2024-06-08_132b7893ab900d91b64c559479f48575_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-08_132b7893ab900d91b64c559479f48575_icedid
Size

320KB
MD5

132b7893ab900d91b64c559479f48575
SHA1

67d09782db58bd30286712fe7e54777e44743d4f
SHA256

8bb9d84438c7563989a9b7f4eb507a3d4e4013e01e90a0b70cb32d3271c79c99
SHA512

5e47c922ec5caafc40856e9d38df63128d6fee6a1f0a46db822de4c4adb01ca002064eb821d060988b6fb892c9c53afd0b1e59a966aae29a786a9488126a1d17
SSDEEP

6144:MgAFasCl8RmiddEOs7B1gZ4CKZcn9+ltx59YjLGoeU0p:Mg3jKmiAp7B1akc9+cqL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-08_132b7893ab900d91b64c559479f48575_icedid

Files

2024-06-08_132b7893ab900d91b64c559479f48575_icedid
.exe windows:4 windows x86 arch:x86

75820bac4c295aa5e2d0e6da3915457d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\prog\中文小游戏\中国象棋大战\zgxqsrc\Release\qhmj.pdb

Imports

kernel32

HeapSize
SetStdHandle
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
TerminateProcess
SetHandleCount
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
HeapReAlloc
InterlockedExchange
GetCommandLineA
GetStartupInfoA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
RtlUnwind
ExitProcess
GetTickCount
SetErrorMode
GetFileTime
GetFileAttributesA
RaiseException
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
WritePrivateProfileStringA
WaitForSingleObject
CloseHandle
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
InterlockedDecrement
SetLastError
GlobalFree
FormatMessageA
LocalFree
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
lstrcpynA
GetModuleHandleA
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileIntA
MulDiv
FreeResource
GlobalAlloc
GlobalLock
GlobalUnlock
CompareStringW
CompareStringA
lstrcmpiA
GetVersion
GetLastError
MultiByteToWideChar
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
lstrcatA
lstrlenA
lstrcpyA
GetModuleFileNameA
WinExec
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetEnvironmentStringsW

user32

RegisterClipboardFormatA
PostThreadMessageA
GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
wsprintfA
CreateDialogIndirectParamA
EndDialog
GetCursorPos
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
EndPaint
BeginPaint
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
IsWindowEnabled
SetWindowTextA
IsDialogMessageA
GetMenuState
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetLastActivePopup
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
LoadIconA
PeekMessageA
MapWindowPoints
MessageBoxA
TrackPopupMenu
GetKeyState
SetForegroundWindow
IsWindowVisible
GetMenu
AdjustWindowRectEx
ScreenToClient
EqualRect
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
IntersectRect
IsIconic
GetWindowPlacement
GetWindow
CallWindowProcA
SetWindowPos
CopyImage
DrawIconEx
GetSystemMetrics
GetSystemMenu
MoveWindow
SystemParametersInfoA
GetWindowDC
GetMenuItemID
GetMenuItemCount
ShowWindow
GetFocus
UpdateWindow
GetWindowRgn
SetWindowRgn
GetDesktopWindow
CharUpperA
SetWindowLongA
LoadCursorA
CopyIcon
GetNextDlgGroupItem
MessageBeep
IsWindow
ReleaseCapture
SetCapture
RedrawWindow
PtInRect
EnumChildWindows
GetClassNameA
GetSysColor
GetSubMenu
InvalidateRgn
CopyAcceleratorTableA
IsRectEmpty
CharNextA
SetActiveWindow
SetRect
PostMessageA
SetCursor
DestroyMenu
GetWindowLongA
EnableWindow
WindowFromPoint
GetParent
GetNextDlgTabItem
GetActiveWindow
InvalidateRect
ClientToScreen
GetClientRect
GetWindowRect
SendMessageA
OffsetRect
InflateRect
CopyRect
GetDC
ReleaseDC
GetForegroundWindow

gdi32

ExtSelectClipRgn
CreateRectRgnIndirect
GetMapMode
GetTextColor
GetRgnBox
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetBkMode
RestoreDC
SaveDC
GetClipBox
CombineRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetBkColor
DeleteObject
CreateFontA
SelectClipRgn
CreateRectRgn
PtInRegion
CreateICA
GetDIBits
ExtCreateRegion
SelectPalette
StretchBlt
RealizePalette
GetDeviceCaps
GetTextExtentPoint32A
CreateFontIndirectA
CreateCompatibleBitmap
GetObjectA
CreateBitmap
CreateCompatibleDC
SelectObject
SetBkColor
BitBlt
SetTextColor
DeleteDC
GetStockObject

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA

comctl32

ord17

shlwapi

PathFindFileNameA
UrlUnescapeA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoRevokeClassObject
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleInitialize

oleaut32

OleLoadPicture
OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocStringLen
VariantInit
VariantClear
VariantChangeType

ws2_32

WSACleanup
WSAStartup

wininet

HttpOpenRequestA
InternetConnectA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
HttpQueryInfoA
HttpAddRequestHeadersA
InternetErrorDlg
InternetQueryDataAvailable
InternetCrackUrlA
InternetCanonicalizeUrlA

Sections

.text
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

75820bac4c295aa5e2d0e6da3915457d

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

wininet

Sections

.text Size: 200KB - Virtual size: 200KB

.rdata Size: 52KB - Virtual size: 50KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 52KB - Virtual size: 52KB

.text
Size: 200KB - Virtual size: 200KB

.rdata
Size: 52KB - Virtual size: 50KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 52KB - Virtual size: 52KB