2024-05-30_21c5866cd9460c7a4cffaa5d2d5525ea_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-30_21c5866cd9460c7a4cffaa5d2d5525ea_icedid
Size

2.7MB
MD5

21c5866cd9460c7a4cffaa5d2d5525ea
SHA1

8c2c825b0eea715e30075f303cba210b09577872
SHA256

0eb0bc130fbf00081724d5fa292d0b37c7e9c3a22355ebffcbfa28187f6fdd03
SHA512

cbfee4c4f628b0e458cc0db54b7cc95a640e90b9253394be3a723221d61f70bd6ba1dcd45b8e03121196734fd468b7f4f0ce15a3206c732d4602bdfe8b06e755
SSDEEP

24576:iEKG0AuJJM4ZcVXcpR0YqR64CmG/WkHDjXorAgZESUwAIZz:hqAuJJ3cVXEhD3aMwdUwAIZz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-30_21c5866cd9460c7a4cffaa5d2d5525ea_icedid

Files

2024-05-30_21c5866cd9460c7a4cffaa5d2d5525ea_icedid
.exe windows:5 windows x86 arch:x86

d156039a6138c9c6806321551da88dad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\CipherLab\TCC Compiler\Windows\FORGE AG\Release\ForgeAG.pdb

Imports

kernel32

GetFileTime
GetStartupInfoW
HeapAlloc
HeapFree
RtlUnwind
RaiseException
HeapReAlloc
Sleep
ExitProcess
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
GetFileSizeEx
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetCurrentDirectoryA
GetDriveTypeA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetFileAttributesW
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
lstrlenA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameW
GetVolumeInformationW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
InterlockedIncrement
GetCurrentProcessId
GetTickCount
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetModuleHandleA
InterlockedDecrement
GlobalAlloc
FormatMessageW
LocalFree
MulDiv
lstrlenW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
LoadLibraryA
FreeLibrary
lstrcmpW
GetVersionExA
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetPrivateProfileStringW
CreateDirectoryW
WriteFile
WritePrivateProfileStringW
lstrcpynW
ReadFile
SetFilePointer
CopyFileW
CreateFileW
SetCurrentDirectoryW
DeleteFileW
WaitForSingleObject
CloseHandle
CreateProcessW
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetLastError
SetLastError
GetCommandLineW
FindNextFileW
FindFirstFileW
GetModuleFileNameW
WideCharToMultiByte
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
IsDebuggerPresent
SizeofResource

user32

GetSysColorBrush
LoadCursorW
UnregisterClassW
SetCapture
IsRectEmpty
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
PostThreadMessageW
ValidateRect
IsZoomed
RegisterClipboardFormatW
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
GetMenuStringW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
GetMenuState
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
ReleaseCapture
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
DefWindowProcW
PtInRect
GetMenu
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
IsWindowEnabled
GetNextDlgTabItem
KillTimer
EnableWindow
SendMessageW
IsWindowVisible
DialogBoxParamW
LoadBitmapW
SetRectEmpty
DrawTextW
EndDialog
MessageBoxW
SetDlgItemTextW
ShowWindow
SetWindowLongW
GetDlgItem
CallWindowProcW
EndPaint
BeginPaint
CharUpperW
WindowFromPoint
SetRect
DestroyMenu
SetFocus
PostMessageW
CharNextW
GetWindowThreadProcessId
SetCursor
GetMessageW
TranslateMessage
EndDeferWindowPos
GetCursorPos
InvalidateRect
UpdateWindow
GetClientRect
GetWindowRect
GetParent
OffsetRect
GetFocus
GetDC
ReleaseDC
SetParent
LoadIconW
GetSystemMenu
AppendMenuW
CheckMenuItem
GetSubMenu
RemoveMenu
InsertMenuW
IsIconic
GetSystemMetrics
DrawIcon
GetWindow
GetDlgCtrlID
SetWindowPos
wsprintfW
GetMenuItemInfoW
GetMenuItemCount
SetMenuItemInfoW
GetMenuItemID
EnableMenuItem
DrawMenuBar
SetTimer
SystemParametersInfoW
GetSysColor
CopyRect
DrawFocusRect
InflateRect
TabbedTextOutW
FrameRect
GetClassNameW

gdi32

SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetTextMetricsW
GetTextExtentPoint32W
GetBkColor
GetTextColor
GetCharWidthW
StretchDIBits
CreateCompatibleBitmap
GetMapMode
GetRgnBox
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
IntersectClipRect
ExcludeClipRect
SetMapMode
RestoreDC
SaveDC
CreateRectRgnIndirect
GetObjectW
SetBkColor
GetClipBox
CreateBitmap
CreateCompatibleDC
CreatePen
LineTo
MoveToEx
SetTextColor
SetBkMode
DeleteObject
Rectangle
SelectObject
CreateSolidBrush
CreateFontW
GetStockObject

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
CommandLineToArgvW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathStripToRootW
PathIsDirectoryW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitializeEx
CoCreateInstance
CoUninitialize
OleInitialize
CoFreeUnusedLibraries
OleIsCurrentClipboard
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
OleFlushClipboard
CoRegisterMessageFilter
OleUninitialize

oleaut32

SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysStringLen
OleCreateFontIndirect
SysAllocString
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 542KB - Virtual size: 541KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 367KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 245KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d156039a6138c9c6806321551da88dad

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 542KB - Virtual size: 541KB

.data Size: 19KB - Virtual size: 367KB

.rsrc Size: 245KB - Virtual size: 244KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 542KB - Virtual size: 541KB

.data
Size: 19KB - Virtual size: 367KB

.rsrc
Size: 245KB - Virtual size: 244KB