2024-04-15_c0027f2ab9593bce3b027b0d12e06cf9_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-15_c0027f2ab9593bce3b027b0d12e06cf9_icedid
Size

408KB
MD5

c0027f2ab9593bce3b027b0d12e06cf9
SHA1

d67a3adfd46312ef102d6b552f83908982c6056c
SHA256

c61f2a3063ec6c1e886b40688b08e0fa471681ceb61aba41326737288dd35e8d
SHA512

7f0c6c215d0115d0372157ce6c0fc01cd1444d809134093e5caa96fe114f269fac15a15ca09c2ea013d447d3619ef88bdb81c79538d55ecfea9910218a6b3c8a
SSDEEP

6144:ac8nDCQmtdPYlbZjv97lfmX6imBUhxrsOIHu4PViO5D5yd8qaLMQ:tmDRmtdPYdZB7YXoBksPp7+8BY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-15_c0027f2ab9593bce3b027b0d12e06cf9_icedid

Files

2024-04-15_c0027f2ab9593bce3b027b0d12e06cf9_icedid
.exe windows:4 windows x86 arch:x86

2b6333d89613098a84af0501f8a6f648

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\Gx_Tools\UpdateD\UpdateD\Release\UpdateD.pdb

Imports

kernel32

VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
ExitThread
CreateThread
TerminateProcess
GetStartupInfoA
GetCommandLineA
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapFree
LCMapStringW
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
SetUnhandledExceptionFilter
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
HeapAlloc
GetTickCount
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
FileTimeToSystemTime
GetOEMCP
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GlobalFlags
InterlockedDecrement
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
SuspendThread
ResumeThread
SetThreadPriority
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetModuleHandleA
GetProcAddress
SetLastError
MulDiv
FormatMessageA
lstrcpynA
LocalFree
FreeResource
LoadLibraryA
FreeLibrary
lstrcatA
lstrcpyA
GetCPInfo
WritePrivateProfileStringA
GetPrivateProfileIntA
CreateFileA
WaitCommEvent
GetCommModemStatus
GetThreadPriority
SetupComm
GetCommTimeouts
SetCommTimeouts
Sleep
CreateEventA
SetCommMask
SetEvent
TerminateThread
CloseHandle
ResetEvent
WriteFile
ClearCommError
PurgeComm
ReadFile
WaitForSingleObject
GetOverlappedResult
GetCommState
BuildCommDCBA
SetCommState
GetModuleFileNameA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
LoadResource
LockResource
SizeofResource
CompareStringW
CompareStringA
lstrlenA
lstrlenW
lstrcmpiA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
LCMapStringA
InterlockedExchange

user32

GetDCEx
LockWindowUpdate
RegisterClipboardFormatA
SetParent
ReleaseCapture
SetCapture
SetRectEmpty
EndPaint
BeginPaint
GetWindowDC
DestroyMenu
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
wsprintfA
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageA
MapWindowPoints
TrackPopupMenu
GetKeyState
SetForegroundWindow
IsWindowVisible
GetMenu
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowPos
IntersectRect
GetWindowPlacement
GetWindow
GetMenuStringA
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
EndDialog
GetWindowTextA
UpdateWindow
SetWindowLongA
LoadCursorA
IsWindow
GetMessagePos
ScreenToClient
PtInRect
MessageBeep
DestroyCursor
LoadImageA
SetCursor
IsMenu
GetWindowLongA
WindowFromPoint
GetParent
GetNextDlgTabItem
GetActiveWindow
InvalidateRect
ClientToScreen
GetWindowRect
DrawFocusRect
FrameRect
OffsetRect
InflateRect
DrawStateA
GetMenuItemInfoA
SystemParametersInfoA
GetSysColorBrush
GetNextDlgGroupItem
GetSysColor
DrawIconEx
DestroyIcon
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetDesktopWindow
ReleaseDC
GetDC
ModifyMenuA
GetSubMenu
GetMenuState
GetMenuItemID
GetMenuItemCount
InvalidateRgn
CopyAcceleratorTableA
IsRectEmpty
CharNextA
CreatePopupMenu
CreateMenu
DrawEdge
FillRect
LoadBitmapA
CopyRect
SetRect
GetSystemMetrics
LoadIconA
GetClientRect
IsIconic
GetSystemMenu
SendMessageA
AppendMenuA
DrawIcon
SetTimer
PostThreadMessageA
MessageBoxA
PostMessageA
KillTimer
UnregisterClassA
EnableWindow
CharUpperA

gdi32

ExtSelectClipRgn
CreatePatternBrush
StretchDIBits
GetCharWidthA
GetBkColor
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
GetTextColor
SetBkMode
RestoreDC
SaveDC
GetClipBox
RoundRect
CreateFontA
CreateBitmap
SetBkColor
SetTextColor
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
GetRgnBox
CreatePen
GetStockObject
GetTextExtentPoint32W
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetTextExtentPoint32A
SetPixel
GetPixel
BitBlt
PatBlt
Ellipse
GetBkMode
GetDeviceCaps
CreateCompatibleDC
GetObjectA
CreateCompatibleBitmap
CreateFontIndirectA
CreateSolidBrush

comdlg32

GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueA
RegOpenKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueExA

shell32

ShellExecuteExA

comctl32

ImageList_AddMasked
ord17
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Draw
_TrackMouseEvent
ImageList_Destroy
ImageList_Create
ImageList_GetImageCount

shlwapi

PathIsUNCA
PathFindExtensionA
PathStripToRootA
PathFindFileNameA

oledlg

ord8

ole32

CLSIDFromProgID
CoTaskMemAlloc
CLSIDFromString
CoTaskMemFree
CoRevokeClassObject
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleFlushClipboard
CoRegisterMessageFilter
OleIsCurrentClipboard
OleInitialize

oleaut32

OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysFreeString

winmm

sndPlaySoundA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 248KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b6333d89613098a84af0501f8a6f648

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

winmm

version

Sections

.text Size: 248KB - Virtual size: 246KB

.rdata Size: 60KB - Virtual size: 58KB

.data Size: 12KB - Virtual size: 24KB

.rsrc Size: 84KB - Virtual size: 82KB

.text
Size: 248KB - Virtual size: 246KB

.rdata
Size: 60KB - Virtual size: 58KB

.data
Size: 12KB - Virtual size: 24KB

.rsrc
Size: 84KB - Virtual size: 82KB