2024-02-28_3be6f85e38e9ae851ea1125f1df0a10a_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-28_3be6f85e38e9ae851ea1125f1df0a10a_icedid
Size

708KB
MD5

3be6f85e38e9ae851ea1125f1df0a10a
SHA1

7cc02a7c70394dfc79124482908f11cccb5a3b74
SHA256

1d36eb821eca64de4c3410291d70c6ff58fb883e51760726d0bb7a302dfa165e
SHA512

710a369d86abb27e3d914044f94c4ecada20577a924ff437442b37ac32443eeed2157551cc98a28cec5015e25e745a28b8eac7715534fd52444dd4900891dc97
SSDEEP

12288:bBF9rLsMLoNOLfH3cjvlIiv9rIHWyMJzmYVFCrHswiQiCZ0+0nCKJP+r3x:L9rQMLsOLfH3gKjWy9YOKF1+0w7x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-28_3be6f85e38e9ae851ea1125f1df0a10a_icedid

Files

2024-02-28_3be6f85e38e9ae851ea1125f1df0a10a_icedid
.exe windows:4 windows x86 arch:x86

f159693db5c80ca3ca7a56ad01e49b79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Dev\Chambers\Chd\Build\Release\chadct.pdb

Imports

kernel32

VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetCurrentProcessId
LCMapStringA
LCMapStringW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetUnhandledExceptionFilter
HeapCreate
GetStringTypeW
GetTimeZoneInformation
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
HeapDestroy
HeapSize
HeapReAlloc
CreateThread
ExitThread
TerminateProcess
GetCommandLineA
InterlockedExchange
GetStartupInfoA
IsBadReadPtr
GetSystemTimeAsFileTime
ExitProcess
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
SetErrorMode
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetOEMCP
GetCPInfo
GlobalFlags
WritePrivateProfileStringA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetProfileIntA
GetTickCount
InterlockedDecrement
FreeResource
GlobalGetAtomNameA
GlobalFindAtomA
lstrcatA
lstrcmpW
CreateEventA
SuspendThread
ResumeThread
SetThreadPriority
GlobalAddAtomA
GetCurrentThread
GetCurrentThreadId
FreeLibrary
GlobalDeleteAtom
lstrcmpA
GetModuleHandleA
ConvertDefaultLocale
EnumResourceLanguagesA
SetLastError
CopyFileA
GlobalSize
lstrcpynA
CreateProcessA
GetExitCodeProcess
GetLogicalDrives
LoadLibraryA
GetProcAddress
FormatMessageA
LocalFree
GlobalReAlloc
GlobalFree
SetCurrentDirectoryA
lstrcpyA
DeleteCriticalSection
InitializeCriticalSection
RaiseException
FindResourceA
LoadResource
LockResource
SizeofResource
MulDiv
Sleep
WaitForSingleObject
SetEvent
WriteFile
FindFirstFileA
FindNextFileA
FindClose
GlobalAlloc
GlobalLock
GlobalUnlock
CompareStringW
CompareStringA
GetModuleFileNameA
CreateFileA
GetFileSize
SetFilePointer
ReadFile
CloseHandle
lstrlenA
lstrlenW
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetStringTypeA

user32

DestroyMenu
GetSysColorBrush
wsprintfA
IsRectEmpty
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
WindowFromPoint
InflateRect
IsClipboardFormatAvailable
EndPaint
BeginPaint
RegisterWindowMessageA
CreateWindowExA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
SetActiveWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
GetScrollPos
SetForegroundWindow
GetMenu
AdjustWindowRectEx
RegisterClassA
IsIconic
GetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
SetFocus
ShowWindow
MoveWindow
SetWindowTextA
SendDlgItemMessageA
GetDlgItem
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
CallNextHookEx
GetActiveWindow
ValidateRect
GetLastActivePopup
IsWindowEnabled
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
MsgWaitForMultipleObjects
SetWindowsHookExA
UnhookWindowsHookEx
CreateIconIndirect
GrayStringA
DrawTextExA
DrawTextA
CharUpperA
CallWindowProcA
SetWindowLongA
GetWindowLongA
MessageBoxA
SendMessageA
PostMessageA
GetWindowRect
UpdateWindow
InvalidateRect
TabbedTextOutA
WindowFromDC
SystemParametersInfoA
WinHelpA
GetSysColor
UnregisterClassA
FrameRect
LoadBitmapA
RedrawWindow
SetParent
DrawFocusRect
GetMessageA
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
PostThreadMessageA
KillTimer
SetTimer
GetCapture
ShowScrollBar
EnableScrollBar
ClientToScreen
SetWindowPos
IsDialogMessageA
WaitMessage
ReleaseCapture
SetCursor
SetCapture
SetMenu
SetMenuItemBitmaps
DestroyIcon
ReleaseDC
GetWindowDC
GetClassNameA
GetKeyState
DispatchMessageA
TranslateMessage
PeekMessageA
RegisterClipboardFormatA
CopyRect
FillRect
SetRect
GetDC
EnableWindow
LoadCursorA
DefWindowProcA
GetClassInfoA
IsWindow
GetClientRect
IsWindowVisible
SetWindowRgn
GetWindow
GetSystemMetrics
MapWindowPoints
PtInRect
ScreenToClient
GetCursorPos
GetParent
GetAsyncKeyState
ShowCursor
SetCursorPos
GetDlgCtrlID

gdi32

SetMapMode
ExcludeClipRect
LineTo
MoveToEx
GetViewportExtEx
GetWindowExtEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ExtSelectClipRgn
CreatePen
CreateSolidBrush
GetMapMode
SetBkMode
RestoreDC
SaveDC
GetClipBox
CopyMetaFileA
SetBkColor
StretchBlt
CreateICA
ExtCreateRegion
StretchDIBits
GetStockObject
PtVisible
SelectPalette
GetDIBits
ExtTextOutW
RealizePalette
CreateDCA
GetRgnBox
CreateDIBSection
Escape
ExtTextOutA
TextOutA
ScaleWindowExtEx
CreateRoundRectRgn
OffsetRgn
SelectClipRgn
OffsetClipRgn
FrameRgn
GetWindowOrgEx
CreatePolygonRgn
SetTextColor
SelectObject
GetPixel
DeleteDC
EnumFontFamiliesExA
AddFontResourceA
GetCharWidthW
RemoveFontResourceA
GetTextMetricsA
SetPixel
GetTextColor
CreateCompatibleDC
CreateCompatibleBitmap
GetBitmapDimensionEx
SetBitmapDimensionEx
CreateBitmap
CreateFontIndirectA
TextOutW
GetTextExtentPoint32W
EndDoc
AbortDoc
EndPage
StartPage
StartDocA
GetBkColor
GetBitmapBits
BitBlt
SetViewportOrgEx
GetTextExtentPoint32A
PatBlt
GetObjectA
PtInRegion
CombineRgn
GetViewportOrgEx
EnumFontsA
GetDeviceCaps
DeleteObject
CreateRectRgn
RectVisible

comdlg32

PrintDlgA
GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegSetValueA
RegCreateKeyA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCloseKey

shell32

SHChangeNotify
ShellExecuteA

comctl32

_TrackMouseEvent
ImageList_Destroy
ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
OleGetClipboard
OleDuplicateData
ReleaseStgMedium
CoTaskMemAlloc
DoDragDrop
CoTaskMemFree
CoInitialize
CoCreateInstance
CoFreeUnusedLibraries
CoUninitialize
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoRegisterMessageFilter
CoRevokeClassObject

oleaut32

VariantClear
VariantChangeType
VariantInit
OleLoadPicture
GetErrorInfo

msvfw32

MCIWndCreateA

Sections

.text
Size: 520KB - Virtual size: 517KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f159693db5c80ca3ca7a56ad01e49b79

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

msvfw32

Sections

.text Size: 520KB - Virtual size: 517KB

.rdata Size: 108KB - Virtual size: 104KB

.data Size: 44KB - Virtual size: 74KB

.rsrc Size: 32KB - Virtual size: 30KB

.text
Size: 520KB - Virtual size: 517KB

.rdata
Size: 108KB - Virtual size: 104KB

.data
Size: 44KB - Virtual size: 74KB

.rsrc
Size: 32KB - Virtual size: 30KB