2024-06-12_643a59775a222a58dd55c0cd6ac7604b_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-12_643a59775a222a58dd55c0cd6ac7604b_icedid
Size

1.4MB
MD5

643a59775a222a58dd55c0cd6ac7604b
SHA1

05fcc36e40d8f65e408c721d1bcfacacc2b24705
SHA256

4357a5545549255ea8f901517f66c596646c0e5c114aad2ef135f4a52e44241f
SHA512

b7da3c7d1c536527fd8be2d6daed1dd6bbd7bb2a93d08ada3d2c197b04c10fa16388321da378b4887854e8e168f35b25e6dc66be9f137f1a75124d1c439ffc3c
SSDEEP

24576:SRjeFjbcl4SvGNfHX6lkbBP+WsHL9VdOXGDQwc/NYBc:SgNAl4406lAEtHL9VdQcDcQc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-12_643a59775a222a58dd55c0cd6ac7604b_icedid

Files

2024-06-12_643a59775a222a58dd55c0cd6ac7604b_icedid
.exe windows:5 windows x86 arch:x86

ba4ead762b8d1916041aa5870f122921

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\PublicDevCode\复件 PC_Test_New\Release\UIMain\UIMain.pdb

Imports

kernel32

GetFileAttributesW
GetFileSizeEx
GetFileTime
GetStartupInfoW
HeapFree
GetSystemTimeAsFileTime
UnhandledExceptionFilter
IsDebuggerPresent
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitProcess
HeapReAlloc
RtlUnwind
RaiseException
HeapSize
SetStdHandle
GetFileType
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
GlobalFlags
QueryPerformanceCounter
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
TlsFree
LocalReAlloc
VirtualFree
SetErrorMode
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
LocalAlloc
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
lstrcmpA
GetModuleHandleA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
GetVersionExA
FormatMessageW
LocalFree
GetThreadLocale
GetComputerNameW
ReadFile
CreatePipe
GetProcessHeap
HeapAlloc
GetLocalTime
InterlockedCompareExchange
CopyFileW
Process32NextW
TerminateProcess
OpenProcess
Process32FirstW
SetUnhandledExceptionFilter
lstrcmpW
lstrcpyW
GlobalAlloc
GlobalFree
MulDiv
GlobalUnlock
GlobalLock
CreateProcessW
GetSystemWindowsDirectoryW
OutputDebugStringW
GetTickCount
GetCurrentProcess
GetCurrentProcessId
CreateFileW
GetTempPathW
Module32NextW
Module32FirstW
CreateToolhelp32Snapshot
ResetEvent
SetEvent
CreateThread
CreateEventW
InterlockedExchange
WideCharToMultiByte
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
FindClose
FindNextFileW
FindFirstFileW
CreateDirectoryW
Sleep
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
ReleaseMutex
GetCurrentThreadId
WaitForSingleObject
DeleteFileW
GetModuleFileNameW
CloseHandle
CreateMutexW
lstrcmpiW
lstrlenW
FreeResource
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetLastError
SetLastError
GetCPInfo
MultiByteToWideChar
lstrlenA
GetVersionExW
GetVersion
InterlockedIncrement
InterlockedDecrement
FindResourceW
LoadResource
LockResource
SizeofResource

user32

EndPaint
BeginPaint
GetWindowDC
SetRectEmpty
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetLastActivePopup
GetTopWindow
GetMessageTime
MapWindowPoints
SetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
DefWindowProcW
GetMenu
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CreateDialogIndirectParamW
DestroyWindow
EndDialog
GetMenuStringW
GetWindowTextLengthW
GetWindowTextW
GetFocus
SetWindowPos
IsWindowEnabled
IsDialogMessageW
SetDlgItemTextW
GetDlgItemTextW
GetDlgItem
GetDlgCtrlID
GetWindow
CharNextW
TrackPopupMenu
SetActiveWindow
LoadMenuW
CheckMenuItem
EnableMenuItem
IsCharAlphaW
GetKeyState
IsWindowVisible
GetCursorPos
SetForegroundWindow
wsprintfW
DrawIcon
IsIconic
GetSystemMenu
SetLayeredWindowAttributes
UnhookWindowsHookEx
SetWindowsHookExW
CallWindowProcW
CallNextHookEx
RedrawWindow
LoadCursorW
GetMessagePos
SetWindowLongW
PtInRect
GetWindowThreadProcessId
SetTimer
KillTimer
GetWindowRect
EnableWindow
BringWindowToTop
SetFocus
FindWindowExW
EnumThreadWindows
GetClassNameW
MoveWindow
ChildWindowFromPoint
FindWindowW
IsWindow
ShowWindow
DispatchMessageW
TranslateMessage
PeekMessageW
ScreenToClient
UpdateWindow
MessageBoxW
SetWindowTextW
DestroyMenu
GetMessageW
CharUpperW
PostQuitMessage
MapDialogRect
SetWindowContextHelpId
CopyAcceleratorTableW
PostThreadMessageW
DrawStateW
OffsetRect
GetClientRect
RegisterClipboardFormatW
MessageBeep
GetNextDlgGroupItem
UnregisterClassW
IsRectEmpty
CopyRect
ReleaseCapture
SetCapture
InvalidateRgn
SendDlgItemMessageW
GetSysColor
FillRect
DrawEdge
SetRect
GetMenuItemInfoW
DrawTextW
SystemParametersInfoW
DrawIconEx
DestroyIcon
GetSystemMetrics
GetDesktopWindow
GetDC
ReleaseDC
AppendMenuW
GetMenuItemCount
ModifyMenuW
GetMenuState
GetMenuItemID
CreateMenu
CreatePopupMenu
GetSysColorBrush
LoadBitmapW
RemoveMenu
DeleteMenu
GetSubMenu
TabbedTextOutW
DrawTextExW
GrayStringW
DestroyCursor
DrawFocusRect
InflateRect
FrameRect
PostMessageW
GetActiveWindow
WindowFromPoint
ClientToScreen
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
SendMessageW
GetWindowLongW
ValidateRect

gdi32

SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreateRectRgnIndirect
GetMapMode
GetRgnBox
ScaleViewportExtEx
SetWindowOrgEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
CreateCompatibleDC
RestoreDC
SaveDC
StretchDIBits
CreateFontW
GetCharWidthW
GetClipBox
GetTextColor
GetBkColor
SetBkMode
SetDIBColorTable
GetDIBColorTable
StretchBlt
SetTextColor
SetBkColor
CreateBitmap
GetStockObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
Rectangle
PatBlt
SetPixel
GetPixel
GetObjectW
DeleteDC
DeleteObject
SelectObject
CreateDIBSection
Ellipse
GetTextExtentPoint32W
CreateFontIndirectW
GetBkMode
CreatePen
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleBitmap
SetMapMode

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueExW
RegCloseKey
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyW
RegOpenKeyExW
QueryServiceStatus
ControlService
StartServiceW
CloseServiceHandle
OpenServiceW
OpenSCManagerW
RegSetValueExW

shell32

SHFileOperationW
ExtractIconW
ShellExecuteW
Shell_NotifyIconW
ShellExecuteExW
SHGetSpecialFolderPathW

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathRemoveFileSpecW
PathFindFileNameW
PathAppendW
PathStripToRootW
PathIsUNCW
UrlUnescapeW
PathFindExtensionW
PathFileExistsW

oledlg

OleUIBusyW

ole32

CoRegisterMessageFilter
CoUninitialize
CoInitialize
CoCreateInstance
OleRun
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard

oleaut32

SysAllocStringByteLen
SysStringLen
SysAllocString
SysAllocStringLen
OleCreateFontIndirect
VariantClear
VariantChangeType
VariantInit
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SysFreeString
GetErrorInfo
VariantCopy

gdiplus

GdiplusStartup
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdiplusShutdown
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipDisposeImage
GdipFree
GdipAlloc
GdipCloneImage
GdipCreateBitmapFromScan0
GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePaletteSize
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits

dbghelp

MiniDumpWriteDump

ws2_32

gethostname
WSACleanup
WSAGetLastError
recvfrom
sendto
gethostbyname
WSAStartup
WSASocketW
setsockopt
inet_addr

rasapi32

RasGetConnectStatusW
RasHangUpW
RasValidateEntryNameW
RasSetEntryPropertiesW
RasDialW
RasGetConnectionStatistics
RasGetErrorStringW

iphlpapi

GetIfTable
GetAdaptersInfo

wininet

InternetOpenUrlW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
InternetQueryDataAvailable
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetCrackUrlW

Sections

.text
Size: 927KB - Virtual size: 927KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 374KB - Virtual size: 373KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 122KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ba4ead762b8d1916041aa5870f122921

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

dbghelp

ws2_32

rasapi32

iphlpapi

wininet

Sections

.text Size: 927KB - Virtual size: 927KB

.rdata Size: 374KB - Virtual size: 373KB

.data Size: 14KB - Virtual size: 32KB

.rsrc Size: 122KB - Virtual size: 124KB

.text
Size: 927KB - Virtual size: 927KB

.rdata
Size: 374KB - Virtual size: 373KB

.data
Size: 14KB - Virtual size: 32KB

.rsrc
Size: 122KB - Virtual size: 124KB