2024-03-29_86b0c03050fe4e88bb2d4276f353e69c_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-03-29_86b0c03050fe4e88bb2d4276f353e69c_icedid
Size

2.5MB
MD5

86b0c03050fe4e88bb2d4276f353e69c
SHA1

c319389a4805fa96c1fcfebfed837c14987faced
SHA256

8c2bb6f9e481245fd879199ef357e433ce29ce7ddf86dc21e844426fa8a41148
SHA512

8e01c99c1dbe188d797fe788e1929207c1fc921fe1d6105e2ef64d1258060ac395ee9c9da45790ea3a7d4885635c1ff1a57ddcc38e440ea8105f2365bd345ce0
SSDEEP

12288:+1lcqOzFJKtses41K8O6UuC32/yS1K4DvupRLA3ivupRG8jvupR:klc5JarBFOPJS1K4ypRLA3ZpRG8SpR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-29_86b0c03050fe4e88bb2d4276f353e69c_icedid

Files

2024-03-29_86b0c03050fe4e88bb2d4276f353e69c_icedid
.exe windows:4 windows x86 arch:x86

fbc6abd1837b1cd709e0e51cf0e554c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\Development\Project\Virgin\Player 5GB Update\Source\Tools\Update\Update\Release\Update.pdb

Imports

kernel32

RtlUnwind
ExitProcess
HeapFree
HeapAlloc
SetEnvironmentVariableA
SetCurrentDirectoryA
VirtualProtect
VirtualAlloc
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapReAlloc
TerminateProcess
ExitThread
CreateThread
HeapSize
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetTimeZoneInformation
GetDriveTypeA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetOEMCP
GetCPInfo
GetFileTime
GetFileAttributesA
SetErrorMode
GlobalFlags
GetCurrentDirectoryA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
WritePrivateProfileStringA
ReleaseSemaphore
CreateSemaphoreA
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcatA
lstrcmpW
FreeResource
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
ReadFile
GetCurrentThread
GlobalDeleteAtom
lstrcmpA
GetModuleHandleA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
LocalAlloc
GetSystemInfo
GetModuleHandleW
DeviceIoControl
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GetLocalTime
QueryPerformanceCounter
GlobalMemoryStatus
GetDiskFreeSpaceA
GetComputerNameA
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
CreateFileA
SetFilePointer
WriteFile
CloseHandle
LoadLibraryA
GetProcAddress
FreeLibrary
GetEnvironmentVariableA
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
MultiByteToWideChar
DeleteCriticalSection
InitializeCriticalSection
RaiseException
Sleep
DeleteFileA
SetFileAttributesA
RemoveDirectoryA
CopyFileA
GetModuleFileNameA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
UnhandledExceptionFilter
InterlockedExchange

user32

ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
ShowWindow
MoveWindow
SetWindowTextA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
MessageBoxA
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
AdjustWindowRectEx
EqualRect
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetMenuItemBitmaps
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CopyRect
PtInRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
UnhookWindowsHookEx
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
ReleaseDC
GetDC
LoadImageA
DrawIcon
SendMessageA
DrawTextA
TabbedTextOutA
wsprintfA
PostMessageA
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
CharUpperA
UnregisterClassA
GetSystemMetrics
LoadIconA
EnableWindow
KillTimer
SetTimer
InvalidateRect
GetClientRect
GetWindowRect
IsIconic
PostThreadMessageA
SetWindowPos
RegisterClipboardFormatA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
SetRect
IsRectEmpty
CharNextA
ReleaseCapture
SetCapture
DestroyMenu
LoadCursorA
GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
SetCursor
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
IsDialogMessageA

gdi32

GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
SelectPalette
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
GetClipBox
SetMapMode
SetTextColor
SetBkMode
RestoreDC
SaveDC
CreateFontIndirectA
GetStockObject
CreateDIBSection
GdiFlush
GetDIBColorTable
RealizePalette
GetDeviceCaps
GetObjectA
CreateBitmap
GetPaletteEntries
CreatePalette
DeleteObject
GetDIBits
SelectObject
SetBkColor
BitBlt
DeleteDC
CreateCompatibleDC

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
GetUserNameA

comctl32

ord17

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA

oledlg

ord8

ole32

CoGetClassObject
CLSIDFromString
CLSIDFromProgID
StgOpenStorageOnILockBytes
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoInitialize
CoUninitialize
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard

oleaut32

SysFreeString
SysAllocStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
SysAllocString
OleCreateFontIndirect
SysStringLen

msvfw32

DrawDibOpen
DrawDibDraw
DrawDibRealize
DrawDibSetPalette
DrawDibClose

Sections

.text
Size: 244KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fbc6abd1837b1cd709e0e51cf0e554c9

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

msvfw32

Sections

.text Size: 244KB - Virtual size: 240KB

.rdata Size: 68KB - Virtual size: 66KB

.data Size: 16KB - Virtual size: 30KB

.rsrc Size: 2.2MB - Virtual size: 2.2MB

.text
Size: 244KB - Virtual size: 240KB

.rdata
Size: 68KB - Virtual size: 66KB

.data
Size: 16KB - Virtual size: 30KB

.rsrc
Size: 2.2MB - Virtual size: 2.2MB