2024-05-20_be10f92a9c6bfa6c8553ebaf4abe30f8_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-20_be10f92a9c6bfa6c8553ebaf4abe30f8_icedid
Size

365KB
MD5

be10f92a9c6bfa6c8553ebaf4abe30f8
SHA1

5d55f721584b37ccb7b17c6cb357106d19f8a6cd
SHA256

1453d8e302a1a4403b03cb4c85e521209b9bdfc05d0563d62eb8a9ffbe202a20
SHA512

533f10477766697734020d806f7d764717106f396da852a00602e01e88bd0f5f34482a01ef24fb4affc5ffeae4cd1eb7e96e151f1fe38eb19cf227e590e1c593
SSDEEP

3072:h8ikP4FIUpYBo2Iog4LyFEj3O7qs44NUgcSc69WjZX4jTDGaQ/xrHS9sf2QQRsEy:h9+avnYjcuTSW5VbSQQR0JVF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-20_be10f92a9c6bfa6c8553ebaf4abe30f8_icedid

Files

2024-05-20_be10f92a9c6bfa6c8553ebaf4abe30f8_icedid
.exe windows:4 windows x86 arch:x86

ce16f38a411a52f719e523c78422edc2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

U:\global\Release\bin\acad\WSCADMgrCtrlUtility.pdb

Imports

kernel32

HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetFileType
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
GetSystemInfo
VirtualQuery
SetStdHandle
SetEnvironmentVariableA
TerminateProcess
HeapReAlloc
RaiseException
GetCommandLineA
GetStartupInfoA
HeapFree
HeapAlloc
ExitProcess
RtlUnwind
WritePrivateProfileStringA
GetFileTime
FileTimeToLocalFileTime
SetErrorMode
FileTimeToSystemTime
GetOEMCP
GetCPInfo
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GlobalFlags
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
InterlockedDecrement
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
CloseHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
VirtualProtect
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
lstrcpyA
GetModuleHandleA
GetLastError
SetLastError
MulDiv
GlobalAlloc
FormatMessageA
lstrcpynA
LocalFree
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetProcAddress
lstrcmpiA
CompareStringW
CompareStringA
GetVersion
MultiByteToWideChar
InterlockedExchange
LoadLibraryA
FreeLibrary
GetModuleFileNameA
lstrlenA
GetFileAttributesA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SetHandleCount
SizeofResource

user32

GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
MapDialogRect
GetAsyncKeyState
wsprintfA
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
LoadBitmapA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
SetForegroundWindow
IsWindowVisible
UpdateWindow
ReleaseDC
GetMenu
PostMessageA
GetSysColor
AdjustWindowRectEx
ScreenToClient
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
EnableWindow
SendMessageA
GetKeyState
GetWindowPlacement
CopyRect
PtInRect
GetWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetActiveWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
CharUpperA
MessageBoxA
LoadIconA
GetDesktopWindow
GetWindowRect
GetParent
GetClientRect
DestroyMenu
LoadCursorA
GetSysColorBrush
SetCursor
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
EndPaint
BeginPaint
GetMenuCheckMarkDimensions

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
DeleteObject
SetMapMode
GetClipBox
RestoreDC
SaveDC
CreateBitmap
GetObjectA
SetBkColor
GetDeviceCaps
SetTextColor

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA
RegQueryValueA
RegCloseKey

comctl32

ord17
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA

oleaut32

VariantInit
VariantChangeType
VariantClear

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ruvjpbhk
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 144KB - Virtual size: 144KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ce16f38a411a52f719e523c78422edc2

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oleaut32

oleacc

Sections

.text Size: 124KB - Virtual size: 120KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 40KB - Virtual size: 36KB

ruvjpbhk Size: 8KB - Virtual size: 4KB

Size: 144KB - Virtual size: 144KB

.text
Size: 124KB - Virtual size: 120KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 40KB - Virtual size: 36KB

ruvjpbhk
Size: 8KB - Virtual size: 4KB