2024-08-10_c96e038e2d498466a27e5430e03ded48_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-10_c96e038e2d498466a27e5430e03ded48_icedid
Size

952KB
MD5

c96e038e2d498466a27e5430e03ded48
SHA1

b623e5a9dac1c6d8cdb92c0cbccb50462d0c4477
SHA256

00e7ceb73fd641718d3afa6f3c4dbaf778968d8474a03232a3978c6d64f13911
SHA512

82f1cf32976fb985e0ed9a57bb7c643b809a578f76342fa8a1f6d32284ec7668d3e907b1d583247f308b4bd16e4b1d98850a87c2914d5f6997ea834f4a7767c1
SSDEEP

6144:1QQCwO3NIQSEsazEATM8W7XIINyRoxbhacL6koevWbp3FPUkbMrkdkQwCzvRR0hD:1dOlsazgARe4kyHPUkbGZC1R0/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-10_c96e038e2d498466a27e5430e03ded48_icedid

Files

2024-08-10_c96e038e2d498466a27e5430e03ded48_icedid
.exe windows:4 windows x86 arch:x86

6a3c4bb00c0b78cfaf623334ff1c5dfc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\hundred\Center\letter\above\double\Give\Centurymusic.pdb

Imports

kernel32

LocalReAlloc
DeleteCriticalSection
GlobalFree
TlsFree
InterlockedDecrement
FreeLibrary
CloseHandle
GetCurrentThreadId
MultiByteToWideChar
InterlockedIncrement
GetVersionExA
lstrcmpW
LoadLibraryA
GlobalDeleteAtom
TlsSetValue
GlobalAddAtomW
GetThreadLocale
GlobalFlags
GetModuleHandleA
InterlockedExchange
GetLocaleInfoW
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
GetStartupInfoW
HeapReAlloc
HeapSize
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetConsoleCP
GetConsoleMode
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
VirtualAlloc
GetACP
GetOEMCP
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
InterlockedCompareExchange
TlsAlloc
InitializeCriticalSection
GlobalAlloc
GlobalHandle
GlobalUnlock
GlobalReAlloc
GlobalLock
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalFree
LocalAlloc
lstrlenW
WideCharToMultiByte
GetCurrentProcessId
FindResourceW
LoadResource
LockResource
SizeofResource
GetLastError
SetLastError
GetCurrentDirectoryW
GetModuleFileNameW
GetEnvironmentVariableW
GetSystemDirectoryW
Sleep
GetModuleHandleW
GetProcAddress
GetFileAttributesW
CreateProcessW
LoadLibraryW
GetCurrentProcess
SetEvent
GetVolumeInformationW
GetVersion
CreateEventW
GetCPInfo
FormatMessageW
SetSystemPowerState
GetProcessHeap
GlobalFindAtomW
GetSystemTimeAsFileTime

user32

SetWindowTextW
ClientToScreen
DestroyMenu
TabbedTextOutW
DrawTextExW
GrayStringW
PostQuitMessage
UnregisterClassA
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
PostMessageW
CreateWindowExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
PtInRect
DefWindowProcW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
SetWindowsHookExW
CallNextHookEx
DispatchMessageW
GetKeyState
ValidateRect
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
RegisterWindowMessageW
TranslateMessage
LoadCursorW
CreateMenu
DeferWindowPos
BeginDeferWindowPos
LoadIconW
ReleaseCapture
EndDialog
CloseClipboard
GetMessageW
AppendMenuW
GetFocus
GetCursorPos
GetWindowLongW
CallWindowProcW
GetClassInfoExW
GetWindowThreadProcessId
SendMessageW
GetParent
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
WinHelpW
RegisterClassExW
SetFocus
GetMessageTime
DrawTextW
GetWindowTextW
GetMenuItemInfoW
UnhookWindowsHookEx
GetSystemMenu
GetDlgCtrlID
LockWindowUpdate
PeekMessageW

gdi32

SetMapMode
BitBlt
DeleteDC
GetObjectW
CreateDCW
DPtoLP
GetBkColor
RestoreDC
SaveDC
ExtTextOutW
DeleteObject
SetBkColor
SetTextColor
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
CreateBitmap
GetStockObject
CreateSolidBrush
PtVisible
RectVisible
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
GetDeviceCaps
TextOutW

winspool.drv

ClosePrinter
OpenPrinterW
DeletePrinterConnectionW
DocumentPropertiesW

comctl32

ImageList_SetIconSize
ImageList_AddMasked
ImageList_Remove
ImageList_SetBkColor
InitCommonControlsEx
ImageList_Destroy

comdlg32

GetFileTitleW
GetSaveFileNameW
GetOpenFileNameW
ChooseColorW

ole32

OleSetContainedObject
OleInitialize
CoUninitialize
CoRegisterClassObject
CoRegisterSurrogate
CoInitialize
OleUninitialize

shlwapi

PathFindFileNameW
PathIsFileSpecW
PathIsNetworkPathW

avifil32

AVIFileInit
AVIStreamRelease
AVIMakeFileFromStreams
AVIStreamSetFormat
AVIFileExit
AVIStreamFindSample

cabinet

ord10
ord14
ord12

oleaut32

VariantClear
VariantChangeType
VariantInit

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 336KB - Virtual size: 335KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 424KB - Virtual size: 423KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a3c4bb00c0b78cfaf623334ff1c5dfc

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

comctl32

comdlg32

ole32

shlwapi

avifil32

cabinet

oleaut32

oleacc

Sections

.text Size: 336KB - Virtual size: 335KB

.rdata Size: 88KB - Virtual size: 85KB

.data Size: 100KB - Virtual size: 134KB

.rsrc Size: 424KB - Virtual size: 423KB

.text
Size: 336KB - Virtual size: 335KB

.rdata
Size: 88KB - Virtual size: 85KB

.data
Size: 100KB - Virtual size: 134KB

.rsrc
Size: 424KB - Virtual size: 423KB