2024-09-21_937d2ba6c314392c23ac4af1fabca5a8_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-21_937d2ba6c314392c23ac4af1fabca5a8_icedid
Size

1.5MB
MD5

937d2ba6c314392c23ac4af1fabca5a8
SHA1

4697b4c6a66c18b4f531bbcd6ac22d4b019aac0e
SHA256

1228e01c70db92f06203ca9d9f3d7e7b7b9b9f317f104800d51ac1eefdb3106f
SHA512

7c21f0c9477cd56aca7a9067037685bf75985f9b3294c5719347cc1a9a3ee6a8485707e9a1497d201ce1d8733f30e2e57cda42d79e093528c4c6bf0571d3585e
SSDEEP

24576:axLMUXHdUgsViD/l8F/A+VNGs62aajf8/zXZ8bIARUSNP+LNAz8:oBX9Ugacs6Ef8qIAR9+xx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-21_937d2ba6c314392c23ac4af1fabca5a8_icedid

Files

2024-09-21_937d2ba6c314392c23ac4af1fabca5a8_icedid
.exe windows:4 windows x86 arch:x86

f60df5fac76b9426e08e80f55a35680f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\TOP_CNC\cnc_v3_85\CNC___Win32_GER_PRO_help\GMFC.pdb

Imports

winmm

sndPlaySoundA

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA

shfolder

SHGetFolderPathA

kernel32

FileTimeToSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetFileAttributesA
GetCurrentDirectoryA
SetErrorMode
GetProfileIntA
RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapAlloc
HeapFree
HeapReAlloc
GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
GetStartupInfoA
ExitThread
CreateThread
SetStdHandle
GetFileType
HeapSize
TerminateProcess
GetAtomNameA
SetUnhandledExceptionFilter
IsDebuggerPresent
FatalAppExitA
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
GetACP
SetConsoleCtrlHandler
SetHandleCount
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetExitCodeProcess
CreateProcessA
GetLocaleInfoW
SetEnvironmentVariableA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
InterlockedIncrement
GetDiskFreeSpaceA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetThreadLocale
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
DeleteFileA
MoveFileA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
GetCurrentProcessId
InterlockedDecrement
GetModuleFileNameW
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
FreeResource
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
RaiseException
LocalAlloc
VerLanguageNameA
lstrcpynA
IsBadReadPtr
IsBadWritePtr
QueryPerformanceCounter
QueryPerformanceFrequency
GetModuleHandleA
SetLastError
lstrcatA
WinExec
GetWindowsDirectoryA
WriteFile
ResetEvent
ReadFile
CancelIo
lstrcpyA
FormatMessageA
LocalFree
WaitForSingleObject
DeviceIoControl
GetOverlappedResult
CloseHandle
CreateFileA
CreateEventA
GetExitCodeThread
GetTickCount
GetVersionExA
GetModuleFileNameA
OutputDebugStringA
SetThreadLocale
FreeLibrary
LoadLibraryA
GetProcAddress
Sleep
LoadResource
LockResource
SizeofResource
FindResourceA
ExitProcess
GetLastError
lstrlenA
lstrcmpiA
lstrcmpiW
GetStringTypeExA
GetStringTypeExW
WideCharToMultiByte
lstrlenW
CompareStringA
CompareStringW
GetEnvironmentVariableA
MultiByteToWideChar
InterlockedExchange
GetVersion
GetEnvironmentVariableW
UnhandledExceptionFilter

user32

ReuseDDElParam
UnpackDDElParam
GetSystemMenu
GetSysColorBrush
GetDialogBaseUnits
WindowFromDC
CreateMenu
PostThreadMessageA
GetTabbedTextExtentA
UnregisterClassA
DestroyIcon
CharNextA
InvalidateRgn
GetNextDlgGroupItem
GetDCEx
LockWindowUpdate
UnionRect
ShowOwnedPopups
SetParent
PostQuitMessage
SetRectEmpty
GetWindowThreadProcessId
DestroyMenu
GetMenuItemInfoA
GetMessageA
TranslateMessage
ValidateRect
EndPaint
BeginPaint
GetWindowDC
DestroyCursor
GetCursorPos
ClientToScreen
SetWindowRgn
IsRectEmpty
FindWindowA
ScrollWindowEx
MoveWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
InsertMenuItemA
SetForegroundWindow
ShowScrollBar
IsWindowVisible
PostMessageA
CreateWindowExA
GetClassInfoExA
IsClipboardFormatAvailable
RegisterClassA
AdjustWindowRectEx
EqualRect
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowPos
IntersectRect
IsIconic
GetWindowPlacement
GetWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuStringA
InsertMenuA
RemoveMenu
wsprintfA
SetWindowTextA
GetMenu
GetMenuItemID
GetMenuItemCount
AppendMenuA
DeleteMenu
LoadCursorA
CopyIcon
ReleaseDC
GetDC
SetCursor
ScreenToClient
MessageBeep
GrayStringA
DrawTextExA
TabbedTextOutA
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
ShowWindow
DestroyWindow
GetAsyncKeyState
ChildWindowFromPoint
LoadIconA
GetDesktopWindow
GetWindowLongA
SetWindowLongA
InvalidateRect
ReleaseCapture
GetMessagePos
PtInRect
GetCapture
SetCapture
SystemParametersInfoA
DrawFocusRect
DrawFrameControl
DrawEdge
OffsetRect
InflateRect
CopyRect
GetSystemMetrics
FrameRect
InSendMessage
TranslateAcceleratorA
TranslateMDISysAccel
BringWindowToTop
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
CreatePopupMenu
SetMenu
WaitMessage
IsZoomed
WindowFromPoint
CopyAcceleratorTableA
GetScrollPos
SendNotifyMessageA
GetParent
IsWindow
GetSysColor
SetRect
MessageBoxA
UpdateWindow
GetWindowRect
KillTimer
SetTimer
GetClientRect
DrawTextA
FillRect
RedrawWindow
SendMessageA
LoadMenuA
GetSubMenu
EnableWindow
CharUpperA
CharUpperW
CharLowerA
CharLowerW
GetKeyNameTextA
MapVirtualKeyA
RegisterClipboardFormatA
SetWindowContextHelpId
MapDialogRect
GetClassInfoA
LoadAcceleratorsA
SetScrollPos
DrawIcon

gdi32

SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
EndDoc
DeleteObject
SelectClipRgn
GetClipRgn
CreateRectRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
GetPixel
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
SetPolyFillMode
CreateDIBPatternBrushPt
CreatePatternBrush
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
ExtCreatePen
CreateHatchBrush
GetCharWidthA
StretchDIBits
SetRectRgn
CombineRgn
GetMapMode
GetWindowOrgEx
GetTextMetricsA
GetBkColor
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetTextAlign
GetTextFaceA
GetRgnBox
CreateMetaFileA
CloseMetaFile
DeleteMetaFile
AbortDoc
SetAbortProc
EndPage
StartPage
StartDocA
Ellipse
CreateEllipticRgn
CreateBitmap
SetBkColor
SetBkMode
RestoreDC
SaveDC
PatBlt
GetViewportOrgEx
CreatePalette
CreateFontIndirectA
Polygon
GetStockObject
Arc
DPtoLP
CreateFontA
GetTextExtentPoint32A
ExtSelectClipRgn
SelectObject
SetTextColor
GetClipBox
GetDCOrgEx
CreateDCA
CopyMetaFileA
LPtoDP
GetObjectA
BitBlt
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
CreateRectRgnIndirect
Rectangle
RealizePalette
GetDeviceCaps
CreatePen
DeleteDC

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA

winspool.drv

OpenPrinterA
GetJobA
ClosePrinter
DocumentPropertiesA

advapi32

GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueA
RegCreateKeyA

shell32

DragQueryFileA
DragFinish
ExtractIconA
SHGetFileInfoA
ShellExecuteA
DragAcceptFiles

shlwapi

PathStripToRootA
PathFindFileNameA
PathRemoveExtensionA
PathFindExtensionA
PathRemoveFileSpecA
PathAppendA
PathIsUNCA

oledlg

ord3
ord7
ord6
ord5
ord4
ord9
ord8
ord1

ole32

OleSetContainedObject
OleCreateFromFile
OleCreateLinkToFile
OleGetIconOfClass
CreateItemMoniker
CreateGenericComposite
OleQueryCreateFromData
OleQueryLinkFromData
OleRun
OleIsRunning
OleSetMenuDescriptor
GetClassFile
CoDisconnectObject
CoCreateInstance
StringFromGUID2
OleRegEnumVerbs
OleRegGetMiscStatus
OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CoGetClassObject
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
OleGetClipboard
DoDragDrop
GetHGlobalFromILockBytes
CoLockObjectExternal
CoGetMalloc
CreateOleAdviseHolder
CreateDataAdviseHolder
OleSave
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgIsStorageFile
StgOpenStorage
CreateFileMoniker
StgCreateDocfile
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
OleCreateLinkFromData
StgOpenStorageOnILockBytes
OleLoad
OleCreateStaticFromData
OleCreate
OleCreateFromData
OleLockRunning
CreateStreamOnHGlobal
OleSaveToStream
GetRunningObjectTable
WriteClassStm

oleaut32

SysFreeString
SysAllocStringLen
SysStringLen
LoadTypeLi
OleCreateFontIndirect
VarBstrFromDate
VarCyFromStr
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
VarDateFromStr
SysReAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
VariantInit
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
VariantCopy
SysStringByteLen
SysAllocStringByteLen
VariantChangeType
VariantClear

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 188KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f60df5fac76b9426e08e80f55a35680f

Headers

File Characteristics

PDB Paths

Imports

winmm

setupapi

shfolder

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

version

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 252KB - Virtual size: 250KB

.data Size: 48KB - Virtual size: 62KB

.rsrc Size: 188KB - Virtual size: 186KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 252KB - Virtual size: 250KB

.data
Size: 48KB - Virtual size: 62KB

.rsrc
Size: 188KB - Virtual size: 186KB