2024-07-25_adac16ceb3b49999220ba220ff837b92_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-25_adac16ceb3b49999220ba220ff837b92_icedid
Size

584KB
MD5

adac16ceb3b49999220ba220ff837b92
SHA1

77c1352d0eb9b154b12e2333e4067deb17eac0fd
SHA256

12b7731fb9a977ea6f9f4589c6ff2d2d5010c92d0238f365f257c60ea5c0deb2
SHA512

de8e614e551c7e75c4740503648f4b6c4594fc710202bbf7e423b4961afbd2ac92e24c8638cfc6e74a669d436b24b3e3cd33fad9f9e6d392a3eeed390120d3ea
SSDEEP

6144:Ntl8vDrCv/6QOCkNQh6tf0/FzK7sZitealJHuosMPaXuEfb/WkHwbrDG82iWsuHc:NtlemCzQ0p02tegmMPaXdLWyeK8y8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-25_adac16ceb3b49999220ba220ff837b92_icedid

Files

2024-07-25_adac16ceb3b49999220ba220ff837b92_icedid
.exe windows:4 windows x86 arch:x86

cbbfb7ff29039d4446c3dc08bc752cde

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipSaveImageToFile
GdipGetImageWidth
GdipGetImageHeight
GdipGetImageRawFormat
GdipGetImagePixelFormat
GdipImageRotateFlip
GdipDisposeImage
GdipGetAllPropertyItems
GdipCreateBitmapFromScan0
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipLoadImageFromFileICM
GdipFree
GdipLoadImageFromFile
GdipDeleteGraphics
GdipAlloc
GdipGetPropertySize

kernel32

FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetFullPathNameW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesW
GetFileTime
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
WritePrivateProfileStringW
GlobalFlags
SetErrorMode
GetTickCount
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
RtlUnwind
GetSystemTimeAsFileTime
RaiseException
HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
GetDriveTypeA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
SizeofResource
LockResource
LoadResource
FindResourceW
MultiByteToWideChar
GetLastError
CopyFileW
MoveFileW
FreeLibrary
GetProcAddress
LoadLibraryW
Beep
GetWindowsDirectoryW
lstrcpyW
GetModuleHandleA
lstrlenA
InterlockedDecrement
GetThreadLocale
InterlockedIncrement
FreeResource
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
GetCurrentProcessId
GlobalAddAtomW
lstrlenW
CloseHandle
ReleaseSemaphore
LocalFree
LocalHandle
WaitForSingleObject
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrcmpW
GetModuleHandleW
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
MulDiv
SetLastError
GetSystemInfo
GetVolumeInformationW
GetTempFileNameW
Sleep
GetCurrentProcess
GetExitCodeProcess
ExitProcess
GetExitCodeThread
TerminateThread
LocalAlloc
GlobalFree
SetFilePointer
GetModuleFileNameW
GetTempPathW
GetVersionExW
CreateDirectoryW
FindFirstFileW
FindNextFileW
FindClose
WideCharToMultiByte
GetFileSize
ReadFile
DeleteFileW
CreateFileW
WriteFile
GetLocalTime
lstrcatW
CreateSemaphoreW
CreateThread
SetHandleCount

user32

TabbedTextOutW
DrawTextExW
GrayStringW
ClientToScreen
BeginPaint
EndPaint
CharUpperW
WindowFromPoint
DestroyMenu
GetSysColorBrush
LoadCursorW
CopyAcceleratorTableW
IsRectEmpty
InvalidateRgn
MessageBeep
UnregisterClassW
RegisterClipboardFormatW
PostThreadMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
EqualRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
MessageBoxW
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
PostQuitMessage
GetMenuItemID
GetSubMenu
GetActiveWindow
EnableMenuItem
CheckMenuItem
CreatePopupMenu
IsCharAlphaW
wvsprintfW
GetForegroundWindow
UpdateWindow
GetDesktopWindow
GetMenuState
GetMenuItemCount
AppendMenuW
DrawEdge
SetClassLongW
GetDC
DrawTextW
GetWindow
GetClassNameW
SetWindowTextW
KillTimer
SetTimer
GetNextDlgGroupItem
GetParent
PostMessageW
DrawIconEx
ReleaseCapture
SetCapture
GetCapture
IsWindowVisible
ReleaseDC
GetWindowDC
FrameRect
InflateRect
CopyRect
DrawStateW
ShowWindow
MoveWindow
IsDialogMessageW
CharNextW
SetForegroundWindow
SetRect
SetWindowContextHelpId
MapDialogRect
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
RegisterWindowMessageW
ScreenToClient
LoadIconW
GetKeyState
LoadImageW
GetSystemMetrics
EnableWindow
GetFocus
InvalidateRect
GetClientRect
GetWindowRect
IsZoomed
IsIconic
SendMessageW
DrawIcon
DestroyIcon
PtInRect
UnregisterClassA
PeekMessageW

gdi32

CreateBitmap
GetClipBox
SetTextColor
GetObjectW
GetStockObject
GetTextColor
SaveDC
RestoreDC
SetBkMode
SetMapMode
LineTo
MoveToEx
GetViewportExtEx
GetWindowExtEx
PtVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreateRectRgnIndirect
GetMapMode
GetRgnBox
GetDeviceCaps
SetBkColor
CreateSolidBrush
DeleteObject
SelectObject
GetBkColor
CreatePen
SetPixel
GetTextExtentPoint32W
BitBlt
RoundRect
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
RectVisible
CreateFontW

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegOpenKeyExA
RegQueryValueExA
RegQueryValueExW
RegQueryValueW
RegEnumKeyW
RegOpenKeyW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegCloseKey

shell32

DragAcceptFiles
DragFinish
DragQueryFileW
SHGetDesktopFolder
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW
SHGetSpecialFolderPathW

comctl32

ord17

shlwapi

PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
StrRetToStrW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoTaskMemAlloc
CoRegisterMessageFilter
OleIsCurrentClipboard
CoRevokeClassObject
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoTaskMemFree
OleInitialize
CLSIDFromString
CLSIDFromProgID
OleFlushClipboard
OleUninitialize
CoGetClassObject

oleaut32

VariantCopy
OleCreateFontIndirect
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
OleLoadPicture
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString
SysFreeString

urlmon

URLDownloadToFileW

id3lib

?Link@ID3_Tag@@QAEIPBDG@Z
?GetMp3HeaderInfo@ID3_Tag@@QBEPBUMp3_Headerinfo@@XZ
??1ID3_Tag@@UAE@XZ
?HasV2Tag@ID3_Tag@@QBE_NXZ
?Find@ID3_Tag@@QBEPAVID3_Frame@@W4ID3_FrameID@@@Z
?Contains@ID3_Frame@@QBE_NW4ID3_FieldID@@@Z
?GetField@ID3_Frame@@QBEPAVID3_Field@@W4ID3_FieldID@@@Z
??0ID3_Tag@@QAE@PBD@Z

Sections

.text
Size: 376KB - Virtual size: 373KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cbbfb7ff29039d4446c3dc08bc752cde

Headers

File Characteristics

Imports

gdiplus

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

id3lib

Sections

.text Size: 376KB - Virtual size: 373KB

.rdata Size: 116KB - Virtual size: 113KB

.data Size: 16KB - Virtual size: 28KB

.rsrc Size: 72KB - Virtual size: 71KB

.text
Size: 376KB - Virtual size: 373KB

.rdata
Size: 116KB - Virtual size: 113KB

.data
Size: 16KB - Virtual size: 28KB

.rsrc
Size: 72KB - Virtual size: 71KB