2024-04-16_63d589d1f9d36f3310d63e8b44a6392d_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-16_63d589d1f9d36f3310d63e8b44a6392d_icedid
Size

428KB
MD5

63d589d1f9d36f3310d63e8b44a6392d
SHA1

8a69a9787354c7b0e79bd5b9fe420e1c984de278
SHA256

5a198f6a9f009d7755d6f80faa05d6adc871a8e9767b427a2349c89959c90d08
SHA512

646fce8c439e8b14f4c26bed7ff48bae695ba67c178f6567ffd94149a39baf0547fb6eaad926b0b814d7dd5b4bd0bbea5a3a1873c49c0f96c322c2158ae7b1ca
SSDEEP

6144:nh6o/e5CYAc0ztYOCQQ1b7pOa2MSbIumZYkoA3MJtumdickz:nh66e8YdVRT1saZ5oA3Mphk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-16_63d589d1f9d36f3310d63e8b44a6392d_icedid

Files

2024-04-16_63d589d1f9d36f3310d63e8b44a6392d_icedid
.exe windows:4 windows x86 arch:x86

ceb651ee2b95b1fe4bcdb9dcf35b22fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Projects\RoboPrint\Release\RoboPrint.pdb

Imports

robo

Robo_End
Robo_PostMoveDisc
Robo_JobBeginsOrEnds
Robo_Options
Robo_Init
Robo_CheckPrinting
Robo_PostMoveAndPrint
Robo_CheckMoveDisc

kernel32

SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
GetTickCount
ExitProcess
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
GetStartupInfoA
GetCommandLineA
HeapReAlloc
TerminateProcess
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
FileTimeToSystemTime
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
InterlockedDecrement
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
FormatMessageA
LocalFree
GlobalUnlock
MulDiv
SetLastError
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
lstrcpynA
GetProcAddress
FindFirstFileA
FindClose
GlobalLock
GlobalAlloc
GlobalFree
ReadFile
CreateFileA
GetFileSize
SetFilePointer
SetEndOfFile
WriteFile
WritePrivateProfileStringA
GetPrivateProfileStringA
GetModuleHandleA
EnterCriticalSection
LeaveCriticalSection
TerminateThread
CreateThread
CloseHandle
FindResourceA
LoadResource
LockResource
SizeofResource
Sleep
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
CompareStringW
CompareStringA
lstrcatA
WinExec
lstrlenA
lstrcmpiA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
lstrcpyA

user32

RegisterClipboardFormatA
PostThreadMessageA
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
SetRect
IsRectEmpty
CharNextA
ReleaseCapture
SetCapture
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
MapDialogRect
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
PostQuitMessage
GetCursorPos
WindowFromPoint
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
GetDlgItemInt
GetMenuState
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
GetMenu
PostMessageA
GetSubMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
EqualRect
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CopyRect
GetWindow
wsprintfA
LoadStringA
GetCursor
GetSystemMetrics
LoadIconA
UpdateWindow
IsIconic
GetSystemMenu
AppendMenuA
DrawIcon
MessageBoxA
MessageBeep
SetWindowLongA
LoadCursorA
CopyIcon
IsWindow
GetSysColor
GetMessagePos
UnregisterClassA
EnableWindow
GetParent
KillTimer
SetTimer
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
GetClientRect
GetWindowRect
SendMessageA
InflateRect
PtInRect
CharUpperA
SetCursor
IsChild

gdi32

GetBkColor
GetTextColor
GetRgnBox
CreateBitmap
GetMapMode
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
CreateRectRgnIndirect
GetDeviceCaps
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
GetTextExtentPoint32A
GetObjectA
CreateFontIndirectA
GetStockObject
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode

comdlg32

GetFileTitleA
CommDlgExtendedError
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA

comctl32

ord17

oledlg

ord8

ole32

CoTaskMemAlloc
CoRevokeClassObject
CLSIDFromProgID
CoTaskMemFree
OleInitialize
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoFreeUnusedLibraries

oleaut32

VariantClear
VariantChangeType
OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
VariantInit
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
SafeArrayDestroy
SysFreeString
VariantCopy

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

Sections

.text
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ceb651ee2b95b1fe4bcdb9dcf35b22fc

Headers

File Characteristics

PDB Paths

Imports

robo

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

shlwapi

Sections

.text Size: 160KB - Virtual size: 158KB

.rdata Size: 48KB - Virtual size: 45KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 204KB - Virtual size: 202KB

.text
Size: 160KB - Virtual size: 158KB

.rdata
Size: 48KB - Virtual size: 45KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 204KB - Virtual size: 202KB