2024-06-27_6d0f8cc17fd06ebb968aa66654fa93ff_icedid_vidar

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-27_6d0f8cc17fd06ebb968aa66654fa93ff_icedid_vidar
Size

2.1MB
MD5

6d0f8cc17fd06ebb968aa66654fa93ff
SHA1

fb95f24986e20ea831ba9513832d4d29204c7696
SHA256

9676ef6ac25c5d0dff265f6ac6e435ae707f73e90af490aa866f2b38610f4eaa
SHA512

157057621999e19bf9d95c5459a784f13e1e8e45a0559b5936812a235eab208d675ffac3ad5171dc74b47188bbb53cfdc1601ce6508122a57d96a089e1d5709c
SSDEEP

49152:9OIPb0wG+sVhxlZYG12hIvt/0SGvwHGtovj/o7NcMVM1PhJHWU:MIoDtVr912hIV/WvwmtovjCcMVM1Phw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-27_6d0f8cc17fd06ebb968aa66654fa93ff_icedid_vidar

Files

2024-06-27_6d0f8cc17fd06ebb968aa66654fa93ff_icedid_vidar
.exe windows:5 windows x86 arch:x86

a28feef98220dcf92e994d2291706c1b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

language

?PC_PAROL_NA_NASTROIKI_KLIENTA@@3QBDB
?MSG_SETTINGS_ERR@@3QBDB
?ERR_LOG3_START@@3QBDB
?PC_CLEANED@@3QBDB
?PC_PAROL_NA_VHOD_V_PROGRAMMU@@3QBDB
?PROGRAM_FOR_CL_PASS@@3QBDB
?CANT_AQUIRE_CONTEXT@@3QBDB
?CANT_OPENCREATE_CONFIG@@3QBDB
?WARNING_V@@3QBDB
?TC_FILTER_DEFAULT@@3QBDB
?PROCESS_DB_OPEN_ERROR@@3QBDB
?PRNCTRL_OPEN_ERROR@@3QBDB
?PERSONS_DB_OPEN_ERROR@@3QBDB
?ERROR_V@@3QBDB
?RP_PASSCLEAN@@3QBDB
?VALUTA@@3QBDB

kernel32

GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GlobalAddAtomA
EncodePointer
GetSystemDirectoryW
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
FreeLibrary
LocalAlloc
LocalReAlloc
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesExA
GetFileSizeEx
GetFileTime
SetErrorMode
GlobalFlags
GetACP
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetOEMCP
GetCPInfo
lstrcpyA
VerSetConditionMask
VerifyVersionInfoA
GetTempPathA
GetTempFileNameA
Sleep
GetTickCount
GetProfileIntA
SearchPathA
VirtualProtect
GetDiskFreeSpaceA
FindResourceExW
RtlUnwind
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
SystemTimeToTzSpecificLocalTime
GetCommandLineA
GetSystemInfo
VirtualAlloc
VirtualQuery
CreateThread
ExitThread
ExitProcess
GetModuleHandleExW
AreFileApisANSI
HeapQueryInformation
SetStdHandle
GetFileType
GetTimeZoneInformation
GetConsoleMode
ReadConsoleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
IsValidCodePage
FindFirstFileExW
CreateDirectoryW
DeleteFileW
GetConsoleCP
GetStdHandle
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeW
SetFilePointerEx
CompareStringA
LCMapStringW
WriteConsoleW
OutputDebugStringW
CreateFileW
SetEnvironmentVariableA
GetVersionExA
GetCurrentThread
ResumeThread
SetThreadPriority
GetCurrentThreadId
WaitForSingleObject
FindResourceA
FreeResource
GetCurrentProcessId
CreateMutexA
ReleaseMutex
GetVolumeInformationA
LoadLibraryW
LoadLibraryA
lstrcmpiA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetCurrentProcess
DuplicateHandle
CloseHandle
OutputDebugStringA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
CreateFileA
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
SetLastError
MultiByteToWideChar
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
DecodePointer
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
MoveFileA
GetSystemTime
GetFileAttributesA
SetFileAttributesA
InterlockedCompareExchange
GetWindowsDirectoryA
SystemTimeToFileTime
GetLastError
FindFirstFileA
DeleteFileA
GetCurrentDirectoryA
FindClose
WideCharToMultiByte
FindResourceW
SizeofResource
LoadResource
LockResource
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetFileAttributesExW
CreateFileMappingW
GetDiskFreeSpaceW
LockFileEx
GetTempPathW
GetFileAttributesW
HeapValidate
HeapCreate
FormatMessageW
UnlockFileEx
UnmapViewOfFile
MapViewOfFile
CreateMutexW
GetFullPathNameW
GlobalHandle

user32

GetAsyncKeyState
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
MapVirtualKeyA
GetKeyNameTextA
UnionRect
GetSystemMenu
SetParent
SetLayeredWindowAttributes
EnumDisplayMonitors
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
LoadImageW
DrawEdge
DrawFrameControl
SetWindowRgn
IsMenu
UpdateLayeredWindow
MonitorFromPoint
TrackMouseEvent
LoadMenuW
GetComboBoxInfo
IsZoomed
PostThreadMessageA
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
SetRect
LockWindowUpdate
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
SetCursorPos
SetClassLongA
GetDoubleClickTime
CopyIcon
SetMenuDefaultItem
ModifyMenuA
RegisterClipboardFormatA
CharUpperBuffA
FrameRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
IsClipboardFormatAvailable
GetUpdateRect
SubtractRect
CreateMenu
MapDialogRect
DestroyCursor
GetWindowRgn
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
MapWindowPoints
LoadCursorW
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
MessageBeep
IsChild
CreateWindowExA
GetClassInfoExA
GetClassInfoA
CallWindowProcA
DefWindowProcA
GetMessageTime
RegisterWindowMessageA
SendDlgItemMessageA
FillRect
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
UnhookWindowsHookEx
SetCursor
ShowOwnedPopups
PostQuitMessage
PostMessageA
CallNextHookEx
SetWindowsHookExA
GetCursorPos
ValidateRect
GetKeyState
IsWindowVisible
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
GetDesktopWindow
SetActiveWindow
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
IsWindow
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongA
IsWindowEnabled
CharUpperA
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
UnregisterClassA
LoadIconW
GetClientRect
DrawIcon
GetSystemMetrics
EnableWindow
IsIconic
SendMessageA
LoadImageA
MessageBoxA
OffsetRect
SetRectEmpty
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
GetMenuDefaultItem
CreatePopupMenu
GetMenuItemInfoA
DestroyMenu
IntersectRect
GetIconInfo
DrawIconEx
IsRectEmpty
DrawFocusRect
GetNextDlgGroupItem
ReuseDDElParam
SetWindowPos
UnpackDDElParam
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
DestroyIcon
InvalidateRect
KillTimer
SetTimer
DeleteMenu
SystemParametersInfoA
CopyImage
RealChildWindowFromPoint
LoadCursorA
GetSysColorBrush
IsDialogMessageA
SetWindowTextA
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthA
RegisterClassA
InflateRect
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
GetWindow
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
EqualRect
EndDeferWindowPos
CopyRect
GetWindowTextA
RemovePropA
GetDlgCtrlID
GetPropA
GetMessagePos

gdi32

GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
CreateBitmap
GetDeviceCaps
CreateDCA
GetTextFaceA
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
GetBoundsRect
FillRgn
SetPaletteEntries
ExtFloodFill
SetPixelV
PtInRegion
FrameRgn
RoundRect
CreateRoundRectRgn
OffsetRgn
GetRgnBox
EnumFontFamiliesExA
Rectangle
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetObjectA
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
GetTextExtentPoint32A
GetTextMetricsA
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
CreateCompatibleBitmap
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
CopyMetaFileA

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumKeyExA
CryptAcquireContextA
CryptReleaseContext
CryptDeriveKey
CryptDestroyKey
CryptGetHashParam
CryptGenRandom
CryptEncrypt
CryptDecrypt
CryptCreateHash
CryptHashData
CryptDestroyHash
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA

shell32

SHGetFileInfoA
SHAppBarMessage
SHBrowseForFolderA
ShellExecuteA
DragFinish
DragQueryFileA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA

shlwapi

StrFormatKBSizeA
PathFindFileNameA
PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW

uxtheme

GetWindowTheme
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
OpenThemeData
CloseThemeData
GetThemeColor
GetCurrentThemeName
GetThemePartSize
IsAppThemed
GetThemeSysColor
DrawThemeText

ole32

CoTaskMemAlloc
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoDisconnectObject
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree

oleaut32

VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringByteLen
SysFreeString
SysAllocStringLen
SysAllocString

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdiplusShutdown

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 341KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a28feef98220dcf92e994d2291706c1b

Headers

DLL Characteristics

File Characteristics

Imports

language

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 341KB - Virtual size: 341KB

.data Size: 27KB - Virtual size: 57KB

.rsrc Size: 40KB - Virtual size: 39KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 341KB - Virtual size: 341KB

.data
Size: 27KB - Virtual size: 57KB

.rsrc
Size: 40KB - Virtual size: 39KB