2024-09-03_425b878f53e9590d3d3dcac565ad42aa_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-09-03_425b878f53e9590d3d3dcac565ad42aa_icedid
Size

1003KB
MD5

425b878f53e9590d3d3dcac565ad42aa
SHA1

3a5523f06d8a33d97bcb0b65e445fb079feb0ddb
SHA256

527ee584a6d70c96448546746220d33c17facba8a910b860ffc7aa270d9fbe51
SHA512

368ce1eb4a7d89a86d33c8899624f1fa940b48e6c0614188edc69b10bd870836b9d6a2848b4e239fc7380a6d8cd5abc066b0f70dff32a4e9ffbbf437b3c10db1
SSDEEP

12288:CFR9Y+Zfqam9llIsjqgFc1ycKPWTW0n/T+QNWmgfWVta9H:CFR9Y+Z0llIYPFQPsWVtcH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-03_425b878f53e9590d3d3dcac565ad42aa_icedid

Files

2024-09-03_425b878f53e9590d3d3dcac565ad42aa_icedid
.exe windows:4 windows x86 arch:x86

6284f96048b49393f88a2959f4d7d33c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\project\rthdvbgproc\_ma4_release\win32\RtHDVBg.pdb

Imports

wtsapi32

WTSRegisterSessionNotification
WTSUnRegisterSessionNotification

propsys

PropVariantToUInt32
PropVariantCompareEx
PropVariantToString

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW

kernel32

ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
FindClose
FindFirstFileW
GetVolumeInformationW
GetFullPathNameW
SetErrorMode
FileTimeToLocalFileTime
GetFileTime
GetTickCount
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
VirtualProtect
VirtualAlloc
VirtualQuery
RtlUnwind
HeapReAlloc
ExitThread
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
SetEnvironmentVariableA
GlobalFlags
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
FileTimeToSystemTime
GetThreadLocale
lstrlenA
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
SuspendThread
SetThreadPriority
GetCurrentProcessId
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
InterlockedDecrement
GetModuleFileNameW
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
GetModuleHandleW
GetVersionExA
GetModuleHandleA
FormatMessageW
MulDiv
SetLastError
RaiseException
LoadLibraryA
LocalAlloc
LocalFree
GetFileAttributesW
MultiByteToWideChar
OutputDebugStringW
Sleep
GetSystemDirectoryW
CreateMutexW
GetExitCodeThread
ResumeThread
DuplicateHandle
InitializeCriticalSection
DeleteCriticalSection
LoadLibraryW
GetProcAddress
FreeLibrary
FindResourceExW
GetSystemInfo
GetUserDefaultUILanguage
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
WaitForMultipleObjects
SetEvent
CreateThread
CreateEventW
InterlockedExchange
GetLastError
DeviceIoControl
GetVersionExW
lstrlenW
CreateProcessW
GetCurrentProcess
CreateFileW
GetSystemDirectoryA
CloseHandle
WideCharToMultiByte
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
SizeofResource
LoadResource
FindResourceW
LockResource
ExitProcess

user32

CopyAcceleratorTableW
IsRectEmpty
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatW
PostThreadMessageW
EnableMenuItem
CheckMenuItem
GetMessageW
GetActiveWindow
GetCursorPos
ValidateRect
MoveWindow
SetWindowTextW
IsDialogMessageW
IsWindowEnabled
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
IsWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
CharNextW
GetKeyState
IsWindowVisible
GetMenu
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
EqualRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
OffsetRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
TabbedTextOutW
GetDC
ReleaseDC
IntersectRect
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
LoadIconW
EnumDisplaySettingsW
UnregisterClassA
DispatchMessageW
PostQuitMessage
TranslateMessage
SendInput
MapVirtualKeyW
PeekMessageW
SetTimer
ChangeWindowMessageFilter
UnregisterDeviceNotification
RegisterDeviceNotificationW
CallNextHookEx
KillTimer
FindWindowExW
RegisterWindowMessageW
SetWindowPos
CharUpperW
ReleaseCapture
SetCapture
EnableWindow
SendMessageW
UnregisterClassW
DestroyMenu
LoadCursorW
SetRect
RedrawWindow
GetSysColorBrush
DrawFocusRect
InflateRect
CopyRect
DrawTextW
GetDesktopWindow
GetWindow
GetParent
GetWindowRect
PostMessageW
EnumThreadWindows
InvalidateRect
SetForegroundWindow
GetForegroundWindow
GetWindowThreadProcessId
UpdateWindow
ShowWindow
GetWindowLongW
UnhookWindowsHookEx
SetWindowsHookExW
SystemParametersInfoW
GetSysColor
GetClientRect
SetCursor
SetWindowContextHelpId
MapDialogRect
CreateDialogIndirectParamW
GetNextDlgTabItem
SetMenuItemBitmaps
EndDialog
GetMenuCheckMarkDimensions
LoadBitmapW
AdjustWindowRectEx
ModifyMenuW
RegisterClassW

gdi32

PtVisible
RectVisible
TextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetBkColor
GetTextColor
GetRgnBox
GetViewportExtEx
GetWindowExtEx
GetStockObject
GetObjectW
SetDIBColorTable
DeleteObject
CreateDIBSection
GetMapMode
CreateCompatibleBitmap
DeleteDC
SelectObject
CreateFontW
BitBlt
ExtSelectClipRgn
CreateCompatibleDC
GetClipBox
SetMapMode
SetTextColor
SetBkMode
RestoreDC
SaveDC
CreateBitmap
CreateRectRgnIndirect
SetBkColor
ExtTextOutW
GetDeviceCaps

msimg32

AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegOpenKeyW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegNotifyChangeKeyValue
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW

shell32

SHGetKnownFolderPath

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CreateStreamOnHGlobal
CoInitializeEx
StringFromGUID2
CoTaskMemAlloc
PropVariantClear
CoFreeUnusedLibrariesEx
CLSIDFromString
CoCreateInstance
CoRevokeClassObject
CoRegisterMessageFilter
OleFlushClipboard
FreePropVariantArray
PropVariantCopy
CLSIDFromProgID
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoTaskMemFree
OleInitialize
CoUninitialize
OleIsCurrentClipboard

oleaut32

SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysStringLen
SysFreeString
GetErrorInfo

gdiplus

GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipDrawImageI
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipDisposeImage
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipAlloc
GdiplusShutdown
GdipFree
GdiplusStartup
GdipCloneImage

Sections

.text
Size: 384KB - Virtual size: 382KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 480KB - Virtual size: 480KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6284f96048b49393f88a2959f4d7d33c

Headers

File Characteristics

PDB Paths

Imports

wtsapi32

propsys

setupapi

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

Sections

.text Size: 384KB - Virtual size: 382KB

.rdata Size: 108KB - Virtual size: 105KB

.data Size: 20KB - Virtual size: 37KB

.rsrc Size: 480KB - Virtual size: 480KB

.text
Size: 384KB - Virtual size: 382KB

.rdata
Size: 108KB - Virtual size: 105KB

.data
Size: 20KB - Virtual size: 37KB

.rsrc
Size: 480KB - Virtual size: 480KB