2024-03-08_fd8352512a3e0ae82b8432606eb94c14_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-08_fd8352512a3e0ae82b8432606eb94c14_icedid
Size

984KB
MD5

fd8352512a3e0ae82b8432606eb94c14
SHA1

2a4180123c073699d6e045a3fb75f8431d6b91dc
SHA256

49ef197adc53d9a0e68601c8c46b8238e736d025f2a506adfb9605fdc56bf60a
SHA512

3e72578db5bdfb01ce7d0b0fb0894936cd0eb3ec14d0ff0dfa33ddbb72a850db6d55318c54be887dd8ee4f0749e690918a9bc80523814a57349fbdea91a4b9a1
SSDEEP

24576:/UsapVmSuWnr5WVbQlDx8b7f5tHJg1YvvXai4LNDl6CDi:fwVmSBg5tpgCvvqPNDlS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-08_fd8352512a3e0ae82b8432606eb94c14_icedid

Files

2024-03-08_fd8352512a3e0ae82b8432606eb94c14_icedid
.exe windows:4 windows x86 arch:x86

7051f30edaacf45a8098abbe84a87f54

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\Live365\Radio365\Release_1_1\Radio365_Dlg.pdb

Imports

iphlpapi

GetAdaptersInfo

kernel32

RtlUnwind
ExitProcess
ExitThread
CreateThread
HeapReAlloc
GetSystemTimeAsFileTime
TerminateProcess
GetStartupInfoA
GetCommandLineA
HeapSize
SetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetACP
GetLocaleInfoA
VirtualQuery
GetThreadLocale
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
RaiseException
GetLastError
InitializeCriticalSection
DeleteCriticalSection
GetVersion
lstrcmpiA
lstrlenW
lstrlenA
CompareStringA
CompareStringW
GlobalFree
GlobalHandle
GlobalLock
GlobalAlloc
LoadResource
SizeofResource
FindResourceA
CloseHandle
WaitForSingleObject
SetEvent
ResumeThread
GetSystemInfo
VirtualAlloc
HeapFree
HeapAlloc
FindResourceExA
GetCurrentDirectoryA
SetErrorMode
GetFileTime
GetFileAttributesA
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalReAlloc
FindNextFileA
VirtualProtect
FileTimeToLocalFileTime
FileTimeToSystemTime
GetTickCount
WritePrivateProfileStringA
CreateEventA
MulDiv
GlobalUnlock
LockResource
lstrcpynA
lstrcpyA
GetModuleFileNameA
lstrcatA
DeleteAtom
GlobalAddAtomA
ReleaseMutex
CreateMutexA
IsDBCSLeadByte
FreeLibrary
SuspendThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetShortPathNameA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpA
FreeResource
GetCurrentThreadId
LoadLibraryExA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
SetLastError
WinExec
GetWindowsDirectoryA
LocalFree
DeleteFileA
FormatMessageA
LocalAlloc
GetProcAddress
GetCurrentProcess
SetProcessWorkingSetSize
GlobalGetAtomNameA
InterlockedDecrement
InterlockedIncrement
GetPrivateProfileStringA
LoadLibraryA
Sleep
EnterCriticalSection
LeaveCriticalSection
GetPrivateProfileIntA
GetModuleHandleA
InterlockedExchange

user32

InvalidateRgn
CopyAcceleratorTableA
IsRectEmpty
DestroyIcon
GetSysColorBrush
DestroyMenu
WindowFromPoint
RegisterClipboardFormatA
SetWindowContextHelpId
MapDialogRect
GetMessageA
TranslateMessage
ValidateRect
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
IsWindowEnabled
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageA
TrackPopupMenu
GetNextDlgGroupItem
GetScrollRange
GetScrollPos
GetMenu
AdjustWindowRectEx
EqualRect
GetScrollInfo
GetClassInfoA
RegisterClassA
DefWindowProcA
CallWindowProcA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
TabbedTextOutA
GetMenuState
GetMenuItemID
GetMenuItemCount
IsWindow
DestroyCursor
RedrawWindow
MessageBeep
CopyIcon
wsprintfA
ShowWindow
SetWindowPos
MessageBoxA
OffsetRect
CreatePopupMenu
DrawStateA
GetDlgCtrlID
PostQuitMessage
SendDlgItemMessageA
SetForegroundWindow
GetDesktopWindow
BringWindowToTop
IsIconic
GetSystemMenu
EnableMenuItem
AppendMenuA
DrawIcon
PostThreadMessageA
DrawTextW
GetSystemMetrics
GetParent
ShowScrollBar
GetWindowRect
LoadCursorA
SetCursor
GetDoubleClickTime
LoadIconA
LoadMenuA
ModifyMenuA
GetSubMenu
CheckMenuItem
ReleaseCapture
SetCapture
GetAsyncKeyState
GetCursorPos
ClientToScreen
MapWindowPoints
FindWindowA
GetKeyState
CharNextA
SetRect
ReleaseDC
SetWindowLongA
GetWindowLongA
UpdateWindow
FillRect
LoadBitmapA
wvsprintfA
IsWindowVisible
PostMessageA
LoadImageA
GetSysColor
DrawIconEx
DrawTextA
InflateRect
CopyRect
GetMessagePos
EnableWindow
KillTimer
SetTimer
InvalidateRect
GetDC
ScreenToClient
GetClientRect
SendMessageA
PtInRect
UnregisterClassA
CharUpperA

gdi32

GetClipBox
ExcludeClipRect
LineTo
MoveToEx
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SetMapMode
ExtSelectClipRgn
CreateBitmap
CreatePen
GetMapMode
GetRgnBox
EnumFontFamiliesExA
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
SelectClipRgn
SetTextJustification
GetTextMetricsA
TextOutA
GetTextExtentPointW
TextOutW
GetStockObject
Ellipse
Polygon
GetTextExtentPoint32A
GetDeviceCaps
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
BitBlt
CreateRectRgnIndirect
GetCurrentObject
GetTextColor
GetBkColor
GetObjectA
CreateFontIndirectA
SetTextColor
SetBkColor
CreateSolidBrush
Rectangle

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteKeyA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegCreateKeyA
RegQueryValueExA
RegOpenKeyA
RegQueryValueA
RegSetValueA
RegEnumKeyA
RegDeleteValueA

shell32

ShellExecuteA
ExtractIconA
Shell_NotifyIconA

comctl32

ord17
ImageList_ReplaceIcon
FlatSB_EnableScrollBar
InitializeFlatSB
ImageList_Destroy
ImageList_Create
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA

shlwapi

UrlCanonicalizeA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
UrlEscapeA
UrlUnescapeA

oledlg

ord8

ole32

OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoUninitialize
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
CoInitialize
StringFromGUID2
CoInitializeEx
CLSIDFromProgID
StringFromCLSID
CLSIDFromString
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoDisconnectObject
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal

oleaut32

SystemTimeToVariantTime
SafeArrayDestroy
SafeArrayCreate
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnaccessData
DispCallFunc
OleCreateFontIndirect
VariantChangeType
VariantCopy
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
VariantClear
VariantInit
SysStringLen
LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
SysAllocString
OleLoadPicture
SysFreeString
LoadTypeLi

urlmon

URLOpenBlockingStreamA

ws2_32

WSAStartup
WSACleanup

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA
InternetQueryOptionA
InternetOpenUrlA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
HttpQueryInfoA
InternetErrorDlg
InternetQueryDataAvailable
InternetGetCookieA
InternetSetOptionExA

Exports

Exports

??4LibUtils@@QAEAAV0@ABV0@@Z

Sections

.text
Size: 644KB - Virtual size: 641KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7051f30edaacf45a8098abbe84a87f54

Headers

File Characteristics

PDB Paths

Imports

iphlpapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

ws2_32

wininet

Exports

Exports

Sections

.text Size: 644KB - Virtual size: 641KB

.rdata Size: 148KB - Virtual size: 146KB

.data Size: 12KB - Virtual size: 36KB

.rsrc Size: 176KB - Virtual size: 172KB

.text
Size: 644KB - Virtual size: 641KB

.rdata
Size: 148KB - Virtual size: 146KB

.data
Size: 12KB - Virtual size: 36KB

.rsrc
Size: 176KB - Virtual size: 172KB