2024-04-11_ccab4344010320055feb85ebc012beaa_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-04-11_ccab4344010320055feb85ebc012beaa_icedid
Size

348KB
MD5

ccab4344010320055feb85ebc012beaa
SHA1

117e9e59848960fbb4b784f4169e392fb628a683
SHA256

73dccc423b2dbd41ac082293aec324324aed9cc2f844ca5989407b45a4864c2f
SHA512

4ff5b335dc0b060538d6321b21f6106645e241590786e486d5919129783c21a051a6b73cd23f90ceb3795f6290558dbf81e9518172adf60df940ec13897ed857
SSDEEP

6144:A5BShbHjGXHzCnz1MIv6xX0IYK+691k2scF616ROKI:cmbH6XTCnz1P65x+6H3d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-11_ccab4344010320055feb85ebc012beaa_icedid

Files

2024-04-11_ccab4344010320055feb85ebc012beaa_icedid
.exe windows:4 windows x86 arch:x86

1def0187ad7c1220d73b355fb2a64f9a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\Home\Src\VisualStudio\VC.Net\Update\Scallop\1.02sp\Release\Scallop.pdb

Imports

kernel32

SetStdHandle
GetFileType
TerminateProcess
HeapReAlloc
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetCommandLineA
SetHandleCount
SetUnhandledExceptionFilter
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetStartupInfoA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
ExitProcess
RtlUnwind
SetErrorMode
lstrcpyA
WritePrivateProfileStringA
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetOEMCP
GetCPInfo
InterlockedIncrement
RaiseException
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
FormatMessageA
LocalFree
SetLastError
MulDiv
GetShortPathNameA
CreateFileA
GetVolumeInformationA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetTickCount
GetCurrentThread
GlobalAlloc
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
GlobalFree
InterlockedDecrement
FreeResource
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
GetModuleHandleA
GetProcAddress
lstrcpynA
GlobalLock
GlobalUnlock
GlobalGetAtomNameA
GlobalAddAtomA
FindResourceA
LoadResource
LockResource
SizeofResource
GetStringTypeExA
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
WideCharToMultiByte
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetCurrentProcess
GetLastError
SetSystemPowerState
MultiByteToWideChar
CloseHandle
CreateProcessA
DeleteFileA
MoveFileA
FindFirstFileA
FindNextFileA
GetModuleFileNameA
GetFileAttributesA
CreateDirectoryA
GetEnvironmentStringsW

user32

SetParent
LockWindowUpdate
GetDCEx
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
CharNextA
DestroyIcon
WindowFromPoint
SetRect
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
LoadCursorA
SetCapture
KillTimer
ClientToScreen
SetWindowRgn
DrawIcon
FillRect
IsRectEmpty
FindWindowA
RegisterClipboardFormatA
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMenuItemInfoA
InflateRect
GetMessageA
ValidateRect
GetDC
IsZoomed
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
MoveWindow
SetWindowTextA
IsDialogMessageA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetSubMenu
LoadMenuA
PostMessageA
GetWindowRect
SetForegroundWindow
LoadIconA
CloseWindow
GetSystemMetrics
GetCursorPos
EnableWindow
SendMessageA
UpdateWindow
DispatchMessageA
TranslateMessage
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
MessageBoxA
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
RegisterClassA
UnregisterClassA
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
PtInRect
RegisterWindowMessageA
wsprintfA
DestroyMenu
GetClassNameA
GetSysColor
SetWindowPos
WinHelpA
SetFocus
GetActiveWindow
GetFocus
EqualRect
SetWindowLongA
GetKeyState
GetDlgCtrlID
UnpackDDElParam
ReuseDDElParam
GetClassInfoA
SetCursor
GetCapture
ReleaseCapture
LoadAcceleratorsA
GetParent
SetActiveWindow
PeekMessageA
MsgWaitForMultipleObjects
LockWorkStation
GetDlgItem
PostThreadMessageA
GetMenu
GetClientRect
SetTimer
ShowScrollBar
CharUpperA
TranslateAcceleratorA
IsWindowEnabled
GetWindow
GetDesktopWindow
IsWindow
GetWindowLongA
ShowWindow
SetMenu
BringWindowToTop
GetLastActivePopup
CopyRect
SetRectEmpty
OffsetRect
IntersectRect
CreatePopupMenu
GetMenuItemCount
GetMenuItemID
InsertMenuItemA
IsIconic
InvalidateRect
IsWindowVisible
ReleaseDC

gdi32

GetRgnBox
GetTextColor
GetBkColor
GetMapMode
CombineRgn
SetRectRgn
CreateRectRgnIndirect
GetDeviceCaps
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
GetStockObject
CreatePatternBrush
ExtSelectClipRgn
TextOutA
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
Ellipse
LPtoDP
DPtoLP
CreateEllipticRgn
ExtTextOutA
BitBlt
CreateFontIndirectA
CreateFontA
GetCharWidthA
DeleteObject
StretchDIBits
DeleteDC
GetTextExtentPoint32A
GetTextMetricsA
SelectObject
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
PatBlt
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegFlushKey
RegSetValueExA
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueA
SetFileSecurityA
RegCreateKeyA
RegCreateKeyExA
RegSetValueA
GetFileSecurityA
RegCloseKey

shell32

SHGetPathFromIDListA
ShellExecuteA
SHGetSpecialFolderPathA
SHGetFileInfoA
Shell_NotifyIconA
SHBrowseForFolderA
ExtractIconA
DragFinish
DragQueryFileA

comctl32

ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy
ord17

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

oledlg

ord8

ole32

CoTaskMemAlloc
CoTaskMemFree
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoInitialize
CoUninitialize
CoCreateInstance
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocStringByteLen
OleCreateFontIndirect
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
VariantCopy

scrsvrhook

ord3
ord2
ord7
ord6
ord5
ord1
ord4

Sections

.text
Size: 240KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1def0187ad7c1220d73b355fb2a64f9a

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

scrsvrhook

Sections

.text Size: 240KB - Virtual size: 236KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 240KB - Virtual size: 236KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 28KB - Virtual size: 27KB