2024-04-15_c86245a4d1e0d5f5db5d50bf9e113db3_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-15_c86245a4d1e0d5f5db5d50bf9e113db3_icedid
Size

1.4MB
MD5

c86245a4d1e0d5f5db5d50bf9e113db3
SHA1

6e115727f5dc79b96c7d1fd697a844d65bfde2c0
SHA256

544135d1820e461f930e5a19a1053d7fe5c7d9da844c742531f84744b471bbcb
SHA512

5193a1eb1537780ea857afa2f9c206925b525bb2b0f8d1e071eef95411d74cd98f47b9182ffaa3639b46440e4b1e704dd388f046a2a94d1ab627f13b5673ef85
SSDEEP

12288:yjEdb11CPbzVNKXc3ajG+hjQKymY8efKCpD7Gj9G6G1qT8nQkCu83L3Wl/np9DB9:yvfVNKsqjnhMgeiCl7G0nehbGZpbD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-15_c86245a4d1e0d5f5db5d50bf9e113db3_icedid

Files

2024-04-15_c86245a4d1e0d5f5db5d50bf9e113db3_icedid
.exe windows:5 windows x86 arch:x86

be23a3f12fc1f129843a6ec8a11311af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Sources\Setup3D\WINGS_Release\Config3D.pdb

Imports

opengl32

wglCreateContext
wglMakeCurrent
wglDeleteContext
glGetString

ddraw

DirectDrawCreate

kernel32

IsDebuggerPresent
RaiseException
HeapAlloc
HeapFree
Sleep
ExitProcess
HeapSize
HeapReAlloc
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
GetStartupInfoW
lstrlenA
SetErrorMode
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
InterlockedIncrement
FormatMessageW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalFree
LocalAlloc
GlobalFlags
InterlockedDecrement
MulDiv
GetModuleHandleA
GlobalFindAtomW
GetVersionExW
CompareStringW
LoadLibraryA
GetVersionExA
lstrlenW
GlobalUnlock
GlobalFree
FreeResource
GetCurrentProcessId
GetLastError
SetLastError
GlobalAddAtomW
CloseHandle
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
FindResourceW
LoadResource
LockResource
SizeofResource
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
GetModuleHandleW
CreateDirectoryW
GetModuleFileNameW
WritePrivateProfileStringW
WideCharToMultiByte
LoadLibraryW
GetProcAddress
FreeLibrary
MultiByteToWideChar
GetTickCount

user32

UnregisterClassW
DestroyMenu
GetSysColorBrush
LoadCursorW
EndPaint
BeginPaint
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ShowWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
GetDlgCtrlID
DefWindowProcW
GetSystemMetrics
EnableWindow
DrawIcon
SendMessageW
CallWindowProcW
PtInRect
GetMenu
SetWindowLongW
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindow
CopyRect
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
GetWindowTextW
IsIconic
GetWindowRect
GetClientRect
GetDC
ReleaseDC
LoadIconW
PostQuitMessage
PostMessageW
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
GetParent
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageW
EndDialog
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
MessageBoxW
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
SetFocus

gdi32

DeleteDC
GetStockObject
ScaleWindowExtEx
TextOutW
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
CreateBitmap
GetDeviceCaps
ChoosePixelFormat
DescribePixelFormat
SetPixelFormat
RectVisible
PtVisible
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetObjectW
SetBkColor
SetTextColor
GetClipBox
ExtTextOutW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegEnumKeyW
RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
CloseEventLog
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
OpenEventLogW
GetNumberOfEventLogRecords
GetOldestEventLogRecord
ReadEventLogW

shell32

SHGetFolderPathW

comctl32

ord17

shlwapi

PathFindFileNameW
PathAppendW
PathFindExtensionW

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

be23a3f12fc1f129843a6ec8a11311af

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

opengl32

ddraw

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

Sections

.text Size: 158KB - Virtual size: 157KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 8KB - Virtual size: 23KB

.rsrc Size: 1.2MB - Virtual size: 1.8MB

.text
Size: 158KB - Virtual size: 157KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 8KB - Virtual size: 23KB

.rsrc
Size: 1.2MB - Virtual size: 1.8MB