2024-06-25_6d42e17014c254100fe44b436aba8e39_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-25_6d42e17014c254100fe44b436aba8e39_icedid
Size

532KB
MD5

6d42e17014c254100fe44b436aba8e39
SHA1

a47ad4a35b6cb31117bd86508907789c50d97146
SHA256

163dcd6db1a0858080c3f9b48d9816e7f7e78bc6909a00c1435a8089d7b41a51
SHA512

39199bc7a41d1269283c6e571f323bdfc8850ca5c57631cca80e7eb5e3cf5f23183eaf993b5a8f58c6171ff36c5750c46ddd1fe9dcf6232d7ad14dda473ec0ed
SSDEEP

12288:UZ5gDQPsMviqkIsFBcWghhXBtCS1fiSzG5V6rMRgfRqn6DT5dksyAmz:U4Mvpx11fiSwfRgJ+6DT4dAm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-25_6d42e17014c254100fe44b436aba8e39_icedid

Files

2024-06-25_6d42e17014c254100fe44b436aba8e39_icedid
.exe windows:4 windows x86 arch:x86

f1a5223ed9dd8dfd09db667bbb28129a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Project\NyxLauncher_GOA\Release.English\NyxLauncher.pdb

Imports

kernel32

VirtualProtect
VirtualAlloc
VirtualQuery
ExitProcess
TerminateProcess
GetTimeFormatA
GetDateFormatA
ExitThread
CreateThread
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
HeapFree
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
SetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
SetEnvironmentVariableA
HeapAlloc
RtlUnwind
SetErrorMode
GetFileTime
FileTimeToLocalFileTime
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
GetOEMCP
GetCPInfo
FileTimeToSystemTime
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GlobalFlags
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
InterlockedDecrement
InterlockedIncrement
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcatA
lstrcmpW
GetProcAddress
SetLastError
GlobalAlloc
FormatMessageA
lstrcpynA
LocalFree
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
CreateProcessA
SetEndOfFile
GetCurrentThreadId
ReadFile
MoveFileA
WaitForMultipleObjects
SetFileAttributesA
CreateFileA
GetFileSize
SetFilePointer
WriteFile
CreateEventA
CloseHandle
SetEvent
WaitForSingleObject
CreateDirectoryA
GetFileAttributesA
GetModuleFileNameA
FindFirstFileA
DeleteFileA
FindClose
FindResourceExA
GetFullPathNameA
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
GetTickCount
Sleep
GetCurrentProcessId
LoadLibraryA
GetSystemInfo
GlobalMemoryStatus
MulDiv
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
QueryPerformanceCounter
GetTimeZoneInformation
QueryPerformanceFrequency
GetProcessHeap

user32

GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
IsChild
GetForegroundWindow
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxA
GetKeyState
IsWindowVisible
UpdateWindow
GetMenu
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
CallWindowProcA
IntersectRect
GetWindowPlacement
GetFocus
GetDlgCtrlID
IsDialogMessageA
SendDlgItemMessageA
GetWindowTextLengthA
GetWindowTextA
GetWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
RegisterClipboardFormatA
CreateDialogIndirectParamA
IsWindow
IsWindowEnabled
GetParent
EndDialog
GetSysColor
MoveWindow
SetCapture
ReleaseCapture
SystemParametersInfoA
SetTimer
SetCursor
GetCursorPos
ScreenToClient
PtInRect
OffsetRect
EqualRect
FrameRect
InflateRect
SetWindowRgn
SetWindowTextA
KillTimer
LoadCursorA
IsRectEmpty
SetRectEmpty
CopyRect
LoadImageA
wsprintfA
CreateWindowExA
SetWindowLongA
GetWindowLongA
DefWindowProcA
PeekMessageA
TranslateMessage
DispatchMessageA
GetWindowRect
GetClientRect
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
DrawTextExA
SetRect
DestroyMenu
DestroyWindow
GetDesktopWindow
SetActiveWindow
SetForegroundWindow
SetWindowPos
OpenIcon
InvalidateRect
LoadAcceleratorsA
UnregisterClassA
LoadIconA
TranslateAcceleratorA
GetSystemMetrics
GetUpdateRect
IsIconic
PostMessageA
PostThreadMessageA
DrawIcon
CharUpperA
EnableWindow
GetDlgItem
ShowWindow
SetFocus
GetDC
SendMessageA
ReleaseDC
GetNextDlgTabItem
GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
CallNextHookEx
DrawTextA
TabbedTextOutA
GetMessageA
ValidateRect
CharNextA
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
RegisterWindowMessageA
WinHelpA
GetCapture
GetActiveWindow
SetWindowsHookExA

gdi32

GetTextColor
SaveDC
RestoreDC
SetBkMode
SetMapMode
GetViewportExtEx
GetWindowExtEx
PtVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
GetBkColor
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreateRectRgnIndirect
GetMapMode
GetRgnBox
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
SelectClipRgn
CreateRectRgn
FrameRgn
CreateRoundRectRgn
CreatePolygonRgn
GetStockObject
GetObjectA
CreateBrushIndirect
RectVisible
SetDIBitsToDevice
StretchDIBits
GetDIBits
CreateCompatibleDC
GetDeviceCaps
CreateDIBSection
DeleteObject
DeleteDC
CreateSolidBrush
BitBlt
GetTextExtentPoint32A
SelectObject

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegOpenKeyA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCloseKey

shell32

ShellExecuteA

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoTaskMemFree
OleFlushClipboard
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
OleIsCurrentClipboard
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter

oleaut32

SysFreeString
SysAllocStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
OleCreateFontIndirect
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString
SysStringLen

ws2_32

WSACleanup
htonl
bind
listen
sendto
WSACreateEvent
WSAEventSelect
WSAEnumNetworkEvents
WSACloseEvent
accept
recv
shutdown
inet_addr
gethostbyname
WSAStartup
socket
htons
inet_ntoa
connect
ioctlsocket
WSAAsyncSelect
setsockopt
WSAGetLastError
send
closesocket

ddraw

DirectDrawCreate

wininet

HttpOpenRequestA
InternetOpenA
InternetCrackUrlA
InternetConnectA
InternetSetStatusCallback
InternetOpenUrlA
InternetSetCookieA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
InternetSetOptionA
InternetCloseHandle

Sections

.text
Size: 344KB - Virtual size: 341KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1a5223ed9dd8dfd09db667bbb28129a

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

ddraw

wininet

Sections

.text Size: 344KB - Virtual size: 341KB

.rdata Size: 104KB - Virtual size: 102KB

.data Size: 12KB - Virtual size: 24KB

.rsrc Size: 68KB - Virtual size: 65KB

.text
Size: 344KB - Virtual size: 341KB

.rdata
Size: 104KB - Virtual size: 102KB

.data
Size: 12KB - Virtual size: 24KB

.rsrc
Size: 68KB - Virtual size: 65KB