2024-06-15_a9cbeb958ee7db3e4a225d01798c345d_icedid_vidar

Sharing

Copy URL

Twitter E-mail

General

Target

2024-06-15_a9cbeb958ee7db3e4a225d01798c345d_icedid_vidar
Size

3.7MB
MD5

a9cbeb958ee7db3e4a225d01798c345d
SHA1

0a1b0552a9fe161fe8e4c028b89571b56a3128e8
SHA256

581479e4845049bd4aaebea5351d4f326a3826ca9bfa8270098ca4cd94b1bf5d
SHA512

b19b9a576ed3490229220d42f6822e8420694eb21bd6b684ee0e6aebc4d73c599aa82af8cd6b1ed7a73ee9cac30597d6597eaa4b61619ff0074dbefb33cad363
SSDEEP

98304:v2uc/m0OiXEp6tYPEebPktfyCtKSsx06w8vOxVrNF05anJ12jU5I9cXN:v2uc/m0OiXNtYPEebPktfyCt5sx06w8a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-15_a9cbeb958ee7db3e4a225d01798c345d_icedid_vidar

Files

2024-06-15_a9cbeb958ee7db3e4a225d01798c345d_icedid_vidar
.exe windows:4 windows x86 arch:x86

24e8f76b2f8f614f121e51e5f42d8278

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\svnnew\客户端\code\currentwork\HQClient\release\HQ.pdb

Imports

dbghelp

MiniDumpWriteDump

kernel32

GlobalFlags
SetErrorMode
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
ExitThread
CreateThread
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
RaiseException
RtlUnwind
SetStdHandle
GetFileType
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
TlsFree
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetACP
GetOEMCP
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCurrentDirectoryA
GetDriveTypeA
SetEnvironmentVariableA
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedIncrement
GetVolumeInformationW
DuplicateHandle
GetThreadLocale
GetFileTime
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetModuleFileNameW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
GetVersionExA
GlobalSize
GetModuleHandleA
DeleteFileA
AreFileApisANSI
GetTempPathA
GetDiskFreeSpaceA
LoadLibraryA
GetDiskFreeSpaceW
LockFileEx
FlushFileBuffers
ReadFile
GetFileAttributesA
FormatMessageA
GetSystemTimeAsFileTime
LockFile
UnlockFile
InterlockedCompareExchange
QueryPerformanceCounter
SetEndOfFile
SetFilePointer
GetFileSize
CreateFileA
GetFullPathNameA
GetFullPathNameW
GetProfileIntW
lstrcmpW
WritePrivateProfileSectionW
FormatMessageW
RemoveDirectoryW
SetFileAttributesW
WriteFile
lstrcpynW
LocalFree
InterlockedDecrement
ResetEvent
SetEvent
WaitForSingleObject
ResumeThread
MulDiv
CreateEventW
WideCharToMultiByte
GetWindowsDirectoryW
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
lstrcmpiW
lstrlenW
FreeResource
GetCPInfo
lstrlenA
GetVersionExW
GetVersion
FreeLibrary
DeleteCriticalSection
InitializeCriticalSection
WinExec
GetFileAttributesW
GetSystemTime
GlobalUnlock
GlobalLock
GlobalAlloc
GetTickCount
ExitProcess
GlobalFree
MultiByteToWideChar
FindClose
FindNextFileW
FindFirstFileW
lstrcpyW
GetTempPathW
DeleteFileW
WritePrivateProfileStringW
SetUnhandledExceptionFilter
GetCurrentDirectoryW
MoveFileW
CopyFileW
CreateDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
CreateFileW
Sleep
ReleaseMutex
CreateMutexW
GetPrivateProfileIntW
GetLastError
SetLastError
LoadLibraryW
GetProcAddress
GetModuleHandleW
CloseHandle
LockResource
GetPrivateProfileStringW
SizeofResource
LoadResource
FindResourceW
GetEnvironmentStringsW

user32

GetNextDlgGroupItem
PostThreadMessageW
IsChild
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageW
MapWindowPoints
TrackPopupMenu
SetScrollPos
GetMenu
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
SetScrollInfo
SetWindowPlacement
DefWindowProcW
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowTextLengthW
SetFocus
ShowWindow
MoveWindow
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
IsWindowEnabled
EndDialog
GetMenuStringW
EndPaint
BeginPaint
GetCaretPos
GetNextDlgTabItem
CopyAcceleratorTableW
DispatchMessageW
GetMessageW
GetDCEx
SetRectEmpty
InvalidateRgn
LoadImageW
wsprintfW
EqualRect
LockWindowUpdate
GetWindow
SetParent
GetScrollInfo
CallWindowProcW
IsRectEmpty
RedrawWindow
RegisterClipboardFormatW
CopyIcon
GetMessagePos
MessageBeep
OffsetRect
EnumChildWindows
DrawStateW
DrawFocusRect
GrayStringW
DrawTextExW
TabbedTextOutW
GetSubMenu
DeleteMenu
RemoveMenu
LoadBitmapW
GetSysColorBrush
CreateMenu
GetMenuItemID
GetMenuState
ModifyMenuW
GetMenuItemCount
DrawIconEx
GetMenuItemInfoW
GetSysColor
CopyRect
SetClipboardData
EmptyClipboard
DrawTextW
GetDC
AppendMenuW
UnregisterClassA
CreatePopupMenu
GetClassNameW
ClientToScreen
UpdateLayeredWindow
GetWindowDC
SetLayeredWindowAttributes
SetWindowRgn
SetWindowLongW
GetWindowLongW
UpdateWindow
IsWindow
IsZoomed
AnimateWindow
SetRect
InflateRect
GetKeyState
ReleaseDC
SetCapture
CloseClipboard
GetClipboardData
UnregisterClassW
CharNextW
CharUpperW
TranslateMessage
ValidateRect
SetWindowContextHelpId
MapDialogRect
OpenClipboard
IsClipboardFormatAvailable
CheckMenuItem
SystemParametersInfoW
FlashWindow
IsWindowVisible
GetForegroundWindow
LoadCursorW
SetCursor
GetWindowThreadProcessId
DestroyMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SendDlgItemMessageA
HideCaret
WinHelpW
GetCapture
PtInRect
ReleaseCapture
GetParent
GetFocus
EnableMenuItem
WindowFromPoint
ScreenToClient
GetLastInputInfo
DestroyIcon
GetCursorPos
KillTimer
DrawIcon
IsIconic
GetWindowRect
SetForegroundWindow
UnregisterHotKey
RegisterHotKey
GetDesktopWindow
SetWindowPos
SetTimer
GetWindowTextW
FindWindowW
EnumWindows
PostMessageW
PostQuitMessage
InvalidateRect
SendMessageW
InsertMenuW
GetSystemMenu
GetSystemMetrics
LoadIconW
EnableWindow
FillRect
GetClientRect
RegisterWindowMessageW

gdi32

SelectClipRgn
UnrealizeObject
GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CopyMetaFileW
GetTextColor
SetRectRgn
DPtoLP
GetCharWidthW
StretchDIBits
GetRgnBox
CreatePatternBrush
CreateBitmap
CreateRectRgnIndirect
CreateDCW
GetBkColor
GetDIBits
RealizePalette
SelectPalette
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetBkMode
SetBkColor
RestoreDC
CreateCompatibleDC
CreateCompatibleBitmap
CombineRgn
CreateRectRgn
GetTextMetricsW
SetStretchBltMode
GetMapMode
SetDIBColorTable
StretchBlt
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
PatBlt
SetPixel
GetPixel
GetObjectW
CreateDIBSection
CreateFontIndirectW
GetBkMode
GetDeviceCaps
DeleteDC
CreateRoundRectRgn
GetTextExtentPoint32W
Rectangle
CreatePen
SelectObject
EnumFontFamiliesW
DeleteObject
GetStockObject
CreateFontW
CreateSolidBrush
BitBlt
SaveDC

msimg32

GradientFill

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueExW
RegCloseKey
RegQueryValueW
RegDeleteValueW
RegSetValueExW
RegOpenKeyW
RegOpenKeyExW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW

shell32

SHFileOperationW
DragQueryFileW
DragFinish
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
Shell_NotifyIconW
ShellExecuteW

comctl32

ImageList_GetIconSize
_TrackMouseEvent
ImageList_Create
ImageList_SetBkColor
ImageList_AddMasked
ImageList_GetIcon
InitCommonControlsEx
ImageList_Destroy

shlwapi

PathIsDirectoryW
PathFileExistsW
PathAddBackslashW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
UrlUnescapeW

oledlg

OleUIBusyW

ole32

OleInitialize
CoInitialize
CreateStreamOnHGlobal
CoUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleCreateStaticFromData
CoCreateInstance
OleSetContainedObject
OleRun
CoTaskMemFree
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CLSIDFromProgID
CLSIDFromString
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CoGetClassObject
StgOpenStorageOnILockBytes
OleUninitialize
CoRegisterMessageFilter
CoRevokeClassObject
CoFreeUnusedLibraries

oleaut32

SysFreeString
GetErrorInfo
VariantCopy
OleCreateFontIndirect
SysStringLen
VariantChangeType
VarDateFromStr
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
VariantClear
VariantInit
SysAllocString
OleLoadPicture
SysAllocStringLen

ws2_32

ntohl
select
__WSAFDIsSet
recv
gethostbyname
htons
socket
connect
closesocket
send
WSAStartup
WSACleanup
inet_addr
htonl
sendto
recvfrom
ntohs
bind
gethostname
getsockname

gdiplus

GdipDrawImageRectI
GdipReleaseDC
GdipLoadImageFromStream
GdipCloneImage
GdipDisposeImage
GdipFree
GdipAlloc
GdipDrawImageRectRect
GdipGetImageHeight
GdipGetImageWidth
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipCreateFromHDC
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipDrawImageI
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipImageSelectActiveFrame
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipCreateBitmapFromStream
GdipDeleteGraphics
GdiplusShutdown
GdipGetImagePaletteSize
GdiplusStartup

iphlpapi

GetIfTable

winmm

PlaySoundW

wininet

InternetCloseHandle
InternetQueryOptionW
InternetCheckConnectionW
InternetCrackUrlW
HttpOpenRequestW
InternetOpenUrlW
InternetConnectW
HttpSendRequestExW
HttpEndRequestW
HttpSendRequestW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetSetOptionExW
HttpQueryInfoW
HttpAddRequestHeadersW
InternetQueryDataAvailable
InternetCanonicalizeUrlW

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 524KB - Virtual size: 520KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24e8f76b2f8f614f121e51e5f42d8278

Headers

File Characteristics

PDB Paths

Imports

dbghelp

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

gdiplus

iphlpapi

winmm

wininet

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 524KB - Virtual size: 520KB

.data Size: 32KB - Virtual size: 58KB

.rsrc Size: 112KB - Virtual size: 111KB

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 524KB - Virtual size: 520KB

.data
Size: 32KB - Virtual size: 58KB

.rsrc
Size: 112KB - Virtual size: 111KB