2024-03-16_c6fcc5e7e676a955de130be785179394_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-16_c6fcc5e7e676a955de130be785179394_icedid
Size

284KB
MD5

c6fcc5e7e676a955de130be785179394
SHA1

9d64f3f788d37c066256e7f8ec1075de17fc7355
SHA256

097362c67df03a768878bb7e913ac9359a9f70eae1623bc1eb18cff43b13851f
SHA512

3b8f8977fb13564c3a2453d2e83a287171dc0e1fc0746b3d8464d00bea3fd6ca24f92205060b79f90c78632054a35541009b99ab93ff813cfe3a8e53427cd895
SSDEEP

6144:6D+0Yx5UbPVA5L8iQrGmkTeMwWS4MPNEP:6d65AVA5L8iXlRwEP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-16_c6fcc5e7e676a955de130be785179394_icedid

Files

2024-03-16_c6fcc5e7e676a955de130be785179394_icedid
.exe windows:4 windows x86 arch:x86

6d3ce501fd5a66772ae89e0476a4769a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Documents and Settings\A.simodate\My Documents\仕事\公文書作成\最新版開発環境\src_統合版\統合版\C\V3.1\SimpleVerifyCert\ReleaseMin\SimpleVerifyCert.pdb

Imports

crypt32

CertFreeCRLContext
CertEnumCertificatesInStore
CertEnumCRLsInStore
CertDeleteCRLFromStore
CertDeleteCertificateFromStore
CertAddCRLContextToStore
CertAddCertificateContextToStore
CertCloseStore
CertOpenStore
CertNameToStrW
CertVerifySubjectCertificateContext
CertFindExtension
CryptDecodeObject
CertFreeCertificateContext
CertCreateCRLContext
CertCreateCertificateContext

activeds

ord3
ord15

kernel32

LocalReAlloc
TlsFree
lstrcatW
SetErrorMode
GlobalFlags
GetModuleHandleA
GetVersionExA
LoadLibraryA
GlobalFindAtomW
GetStartupInfoW
ExitProcess
RtlUnwind
HeapAlloc
HeapFree
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
TerminateProcess
HeapSize
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
TlsSetValue
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
IsBadWritePtr
SetUnhandledExceptionFilter
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
SetStdHandle
LCMapStringA
LCMapStringW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExW
SizeofResource
LockResource
LoadResource
FindResourceW
MultiByteToWideChar
FileTimeToSystemTime
FileTimeToLocalFileTime
GetTimeFormatW
GetDateFormatW
GetModuleFileNameW
WideCharToMultiByte
DeleteFileW
GetTempPathW
LocalFree
lstrcpynW
FormatMessageW
GlobalUnlock
GlobalLock
GlobalAlloc
lstrlenW
lstrcpyW
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
WritePrivateProfileStringW
GlobalFree
SetLastError
GetLastError
RaiseException
InitializeCriticalSection
DeleteCriticalSection
lstrcmpA
GlobalAddAtomW
GetCurrentThread
GetCurrentThreadId
lstrcmpW
FreeLibrary
GlobalDeleteAtom
lstrcmpiA
GetModuleHandleW
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
GetFileTime
GetFileAttributesW
LoadLibraryW
GetProcAddress
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
CloseHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
InterlockedDecrement
GetTickCount

user32

RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
GetClassInfoExW
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconW
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
AdjustWindowRectEx
GetClassInfoW
RegisterClassW
DefWindowProcW
CallWindowProcW
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
ShowWindow
SetWindowLongW
GetDlgItem
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
SetWindowTextW
GetClassNameW
GetWindowTextW
LoadCursorW
ReleaseDC
GetSysColor
GetSysColorBrush
SetMenuItemBitmaps
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
SetWindowsHookExW
CallNextHookEx
GetMessageW
DestroyMenu
TranslateMessage
DispatchMessageW
SetWindowPos
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
SendMessageW
SetCursor
PostMessageW
PostQuitMessage
wsprintfW
CharUpperW
GetSystemMetrics
UnhookWindowsHookEx
UnregisterClassW
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
MessageBoxW
GetDC

gdi32

RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
DeleteObject
CreateBitmap
PtVisible
GetDeviceCaps

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegOpenKeyW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegCloseKey
RegQueryValueW
RegCreateKeyExW
RegSetValueExW
CryptReleaseContext
RegEnumKeyW
CryptAcquireContextW

comctl32

ord17

shlwapi

PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW

ole32

CoUninitialize
CoInitialize

oleaut32

VariantInit
VariantChangeType
VariantClear

Sections

.text
Size: 184KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d3ce501fd5a66772ae89e0476a4769a

Headers

File Characteristics

PDB Paths

Imports

crypt32

activeds

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

ole32

oleaut32

Sections

.text Size: 184KB - Virtual size: 181KB

.rdata Size: 48KB - Virtual size: 47KB

.data Size: 8KB - Virtual size: 330KB

.rsrc Size: 40KB - Virtual size: 36KB

.text
Size: 184KB - Virtual size: 181KB

.rdata
Size: 48KB - Virtual size: 47KB

.data
Size: 8KB - Virtual size: 330KB

.rsrc
Size: 40KB - Virtual size: 36KB