2024-03-13_51ab962943e0f766120a13635a6958e6_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-13_51ab962943e0f766120a13635a6958e6_icedid
Size

2.8MB
MD5

51ab962943e0f766120a13635a6958e6
SHA1

c939759adba0768d63880293ae03df4178ec2bdd
SHA256

3be63eabbb3d09e1a697f209d1bee25875d5f2dd191e0f58dbcc2ea4d1928b35
SHA512

853792a8f0524ced203389839567f274b03a3e05301154fd0e087b73719f1086ff02a80abbeef51d04f5cd541276f3e2501b7200ce7bc9fee9d837d6bbf582cd
SSDEEP

6144:uhbNPy7+87y8zfU6lDLSvNnT7U62zxzJNvxXHz6EPbOw3kEM94999999999O999U:UbN55iU6lPSlnnUxJNvtOEPhkU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-13_51ab962943e0f766120a13635a6958e6_icedid

Files

2024-03-13_51ab962943e0f766120a13635a6958e6_icedid
.exe windows:4 windows x86 arch:x86

e47174e802a77c3ba33a1d7a4dcbeaf5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\temp\FPL18Player\NetDeviceDetect\WirelessConnection\Release Unicode\WirelessConnection.pdb

Imports

netdevicemanager

?DeinitialNetDeviceManager@CNetDeviceManagerDll@@QAEXXZ
??0CNetDeviceManagerDll@@QAE@PAVCWnd@@@Z
?GetDefaultNetDeviceManagerInitialData@@YA_NPAUNET_DEVICE_MANAGER_INITIAL_STRUCT@@@Z
?SendNetDeviceManagerControlID@CNetDeviceManagerDll@@QAEXW4NetDeviceManagerControlIDEnum@@H@Z
??1CNetDeviceManagerDll@@QAE@XZ
?InitialNetDeviceManager@CNetDeviceManagerDll@@QAE_NPAUNET_DEVICE_MANAGER_INITIAL_STRUCT@@@Z

msvfw32

DrawDibOpen
DrawDibEnd
DrawDibClose

kernel32

GetStartupInfoW
ExitProcess
RtlUnwind
GetFileType
GetSystemTimeAsFileTime
TerminateProcess
HeapFree
HeapAlloc
HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
SetStdHandle
IsBadWritePtr
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetTickCount
GetFileTime
GetFileAttributesW
FileTimeToLocalFileTime
SetErrorMode
FileTimeToSystemTime
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
RaiseException
GlobalFlags
InterlockedIncrement
lstrcmpiW
WritePrivateProfileStringW
InterlockedDecrement
GetLastError
FormatMessageW
LocalFree
MulDiv
SetLastError
lstrcpynW
GlobalFindAtomW
lstrlenA
GetModuleHandleA
LoadLibraryA
lstrcatW
GetVersionExA
GlobalUnlock
GlobalFree
FreeResource
CloseHandle
GlobalAddAtomW
lstrlenW
GetCurrentThread
GetCurrentThreadId
MultiByteToWideChar
GlobalLock
lstrcmpW
GlobalAlloc
FreeLibrary
GlobalDeleteAtom
WideCharToMultiByte
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcpyW
LoadLibraryW
GetLocaleInfoW
GetLocalTime
GetSystemTime
DeleteCriticalSection
InitializeCriticalSection
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
FindResourceW
LoadResource
LockResource
SizeofResource
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetEnvironmentStrings

user32

PostThreadMessageW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
IsRectEmpty
CharNextW
CharUpperW
GetSysColorBrush
wsprintfW
DestroyMenu
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
ClientToScreen
GrayStringW
DrawTextExW
TabbedTextOutW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
RegisterClipboardFormatW
GetMessagePos
MapWindowPoints
MessageBoxW
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
EqualRect
GetClassInfoW
RegisterClassW
UnregisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CopyRect
PtInRect
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetParent
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
PostQuitMessage
PostMessageW
DestroyCaret
ShowCaret
HideCaret
GetMessageTime
SetCaretPos
CreateCaret
SetRect
DrawTextW
FillRect
GetWindowRect
ReleaseCapture
SendNotifyMessageW
GetFocus
SetCapture
SetCursor
LoadCursorW
InvalidateRect
GetSystemMetrics
LoadIconW
EnableWindow
SetTimer
GetDC
GetClientRect
SetWindowRgn
IsIconic
GetSystemMenu
SendMessageW
AppendMenuW
DrawIcon
LoadBitmapW
SetForegroundWindow

gdi32

CreateFontIndirectW
CreateRectRgnIndirect
GetMapMode
DPtoLP
GetBkColor
GetTextColor
GetRgnBox
GetDeviceCaps
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
CreateSolidBrush
CreatePen
SetBkMode
SetTextColor
CreateCompatibleBitmap
DeleteObject
ExtCreateRegion
BitBlt
CreateCompatibleDC
GetObjectW
GetBitmapBits
GetStockObject
MoveToEx
LineTo
SetMapMode
RestoreDC
SaveDC
SetBkColor
GetClipBox
CreateBitmap
GetTextExtentPoint32W
SetWindowExtEx

msimg32

TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW
RegQueryValueW
RegCreateKeyExW
RegSetValueExW
RegCloseKey

comctl32

ord17
_TrackMouseEvent

shlwapi

PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoGetClassObject
CoTaskMemAlloc
StgOpenStorageOnILockBytes
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize

oleaut32

VariantCopy
SysAllocString
SafeArrayDestroy
OleCreateFontIndirect
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime

ws2_32

WSAStartup
WSACleanup

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e47174e802a77c3ba33a1d7a4dcbeaf5

Headers

File Characteristics

PDB Paths

Imports

netdevicemanager

msvfw32

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 192KB - Virtual size: 191KB

.rdata Size: 52KB - Virtual size: 50KB

.data Size: 8KB - Virtual size: 23KB

.rsrc Size: 2.6MB - Virtual size: 2.6MB

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 52KB - Virtual size: 50KB

.data
Size: 8KB - Virtual size: 23KB

.rsrc
Size: 2.6MB - Virtual size: 2.6MB