2024-04-18_02ad2f27ecfc3d78362d575997930645_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-18_02ad2f27ecfc3d78362d575997930645_icedid
Size

2.1MB
MD5

02ad2f27ecfc3d78362d575997930645
SHA1

fee053bd8c54c2edf8ce5d47ae5dffc89c9c463c
SHA256

fcee92f3564dd89cce90a97dc0b5e129c0025b09514df628d1e2d4c47adcce77
SHA512

71756419f3f39140f38ea64dec99e650ccc86085f1cb25569493937d1eaab0d3f02974391866a920985ce4e4554f82011c36a8b3804b0cddd58b8d2deab7f38a
SSDEEP

49152:SdevffN1/u1DNPXILKtGT6btPiFoLMBYvAecYwBq+PMB:SdeXV1WH4KtGT65PiFoLMBYvAec8

Score

1^/10

Malware Config

Signatures

Files

2024-04-18_02ad2f27ecfc3d78362d575997930645_icedid
.exe windows:6 windows x86 arch:x86

c6e9fa4cebce7098f77f657a23e05c94

Code Sign

54:7b:71:ed:db:fa:0d:63:6c:a2:f9:1a:f2:66:52:5e
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

06/09/2019, 00:00

Not After

07/10/2020, 23:59

Subject

CN=SEIKO EPSON CORPORATION,OU=Information Service & Support Department,O=SEIKO EPSON CORPORATION,L=Suwa-Shi,ST=Nagano,C=JP

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

92:07:b2:5b:fe:41:81:de:52:6f:d7:64:a7:90:fd:7b:23:3f:42:82:6c:9b:f1:1d:bc:74:fc:b2:fd:5b:18:d5
Signer

Actual PE Digest

92:07:b2:5b:fe:41:81:de:52:6f:d7:64:a7:90:fd:7b:23:3f:42:82:6c:9b:f1:1d:bc:74:fc:b2:fd:5b:18:d5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Work\NP_V2.89\NP\NSC\Installer\InstallerModules\LangSelect\LangSelect\Release\LangSelect.pdb

Imports

kernel32

GetStringTypeW
GetStdHandle
ExitProcess
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
GetCommandLineW
GetCommandLineA
GetTimeZoneInformation
FreeLibraryAndExitThread
ExitThread
CreateThread
VirtualQuery
VirtualAlloc
GetSystemInfo
RtlUnwind
OutputDebugStringW
CompareStringW
LCMapStringW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
GetTempFileNameA
Sleep
SearchPathA
GetProfileIntA
GetTempPathA
FindResourceExW
VerifyVersionInfoA
VerSetConditionMask
GetTickCount
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
GetWindowsDirectoryA
GetCPInfo
GetOEMCP
VirtualProtect
lstrcpyA
GetVolumeInformationA
lstrcmpiA
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
CreateFileA
DeleteFileA
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryA
GetACP
GlobalFlags
GetThreadLocale
FileTimeToSystemTime
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
LoadLibraryA
GetSystemDirectoryW
EncodePointer
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcessId
GlobalAddAtomA
WritePrivateProfileStringA
CompareStringA
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetCurrentThread
ResumeThread
SetThreadPriority
GetCurrentThreadId
FindResourceA
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeResource
OutputDebugStringA
MultiByteToWideChar
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
SetLastError
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
HeapSize
HeapReAlloc
RaiseException
DecodePointer
GetPrivateProfileIntA
GetSystemDefaultLangID
WideCharToMultiByte
GetPrivateProfileStringA
FindResourceW
SetDefaultDllDirectories
SizeofResource
LockResource
LoadResource
GetModuleFileNameA
GetVersionExA
GetCurrentProcess
CreateMutexA
CloseHandle
WaitForSingleObject
ReleaseMutex
GetProcessHeap
HeapFree
HeapAlloc
GetLastError
GetModuleHandleExW
CreateFileW

user32

DrawFocusRect
WindowFromPoint
RegisterClipboardFormatA
GetMenuDefaultItem
CreatePopupMenu
GetAsyncKeyState
GetMenuItemInfoA
DestroyMenu
LoadImageW
TrackMouseEvent
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
SetRect
InvalidateRgn
CopyAcceleratorTableA
ReleaseCapture
SetCapture
CharNextA
CharUpperA
DestroyIcon
InvalidateRect
KillTimer
SetTimer
DeleteMenu
SystemParametersInfoA
CopyImage
RealChildWindowFromPoint
IntersectRect
InflateRect
LoadCursorA
GetSysColorBrush
IsDialogMessageA
SetWindowTextA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
GetTopWindow
GetClassNameA
GetClassLongA
PtInRect
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
OffsetRect
SetRectEmpty
SendDlgItemMessageA
MapDialogRect
GetWindow
SetWindowContextHelpId
SetWindowPos
DrawIconEx
GetIconInfo
EnableScrollBar
GetComboBoxInfo
MessageBoxA
SendMessageA
IsIconic
EnableWindow
GetLastActivePopup
GetWindowThreadProcessId
SetCursor
ShowOwnedPopups
PostQuitMessage
PostMessageA
CallNextHookEx
SetWindowsHookExA
GetCursorPos
ValidateRect
GetKeyState
IsWindowVisible
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
GetDesktopWindow
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
HideCaret
InvertRect
LoadCursorW
NotifyWinEvent
MapVirtualKeyA
GetKeyNameTextA
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongA
SetWindowRgn
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
GetDlgItem
EndDialog
EmptyClipboard
DrawStateA
DrawEdge
DrawFrameControl
IsZoomed
LoadMenuW
GetSystemMenu
LoadImageA
GetSystemMetrics
DrawIcon
GetClientRect
GetWindowRect
ScreenToClient
GetWindowLongA
SetWindowLongA
LoadIconW
UnregisterClassA
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
UnhookWindowsHookEx
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetDC
GetWindowDC
ReleaseDC
BeginPaint
EndPaint
ClientToScreen
ReuseDDElParam
GetSysColor
FillRect
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
GetParent
LoadBitmapW
IsWindow
DestroyWindow
CreateDialogIndirectParamA
WaitMessage
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
UnpackDDElParam
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
MonitorFromPoint
UpdateLayeredWindow
UnionRect
PostThreadMessageA
FrameRect
CopyIcon
SetCursorPos
BringWindowToTop

gdi32

GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetObjectA
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateFontIndirectA
CreateRectRgnIndirect
GetMapMode
PatBlt
SetRectRgn
GetViewportExtEx
GetTextExtentPoint32A
GetTextMetricsA
GetBkColor
GetTextColor
GetRgnBox
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
EnumFontFamiliesExA
Rectangle
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceA
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateBitmap
BitBlt
GetDeviceCaps
CreateDCA
CopyMetaFileA
CreateSolidBrush
DPtoLP
CreateCompatibleDC
CreateFontA

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegDeleteKeyA
AllocateAndInitializeSid
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
OpenProcessToken
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
GetTokenInformation
FreeSid
EqualSid

shell32

ShellExecuteExA
SHGetFileInfoA
SHGetPathFromIDListA
SHAppBarMessage
DragFinish
DragQueryFileA
SHBrowseForFolderA
ShellExecuteA
SHGetDesktopFolder
SHGetSpecialFolderLocation

comctl32

ord17

shlwapi

PathFindFileNameA
PathIsUNCA
PathRemoveFileSpecW
PathStripToRootA
StrFormatKBSizeA
PathFindExtensionA

uxtheme

GetCurrentThemeName
GetThemeSysColor
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
IsThemeBackgroundPartiallyTransparent
GetWindowTheme
IsAppThemed
GetThemePartSize

ole32

OleIsCurrentClipboard
CoRegisterMessageFilter
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleFlushClipboard
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoRevokeClassObject
CreateStreamOnHGlobal
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoInitializeEx
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance

oleaut32

VarBstrFromDate
VariantCopy
SysAllocString
SafeArrayDestroy
VariantTimeToSystemTime
OleCreateFontIndirect
SysStringLen
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysFreeString
SystemTimeToVariantTime

oledlg

ord8

gdiplus

GdipCreateFromHDC
GdipDrawImageRectI
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6e9fa4cebce7098f77f657a23e05c94

Code Sign

54:7b:71:ed:db:fa:0d:63:6c:a2:f9:1a:f2:66:52:5eCertificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6dCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

92:07:b2:5b:fe:41:81:de:52:6f:d7:64:a7:90:fd:7b:23:3f:42:82:6c:9b:f1:1d:bc:74:fc:b2:fd:5b:18:d5Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 314KB - Virtual size: 314KB

.data Size: 22KB - Virtual size: 39KB

.rsrc Size: 332KB - Virtual size: 332KB

54:7b:71:ed:db:fa:0d:63:6c:a2:f9:1a:f2:66:52:5e
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

92:07:b2:5b:fe:41:81:de:52:6f:d7:64:a7:90:fd:7b:23:3f:42:82:6c:9b:f1:1d:bc:74:fc:b2:fd:5b:18:d5
Signer

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 314KB - Virtual size: 314KB

.data
Size: 22KB - Virtual size: 39KB

.rsrc
Size: 332KB - Virtual size: 332KB