2024-03-11_f39fde65f85b2e9971d82d5f76bf50ae_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-11_f39fde65f85b2e9971d82d5f76bf50ae_icedid
Size

982KB
MD5

f39fde65f85b2e9971d82d5f76bf50ae
SHA1

85f6fdb7ac6dc489c177b1ae40df2b6331588bfd
SHA256

0ea44975d8fb8f77bb9ef4b49a1ab21413c06970e11dc6d2b37085d82a61f18e
SHA512

dc3a3eb8c76419a308d5acba976a09c3e772b9ee04e96e8310430ab6d20c52c7afee254fc9ba8a0325c0ca8d48a8c9116c11225ca03faf7cb47f0565966e2117
SSDEEP

12288:vM1uqDPV9sxh+lTEAHkORghzrx1mWW09gpBrARRC0e93IBcQLSZCMCDreuOm43Rt:vQPVLOe0aXIBcQLS1CDre9m4RxAlRPY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-11_f39fde65f85b2e9971d82d5f76bf50ae_icedid

Files

2024-03-11_f39fde65f85b2e9971d82d5f76bf50ae_icedid
.exe windows:5 windows x86 arch:x86

958943badae3f1bb836277cb534e1b87

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\SSO_Perforce\FCS_QA_AB584\branches\FCS281\src\Projects\SuperSoccerOnline\Release\CrashReporter.pdb

Imports

ws2_32

getaddrinfo
gethostname
ioctlsocket
select
WSACleanup
accept
WSAStartup
WSAGetLastError
closesocket
socket
recv
__WSAFDIsSet
send
getsockname
ntohs
bind
htons
getsockopt
getpeername
setsockopt
connect
WSASetLastError
recvfrom
sendto
listen
freeaddrinfo

wldap32

ord79
ord46
ord41
ord27
ord301
ord33
ord200
ord26
ord35
ord32
ord30
ord50
ord60
ord143
ord211
ord22

kernel32

GlobalLock
InterlockedExchange
CompareStringA
LoadLibraryExW
GetLocaleInfoW
lstrcmpA
GetModuleFileNameW
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
MulDiv
lstrlenW
LocalFree
FormatMessageW
GlobalUnlock
GlobalFree
FreeResource
GlobalAddAtomW
GetCurrentProcessId
InterlockedDecrement
GetModuleHandleA
CompareStringW
LoadLibraryW
GlobalFindAtomW
WritePrivateProfileStringW
GlobalFlags
LocalAlloc
TlsGetValue
GlobalReAlloc
lstrcmpW
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
lstrlenA
FlushFileBuffers
SetEndOfFile
FindClose
FindFirstFileW
GetFullPathNameW
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesW
GetStartupInfoW
ExitProcess
GetSystemTimeAsFileTime
GetDriveTypeW
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
HeapAlloc
ExitThread
CreateThread
GetDriveTypeA
FindFirstFileA
RtlUnwind
RaiseException
HeapSize
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTimeZoneInformation
GetCurrentDirectoryA
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
SetStdHandle
GetFullPathNameA
CreateFileA
GetLocaleInfoA
GetProcessHeap
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GlobalAlloc
GetModuleHandleW
ExpandEnvironmentStringsA
GetStdHandle
WaitForMultipleObjects
PeekNamedPipe
SleepEx
InitializeCriticalSection
FreeLibrary
GetVersionExA
LoadLibraryA
GetProcAddress
FormatMessageA
SetLastError
MultiByteToWideChar
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
SystemTimeToFileTime
GetLocalTime
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetCurrentProcess
DuplicateHandle
FileTimeToDosDateTime
ReadFile
SetFilePointer
GetFileSize
GetFileInformationByHandle
GetFileType
FileTimeToSystemTime
GetVersionExW
lstrcpyW
CreateDirectoryExW
Sleep
GetLastError
GlobalMemoryStatusEx
CloseHandle
WriteFile
CreateFileW
DeleteFileW
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
TerminateProcess
OpenProcess
GetTickCount
FindResourceW
LoadResource
LockResource
SizeofResource
GlobalHandle

user32

SetForegroundWindow
SetMenu
MapWindowPoints
GetMessagePos
GetMessageTime
GetTopWindow
GetForegroundWindow
RemovePropW
GetPropW
SetPropW
GetClassNameW
GetClassLongW
GetCapture
WinHelpW
SendDlgItemMessageA
RegisterWindowMessageW
LoadCursorW
GetSysColorBrush
UnregisterClassW
DestroyMenu
DefWindowProcW
CallWindowProcW
CopyRect
PtInRect
GetMenu
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
SetWindowPos
SetFocus
SetWindowLongW
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
GetWindow
GetSysColor
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
UnhookWindowsHookEx
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxW
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
GetDlgItem
GetParent
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PostQuitMessage
UpdateWindow
PostMessageW
wvsprintfW
EnableWindow
KillTimer
SetTimer
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
SendMessageW
LoadIconW
wsprintfW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
ShowWindow
AdjustWindowRectEx
IsWindowEnabled

gdi32

SetMapMode
GetClipBox
DeleteObject
GetObjectW
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetTextColor
SetWindowExtEx
DeleteDC
GetStockObject
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetBkColor
RestoreDC
SaveDC
CreateBitmap
ScaleWindowExtEx
GetDeviceCaps

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCreateKeyExW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegQueryValueW
RegSetValueExW

shell32

SHGetFolderPathW

shlwapi

PathFindExtensionW
PathFindFileNameW

ole32

CoCreateInstance
CoSetProxyBlanket
CoUninitialize
CoInitializeEx

oleaut32

SysAllocString
SysFreeString
VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 477KB - Virtual size: 477KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 408KB - Virtual size: 445KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

958943badae3f1bb836277cb534e1b87

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

wldap32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

Sections

.text Size: 477KB - Virtual size: 477KB

.rdata Size: 85KB - Virtual size: 85KB

.data Size: 10KB - Virtual size: 44KB

.rsrc Size: 408KB - Virtual size: 445KB

.text
Size: 477KB - Virtual size: 477KB

.rdata
Size: 85KB - Virtual size: 85KB

.data
Size: 10KB - Virtual size: 44KB

.rsrc
Size: 408KB - Virtual size: 445KB