2024-06-25_31e893c17005be5db9e78ec8fdf40583_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-25_31e893c17005be5db9e78ec8fdf40583_icedid
Size

6.4MB
MD5

31e893c17005be5db9e78ec8fdf40583
SHA1

248bd42fbb0a4d99ee2b4cbcf534865c7daed1a2
SHA256

afecaf514965b240f17288fb7371f4739ff6f9dbdbe621e20337f951cc78e395
SHA512

2d63408042ce642c53bf2e50263c3b869f49b6d49abe204c30fbc0dee9a981632779e6c0965f09282e3c3a880d4a0e773f277eefaf497a7c3a5685ae1af35568
SSDEEP

98304:TsUjmk0yhvnAHsCj/Lvvh2QmJSBxMlNpOEhYYAzbt6:dmk0oPe/Lnh2QlBxMlNY2YYA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-25_31e893c17005be5db9e78ec8fdf40583_icedid

Files

2024-06-25_31e893c17005be5db9e78ec8fdf40583_icedid
.exe windows:4 windows x86 arch:x86

fe8a63f7e7f93b8ac46614e91c611deb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\root\Desktop\Erendora\Source v19\Output\Neuz\Release\Neuz.pdb

Imports

psapi

GetModuleBaseNameA
EnumProcesses

d3d9

Direct3DCreate9

dsound

ord11

winmm

mmioAdvance
mmioWrite
mmioDescend
timeGetTime
timeBeginPeriod
mmioCreateChunk
mmioSeek
mmioOpenA
mmioClose
timeGetDevCaps
mmioAscend
mmioGetInfo
mmioSetInfo
mmioRead

imm32

ImmAssociateContext
ImmNotifyIME
ImmGetContext
ImmSetOpenStatus
ImmGetOpenStatus
ImmGetConversionStatus
ImmIsIME
ImmGetIMEFileNameA
ImmGetProperty
ImmGetCompositionStringW
ImmGetCandidateListW
ImmReleaseContext

ws2_32

gethostname
WSAEnumNetworkEvents
WSAAccept
bind
setsockopt
WSASetEvent
WSAWaitForMultipleEvents
WSAResetEvent
htonl
WSASocketA
listen
send
ntohs
WSARecv
inet_addr
gethostbyname
WSACleanup
socket
WSAStartup
WSACreateEvent
WSACloseEvent
WSASend
getpeername
connect
WSAGetLastError
WSASetLastError
shutdown
closesocket
WSAEventSelect
htons

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

CreateDirectoryA
GetLocalTime
QueryPerformanceFrequency
QueryPerformanceCounter
lstrcpynA
lstrcatA
MulDiv
GetModuleFileNameA
CreateFileA
GetFullPathNameA
GetSystemDirectoryA
GlobalUnlock
GlobalSize
GlobalLock
GlobalAlloc
GetDateFormatA
TerminateThread
CreateThread
InitializeCriticalSectionAndSpinCount
GetCurrentDirectoryA
SetEvent
WaitForMultipleObjects
SetThreadPriority
CreateEventA
GetSystemInfo
CompareStringA
GetOverlappedResult
PostQueuedCompletionStatus
CreateIoCompletionPort
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapCreate
SetUnhandledExceptionFilter
SetErrorMode
WriteFile
ReadFile
GetTempFileNameA
GetTempPathA
IsProcessorFeaturePresent
GetProfileIntA
DebugBreak
FatalAppExitA
LocalFree
FormatMessageA
MapViewOfFile
GetFileSize
CreateFileMappingA
CreateFileW
UnmapViewOfFile
FindResourceW
InterlockedCompareExchange
GetProcessHeap
OutputDebugStringW
lstrcmpiW
lstrlenW
CreatePipe
GetVersion
RaiseException
MultiByteToWideChar
InitializeCriticalSection
OpenMutexA
CreateMutexA
ReleaseMutex
lstrcmpiA
SetLastError
GetFileAttributesA
VirtualFree
DeleteCriticalSection
GetCurrentProcess
GetLastError
InterlockedDecrement
LoadLibraryA
GetProcAddress
WriteProcessMemory
FreeLibrary
OpenProcess
CloseHandle
WaitForSingleObject
IsDBCSLeadByte
VirtualAlloc
DeleteFileA
ExitProcess
Sleep
lstrlenA
EnterCriticalSection
LeaveCriticalSection
lstrcmpA
GetTickCount
OutputDebugStringA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
SetEnvironmentVariableA
GetLocaleInfoW
IsBadCodePtr
IsBadReadPtr
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetStdHandle
GetFileType
GetStdHandle
SetHandleCount
SetConsoleCtrlHandler
GetStringTypeW
GetStringTypeA
UnhandledExceptionFilter
GetTimeZoneInformation
LCMapStringW
LCMapStringA
IsBadWritePtr
GetCurrentProcessId
HeapSize
GetCommandLineA
GetStartupInfoA
FindNextFileA
GetTimeFormatA
VirtualQuery
VirtualProtect
ExitThread
GetSystemTimeAsFileTime
RtlUnwind
GetPrivateProfileStringA
WritePrivateProfileStringA
InterlockedExchange
lstrcpyA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetShortPathNameA
GetVolumeInformationA
DuplicateHandle
InterlockedIncrement
GetModuleHandleA
CreateToolhelp32Snapshot
Process32First
Process32Next
GetExitCodeProcess
TerminateProcess
GetStringTypeExW
GetStringTypeExA
GetEnvironmentVariableW
GetEnvironmentVariableA
ResumeThread
CompareStringW
SetEndOfFile
UnlockFile
LockFile
CopyFileA
GlobalFree
GetCurrentThreadId
SuspendThread
FileTimeToSystemTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
GetFileTime
MoveFileA
SetFilePointer
CreateProcessA
GetQueuedCompletionStatus
GetPrivateProfileIntA
GetOEMCP
GetCPInfo
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GlobalFlags
FreeResource
LocalAlloc
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
FlushFileBuffers

user32

BeginPaint
PtInRect
GetSystemMetrics
MessageBoxA
wsprintfA
LoadCursorA
ScreenToClient
GetCursorPos
SendMessageA
GetDC
PostMessageA
SystemParametersInfoA
FindWindowA
GetWindowTextA
MessageBoxW
CharNextExA
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
CharNextA
GetKeyboardLayout
SetCapture
InflateRect
ReleaseCapture
OffsetRect
GetIconInfo
DialogBoxParamA
EndDialog
CheckRadioButton
IsDlgButtonChecked
EnableWindow
GetDlgItem
ReleaseDC
LoadAcceleratorsA
PeekMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
DestroyAcceleratorTable
DestroyMenu
PostQuitMessage
LoadIconA
AdjustWindowRect
LoadMenuA
GetWindowLongA
EnumDisplaySettingsA
ChangeDisplaySettingsA
SetWindowLongA
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuA
GetMenuItemID
AppendMenuA
GetMenuStringA
GetMenuState
ValidateRect
GetKeyState
IsWindowVisible
GetActiveWindow
GetMessageA
IsWindowEnabled
GetLastActivePopup
GetParent
GetWindow
GetWindowPlacement
IsIconic
IntersectRect
CallWindowProcA
GetDlgCtrlID
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
AdjustWindowRectEx
GetSysColor
UpdateWindow
ShowScrollBar
SetForegroundWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
TrackPopupMenu
TrackPopupMenuEx
ScrollWindow
MapWindowPoints
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
SetActiveWindow
GetForegroundWindow
IsChild
IsWindow
GetFocus
SendDlgItemMessageA
GetClassNameA
GetClassInfoExA
GetClassLongA
GetCapture
WinHelpA
RegisterWindowMessageA
CheckDlgButton
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDialogMessageA
SetWindowTextA
MoveWindow
ScrollWindowEx
LoadBitmapA
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
ModifyMenuA
SetMenuItemBitmaps
GetSysColorBrush
GetDesktopWindow
ClientToScreen
GetMenuItemInfoA
GetWindowTextLengthA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetWindowDC
FillRect
EndPaint
SetCursor
ShowOwnedPopups
DeleteMenu
DestroyIcon
GetNextDlgTabItem
CreateDialogIndirectParamA
GetDialogBaseUnits
SetMenu
GetMenu
EqualRect
SetRect
ClipCursor
RegisterClassA
GetPropA
SetPropA
RemovePropA
DefWindowProcA
SetRectEmpty
GetClassInfoA
GetClientRect
CopyRect
CreateDialogParamA
CreateWindowExA
GetWindowRect
SetWindowPos
DestroyWindow
ShowWindow
SetFocus
UnregisterClassA
CharUpperW
CharUpperA
CharLowerW
CharLowerA
SetWindowsHookExA
LoadStringA
GetAsyncKeyState
CallNextHookEx
EnumWindows

gdi32

GetCharacterPlacementW
GetCharacterPlacementA
GetObjectW
CreateFontIndirectA
GetDIBits
ExtTextOutA
EnumFontFamiliesExA
DeleteObject
DeleteDC
CreateCompatibleDC
SetMapMode
SetBkMode
CreateDIBSection
SetTextColor
SetBkColor
GetTextMetricsA
GetTextMetricsW
SetTextAlign
CreateFontA
GetDeviceCaps
GetTextExtentPoint32A
GetStockObject
CreateFontIndirectW
MoveToEx
ExtTextOutW
SelectObject
GetFontLanguageInfo
GetObjectA
DPtoLP
PatBlt
GetMapMode
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
CreatePatternBrush
CreateDIBPatternBrushPt
ExtSelectClipRgn
GetDeviceGammaRamp
SetDeviceGammaRamp
CopyMetaFileA
CreateDCA
GetDCOrgEx
GetClipBox
CreateBitmap
BitBlt
SaveDC
RestoreDC
SetPolyFillMode
SetROP2
SetStretchBltMode
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
SelectClipRgn
GetClipRgn
CreateRectRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocA
PtVisible
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolylineTo
PolyBezierTo
PolyDraw

advapi32

RegOpenKeyA
CryptAcquireContextA
CryptCreateHash
CryptHashData
RegCreateKeyExA
RegDeleteValueA
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyA
RegSetValueA

shell32

ExtractIconA
ShellExecuteA
SHGetFileInfoA

ole32

CoDisconnectObject
OleDuplicateData
ReleaseStgMedium
CoTaskMemAlloc
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CoInitialize
CLSIDFromString
CoCreateInstance
CoUninitialize
StringFromGUID2

oleaut32

VariantClear
SysStringLen
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
SysAllocStringLen
VariantInit
SysFreeString
SystemTimeToVariantTime
SafeArrayUnaccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayAccessData
SafeArrayCreate
VarBstrFromDate
SysAllocString
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysReAllocStringLen
VarDateFromStr
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromCy
VariantTimeToSystemTime

mss32

_AIL_open_digital_driver@16
_AIL_start_stream@4
_AIL_stream_status@4
_AIL_set_digital_master_volume_level@8
_AIL_pause_stream@8
_AIL_last_error@0
_AIL_startup@0
_AIL_set_stream_loop_count@8
_AIL_open_stream@12
_AIL_close_digital_driver@4
_AIL_close_stream@4
_AIL_service_stream@8
_AIL_shutdown@0

neuzd

GetFaultReason
GetRegisterString
GetFirstStackTraceString
GetNextStackTraceString

comctl32

ord17

shlwapi

PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathRemoveExtensionA

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

Sections

.text
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1020KB - Virtual size: 1016KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe8a63f7e7f93b8ac46614e91c611deb

Headers

File Characteristics

PDB Paths

Imports

psapi

d3d9

dsound

winmm

imm32

ws2_32

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

mss32

neuzd

comctl32

shlwapi

oleacc

winspool.drv

comdlg32

Sections

.text Size: 5.1MB - Virtual size: 5.1MB

.rdata Size: 1020KB - Virtual size: 1016KB

.data Size: 76KB - Virtual size: 2.2MB

.rsrc Size: 180KB - Virtual size: 178KB

.text
Size: 5.1MB - Virtual size: 5.1MB

.rdata
Size: 1020KB - Virtual size: 1016KB

.data
Size: 76KB - Virtual size: 2.2MB

.rsrc
Size: 180KB - Virtual size: 178KB