2024-05-05_13f83268eb8b4a38720a629ff10f2428_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-05_13f83268eb8b4a38720a629ff10f2428_icedid
Size

1.6MB
MD5

13f83268eb8b4a38720a629ff10f2428
SHA1

1a0f051b314c6eb1a97fa2967a24a0db17c517c5
SHA256

51203f56a748d9054816229b1667403561f8378be36f12ac9ac32f5fa60180aa
SHA512

8500114a5ee53476c65dfb218d111ec4079f3a5a0c5007c3277e9db48ac415bb170dd5b37b00a8945904b6edea26323682c26c0521c9199d19558857f1ff7d58
SSDEEP

49152:mD6f/P2icZiI3+iuhPx+rVlTSbwiLci2xbyfGZFPwSs:Tf/eicZ9+zPx+rVlXiL32xbyfGZxwSs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-05_13f83268eb8b4a38720a629ff10f2428_icedid

Files

2024-05-05_13f83268eb8b4a38720a629ff10f2428_icedid
.exe windows:6 windows x86 arch:x86

1b422289b0d40ffc1be26b52986d2e07

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Administrator\work\작업중\해저터널 TBM\월요일 제출용 프로그램\TMB1GUI소스(수신인터럽트 테스트) - 복사본\Release\LMFI_gui.pdb

Imports

kernel32

GetConsoleMode
GetStdHandle
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetTimeZoneInformation
GetStringTypeW
ReadConsoleW
LCMapStringW
WriteConsoleW
OutputDebugStringW
CreateFileW
SetEnvironmentVariableA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsValidCodePage
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
HeapQueryInformation
ExitThread
AreFileApisANSI
GetModuleHandleExW
ExitProcess
VirtualQuery
VirtualAlloc
GetSystemInfo
CreateEventA
RtlUnwind
GetCommandLineA
IsProcessorFeaturePresent
IsDebuggerPresent
GetConsoleCP
VirtualProtect
SearchPathA
GetProfileIntA
GetTickCount
GetTempFileNameA
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
lstrcpyA
GetWindowsDirectoryA
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
GetACP
DeleteFileA
GetCurrentDirectoryA
GetStartupInfoW
FindResourceExW
TerminateProcess
GetCPInfo
GetOEMCP
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
FileTimeToSystemTime
ResumeThread
SetThreadPriority
WaitForSingleObject
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
GetVersionExA
GetCurrentThread
GetModuleFileNameA
GetCurrentProcessId
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
LoadLibraryW
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeResource
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
EncodePointer
OutputDebugStringA
SetLastError
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalSize
MultiByteToWideChar
lstrcatA
GlobalUnlock
GlobalLock
GlobalAlloc
DeleteCriticalSection
DecodePointer
HeapSize
RaiseException
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
Sleep
GetLastError
ReadFile
WriteFile
CloseHandle
CreateThread
SetCommState
GetCommState
SetCommTimeouts
PurgeComm
SetupComm
SetCommMask
CreateFileA
SetFilePointerEx

user32

DestroyCursor
GetWindowRgn
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
LockWindowUpdate
SetRect
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
PostThreadMessageA
IsZoomed
GetComboBoxInfo
LoadMenuW
TrackMouseEvent
MonitorFromPoint
UpdateLayeredWindow
IsMenu
SetWindowRgn
DrawFrameControl
DrawEdge
LoadImageW
DrawStateA
EnumDisplayMonitors
SetLayeredWindowAttributes
SetParent
UnionRect
GetKeyNameTextA
MapVirtualKeyA
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
MessageBeep
GetIconInfo
DrawIconEx
IsRectEmpty
DrawFocusRect
GetNextDlgGroupItem
GetMenuDefaultItem
ReuseDDElParam
UnpackDDElParam
LoadImageA
OffsetRect
SetRectEmpty
InsertMenuItemA
CreatePopupMenu
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
IntersectRect
CharUpperA
DestroyIcon
InvalidateRect
KillTimer
SetTimer
DeleteMenu
LoadCursorW
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
RealChildWindowFromPoint
LoadCursorA
GetSysColorBrush
FillRect
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
MapDialogRect
InflateRect
GetMenuItemInfoA
DestroyMenu
SetCursor
ShowOwnedPopups
GetCursorPos
TranslateMessage
GetMessageA
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
PostQuitMessage
GetWindowThreadProcessId
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameA
GetParent
GetClassLongA
SetWindowLongA
GetWindowLongA
PtInRect
EqualRect
CopyRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
FrameRect
CharUpperBuffA
RegisterClipboardFormatA
GetDlgItem
IsWindowVisible
EndDeferWindowPos
ModifyMenuA
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
SetClassLongA
SetCursorPos
SystemParametersInfoA
CopyAcceleratorTableA
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
PeekMessageA
DispatchMessageA
RegisterWindowMessageA
RemoveMenu
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
wsprintfA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
MessageBoxA
UnregisterClassA
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
GetSysColor
SendMessageA
AppendMenuA
GetSystemMenu
LoadIconW
PostMessageA
EnableWindow
CopyImage

gdi32

SetPolyFillMode
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetTextMetricsA
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
CreateCompatibleBitmap
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polyline
Rectangle
EnumFontFamiliesExA
GetRgnBox
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceA
GetLayout
SetLayout
SetMapMode
TextOutA
MoveToEx
SetTextAlign
Polygon
CopyMetaFileA
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
ExtTextOutA
GetTextExtentPoint32A
CreateFontIndirectA
CreateCompatibleDC
BitBlt
CreateBitmap
GetObjectA
SetTextColor
SetBkColor
GetDeviceCaps
CreateDCA
SetROP2

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegSetValueExA
RegEnumValueA
RegEnumKeyExA
RegQueryValueA
RegEnumKeyA
RegOpenKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA

shell32

SHGetPathFromIDListA
SHGetFileInfoA
DragQueryFileA
DragFinish
SHAppBarMessage
SHBrowseForFolderA
ShellExecuteA
SHGetDesktopFolder
SHGetSpecialFolderLocation

comctl32

InitCommonControlsEx
ord8

shlwapi

PathFindFileNameA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
PathFindExtensionA
StrFormatKBSizeA

uxtheme

DrawThemeParentBackground
GetWindowTheme
GetThemeSysColor
IsAppThemed
DrawThemeText
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
GetCurrentThemeName
OpenThemeData
CloseThemeData
GetThemeColor

ole32

OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
CoDisconnectObject
CoInitializeEx
CoInitialize
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CLSIDFromProgID
OleInitialize
CoBuildVersion
OleUninitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor

oleaut32

SysFreeString
LoadTypeLi
VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantChangeType
VariantClear
VariantInit
SysAllocStringByteLen
SysAllocStringLen
SysAllocString
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SysStringLen

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectI

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 300KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b422289b0d40ffc1be26b52986d2e07

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 300KB - Virtual size: 300KB

.data Size: 23KB - Virtual size: 60KB

.rsrc Size: 27KB - Virtual size: 27KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 300KB - Virtual size: 300KB

.data
Size: 23KB - Virtual size: 60KB

.rsrc
Size: 27KB - Virtual size: 27KB