTextA
SetRect
DestroyMenu
DestroyWindow
GetDesktopWindow
SetActiveWindow
SetForegroundWindow
SetWindowPos
OpenIcon
InvalidateRect
LoadAcceleratorsA
UnregisterClassA
LoadIconA
TranslateAcceleratorA
GetSystemMetrics
GetUpdateRect
IsIconic
PostMessageA
PostThreadMessageA
DrawIcon
CharUpperA
EnableWindow
GetDlgItem
ShowWindow
SetFocus
GetDC
SendMessageA
ReleaseDC
GetNextDlgTabItem
GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
CallNextHookEx
TabbedTextOutA
GetMessageA
ValidateRect
CharNextA
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
RegisterWindowMessageA
WinHelpA
GetCapture
GetActiveWindow
SetWindowsHookExA

gdi32

GetTextColor
SaveDC
RestoreDC
SetBkMode
SetMapMode
GetViewportExtEx
GetWindowExtEx
PtVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
GetBkColor
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreateRectRgnIndirect
GetMapMode
GetRgnBox
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDIBits
SelectClipRgn
CreateRectRgn
FrameRgn
CreateRoundRectRgn
CreatePolygonRgn
GetStockObject
GetObjectA
RectVisible
SetDIBitsToDevice
StretchDIBits
CreateBrushIndirect
CreateCompatibleDC
GetDeviceCaps
CreateDIBSection
DeleteObject
DeleteDC
CreateSolidBrush
BitBlt
GetTextExtentPoint32A
SelectObject

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegOpenKeyA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCloseKey

shell32

ShellExecuteA

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoTaskMemFree
OleFlushClipboard
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
OleIsCurrentClipboard
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter

oleaut32

SysFreeString
SysAllocStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
OleCreateFontIndirect
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
SysAllocString
SysStringLen

ws2_32

WSACleanup
listen
sendto
htonl
bind
WSACreateEvent
WSAEventSelect
WSAEnumNetworkEvents
WSACloseEvent
accept
recv
shutdown
inet_addr
gethostbyname
WSAStartup
socket
htons
inet_ntoa
connect
ioctlsocket
WSAAsyncSelect
setsockopt
WSAGetLastError
send
closesocket

ddraw

DirectDrawCreate

wininet

InternetConnectA
InternetSetStatusCallback
InternetOpenUrlA
HttpQueryInfoA
InternetOpenA
InternetCrackUrlA
InternetSetCookieA
HttpOpenRequestA
InternetSetOptionA
HttpSendRequestA
InternetReadFile
InternetCloseHandle

Sections

.text
Size: 376KB - Virtual size: 375KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

813239080044b769042c5f02005f2bee

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

ddraw

wininet

Sections

.text Size: 376KB - Virtual size: 375KB

.rdata Size: 104KB - Virtual size: 103KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 60KB - Virtual size: 57KB

.text
Size: 376KB - Virtual size: 375KB

.rdata
Size: 104KB - Virtual size: 103KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 60KB - Virtual size: 57KB