p:\ST\DEV1\SoundTaxi\bin\vc8\release mfc usermodeprotection\soundapp.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-08-23_210d26ac1569ac03c948934da5e77a94_icedid_magniber.exe
Resource
win7-20240705-en
windows7-x64
15 signatures
150 seconds
General
-
Target
2024-08-23_210d26ac1569ac03c948934da5e77a94_icedid_magniber
-
Size
5.1MB
-
MD5
210d26ac1569ac03c948934da5e77a94
-
SHA1
0bd57cfa80c2e2598bf4e915f1a486d8a4afabe0
-
SHA256
d59f62244b56260471ccd838618904b8a00af1125c3eabac69fe34f5454bd803
-
SHA512
596b92f15dfd67a45ac8b1953f8dd18c99af26cc444d4df339f28ee2eec7358f163de14f42379555af3e5e40e442fe97c33d1e19146e0ab781095ccd2e8affc7
-
SSDEEP
98304:Qh0R3+8UtwRt5KFo7PXlM1FKPFMHkqolPd:S8wwRt5vP2gzjPd
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-08-23_210d26ac1569ac03c948934da5e77a94_icedid_magniber
Files
-
2024-08-23_210d26ac1569ac03c948934da5e77a94_icedid_magniber.exe windows:4 windows x86 arch:x86
0556a0e529d67b912c9ab26bf0283cc4
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ws2_32
WSACleanup
ntohl
ntohs
htonl
htons
avifil32
AVIFileOpenW
AVIStreamGetFrameOpen
AVIFileExit
AVIFileInit
AVIStreamGetFrame
msacm32
acmStreamPrepareHeader
acmStreamConvert
acmMetrics
acmFormatSuggest
acmStreamOpen
acmStreamSize
kernel32
GetProcessHeap
HeapFree
GetEnvironmentVariableA
SetEnvironmentVariableA
CreateEventA
EnumResourceNamesW
EnumResourceLanguagesW
FindResourceExW
GetCommandLineW
CreateMutexW
CopyFileA
ExitProcess
AllocConsole
GetStdHandle
WriteConsoleA
GetEnvironmentVariableW
SetEnvironmentVariableW
VirtualQuery
VirtualProtect
TerminateProcess
PeekNamedPipe
GetExitCodeProcess
RemoveDirectoryW
MoveFileW
FindClose
FindNextFileW
FindFirstFileW
OpenProcess
SetPriorityClass
GetModuleHandleA
GetDiskFreeSpaceExW
ProcessIdToSessionId
MulDiv
FlushFileBuffers
CreatePipe
GetFileInformationByHandle
GetFileSize
GetCurrentProcessId
ReadProcessMemory
CreateThread
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
TerminateThread
GetExitCodeThread
SetThreadPriorityBoost
GetTickCount
CreateNamedPipeW
GetOverlappedResult
ConnectNamedPipe
WaitForMultipleObjects
GetCurrentThread
SetThreadPriority
Sleep
DisconnectNamedPipe
WriteFile
DuplicateHandle
CreateProcessW
SetLastError
OutputDebugStringA
LoadLibraryA
InterlockedExchangeAdd
CreateFileW
SetFileAttributesW
SetFilePointer
LockResource
lstrlenA
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
RaiseException
LoadLibraryW
FreeLibrary
GetProcessTimes
ResetEvent
ResumeThread
CreateEventW
GetCurrentThreadId
SetEvent
CopyFileExW
GetLogicalDriveStringsW
GetDriveTypeW
GetFileAttributesW
DeleteFileW
ReadFile
FormatMessageA
GetFileAttributesExW
InterlockedExchange
InterlockedCompareExchange
InterlockedIncrement
IsProcessorFeaturePresent
LocalSize
LoadLibraryExA
EnumResourceTypesW
GetPrivateProfileSectionNamesW
GetLocalTime
GetTimeFormatW
WriteConsoleW
GetConsoleOutputCP
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
SetConsoleCtrlHandler
QueryPerformanceCounter
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
GetStartupInfoA
SetHandleCount
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
EnterCriticalSection
GetModuleFileNameA
HeapCreate
HeapDestroy
VirtualFree
FatalAppExitA
DeleteFileA
MoveFileA
GetTimeZoneInformation
GetFileType
SetStdHandle
GetStartupInfoW
HeapSize
GetSystemTimeAsFileTime
VirtualAlloc
ReleaseMutex
ReleaseSemaphore
CreateSemaphoreW
HeapReAlloc
ExitThread
UnhandledExceptionFilter
LocalFileTimeToFileTime
FileTimeToLocalFileTime
GetDiskFreeSpaceW
GetFileTime
SetFileTime
GetShortPathNameW
SetEndOfFile
GetProfileIntW
GetVersionExW
WaitForSingleObject
GetSystemInfo
LeaveCriticalSection
DeleteCriticalSection
UnlockFile
LockFile
GetStringTypeExW
GetCurrentDirectoryW
InitializeCriticalSection
ExpandEnvironmentStringsW
LocalFree
InterlockedDecrement
CloseHandle
LocalAlloc
FormatMessageW
MultiByteToWideChar
GetLastError
WideCharToMultiByte
lstrcmpiW
lstrlenW
CompareStringW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GlobalFlags
GetThreadLocale
GetAtomNameW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
SuspendThread
ConvertDefaultLocale
lstrcmpA
GetLocaleInfoW
CompareStringA
GetVersion
GlobalGetAtomNameW
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExA
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
GetLongPathNameW
GetPriorityClass
CreateFileA
GetFileAttributesA
SetFileAttributesA
GetCurrentProcess
FlushInstructionCache
SystemTimeToFileTime
VirtualAllocEx
CreateRemoteThread
VirtualFreeEx
GetVolumeInformationW
CreateDirectoryW
MoveFileExW
CopyFileW
CreateHardLinkW
GetTempPathW
GetTempFileNameW
ReadDirectoryChangesW
lstrcpynW
GetFullPathNameW
lstrcpyW
lstrcmpW
GetDateFormatW
FileTimeToSystemTime
GetSystemDirectoryW
GetTempFileNameA
IsBadStringPtrA
VirtualQueryEx
SetUnhandledExceptionFilter
CreateProcessA
WaitForMultipleObjectsEx
IsDebuggerPresent
WaitForSingleObjectEx
SetErrorMode
HeapAlloc
VirtualProtectEx
WriteProcessMemory
lstrcmpiA
user32
DeferWindowPos
AdjustWindowRectEx
RegisterClassW
GetClassInfoW
GetMenu
ShowScrollBar
SetForegroundWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
GetKeyState
TrackPopupMenu
TrackPopupMenuEx
ScrollWindow
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
SetActiveWindow
GetLastActivePopup
GetForegroundWindow
RemovePropW
GetPropW
SetPropW
GetClassLongW
CallNextHookEx
SetWindowsHookExW
IsChild
WinHelpW
SendDlgItemMessageA
LoadIconW
GetNextDlgTabItem
CreateDialogIndirectParamW
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
TabbedTextOutW
DrawTextExW
GrayStringW
GetWindowDC
GetKeyNameTextW
MapVirtualKeyW
TranslateAcceleratorW
BringWindowToTop
CreatePopupMenu
InsertMenuItemW
LoadAcceleratorsW
DestroyMenu
ReuseDDElParam
UnpackDDElParam
InflateRect
RedrawWindow
SetCursorPos
DestroyCursor
IsZoomed
WindowFromPoint
GetMessageW
WaitMessage
ValidateRect
GetScrollInfo
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatW
GetMenuItemInfoW
GetSysColorBrush
GetDialogBaseUnits
UnregisterClassW
DeleteMenu
GetSystemMenu
FindWindowW
DrawIcon
SetWindowRgn
SetRect
DestroyIcon
CharUpperW
CopyAcceleratorTableW
GetNextDlgGroupItem
GetDCEx
LockWindowUpdate
DrawFrameControl
IsClipboardFormatAvailable
InvertRect
GetWindowRgn
IsMenu
ShowCaret
HideCaret
ToUnicodeEx
GetKeyboardState
GetKeyboardLayoutList
IsCharLowerW
MapVirtualKeyExW
SetScrollInfo
DrawStateW
GetIconInfo
CopyIcon
CreateIconIndirect
CreateIconFromResourceEx
DrawIconEx
SetClipboardData
GetMenuDefaultItem
SetClassLongW
GetCursor
LookupIconIdFromDirectoryEx
LoadMenuIndirectW
SendMessageTimeoutW
SetWindowLongA
GetWindowLongA
IsWindowUnicode
GetDoubleClickTime
DrawEdge
OpenClipboard
CloseClipboard
EmptyClipboard
EnableScrollBar
CallWindowProcA
DefWindowProcA
DefFrameProcA
DefFrameProcW
DefDlgProcA
DefDlgProcW
DefMDIChildProcA
DefMDIChildProcW
RegisterClassA
CopyImage
GetTabbedTextExtentA
GetClipboardFormatNameW
UnregisterClassA
InSendMessage
GetAsyncKeyState
MsgWaitForMultipleObjects
SendNotifyMessageW
WindowFromDC
CopyRect
SetWindowPlacement
SystemParametersInfoA
IsIconic
ScrollWindowEx
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
InvalidateRgn
EnumChildWindows
RegisterWindowMessageW
UnionRect
LoadMenuW
RemoveMenu
GetSubMenu
LoadBitmapW
EqualRect
GetProcessWindowStation
GetUserObjectInformationW
MsgWaitForMultipleObjectsEx
PeekMessageW
TranslateMessage
DispatchMessageW
SetParent
GetWindowPlacement
EnumWindows
GetWindowThreadProcessId
IsWindowVisible
GetDesktopWindow
EnumThreadWindows
GetSystemMetrics
GetActiveWindow
DialogBoxParamW
GetSysColor
GetCapture
ReleaseCapture
EndPaint
BeginPaint
GetCursorPos
DrawFocusRect
FillRect
PtInRect
GetDlgCtrlID
SetCapture
IsWindowEnabled
UpdateWindow
ScreenToClient
DestroyWindow
RegisterClassExW
SetRectEmpty
CallWindowProcW
DefWindowProcW
GetFocus
GetClassInfoExW
KillTimer
SetTimer
InvalidateRect
SetMenu
PostQuitMessage
LoadImageW
SetCursor
MessageBeep
SetFocus
SetDlgItemTextW
SendDlgItemMessageW
PostMessageW
IntersectRect
IsRectEmpty
EnableWindow
ShowWindow
MoveWindow
ClientToScreen
MessageBoxW
wsprintfW
GetClassNameW
LoadCursorW
OffsetRect
ReleaseDC
GetDC
CharNextW
DrawTextW
GetWindow
GetWindowRect
SystemParametersInfoW
MapWindowPoints
SetWindowPos
IsWindow
GetDlgItem
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
GetParent
GetClientRect
SendMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetWindowLongW
CreateWindowExW
SetWindowLongW
EndDialog
InsertMenuW
GetMenuItemCount
BroadcastSystemMessageA
PostThreadMessageW
ExitWindowsEx
LoadStringW
EnumDisplaySettingsW
ChangeDisplaySettingsExW
EnumDisplayDevicesW
CreateMenu
TranslateMDISysAccel
DrawMenuBar
GetKeyboardLayout
ShowOwnedPopups
gdi32
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetROP2
SetPolyFillMode
RestoreDC
EndDoc
AbortDoc
SetAbortProc
CreateMetaFileW
CloseMetaFile
DeleteMetaFile
MoveToEx
CombineRgn
CreateRectRgnIndirect
CreateRectRgn
GetClipBox
FillRgn
StretchDIBits
SetBkColor
ExtTextOutW
SetStretchBltMode
SetBrushOrgEx
DrawEscape
CreateDCW
SetTextColor
SetBkMode
CreateSolidBrush
GetStockObject
CreateFontIndirectW
DeleteDC
SelectObject
GetObjectW
DeleteObject
IntersectClipRect
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
SelectClipRgn
GetClipRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
StartDocW
PtVisible
RectVisible
TextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
EndPage
StartPage
SaveDC
CreateBitmap
GetDCOrgEx
CopyMetaFileW
GetDeviceCaps
OffsetClipRgn
SetTextAlign
LineTo
CreateDIBitmap
CreatePalette
ExtFloodFill
GetTextExtentPoint32A
RoundRect
CreatePolygonRgn
GetWindowOrgEx
OffsetRgn
GetViewportOrgEx
Polyline
GetTextCharsetInfo
ExtCreateRegion
GetBitmapBits
Rectangle
EnumFontFamiliesExW
GetTextAlign
GetDIBits
PtInRegion
CreateDIBSection
GetCurrentObject
SetPixel
StretchBlt
Polygon
GetRgnBox
GetTextColor
GetBkColor
Ellipse
LPtoDP
CreateEllipticRgn
CreateFontW
GetCharWidthW
DPtoLP
GetMapMode
SetRectRgn
GetTextExtentPoint32W
GetTextMetricsW
CreateCompatibleBitmap
PatBlt
CreateHatchBrush
ExtCreatePen
CreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
CreateCompatibleDC
CreatePatternBrush
CreateDIBPatternBrushPt
ExtSelectClipRgn
comdlg32
GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
GetFileTitleW
advapi32
RegDeleteKeyW
RegOpenKeyExA
RegEnumValueW
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyW
RegDeleteValueW
RegEnumKeyExW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
SetFileSecurityW
GetFileSecurityW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegCreateKeyW
RegQueryValueW
RegEnumKeyW
RegOpenKeyW
RegSetValueW
OpenProcessToken
shell32
DragQueryFileW
DragAcceptFiles
SHGetFolderPathW
SHParseDisplayName
SHOpenFolderAndSelectItems
SHAppBarMessage
SHGetMalloc
SHGetSpecialFolderLocation
SHGetFileInfoW
ExtractIconW
DragFinish
SHFileOperationW
ord195
ShellExecuteW
SHGetFolderLocation
SHBrowseForFolderW
SHGetPathFromIDListW
ole32
CLSIDFromString
CLSIDFromProgID
CoDisconnectObject
OleDuplicateData
CoTreatAsClass
StringFromCLSID
ReleaseStgMedium
CreateBindCtx
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
IsAccelerator
OleTranslateAccelerator
CreateDataAdviseHolder
OleRegGetMiscStatus
CreateOleAdviseHolder
OleRegEnumVerbs
OleDestroyMenuDescriptor
CreateILockBytesOnHGlobal
OleSetClipboard
OleIsCurrentClipboard
OleCreateMenuDescriptor
CoGetMalloc
CoResumeClassObjects
CoRegisterClassObject
CoRevokeClassObject
StringFromGUID2
CoTaskMemRealloc
CoTaskMemAlloc
CoInitializeEx
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance
OleFlushClipboard
CoRegisterMessageFilter
OleRun
CreateStreamOnHGlobal
OleGetClipboard
StgCreateDocfile
CreateFileMoniker
StgOpenStorage
StgIsStorageFile
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleSave
WriteClassStm
OleSaveToStream
OleLockRunning
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreate
OleLoad
GetHGlobalFromILockBytes
OleSetContainedObject
OleCreateFromFile
OleCreateLinkToFile
OleGetIconOfClass
CreateItemMoniker
CreateGenericComposite
OleQueryCreateFromData
OleQueryLinkFromData
OleIsRunning
OleSetMenuDescriptor
GetClassFile
DoDragDrop
GetRunningObjectTable
oleaut32
SysAllocStringLen
SafeArrayAccessData
SafeArrayGetElemsize
OleLoadPicturePath
VariantChangeTypeEx
VarUdateFromDate
SafeArrayCreateVector
OleCreateFontIndirect
SafeArrayUnaccessData
SafeArrayDestroy
VariantInit
VariantClear
SysAllocStringByteLen
SysStringByteLen
SysFreeString
VariantCopy
SysAllocString
VariantChangeType
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
SafeArrayPtrOfIndex
SafeArrayGetVartype
GetErrorInfo
SafeArrayRedim
SafeArrayPutElement
SafeArrayCreate
VarUI4FromStr
SysStringLen
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayDestroyData
LoadRegTypeLi
LoadTypeLi
SafeArrayDestroyDescriptor
VarDateFromStr
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarBstrFromDate
VarBstrCmp
SafeArrayLock
SafeArrayUnlock
SafeArrayCopy
UnRegisterTypeLi
RegisterTypeLi
VariantTimeToSystemTime
SystemTimeToVariantTime
SetErrorInfo
CreateErrorInfo
comctl32
_TrackMouseEvent
InitCommonControlsEx
ImageList_Create
ImageList_AddMasked
ImageList_Add
ImageList_Destroy
PropertySheetW
ImageList_DrawEx
ImageList_GetIconSize
ord17
ImageList_DrawIndirect
ImageList_GetImageInfo
ImageList_GetBkColor
FlatSB_GetScrollProp
ImageList_GetImageCount
ImageList_Draw
shlwapi
PathFindExtensionW
PathCanonicalizeW
PathIsRootW
PathQuoteSpacesW
PathAddBackslashW
PathIsDirectoryW
PathRelativePathToW
PathRemoveExtensionW
PathStripToRootW
PathIsUNCW
PathFileExistsW
PathFindFileNameW
oledlg
OleUIUpdateLinksW
OleUIPasteSpecialW
OleUIEditLinksW
OleUIChangeIconW
OleUIConvertW
OleUIInsertObjectW
OleUIAddVerbMenuW
OleUIBusyW
dbghelp
ImageDirectoryEntryToData
winmm
PlaySoundW
mixerClose
mixerSetControlDetails
mixerGetLineControlsW
mixerGetLineInfoW
mixerOpen
mixerGetControlDetailsW
psapi
GetModuleInformation
ntdll
_strupr
_strlwr
_memicmp
RtlUnwind
floor
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
cfgmgr32
CM_Disconnect_Machine
CM_Reenumerate_DevNode_Ex
CM_Locate_DevNode_ExW
CM_Connect_MachineW
CM_Get_Res_Des_Data_Ex
CM_Get_Device_ID_ExW
CM_Get_DevNode_Status_Ex
CM_Get_First_Log_Conf_Ex
CM_Get_Res_Des_Data_Size_Ex
CM_Free_Res_Des_Handle
CM_Get_Next_Res_Des_Ex
CM_Free_Log_Conf_Handle
setupapi
SetupDiEnumDriverInfoW
SetupDiBuildDriverInfoList
SetupDiSetDeviceInstallParamsW
SetupCloseFileQueue
SetupScanFileQueueW
SetupDiOpenDevRegKey
SetupDiSetSelectedDriverW
SetupDiGetDriverInstallParamsW
SetupDiDestroyDriverInfoList
SetupDiCreateDeviceInfoListExW
SetupDiOpenDeviceInfoW
SetupDiOpenClassRegKeyExW
SetupOpenFileQueue
SetupDiGetClassDescriptionExW
SetupDiClassNameFromGuidExW
SetupDiBuildClassInfoListExW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetClassDevsExW
SetupDiClassGuidsFromNameExW
SetupDiGetDeviceInstallParamsW
SetupDiCallClassInstaller
SetupDiSetClassInstallParamsW
SetupDiGetDeviceInfoListDetailW
SetupDiSetDeviceRegistryPropertyW
SetupDiCreateDeviceInfoW
SetupDiCreateDeviceInfoList
SetupDiGetINFClassW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDriverInfoDetailW
oleacc
LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow
dsound
ord3
ord1
winspool.drv
ClosePrinter
DocumentPropertiesW
OpenPrinterW
GetJobW
Sections
.text Size: 3.5MB - Virtual size: 3.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 928KB - Virtual size: 924KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 100KB - Virtual size: 123KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 612KB - Virtual size: 612KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE