2024-04-15_07e2dbd6d973c6b219a4a372a5a9e053_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-15_07e2dbd6d973c6b219a4a372a5a9e053_icedid
Size

2.8MB
MD5

07e2dbd6d973c6b219a4a372a5a9e053
SHA1

0c1031c41255eb0c480f192f618c3e16ffa9a2c9
SHA256

9040f38d74b05aec2ac3660514ca77a4c857970fdc1d50371afdc5c5f2f72706
SHA512

fba8f2b925528343621be9a46c002a4333772d416acd15e3115bf8db06bf02b5521798c76e8066318dbb15cf5df6202fe0af8c8ef29fbb10476d107f682c3e03
SSDEEP

49152:qY3x+2h0OU8oHAjRsE+z8e/2Lo40Gu/dtJARvAbB3DcI5/Ve0gSOp84heh0AhhhQ:qYI2KOKHAjRsE+z8e/6owAbB3DcI5/V1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-15_07e2dbd6d973c6b219a4a372a5a9e053_icedid

Files

2024-04-15_07e2dbd6d973c6b219a4a372a5a9e053_icedid
.exe windows:4 windows x86 arch:x86

e496ee25ed010c3c0055c34f25a52ac6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Patrizio\Desktop\4 Story(3.8)\TServer\Tools\Launcher\EU\4Story\Release\4Story.pdb

Imports

ws2_32

WSAGetLastError
inet_ntoa
WSAStartup

d3d9

Direct3DCreate9

kernel32

LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
GetFileAttributesA
GetFileTime
SetErrorMode
RtlUnwind
ExitProcess
RemoveDirectoryA
HeapFree
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
TlsSetValue
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
GlobalFlags
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
InterlockedIncrement
InterlockedDecrement
GlobalGetAtomNameA
GlobalFindAtomA
lstrcatA
lstrcmpW
GlobalAddAtomA
WritePrivateProfileStringA
FreeResource
SetLastError
MulDiv
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
GetCurrentThread
GetCurrentThreadId
GlobalLock
FreeLibrary
GlobalDeleteAtom
ConvertDefaultLocale
EnumResourceLanguagesA
LoadLibraryA
CreateFileA
GetTickCount
CompareStringW
CompareStringA
GetVersion
RaiseException
MultiByteToWideChar
ReadFile
GetProcAddress
GlobalAlloc
GlobalFree
ResumeThread
GetModuleHandleA
GetModuleFileNameA
OpenMutexA
CreateMutexA
lstrcmpiA
SetFileAttributesA
CopyFileA
lstrcpyA
lstrcmpA
DeleteFileA
FindNextFileA
lstrlenA
CreateProcessA
CreateDirectoryA
GetLastError
InitializeCriticalSection
CreateThread
CloseHandle
FindFirstFileA
FindClose
Sleep
DeleteCriticalSection
WaitForSingleObject
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
SetCurrentDirectoryA
TerminateProcess

user32

RegisterClipboardFormatA
PostThreadMessageA
DestroyMenu
MessageBeep
InvalidateRgn
CopyAcceleratorTableA
SetRect
IsRectEmpty
GetSysColorBrush
LoadCursorA
CharNextA
EndPaint
BeginPaint
GetWindowDC
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
UpdateWindow
GetMenu
AdjustWindowRectEx
ScreenToClient
EqualRect
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
SetMenuItemBitmaps
GetFocus
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible
PeekMessageA
ValidateRect
GetLastActivePopup
SetCursor
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
wsprintfA
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PostQuitMessage
GetCursorPos
OffsetRect
GetNextDlgGroupItem
ClientToScreen
WindowFromPoint
GetDC
DrawEdge
GetCapture
UnregisterClassA
CharUpperA
LoadImageA
PtInRect
SetWindowRgn
GetWindowLongA
SetWindowLongA
GetKeyState
ReleaseCapture
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetParent
SetCapture
InvalidateRect
GetSysColor
DrawFocusRect
CopyRect
EnumDisplaySettingsA
MessageBoxA
GetSystemMetrics
LoadIconA
EnableWindow
FindWindowA
KillTimer
SetTimer
ReleaseDC
GetClientRect
GetWindowRect
IsIconic
PostMessageA
SendMessageA
DrawIcon
LoadBitmapA
ModifyMenuA

gdi32

GetStockObject
CreatePen
CreateSolidBrush
CreateRectRgnIndirect
GetTextColor
SetViewportOrgEx
GetRgnBox
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
GetViewportExtEx
GetMapMode
SetMapMode
SetBkMode
RestoreDC
GetBkColor
CreateCompatibleBitmap
CreateBitmap
CreateFontIndirectA
BitBlt
Rectangle
StretchBlt
CreateCompatibleDC
GetObjectA
SaveDC
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
SelectClipRgn
DeleteDC
DeleteObject
SelectObject
CombineRgn
CreateRectRgn
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
LPtoDP
DPtoLP
GetWindowExtEx
OffsetViewportOrgEx

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegOpenKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegQueryValueExA

shell32

ShellExecuteA

comctl32

ord17
_TrackMouseEvent

oledlg

ord8

ole32

StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
OleInitialize

oleaut32

SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantInit
SysFreeString
SysStringLen
VariantCopy
VariantClear
OleCreateFontIndirect
VariantChangeType
SysAllocStringLen
SysAllocStringByteLen

wininet

InternetCrackUrlA
InternetOpenUrlA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetQueryDataAvailable

wsock32

socket
send
WSAAsyncSelect
recvfrom
sendto
connect
WSASetLastError
bind
closesocket
accept
recv
select
gethostbyname
htonl
htons
ioctlsocket

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
UrlUnescapeA
PathFindExtensionA

Sections

.text
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e496ee25ed010c3c0055c34f25a52ac6

Headers

File Characteristics

PDB Paths

Imports

ws2_32

d3d9

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

wininet

wsock32

shlwapi

Sections

.text Size: 252KB - Virtual size: 251KB

.rdata Size: 60KB - Virtual size: 59KB

.data Size: 16KB - Virtual size: 28KB

.rsrc Size: 2.5MB - Virtual size: 2.5MB

.text
Size: 252KB - Virtual size: 251KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 16KB - Virtual size: 28KB

.rsrc
Size: 2.5MB - Virtual size: 2.5MB