2024-03-28_c403be6b71c3e95a0c500410b1238506_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-03-28_c403be6b71c3e95a0c500410b1238506_icedid
Size

288KB
MD5

c403be6b71c3e95a0c500410b1238506
SHA1

28d7805577fd065419bb048738db728cb583de4e
SHA256

7fa7f49a085dbf9cfa4d919eb9cacf0f870529fd1afdf5709c8ef36449d5309b
SHA512

6b0e0ca6e616aa6f1158ef0402e7a62c1951ad59ddd7ad7824dea0f0fbb873c66d157919ec8d2e92a2c59ddd63407aae76e59f44c2c6aa9ff61e31a0e98e7961
SSDEEP

6144:oUvdpzziUfseHsZTQNJYHrzfGUAbe3vaOLKAjDlugmNtO:oUXaUfseHsZTYErCUEAvrjDlu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-28_c403be6b71c3e95a0c500410b1238506_icedid

Files

2024-03-28_c403be6b71c3e95a0c500410b1238506_icedid
.exe windows:4 windows x86 arch:x86

56ae4d00bcc9db8ac845a3c0a626ba7e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\LmProject\Tool\AutoSendMessage\Release\AutoSendMessage.pdb

Imports

kernel32

GetTickCount
RtlUnwind
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
TerminateProcess
ExitThread
CreateThread
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeW
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GlobalFlags
InterlockedIncrement
CreateFileA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FileTimeToSystemTime
InterlockedDecrement
GlobalGetAtomNameA
GlobalFindAtomA
lstrcatA
lstrcmpW
SetLastError
MulDiv
FormatMessageA
LocalFree
GlobalUnlock
GlobalFree
FreeResource
CreateEventA
SuspendThread
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
GlobalAddAtomA
GetCurrentThread
GetCurrentThreadId
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
GetModuleHandleA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
LoadLibraryA
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
MultiByteToWideChar
FindFirstFileA
FindClose
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetFileInformationByHandle
FindFirstChangeNotificationA
WaitForMultipleObjects
Sleep
FindCloseChangeNotification
GetLastError
ExitProcess
LoadLibraryExA
GetProcAddress
FreeLibrary
GetLocalTime
GetModuleFileNameA
lstrcpynA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
ResetEvent
SetEvent
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
OpenMutexA
CreateMutexA
GetStringTypeA
ReleaseMutex

user32

RegisterClipboardFormatA
PostThreadMessageA
GetSysColorBrush
LoadCursorA
WindowFromPoint
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyMenu
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
TrackPopupMenu
SetForegroundWindow
UpdateWindow
GetMenu
AdjustWindowRectEx
EqualRect
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
IntersectRect
GetWindowPlacement
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
wsprintfA
ReleaseDC
GetDC
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetFocus
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
ValidateRect
MessageBoxA
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
SetCursor
PostQuitMessage
CharUpperA
MessageBeep
GetNextDlgGroupItem
GetMessagePos
ReleaseCapture
SystemParametersInfoA
SetCapture
InvalidateRect
PtInRect
GetSysColor
IsWindow
GetParent
RedrawWindow
InvalidateRgn
CopyAcceleratorTableA
IsRectEmpty
CharNextA
ScreenToClient
GetWindowRect
DrawFocusRect
DrawFrameControl
DrawEdge
OffsetRect
InflateRect
SetRect
CopyRect
LoadImageA
DestroyIcon
GetCursorPos
GetSystemMetrics
LoadIconA
EnableWindow
KillTimer
SetTimer
GetClientRect
IsIconic
GetSystemMenu
PostMessageA
AppendMenuA
CreatePopupMenu
DrawIcon
RegisterWindowMessageA
SendMessageA
UnregisterClassA

gdi32

SelectPalette
CreateSolidBrush
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
DeleteObject
SetMapMode
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
Rectangle
SetBkMode
RestoreDC
SaveDC
ExtTextOutA
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateRectRgnIndirect
CreateBitmap
GetStockObject
GetTextExtentPoint32A
RealizePalette
GetDeviceCaps
CreatePalette
CreateFontIndirectA
CreatePen

comdlg32

ChooseColorA
GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueA
RegCreateKeyExA
RegCloseKey

shell32

Shell_NotifyIconA

comctl32

ord17
ImageList_Destroy

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoGetClassObject
CoTaskMemAlloc
StgOpenStorageOnILockBytes
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries

oleaut32

VariantCopy
SysAllocString
SafeArrayDestroy
OleCreateFontIndirect
SysAllocStringByteLen
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime

ws2_32

htonl
inet_addr

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56ae4d00bcc9db8ac845a3c0a626ba7e

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 192KB - Virtual size: 191KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 24KB - Virtual size: 20KB