2024-04-16_ec504fbd705f612b74ac870f7c617a73_icedid_vidar

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-16_ec504fbd705f612b74ac870f7c617a73_icedid_vidar
Size

4.4MB
MD5

ec504fbd705f612b74ac870f7c617a73
SHA1

b1e0b122955d436e5c5bc2f941bb3f5aeeb18f00
SHA256

969c016c5b71f0c34407939b753669d17eb1953671dfb9e597b4d57e8b8f7ed7
SHA512

ffd76e3fdbc3f8920bb584b0b1d96c5b09de301ffdca7cf2af8ba896663d86a14b9dc4ab569eaa1a1ec1772c5c869d6003dccb0ed9d2156e7a33755b087aa0f6
SSDEEP

98304:I3YPE/oZPBLP4N5pLKt/50P/A6Re7lSNw9yA8AJlEFkNsLiAUN9DqSu:A/oZP1P4N5pZ9NeEFkNsLiAUTu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-16_ec504fbd705f612b74ac870f7c617a73_icedid_vidar

Files

2024-04-16_ec504fbd705f612b74ac870f7c617a73_icedid_vidar
.exe windows:6 windows x86 arch:x86

5862ae4631f474d369219b9b5782743d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\TeamCity\workspace\experimental\dict-pc\src\bin\Win32\Release\YoudaoOcr.pdb

Imports

youdao_ocr_lib

?release_model@YoudaoOCR@@YAXXZ
?ocr_recognize_line@YoudaoOCR@@YAPADABVMat@cv@@_N@Z
?release_text@YoudaoOCR@@YAXPAPAD@Z
?recog_model_init@YoudaoOCR@@YA_NPBDHH_N@Z
?switch_to_language@YoudaoOCR@@YA_NH@Z

kernel32

ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetConsoleMode
GetConsoleOutputCP
EnumSystemLocalesW
IsValidLocale
LCMapStringW
GetStdHandle
VirtualQuery
HeapQueryInformation
SetStdHandle
ExitThread
GetCommandLineA
GetFileType
GetDriveTypeW
GetModuleHandleExW
ExitProcess
GetTimeZoneInformation
RtlUnwind
GetProcessAffinityMask
VirtualFree
SetThreadGroupAffinity
GetThreadGroupAffinity
GetNumaHighestNodeNumber
GetLogicalProcessorInformationEx
TerminateProcess
GetThreadPriority
CreateThread
SignalObjectAndWait
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
FreeLibraryAndExitThread
GetThreadTimes
GetCPInfo
LCMapStringEx
CloseThreadpoolWait
SetThreadpoolWait
CreateThreadpoolWait
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CreateThreadpoolTimer
FreeLibraryWhenCallbackReturns
FlushProcessWriteBuffers
CreateSemaphoreExW
CreateEventExW
ReleaseSRWLockShared
SwitchToThread
WaitForSingleObjectEx
TryAcquireSRWLockExclusive
GetStringTypeW
RaiseException
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetTempFileNameW
SearchPathW
GetProfileIntW
GetTickCount64
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
FindResourceExW
GetCurrentDirectoryW
VirtualProtect
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GlobalGetAtomNameW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
lstrcmpiW
DuplicateHandle
GetVolumeInformationW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindNextFileW
FindFirstFileW
FileTimeToLocalFileTime
SuspendThread
SetThreadPriority
CreateEventW
GetUserDefaultLCID
SetEvent
GetPrivateProfileIntW
GetCurrentThread
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
EncodePointer
OutputDebugStringA
SetLastError
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
FormatMessageW
FormatMessageA
GetVersionExW
GetTickCount
GetSystemTimeAsFileTime
GetSystemTime
GetCurrentProcessId
AreFileApisANSI
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameA
GetFullPathNameW
GetFileAttributesA
GetDiskFreeSpaceW
GetDiskFreeSpaceA
FlushFileBuffers
InitializeCriticalSectionEx
VirtualAlloc
lstrcmpA
LocalAlloc
GetACP
GetLocaleInfoW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetFileSize
ReadFile
GetLocalTime
ResumeThread
TerminateThread
WinExec
lstrlenW
lstrcatW
lstrcpyW
WriteFile
GetTempPathW
RemoveDirectoryW
QueryPerformanceFrequency
QueryPerformanceCounter
GetFileAttributesW
MulDiv
GetModuleHandleExA
GetModuleFileNameA
LoadLibraryA
GetModuleHandleA
FindNextFileA
FindFirstFileExA
FindClose
UnlockFileEx
LockFileEx
GetFileAttributesExA
CreateFileA
GetSystemInfo
GetExitCodeProcess
GetCurrentProcess
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
GetTempPathA
DeleteFileA
CopyFileW
CreateDirectoryW
CreateFileW
DeleteFileW
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CloseHandle
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionAndSpinCount
HeapFree
CreateProcessW
LocalFree
Sleep
GetCommandLineW
SetErrorMode
GetModuleFileNameW
GetModuleHandleW
ReleaseMutex
WaitForSingleObject
OutputDebugStringW
GetCurrentThreadId
CreateMutexW
MultiByteToWideChar
WideCharToMultiByte
GetProcAddress
FreeLibrary
LoadLibraryW
FindResourceW
LoadResource
LockResource
SizeofResource
SetFilePointerEx
ReadConsoleW
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
WriteConsoleW
GetCurrentProcessorNumberEx

user32

SetRectEmpty
SendDlgItemMessageA
CopyImage
GetSysColorBrush
CharUpperW
WindowFromPoint
LoadMenuW
MapVirtualKeyW
GetKeyNameTextW
FillRect
ClientToScreen
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
SystemParametersInfoW
GetMenuItemInfoW
DestroyMenu
GetDesktopWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
GetWindowRgn
TrackPopupMenu
SetMenu
IsWindowEnabled
ShowOwnedPopups
GetActiveWindow
TranslateMessage
OffsetRect
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
PostQuitMessage
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
EqualRect
CopyRect
MapWindowPoints
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
CreatePopupMenu
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
GetMenuDefaultItem
GetNextDlgGroupItem
DrawFocusRect
IsRectEmpty
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
SetLayeredWindowAttributes
EnumDisplayMonitors
OpenClipboard
RealChildWindowFromPoint
GetAsyncKeyState
MapDialogRect
WaitMessage
SetCapture
ReleaseCapture
DeleteMenu
DestroyIcon
IntersectRect
GetMessageW
TrackMouseEvent
GetMenu
GetCapture
GetKeyState
GetFocus
SetActiveWindow
BeginPaint
EndPaint
ValidateRect
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
CloseClipboard
SetClipboardData
EmptyClipboard
FindWindowW
SendMessageW
PostMessageW
LoadIconW
GetSystemMenu
AppendMenuW
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
EnableWindow
GetCursorPos
MonitorFromPoint
GetMonitorInfoW
UnregisterClassW
GetWindowThreadProcessId
IsWindow
IsWindowVisible
GetDC
ReleaseDC
DrawTextW
GetWindow
LoadImageW
GetForegroundWindow
SetFocus
ShowWindow
GetWindowLongW
SetWindowPos
SetForegroundWindow
KillTimer
DestroyCursor
SetWindowLongW
MessageBeep
InvalidateRect
UpdateWindow
SetTimer
GetMessagePos
ScreenToClient
PtInRect
SetCursor
GetSysColor
GetWindowRect
GetParent
InflateRect
LoadCursorW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
RemoveMenu
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
IsMenu
IsChild
DestroyWindow
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetDlgItem
DrawStateW
SetClassLongW
SetWindowRgn
SetParent
DrawEdge
DrawFrameControl
IsZoomed
SetCursorPos
CopyIcon
FrameRect
UnionRect
UpdateLayeredWindow
GetComboBoxInfo
PostThreadMessageW
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
SetRect
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
CreateMenu
GetDlgCtrlID

gdi32

SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
CombineRgn
SetRectRgn
DPtoLP
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
SaveDC
RealizePalette
GetBkColor
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateSolidBrush
CreateRectRgn
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteDC
BitBlt
DeleteObject
GetDIBits
CreateDCW
GetWindowExtEx
GetViewportExtEx
GetTextMetricsW
CreateFontIndirectW
GetObjectW
GetTextExtentPoint32W
GetStockObject
CopyMetaFileW
GetDeviceCaps
SetBkColor
SetTextColor
CreateBitmap
ExtTextOutW
CreateHatchBrush
GetSystemPaletteEntries
CreatePen
CreatePatternBrush

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegEnumKeyW
RegDeleteKeyW
RegCloseKey
RegQueryValueW

shell32

SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
DragFinish
DragQueryFileW
SHBrowseForFolderW
ShellExecuteW
SHGetSpecialFolderPathW
CommandLineToArgvW
SHAppBarMessage
SHGetFileInfoW

shlwapi

PathRemoveFileSpecW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathIsDirectoryW
StrFormatKBSizeW

uxtheme

DrawThemeText
DrawThemeParentBackground
OpenThemeData
GetThemeSysColor
GetWindowTheme
IsAppThemed
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData

ole32

CoCreateInstance
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid
CoInitialize
CoUninitialize
RevokeDragDrop

oleaut32

VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysAllocString
VariantClear
VarBstrFromDate

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

gdiplus

GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdiplusShutdown
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdipCreateBitmapFromStream

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 267KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5862ae4631f474d369219b9b5782743d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

youdao_ocr_lib

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

version

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 51KB - Virtual size: 179KB

.rsrc Size: 49KB - Virtual size: 48KB

.reloc Size: 267KB - Virtual size: 268KB

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 51KB - Virtual size: 179KB

.rsrc
Size: 49KB - Virtual size: 48KB

.reloc
Size: 267KB - Virtual size: 268KB