2024-06-28_33f1817a3fd049e95cdf1e080d7b1f7b_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-28_33f1817a3fd049e95cdf1e080d7b1f7b_icedid
Size

1.0MB
MD5

33f1817a3fd049e95cdf1e080d7b1f7b
SHA1

9dbba7eed78ba5d7c678cd95e0d8adb7cf3ff3de
SHA256

bd0b4eeb4012dedfceb2a382d0afdbe91154166abd820eb5c6b597b3eb6cdbf0
SHA512

59f277c1da4d6e6273dd6e973cc9ce2a54cd81c6203ed0fa39ed83e2c260251a04ec43fb129c27faf07d118c2c3a9a7c7f3330ee690271eecd1abc7bbba7f34f
SSDEEP

24576:rBcmVSA2ydC/vdX+IxZZm4DJcahFVpdCX/xXuf:zSKdCt+IxZZ9JcEVdCX/xi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-28_33f1817a3fd049e95cdf1e080d7b1f7b_icedid

Files

2024-06-28_33f1817a3fd049e95cdf1e080d7b1f7b_icedid
.exe windows:4 windows x86 arch:x86

947657cd2068523662abc1f0c10e44fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\DownLoader\OnlineSetupV2\GirlsShow_together_select\SmallStationRelease\SetupTool.pdb

Imports

kernel32

LockFile
UnlockFile
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
GetFileAttributesA
GetFileTime
SetErrorMode
HeapAlloc
RtlUnwind
HeapFree
ExitThread
CreateThread
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
FlushFileBuffers
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
GetTimeZoneInformation
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
GlobalFlags
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
WritePrivateProfileStringA
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
InterlockedDecrement
GlobalAlloc
FormatMessageA
LocalFree
MulDiv
SetLastError
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
OutputDebugStringA
FatalExit
DebugBreak
SystemTimeToFileTime
SetFileTime
WaitForMultipleObjects
MoveFileA
ReadFile
GetFileSize
SetFilePointer
SetEndOfFile
OpenProcess
TerminateProcess
Sleep
FindNextFileA
RemoveDirectoryA
Module32First
CreateToolhelp32Snapshot
Process32First
Process32Next
CreateDirectoryA
RaiseException
lstrlenA
lstrcmpiA
CompareStringA
CompareStringW
GetVersion
CreateProcessA
WaitForSingleObject
DeleteFileA
GetTickCount
CreateMutexA
GetLastError
MultiByteToWideChar
WriteFile
GetLogicalDrives
GetDriveTypeA
GetDiskFreeSpaceExA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
FindFirstFileA
FindClose
GetLocalTime
GetModuleFileNameA
CreateFileA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
ExitProcess
SetUnhandledExceptionFilter
FreeLibrary
LoadLibraryA
GetProcAddress
CloseHandle

user32

CharNextA
ReleaseCapture
SetCapture
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
MapDialogRect
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
wsprintfA
GetCursorPos
WindowFromPoint
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
IsRectEmpty
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
EqualRect
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetDesktopWindow
SetRect
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
PostThreadMessageA
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
MessageBoxA
ReleaseDC
GetDC
RegisterClipboardFormatA
GetPropA
LoadCursorA
SetCursor
UnregisterClassA
CharUpperA
LoadIconA
KillTimer
SetTimer
UpdateWindow
ScreenToClient
GetSystemMenu
EnableMenuItem
DrawIcon
PtInRect
GetSystemMetrics
IsIconic
PostMessageA
InvalidateRect
GetWindowRect
CopyRect
SetLayeredWindowAttributes
EnableWindow
GetParent
GetClientRect
SendMessageA
GetClassNameA

gdi32

GetDeviceCaps
CreateRectRgnIndirect
GetBkColor
GetTextColor
GetRgnBox
GetWindowExtEx
GetViewportExtEx
DeleteObject
PtVisible
GetStockObject
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
CreateBitmap
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
GetTextExtentPoint32A
SetBkMode
CreateFontA
SetPixel
GetPixel
Rectangle
BitBlt
DPtoLP
GetMapMode
CreateCompatibleDC
GetObjectA
CreateCompatibleBitmap
RectVisible

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteExA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA

comctl32

ord17
_TrackMouseEvent

shlwapi

PathFileExistsA
PathRemoveBackslashA
PathAddBackslashA
PathQuoteSpacesA
PathCanonicalizeA
PathFindFileNameA
PathRemoveFileSpecA
PathFindExtensionA
UrlUnescapeA
PathStripToRootA
PathIsUNCA

oledlg

ord8

ole32

CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoInitializeEx
CoInitialize
CreateStreamOnHGlobal
CoFreeUnusedLibraries
OleUninitialize

oleaut32

OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
VariantCopy
SysAllocStringByteLen
SysStringLen
VariantChangeType
VariantClear
SafeArrayCopy
SafeArrayGetVartype
VariantInit
SafeArrayLock
SafeArrayUnlock
SafeArrayCreate
SafeArrayRedim
SafeArrayDestroy
SafeArrayGetUBound
SafeArrayGetLBound
SysAllocStringLen
SysFreeString

wininet

InternetSetOptionExA
InternetCrackUrlA
HttpOpenRequestA
InternetConnectA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
HttpQueryInfoA
HttpAddRequestHeadersA
InternetQueryDataAvailable
InternetCanonicalizeUrlA
InternetGetCookieExA

gdiplus

GdiplusStartup
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDisposeImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipAlloc
GdipFree
GdipDrawImageRectRectI
GdipDrawImageRectI
GdipDeleteGraphics
GdipCreateFromHDC
GdipSetImageAttributesColorKeys
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdiplusShutdown

ws2_32

WSAStartup

Sections

.text
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 616KB - Virtual size: 612KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

947657cd2068523662abc1f0c10e44fa

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

gdiplus

ws2_32

Sections

.text Size: 316KB - Virtual size: 315KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 12KB - Virtual size: 28KB

.rsrc Size: 616KB - Virtual size: 612KB

.text
Size: 316KB - Virtual size: 315KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 12KB - Virtual size: 28KB

.rsrc
Size: 616KB - Virtual size: 612KB