2024-04-30_628df66e53707796ca6e1133141659c9_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-30_628df66e53707796ca6e1133141659c9_icedid
Size

691KB
MD5

628df66e53707796ca6e1133141659c9
SHA1

0a3ae40d564bd6e429330e145f8cc85fd303d36d
SHA256

f61ebeaaec296f4684fbc9099cc5bcb9e2138dd3446043e44ecb245070aa2c7b
SHA512

2d7674bef57a0ecd8f0fc49fd9cc10f837abe5037cc3ae5bc487b6ce832a23db2194089d213ca75e4bc40364be96a3507b63eaa438f261b48b170c98722ded3b
SSDEEP

12288:97ovuNCE7iNSEawTBUfj+sBYdjNy/NYX+Qp9FzyH:9ovCiNSEGj+sBik++Q5WH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-30_628df66e53707796ca6e1133141659c9_icedid

Files

2024-04-30_628df66e53707796ca6e1133141659c9_icedid
.exe windows:5 windows x86 arch:x86

0fb9474bcb5c0c1f23841f74f9c4a4dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\lg\Desktop\Src_16May2011\Code\32bit - Code\XP-Vista\SmartDualMon\Release_Unicode\Dual Package.pdb

Imports

mousehook

UnHook
clearWndMsgHook
clearMsgHook
clearKeyBoardMsgHook
ClearMouseMsgHook
setWndMsgHook
SetMsgHook
SetKeyBoardMsgHook
SetMouseClickHook
Hook

win32utility

?WriteRegKey@CRegUtility@@QAEHPAUHKEY__@@PA_WPB_WHAAUSRegData@@@Z
??1CRegUtility@@UAE@XZ
??0CRegUtility@@QAE@XZ
?ReadRegKey@CRegUtility@@QAEHPAUHKEY__@@PA_WPB_WAAUSRegData@@@Z

psapi

EnumProcessModules
GetModuleBaseNameW
EnumProcesses

kernel32

FindFirstFileW
GetVolumeInformationW
GetFullPathNameW
CreateFileW
FileTimeToLocalFileTime
GetFileAttributesW
GetFileSizeEx
GetFileTime
SetErrorMode
GetTickCount
GetStartupInfoW
HeapAlloc
HeapFree
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
RaiseException
HeapReAlloc
FindClose
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FileTimeToSystemTime
GetThreadLocale
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
GetPrivateProfileStringW
WritePrivateProfileStringW
GetModuleHandleA
InterlockedDecrement
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrlenA
lstrcmpA
GlobalAlloc
FormatMessageW
LocalFree
MulDiv
WideCharToMultiByte
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetCurrentThreadId
GetConsoleWindow
lstrlenW
SetLastError
GetProcAddress
SetThreadExecutionState
MultiByteToWideChar
FreeLibrary
LoadLibraryW
GetModuleFileNameW
GetModuleHandleW
CloseHandle
OpenProcess
TerminateProcess
CreateProcessW
GetVersionExW
lstrcpynW
FindResourceW
LoadResource
LockResource
SizeofResource
WaitForSingleObject
CreateMutexW
GetLastError
Sleep
OutputDebugStringW

user32

DestroyMenu
GetWindowDC
BeginPaint
EndPaint
WindowFromPoint
GetSysColorBrush
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
CharUpperW
UnregisterClassW
RegisterClipboardFormatW
PostThreadMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
SetPropW
GetPropW
RemovePropW
GetLastActivePopup
DispatchMessageW
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
GetKeyState
SetMenu
GetMenuItemID
GetMenuItemCount
MessageBoxW
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
CallWindowProcW
GetMenu
SystemParametersInfoA
GetDesktopWindow
GetActiveWindow
SetActiveWindow
DestroyWindow
GetNextDlgTabItem
EndDialog
GrayStringW
DrawTextExW
TabbedTextOutW
SetRect
DrawEdge
OffsetRect
GetSysColor
DrawTextW
BringWindowToTop
ReleaseCapture
GetCapture
SetCapture
TrackMouseEvent
ClientToScreen
SetClassLongW
SetCursor
GetDlgCtrlID
IsRectEmpty
SetRectEmpty
InflateRect
DestroyCursor
GetIconInfo
FillRect
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
DefWindowProcW
GetClassInfoW
LoadCursorW
MoveWindow
MapWindowPoints
GetForegroundWindow
ScreenToClient
SetFocus
GetFocus
SetWindowTextW
GetClassLongW
IsWindowEnabled
InvalidateRect
UpdateWindow
EnumChildWindows
SendInput
GetWindowThreadProcessId
CreateDialogParamW
GetWindowPlacement
MonitorFromPoint
EnumDisplaySettingsExW
ReleaseDC
GetDC
ChangeDisplaySettingsW
FindWindowExW
GetCursorPos
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
RegisterWindowMessageW
DestroyIcon
TrackPopupMenu
RemoveMenu
SetMenuItemInfoW
LoadBitmapW
GetSubMenu
LoadMenuW
DrawIcon
GetClientRect
GetSystemMetrics
AppendMenuW
GetSystemMenu
GetMessageW
TranslateMessage
ValidateRect
IsDialogMessageW
LoadIconW
ChangeDisplaySettingsExW
EnumDisplayDevicesW
EnumDisplaySettingsW
EqualRect
IntersectRect
MonitorFromRect
GetMenuCheckMarkDimensions
CreateDialogIndirectParamW
GetMenuState
KillTimer
SetTimer
PostMessageW
GetWindowLongW
GetWindowRect
IsIconic
SetWindowPos
IsWindow
LoadStringW
ModifyMenuW
LoadImageW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
FindWindowW
EnableWindow
SetDlgItemTextW
SendMessageW
GetDlgItem
ShowWindow
IsWindowVisible
GetParent
EnumWindows
SetWindowLongW
RedrawWindow
GetWindowTextW
PtInRect
GetWindow
SetForegroundWindow
MonitorFromWindow
GetMonitorInfoW
GetClassNameW
CopyRect

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePen
CreateRectRgnIndirect
GetBkColor
GetTextColor
GetRgnBox
GetMapMode
PtVisible
GetWindowExtEx
CreateFontIndirectW
GetStockObject
GetTextExtentPoint32W
StretchBlt
DeleteDC
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetObjectW
CreateSolidBrush
SetPixelV
Polygon
CreateRectRgn
GetDeviceCaps
DeleteObject
MoveToEx
LineTo
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
Escape
ExtTextOutW
TextOutW
RectVisible
GetViewportExtEx

msimg32

GradientFill

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegSetValueExW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW

shell32

Shell_NotifyIconW
ShellExecuteExW

comctl32

ImageList_Create
ImageList_Destroy
ImageList_ReplaceIcon
ImageList_Remove
InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW

oledlg

OleUIBusyW

ole32

OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoFreeUnusedLibraries
CoTaskMemFree
CoCreateInstance
IIDFromString
CoUninitialize
CoInitializeEx
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemAlloc

oleaut32

VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString
SysFreeString
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SafeArrayDestroy

Sections

.text
Size: 427KB - Virtual size: 426KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0fb9474bcb5c0c1f23841f74f9c4a4dd

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mousehook

win32utility

psapi

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 427KB - Virtual size: 426KB

.rdata Size: 149KB - Virtual size: 148KB

.data Size: 12KB - Virtual size: 33KB

.rsrc Size: 99KB - Virtual size: 99KB

.text
Size: 427KB - Virtual size: 426KB

.rdata
Size: 149KB - Virtual size: 148KB

.data
Size: 12KB - Virtual size: 33KB

.rsrc
Size: 99KB - Virtual size: 99KB