2024-08-29_c78bbe100646ab5b9d683e9d3dbe7275_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-29_c78bbe100646ab5b9d683e9d3dbe7275_icedid
Size

412KB
MD5

c78bbe100646ab5b9d683e9d3dbe7275
SHA1

c36e9a923afe4eb5b6d3b780538424274696069d
SHA256

c9b678ad56cd58991d15c2e835f1050a9541d48b320dcb2a7e24d77ead3ee5f7
SHA512

3fb99379f1032ef7e2a48ce91f542cc82dc8837fe92bbd8c6a6a453f70d5b033d085aba0dd215db02bdfad9d4e4bfd832d4d3890f3f9dc0797f5183780b9cbd2
SSDEEP

6144:6NwYinvD32XSLlYueUP7qTQgYQnRB5CQBPTNw9uO+maTVOX4aB8DuL4C:2hivrOSLO47epYiCUJw9u1hOXBeuL4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-29_c78bbe100646ab5b9d683e9d3dbe7275_icedid

Files

2024-08-29_c78bbe100646ab5b9d683e9d3dbe7275_icedid
.exe windows:4 windows x86 arch:x86

255afb11bb301358c0febeb76958ac09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\김민정\프로그램\업데이트모듈\동의창\Sms\Sms1000\소스\메인\업데이터\smsmupdater_1.0.0.6\Release\VersionChecker.pdb

Imports

kernel32

GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
LCMapStringA
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetSystemTimeAsFileTime
ResetEvent
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
CreateThread
ExitThread
RtlUnwind
ExitProcess
WritePrivateProfileStringA
SetErrorMode
GetOEMCP
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GetFileTime
GetFileAttributesA
RaiseException
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
FormatMessageA
LocalFree
GetModuleFileNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
InterlockedDecrement
SetLastError
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
GetProcAddress
GetCurrentProcess
Process32First
Process32Next
GetExitCodeProcess
CreateToolhelp32Snapshot
Module32First
Module32Next
OpenProcess
TerminateProcess
GetSystemDirectoryA
GetWindowsDirectoryA
CreateFileA
WriteFile
GetTickCount
OutputDebugStringA
GlobalReAlloc
GetCPInfo
DeleteFileA
WinExec
Sleep
CreateMutexA
CompareStringW
CompareStringA
lstrlenA
lstrlenW
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
FindResourceA
LoadResource
SizeofResource
FreeResource
LockResource
GlobalLock
GlobalUnlock
MulDiv
GlobalFree
CreateEventA
ResumeThread
GlobalAlloc
SetEvent
WaitForSingleObject
CloseHandle
LCMapStringW

user32

SetCapture
RegisterClipboardFormatA
SetRectEmpty
CharNextA
DestroyMenu
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
SetWindowContextHelpId
MapDialogRect
CreateDialogIndirectParamA
EndDialog
GetMenuStringA
wsprintfA
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
EndPaint
BeginPaint
GetWindowDC
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
IsWindow
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetDlgItem
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
IsRectEmpty
TrackPopupMenu
GetKeyState
UpdateWindow
GetMenu
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
IntersectRect
GetWindowPlacement
PtInRect
GetWindow
ReleaseCapture
SetWindowRgn
LoadImageA
PostMessageA
DestroyCursor
WindowFromPoint
GetParent
GetNextDlgTabItem
GetActiveWindow
ClientToScreen
FrameRect
OffsetRect
InflateRect
DrawStateA
IsMenu
GetMenuItemInfoA
GetSysColorBrush
SystemParametersInfoA
DrawIconEx
DestroyIcon
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetDesktopWindow
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
SetParent
ModifyMenuA
GetSubMenu
GetMenuState
GetMenuItemID
GetMenuItemCount
CreatePopupMenu
CreateMenu
DrawEdge
LoadBitmapA
BringWindowToTop
SetForegroundWindow
SetActiveWindow
SetWindowPos
LoadCursorA
SetCursor
FindWindowA
PostThreadMessageA
LockWindowUpdate
GetDCEx
MessageBoxA
GetWindowRect
KillTimer
SetTimer
IsWindowVisible
GetWindowLongA
SetWindowLongA
GetSystemMetrics
LoadIconA
GetClientRect
IsIconic
GetSystemMenu
SendMessageA
AppendMenuA
DrawIcon
PostQuitMessage
CharUpperA
SetRect
EnableWindow
InvalidateRect
CopyRect
GetDC
ReleaseDC
GetSysColor
FillRect
GetTopWindow

gdi32

CreatePatternBrush
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetCharWidthA
CreateFontA
SetRectRgn
GetMapMode
GetRgnBox
RestoreDC
SaveDC
GetClipBox
ExtCreateRegion
CombineRgn
StretchDIBits
CreateBitmap
SetBkColor
SetTextColor
ExtSelectClipRgn
SetBkMode
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
BitBlt
GetStockObject
CreateDIBSection
GetTextExtentPoint32W
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetTextExtentPoint32A
SetPixel
GetPixel
PatBlt
Ellipse
GetBkMode
GetObjectA
CreateFontIndirectA
CreatePen
GetDeviceCaps
CreateSolidBrush
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCloseKey

shell32

ShellExecuteExA
SHGetSpecialFolderPathA
ShellExecuteA

comctl32

ord17
ImageList_GetImageCount
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Draw
_TrackMouseEvent
ImageList_Destroy
ImageList_Create

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA
SHDeleteValueA
UrlUnescapeA

oledlg

ord8

ole32

CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal

oleaut32

OleLoadPicture
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
OleCreateFontIndirect
SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocStringLen
VariantInit
VariantClear
VariantChangeType

wininet

InternetQueryDataAvailable
InternetReadFile
InternetOpenUrlA
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetGetLastResponseInfoA
HttpQueryInfoA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetOpenA
InternetConnectA
HttpOpenRequestA
InternetErrorDlg
HttpSendRequestA
InternetCloseHandle

gdiplus

GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipDisposeImage
GdipAlloc
GdipFree
GdiplusShutdown
GdipCloneImage
GdiplusStartup

iphlpapi

GetAdaptersInfo

winmm

PlaySoundA

Sections

.text
Size: 260KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

255afb11bb301358c0febeb76958ac09

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

gdiplus

iphlpapi

winmm

Sections

.text Size: 260KB - Virtual size: 256KB

.rdata Size: 64KB - Virtual size: 60KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 72KB - Virtual size: 71KB

.text
Size: 260KB - Virtual size: 256KB

.rdata
Size: 64KB - Virtual size: 60KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 72KB - Virtual size: 71KB