2024-06-15_1848d8c40caed8bbf020ad6e4250dfb2_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-15_1848d8c40caed8bbf020ad6e4250dfb2_icedid
Size

1.5MB
MD5

1848d8c40caed8bbf020ad6e4250dfb2
SHA1

e1022d8572fedebe26b8cb656b7b9eab3374f47d
SHA256

3cf7daf1875b8ecfef2367e193b63ad9b6f1c6557e93d78f668e80ca7c57da5e
SHA512

4e73ca621ab3eb94edb048083f6a4a1179105c2e1fdb70fe801267a1f3582b9cd61f42978af1f7fe0168b547472e7f18c7e078d59fb490c1f68adb49a96661ca
SSDEEP

24576:iLcFcfUqXkpAoapjLPlULJXldp2+pGTkgNtkLF/Ppv9U59pwuTV/6O:iLcu2Fa2ldpvGTkg0LF/Ppv9UrpwuTlz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-15_1848d8c40caed8bbf020ad6e4250dfb2_icedid

Files

2024-06-15_1848d8c40caed8bbf020ad6e4250dfb2_icedid
.exe windows:5 windows x86 arch:x86

a84c1a0a3e52235a17b02f3ccc5340a0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Build\Mercury\BRANCH_MERCURY_1_4_0\Applications\bin\Release\DownloadAssistant.pdb

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

advapi32

DuplicateToken
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
AllocateAndInitializeSid
FreeSid
GetLengthSid
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW

iphlpapi

GetAdaptersInfo

kernel32

FileTimeToSystemTime
WritePrivateProfileStringW
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
FindFirstFileW
GetVolumeInformationW
GetFullPathNameW
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesW
GetFileSizeEx
GetFileTime
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
ExitThread
CreateThread
GetSystemTimeAsFileTime
HeapAlloc
RtlUnwind
RaiseException
HeapReAlloc
GetDriveTypeA
TlsFree
PeekNamedPipe
GetFileType
ExitProcess
HeapSize
VirtualProtect
VirtualAlloc
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetFullPathNameA
GetCurrentDirectoryA
SetStdHandle
GetTimeZoneInformation
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetProcessHeap
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
InterlockedDecrement
GetThreadLocale
InterlockedIncrement
ConvertDefaultLocale
lstrcmpA
CompareStringA
InterlockedExchange
GetModuleHandleA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
MulDiv
GlobalUnlock
FreeResource
lstrlenA
SetFileAttributesW
CreateFileW
FindFirstFileA
FindClose
GetCurrentThreadId
GetVersionExA
LoadLibraryA
GlobalMemoryStatus
GetCurrentProcessId
QueryPerformanceCounter
GetSystemTime
ExpandEnvironmentStringsA
GetExitCodeThread
SetLastError
CreateMutexA
CreateEventA
WaitForMultipleObjects
InterlockedCompareExchange
FlushConsoleInputBuffer
DuplicateHandle
SleepEx
FormatMessageA
GetLocaleInfoW
LocalAlloc
GetCurrentProcess
GetCurrentThread
GetSystemInfo
LoadLibraryExW
SetThreadPriority
SetEvent
ResetEvent
WideCharToMultiByte
lstrlenW
CreateEventW
LeaveCriticalSection
EnterCriticalSection
GetTickCount
DeleteCriticalSection
InitializeCriticalSection
SetThreadLocale
GetUserDefaultLangID
GetUserDefaultUILanguage
GetVersionExW
EnumResourceLanguagesW
LocalFree
FormatMessageW
TerminateThread
WaitForSingleObject
ResumeThread
SuspendThread
GetModuleHandleW
DeleteFileW
CreateDirectoryW
GetSystemDirectoryW
CreateProcessW
GetTempPathW
GetCurrentDirectoryW
FreeLibrary
GetProcAddress
LoadLibraryW
GetModuleFileNameW
GlobalFree
GlobalLock
GlobalAlloc
FindResourceExW
CloseHandle
ReleaseMutex
GetLastError
CreateMutexW
Sleep
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
GlobalFlags
ReadConsoleInputA
SetConsoleMode
GetFileInformationByHandle

user32

GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
CopyAcceleratorTableW
SetRect
IsRectEmpty
DestroyMenu
GetSysColorBrush
WindowFromPoint
GetWindowThreadProcessId
GetMessageW
GetCursorPos
ValidateRect
SetWindowContextHelpId
MapDialogRect
CharNextW
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetFocus
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
SetMenu
IsWindowVisible
CreateWindowExW
GetClassInfoExW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
CopyRect
GetMenu
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowTextLengthW
GetWindowTextW
GetWindow
SetFocus
PostThreadMessageW
GetMenuState
RegisterClipboardFormatW
CharUpperW
UnregisterClassW
SendDlgItemMessageW
MessageBeep
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
PostMessageW
DispatchMessageW
TranslateMessage
PeekMessageW
ReleaseCapture
SetCapture
PtInRect
LoadCursorW
SetCursor
SetWindowLongW
ReleaseDC
GetDC
DrawIcon
GetClientRect
GetSystemMetrics
LoadIconW
SetForegroundWindow
ShowWindow
IsIconic
BringWindowToTop
GetLastActivePopup
GetParent
GetWindowLongW
EnumChildWindows
GetClassNameW
GetClassInfoW
EnumWindows
MessageBoxW
SendMessageW
EnableWindow
GetWindowRect
UpdateWindow

gdi32

ScaleWindowExtEx
ExtSelectClipRgn
CreateBitmap
SetWindowExtEx
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetMapMode
GetRgnBox
GetWindowExtEx
GetViewportExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetTextExtentPoint32W
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateDCA
CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
SelectObject
GetObjectA
BitBlt
GetBitmapBits
DeleteObject
DeleteDC
GetStockObject
CreateFontIndirectW
GetObjectW
GetTextExtentExPointW

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
SHFileOperationW

comctl32

InitCommonControlsEx

shlwapi

PathIsUNCW
PathIsRelativeW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathFileExistsW

oledlg

OleUIBusyW

ole32

CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
OleCreateFontIndirect
VariantInit
VariantChangeType
VariantClear
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringLen
OleLoadPicture
SysAllocString
SysFreeString
SysStringLen

ws2_32

shutdown
__WSAFDIsSet
listen
accept
recvfrom
sendto
inet_ntoa
WSASetLastError
connect
getsockopt
getsockname
ntohs
ioctlsocket
send
select
inet_addr
setsockopt
bind
htons
gethostbyname
gethostname
socket
WSAStartup
WSAGetLastError
recv
closesocket
WSACleanup
WSAIoctl

Sections

.text
Size: 935KB - Virtual size: 934KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 219KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 287KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a84c1a0a3e52235a17b02f3ccc5340a0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

advapi32

iphlpapi

kernel32

user32

gdi32

comdlg32

winspool.drv

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 935KB - Virtual size: 934KB

.rdata Size: 219KB - Virtual size: 218KB

.data Size: 64KB - Virtual size: 88KB

.rsrc Size: 287KB - Virtual size: 287KB

.text
Size: 935KB - Virtual size: 934KB

.rdata
Size: 219KB - Virtual size: 218KB

.data
Size: 64KB - Virtual size: 88KB

.rsrc
Size: 287KB - Virtual size: 287KB