2024-05-01_4eececbdaf6de7b6edfcacfc656a58bc_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-01_4eececbdaf6de7b6edfcacfc656a58bc_icedid
Size

488KB
MD5

4eececbdaf6de7b6edfcacfc656a58bc
SHA1

fb4fee1e74771ddbfe91f510e90a167f12a8108f
SHA256

5e949aee458475a587b4247e60a110e3b95183fd634beaa73754ff0739302280
SHA512

e35c11a28b282406a19946f595aaaa711797958f9d779f77f7afa16edb8feed9e543c9d4857b06136eb65e423a10df1d5fb59f4ace1dc169284f954e69d77471
SSDEEP

6144:Qr02JbJpm0o7xkRByF01jexbMR7Jxhg8OV6gPj4GQQq7EPam9WRxHmkEPv:sLNJplo7eRpmbMphuV6gPeXm8RxHEPv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-01_4eececbdaf6de7b6edfcacfc656a58bc_icedid

Files

2024-05-01_4eececbdaf6de7b6edfcacfc656a58bc_icedid
.exe windows:4 windows x86 arch:x86

4ea8996572e9d2f738f91162ce083f38

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\work\Qualcomm\GNQC_DownLoad\branches\release\GNQC_DownLoad.pdb

Imports

setupapi

SetupDiGetClassDescriptionA
SetupDiGetDeviceInstanceIdA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupDiGetClassImageIndex
SetupDiGetClassImageList

kernel32

GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
GetVersionExA
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
FreeResource
lstrcmpA
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
GetModuleFileNameW
InterlockedDecrement
SetThreadPriority
SuspendThread
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
SetErrorMode
TlsGetValue
GlobalReAlloc
GlobalHandle
MulDiv
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
GlobalFlags
GetCPInfo
GetOEMCP
GetSystemTimeAsFileTime
ExitProcess
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
GetCommandLineA
GetStartupInfoA
SetStdHandle
GetFileType
RtlUnwind
RaiseException
ExitThread
CreateThread
HeapSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
GetACP
SetHandleCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetProcAddress
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetThreadLocale
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcessId
GetVersion
CompareStringA
InterlockedExchange
CompareStringW
MultiByteToWideChar
GetModuleHandleA
GetModuleFileNameA
SetCurrentDirectoryA
SetFilePointer
Process32Next
TerminateProcess
OpenProcess
Process32First
CreateToolhelp32Snapshot
DeviceIoControl
GetFileSize
SetLastError
CreateProcessA
GetStdHandle
SetHandleInformation
CreatePipe
InitializeCriticalSection
WritePrivateProfileStringA
GetTickCount
GetFileAttributesA
HeapAlloc
GetProcessHeap
HeapFree
lstrcpyA
LocalFree
FormatMessageA
lstrlenA
LocalAlloc
GetComputerNameA
GetPrivateProfileIntA
CopyFileA
ResumeThread
SetEvent
ResetEvent
LeaveCriticalSection
EnterCriticalSection
GetLocalTime
LoadLibraryA
FreeLibrary
GetPrivateProfileStringA
GetCurrentDirectoryA
GetOverlappedResult
WaitForSingleObject
WriteFile
PurgeComm
ReadFile
ClearCommError
CreateEventA
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
Sleep
SetCommState
GetCommState
SetupComm
GetLastError
CreateFileA
CloseHandle
TlsAlloc

user32

RegisterClipboardFormatA
PostThreadMessageA
SetRect
IsRectEmpty
CopyAcceleratorTableA
CharNextA
ReleaseCapture
SetCapture
LoadCursorA
GetSysColorBrush
DestroyMenu
SetCursor
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ShowWindow
IsDialogMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
GetMenu
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
UnregisterClassA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
GetWindowPlacement
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowThreadProcessId
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RedrawWindow
IsWindow
CharUpperA
KillTimer
UpdateWindow
InvalidateRect
SetWindowTextA
MoveWindow
ScreenToClient
GetWindowRect
GetClassNameA
GetWindow
DrawIcon
GetSystemMetrics
IsIconic
RegisterDeviceNotificationA
LoadStringA
AppendMenuA
GetSystemMenu
LoadIconA
EnableWindow
GetSysColor
GetClientRect
RegisterWindowMessageA
SendMessageA

gdi32

CreateRectRgnIndirect
GetBkColor
GetTextColor
GetStockObject
GetRgnBox
SetBkMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateRectRgn
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetMapMode
CreateFontA
CreateBitmap
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
DeleteObject
SetMapMode

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegEnumKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyExA
RegDeleteKeyA
RegSetValueExA

shell32

SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA

comctl32

InitCommonControlsEx

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecA
PathFindFileNameA

oledlg

ord8

ole32

CoTaskMemAlloc
CLSIDFromString
CoTaskMemFree
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CLSIDFromProgID
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysStringLen
SysFreeString
SysAllocStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen

adbwinapi

AdbGetInterfaceName
AdbOpenDefaultBulkWriteEndpoint
AdbOpenDefaultBulkReadEndpoint
AdbCreateInterfaceByName
AdbCloseHandle
AdbEnumInterfaces
AdbNextInterface
AdbReadEndpointSync
AdbGetUsbDeviceDescriptor
AdbGetUsbInterfaceDescriptor
AdbGetSerialNumber
AdbWriteEndpointSync

ws2_32

WSAEventSelect
WSAEnumNetworkEvents
send
closesocket
shutdown
WSACreateEvent
WSAGetLastError
WSAStartup
htons
recv
socket
connect
htonl

Sections

.text
Size: 348KB - Virtual size: 347KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ea8996572e9d2f738f91162ce083f38

Headers

File Characteristics

PDB Paths

Imports

setupapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

adbwinapi

ws2_32

Sections

.text Size: 348KB - Virtual size: 347KB

.rdata Size: 80KB - Virtual size: 77KB

.data Size: 12KB - Virtual size: 3.1MB

.rsrc Size: 44KB - Virtual size: 42KB

.text
Size: 348KB - Virtual size: 347KB

.rdata
Size: 80KB - Virtual size: 77KB

.data
Size: 12KB - Virtual size: 3.1MB

.rsrc
Size: 44KB - Virtual size: 42KB