2024-05-15_c331edf74302ea9679f7e28ec36ace99_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-15_c331edf74302ea9679f7e28ec36ace99_icedid
Size

836KB
MD5

c331edf74302ea9679f7e28ec36ace99
SHA1

620819d4c9aefb3f8172a1ba84e6a05c9ac473af
SHA256

332ca03d064d30cd7393a921b5b79a3b610a86e3dbfe0c012af119c66099860c
SHA512

0776b727d78917f1b99a16765e7a9955ba2d6449235d1beaed9028e9eed8917864f238412e64876f2e6275f2aa13d89946e762f34c7ca6795809fde044c9ca8d
SSDEEP

24576:0h//98PSZ/yrRVtAvV+NsuaXBG2KgeLUScH:s/6SZ/y1VtAfuaXs2KgeLUxH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-15_c331edf74302ea9679f7e28ec36ace99_icedid

Files

2024-05-15_c331edf74302ea9679f7e28ec36ace99_icedid
.exe windows:4 windows x86 arch:x86

133c7add6d764de5c899cc03104af664

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\MyProject\PhraseBook\Release_NT\PhraseBook.pdb

Imports

kernel32

VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
TerminateProcess
HeapSize
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
HeapFree
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetCPInfo
GetUserDefaultLCID
EnumSystemLocalesA
IsValidCodePage
GetStringTypeA
GetStringTypeW
IsBadWritePtr
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetOEMCP
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapAlloc
FindNextFileA
FindFirstFileA
ExitProcess
RtlUnwind
GetStartupInfoW
GetFileTime
GetFileAttributesW
FileTimeToLocalFileTime
SetErrorMode
GetTickCount
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
ReadFile
lstrcmpiW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
LoadLibraryW
FileTimeToSystemTime
InterlockedIncrement
WritePrivateProfileStringW
GetPrivateProfileIntW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
GetModuleHandleA
FreeLibrary
GetModuleHandleW
GetVersionExA
FreeResource
SetLastError
GlobalFree
MulDiv
FormatMessageW
LoadLibraryA
GetProcAddress
LocalFree
DeleteCriticalSection
InitializeCriticalSection
SetCurrentDirectoryW
lstrcpyW
GetLocaleInfoW
DeleteFileW
WriteFile
CreateFileW
SetFilePointer
lstrcmpW
CreateMutexW
IsValidLocale
ReleaseMutex
CloseHandle
CreateDirectoryW
GetLastError
GetVersion
GetModuleFileNameW
RaiseException
lstrcpynW
WinExec
lstrcatW
MultiByteToWideChar
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GlobalSize
GlobalLock
GlobalAlloc
GlobalUnlock
GetPrivateProfileStringW
GetCurrentDirectoryW
lstrlenW
WideCharToMultiByte
InterlockedDecrement
FindResourceW
LoadResource
LockResource
GetCurrentProcessId
SizeofResource

user32

PostThreadMessageW
GetSysColorBrush
CharUpperW
GetMessageW
TranslateMessage
ValidateRect
PostQuitMessage
SetWindowContextHelpId
MapDialogRect
CharNextW
ReleaseCapture
SetCapture
InvalidateRgn
CopyAcceleratorTableW
UnionRect
SetRectEmpty
IsRectEmpty
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetCursorPos
WindowFromPoint
KillTimer
ClientToScreen
SetRect
DestroyMenu
InflateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthW
GetWindowTextW
SetParent
GetLastActivePopup
DispatchMessageW
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
TrackPopupMenu
IsWindowVisible
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetClassInfoW
RegisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CopyRect
PtInRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
GetMenuStringW
UnregisterClassW
MessageBoxA
LoadAcceleratorsW
MessageBeep
GetNextDlgGroupItem
RegisterClipboardFormatW
FindWindowW
GetWindowLongW
ShowWindow
SetForegroundWindow
TranslateAcceleratorW
RegisterWindowMessageW
PostMessageW
CreateWindowExW
SetWindowLongW
SetCursor
GetSystemMetrics
LoadIconW
LoadCursorW
GetForegroundWindow
GetDCEx
SetTimer
GetClientRect
GetWindowRect
IsIconic
SetMenu
GetMenu
GetMenuState
CheckMenuItem
DrawIcon
FillRect
LoadBitmapW
wsprintfW
MessageBoxW
ModifyMenuW
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
SendMessageW
IsClipboardFormatAvailable
GetClipboardData
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
LockWindowUpdate
UpdateWindow
LoadMenuW
GetSubMenu
EnableMenuItem
EnableWindow
InvalidateRect
GetKeyState
GetTopWindow

gdi32

GetCharWidthW
CreateFontW
GetRgnBox
GetTextColor
SetRectRgn
CombineRgn
GetMapMode
CreateCompatibleBitmap
SelectObject
Escape
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
StretchDIBits
PatBlt
CreateRectRgnIndirect
CreateSolidBrush
SetViewportOrgEx
GetStockObject
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
CreateFontIndirectW
IntersectClipRect
ExcludeClipRect
SetMapMode
RestoreDC
SaveDC
GetBkColor
ExtTextOutW
CreateCompatibleDC
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
OffsetViewportOrgEx

comdlg32

GetFileTitleW
GetSaveFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExW
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey
RegQueryValueW
RegEnumKeyW

shell32

SHGetSpecialFolderPathW
ShellExecuteW

comctl32

ImageList_AddMasked
ord17
ImageList_Destroy
ImageList_Create

shlwapi

PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
StgCreateDocfileOnILockBytes
CoTaskMemFree
CoTaskMemAlloc
CreateILockBytesOnHGlobal
CLSIDFromProgID
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

OleCreateFontIndirect
SystemTimeToVariantTime
SafeArrayDestroy
SafeArrayCreate
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnaccessData
SysStringLen
LoadRegTypeLi
DispCallFunc
VariantChangeType
VariantCopy
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
SysAllocString

Sections

.text
Size: 312KB - Virtual size: 310KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 537KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 416KB - Virtual size: 415KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

133c7add6d764de5c899cc03104af664

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 312KB - Virtual size: 310KB

.rdata Size: 88KB - Virtual size: 85KB

.data Size: 16KB - Virtual size: 537KB

.rsrc Size: 416KB - Virtual size: 415KB

.text
Size: 312KB - Virtual size: 310KB

.rdata
Size: 88KB - Virtual size: 85KB

.data
Size: 16KB - Virtual size: 537KB

.rsrc
Size: 416KB - Virtual size: 415KB