2024-03-18_ca265ad9e8a612e1e991de92682e6c6a_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-18_ca265ad9e8a612e1e991de92682e6c6a_icedid
Size

1.2MB
MD5

ca265ad9e8a612e1e991de92682e6c6a
SHA1

8f60d1226396c589443d54c33d452d7788bec2ab
SHA256

17da6e03a434d35bde2d8637469705b603b1c30cbbb31230dc0a6719560645ee
SHA512

ce93d6bfb17268cc018db5670cdea9da51e77073078bd27b8fc90b8d812da9a203f7ba05ac5cad7a0f24374337cea836ab00774b5bcf1470a53c8506bffbcac4
SSDEEP

24576:/FXf4dZ/Ub830/nsAxv4/4T4Y4kqPMJqLuJ8uqLuJX:/5AdZ/UY30/nsAxv4/4T4Y49PMJqiJrD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-18_ca265ad9e8a612e1e991de92682e6c6a_icedid

Files

2024-03-18_ca265ad9e8a612e1e991de92682e6c6a_icedid
.exe windows:5 windows x86 arch:x86

d2b0808ece5366f11ba490d829440308

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\My work\windows project\Sound level meter\Sound Level Meter General - 100000采样点\sound level meter general\8852\Sound Level Meter.pdb

Imports

kernel32

DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileW
GetVolumeInformationW
GetShortPathNameW
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetFileSizeEx
SetErrorMode
GetStartupInfoW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
RtlUnwind
ExitProcess
RaiseException
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetFileSize
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
SetEndOfFile
UnlockFile
LockFile
SetFilePointer
lstrcmpiW
GetStringTypeExW
DeleteFileW
MoveFileW
GetThreadLocale
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetCurrentDirectoryW
GlobalGetAtomNameW
lstrlenA
GetModuleHandleA
InterlockedDecrement
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
SetFileTime
GetFileAttributesW
GlobalFindAtomW
GetVersionExW
CompareStringW
LoadLibraryA
GetVersionExA
GlobalUnlock
GlobalAddAtomW
GetPrivateProfileStringW
FreeResource
GlobalFree
lstrlenW
GetTickCount
GetCurrentProcessId
SetLastError
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
LoadLibraryW
WideCharToMultiByte
CompareStringA
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
FreeLibrary
WaitCommEvent
GetCommTimeouts
SetCommTimeouts
SetupComm
PurgeComm
FlushFileBuffers
GetCommMask
SetCommMask
SetCommState
GetCommState
ClearCommError
GetOverlappedResult
WriteFile
ReadFile
CreateFileW
GetProcAddress
GetModuleHandleW
LocalFree
FormatMessageW
MulDiv
GetPrivateProfileIntW
ResumeThread
SetThreadPriority
WaitForMultipleObjects
GetLastError
ResetEvent
WaitForSingleObject
SetEvent
CreateEventW
WritePrivateProfileStringW
Sleep
LockResource
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
CreateThread
GetCommandLineW
CloseHandle

user32

GetSysColorBrush
UnregisterClassW
WindowFromPoint
GetDCEx
LockWindowUpdate
LoadAcceleratorsW
InsertMenuItemW
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorW
DestroyMenu
GetMenuItemInfoW
InflateRect
ReleaseCapture
LoadCursorW
SetCapture
SetWindowRgn
DrawIcon
IsRectEmpty
SystemParametersInfoW
LoadMenuW
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
GetMenuStringW
AppendMenuW
InsertMenuW
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
ScrollWindow
TrackPopupMenu
SetMenu
SetForegroundWindow
ShowScrollBar
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
PtInRect
DefWindowProcW
CallWindowProcW
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
ShowOwnedPopups
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
GetMenuState
CheckMenuItem
UpdateWindow
EnableWindow
LoadBitmapW
InvalidateRect
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetNextDlgTabItem
EndDialog
GetWindowTextLengthW
GetWindowTextW
GetFocus
SetFocus
ShowWindow
MoveWindow
SetWindowLongW
CharUpperW
DestroyIcon
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
CharNextW
PostThreadMessageW
GetDlgCtrlID
IsWindow
SetParent
GetSystemMenu
DeleteMenu
IsZoomed
UnpackDDElParam
GetScrollRange
ReuseDDElParam
SendMessageW
SetTimer
GetClientRect
KillTimer
EnableMenuItem
GetSubMenu
GetParent
GetWindowRect
SetScrollRange
SetScrollPos
CloseWindow
GetScrollPos
wsprintfW
MessageBoxW
CopyRect
SetRect
PostQuitMessage
PostMessageW
IsWindowEnabled
GetLastActivePopup
GetWindowLongW
GetWindowThreadProcessId
RegisterClipboardFormatW
SetWindowPos
MapDialogRect
SetWindowContextHelpId
GetWindow
GetDlgItem
SendDlgItemMessageW
IsDialogMessageW
SetWindowTextW
MapWindowPoints

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
SelectObject
CreateRectRgnIndirect
PatBlt
CreateEllipticRgn
LPtoDP
SetRectRgn
CombineRgn
GetMapMode
GetCharWidthW
StretchDIBits
GetBkColor
GetRgnBox
ExtTextOutW
Escape
TextOutW
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
CreateSolidBrush
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
EndPage
StartPage
EndDoc
StartDocW
CreateDCW
CreateFontIndirectW
GetDeviceCaps
Ellipse
Rectangle
GetStockObject
GetTextExtentPoint32W
CreatePen
GetTextMetricsW
CreateCompatibleBitmap
GetBkMode
GetTextColor
CreateFontW
BitBlt
CreateCompatibleDC
GetObjectW

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegEnumKeyW
RegCreateKeyW
RegSetValueW
GetFileSecurityW
SetFileSecurityW
RegQueryValueW
RegOpenKeyW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW

shell32

SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
DragFinish
DragQueryFileW
ExtractIconW
ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoGetClassObject
CoInitializeEx
CoUninitialize
CoTaskMemAlloc
CreateILockBytesOnHGlobal
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoCreateInstance
CoInitializeSecurity
CoInitialize

oleaut32

SysAllocString
SysFreeString
VariantInit
VariantClear
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElement
SafeArrayDestroy
SysAllocStringLen
VariantChangeType
SysStringLen
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantCopy

Sections

.text
Size: 420KB - Virtual size: 420KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 665KB - Virtual size: 665KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2b0808ece5366f11ba490d829440308

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 420KB - Virtual size: 420KB

.rdata Size: 102KB - Virtual size: 101KB

.data Size: 13KB - Virtual size: 28KB

.rsrc Size: 665KB - Virtual size: 665KB

.text
Size: 420KB - Virtual size: 420KB

.rdata
Size: 102KB - Virtual size: 101KB

.data
Size: 13KB - Virtual size: 28KB

.rsrc
Size: 665KB - Virtual size: 665KB