2024-07-10_0fbd1ce8d232ad3e51219385abf8aa98_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-10_0fbd1ce8d232ad3e51219385abf8aa98_icedid
Size

1.5MB
MD5

0fbd1ce8d232ad3e51219385abf8aa98
SHA1

8c74a80e6809275aab2dd68a7fbb54a0c70e3f85
SHA256

a5952ad89f8259fe52e89a156d34ce5e5c1d5df96bd3fef7c56eaff99e75ed2c
SHA512

d00fbe256c3f2ead38c4915237be48a63a8769f22de10fe19739fe2594ef3512b8fc2ec34623cca07b8e80ee4eaa95133dcd22d541ec3a153de4bbc1833b91ca
SSDEEP

24576:lbvvep7mFtdbIhTeKYTZUTVdzKfsut9fhHFkLsSCRfp46wR4YAgWWLMMVZMM+1:tvep7AtpIhT4lUxQFNfpWpAEMMHMMi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-10_0fbd1ce8d232ad3e51219385abf8aa98_icedid

Files

2024-07-10_0fbd1ce8d232ad3e51219385abf8aa98_icedid
.exe windows:4 windows x86 arch:x86

606f9bdb20f9ad65d93bafaa80a802bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Sting\Client_Util\StingRun\Release_Usa\StingRun.pdb

Imports

kernel32

SetEndOfFile
DuplicateHandle
SetErrorMode
VirtualProtect
VirtualAlloc
VirtualQuery
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetDriveTypeA
CreateDirectoryA
GetSystemTimeAsFileTime
GetCommandLineA
GetStartupInfoA
HeapSize
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
SetHandleCount
GetFileType
UnlockFile
IsValidCodePage
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
SetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTimeZoneInformation
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
LockFile
FlushFileBuffers
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
TlsGetValue
GetThreadLocale
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
FreeResource
GetModuleFileNameW
FormatMessageA
GetVersionExA
LoadLibraryA
GetProcAddress
GetProcessHeap
HeapAlloc
HeapReAlloc
HeapFree
GetVolumeInformationA
LocalAlloc
LocalFree
GetFileTime
FileTimeToLocalFileTime
FindFirstFileA
FindClose
FileTimeToSystemTime
GetFileAttributesA
ExitProcess
WriteFile
GetSystemInfo
MapViewOfFile
GetDiskFreeSpaceExA
CreateFileMappingA
MoveFileA
SetFilePointer
UnmapViewOfFile
IsBadReadPtr
LoadLibraryExA
FreeLibrary
SetLastError
GetModuleFileNameA
MulDiv
lstrcmpA
GetCurrentProcess
IsDBCSLeadByte
GetModuleHandleA
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetFullPathNameA
CreateFileA
GetFileSize
ReadFile
GlobalReAlloc
WritePrivateProfileStringA
GlobalAlloc
GlobalLock
GetPrivateProfileStringA
GlobalUnlock
GlobalFree
SetFileAttributesA
OpenProcess
GetExitCodeProcess
TerminateProcess
GetCurrentProcessId
CopyFileA
GetCurrentDirectoryA
CreateProcessA
CreateMutexA
ReleaseMutex
GetCurrentThreadId
DeleteFileA
CreateThread
Sleep
WaitForSingleObject
CloseHandle
lstrlenA
lstrcmpiA
CompareStringW
CompareStringA
lstrlenW
GetTickCount
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetACP
InterlockedExchange

user32

GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
TrackPopupMenu
GetKeyState
UpdateWindow
GetMenu
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
GetDlgCtrlID
OffsetRect
IntersectRect
GetWindowPlacement
SystemParametersInfoA
DestroyMenu
CreateDialogIndirectParamA
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMenuState
GetMenuItemID
GetMenuItemCount
RegisterWindowMessageA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
LoadCursorA
GetClassInfoExA
IsWindow
GetDesktopWindow
GetFocus
GetWindow
EndPaint
CallWindowProcA
DispatchMessageA
GetDlgItem
IsChild
InvalidateRgn
ReleaseDC
SetWindowPos
GetSysColor
SetFocus
MoveWindow
DefWindowProcA
CreateWindowExA
ShowWindow
CharNextA
DestroyWindow
UnregisterClassA
SetWindowLongA
SetWindowRgn
SetRect
RegisterClipboardFormatA
LoadMenuA
GetSubMenu
GetDC
GetWindowLongA
WindowFromPoint
GetActiveWindow
ClientToScreen
FindWindowA
MessageBoxA
SetWindowsHookExA
CallNextHookEx
ReleaseCapture
UnhookWindowsHookEx
GetParent
SetCapture
GetCapture
ScreenToClient
PtInRect
GetCursorPos
GetSystemMetrics
LoadIconA
EnableWindow
SetForegroundWindow
SetActiveWindow
IsWindowVisible
InvalidateRect
GetClientRect
GetWindowRect
IsIconic
PostMessageA
SendMessageA
AppendMenuA
CreatePopupMenu
DrawIcon
LoadBitmapA
CopyRect
GetLastActivePopup
GetForegroundWindow
RemovePropA
SetPropA
GetClassLongA
WinHelpA
SendDlgItemMessageA
CharUpperA
CheckMenuItem
EnableMenuItem
PostThreadMessageA
GetClassNameA
GetNextDlgGroupItem
IsRectEmpty
CopyAcceleratorTableA
MessageBeep
GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
SetCursor
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
GetWindowThreadProcessId
IsDialogMessageA
SetDlgItemTextA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
BeginPaint
ModifyMenuA
GetPropA

gdi32

GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreateBitmap
CreateRectRgnIndirect
GetMapMode
DPtoLP
GetBkColor
GetTextColor
GetRgnBox
GetClipBox
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
CreateDIBSection
ExtCreateRegion
DeleteObject
DeleteDC
StretchBlt
CombineRgn
CreateCompatibleBitmap
GetStockObject
CreateFontIndirectA
GetObjectA
BitBlt
CreateCompatibleDC
SelectObject

msimg32

TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegEnumKeyA
RegQueryValueExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA

shell32

Shell_NotifyIconA

comctl32

ord17

shlwapi

PathRemoveFileSpecA
PathFindFileNameA
PathFindExtensionA
PathStripToRootA
PathFileExistsA
PathIsUNCA

oledlg

ord8

ole32

CoTaskMemFree
CoCreateInstance
CLSIDFromProgID
CoTaskMemAlloc
CreateStreamOnHGlobal
StgOpenStorageOnILockBytes
CLSIDFromString
OleInitialize
OleUninitialize
CoGetClassObject
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemRealloc

oleaut32

VariantInit
VariantClear
SysAllocStringLen
SysAllocString
VarUI4FromStr
OleCreateFontIndirect
SysAllocStringByteLen
VariantChangeType
VariantCopy
SysStringLen
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString
OleLoadPicture

ws2_32

inet_addr
htons
connect
socket
send
WSACleanup
WSAStartup
recv
__WSAFDIsSet
select
closesocket

wininet

FtpOpenFileA
FtpGetFileSize
InternetOpenUrlA
HttpQueryInfoA
InternetOpenA
InternetConnectA
DeleteUrlCacheEntry
InternetReadFile
InternetCloseHandle

Sections

.text
Size: 372KB - Virtual size: 370KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1016KB - Virtual size: 1015KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

606f9bdb20f9ad65d93bafaa80a802bf

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

wininet

Sections

.text Size: 372KB - Virtual size: 370KB

.rdata Size: 116KB - Virtual size: 112KB

.data Size: 20KB - Virtual size: 74KB

.rsrc Size: 1016KB - Virtual size: 1015KB

.text
Size: 372KB - Virtual size: 370KB

.rdata
Size: 116KB - Virtual size: 112KB

.data
Size: 20KB - Virtual size: 74KB

.rsrc
Size: 1016KB - Virtual size: 1015KB