2024-05-16_ea54e1046fc5d43d8bd3eb8979b99da5_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-16_ea54e1046fc5d43d8bd3eb8979b99da5_icedid
Size

2.4MB
MD5

ea54e1046fc5d43d8bd3eb8979b99da5
SHA1

70a10247c28352d32bf22c01222d5c682391dcd8
SHA256

9c67d82e75bbac1028d0c7c358c22e849899b0b710c2e02a9276af09edf326c9
SHA512

85e421bb1465ea7780d398ea8af7cc4b55d2831d265c614c56d68251fdd698d29657267a53580c700e9e2a8761cbdd65fb67f2b864391cb3c4ec86cc97802753
SSDEEP

12288:1gbfcKx1CQTb2ById6LN0ac+m2E9w+TU41Q0l+9hMevz0oiVi0:2fcPqayIV2Aw0U4Q0l+DMOzt+5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-16_ea54e1046fc5d43d8bd3eb8979b99da5_icedid

Files

2024-05-16_ea54e1046fc5d43d8bd3eb8979b99da5_icedid
.exe windows:4 windows x86 arch:x86

b97254899d0a0360d6f3ae8d6b7674af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Astel\Projects\LiveViewer\bin\SMS.pdb

Imports

kernel32

IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
LCMapStringA
GetTimeZoneInformation
GetStdHandle
SetHandleCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
CreateMutexA
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
WritePrivateProfileStringA
MultiByteToWideChar
RaiseException
GetVersion
lstrcmpiA
lstrlenW
lstrlenA
CompareStringA
CompareStringW
GetFileSize
SetFilePointer
GlobalAlloc
MulDiv
GetModuleHandleA
GetSystemInfo
ReadFile
CreateFileA
WriteFile
RemoveDirectoryA
GetTickCount
GlobalLock
GlobalUnlock
CreateEventA
LocalAlloc
LocalFree
WaitForSingleObject
SetEvent
FreeResource
GetCPInfo
GetLocalTime
GetExitCodeThread
TerminateThread
GetDriveTypeA
GetDiskFreeSpaceExA
GetStringTypeW
GetStringTypeA
GetLastError
ReleaseMutex
CreateDirectoryA
SetFileAttributesA
LoadLibraryA
GetCurrentProcessId
QueryPerformanceCounter
SetStdHandle
HeapSize
HeapReAlloc
GetCommandLineA
GetStartupInfoA
VirtualQuery
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
TerminateProcess
GetFileType
CreateThread
ExitThread
RtlUnwind
ExitProcess
Sleep
DeleteCriticalSection
GetProcAddress
GetCurrentDirectoryA
SetCurrentDirectoryA
InterlockedIncrement
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
lstrcpynA
Beep
GetPrivateProfileIntA
CloseHandle
GetPrivateProfileStringA
DeleteFileA
CopyFileA
WinExec
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
SetErrorMode
GetFileTime
GetFileAttributesA
GetOEMCP
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
FindFirstFileA
FindNextFileA
FindClose
SetThreadPriority
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
InterlockedDecrement
SetLastError
GlobalFree
FormatMessageA
GetSystemDirectoryA
MoveFileExA
GetModuleFileNameA
LocalLock
LocalUnlock
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
FreeLibrary
InterlockedExchange

user32

DrawTextExA
GrayStringA
DestroyIcon
DrawIconEx
SetParent
LockWindowUpdate
CreateMenu
DrawEdge
FillRect
LoadBitmapA
CopyRect
SetRect
DrawTextA
EnableMenuItem
ClientToScreen
TabbedTextOutA
SetCapture
LoadCursorA
LoadIconA
SendMessageA
GetCursorPos
SetCursor
ReleaseCapture
EnableWindow
RedrawWindow
FindWindowA
wsprintfA
wvsprintfA
MessageBoxA
GetClientRect
ReleaseDC
GetDC
IsIconic
ModifyMenuA
CreatePopupMenu
GetMenuState
GetMenuItemID
GetMenuItemCount
AppendMenuA
ScreenToClient
GetSysColor
OffsetRect
GetKeyState
GetCapture
CheckMenuItem
UnregisterClassA
CharUpperA
SystemParametersInfoA
SetWindowRgn
SetForegroundWindow
DrawIcon
LoadImageA
GetSystemMetrics
GetSubMenu
GetClassInfoExA
GetWindowRect
SetTimer
SetWindowPos
GetAsyncKeyState
RegisterWindowMessageA
GetClassInfoA
DefWindowProcA
InflateRect
GetMessageA
GetFocus
SetFocus
GetDlgCtrlID
UpdateWindow
IntersectRect
PeekMessageA
TranslateMessage
DispatchMessageA
SetWindowLongA
GetWindowLongA
CallWindowProcA
PtInRect
PostMessageA
GetParent
InvalidateRect
DrawFocusRect
GetMenuItemInfoA
GetSysColorBrush
GetMenuStringA
EndDialog
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
IsWindow
DestroyWindow
CreateDialogIndirectParamA
SetActiveWindow
GetActiveWindow
GetDesktopWindow
UnhookWindowsHookEx
GetWindow
GetWindowPlacement
RegisterClassA
DeferWindowPos
EqualRect
AdjustWindowRectEx
GetMenu
IsWindowVisible
GetScrollPos
TrackPopupMenu
MapWindowPoints
GetMessagePos
GetMessageTime
GetTopWindow
GetLastActivePopup
GetForegroundWindow
GetWindowTextA
GetWindowTextLengthA
IsChild
SendDlgItemMessageA
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetDCEx
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
WinHelpA
GetDlgItemInt
SetDlgItemTextA
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetWindowDC
BeginPaint
EndPaint
PostQuitMessage
ValidateRect
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatA
WindowFromPoint
DestroyMenu
SetRectEmpty
CharNextA
IsRectEmpty
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
PostThreadMessageA
KillTimer

gdi32

GetDeviceCaps
GetStockObject
Polygon
ResetDCA
StartDocA
StartPage
EndPage
EndDoc
SetPixel
GetPixel
LPtoDP
DPtoLP
GetWindowExtEx
GetViewportExtEx
GetMapMode
GetBkColor
CreateBitmap
CreateDIBSection
DeleteDC
GetTextExtentPoint32W
Escape
ExtTextOutA
RectVisible
PtVisible
PatBlt
Rectangle
Ellipse
GetBkMode
CreateCompatibleBitmap
CreateFontIndirectA
SetBkColor
CreateSolidBrush
BitBlt
CreateRoundRectRgn
GetObjectA
GetRgnBox
GetTextColor
GetCharWidthA
CombineRgn
SetRectRgn
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
CreateRectRgn
SelectClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
RestoreDC
SaveDC
CreateRectRgnIndirect
GetClipBox
SetStretchBltMode
StretchDIBits
SelectObject
LineTo
CreatePen
MoveToEx
DeleteObject
CreateFontA
SetBkMode
SetTextAlign
GetTextExtentPoint32A
StretchBlt
CreateCompatibleDC
SetTextColor
TextOutA

comdlg32

PrintDlgA
GetFileTitleA
ChooseColorA
GetOpenFileNameA
GetSaveFileNameA

advapi32

RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegEnumKeyA

shell32

SHBrowseForFolderA
Shell_NotifyIconA
SHGetPathFromIDListA

ole32

StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoGetClassObject
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
OleInitialize

oleaut32

SysAllocString
SafeArrayDestroy
VariantCopy
VariantInit
SystemTimeToVariantTime
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
OleCreateFontIndirect
SysFreeString
VariantChangeType
VariantClear

odbc32

ord11
ord13
ord24
ord9
ord31
ord26
ord75
ord41
ord4

msimg32

TransparentBlt

comctl32

ImageList_GetIconSize
ImageList_Draw
ImageList_GetIcon
ord17
ImageList_DragLeave
ImageList_DragEnter
ImageList_DragShowNolock
ImageList_DragMove
ImageList_EndDrag
ImageList_BeginDrag
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Create
ImageList_AddMasked

shlwapi

PathIsUNCA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA

oledlg

ord8

ws2_32

recvfrom
sendto
connect
bind
htons
select
socket
accept
send
recv
inet_addr
gethostname
WSAStartup
gethostbyname
inet_ntoa
WSACleanup
__WSAFDIsSet
setsockopt
listen
ntohs
shutdown
closesocket

wininet

InternetCloseHandle
InternetGetLastResponseInfoA
InternetOpenA
InternetSetStatusCallback

winmm

waveOutReset
timeKillEvent
timeGetTime
waveOutGetNumDevs
timeBeginPeriod
waveOutClose
waveOutUnprepareHeader
waveOutPause
waveOutWrite
waveOutPrepareHeader
waveOutOpen
timeSetEvent

gdiplus

GdipCloneImage
GdipDisposeImage
GdipSaveImageToFile
GdipCreateBitmapFromScan0
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipFree
GdipGetImageGraphicsContext
GdipGetDC
GdipReleaseDC
GdiplusStartup
GdipDeleteGraphics
GdipAlloc

dsound

ord1

exceptionhandler

??0HPExceptionHandler@@QAE@XZ
??1HPExceptionHandler@@QAE@XZ
?Create@HPExceptionHandler@@QAEJH@Z

sms_sdk_h264_dec

PT_H264dec_Init
PT_H264dec_GetOneFrame
PT_H264dec_Uninit

ddraw

DirectDrawCreate
DirectDrawEnumerateExA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

Sections

.text
Size: 604KB - Virtual size: 601KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b97254899d0a0360d6f3ae8d6b7674af

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

odbc32

msimg32

comctl32

shlwapi

oledlg

ws2_32

wininet

winmm

gdiplus

dsound

exceptionhandler

sms_sdk_h264_dec

ddraw

winspool.drv

Sections

.text Size: 604KB - Virtual size: 601KB

.rdata Size: 124KB - Virtual size: 121KB

.data Size: 16KB - Virtual size: 1.9MB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.text
Size: 604KB - Virtual size: 601KB

.rdata
Size: 124KB - Virtual size: 121KB

.data
Size: 16KB - Virtual size: 1.9MB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB