2024-09-03_948f2617c86241626b5db98055e8e911_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-03_948f2617c86241626b5db98055e8e911_icedid
Size

6.1MB
MD5

948f2617c86241626b5db98055e8e911
SHA1

b059475c30c70e995f17297aa425d4caa44e9f63
SHA256

7d99e4294b999ee22c9169eddfce55b17f89fa7d4820e8bf7a9160afb7528dbc
SHA512

eee70a0611366c645622542c2b2ff8a132a0477e3f0a3be557f68f82d7f4d77d139854a4358676769836aca7337ea359931ea1df6b82f7dfe4e7a8c80958c791
SSDEEP

49152:qPAPQZCL52wrTGaSHxDQtxUffJBEagtR+QjfAPR2lF:A3CAwrSaoxDdffVgtRdC2n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-03_948f2617c86241626b5db98055e8e911_icedid

Files

2024-09-03_948f2617c86241626b5db98055e8e911_icedid
.exe windows:4 windows x86 arch:x86

d972db897b37853505ea3038aa57b487

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Chunyung\Documents\Visual Studio 2005\Projects\RtkNGui\release\RtkNGUI.pdb

Imports

winmm

mmioSeek
mmioRead
mciSendStringW
mmioCreateChunk
mmioAscend
mmioAdvance
mmioSetInfo
mmioWrite
mmioDescend
mmioOpenW
mmioGetInfo
timeGetTime
mmioClose

imm32

ImmDisableIME

setupapi

SetupDiGetClassDevsW
SetupDiGetDeviceInstanceIdW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

dsound

ord1
ord3
ord6

kernel32

GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GetModuleHandleA
CompareStringA
GetLocaleInfoW
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
GetCurrentProcessId
SuspendThread
WritePrivateProfileStringW
GetThreadLocale
ReadFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationW
GetFullPathNameW
InterlockedDecrement
FileTimeToSystemTime
FileTimeToLocalFileTime
InterlockedIncrement
TlsGetValue
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
GetVersionExA
GlobalFlags
SetErrorMode
GetFileTime
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
VirtualProtect
VirtualAlloc
VirtualQuery
HeapReAlloc
GetSystemTimeAsFileTime
ExitThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
ExitProcess
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
GetDriveTypeA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
CompareStringW
CreateFileA
SetEnvironmentVariableA
lstrcmpA
RaiseException
LoadLibraryA
SetThreadPriority
SetFilePointer
GetTimeFormatW
GetDateFormatW
GetLocalTime
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetSystemInfo
IsBadReadPtr
OpenMutexW
CreateDirectoryW
ReleaseMutex
GetSystemPowerStatus
GetTempPathW
DeleteFileW
ResetEvent
GetSystemDirectoryA
GetSystemDirectoryW
ResumeThread
DuplicateHandle
GetPrivateProfileIntW
GetFileSize
GetPrivateProfileStringW
Sleep
CompareFileTime
SystemTimeToFileTime
GetWindowsDirectoryW
SetThreadExecutionState
GetFileAttributesW
DeviceIoControl
GetSystemTime
GetTimeZoneInformation
WriteFile
CreateFileW
GetExitCodeThread
WaitForMultipleObjects
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameW
SearchPathW
GetUserDefaultUILanguage
FindResourceExW
MulDiv
FreeLibrary
TerminateThread
CreateThread
CreateEventW
FreeResource
GetCPInfo
lstrlenA
lstrcmpiW
GetVersionExW
GetVersion
GetTickCount
FormatMessageW
SetEvent
GetModuleHandleW
SetLastError
WideCharToMultiByte
lstrcpyW
LeaveCriticalSection
EnterCriticalSection
lstrlenW
GlobalFree
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
WaitForSingleObject
CreateProcessW
GetCurrentProcess
IsWow64Process
SetThreadUILanguage
GetCurrentThreadId
InterlockedExchange
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
FindClose
FindNextFileW
FindFirstFileW
GetProcAddress
LoadLibraryW
LocalFree
LocalAlloc
CloseHandle
GetLastError
CreateMutexW
WriteConsoleW
lstrcmpW
TlsFree

user32

IsDialogMessageW
MoveWindow
IsWindowEnabled
GetMenuStringW
GetActiveWindow
GetMessageW
CharUpperW
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
WindowFromPoint
DestroyMenu
UnregisterClassW
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
GetScrollRange
GetScrollPos
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
SetScrollInfo
DefWindowProcW
SystemParametersInfoA
UnregisterClassA
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableMenuItem
CheckMenuItem
GetMonitorInfoW
MonitorFromWindow
GetShellWindow
FindWindowW
UnregisterDeviceNotification
RegisterDeviceNotificationW
RegisterWindowMessageW
SetMenuDefaultItem
SetWindowPos
SetWindowTextW
LoadIconW
IsWindow
ModifyMenuW
InsertMenuW
GetSubMenu
GrayStringW
GetMenuItemCount
DeleteMenu
DrawTextExW
DrawEdge
CreatePopupMenu
DrawTextW
DestroyIcon
CreateMenu
TabbedTextOutW
DrawIconEx
LoadBitmapW
GetMenuState
GetMenuItemInfoW
GetLastActivePopup
DestroyCursor
LoadImageW
GetClassLongW
TranslateAcceleratorW
GetSysColorBrush
GetScrollInfo
CallWindowProcW
GetCursorPos
KillTimer
SetTimer
SetWindowLongW
ValidateRect
GetDlgCtrlID
GetClassNameW
ScreenToClient
FillRect
AppendMenuW
SystemParametersInfoW
IntersectRect
GetComboBoxInfo
SetCursor
LoadCursorW
PtInRect
InflateRect
GetMessagePos
IsRectEmpty
ReleaseDC
GetDC
FrameRect
SetRectEmpty
ReleaseCapture
SetCapture
SetRect
PostQuitMessage
PeekMessageW
SetForegroundWindow
AttachThreadInput
GetWindowThreadProcessId
ShowWindow
GetWindowLongW
DispatchMessageW
TranslateMessage
LockWindowUpdate
SetParent
SetWindowRgn
GetWindowRgn
IsWindowVisible
SetClassLongW
CallNextHookEx
UnhookWindowsHookEx
SetDlgItemTextW
GetDlgItem
MessageBoxW
GetDesktopWindow
SetWindowsHookExW
GetAncestor
GetForegroundWindow
OffsetRect
WindowFromDC
SetActiveWindow
CopyRect
GetSystemMetrics
UnionRect
ChildWindowFromPointEx
ShowScrollBar
SetScrollPos
SetScrollRange
GetWindow
RedrawWindow
GetParent
EndPaint
BeginPaint
ClientToScreen
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
GetWindowRect
SetProcessDPIAware
PostMessageW
FindWindowExW
UpdateWindow
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetMenuItemID
GetWindowTextW
EnableWindow
InvalidateRect
GetFocus
SendMessageW
SetCaretPos
GetClientRect
GetCaretPos
GetSysColor
GetTopWindow
DestroyWindow
GetMessageTime
MapWindowPoints
UpdateLayeredWindow
EqualRect
IsIconic

gdi32

SetMapMode
LineTo
MoveToEx
SetTextAlign
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
GetBkMode
SetWindowOrgEx
Ellipse
SetWindowExtEx
ScaleWindowExtEx
SetBkColor
DPtoLP
SetTextColor
GetClipBox
ScaleViewportExtEx
CreateBitmap
CreateFontW
EnumFontFamiliesExW
GetDeviceCaps
GetCurrentObject
CreatePen
ExtTextOutW
CreateFontIndirectW
CreateSolidBrush
GetMapMode
SetBkMode
RestoreDC
CreateCompatibleBitmap
SetDIBColorTable
CombineRgn
ExtCreateRegion
CreateDIBSection
GetObjectW
DeleteObject
CreateRectRgn
CreateCompatibleDC
SelectObject
DeleteDC
BitBlt
GetStockObject
GetTextExtentPoint32W
Escape
PatBlt
TextOutW
RectVisible
PtVisible
SetPixel
GetPixel
SaveDC

msimg32

AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

OpenServiceW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyW
RegDeleteKeyW
RegEnumKeyExW
CloseServiceHandle
StartServiceW
RegQueryValueW
OpenSCManagerW
RegOpenKeyW
RegNotifyChangeKeyValue
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW

shell32

Shell_NotifyIconW
ShellExecuteExW
SHGetFolderPathW

comctl32

_TrackMouseEvent
InitCommonControlsEx
ord380

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
SHStrDupW
PathIsUNCW

ole32

CoInitializeEx
CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal
PropVariantClear
CoTaskMemFree
CLSIDFromString
StringFromGUID2
CoInitialize
CoFreeUnusedLibrariesEx
CoInitializeSecurity
PropVariantCopy
FreePropVariantArray
CoTaskMemAlloc

oleaut32

VariantChangeType
SafeArrayCreate
VariantClear
VariantInit

gdiplus

GdipCreateStringFormat
GdipGetFontUnit
GdipCreateFont
GdipGetFontSize
GdipSetStringFormatLineAlign
GdipSetTextRenderingHint
GdipDrawString
GdipDeleteStringFormat
GdipDeleteBrush
GdipCreateSolidFill
GdipSetStringFormatFlags
GdipDrawImage
GdipSetStringFormatAlign
GdipCloneBrush
GdipGetFontStyle
GdiplusStartup
GdiplusShutdown
GdipGetImageWidth
GdipGetImageHeight
GdipCreateHBITMAPFromBitmap
GdipDeleteGraphics
GdipDisposeImage
GdipCloneImage
GdipAlloc
GdipGetImageGraphicsContext
GdipFree
GdipDrawImageRectI
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageI
GdipBitmapUnlockBits
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesColorMatrix
GdipImageRotateFlip
GdipDrawImageRectRectI
GdipDrawImageRectRect
GdipCreateBitmapFromHICON
GdipSetSmoothingMode
GdipDrawImageRect
GdipCreatePen1
GdipDeletePen
GdipDrawLineI
GdipGetLogFontW
GdipCreateFontFromDC
GdipCreateFontFromLogfontW
GdipDeleteFont
GdipMeasureString
GdipDeleteFontFamily
GdipGetFamily

dwmapi

DwmExtendFrameIntoClientArea

Sections

.text
Size: 848KB - Virtual size: 845KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 64KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d972db897b37853505ea3038aa57b487

Headers

File Characteristics

PDB Paths

Imports

winmm

imm32

setupapi

version

dsound

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

dwmapi

Sections

.text Size: 848KB - Virtual size: 845KB

.rdata Size: 192KB - Virtual size: 188KB

.data Size: 64KB - Virtual size: 81KB

.rsrc Size: 5.0MB - Virtual size: 5.0MB

.text
Size: 848KB - Virtual size: 845KB

.rdata
Size: 192KB - Virtual size: 188KB

.data
Size: 64KB - Virtual size: 81KB

.rsrc
Size: 5.0MB - Virtual size: 5.0MB