2024-05-25_aadce73d03207a4c1556cffbafe1893a_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-25_aadce73d03207a4c1556cffbafe1893a_icedid
Size

5.9MB
MD5

aadce73d03207a4c1556cffbafe1893a
SHA1

80d088905c93e02c7c7e97f947f5f0972b37fe11
SHA256

9028676840ee5e1890861229a0d62c28a843e82a20bc6452c4ba7182d032dd40
SHA512

3c3a22ee078f9e7e1d4525add6fbf2824a34f2780b383917e15f0cf4d93a4a32b43dd36942c61b04768d4c2a4be1809e85d0ab535be58fadb46242b325155dc2
SSDEEP

98304:UfQ3h1bisnV97XJicd4j0FmIbdgl6+MJNmzoOYAzbm:+GrbJnr7lsIbd1+ONmBYA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-25_aadce73d03207a4c1556cffbafe1893a_icedid

Files

2024-05-25_aadce73d03207a4c1556cffbafe1893a_icedid
.exe windows:4 windows x86 arch:x86

190156bf5e07221dc4042416ade4e3ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Cory\Google Drive\Flyff\Flight\Flyff Repack (v15) (rev2.4)\Source\Output\Neuz\Release\Neuz.pdb

Imports

d3d9

Direct3DCreate9

dsound

ord11

winmm

mmioDescend
mmioGetInfo
mmioCreateChunk
mmioRead
mmioSeek
mmioSetInfo
mmioAdvance
mmioWrite
mmioClose
mmioOpenA
mmioAscend
timeGetDevCaps
timeBeginPeriod
timeGetTime

imm32

ImmAssociateContext
ImmNotifyIME
ImmGetContext
ImmSetOpenStatus
ImmGetOpenStatus
ImmGetConversionStatus
ImmIsIME
ImmGetIMEFileNameA
ImmGetProperty
ImmGetCompositionStringW
ImmGetCandidateListW
ImmReleaseContext

ws2_32

inet_addr
gethostbyname
connect
WSAGetLastError
WSASetLastError
WSARecv
WSASocketA
htons
ntohs
htonl
getpeername
WSASend
WSACloseEvent
WSACreateEvent
WSAStartup
socket
WSACleanup
WSAResetEvent
WSAWaitForMultipleEvents
WSASetEvent
setsockopt
listen
WSAEventSelect
WSAAccept
send
WSAEnumNetworkEvents
gethostname
bind
shutdown
closesocket

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

GetFullPathNameA
CreateDirectoryA
GetSystemDirectoryA
CreateProcessA
GlobalUnlock
GlobalSize
GlobalLock
GlobalAlloc
GetDateFormatA
InitializeCriticalSectionAndSpinCount
GetLocalTime
GetCurrentDirectoryA
SetEvent
WaitForMultipleObjects
SetThreadPriority
CreateEventA
GetSystemInfo
GetQueuedCompletionStatus
GetOverlappedResult
PostQueuedCompletionStatus
CreateIoCompletionPort
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapCreate
SetUnhandledExceptionFilter
SetErrorMode
WriteFile
ReadFile
GetTempFileNameA
GetTempPathA
lstrcatA
GetProfileIntA
DebugBreak
FatalAppExitA
LocalFree
FormatMessageA
MapViewOfFile
GetFileSize
CreateFileMappingA
CreateFileW
UnmapViewOfFile
FindResourceW
InterlockedCompareExchange
GetProcessHeap
OutputDebugStringW
CreateToolhelp32Snapshot
Process32First
Process32Next
OpenProcess
GetExitCodeProcess
TerminateProcess
GetStringTypeExW
GetStringTypeExA
CreatePipe
GetEnvironmentVariableW
GetEnvironmentVariableA
CompareStringW
CompareStringA
lstrcmpiW
lstrlenW
GetVersion
GetLastError
RaiseException
MultiByteToWideChar
InitializeCriticalSection
OpenMutexA
CreateMutexA
ReleaseMutex
lstrcmpiA
CloseHandle
VirtualFree
CreateFileA
WaitForSingleObject
SetEnvironmentVariableA
GetLocaleInfoW
IsBadCodePtr
IsBadReadPtr
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetStdHandle
GetFileType
GetStdHandle
SetHandleCount
IsBadWritePtr
SetConsoleCtrlHandler
GetStringTypeW
GetStringTypeA
UnhandledExceptionFilter
GetTimeZoneInformation
LCMapStringW
LCMapStringA
GetCurrentProcessId
HeapSize
GetCommandLineA
GetStartupInfoA
FindNextFileA
GetTimeFormatA
VirtualQuery
VirtualProtect
CreateThread
ExitThread
GetSystemTimeAsFileTime
RtlUnwind
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetOEMCP
GetCPInfo
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GlobalFlags
SuspendThread
IsDBCSLeadByte
VirtualAlloc
DeleteFileA
ExitProcess
Sleep
lstrlenA
EnterCriticalSection
LeaveCriticalSection
lstrcmpA
GetTickCount
OutputDebugStringA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
lstrcpyA
GetFileAttributesA
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
MulDiv
lstrcpynA
QueryPerformanceCounter
QueryPerformanceFrequency
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
GetModuleHandleA
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetShortPathNameA
LocalAlloc
FlushFileBuffers
SetFilePointer
MoveFileA
GetFileTime
SetFileAttributesA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
SetLastError
GlobalFree
CopyFileA
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
ResumeThread
GlobalReAlloc
IsProcessorFeaturePresent
GetCurrentThreadId
GlobalHandle

user32

EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
CharNextA
GetKeyboardLayout
SetCapture
InflateRect
ReleaseCapture
FindWindowA
OffsetRect
GetIconInfo
DialogBoxParamA
EndDialog
CheckRadioButton
IsDlgButtonChecked
EnableWindow
GetDlgItem
ReleaseDC
LoadAcceleratorsA
PeekMessageA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
DestroyAcceleratorTable
DestroyMenu
PostQuitMessage
LoadIconA
AdjustWindowRect
LoadMenuA
GetWindowLongA
EnumDisplaySettingsA
ChangeDisplaySettingsA
SetWindowLongA
SetMenu
GetMenu
ClipCursor
EqualRect
SetRect
PtInRect
RegisterClassA
GetPropA
SetPropA
RemovePropA
DefWindowProcA
SetRectEmpty
GetClassInfoA
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuA
GetMenuItemID
AppendMenuA
GetMenuStringA
GetMenuState
IsWindowEnabled
GetLastActivePopup
GetParent
GetSysColorBrush
GetSysColor
UnhookWindowsHookEx
GetWindowTextA
GetWindowTextLengthA
ValidateRect
GetKeyState
IsWindowVisible
GetActiveWindow
GetClassNameA
SetWindowTextA
GetDesktopWindow
GetFocus
GetDlgCtrlID
GetWindow
ClientToScreen
SetScrollPos
GetScrollPos
CheckDlgButton
GetDlgItemInt
GetDlgItemTextA
SendDlgItemMessageA
SetDlgItemInt
SetDlgItemTextA
IsDialogMessageA
MoveWindow
ScrollWindowEx
FillRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetWindowDC
BeginPaint
EndPaint
GetWindowPlacement
IsIconic
IntersectRect
CallWindowProcA
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
AdjustWindowRectEx
UpdateWindow
ShowScrollBar
SetForegroundWindow
GetScrollRange
SetScrollRange
TrackPopupMenu
TrackPopupMenuEx
CharNextExA
MapWindowPoints
GetMessagePos
GetMessageTime
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
SetActiveWindow
GetForegroundWindow
IsChild
IsWindow
GetClassInfoExA
GetClassLongA
GetCapture
WinHelpA
RegisterWindowMessageA
LoadBitmapA
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
ModifyMenuA
SetMenuItemBitmaps
GetMenuItemInfoA
SetCursor
ShowOwnedPopups
DeleteMenu
DestroyIcon
GetNextDlgTabItem
CreateDialogIndirectParamA
GetDialogBaseUnits
GetClientRect
CopyRect
CreateDialogParamA
CreateWindowExA
GetWindowRect
SetWindowPos
DestroyWindow
ShowWindow
SetFocus
UnregisterClassA
CharUpperW
CharUpperA
CharLowerW
CharLowerA
SetWindowsHookExA
LoadStringA
GetAsyncKeyState
CallNextHookEx
SystemParametersInfoA
wsprintfA
MessageBoxA
PostMessageA
GetDC
SendMessageA
GetCursorPos
ScreenToClient
LoadCursorA
GetSystemMetrics
MessageBoxW
ScrollWindow

gdi32

ExtTextOutW
MoveToEx
CreateFontIndirectW
CreateFontIndirectA
GetFontLanguageInfo
GetTextMetricsW
GetTextMetricsA
SetBkMode
DPtoLP
PatBlt
GetMapMode
CombineRgn
SetRectRgn
CreateRectRgnIndirect
GetDCOrgEx
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
CreateBitmap
CreatePatternBrush
CreateDIBPatternBrushPt
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutA
GetCharacterPlacementW
GetCharacterPlacementA
GetObjectW
GetObjectA
GetDIBits
ExtTextOutA
EnumFontFamiliesExA
DeleteObject
DeleteDC
CreateCompatibleDC
SetMapMode
SelectObject
CreateDIBSection
SetTextColor
SetBkColor
SetTextAlign
CreateFontA
GetDeviceCaps
GetTextExtentPoint32A
GetStockObject
GetDeviceGammaRamp
SetDeviceGammaRamp
CopyMetaFileA
CreateDCA
SaveDC
RestoreDC
SetPolyFillMode
SetROP2
SetStretchBltMode
GetClipBox
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
SelectClipRgn
GetClipRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
StartDocA
PtVisible
RectVisible
CreateRectRgn

advapi32

CryptReleaseContext
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegOpenKeyA
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
RegCloseKey
RegCreateKeyA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueA

ole32

CoTaskMemFree
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
CreateBindCtx
StringFromGUID2
CoDisconnectObject
OleDuplicateData
ReleaseStgMedium
CoInitialize
CLSIDFromString
CoCreateInstance
CoUninitialize
CoTaskMemAlloc

oleaut32

SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysAllocStringLen
SysReAllocStringLen
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayLock
VariantTimeToSystemTime
VarBstrFromDate
SystemTimeToVariantTime
SysFreeString
VariantInit
SysAllocString
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
VariantClear
VarDateFromStr
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromCy
VariantCopy
VariantChangeType
SafeArrayRedim
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SysStringByteLen
SysAllocStringByteLen
SafeArrayPutElement
SysStringLen

mss32

_AIL_set_stream_loop_count@8
_AIL_pause_stream@8
_AIL_set_digital_master_volume_level@8
_AIL_stream_status@4
_AIL_last_error@0
_AIL_open_digital_driver@16
_AIL_startup@0
_AIL_shutdown@0
_AIL_close_stream@4
_AIL_service_stream@8
_AIL_start_stream@4
_AIL_close_digital_driver@4
_AIL_open_stream@12

neuzd

GetRegisterString
GetFirstStackTraceString
GetNextStackTraceString
GetFaultReason

comctl32

ord17

shlwapi

PathStripToRootA
PathFindExtensionA
PathRemoveExtensionA
PathIsUNCA
PathFindFileNameA

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

shell32

ExtractIconA
SHGetFileInfoA

Sections

.text
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 968KB - Virtual size: 964KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 220KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

190156bf5e07221dc4042416ade4e3ea

Headers

File Characteristics

PDB Paths

Imports

d3d9

dsound

winmm

imm32

ws2_32

version

kernel32

user32

gdi32

advapi32

ole32

oleaut32

mss32

neuzd

comctl32

shlwapi

oleacc

winspool.drv

comdlg32

shell32

Sections

.text Size: 4.7MB - Virtual size: 4.7MB

.rdata Size: 968KB - Virtual size: 964KB

.data Size: 76KB - Virtual size: 1.9MB

.rsrc Size: 220KB - Virtual size: 217KB

.text
Size: 4.7MB - Virtual size: 4.7MB

.rdata
Size: 968KB - Virtual size: 964KB

.data
Size: 76KB - Virtual size: 1.9MB

.rsrc
Size: 220KB - Virtual size: 217KB