2024-02-25_b77680190e8ab8519cd471a93d948a88_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-25_b77680190e8ab8519cd471a93d948a88_icedid
Size

3.3MB
MD5

b77680190e8ab8519cd471a93d948a88
SHA1

1639f8cb9cae475c171e0b530d6804f8aa45a405
SHA256

491ff847e51eda1efdef8d06d168379ee3793537080694d6a52b033808bd6b84
SHA512

39187b49efbf41faf46072a2fe4b6552f725fcc4dc50f7bbc0f759a9ba2dec5f19afa5711136c1cc3539aac2c495966f614cf66ae5ade70c5352323b1a4a8d71
SSDEEP

49152:E+QVZtyTPmBcVSFIUh1BfHKGAIMZZiSpZt:utCAcV8IUh1BfHKGbMZZr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-25_b77680190e8ab8519cd471a93d948a88_icedid

Files

2024-02-25_b77680190e8ab8519cd471a93d948a88_icedid
.exe windows:5 windows x86 arch:x86

8abf15da42c229af0860e0a8074882b5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\Hobby\2015\Ocean\Work\src\Release\OceanParadise.pdb

Imports

imm32

ImmSetCompositionWindow
ImmGetProperty
ImmGetCompositionStringW
ImmReleaseContext
ImmNotifyIME
ImmGetContext

ws2_32

select
socket
inet_addr
connect
WSAStartup
recv
htons
closesocket
send
__WSAFDIsSet

dsound

ord11

d3d9

Direct3DCreate9

comctl32

InitCommonControlsEx
_TrackMouseEvent

winmm

timeGetTime
mmioGetInfo
mmioSeek
mmioDescend
mmioSetInfo
mmioAscend
mmioAdvance
PlaySoundW
mmioWrite
mmioCreateChunk
mmioClose

kernel32

LockFile
UnlockFile
DuplicateHandle
GetCurrentProcess
GetVolumeInformationW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
lstrcmpA
lstrlenA
InterlockedExchange
CompareStringA
GetLocaleInfoW
EnumResourceLanguagesW
ConvertDefaultLocale
WritePrivateProfileStringW
ResumeThread
InterlockedIncrement
GlobalFlags
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
ExitThread
FlushFileBuffers
ExitProcess
RtlUnwind
HeapReAlloc
RaiseException
HeapSize
VirtualProtect
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
FindResourceW
LoadResource
GetModuleHandleW
SizeofResource
LockResource
GlobalLock
GlobalAlloc
MulDiv
GlobalUnlock
FreeResource
FindFirstFileW
SetFilePointer
SetEndOfFile
GetFileAttributesW
GetThreadLocale
GlobalGetAtomNameW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
FormatMessageW
InterlockedDecrement
GetCurrentProcessId
SetLastError
HeapFree
GetProcessHeap
HeapAlloc
GetVersionExA
CreateFileA
LocalFree
IsProcessorFeaturePresent
GetSystemInfo
VirtualAlloc
VirtualFree
GetModuleHandleA
LoadLibraryA
FatalAppExitA
DebugBreak
GetProfileIntA
OutputDebugStringA
QueryPerformanceFrequency
GetProcAddress
LoadLibraryW
QueryPerformanceCounter
FreeLibrary
GetFullPathNameW
lstrcmpW
lstrcpyW
lstrcatW
lstrlenW
lstrcpynW
GetVersion
GetACP
GetVersionExW
SetCurrentDirectoryW
SetThreadPriority
GetCurrentThread
ReleaseMutex
CreateMutexW
Sleep
GetTickCount
MultiByteToWideChar
ReadFile
WriteFile
WaitForSingleObject
GetFileSize
GlobalFree
WideCharToMultiByte
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CloseHandle
FindClose
GetLastError
GetModuleFileNameW
CreateFileW
CreateThread

user32

IsDialogMessageW
SetWindowTextW
MoveWindow
BringWindowToTop
SetRectEmpty
CreatePopupMenu
InsertMenuItemW
ReuseDDElParam
UnpackDDElParam
WindowFromPoint
InflateRect
CharUpperW
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
ValidateRect
CharNextW
GetSysColorBrush
GetMenuItemInfoW
SystemParametersInfoW
UnregisterClassW
IsRectEmpty
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
RegisterClipboardFormatW
PostThreadMessageW
GetPropW
RemovePropW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
UpdateWindow
GetClassInfoExW
GetClassInfoW
AdjustWindowRectEx
EqualRect
DeferWindowPos
CopyRect
GetDlgCtrlID
CallWindowProcW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetMenuItemID
GetMenuItemCount
UnhookWindowsHookEx
GetSysColor
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
FillRect
GetNextDlgTabItem
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
GetWindowTextLengthW
GetWindowTextW
GetWindow
SetFocus
GetSubMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
DrawTextW
DrawTextA
MessageBoxA
GetIconInfo
DialogBoxParamW
GetDlgItem
EndDialog
IsDlgButtonChecked
CheckRadioButton
DestroyWindow
PostQuitMessage
GetClassLongW
GetMenu
LoadMenuW
GetWindowLongW
SetWindowLongW
SetMenu
ClipCursor
CreateWindowExW
RegisterClassW
AdjustWindowRect
DestroyMenu
DefWindowProcW
SetCapture
ReleaseCapture
ShowWindow
CloseClipboard
GetKeyState
IsClipboardFormatAvailable
GetKeyboardLayout
GetClipboardData
OpenClipboard
ClientToScreen
keybd_event
TranslateAcceleratorW
DestroyAcceleratorTable
SetTimer
GetMessageW
ChangeDisplaySettingsW
KillTimer
DrawIcon
TranslateMessage
LoadAcceleratorsW
LoadIconW
PeekMessageW
GetActiveWindow
wsprintfW
EnableWindow
SendMessageW
LoadBitmapW
InvalidateRect
GetCursor
EnumDisplaySettingsW
DispatchMessageW
IsIconic
FindWindowW
MessageBoxExW
GetFocus
ScreenToClient
PtInRect
SetRect
MessageBeep
IsWindow
GetSystemMetrics
IsWindowVisible
MessageBoxW
GetDC
ReleaseDC
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassNameW
TabbedTextOutW
SetPropW
GetClientRect
GetParent
SetForegroundWindow
SetActiveWindow
GetWindowRect
SetCursor
GetCursorPos
SetWindowPos
LoadCursorW
PostMessageW
GetDesktopWindow
CreateDialogIndirectParamW

gdi32

ExtCreateRegion
GetDIBits
CreateRectRgn
CreateFontW
CreateFontA
GetStockObject
GetObjectA
CreateFontIndirectA
SetTextColor
SetBkColor
SetBkMode
CreateDIBSection
SaveDC
RestoreDC
SetMapMode
GetClipBox
GetViewportExtEx
GetWindowExtEx
GetDeviceCaps
PtVisible
PtInRegion
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
CreateSolidBrush
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetTextExtentPoint32W
GetRgnBox
RectVisible
CreateICW
CreateBitmap
CreateCompatibleBitmap
BitBlt
DeleteDC
CreateFontIndirectW
StretchBlt
DeleteObject
SelectObject
CreateCompatibleDC
GetPixel
GetObjectW

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCreateKeyExW
RegQueryValueW
RegDeleteKeyW
RegOpenKeyW
RegOpenKeyA
RegQueryValueExA
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyW

shell32

DragQueryFileW
DragFinish

shlwapi

PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

StgCreateDocfileOnILockBytes
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemFree
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
StgOpenStorageOnILockBytes
CoGetClassObject
CoRevokeClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CreateILockBytesOnHGlobal

oleaut32

VariantTimeToSystemTime
OleLoadPicture
SysStringLen
SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
OleCreateFontIndirect
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
SysAllocString

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 269KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 32.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8abf15da42c229af0860e0a8074882b5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

imm32

ws2_32

dsound

d3d9

comctl32

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 269KB - Virtual size: 268KB

.data Size: 54KB - Virtual size: 32.1MB

.rsrc Size: 1.7MB - Virtual size: 1.7MB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 269KB - Virtual size: 268KB

.data
Size: 54KB - Virtual size: 32.1MB

.rsrc
Size: 1.7MB - Virtual size: 1.7MB