2024-04-22_f4c56c09163aec66c265d434e078f747_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-22_f4c56c09163aec66c265d434e078f747_icedid
Size

1.4MB
MD5

f4c56c09163aec66c265d434e078f747
SHA1

fd178f7f98b99e5de9ffbf291c1ea014eeb2fbdc
SHA256

dde99c85a9388adb621365ad9a9881c5296deeccab5a54361bcb57058f4b9a5f
SHA512

3e8eb2f2276648d899bf61f5e04adcdc760c0059c36a0fbd144459696443d6e84230ba7113b9c46b40f70042b6e87896dd227584ad14f838c39fc7393b728147
SSDEEP

24576:fcw9V72Rk4L3V/rj1bLaEx3hdxN/vkiPPPP:ftT72j5xLak3bxN/v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-22_f4c56c09163aec66c265d434e078f747_icedid

Files

2024-04-22_f4c56c09163aec66c265d434e078f747_icedid
.exe windows:5 windows x86 arch:x86

34c73367fcb3ed6e4731444f25213885

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\lolsong\lolsong_miniplayer\Release\vivimpop_player.pdb

Imports

fmodex

FMOD_DSP_GetActive
FMOD_System_CreateDSPByType
FMOD_System_GetChannelsPlaying
FMOD_Channel_IsPlaying
FMOD_System_Update
FMOD_Channel_GetSpectrum
FMOD_DSP_Remove
FMOD_Channel_GetMute
FMOD_Channel_SetVolume
FMOD_Channel_GetPosition
FMOD_Channel_SetPosition
FMOD_Channel_Stop
FMOD_Sound_GetLength
FMOD_Channel_GetCurrentSound
FMOD_System_PlaySound
FMOD_Channel_SetPaused
FMOD_Channel_GetPaused
FMOD_System_CreateStream
FMOD_System_Init
FMOD_System_SetSoftwareFormat
FMOD_System_SetOutput
FMOD_System_GetVersion
FMOD_System_AddDSP
FMOD_DSP_SetParameter
FMOD_Channel_SetPan
FMOD_System_Close
FMOD_System_Release
FMOD_Channel_SetMute
FMOD_System_Create
FMOD_Sound_Release

id3lib

?Link@ID3_Tag@@QAEIPBDG@Z
?HasLyrics@ID3_Tag@@QBE_NXZ
?HasV2Tag@ID3_Tag@@QBE_NXZ
?HasV1Tag@ID3_Tag@@QBE_NXZ
?GetFileSize@ID3_Tag@@QBEIXZ
??1ID3_Tag@@UAE@XZ
?Find@ID3_Tag@@QBEPAVID3_Frame@@W4ID3_FrameID@@@Z
?Contains@ID3_Frame@@QBE_NW4ID3_FieldID@@@Z
?GetMp3HeaderInfo@ID3_Tag@@QBEPBUMp3_Headerinfo@@XZ
?GetField@ID3_Frame@@QBEPAVID3_Field@@W4ID3_FieldID@@@Z
??0ID3_Tag@@QAE@PBD@Z

iphlpapi

GetBestInterface
GetAdaptersInfo

kernel32

FileTimeToSystemTime
FileTimeToLocalFileTime
LocalAlloc
FlushFileBuffers
LockFile
UnlockFile
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
GlobalFlags
GetModuleHandleW
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
ConvertDefaultLocale
LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
GetFileSizeEx
GetFileTime
SetErrorMode
GetTickCount
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetDriveTypeA
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
RaiseException
RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
HeapSize
ExitProcess
SetStdHandle
GetFileType
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
VirtualFree
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
WritePrivateProfileStringA
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GetThreadLocale
InterlockedIncrement
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetModuleFileNameW
FormatMessageA
LocalFree
GetCurrentProcessId
GlobalLock
GlobalUnlock
MulDiv
GetModuleHandleA
GetLocalTime
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetEvent
GetVersionExA
GetVersion
FreeLibrary
InterlockedDecrement
GetCurrentDirectoryA
GetLastError
SetLastError
GetTempPathA
CreateThread
MoveFileA
DeleteFileA
Sleep
GetModuleFileNameA
CreateMutexA
OpenMutexA
GlobalFree
GlobalAlloc
GetProcAddress
LoadLibraryA
FindClose
FindNextFileA
FindFirstFileA
WriteFile
SetEndOfFile
GetFileAttributesA
MultiByteToWideChar
lstrlenA
CloseHandle
ReadFile
SetFilePointer
GetFileSize
CreateFileA
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetConsoleCP
GetCurrentThread
GetProcessHeap
TlsSetValue

user32

GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
GetActiveWindow
DestroyMenu
CharNextA
MapDialogRect
SetWindowContextHelpId
ValidateRect
TranslateMessage
GetMessageA
CharUpperA
GetSysColorBrush
UnregisterClassA
CopyAcceleratorTableA
SetRect
InvalidateRgn
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
ModifyMenuA
EnableMenuItem
IsDialogMessageA
GetDlgItemTextA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
SetActiveWindow
DispatchMessageA
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
SetMenu
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
EqualRect
SetScrollInfo
GetDlgCtrlID
DefWindowProcA
GetMenu
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
IntersectRect
UnhookWindowsHookEx
GetMenuState
GetMenuItemCount
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
GetNextDlgGroupItem
DrawEdge
WindowFromPoint
GetCapture
GetMenuItemID
TrackPopupMenu
SetMenuDefaultItem
GetWindow
SetParent
GetScrollInfo
PtInRect
IsRectEmpty
OffsetRect
CallWindowProcA
SetWindowTextA
IsWindow
CreateWindowExA
GetWindowDC
EndPaint
MessageBoxA
SetDlgItemTextA
GetWindowLongA
SetWindowLongA
GetDesktopWindow
KillTimer
ShowWindow
CheckMenuItem
PostQuitMessage
SetFocus
ClientToScreen
GetSystemMetrics
IsIconic
SetTimer
DeleteMenu
GetSystemMenu
GetClassInfoA
FindWindowA
wsprintfA
SetCursor
LoadCursorA
FrameRect
LoadIconA
DrawIcon
CopyRect
GetFocus
GetSysColor
SendMessageA
ReleaseDC
GetDC
SetForegroundWindow
GetCursorPos
GetSubMenu
LoadMenuA
GetWindowRect
IsWindowVisible
UpdateWindow
ScreenToClient
GetDlgItem
MoveWindow
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetKeyState
GetParent
PostMessageA
SetCapture
GetClientRect
ReleaseCapture
InvalidateRect
DrawFocusRect
EnableWindow
LoadBitmapA
BeginPaint

gdi32

GetStockObject
Rectangle
CreateFontA
CreatePen
GetTextExtentPoint32A
RoundRect
SetROP2
MoveToEx
LineTo
CreateDIBSection
DeleteDC
CreateFontIndirectA
SetBkColor
SetTextColor
SaveDC
RestoreDC
SetBkMode
CreateSolidBrush
TextOutA
GetDeviceCaps
CreateRectRgnIndirect
SetWindowExtEx
GetTextColor
GetRgnBox
SetWindowOrgEx
Escape
ExtSelectClipRgn
ExtTextOutA
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
RectVisible
PtVisible
CreateBitmap
GetBkColor
DPtoLP
GetViewportExtEx
GetWindowExtEx
GetMapMode
CreateCompatibleBitmap
LPtoDP
GetPixel
SelectObject
StretchBlt
BitBlt
CreateCompatibleDC
GetObjectA
DeleteObject
ExcludeClipRect
GetClipBox
SetMapMode
ScaleWindowExtEx

msimg32

TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegEnumKeyA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegQueryValueA
RegOpenKeyA
RegCreateKeyA
RegDeleteKeyA

shell32

Shell_NotifyIconA
DragQueryFileA
DragFinish
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
DragAcceptFiles

comctl32

InitCommonControlsEx
ImageList_DragLeave
ImageList_EndDrag
ImageList_Destroy
ImageList_BeginDrag
_TrackMouseEvent
ImageList_DragEnter

shlwapi

PathRemoveFileSpecW
PathFindFileNameA
PathFindExtensionA
UrlUnescapeA
PathIsUNCA
PathStripToRootA

oledlg

ord8

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoInitializeEx
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CoCreateInstance
StgCreateDocfileOnILockBytes

oleaut32

VariantInit
VariantClear
GetErrorInfo
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SysAllocString
SysStringLen
VariantChangeType
SysAllocStringLen
OleCreateFontIndirect
VariantCopy

ws2_32

WSAGetLastError
inet_addr
send
recv
WSASend
WSAAsyncSelect
WSAConnect
htons
closesocket
WSASocketA
inet_ntoa
gethostbyname
gethostname
WSAStartup
WSACleanup

wininet

InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetOpenUrlA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
InternetQueryDataAvailable

Sections

.text
Size: 497KB - Virtual size: 497KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 731KB - Virtual size: 731KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34c73367fcb3ed6e4731444f25213885

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

fmodex

id3lib

iphlpapi

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

wininet

Sections

.text Size: 497KB - Virtual size: 497KB

.rdata Size: 164KB - Virtual size: 163KB

.data Size: 34KB - Virtual size: 50KB

.rsrc Size: 731KB - Virtual size: 731KB

.text
Size: 497KB - Virtual size: 497KB

.rdata
Size: 164KB - Virtual size: 163KB

.data
Size: 34KB - Virtual size: 50KB

.rsrc
Size: 731KB - Virtual size: 731KB