2024-08-23_dcd8100c1aeaaafb93f7849bc70ddbe9_icedid_rhadamanthys

Sharing

Copy URL

Twitter E-mail

General

Target

2024-08-23_dcd8100c1aeaaafb93f7849bc70ddbe9_icedid_rhadamanthys
Size

7.0MB
MD5

dcd8100c1aeaaafb93f7849bc70ddbe9
SHA1

7c7c3e57218d3b6cee3b7bf6ccfdfa19e10982be
SHA256

b3239ad8fa8b309bb20339babbe0a66ae2ca0da6ab61cb94f04f0ee9be6f44ef
SHA512

548a4ed026cddaa7bf0cb96348a887026c6c5e781a5164671446ec6839092b7f40d0cd4c958a0485347993e681924096bb36434ca5f8ee8623170e339e3d4729
SSDEEP

196608:+6hN4QcpGQpQlDVy5AF6xuKXuCCW+6MyEOM3n7d:kGQsUxYgCOM37d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-23_dcd8100c1aeaaafb93f7849bc70ddbe9_icedid_rhadamanthys

Files

2024-08-23_dcd8100c1aeaaafb93f7849bc70ddbe9_icedid_rhadamanthys
.exe windows:4 windows x86 arch:x86

27bacebbd547a70750225aa7987e324d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\me\catamount_build_5020603_branch\fix\product\mapeditor\src\mapper\mapper___win32_woodstock_release_dbg\Mapper.pdb

Imports

ole32

CoInitialize
CreateStreamOnHGlobal
GetHGlobalFromStream
CoCreateInstanceEx
CoUninitialize
CoInitializeEx
CoCreateInstance
CLSIDFromProgID
CoTaskMemFree
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
CreateBindCtx
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoDisconnectObject
StringFromGUID2
CLSIDFromString
OleRegEnumVerbs
OleRegGetMiscStatus
OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleSave
WriteClassStm
OleSaveToStream
OleLockRunning
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreate
OleLoad
StgOpenStorageOnILockBytes
GetHGlobalFromILockBytes
OleSetContainedObject
OleCreateFromFile
OleCreateLinkToFile
OleGetIconOfClass
CreateItemMoniker
CreateGenericComposite
OleIsRunning
GetRunningObjectTable
CoLockObjectExternal
CreateFileMoniker
CoGetMalloc
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
CreateOleAdviseHolder
CreateDataAdviseHolder
OleGetClipboard
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
OleSetMenuDescriptor
OleQueryCreateFromData
OleQueryLinkFromData
DoDragDrop
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoGetClassObject
CoRegisterClassObject
CoRevokeClassObject
CoRegisterMessageFilter
OleRun

kernel32

TlsFree
GetOEMCP
GetAtomNameA
FindResourceExA
SetErrorMode
GetProfileIntA
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetTimeFormatA
GetDateFormatA
HeapReAlloc
GetSystemTimeAsFileTime
VirtualAlloc
GetSystemInfo
VirtualQuery
GetDriveTypeA
GetCommandLineA
GetStartupInfoA
SetStdHandle
GetFileType
LocalReAlloc
CreateThread
HeapSize
FatalAppExitA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
GetTimeZoneInformation
SetHandleCount
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
SetConsoleCtrlHandler
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
TlsSetValue
TlsAlloc
TlsGetValue
LocalAlloc
GlobalFlags
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
LoadLibraryExA
FindNextFileA
GetPrivateProfileStringA
CreateFileW
WritePrivateProfileStringA
GetPrivateProfileIntA
SetFileAttributesA
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDiskFreeSpaceA
GetFileTime
SetFileTime
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
DeleteFileA
MoveFileA
GetModuleFileNameW
GetSystemDirectoryA
VirtualProtect
lstrcpyW
lstrcmpA
CopyFileA
MulDiv
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetVersionExA
FreeResource
GetTickCount
InterlockedIncrement
GetCurrentProcessId
SwitchToThread
lstrcmpiA
lstrcmpiW
GetStringTypeExA
GetStringTypeExW
CompareStringA
CompareStringW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetVersion
GetExitCodeThread
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetCurrentDirectoryA
GetModuleHandleA
SetLastError
ExitProcess
InterlockedExchange
GetLocaleInfoA
GetModuleFileNameA
lstrcatA
GetSystemDefaultLangID
GetFileAttributesA
OutputDebugStringA
lstrcpyA
Sleep
EnumSystemCodePagesA
FreeLibrary
LoadLibraryA
GetProcAddress
HeapAlloc
GetProcessHeap
HeapFree
lstrlenA
WriteFile
GetLastError
FormatMessageA
LocalFree
GetFileSize
ReadFile
CreateFileA
CloseHandle
GetCurrentDirectoryA
GetUserDefaultLangID
IsValidCodePage
MultiByteToWideChar
GetCPInfo
GlobalSize
GetTempPathA
GetTempFileNameA
lstrlenW
GlobalReAlloc
GlobalHandle
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
InterlockedDecrement
GetACP
LoadResource
LockResource
SizeofResource
FindResourceA
WideCharToMultiByte
InterlockedCompareExchange
ExitThread

user32

UnregisterClassA
GetSysColorBrush
ShowOwnedPopups
PostQuitMessage
SetCursorPos
WaitMessage
WindowFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
DestroyCursor
GetMenuItemInfoA
GetSystemMenu
IsRectEmpty
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsA
InsertMenuItemA
SetRectEmpty
BringWindowToTop
TranslateAcceleratorA
GetMessageA
GetCursorPos
ValidateRect
MapVirtualKeyA
GetKeyNameTextA
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
MapDialogRect
GetAsyncKeyState
GetMenuStringA
InsertMenuA
RemoveMenu
ScrollWindowEx
ShowWindow
MoveWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
UnionRect
GetClassLongA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetClassNameA
SetWindowTextA
EnumWindows
EnumChildWindows
GetWindowThreadProcessId
GetDlgItem
SetTimer
KillTimer
GetDCEx
LockWindowUpdate
DrawIcon
SetWindowRgn
InSendMessage
WindowFromDC
CopyAcceleratorTableA
FindWindowA
GetWindow
CreateMenu
PostThreadMessageA
GetTabbedTextExtentA
DestroyIcon
SendNotifyMessageA
CallNextHookEx
CharUpperA
CharUpperW
CharLowerA
CharLowerW
RedrawWindow
GetCaretPos
RegisterWindowMessageA
SetRect
LoadIconA
GetFocus
GetKeyState
GetWindowLongA
SetWindowLongA
RegisterClipboardFormatA
IsWindow
LoadBitmapA
PeekMessageA
IsIconic
IsZoomed
LoadMenuA
DestroyMenu
SetMenu
LoadCursorA
SetCursor
DeleteMenu
InflateRect
ClientToScreen
ScreenToClient
CreatePopupMenu
AppendMenuA
CheckMenuRadioItem
SetMenuItemInfoA
MessageBeep
CopyRect
DrawFocusRect
ReleaseCapture
SetCapture
GetSysColor
TranslateMessage
DispatchMessageA
GetSystemMetrics
SetParent
IsWindowVisible
CreateCaret
SetCaretPos
ShowCaret
UpdateWindow
PtInRect
MapWindowPoints
InvalidateRect
GetUpdateRect
GetClientRect
FillRect
OffsetRect
GetWindowRect
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
PostMessageA
GetDC
ReleaseDC
IsClipboardFormatAvailable
GetDialogBaseUnits
GetParent
EnableWindow
wsprintfA
SendMessageA
GetForegroundWindow

gdi32

GetViewportOrgEx
EnumFontFamiliesExA
CreateEllipticRgn
LPtoDP
Ellipse
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetTextAlign
EndDoc
GetWindowOrgEx
CreateMetaFileA
CloseMetaFile
DeleteMetaFile
CreateHatchBrush
ExtCreatePen
CreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
AbortDoc
SetAbortProc
EndPage
StartPage
DPtoLP
GetMapMode
CombineRgn
CreateRectRgnIndirect
SetRectRgn
StretchDIBits
GetCharWidthA
GetDeviceCaps
CreateFontIndirectA
GetTextMetricsA
CreateFontA
GetTextExtentPoint32A
CreateSolidBrush
Rectangle
CreateCompatibleBitmap
GetTextFaceA
ExtTextOutA
SelectPalette
CreatePatternBrush
CreateDIBPatternBrushPt
DeleteDC
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutA
RectVisible
PtVisible
StartDocA
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
DeleteObject
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateDCA
CopyMetaFileA
CreateBitmap
GetObjectA
GetClipBox
GetDCOrgEx
StretchBlt
GetBkColor
CreateDIBitmap
SetBkColor
BitBlt
SetTextColor
GetStockObject
SelectObject
MoveToEx
LineTo
CreateCompatibleDC
ExtTextOutW
PatBlt

comdlg32

GetFileTitleA

winspool.drv

GetJobA
OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegEnumKeyExA
RegCreateKeyA
RegQueryValueA
RegEnumKeyA
GetFileSecurityA
SetFileSecurityA
RegOpenKeyA
RegSetValueA
RegEnumValueA
GetUserNameA
RegSetValueExA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegConnectRegistryA

shell32

ExtractIconA
SHBrowseForFolderA
SHGetMalloc
ShellExecuteA
SHGetFileInfoA
DragFinish
SHGetPathFromIDListA
DragQueryFileA

comctl32

ord17

shlwapi

PathFileExistsA
PathRemoveExtensionA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA

odbc32

ord10
ord72
ord4
ord17
ord41
ord1
ord23
ord9
ord40
ord44
ord45
ord39
ord27
ord15
ord57
ord2
ord66
ord67
ord54
ord3
ord5
ord51
ord50
ord68
ord43
ord59
ord13
ord18
ord46
ord12
ord19
ord11
ord49
ord48
ord8
ord20
ord16
ord61
ord14

oleaut32

SafeArrayDestroyDescriptor
SysReAllocStringLen
SafeArrayUnlock
VarDateFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
SafeArrayDestroyData
SysFreeString
VariantClear
SysAllocString
VariantCopy
VariantInit
SysAllocStringByteLen
SysStringByteLen
SysStringLen
SysAllocStringLen
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
VariantChangeType
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
VarCyFromStr
VarBstrFromDate
LoadTypeLi
GetErrorInfo
SetErrorInfo
CreateErrorInfo
SafeArrayGetLBound

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

oledlg

ord8

Sections

.text
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 760KB - Virtual size: 757KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27bacebbd547a70750225aa7987e324d

Headers

File Characteristics

PDB Paths

Imports

ole32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

odbc32

oleaut32

version

oledlg

Sections

.text Size: 4.8MB - Virtual size: 4.8MB

.rdata Size: 760KB - Virtual size: 757KB

.data Size: 44KB - Virtual size: 70KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

.text
Size: 4.8MB - Virtual size: 4.8MB

.rdata
Size: 760KB - Virtual size: 757KB

.data
Size: 44KB - Virtual size: 70KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB