2024-03-25_d662d73242182501699782ca4f7156b6_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-03-25_d662d73242182501699782ca4f7156b6_icedid
Size

4.7MB
MD5

d662d73242182501699782ca4f7156b6
SHA1

932fc8ea1a3153a4279b2a4f69179d7e83e6036b
SHA256

81a771ffb8b3bcad3f549b6fe8fc2a83e8949c758c90e02c42d17916d6f1865d
SHA512

689e5c3c190dd3b837cb092037358eea795df6ba6721cbe7553d157970d3cda2912d18fcb047f9e2fc6e5453f47303db33e944036f47f0dba2b26aae6c096a0f
SSDEEP

49152:X706Oe7j7XOwh4lL3d2j+dPuIZcEr5iUdN0Yp4+WZFtr53DadjMlTO87E+FW3CTp:lXK3YmvZcEdndWYqdlaC9FFW38T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-25_d662d73242182501699782ca4f7156b6_icedid

Files

2024-03-25_d662d73242182501699782ca4f7156b6_icedid
.exe windows:4 windows x86 arch:x86

e9e39813831306f7becb75f172ef0fac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\GamingX\Develop\PokerClient\Ver_6.12.2\PokerClient\ReleaseU\poker.pdb

Imports

crypt32

CryptMsgGetParam
CertFreeCertificateContext
CertCloseStore
CryptMsgClose
CertFindCertificateInStore
CryptQueryObject
CertGetNameStringW

ssleay32

ord48
ord58
ord86
ord108
ord166
ord157
ord78
ord8
ord82
ord74
ord183
ord117
ord12
ord83
ord75

libeay32

ord95
ord3212
ord224
ord227
ord2291
ord3866
ord89
ord1800
ord109
ord78

bass

BASS_SampleLoad
BASS_SampleCreate
BASS_SampleCreateDone
BASS_SampleFree
BASS_SampleGetInfo
BASS_SampleGetChannel
BASS_SampleStop
BASS_StreamCreateFile
BASS_StreamFree
BASS_GetVersion
BASS_ErrorGetCode
BASS_Init
BASS_Free
BASS_Start
BASS_Stop
BASS_ChannelIsActive
BASS_ChannelGetInfo
BASS_ChannelSetFlags
BASS_ChannelPlay
BASS_ChannelStop
BASS_ChannelGetLength
BASS_ChannelGetData

kernel32

SetErrorMode
OutputDebugStringA
PulseEvent
GetThreadPriority
GetCurrencyFormatW
FormatMessageA
WritePrivateProfileStructW
DeviceIoControl
SetPriorityClass
GetUserDefaultLCID
GetSystemDefaultLangID
GlobalMemoryStatusEx
GetSystemInfo
IsWow64Process
GetStartupInfoW
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapReAlloc
ExitThread
ExitProcess
VirtualProtect
VirtualAlloc
VirtualQuery
GetFileType
HeapSize
GetTimeFormatA
GetDateFormatA
GetCPInfo
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
SetEnvironmentVariableA
SetEnvironmentVariableW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetCurrentDirectoryA
GetDriveTypeA
SizeofResource
LockResource
LoadResource
FindResourceW
MultiByteToWideChar
LoadLibraryW
GetModuleHandleW
GetProcAddress
SetLastError
GetLastError
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetSystemTime
FileTimeToSystemTime
SetFilePointer
GetFileSize
CreateFileW
CreateDirectoryW
FindClose
FindNextFileW
DeleteFileW
InterlockedCompareExchange
GetFileTime
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GlobalGetAtomNameW
LocalAlloc
FileTimeToLocalFileTime
SuspendThread
ResumeThread
SetThreadPriority
GetCurrentThread
FindFirstFileW
GetTickCount
CloseHandle
ConvertDefaultLocale
EnumResourceLanguagesW
CompareStringA
WaitForMultipleObjects
GetPrivateProfileStringW
WritePrivateProfileStringW
OutputDebugStringW
GetPrivateProfileIntW
lstrcmpA
GetThreadLocale
GetModuleHandleA
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
LocalLock
LocalFree
MoveFileW
InterlockedIncrement
RaiseException
HeapAlloc
GetProcessHeap
HeapFree
GetVersion
InterlockedExchange
GetLongPathNameW
GetCurrentThreadId
GlobalLock
GlobalUnlock
MulDiv
lstrcpyW
GetDateFormatW
FormatMessageW
CreateProcessW
ReleaseMutex
GetStdHandle
SetStdHandle
ReadFile
Sleep
TerminateThread
ResetEvent
CreateEventW
CreateThread
SetEvent
WaitForSingleObject
SleepEx
CopyFileW
GetCurrentDirectoryW
GetLocaleInfoW
GlobalAlloc
GlobalFree
WriteFile
GetLocalTime
GetTimeZoneInformation
OpenProcess
GetFileAttributesW
InterlockedDecrement
lstrlenA
lstrlenW
GetVersionExW
WideCharToMultiByte
GetCurrentProcessId
FreeLibrary
CreateMutexW
GetModuleFileNameW
WritePrivateProfileSectionW

user32

TranslateMessage
CharNextW
GetWindowThreadProcessId
WindowFromPoint
MapVirtualKeyW
GetKeyNameTextW
EndPaint
BeginPaint
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
ScrollWindow
TrackPopupMenu
GetMenu
MessageBoxW
GetClassInfoExW
GetClassInfoW
DeferWindowPos
SetWindowPlacement
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowTextLengthW
GetWindowTextW
SetFocus
ShowWindow
MoveWindow
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
GetDlgItem
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
GetSubMenu
IsWindowEnabled
SetCursorPos
GetSystemMenu
RemoveMenu
GetMenuItemCount
EqualRect
MapWindowPoints
GetWindowDC
WindowFromDC
DrawEdge
DrawFrameControl
SetScrollInfo
SetPropW
RemovePropW
SetScrollRange
SetScrollPos
GetScrollRange
GetScrollPos
EnableScrollBar
GetPropW
DrawIconEx
SetLayeredWindowAttributes
ValidateRect
ShowOwnedPopups
LoadBitmapW
GetKeyState
GetActiveWindow
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
CallWindowProcW
GetScrollInfo
SetParent
GetWindow
GetScrollBarInfo
FrameRect
ReleaseDC
GetDC
GrayStringW
DrawTextExW
GetMessageW
DefWindowProcW
FindWindowExW
UnregisterClassW
GetFocus
FlashWindow
GetForegroundWindow
IsZoomed
PeekMessageW
UnionRect
FillRect
GetSysColorBrush
GetCursorPos
PostThreadMessageW
ShowScrollBar
SetCapture
ReleaseCapture
IsRectEmpty
AdjustWindowRect
SetActiveWindow
LockWindowUpdate
SystemParametersInfoW
OffsetRect
SetRectEmpty
GetSysColor
RedrawWindow
GetSystemMetrics
SetWindowLongW
ChangeDisplaySettingsW
CloseWindow
SetForegroundWindow
FindWindowW
GetUpdateRect
UpdateWindow
BringWindowToTop
SetWindowRgn
EnumDisplaySettingsW
SetRect
GetWindowLongW
EnumWindows
DestroyWindow
RegisterClassW
MapDialogRect
SetWindowContextHelpId
WaitMessage
RegisterClipboardFormatW
TranslateAcceleratorW
SetMenu
CreatePopupMenu
InsertMenuItemW
LoadAcceleratorsW
DestroyMenu
CreateWindowExW
LoadIconW
PostQuitMessage
LoadMenuW
GetCaretPos
GetWindowRgn
EnumDisplayMonitors
IsCharLowerW
MapVirtualKeyExW
DestroyAcceleratorTable
UnregisterClassA
DestroyIcon
AdjustWindowRectEx
MonitorFromWindow
GetMonitorInfoW
GetCursor
GetParent
GetDesktopWindow
DrawStateW
CopyImage
GetKeyboardLayout
KillTimer
SetTimer
IsWindowVisible
InvalidateRect
IsIconic
SetCursor
GetWindowRect
InflateRect
GetMessagePos
LoadImageW
DrawTextW
IsWindow
ScreenToClient
GetClientRect
CopyRect
LoadCursorW
PostMessageW
EnableWindow
SendMessageW
ClientToScreen
PtInRect
ToAsciiEx
GetKeyboardState
SetMenuDefaultItem
GetMenuDefaultItem
GetAsyncKeyState
GetDCEx
MessageBeep
GetNextDlgGroupItem
CharUpperW
DeleteMenu
IsClipboardFormatAvailable
GetMenuItemInfoW
InvalidateRgn
CopyAcceleratorTableW
DrawIcon
UnpackDDElParam
SetWindowPos
ReuseDDElParam
TabbedTextOutW

gdi32

GetRgnBox
GetBkColor
SetBkColor
CreatePolygonRgn
FrameRgn
SetTextColor
UnrealizeObject
CreateBitmap
PatBlt
SetBrushOrgEx
CreatePatternBrush
PlayEnhMetaFile
SetWindowOrgEx
SelectClipRgn
IntersectClipRect
LineTo
MoveToEx
Polygon
CloseEnhMetaFile
SetBkMode
CreateEnhMetaFileW
CreateFontW
GetCurrentObject
GetClipBox
SaveDC
RestoreDC
SetStretchBltMode
SetMapMode
ExcludeClipRect
SetTextAlign
GetViewportExtEx
GetWindowExtEx
GetPixel
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
GetObjectType
SetRectRgn
GetMapMode
DPtoLP
CreateEllipticRgn
LPtoDP
Ellipse
CreateDIBitmap
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBSection
OffsetRgn
RealizePalette
GetDIBits
RemoveFontResourceW
AddFontResourceW
ExtCreateRegion
RectInRegion
CreatePenIndirect
SetDIBitsToDevice
GetDeviceCaps
CombineRgn
CreateRectRgnIndirect
CreateBrushIndirect
GetTextExtentPoint32W
GetTextMetricsW
GetTextColor
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
BitBlt
CreateCompatibleBitmap
GetObjectW
CreateFontIndirectW
PtInRegion
CreateRoundRectRgn
FloodFill
SetPixel
RoundRect
Rectangle
CreatePen
CreateSolidBrush
CreateRectRgn
GetStockObject
DeleteObject
DeleteDC
StretchBlt
SelectObject
FillRgn
CreateCompatibleDC

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyW
RegCreateKeyW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
CryptAcquireContextW
CryptDecrypt
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptDeriveKey
CryptSetKeyParam
CryptEncrypt
CryptDestroyKey
CryptDestroyHash
CryptReleaseContext
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW

shell32

SHBrowseForFolderW
SHFileOperationW
DragFinish
SHGetPathFromIDListW
SHCreateDirectoryExW
ShellExecuteW
DragQueryFileW

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathFindFileNameW
PathStripPathW
StrStrIW
PathFileExistsW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathIsDirectoryW

oledlg

OleUIBusyW

ole32

OleCreateStaticFromData
OleDuplicateData
ReleaseStgMedium
OleSetContainedObject
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemAlloc
CLSIDFromProgID
CoTaskMemFree
CoCreateGuid
CoCreateInstance
CoSetProxyBlanket
CoInitialize
CoUninitialize
CoRegisterMessageFilter
CLSIDFromString
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard

oleaut32

SafeArrayDestroy
OleCreateFontIndirect
VariantCopy
VariantChangeType
SysStringByteLen
SysAllocStringByteLen
SysStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString
GetErrorInfo
SysAllocString
SysAllocStringLen
VariantClear
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
VariantInit

ws2_32

ioctlsocket
listen
closesocket
htonl
htons
__WSAFDIsSet
accept
gethostbyname
socket
select
bind
getsockname
getpeername
WSASetLastError
connect
sendto
recvfrom
WSAAsyncSelect
send
recv
WSAGetLastError
getsockopt
setsockopt
shutdown
ntohs
inet_ntoa
WSAStartup
inet_addr
WSACleanup
WSASocketW

winmm

mmioClose
timeGetTime

iphlpapi

GetTcpTable

psapi

EnumProcesses
GetProcessImageFileNameW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

winhttp

WinHttpCloseHandle
WinHttpReadData
WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpSendRequest
WinHttpOpenRequest
WinHttpConnect
WinHttpOpen
WinHttpCrackUrl
WinHttpQueryDataAvailable

wininet

InternetQueryOptionW

Sections

.text
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 804KB - Virtual size: 800KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9e39813831306f7becb75f172ef0fac

Headers

File Characteristics

PDB Paths

Imports

crypt32

ssleay32

libeay32

bass

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

winmm

iphlpapi

psapi

version

winhttp

wininet

Sections

.text Size: 3.8MB - Virtual size: 3.8MB

.rdata Size: 804KB - Virtual size: 800KB

.data Size: 52KB - Virtual size: 143KB

.rsrc Size: 36KB - Virtual size: 33KB

.text
Size: 3.8MB - Virtual size: 3.8MB

.rdata
Size: 804KB - Virtual size: 800KB

.data
Size: 52KB - Virtual size: 143KB

.rsrc
Size: 36KB - Virtual size: 33KB