2024-04-29_fac3df2ec7bbf8522845283f4828b1fe_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-29_fac3df2ec7bbf8522845283f4828b1fe_icedid
Size

364KB
MD5

fac3df2ec7bbf8522845283f4828b1fe
SHA1

694aa6de6684b2fe0b17ea35218f78a2d8b714a4
SHA256

757f4acd504e824c22759c565dcd084c6029f00e0b513edd685d1f277d21a6ec
SHA512

87d52f531586ddd850643dec3390c172fc422ab11a809ca6eb5b8f2ca4e5c0d0bc2b18526a477f26234fc56657f1547e4e781325c1c28cd670ba185b49f9e81c
SSDEEP

6144:Ed2MkcNByQy0uFstbqsGHNTjLbpyK16OxjucbPZV7QZ:Ed2MkcNIb0usUHVXsKxxjuc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-29_fac3df2ec7bbf8522845283f4828b1fe_icedid

Files

2024-04-29_fac3df2ec7bbf8522845283f4828b1fe_icedid
.exe windows:4 windows x86 arch:x86

355b858b013c6af98a5e8c54b26e9be0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\Dev.NET\Cd explorer\v7.7\7.7 - Keyed - CD Browser\HTMLSplashDialog\Release\HTMLSplashDialog.pdb

Imports

kernel32

TlsSetValue
LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
CreateFileA
GetTickCount
SetErrorMode
FileTimeToLocalFileTime
TlsAlloc
GetFileAttributesA
GetFileTime
ExitProcess
RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapAlloc
HeapFree
GetStartupInfoA
GetCommandLineA
HeapReAlloc
TerminateProcess
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetExitCodeProcess
CreateProcessA
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
FileTimeToSystemTime
InterlockedIncrement
WaitForSingleObject
CloseHandle
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
SetLastError
MulDiv
GlobalAlloc
FormatMessageA
LocalFree
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetModuleFileNameA
RaiseException
DeleteCriticalSection
InitializeCriticalSection
GetLastError
lstrlenA
lstrcmpiA
CompareStringA
CompareStringW
MultiByteToWideChar
GetVersion
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
InterlockedDecrement
GetCurrentDirectoryA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA

user32

GetWindowDC
BeginPaint
EndPaint
CharNextA
GetSysColorBrush
LoadCursorA
DestroyMenu
wsprintfA
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
ReleaseDC
GetDC
CopyAcceleratorTableA
SetRect
IsRectEmpty
SetWindowContextHelpId
MapDialogRect
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
SetCursor
PostQuitMessage
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
ClientToScreen
SetPropA
GetPropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
LoadIconA
PeekMessageA
MapWindowPoints
MessageBoxA
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
InflateRect
GetWindowRect
EnableWindow
CharUpperA
UnregisterClassA
EqualRect
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ReleaseCapture
SetCapture
InvalidateRgn
GetClassNameA
InvalidateRect
PostMessageA
GetClientRect
RegisterWindowMessageA
EndDialog
SendMessageA
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
GetWindowLongA
IsWindow
DestroyWindow
CreateDialogIndirectParamA
GetSystemMetrics
SetActiveWindow
GetActiveWindow
GetDesktopWindow
GetWindow
PtInRect
CopyRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
RemovePropA

shell32

ShellExecuteA

oleaut32

SysAllocStringLen
VariantInit
VariantClear
VariantCopy
VariantChangeType
DispCallFunc
SysAllocString
LoadRegTypeLi
SysStringLen
SysAllocStringByteLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayCreate
SafeArrayDestroy
SystemTimeToVariantTime
SysFreeString
OleCreateFontIndirect

comctl32

ord17

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

oledlg

ord8

gdi32

GetStockObject
GetBkColor
GetTextColor
GetClipBox
SetTextColor
SetBkColor
GetObjectA
CreateBitmap
GetDeviceCaps
DeleteDC
CreateRectRgnIndirect
GetRgnBox
SaveDC
RestoreDC
SetMapMode
GetMapMode
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetViewportExtEx

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

comdlg32

GetFileTitleA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

ole32

CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleIsCurrentClipboard
OleInitialize
CoTaskMemAlloc
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemFree
CoRevokeClassObject

Sections

.text
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

355b858b013c6af98a5e8c54b26e9be0

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

shell32

oleaut32

comctl32

shlwapi

oledlg

gdi32

winspool.drv

comdlg32

advapi32

ole32

Sections

.text Size: 172KB - Virtual size: 169KB

.rdata Size: 48KB - Virtual size: 47KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 128KB - Virtual size: 126KB

.text
Size: 172KB - Virtual size: 169KB

.rdata
Size: 48KB - Virtual size: 47KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 128KB - Virtual size: 126KB