2024-06-28_75d388b32b1a65659573030c66c11835_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-28_75d388b32b1a65659573030c66c11835_icedid
Size

535KB
MD5

75d388b32b1a65659573030c66c11835
SHA1

a9bd89291dec121647769323580aa92fe63a12d9
SHA256

50218d97e69c95d109cad75b758ec51ba8c2c55dd04af229b389dd5509df47af
SHA512

dc87cfcc99d8d0558c787984b87eb7ab84eb29d4e2c262fce510e354e312d0f4d84b6a8e96d007405340c0ed1a63cdd8e4d75ae18098a8dccb9916085eeea300
SSDEEP

12288:hqa/7dhZkDLCRvoFY8TbzrWrAupNuawcQW/QScELh:hphEL3WrAuHRQWoA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-28_75d388b32b1a65659573030c66c11835_icedid

Files

2024-06-28_75d388b32b1a65659573030c66c11835_icedid
.exe windows:4 windows x86 arch:x86

5058773594fa03085209dbd3766afee2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Build\LU\LU_2.22\2.22.6\Sources\LuUpdater\release\LuInstall.pdb

Imports

kernel32

GetVersionExW
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
RaiseException
RtlUnwind
HeapReAlloc
ExitThread
HeapSize
ExitProcess
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
Sleep
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
VirtualAlloc
GetTimeZoneInformation
GetFileTime
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetFileAttributesW
FileTimeToLocalFileTime
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
TerminateThread
VerifyVersionInfoW
VerSetConditionMask
GetExitCodeProcess
WaitForMultipleObjects
GetSystemInfo
GetSystemPowerStatus
GetDiskFreeSpaceExW
ReleaseMutex
OutputDebugStringW
CreateMutexW
FindClose
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetModuleHandleA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryW
LoadLibraryA
GetVersionExA
CompareStringW
GlobalFlags
lstrcmpW
CreateEventW
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
FileTimeToSystemTime
GetThreadLocale
GetVersion
InterlockedIncrement
FreeLibrary
InterlockedDecrement
GetModuleHandleW
GetProcAddress
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentProcessId
GetModuleFileNameW
MultiByteToWideChar
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
WideCharToMultiByte
SetLastError
WaitForSingleObject
GetLastError
CopyFileExW
CreateThread
GetCurrentProcess
DuplicateHandle
FindResourceW
OpenProcess
LoadResource
ReadFile
LockResource
CloseHandle
SizeofResource
lstrlenW
OpenEventW
InterlockedCompareExchange
WriteFile
GetCurrentThreadId
CreateFileW
LCMapStringA
WaitNamedPipeW

user32

SystemParametersInfoA
IsIconic
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
SetWindowPos
SetWindowLongW
IsWindow
GetDlgItem
CallWindowProcW
GetFocus
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
PtInRect
SetWindowsHookExW
CallNextHookEx
GetActiveWindow
IsWindowVisible
GetKeyState
CopyRect
PostMessageW
PeekMessageW
GetCursorPos
ValidateRect
GetWindowTextW
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnhookWindowsHookEx
GetWindowThreadProcessId
SendMessageW
AdjustWindowRectEx
RegisterClassW
GetClassInfoW
GetClassInfoExW
GetMenu
GetClientRect
SetForegroundWindow
LoadStringW
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
LoadIconW
LoadCursorW
UnregisterClassA
wsprintfW
FindWindowW
WinHelpW
RegisterClassExW
CreateWindowExW
ShowWindow
UpdateWindow
MapWindowPoints
GetMessagePos
GetMessageTime
GetTopWindow
GetForegroundWindow
RemovePropW
GetPropW
SetPropW
GetClassLongW
GetCapture
RegisterWindowMessageW
TabbedTextOutW
DrawTextW
CharUpperW
DestroyMenu
GrayStringW
SetWindowTextW
DrawTextExW
DestroyWindow
DefWindowProcW
BeginPaint
EndPaint
PostQuitMessage
GetSubMenu
GetMenuItemCount
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
GetMenuState
GetMenuItemID

gdi32

PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
DeleteDC
GetStockObject
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
DeleteObject
ScaleWindowExtEx
GetDeviceCaps

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

CryptImportKey
CryptAcquireContextW
CryptReleaseContext
CryptVerifySignatureW
CryptHashData
CryptDestroyHash
CryptCreateHash
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

SHGetSpecialFolderLocation
ShellExecuteExW
SHCreateDirectoryExW
SHGetPathFromIDListW

shlwapi

PathFindFileNameW
PathStripToRootW
PathCanonicalizeW
PathIsUNCW

ole32

CoTaskMemFree
CoTaskMemAlloc

oleaut32

VariantInit
VariantChangeType
VariantClear

setupapi

SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

msi

ord232
ord72
ord96
ord8

Sections

.text
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5058773594fa03085209dbd3766afee2

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

setupapi

version

msi

Sections

.text Size: 308KB - Virtual size: 307KB

.rdata Size: 100KB - Virtual size: 98KB

.data Size: 12KB - Virtual size: 33KB

.rsrc Size: 104KB - Virtual size: 104KB

.text
Size: 308KB - Virtual size: 307KB

.rdata
Size: 100KB - Virtual size: 98KB

.data
Size: 12KB - Virtual size: 33KB

.rsrc
Size: 104KB - Virtual size: 104KB