2024-05-04_599af7852d4bd63767e0727ac22a7f95_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-04_599af7852d4bd63767e0727ac22a7f95_icedid
Size

4.8MB
MD5

599af7852d4bd63767e0727ac22a7f95
SHA1

0f6de89793083198e6d9b305ae7fe7db7aa2cdd7
SHA256

5572ed9e3622d49a3b05b2bbd7128e067154aff79e5bf116992e469a54d4a6ee
SHA512

6102d4812eff5bbdf07a41883bd8f790dc19ad20dfad1ba9000727151aeccc30c4c6acfaac67b767cec505c1ccb1a2948f869e04931854b9cd049f77db21881f
SSDEEP

24576:zB3Urs/IIL6qwmfKtXdxRRv+VKRfOE4U:F30qwOKtXdxj+ViOE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-04_599af7852d4bd63767e0727ac22a7f95_icedid

Files

2024-05-04_599af7852d4bd63767e0727ac22a7f95_icedid
.exe windows:4 windows x86 arch:x86

2ffab223093f89db573a26312f40effe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

i:\123_업체매뉴얼\leaders\Leders_diag_new\Release\LederDiag.pdb

Imports

setupapi

CM_Get_DevNode_Status_Ex
SetupDiDestroyClassImageList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
CM_Connect_MachineA
CM_Locate_DevNode_ExA
CM_Disconnect_Machine
CM_Get_Sibling_Ex
CM_Get_Child_Ex
CM_Get_DevNode_Registry_Property_ExA
SetupDiGetClassImageList
SetupDiClassGuidsFromNameA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
CM_Enumerate_Classes
SetupDiClassNameFromGuidA
SetupDiGetClassImageIndex
SetupDiGetClassDevsA
SetupDiOpenClassRegKeyExA
SetupDiDestroyDeviceInfoList

msvfw32

MCIWndCreateA

opengl32

glDepthFunc
wglDeleteContext
glEnd
wglMakeCurrent
glViewport
glMatrixMode
glShadeModel
glClearColor
glClearDepth
glEnable
wglCreateContext
glHint
glClear
glLoadIdentity
glTranslatef
glRotatef
glBegin
glColor3f
glVertex3f

glu32

gluPerspective

iphlpapi

GetAdaptersInfo

ddraw

DirectDrawCreateEx

winmm

waveOutOpen
mixerGetDevCapsA
mixerOpen
mixerGetNumDevs
mixerClose
mixerSetControlDetails
mixerGetControlDetailsA
mixerGetLineControlsA
mixerGetLineInfoA
waveInReset
waveOutGetErrorTextA
waveOutClose
waveOutPrepareHeader
waveOutWrite
waveOutUnprepareHeader
waveOutReset
waveInClose

ole32

CoRegisterMessageFilter
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard

wsock32

closesocket
WSAStartup
WSACleanup

inpout32

ord1
ord2

kernel32

FindClose
FindFirstFileA
LoadLibraryA
SetFileAttributesA
CopyFileA
CreateDirectoryA
FreeLibrary
GetTickCount
SetLastError
GlobalAlloc
GlobalFree
CancelIo
SetCommConfig
GetDefaultCommConfigA
SetupComm
CreateEventA
SetCommState
GetCommState
SetCommMask
SetEvent
WaitCommEvent
SetCommTimeouts
GetCommTimeouts
GetOverlappedResult
WriteFile
FileTimeToSystemTime
GetLocalTime
lstrcatA
lstrcpyA
GlobalMemoryStatus
LocalFree
FormatMessageA
GlobalUnlock
GlobalLock
MulDiv
InterlockedDecrement
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
FreeResource
lstrcmpA
ResumeThread
SuspendThread
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetFullPathNameA
EnumResourceLanguagesA
GetPrivateProfileStringA
InterlockedIncrement
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
VirtualQuery
RtlUnwind
ExitProcess
GetSystemTimeAsFileTime
GetFileType
GetStartupInfoA
CreateMutexA
HeapReAlloc
ExitThread
CreateThread
TerminateProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetCurrentProcessId
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
SetHandleCount
GetStdHandle
SetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetSystemDirectoryA
WinExec
WaitForMultipleObjects
SetFilePointerEx
ReadFile
GetDiskFreeSpaceExA
GetWindowsDirectoryA
GetCurrentProcess
GetModuleFileNameA
SetCurrentDirectoryA
WritePrivateProfileStringA
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
GetPrivateProfileIntA
GetSystemInfo
GlobalMemoryStatusEx
DefineDosDeviceA
GetLogicalDriveStringsA
GetDriveTypeA
GetVolumeInformationA
GetDiskFreeSpaceA
CloseHandle
CreateFileA
DeviceIoControl
GetComputerNameA
GetCurrentThread
GetThreadPriority
SetThreadPriority
GetModuleHandleA
QueryPerformanceFrequency
QueryPerformanceCounter
Sleep
SizeofResource
GetSystemPowerStatus
CompareStringW
CompareStringA
FindResourceA
LoadResource
GetProcAddress
SetSystemPowerState
LockResource
lstrlenA
lstrcmpiA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetCommandLineA
lstrcpynA
ConvertDefaultLocale

user32

ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatA
TranslateAcceleratorA
SetMenu
CreatePopupMenu
InsertMenuItemA
LoadAcceleratorsA
ReuseDDElParam
UnpackDDElParam
LoadMenuA
GetDCEx
CharNextA
IsRectEmpty
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
PostThreadMessageA
SetParent
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
WinHelpA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
IsChild
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
TrackPopupMenu
SetForegroundWindow
GetMenu
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
RegisterClassA
CallWindowProcA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetWindowTextLengthA
SetFocus
IsWindowEnabled
MoveWindow
SetWindowLongA
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
UnhookWindowsHookEx
SetCursor
DrawEdge
GetCursorPos
SetScrollPos
BringWindowToTop
GetMessagePos
GetCapture
ScreenToClient
MapWindowPoints
GetSysColorBrush
RegisterClassExA
SetWindowRgn
RegisterWindowMessageA
ReleaseCapture
GetClassInfoA
DefWindowProcA
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
LoadCursorA
GetFocus
SetCapture
PtInRect
UpdateWindow
EqualRect
CreateIconIndirect
DrawIconEx
GetIconInfo
DestroyIcon
RedrawWindow
TranslateMessage
DispatchMessageA
FindWindowA
PeekMessageA
PostQuitMessage
LoadIconA
LockWindowUpdate
IsIconic
GetSystemMenu
AppendMenuA
DrawIcon
GetSystemMetrics
ShowWindow
DestroyMenu
GetMenuItemInfoA
GetMessageA
ValidateRect
ReleaseDC
GetDC
GetDesktopWindow
GetWindowLongA
GetWindowTextA
GetClassNameA
PostMessageA
GetDlgCtrlID
IsWindow
SetWindowPos
GetKeyState
KillTimer
GetSubMenu
GetMenuItemID
GetWindow
keybd_event
ExitWindowsEx
MessageBoxA
SetTimer
GetAsyncKeyState
CloseWindow
SetRect
wsprintfA
IsWindowVisible
CopyImage
GetSysColor
EnableWindow
GetParent
InvalidateRect
GetClientRect
SendMessageA
DrawFocusRect
DrawFrameControl
WindowFromPoint
IsZoomed
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
FrameRect
FillRect
LoadBitmapA
OffsetRect
InflateRect
SetRectEmpty
CopyRect
DrawStateA
UnregisterClassA
GetWindowRect
CharUpperA
GetMenuState
GetMenuItemCount

gdi32

SetStretchBltMode
SetTextColor
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SetBkMode
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
SelectPalette
SetBkColor
OffsetViewportOrgEx
CreateHatchBrush
CreateRectRgnIndirect
PatBlt
StretchDIBits
GetCharWidthA
CreateFontA
SetRectRgn
GetMapMode
DPtoLP
GetTextColor
GetRgnBox
RestoreDC
SaveDC
GetBkColor
GetTextMetricsA
CombineRgn
CreateFontIndirectA
Escape
ExtTextOutA
RectVisible
PtVisible
Polygon
RealizePalette
CreatePalette
GetDIBColorTable
SetDIBColorTable
GetDIBits
SetDIBits
CreateDIBSection
GetCurrentObject
GetPixel
CreateRectRgn
CreateBitmap
GetTextExtentPoint32A
GetDeviceCaps
BitBlt
StretchBlt
CreateCompatibleDC
CreateCompatibleBitmap
SwapBuffers
ChoosePixelFormat
SetPixelFormat
CreatePen
SelectObject
Rectangle
MoveToEx
LineTo
TextOutA
CreateSolidBrush
GetStockObject
DeleteObject
GetObjectA

msimg32

GradientFill

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegFlushKey
RegSetValueExA
RegEnumKeyA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey
RegOpenKeyA

shell32

DragQueryFileA
DragFinish
ShellExecuteExA

comctl32

ImageList_AddMasked
ord8
ImageList_GetImageCount
ord17
ImageList_Draw
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_DragLeave
ImageList_GetIconSize
ImageList_DrawEx
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_DrawIndirect
ImageList_GetBkColor
ImageList_GetImageInfo
ImageList_SetBkColor

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA

oledlg

ord8

oleaut32

SysAllocStringLen
SysStringLen
SysAllocStringByteLen
VariantInit
VariantChangeType
SysAllocString
SysFreeString
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
OleCreateFontIndirect
VariantClear

rpcrt4

UuidFromStringA

Sections

.text
Size: 456KB - Virtual size: 454KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ffab223093f89db573a26312f40effe

Headers

File Characteristics

PDB Paths

Imports

setupapi

msvfw32

opengl32

glu32

iphlpapi

ddraw

winmm

ole32

wsock32

inpout32

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

oleaut32

rpcrt4

Sections

.text Size: 456KB - Virtual size: 454KB

.rdata Size: 124KB - Virtual size: 120KB

.data Size: 20KB - Virtual size: 41KB

.rsrc Size: 4.2MB - Virtual size: 4.2MB

.text
Size: 456KB - Virtual size: 454KB

.rdata
Size: 124KB - Virtual size: 120KB

.data
Size: 20KB - Virtual size: 41KB

.rsrc
Size: 4.2MB - Virtual size: 4.2MB