2024-04-09_6c0a98cf357ca4feacbb5e88069e607b_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-09_6c0a98cf357ca4feacbb5e88069e607b_icedid
Size

264KB
MD5

6c0a98cf357ca4feacbb5e88069e607b
SHA1

a7208bff8db942465b5e502fb1e210ecd0118c9c
SHA256

63bfdbea1686a62b08bd6a02b7ac11bdaf5e22e3140133a17cd04db45c4779cd
SHA512

d754f2d4236de07bfb9ba1119896a16ba3bac2f5efda5441b344d558bcf08f112370df7e61c7fa4834e6ddea9c5a14b5fee173c0de35aa82f0050dba00933663
SSDEEP

6144:aWjGoqXhj+VQ8yVEuSl4FqrJent7EAPEIPP1vqd61WQhi:akKXIVQquSlOWJet7EAKdu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-09_6c0a98cf357ca4feacbb5e88069e607b_icedid

Files

2024-04-09_6c0a98cf357ca4feacbb5e88069e607b_icedid
.exe windows:4 windows x86 arch:x86

c3f5eb0a5acd4df69b4428ec00e445e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
LockResource
LoadResource
VirtualFree
FreeLibrary
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
LocalFree
GetProcessHeap
HeapFree
CompareStringA
SetLastError
GetLastError
LoadLibraryA
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
SetEnvironmentVariableA
SetStdHandle
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
GetOEMCP
GetTimeZoneInformation
IsBadWritePtr
LCMapStringA
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
HeapSize
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
CreateThread
GetVersionExA
lstrlenA
GlobalDeleteAtom
GetCurrentThreadId
FreeResource
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
InterlockedDecrement
EnumResourceLanguagesW
GetVersion
ConvertDefaultLocale
lstrcmpiA
lstrcmpA
GetCurrentThread
CloseHandle
SetThreadPriority
ResumeThread
WaitForSingleObject
SetEvent
SuspendThread
RaiseException
LocalAlloc
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
InterlockedIncrement
FileTimeToSystemTime
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
SetErrorMode
FileTimeToLocalFileTime
GetFileTime
GetTickCount
ExitProcess
RtlUnwind
HeapAlloc
HeapReAlloc
TerminateProcess
ExitThread

user32

OffsetRect
SetWindowPos
GetDlgCtrlID
EqualRect
GetParent
AdjustWindowRectEx
GetSysColor
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenu
UpdateWindow
IsWindowVisible
SetForegroundWindow
MapWindowPoints
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
DestroyWindow
GetTopWindow
GetDlgItem
SetActiveWindow
IntersectRect
GetForegroundWindow
IsChild
SetFocus
IsWindow
GetFocus
SendDlgItemMessageA
CallNextHookEx
GetCapture
MoveWindow
ShowWindow
IsWindowEnabled
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
GetMenuState
SetMenuItemBitmaps
ClientToScreen
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
PostQuitMessage
SetCursor
ValidateRect
GetCursorPos
SystemParametersInfoA
TranslateMessage
MapDialogRect
SetWindowContextHelpId
EndDialog
GetNextDlgTabItem
GetDesktopWindow
DestroyMenu
GetSysColorBrush
SetCapture
ReleaseCapture
IsRectEmpty
SetRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
PtInRect
GetWindow
GetKeyState
GetDC
GetClientRect
DrawFocusRect
InvalidateRect
CopyRect
GetLastActivePopup
GetActiveWindow

gdi32

DeleteDC
GetClipBox
SetBkColor
CreateBitmap
SaveDC
RestoreDC
SetBkMode
SetTextColor
GetRgnBox
GetTextColor
GetBkColor
GetMapMode
CreateRectRgnIndirect
CreateSolidBrush
GetDeviceCaps
SetMapMode
GetStockObject
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject

hplmsc02

?InitGridParam@CMxNapi@@QAEHNNHHPAHH@Z
?GetDisplace@C1xNapi@@UAEHAAH0H@Z
?set_refinemotionFrameByNum@C1xNapi@@UAEHHHHH@Z
?setSystemDir@C1xNapi@@UAEXPAD@Z
?SaveClock@C1xNapi@@UAEXH@Z
?AutoCrop@C1xNapi@@UAEPAEAAH000H@Z
?CancelMakeFinalImage@C1xNapi@@UAEXXZ
?GetMosaicImage@C1xNapi@@UAEPAEAAH00@Z
?MakeFinalImage@CMxNapi@@UAEJPAY0BAE@DP6GHPAXHHHHH@ZHH@Z
?set_refinemotionFrame@C1xNapi@@UAEHH@Z
?set_refinemotionInit@C1xNapi@@UAEXH@Z
?ProcNewFrame@CMosaicAPI@@UAEJPAXNHHAAH1P6GH0HHHHH@Z@Z
?InitImageParam@CMxNapi@@UAEHHNHHHH@Z
??0CMxNapi@@QAE@HPAViImageBuffer@@PAViImageIO@@H@Z
??1CMxNapi@@UAE@XZ
?ProcNewFrame@C1xNapi@@UAEJPAXNHHAAH1@Z

comctl32

ord17
_TrackMouseEvent

shlwapi

PathFindExtensionW
PathIsUNCW
PathFindFileNameW
PathStripToRootW

ole32

CoRegisterMessageFilter
CLSIDFromString
CoCreateInstance
CoGetClassObject
CoUninitialize
CoInitialize
CoTaskMemFree
CLSIDFromProgID
CoTaskMemAlloc
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard

oleaut32

SysAllocString
VariantClear
SysFreeString
SysAllocStringLen
VariantChangeType
VariantInit
SysStringLen
OleCreateFontIndirect
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy

gdiplus

GdipDrawImageRectRect
GdipGetImageGraphicsContext
GdipCreateBitmapFromGdiDib
GdipCreateBitmapFromScan0
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown
GdipCloneImage

advapi32

RegCloseKey

winspool.drv

ClosePrinter

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3f5eb0a5acd4df69b4428ec00e445e2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

hplmsc02

comctl32

shlwapi

ole32

oleaut32

gdiplus

advapi32

winspool.drv

Sections

.text Size: 192KB - Virtual size: 191KB

.rdata Size: 52KB - Virtual size: 49KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 52KB - Virtual size: 49KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 4KB - Virtual size: 2KB