2024-09-04_f365bb7fee0a6db3d05941481967b9ff_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-04_f365bb7fee0a6db3d05941481967b9ff_icedid
Size

584KB
MD5

f365bb7fee0a6db3d05941481967b9ff
SHA1

f9d94422d74d1b2695c8dc9a35dcecba13dcdbf4
SHA256

0d72ceafc6e3b8d2aa519b523f895429c22d462936dcb38f6e159fcc6d9406b0
SHA512

879cfb2a9f19501f1d52631daee622e53c4f4f24c4b1384e2fa359af49eae6763a7f1cf92a459d6f0005553f475d550c211b00ef8a6552bb101c0479ff431d68
SSDEEP

12288:G4n7DvwDs/oaeXc8drTLITip7uSdn9lDPJP/S6bSdaH7D9mrLITsy/BASE7:t7+TLITU7jHlLJP/SuD8rLITf9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-04_f365bb7fee0a6db3d05941481967b9ff_icedid

Files

2024-09-04_f365bb7fee0a6db3d05941481967b9ff_icedid
.exe windows:4 windows x86 arch:x86

c3dcb0ab10ad8870228a294a02248441

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\NonceWork\2009\Lobby\LobbyGlobal(RC)\Publish\BootDir\AutoUpdate.pdb

Imports

kernel32

ExitProcess
RtlUnwind
ExitThread
CreateThread
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
TerminateProcess
HeapReAlloc
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
SetStdHandle
GetFileType
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
SetEnvironmentVariableA
GetTickCount
SetErrorMode
GetOEMCP
GetCPInfo
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
RaiseException
GlobalFlags
InterlockedIncrement
WritePrivateProfileStringA
InterlockedDecrement
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
FreeResource
GlobalAddAtomA
SetLastError
GlobalFree
MulDiv
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
GetCurrentThread
GetCurrentThreadId
GlobalLock
GlobalAlloc
FreeLibrary
GlobalDeleteAtom
lstrcmpA
GetModuleHandleA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
LoadLibraryA
SetFilePointer
ReadFile
lstrcatA
WriteFile
lstrcpyA
CreateDirectoryA
GetFileTime
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
GetFullPathNameA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameA
RemoveDirectoryA
FindNextFileA
CreateFileA
GetFileSize
SetFileAttributesA
GetFileAttributesA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
MultiByteToWideChar
WaitForSingleObject
WinExec
CloseHandle
DeleteFileA
GetLastError
CreateToolhelp32Snapshot
Process32First
Process32Next
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
IsBadWritePtr
InterlockedExchange

user32

CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
UpdateWindow
GetMenu
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
PtInRect
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
ReleaseDC
GetDC
CopyRect
GetDesktopWindow
SetActiveWindow
GetSystemMetrics
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetFocus
ModifyMenuA
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
MessageBoxA
GetParent
GetLastActivePopup
IsWindowEnabled
SetCursor
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PostMessageA
OffsetRect
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
IsRectEmpty
CharNextA
GetSysColorBrush
ReleaseCapture
SetRect
PeekMessageA
DispatchMessageA
IsDialogMessageA
TranslateMessage
CharUpperA
PostQuitMessage
GetWindowLongA
SetWindowLongA
GrayStringA
DrawTextExA
DrawTextA
PostThreadMessageA
RegisterClipboardFormatA
TabbedTextOutA
LoadIconA
EnableWindow
KillTimer
SetTimer
InvalidateRect
GetClientRect
GetWindowRect
SetWindowRgn
GetSystemMenu
SendMessageA
AppendMenuA
EnableMenuItem
LoadCursorA
SetCapture
wsprintfA
DestroyMenu
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ShowWindow
MoveWindow
SetWindowTextA
RegisterWindowMessageA
WinHelpA
CreateDialogIndirectParamA
GetCapture
GetPropA

gdi32

RestoreDC
SetBkMode
SetMapMode
GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SaveDC
ExtSelectClipRgn
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
SetBkColor
SetTextColor
CreateRectRgnIndirect
CreateBitmap
GetDeviceCaps
GetObjectA
DeleteDC
CreateDIBSection
BitBlt
DeleteObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetClipBox
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetStockObject
CreateRoundRectRgn

msimg32

AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFileExistsA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
StgOpenStorageOnILockBytes
CoTaskMemFree
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize

oleaut32

VariantClear
VariantChangeType
VariantInit
VariantCopy
SysAllocStringLen
SafeArrayDestroy
SystemTimeToVariantTime
SysAllocString
OleCreateFontIndirect
SysAllocStringByteLen
SysFreeString
SysStringLen

Sections

.text
Size: 400KB - Virtual size: 400KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c3dcb0ab10ad8870228a294a02248441

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 400KB - Virtual size: 400KB

.rdata Size: 100KB - Virtual size: 98KB

.data Size: 16KB - Virtual size: 27KB

.rsrc Size: 64KB - Virtual size: 64KB

.text
Size: 400KB - Virtual size: 400KB

.rdata
Size: 100KB - Virtual size: 98KB

.data
Size: 16KB - Virtual size: 27KB

.rsrc
Size: 64KB - Virtual size: 64KB