2024-04-04_4d5f8a6522560a7bdadfbda09d7b866e_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-04_4d5f8a6522560a7bdadfbda09d7b866e_icedid
Size

1.8MB
MD5

4d5f8a6522560a7bdadfbda09d7b866e
SHA1

7d39bdcd8a9f8b3a44054f07537bde01b157dab0
SHA256

d6f76a5e7d052387e45fa2f6ce4b8444afb9ea9e5fcc71592765be867666f702
SHA512

7850e20bf64ce762b995e0085377e1fb01cc929b81eb1af21000c539ef87f89baae56a5a35ad486b7a11055a26a0abcb5f74994a4c19f5ed7b38499ce4fbe7da
SSDEEP

24576:gnHGCbTLCi27TnRqs3vDhdIC4a92xs1InyTYnGDOIrNH:gnbHLYBD/Dh6C4a92QAzIp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-04_4d5f8a6522560a7bdadfbda09d7b866e_icedid

Files

2024-04-04_4d5f8a6522560a7bdadfbda09d7b866e_icedid
.exe windows:5 windows x86 arch:x86

d3927880c7c04e696fb4b8ede6e62464

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\cpuid\applications\HWMonitor\vc2008\Release\HWMonitor_x32.pdb

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

advapi32

CreateServiceA
RegOpenKeyExW
RegQueryValueW
RegCloseKey
DeleteService
OpenServiceA
StartServiceA
ControlService
OpenSCManagerA
RegQueryValueExA
RegSetValueW
RegQueryValueExW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW
SetFileSecurityW
GetFileSecurityW
RegCreateKeyExW
RegCreateKeyW
RegSetValueExW
RegDeleteValueW
CloseServiceHandle

kernel32

GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
lstrlenA
GetThreadLocale
FileTimeToSystemTime
SystemTimeToFileTime
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
MoveFileW
GetStringTypeExW
lstrcmpiW
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
FindClose
FindFirstFileW
GetVolumeInformationW
GetShortPathNameW
CreateFileW
FileTimeToLocalFileTime
GetFileAttributesExW
LocalFileTimeToFileTime
GetFileSizeEx
GetSystemDirectoryW
SetErrorMode
GetStartupInfoW
RaiseException
RtlUnwind
HeapAlloc
HeapReAlloc
ExitProcess
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
VirtualAlloc
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GlobalReAlloc
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
SetStdHandle
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
OutputDebugStringW
GetVersionExW
GetTempPathW
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryW
GetProcAddress
FreeLibrary
SizeofResource
LockResource
LoadResource
FindResourceW
InterlockedDecrement
CreateMutexW
GetLastError
GetModuleHandleW
GetModuleFileNameW
GetComputerNameW
GetCurrentDirectoryW
WaitForSingleObject
ReleaseMutex
Sleep
ExitThread
CreateThread
SetThreadPriority
SetCurrentDirectoryW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CloseHandle
DeleteFileW
SetLastError
lstrcpyW
lstrcatW
lstrlenW
WinExec
HeapFree
GetCPInfo
GetProcessHeap
LoadLibraryA
GetCurrentProcess
GetVersionExA
CreateMutexA
CreateDirectoryA
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
GlobalFlags
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
SetFileTime
GetFileAttributesW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryExW
CreateProcessW
CreateProcessA
ExpandEnvironmentStringsW
VerifyVersionInfoW
VerSetConditionMask
CompareStringA
InterlockedExchange
GlobalGetAtomNameW
GlobalFree
GetModuleFileNameA
GlobalAlloc
FormatMessageW
GetCurrentProcessId
GlobalLock
GlobalUnlock
MulDiv
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount
ReadFile
SetThreadAffinityMask
ResumeThread
WriteConsoleA
GetSystemInfo
GetDiskFreeSpaceA
LocalAlloc
LocalFree
GetProcessAffinityMask
SetProcessAffinityMask
SetFilePointer
GetTempPathA
GetModuleHandleA
FindResourceA
GetWindowsDirectoryA
WriteFile
DeleteFileA
RemoveDirectoryA
GetComputerNameA
CreateFileA
DeviceIoControl
GetCurrentDirectoryA

user32

GetSysColorBrush
SystemParametersInfoW
GetMenuItemInfoW
IsZoomed
ShowOwnedPopups
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
PostQuitMessage
UnpackDDElParam
ReuseDDElParam
LoadMenuW
DestroyMenu
GetActiveWindow
ReleaseCapture
LoadAcceleratorsW
InsertMenuItemW
CreatePopupMenu
SetRectEmpty
BringWindowToTop
GetDesktopWindow
TranslateAcceleratorW
GetMenuStringW
InsertMenuW
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
GetMenuState
EnableMenuItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
TrackPopupMenu
GetKeyState
WindowFromPoint
SetRect
UnregisterClassW
CharUpperW
DestroyIcon
DeleteMenu
CheckMenuItem
LoadCursorW
SetMenu
SetScrollPos
GetScrollPos
SetForegroundWindow
IsWindowVisible
PostMessageW
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
SetScrollInfo
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
IsWindow
wsprintfA
LoadImageW
CreateCursor
GetSystemMetrics
SetCursor
SetTimer
KillTimer
SetWindowLongW
GetWindowRect
LoadBitmapW
MessageBoxW
UpdateWindow
InflateRect
DrawFocusRect
DrawEdge
GetSysColor
IsRectEmpty
CopyRect
InvalidateRect
ReleaseDC
GetDC
GetParent
SendMessageW
PtInRect
GetWindowLongW
GetClientRect
EnableWindow
DestroyWindow

gdi32

SetMapMode
ExcludeClipRect
IntersectClipRect
DeleteObject
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreatePatternBrush
GetDeviceCaps
CreateSolidBrush
GetTextMetricsW
GetBkColor
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateFontIndirectW
GetStockObject
GetPixel
CreateBitmap
GetObjectW
CreateFontW
GetTextExtentPoint32W
BitBlt
CreateCompatibleBitmap
OffsetViewportOrgEx
CreateCompatibleDC

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

shell32

SHGetFolderPathA
DragFinish
DragQueryFileW
ExtractIconW
SHGetFileInfoW
ShellExecuteW

shlwapi

PathFindFileNameW
PathFindExtensionW
PathStripToRootW
PathRemoveFileSpecW
PathIsUNCW

ole32

CoTaskMemFree
CoInitializeEx
CoInitializeSecurity
CoCreateInstance
CoUninitialize
StringFromGUID2

oleaut32

SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysFreeString
VariantClear
VariantInit
VariantChangeType

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 454KB - Virtual size: 454KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d3927880c7c04e696fb4b8ede6e62464

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

advapi32

kernel32

user32

gdi32

comdlg32

winspool.drv

shell32

shlwapi

ole32

oleaut32

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 198KB - Virtual size: 198KB

.data Size: 95KB - Virtual size: 116KB

.rsrc Size: 454KB - Virtual size: 454KB

.data Size: 1024B - Virtual size: 1024B

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 198KB - Virtual size: 198KB

.data
Size: 95KB - Virtual size: 116KB

.rsrc
Size: 454KB - Virtual size: 454KB

.data
Size: 1024B - Virtual size: 1024B