2024-03-28_8bd13ece0ed9ef3f3ebd9e92ce45df11_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-03-28_8bd13ece0ed9ef3f3ebd9e92ce45df11_icedid
Size

436KB
MD5

8bd13ece0ed9ef3f3ebd9e92ce45df11
SHA1

579e27157cdd44c2892ab37220b00c8cd9d43015
SHA256

425457f2186bf9e8f2d3df96c7712a313cb1409b704c8db3df7b33430439499c
SHA512

408516aa4c9d4f0609d39c7b53e31246a33c771bdd5be01281ae95c0bc177d43710a671e800119910fc87e7a2b18366d8dc3659647d6c49307165692305fe79a
SSDEEP

6144:fc09OJqqJDrxL97YxHTWKko1fkXJakYnaYQUeAqiuEN0Fz6K:fc09OBJJx7IHiKko1MX8LxOijK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-28_8bd13ece0ed9ef3f3ebd9e92ce45df11_icedid

Files

2024-03-28_8bd13ece0ed9ef3f3ebd9e92ce45df11_icedid
.exe windows:4 windows x86 arch:x86

25256239f8768fd7c3eaa490fea1ced3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Documents and Settings\tempuser\My Documents\EXTime日立版\時刻入力支援ツール\HAPC-1.3.2.3\HAPCLIST\Release\HAPCLIST.pdb

Imports

kernel32

LockFile
UnlockFile
DuplicateHandle
GetFileAttributesA
GetFileTime
GlobalFlags
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
SetErrorMode
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
GetSystemTimeAsFileTime
GetStartupInfoA
HeapReAlloc
ExitThread
CreateThread
LocalReAlloc
GetFileType
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GlobalHandle
GlobalReAlloc
GetTickCount
SuspendThread
ResumeThread
SetThreadPriority
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
FileTimeToLocalFileTime
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcpynA
GetPrivateProfileStringA
InterlockedIncrement
ExpandEnvironmentStringsA
GetVolumeInformationA
Module32Next
Module32First
Process32Next
Process32First
CreateToolhelp32Snapshot
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
TerminateProcess
GetProcAddress
GetModuleHandleA
LoadLibraryExA
FindFirstFileA
SetEvent
CreateEventA
ReleaseMutex
CreateMutexA
SetEndOfFile
FlushFileBuffers
GetFileSize
SetFilePointer
ReadFile
WriteFile
CreateFileA
GetSystemTime
MoveFileExA
Sleep
OutputDebugStringA
GetStdHandle
GetComputerNameExA
GetFullPathNameA
GetCurrentDirectoryA
FindClose
FormatMessageA
LocalAlloc
ProcessIdToSessionId
CreateDirectoryA
GetCurrentProcess
GetCurrentProcessId
SetLastError
GetProcessShutdownParameters
SetProcessShutdownParameters
GetCommandLineA
GetUserDefaultUILanguage
CloseHandle
GetModuleFileNameA
WaitForSingleObject
TlsFree
GetCurrentThreadId
TlsAlloc
TlsSetValue
InterlockedDecrement
TlsGetValue
LocalFree
FindResourceA
LoadResource
LockResource
SizeofResource
FreeLibrary
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
SetStdHandle
InterlockedExchange

user32

SetRect
InflateRect
RegisterClipboardFormatA
SetWindowContextHelpId
MapDialogRect
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
ShowOwnedPopups
PostQuitMessage
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
UnpackDDElParam
ReuseDDElParam
DestroyMenu
GetActiveWindow
SetCursor
ReleaseCapture
LoadAcceleratorsA
InvalidateRect
InsertMenuItemA
SetRectEmpty
BringWindowToTop
TranslateAcceleratorA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
FillRect
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
WindowFromPoint
IsZoomed
IsRectEmpty
CharUpperA
UnregisterClassA
CheckMenuItem
EnableMenuItem
GetMenuItemCount
GetMenuItemID
SendMessageA
PostMessageA
UpdateWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
TrackPopupMenu
GetKeyState
GetMenu
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetClassInfoA
RegisterClassA
GetDlgCtrlID
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
SetMenuItemBitmaps
GetFocus
ModifyMenuA
GetMenuCheckMarkDimensions
UnionRect
CopyAcceleratorTableA
InvalidateRgn
SetCapture
GetSysColorBrush
LoadBitmapA
GetDesktopWindow
GetMenuState
DrawIconEx
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetSysColor
IsWindow
GetNextDlgGroupItem
MessageBeep
GetDCEx
LockWindowUpdate
SetParent
IsWindowVisible
GetParent
EnableWindow
LoadCursorA
GetClientRect
EnumWindows
MessageBoxIndirectA
MessageBoxA
GetWindowThreadProcessId
GetClassNameA
SetForegroundWindow
PostThreadMessageA
CharNextA
wsprintfA
LoadImageA
CharPrevA
AppendMenuA
GetMenuItemInfoA
InsertMenuA
SetMenu
GetSystemMenu
SetTimer
KillTimer
LoadIconA
DefWindowProcA
GetSubMenu
LoadMenuA
CopyRect
PtInRect
GetSystemMetrics
CreatePopupMenu

gdi32

GetTextColor
GetMapMode
CombineRgn
SetRectRgn
GetRgnBox
GetTextMetricsA
GetBkColor
PatBlt
CreateRectRgnIndirect
CreateFontIndirectA
CreateCompatibleBitmap
CreateSolidBrush
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetViewportOrgEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
Escape
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetBkMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
GetTextExtentPoint32A
SelectObject
ExtTextOutA
PtVisible
RectVisible
TextOutA
OffsetViewportOrgEx

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

GetLengthSid
CopySid
CloseEventLog
RegCloseKey
OpenEventLogA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegEnumValueA
RegQueryInfoKeyA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
GetTokenInformation
OpenProcessToken
ReportEventA

shell32

SHGetFolderPathA
DragFinish
DragQueryFileA
CommandLineToArgvW

comctl32

ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy
ord17

shlwapi

PathFindExtensionA
PathFindFileNameA
PathRemoveExtensionA
PathFileExistsA
UrlEscapeA
UrlUnescapeA
PathStripToRootA
PathAddExtensionA
PathAppendA
PathIsUNCA

wininet

InternetCrackUrlA
InternetCanonicalizeUrlA

ole32

CoTaskMemAlloc
CoRevokeClassObject
CoFreeUnusedLibraries
OleIsCurrentClipboard
CLSIDFromProgID
CoRegisterMessageFilter
OleInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoCreateInstance
CLSIDFromString
OleFlushClipboard
OleUninitialize

oleaut32

SysFreeString
VariantInit
VariantClear
SafeArrayDestroy
SafeArrayPtrOfIndex
SafeArrayLock
SafeArrayUnlock
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayRedim
SafeArrayCreate
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
SysAllocStringLen
SysAllocString
VariantCopy
SysStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
GetErrorInfo

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

oledlg

ord8

iphlpapi

GetIpAddrTable

ws2_32

inet_addr

Sections

.text
Size: 304KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25256239f8768fd7c3eaa490fea1ced3

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

wininet

ole32

oleaut32

version

oledlg

iphlpapi

ws2_32

Sections

.text Size: 304KB - Virtual size: 300KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 36KB - Virtual size: 34KB

.text
Size: 304KB - Virtual size: 300KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 36KB - Virtual size: 34KB