2024-02-25_bda597cf8f5fbf05cb69bcdf3ea5e2d2_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-25_bda597cf8f5fbf05cb69bcdf3ea5e2d2_icedid
Size

3.0MB
MD5

bda597cf8f5fbf05cb69bcdf3ea5e2d2
SHA1

1859a57aedb1ce1f8b516f45cf3269c3168926bd
SHA256

79b58d6f77dce75769b31b36bf996e6e41eecc5c88e46a3d6c28729d5efe9bd9
SHA512

cf76cc94d4a952d9d086fed487eb1bb133fcb8099c6304ab1ee59adbb275518fe28ba8986d1fe8bb3225ec476b05a4bffa581026d36e99a7d18d5aa358561943
SSDEEP

49152:cvAtJ/W/rSNurcu60Kv+R+bTZi2xySyAl6VGYTUsf4:fWjTYuxUEmZiIByAl6us

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-25_bda597cf8f5fbf05cb69bcdf3ea5e2d2_icedid

Files

2024-02-25_bda597cf8f5fbf05cb69bcdf3ea5e2d2_icedid
.exe windows:4 windows x86 arch:x86

01cae2730078137b0ec1f4203599769e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Veri\Desktop\sourcka\TClient\TClient\Exec\TClient.pdb

Imports

d3dx9_43

D3DXMatrixDecompose
D3DXQuaternionInverse
D3DXQuaternionNormalize
D3DXAssembleShader
D3DXMatrixTransformation
D3DXSaveSurfaceToFileA
D3DXSphereBoundProbe
D3DXMatrixRotationQuaternion
D3DXPlaneNormalize
D3DXIntersectTri
D3DXMatrixRotationZ
D3DXQuaternionSlerp
D3DXVec2Normalize
D3DXPlaneFromPoints
D3DXMatrixTranslation
D3DXMatrixTransformation2D
D3DXMatrixRotationX
D3DXMatrixRotationY
D3DXPlaneFromPointNormal
D3DXCreateTexture
D3DXVec3UnprojectArray
D3DXMatrixInverse
D3DXMatrixRotationYawPitchRoll
D3DXMatrixPerspectiveFovLH
D3DXMatrixOrthoLH
D3DXMatrixLookAtLH
D3DXLoadSurfaceFromFileInMemory
D3DXLoadSurfaceFromSurface
D3DXGetImageInfoFromFileInMemory
D3DXCreateTextureFromFileInMemoryEx
D3DXVec3TransformCoord
D3DXQuaternionMultiply
D3DXPlaneIntersectLine
D3DXVec3Project
D3DXVec3Normalize
D3DXMatrixScaling
D3DXMatrixTranspose
D3DXMatrixMultiply
D3DXQuaternionRotationAxis

winmm

mmioAdvance
mmioOpenA
mmioRead
mmioAscend
mmioGetInfo
mmioSetInfo
mmioSeek
mmioDescend
mmioClose
timeGetTime

advapi32

RegDeleteValueA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
CryptGetHashParam
CryptDeriveKey
CryptCreateHash
CryptHashData
CryptVerifySignatureA
CryptDestroyHash
GetUserNameA
CryptAcquireContextA
CryptImportKey
CryptEncrypt
CryptDestroyKey
CryptReleaseContext
RegCreateKeyA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegEnumValueA
RegDeleteKeyA
RegQueryInfoKeyA
RegEnumKeyExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenSCManagerA
GetCurrentHwProfileA
CloseServiceHandle
ControlService
QueryServiceConfigA
StartServiceA
ChangeServiceConfigA
OpenServiceA

imm32

ImmSetConversionStatus
ImmGetCompositionStringA
ImmGetContext
ImmNotifyIME
ImmReleaseContext
ImmGetConversionStatus
ImmGetCandidateListA

dsound

ord11

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

dbghelp

EnumerateLoadedModules
GetTimestampForLoadedLibrary
MiniDumpWriteDump
StackWalk

kernel32

Module32First
FindClose
FindNextFileA
FindFirstFileA
GetSystemDefaultLangID
VirtualQuery
FreeLibrary
FormatMessageA
LoadLibraryExA
VirtualFree
VirtualProtect
VirtualAlloc
SetEndOfFile
QueryPerformanceFrequency
QueryPerformanceCounter
HeapFree
HeapAlloc
GetProcessHeap
GetSystemDirectoryA
GetWindowsDirectoryA
SetLastError
ReleaseMutex
GetExitCodeProcess
CreateMutexA
WriteFile
lstrcpynA
WaitForMultipleObjects
OpenEventA
CopyFileA
MoveFileExA
lstrcatA
OpenMutexA
TerminateThread
GetComputerNameA
ExitProcess
GetModuleFileNameW
OpenFileMappingA
GetTempFileNameA
GetTempPathA
DuplicateHandle
SetStdHandle
CreatePipe
GetStdHandle
PeekNamedPipe
InterlockedIncrement
GlobalUnlock
GlobalLock
Module32Next
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
FreeResource
InterlockedDecrement
MoveFileA
FlushFileBuffers
LockFile
UnlockFile
GetVolumeInformationA
GetFullPathNameA
EnumResourceLanguagesA
ConvertDefaultLocale
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
SetErrorMode
RtlUnwind
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
GetDriveTypeA
GetStartupInfoA
GetCommandLineA
HeapReAlloc
GetFileType
HeapSize
HeapDestroy
HeapCreate
IsBadWritePtr
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetEnvironmentVariableA
GetLocaleInfoW
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
GetPrivateProfileIntA
MultiByteToWideChar
WideCharToMultiByte
RaiseException
GetLastError
InitializeCriticalSection
DeleteCriticalSection
GetExitCodeThread
LoadLibraryA
lstrcpyA
GetProcAddress
MulDiv
GetVersion
lstrcmpiA
lstrlenA
CompareStringA
CompareStringW
GetStringTypeExA
SizeofResource
LockResource
LoadResource
FindResourceA
CreateFileMappingA
MapViewOfFile
GetFileSize
GlobalAlloc
ResetEvent
GlobalFree
UnmapViewOfFile
SetUnhandledExceptionFilter
GetLocalTime
GetCurrentProcessId
GetCurrentThreadId
GetCurrentThread
GetModuleHandleA
IsBadReadPtr
LocalAlloc
LocalLock
LocalUnlock
LocalFree
CreateDirectoryA
GetModuleFileNameA
lstrcmpA
SetFilePointer
SetThreadLocale
CreateFileA
ReadFile
GetSystemInfo
CreateEventA
IsDebuggerPresent
GetCurrentProcess
TerminateProcess
WaitForSingleObject
DeleteFileA
CreateProcessA
Sleep
CreateThread
SetThreadPriority
ResumeThread
GetCurrentDirectoryA
IsDBCSLeadByteEx
SetEvent
LeaveCriticalSection
EnterCriticalSection
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
OpenProcess
GetTickCount
GetSystemTime

user32

RegisterWindowMessageA
LoadBitmapA
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
ModifyMenuA
SetMenuItemBitmaps
MapDialogRect
SetWindowContextHelpId
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetWindowDC
BeginPaint
EndPaint
GetNextDlgTabItem
CreateDialogIndirectParamA
GetDesktopWindow
GetNextDlgGroupItem
MessageBeep
CopyAcceleratorTableA
InvalidateRgn
GetSysColorBrush
DestroyMenu
CharNextA
RegisterClipboardFormatA
PostThreadMessageA
GetMessageTime
GetMessagePos
MapWindowPoints
GetMenu
GetSysColor
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
DefWindowProcA
SystemParametersInfoA
GetWindowPlacement
GetSystemMetrics
GetWindow
GetWindowTextLengthA
GetWindowTextA
SetFocus
IsWindowEnabled
MoveWindow
GetDlgCtrlID
IsDialogMessageA
WinHelpA
GetMessageA
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
DestroyCaret
GetWindowLongA
ValidateRect
GetCaretBlinkTime
CallWindowProcA
IsChild
ChildWindowFromPointEx
GetFocus
InvalidateRect
ReleaseDC
IsRectEmpty
GetKeyboardLayout
LoadStringA
wsprintfA
CharUpperBuffA
EnumChildWindows
SetCapture
IsWindowVisible
GetClientRect
DeleteMenu
SetTimer
GetWindowRect
ShowWindow
DialogBoxParamA
EndDialog
SetWindowTextA
GetDlgItem
SetWindowPos
GetParent
SetParent
SetForegroundWindow
LoadCursorA
EnumDisplaySettingsA
EnableWindow
DestroyCursor
ActivateKeyboardLayout
SetCursor
KillTimer
GetDC
IsIconic
SetWindowsHookExA
LoadAcceleratorsA
PeekMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
WaitMessage
MessageBoxA
LoadIconA
GetForegroundWindow
UpdateWindow
PostMessageA
CallNextHookEx
SendMessageA
SetRectEmpty
GetAsyncKeyState
GetKeyState
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
FindWindowA
AdjustWindowRect
SetWindowLongA
PostQuitMessage
EqualRect
IntersectRect
MapVirtualKeyA
SetRect
ReleaseCapture
ClipCursor
GetCursorPos
ShowCursor
GetPropA
RemovePropA
IsWindow
GetLastActivePopup
SendDlgItemMessageA
SetActiveWindow
SetCursorPos
ScreenToClient
ClientToScreen
InflateRect
OffsetRect
PtInRect
CopyRect
UnregisterClassA
CharUpperA
GetTopWindow
GetActiveWindow
DestroyWindow
UnhookWindowsHookEx

gdi32

CreateFontA
CreateFontIndirectA
BitBlt
GetDeviceCaps
GetClipBox
SetTextColor
SetBkColor
GetObjectA
CreateBitmap
SaveDC
RestoreDC
CreateDIBSection
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateCompatibleDC
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
GetStockObject
CreateRectRgnIndirect
GetRgnBox
GetMapMode
GetBkColor
GetTextColor
SetViewportOrgEx
SelectObject
DeleteObject
SetMapMode
DeleteDC

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

shell32

ShellExecuteA

comctl32

ord17

shlwapi

PathIsUNCA
PathFindExtensionA
PathStripToRootA
PathFindFileNameA

oledlg

ord8

ole32

CLSIDFromProgID
CoUninitialize
CoInitialize
CoCreateInstance
CoSetProxyBlanket
CoTaskMemFree
CoTaskMemAlloc
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString

oleaut32

SystemTimeToVariantTime
SafeArrayDestroy
SysFreeString
VariantCopy
VariantChangeType
SysAllocStringByteLen
SysAllocStringLen
SysStringLen
SysAllocString
VariantClear
VariantInit
OleCreateFontIndirect

ws2_32

WSASocketA
WSACleanup
sendto
WSASend
WSAGetLastError
WSAStartup
socket
closesocket
ioctlsocket
WSAAsyncSelect
setsockopt
inet_addr
gethostbyname
connect
recv
send
htons
getsockname
inet_ntoa

iphlpapi

GetAdaptersInfo

gdiplus

GdipCreateFontFromDC
GdipMeasureString
GdipDrawString
GdipSetTextRenderingHint
GdipCreateFromHDC
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteFont
GdipDeleteGraphics
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeleteBrush
GdipAlloc
GdipFree
GdiplusShutdown
GdiplusStartup
GdipSetStringFormatFlags
GdipCreateSolidFill

wininet

InternetSetStatusCallback
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetOpenA
InternetCloseHandle

d3d9

Direct3DCreate9

Exports

Exports

fcEXP

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 262KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 174KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01cae2730078137b0ec1f4203599769e

Headers

File Characteristics

PDB Paths

Imports

d3dx9_43

winmm

advapi32

imm32

dsound

version

dbghelp

kernel32

user32

gdi32

comdlg32

winspool.drv

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

iphlpapi

gdiplus

wininet

d3d9

Exports

Exports

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 262KB - Virtual size: 261KB

.data Size: 174KB - Virtual size: 321KB

.rsrc Size: 92KB - Virtual size: 91KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 262KB - Virtual size: 261KB

.data
Size: 174KB - Virtual size: 321KB

.rsrc
Size: 92KB - Virtual size: 91KB