2024-08-08_7ad8ebdfc74e398409e76d82e6c3a728_icedid_vidar

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-08_7ad8ebdfc74e398409e76d82e6c3a728_icedid_vidar
Size

7.2MB
MD5

7ad8ebdfc74e398409e76d82e6c3a728
SHA1

e0bea7ff5c5bc357e1ca79539bd6066eecfd3811
SHA256

75d6af3d2f51b4553a0e5463e1b8e494d707891e76ad9895f3b32390c1b2be9d
SHA512

3d8deec3402857334d4aa815f19f1aac9a905f0a4617c90bbe0a7098a2e442ac38a2171a3472a58e90c217784f2a2e015f3bd20c725e3a0ede03ff8903deaa98
SSDEEP

98304:yIWLJJBgom93Fz+A6ThQh5cGehHur2MXUWgDmmDf5xXKtzjX60Ng:ybLJEo1PGMPMRgDmmatnPg

Score

1^/10

Malware Config

Signatures

Files

2024-08-08_7ad8ebdfc74e398409e76d82e6c3a728_icedid_vidar
.exe windows:5 windows x86 arch:x86

910932608a38e98d2650638438b963b6

Code Sign

Certificate

Issuer

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

Not Before

29/06/2004, 17:06

Not After

29/06/2034, 17:06

Subject

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

1b:e7:15
Certificate

Issuer

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

Not Before

01/01/2014, 07:00

Not After

30/05/2031, 07:00

Subject

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

07
Certificate

Issuer

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

03/05/2011, 07:00

Not After

03/05/2031, 07:00

Subject

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6c:2e:36:ad:af:9e:e4:14
Certificate

Issuer

CN=Starfield Services Root Certificate Authority,OU=http://certificates.starfieldtech.com/repository/,O=Starfield Technologies\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

16/03/2015, 07:00

Not After

16/03/2020, 07:00

Subject

CN=Starfield Services Timestamp Authority - G1,O=Starfield Technologies\, Inc.,L=Scottsdale,ST=Arizona,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

ee:15:3a:4f:3d:8c:2a:e3
Certificate

Issuer

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

25/05/2015, 22:34

Not After

25/05/2016, 22:34

Subject

CN=Secure Bit Technologies Private Limited,O=Secure Bit Technologies Private Limited,L=New Delhi,ST=Delhi,C=IN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

87:4d:32:f5:69:70:da:2e:14:8a:7f:82:c8:c3:94:dd:0b:91:a5:3b
Signer

Actual PE Digest

87:4d:32:f5:69:70:da:2e:14:8a:7f:82:c8:c3:94:dd:0b:91:a5:3b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Sujatha\Satheesh\SWIFTPCOPT\Sourcecode\SWIFTPCOPT\Release\Swift PC Optimizer.pdb

Imports

iphlpapi

GetAdaptersInfo

shell32

SHGetPathFromIDListW
SHGetMalloc
SHQueryRecycleBinW
SHGetDesktopFolder
SHGetFileInfoW
DragFinish
DragQueryFileW
SHAppBarMessage
SHBrowseForFolderW
SHEmptyRecycleBinW
ShellExecuteW
SHGetSpecialFolderLocation
SHGetFolderPathW
Shell_NotifyIconW
ShellExecuteExA

kernel32

SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
HeapDestroy
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetFileType
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
GetDriveTypeW
GetFullPathNameA
GetProcessHeap
SetEnvironmentVariableA
GetDiskFreeSpaceA
CreateFileMappingW
CreateFileMappingA
LoadLibraryA
LockFileEx
HeapValidate
GetFileAttributesA
FormatMessageA
UnlockFileEx
UnmapViewOfFile
MapViewOfFile
CreateFileA
InterlockedCompareExchange
SetStdHandle
HeapQueryInformation
VirtualQuery
VirtualAlloc
GetDateFormatA
GetTimeFormatA
HeapSize
HeapReAlloc
MoveFileA
CreateThread
ExitThread
DecodePointer
EncodePointer
HeapFree
HeapAlloc
GetDateFormatW
GetTimeFormatW
RtlUnwind
GetStartupInfoW
HeapSetInformation
FindResourceExW
VirtualProtect
GetDiskFreeSpaceW
GetUserDefaultLCID
SearchPathW
GetProfileIntW
GetNumberFormatW
GetTempFileNameW
GetCurrentDirectoryW
SetErrorMode
GetSystemDirectoryW
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InitializeCriticalSection
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
GetFullPathNameW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
lstrcmpiW
GetThreadLocale
GlobalFlags
SuspendThread
SetThreadPriority
GetFileTime
GetFileSizeEx
GetFileAttributesExW
SystemTimeToFileTime
lstrcmpA
RaiseException
ReleaseActCtx
CreateActCtxW
GetCurrentProcessId
GlobalGetAtomNameW
GlobalSize
CompareStringW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetLogicalDriveStringsW
GetPrivateProfileIntW
FindNextFileW
SetFileAttributesW
GetVolumeInformationW
GetPrivateProfileStringW
WritePrivateProfileStringW
FileTimeToLocalFileTime
FileTimeToSystemTime
TerminateProcess
FindClose
FindFirstFileW
ExpandEnvironmentStringsW
FormatMessageW
CopyFileW
CreateDirectoryW
GetShortPathNameW
LocalFree
lstrlenA
GetCommandLineW
CreateMutexW
GetSystemInfo
GetCurrentProcess
GlobalMemoryStatusEx
lstrcpynW
ExitProcess
GetFileAttributesW
CreateEventW
ResumeThread
SetEvent
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetTickCount
FreeResource
GetVersion
GetVersionExW
lstrcmpW
GetWindowsDirectoryW
FreeLibrary
lstrcatW
lstrlenW
lstrcpyW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
MulDiv
RemoveDirectoryW
ActivateActCtx
DeactivateActCtx
SetLastError
GetProcAddress
LoadLibraryW
InterlockedDecrement
CreateProcessW
Sleep
WaitForSingleObject
OutputDebugStringW
GetTempPathW
DeleteFileW
MoveFileExW
GetLastError
GetModuleHandleW
GetModuleFileNameW
CreateFileW
WriteFile
CloseHandle
WideCharToMultiByte
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
OutputDebugStringA
GetVersionExA
GetTempPathA
GetSystemTime
AreFileApisANSI
GetLocaleInfoA
DeleteFileA

user32

TrackPopupMenu
SetScrollRange
GetScrollRange
GetScrollPos
IsWindowVisible
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableMenuItem
ShowScrollBar
SetScrollPos
GetClassInfoW
DrawFrameControl
RegisterWindowMessageW
FrameRect
CloseClipboard
GetClipboardFormatNameW
EnumClipboardFormats
CountClipboardFormats
EmptyClipboard
OpenClipboard
FindWindowW
GetWindowPlacement
ShowWindow
GetSysColorBrush
GetScrollInfo
SetForegroundWindow
IsIconic
CheckMenuItem
DrawIcon
GetWindow
PeekMessageW
GetMessageW
DispatchMessageW
WindowFromPoint
UpdateWindow
SetRectEmpty
SetWindowsHookExW
CallNextHookEx
GetClassNameW
SetPropW
RemovePropW
CopyAcceleratorTableW
MapVirtualKeyW
GetKeyNameTextW
SetMenuInfo
GetPropW
GetIconInfo
GetMenuItemRect
GetWindowDC
SetLayeredWindowAttributes
DestroyIcon
CopyImage
CreateWindowExW
DefWindowProcW
ValidateRect
BeginPaint
EndPaint
SetWindowPos
GetMenu
SetMenu
ClientToScreen
IsMenu
MonitorFromWindow
GetMonitorInfoW
GetDesktopWindow
DrawMenuBar
RemoveMenu
InsertMenuW
GetMenuItemInfoW
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
AppendMenuW
DeleteMenu
DrawFocusRect
DrawEdge
FillRect
WindowFromDC
CallWindowProcW
UnhookWindowsHookEx
IntersectRect
OffsetRect
SetRect
IsRectEmpty
GetMenuInfo
SystemParametersInfoW
DrawStateW
ReleaseCapture
SetCapture
ScrollWindow
MapWindowPoints
GetMessageTime
MessageBeep
CopyIcon
DestroyWindow
GetTopWindow
GetDlgItem
EndDeferWindowPos
BeginDeferWindowPos
InflateRect
GrayStringW
DrawTextExW
TabbedTextOutW
IsWindow
EqualRect
SetActiveWindow
LoadMenuW
GetSubMenu
LoadIconW
CreatePopupMenu
GetSystemMetrics
LockWindowUpdate
BringWindowToTop
DrawTextW
ReleaseDC
GetWindowLongW
SetWindowLongW
GetKeyState
GetNextDlgTabItem
LoadImageW
GetWindowRect
SetWindowRgn
PostMessageW
LoadCursorW
GetSysColor
GetMessagePos
LoadBitmapW
GetParent
SetTimer
RedrawWindow
InvalidateRect
GetLastActivePopup
GetForegroundWindow
GetWindowTextW
GetWindowTextLengthW
SetFocus
GetClassLongW
GetCapture
WinHelpW
SendDlgItemMessageA
SendDlgItemMessageW
CheckDlgButton
SetParent
GetDC
EnableWindow
SendMessageW
GetSystemMenu
DestroyMenu
KillTimer
GetFocus
IsChild
GetCursorPos
MenuItemFromPoint
MessageBoxW
GetActiveWindow
SetCursor
IsDialogMessageW
SetWindowTextW
MoveWindow
IsWindowEnabled
GetMenuStringW
EndDialog
CreateDialogIndirectParamW
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
TranslateAcceleratorW
InsertMenuItemW
LoadAcceleratorsW
GetWindowThreadProcessId
PtInRect
CopyRect
GetClientRect
ScreenToClient
ReuseDDElParam
GetWindowRgn
DestroyCursor
SubtractRect
MapVirtualKeyExW
UnpackDDElParam
GetDoubleClickTime
GetUpdateRect
CreateMenu
PostThreadMessageW
CharUpperBuffW
SetClipboardData
RegisterClipboardFormatW
HideCaret
InvertRect
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawIconEx
SetClassLongW
DestroyAcceleratorTable
GetNextDlgGroupItem
WaitMessage
SetMenuDefaultItem
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
GetAsyncKeyState
NotifyWinEvent
CharNextW
InvalidateRgn
UnregisterClassW
UnionRect
IsClipboardFormatAvailable
EnumDisplayMonitors
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
CharUpperW
IsZoomed
RealChildWindowFromPoint
TranslateMessage
ModifyMenuW
IsCharLowerW

gdi32

CreateRectRgnIndirect
GetNearestColor
Rectangle
RoundRect
SetPixel
GetTextColor
GetCurrentPositionEx
GetTextExtentPointW
MoveToEx
SetTextAlign
GetLayout
GetTextMetricsW
GetTextAlign
GetCurrentObject
SetWindowOrgEx
SelectClipRgn
GetWindowOrgEx
StretchBlt
GetBkColor
PatBlt
CopyMetaFileW
SetPolyFillMode
SetROP2
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
SetLayout
GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
CreateHatchBrush
ExtSelectClipRgn
SelectPalette
GetObjectType
SetRectRgn
GetMapMode
DPtoLP
GetCharWidthW
StretchDIBits
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreateDIBSection
GetRgnBox
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
EnumFontFamiliesExW
LPtoDP
GetViewportOrgEx
ExtFloodFill
SetPaletteEntries
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetTextFaceW
SetPixelV
CreatePen
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateDCW
GetDeviceCaps
CreatePatternBrush
CreateSolidBrush
CreateBitmap
SetBkColor
SaveDC
SetBkMode
SetTextColor
RestoreDC
DeleteObject
DeleteDC
CreateFontW
SelectObject
GetTextExtentPoint32W
GetStockObject
GetPixel
BitBlt
CombineRgn
CreateRectRgn
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
GetObjectW

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCreateKeyExW
RegQueryValueW
RegOpenKeyExW
GetTokenInformation
OpenProcessToken
GetUserNameW
RegQueryInfoKeyW
RegEnumValueW
RegQueryValueExW
RegEnumKeyExW
RegDeleteValueW
RegEnumKeyW
RegCloseKey
RegDeleteKeyW
RegSetValueExW
RegCreateKeyW

comctl32

_TrackMouseEvent
ImageList_GetIconSize
InitCommonControlsEx

shlwapi

PathUnquoteSpacesW
PathIsDirectoryW
PathFileExistsW
PathFindExtensionW
PathIsUNCW
PathFindFileNameW
PathStripToRootW
PathRemoveFileSpecW

ole32

DoDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
CoRevokeClassObject
CoRegisterMessageFilter
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
ReleaseStgMedium
CoTaskMemAlloc
CoTaskMemFree
OleInitialize
CoInitializeSecurity
CoUninitialize
CoSetProxyBlanket
CreateStreamOnHGlobal
CoInitialize
CoInitializeEx
OleRun
CoCreateInstance

oleaut32

SysAllocString
SysFreeString
SysAllocStringLen
GetErrorInfo
VariantChangeType
VarDateFromStr
VariantCopy
DispCallFunc
LoadRegTypeLi
SysStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayCreate
SafeArrayDestroy
VarBstrFromDate
OleCreateFontIndirect
VariantInit
VariantTimeToSystemTime
VariantClear
SystemTimeToVariantTime
VarUdateFromDate

oledlg

OleUIBusyW

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipFree
GdipAlloc
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipDeleteBrush
GdipCreateStringFormat
GdipDeleteStringFormat
GdipDeleteGraphics
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily
GdipCreateFont
GdipDeleteFont
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipSetImageAttributesColorMatrix
GdipCreateSolidFill
GdipSetStringFormatAlign
GdipCreateFromHDC
GdipSetTextRenderingHint
GdipDrawString
GdipDrawImageRectI
GdipSaveGraphics
GdipCloneImage
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdiplusShutdown
GdipSetInterpolationMode
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

ws2_32

WSACleanup
gethostname
WSAStartup
gethostbyname
inet_ntoa

wininet

InternetOpenUrlW
InternetGetConnectedState
InternetReadFile
FindNextUrlCacheEntryExW
FindFirstUrlCacheEntryExW
FindCloseUrlCache
InternetOpenW
InternetCanonicalizeUrlW
DeleteUrlCacheEntryW
InternetCloseHandle

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 441KB - Virtual size: 441KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

910932608a38e98d2650638438b963b6

Code Sign

Certificate

1b:e7:15Certificate

Key Usages

07Certificate

Key Usages

6c:2e:36:ad:af:9e:e4:14Certificate

Extended Key Usages

Key Usages

ee:15:3a:4f:3d:8c:2a:e3Certificate

Extended Key Usages

Key Usages

87:4d:32:f5:69:70:da:2e:14:8a:7f:82:c8:c3:94:dd:0b:91:a5:3bSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

iphlpapi

shell32

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

version

ws2_32

wininet

oleacc

imm32

winmm

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 441KB - Virtual size: 441KB

.data Size: 36KB - Virtual size: 127KB

.rsrc Size: 4.6MB - Virtual size: 4.6MB

1b:e7:15
Certificate

07
Certificate

6c:2e:36:ad:af:9e:e4:14
Certificate

ee:15:3a:4f:3d:8c:2a:e3
Certificate

87:4d:32:f5:69:70:da:2e:14:8a:7f:82:c8:c3:94:dd:0b:91:a5:3b
Signer

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 441KB - Virtual size: 441KB

.data
Size: 36KB - Virtual size: 127KB

.rsrc
Size: 4.6MB - Virtual size: 4.6MB