2024-05-14_4889bec4c3ef472f3b2bb8f772eb6eb1_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-14_4889bec4c3ef472f3b2bb8f772eb6eb1_icedid
Size

526KB
MD5

4889bec4c3ef472f3b2bb8f772eb6eb1
SHA1

b3ccb50abf8951c65466c8a06c4a72cfdf0bd41c
SHA256

2422ca8c6f4121ef2de136f57a928049223355dbd08d879484198419cfb3df35
SHA512

81594b38302c5975f54c6cd910f7d63cba2d07d60cb1c15d545440ff8f053f8ce9db0e3381de86bf9892087e7039ba68053379dcc7f69d0095cd4cf093aa6c50
SSDEEP

3072:/js/cWCt/7ZBExF0wZX2AyOMqJddEPNoQrkMKy2d+VTg4dAlll2tDZQtrjwZQtrl:QkWCtDExF0I+UgvrkMKJQk4Bta

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-14_4889bec4c3ef472f3b2bb8f772eb6eb1_icedid

Files

2024-05-14_4889bec4c3ef472f3b2bb8f772eb6eb1_icedid
.exe windows:4 windows x86 arch:x86

5867698c14f2df9c84159b970c20fe5e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Dev32\Source\Aspen\Configuration\AspenCal\Release Generic\AspenCal.pdb

Imports

utpapi

SetBasePoint
Reset_2PCalib_Data
IsPenUp
SetAccLevel
GetAccLevel
SetNoiseLevel
GetNoiseLevel
SetTouchSensitivity
GetTouchSensitivity
GetOutfocus
SetOutfocus
GetInfocus
SetInfocus
GetMeasureDelay
SetMeasureDelay
GetMeasureTime
SetMeasureTime
GetRightClickTime
SetRightClickTime
GetBasePoint
SetCalibrationPoint
GetCalibrationData
SaveCalibrationData
SetCalPoint
CalCurrentPointReady
StoreCalibrationData
GetMultiMonitorLayout
GetMultiMonitorNumber
GetDisplayNumber
ReadBuffer
ReadLength
FlushReadBuffer
OpenController
GetControllerName
GetDriverVersion
GetDriverPort
GetRightClickEnabled
EnableRightClick
GetDoubleClickEnabled
EnableDoubleClick
GetDoubleClickArea
SetDoubleClickArea
GetDoubleClickSpeed
SetDoubleClickSpeed
GetDownSoundStatus
EnableDownSound
GetUpSoundStatus
EnableUpSound
GetRotation
SetRotation
GetReportMode
SetReportMode
ReopenCOMPort
CloseCOMPort
GetReportStatus
DisableTouchReport
GetDriverInterface
CloseController
WriteBuffer
QueryMultiMonitorSetOK
AskToSetMultiMonitor
GetDisplayArea
GetDisplayName
QueryDisplayBeTouched
AskToSetDisplayNumber
GetExistDisplays
Set_MRightClick_App
Get_Manual_RightClick_Status
Set_BuzzerDuration
Get_BuzzerDuration
Set_BuzzerFreq
Get_BuzzerFreq
Set_Sound_Type
Get_Sound_Type
GetExistControllers

winmm

PlaySoundA

kernel32

lstrlenA
CompareStringA
CompareStringW
LoadLibraryA
lstrcpyA
EnumResourceLanguagesA
ConvertDefaultLocale
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
lstrcmpA
GlobalDeleteAtom
FreeLibrary
GlobalAlloc
GlobalLock
GetCurrentThreadId
GetCurrentThread
LocalFree
lstrcpynA
FormatMessageA
SetLastError
InterlockedDecrement
lstrcmpW
lstrcatA
GlobalFindAtomA
GlobalGetAtomNameA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
WritePrivateProfileStringA
InterlockedIncrement
GlobalFlags
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
FileTimeToSystemTime
GetCPInfo
GetOEMCP
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
ExitProcess
RtlUnwind
TerminateProcess
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
lstrcmpiA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
RaiseException
MultiByteToWideChar
GetFileSize
CreateFileA
GlobalUnlock
GlobalFree
UnmapViewOfFile
CloseHandle
GetLastError
Sleep
GetSystemDirectoryA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GlobalAddAtomA

user32

OffsetRect
CallWindowProcA
DefWindowProcA
GetDlgCtrlID
RegisterClassA
GetClassInfoA
AdjustWindowRectEx
GetMenu
SetForegroundWindow
MapWindowPoints
LoadIconA
GetMessagePos
GetMessageTime
DestroyWindow
GetTopWindow
GetDlgItem
GetForegroundWindow
GetWindowTextA
SetFocus
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassInfoExA
GetClassLongA
CreateWindowExA
GetCapture
WinHelpA
RegisterWindowMessageA
IntersectRect
SetWindowTextA
ShowWindow
wsprintfA
GetSysColorBrush
DestroyMenu
PostQuitMessage
UnregisterClassA
CharUpperA
GetWindowLongA
SetWindowLongA
CopyRect
GetWindowRect
ReleaseCapture
GetParent
SetCapture
InvalidateRect
SetWindowPos
LoadCursorA
SetCursor
EnableWindow
KillTimer
SetTimer
RedrawWindow
ReleaseDC
GetDC
GetClientRect
PostMessageA
WindowFromDC
LoadBitmapA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
PtInRect
GetWindow
GetSysColor
BeginPaint
EndPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
UnhookWindowsHookEx
SetMenuItemBitmaps
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
MessageBoxA
GetLastActivePopup
IsWindowEnabled
SendMessageA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu

gdi32

ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
SetWindowExtEx
MoveToEx
LineTo
GetClipBox
SetMapMode
SetTextColor
ScaleWindowExtEx
DeleteDC
GetStockObject
GetDCOrgEx
CreateSolidBrush
CreateFontA
GetObjectA
CreateCompatibleDC
SelectObject
GetWindowExtEx
Ellipse
BitBlt
GetTextExtentPoint32A
CreatePalette
DeleteObject
GetDeviceCaps
CreateDIBitmap
CreateBitmap
SaveDC
RestoreDC
SetBkColor
SetBkMode
CreatePen

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueA
RegSetValueExA

comctl32

ord17

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

oleaut32

VariantInit
VariantChangeType
VariantClear

Sections

.text
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lrdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5867698c14f2df9c84159b970c20fe5e

Headers

File Characteristics

PDB Paths

Imports

utpapi

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oleaut32

Sections

.text Size: 140KB - Virtual size: 138KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 260KB - Virtual size: 259KB

.lrdata Size: 76KB - Virtual size: 76KB

.text
Size: 140KB - Virtual size: 138KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 260KB - Virtual size: 259KB

.lrdata
Size: 76KB - Virtual size: 76KB