2024-10-09_8182bd15213f27e80432b39372bf8bad_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-09_8182bd15213f27e80432b39372bf8bad_icedid
Size

1.9MB
MD5

8182bd15213f27e80432b39372bf8bad
SHA1

7997982cff75cf2cb71a11a1abbce0db440a4819
SHA256

6c20d242c3984dbf840bc1f5b01829d911b4e09c3b0734b08a61bfc506cee173
SHA512

e0646d388cbb246189fcf31b283eb8830ffd9987ecceec60ad61482c68752d64bd1fe2c0e3e7c924292ec735b619075ebff81cf9d2f52e8aa7a573ba054d9a88
SSDEEP

24576:yvM/4P6GWOvgPMm/r7pt9++Zvz1Dqxim0gVOSqi/3YTLrYJfPgz+MYWX4+33IQYO:2IDPMiHXze6TWgzrrIR3e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-10-09_8182bd15213f27e80432b39372bf8bad_icedid

Files

2024-10-09_8182bd15213f27e80432b39372bf8bad_icedid
.exe windows:4 windows x86 arch:x86

d8bc03de5ead5ed23be4100ff3734b1c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\cpuid\applications\cpu_z\cpu_z_cn\release\cpuz.pdb

Imports

winmm

timeGetTime

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

FlushFileBuffers
SetEndOfFile
SetErrorMode
HeapAlloc
GetStartupInfoW
RaiseException
HeapReAlloc
VirtualAlloc
RtlUnwind
ExitProcess
HeapSize
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
SetStdHandle
GetConsoleOutputCP
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WritePrivateProfileStringW
GetThreadLocale
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
TlsGetValue
InterlockedIncrement
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
GetVersionExW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrcmpW
FormatMessageW
MulDiv
GlobalLock
GlobalUnlock
FreeResource
GetSystemDirectoryA
GetModuleHandleA
FindResourceA
GetWindowsDirectoryA
RemoveDirectoryA
GetComputerNameA
GetCurrentDirectoryA
GetModuleFileNameA
CreateDirectoryA
GetLocalTime
DeleteFileA
SetCurrentDirectoryA
GetTempPathA
GetCurrentProcessId
CreateEventA
GetOverlappedResult
ReadFile
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount
LocalAlloc
CreateFileA
DeviceIoControl
LocalFree
GetSystemInfo
GetProcessAffinityMask
GetCurrentThread
GetCurrentProcess
SetFilePointer
GetVersionExA
LoadLibraryA
CreateMutexA
SetLastError
ReleaseMutex
lstrlenA
lstrcmpiA
CompareStringW
WriteConsoleA
GetVersion
InterlockedExchange
GetProcessHeap
HeapFree
GlobalMemoryStatus
GetTempPathW
lstrcatW
lstrcpyW
WinExec
lstrlenW
WriteFile
GetLastError
LoadLibraryW
CreateFileW
FreeLibrary
WriteConsoleW
CreateThread
GetProcAddress
ExitThread
Sleep
SetThreadPriority
GetStdHandle
InterlockedDecrement
MultiByteToWideChar
WaitForSingleObject
CloseHandle
WideCharToMultiByte
GetModuleHandleW
GetModuleFileNameW
GlobalSize
GlobalReAlloc
GlobalAlloc
GlobalFree
GetComputerNameW
GetCurrentDirectoryW
SizeofResource
LoadResource
FindResourceW
SetCurrentDirectoryW
LockResource
FreeEnvironmentStringsW

user32

UnregisterClassW
LoadCursorW
GetSysColorBrush
DestroyMenu
PostQuitMessage
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
GetWindowThreadProcessId
EndPaint
BeginPaint
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
LoadIconW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
TrackPopupMenu
GetKeyState
UnregisterClassA
SetForegroundWindow
IsWindowVisible
GetMenu
PostMessageW
CreateWindowExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
CopyRect
PtInRect
CallWindowProcW
SystemParametersInfoA
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetMenuState
EnableMenuItem
CheckMenuItem
GetWindowTextLengthW
GetWindowTextW
GetFocus
GetParent
SetWindowPos
SetFocus
IsWindowEnabled
ShowWindow
GetDlgCtrlID
IsWindow
SetWindowTextW
GetWindowLongW
IsDialogMessageW
SetDlgItemTextW
SetDlgItemInt
SendDlgItemMessageW
GetDlgItem
GetWindow
wsprintfA
ClientToScreen
ModifyMenuW
AppendMenuW
GetClassInfoExW
CreatePopupMenu
CreateCursor
SetWindowLongW
SetCursor
DestroyCursor
UpdateWindow
InvalidateRect
GetSysColor
DrawIcon
GetSystemMetrics
IsIconic
SetTimer
LoadImageW
KillTimer
DestroyIcon
OffsetRect
MessageBoxW
wsprintfW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
ReleaseDC
GetClientRect
GetDC
GetWindowDC
SendMessageW
EnableWindow
GetWindowRect
LoadBitmapW
RegisterWindowMessageW
GetWindowPlacement
DefWindowProcW

gdi32

DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
DeleteObject
SelectPalette
GetObjectW
GetStockObject
CreatePalette
GetSystemPaletteEntries
CreateCompatibleDC
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateSolidBrush
GetTextExtentPoint32W
CreateFontIndirectW
GetPixel
CreateBitmap
CreateFontW
GetDeviceCaps
BitBlt
GetDIBits
CreateCompatibleBitmap
RealizePalette

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegSetValueExW
RegCreateKeyExW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyW
ImpersonateSelf
OpenThreadToken
AllocateAndInitializeSid
FreeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
RevertToSelf
RegOpenKeyExA
RegQueryValueExA
OpenSCManagerA
ControlService
StartServiceA
OpenServiceA
DeleteService
CreateServiceA
CloseServiceHandle
OpenProcessToken
RegCloseKey
RegQueryValueW
RegOpenKeyExW

shell32

ShellExecuteW

shlwapi

PathFindFileNameW
PathFindExtensionW

ole32

CoInitializeEx
CoSetProxyBlanket
CoCreateInstance
CoUninitialize
CoInitialize
CoInitializeSecurity

oleaut32

SafeArrayGetElemsize
SysFreeString
SysAllocString
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
VariantClear
VariantInit
SysStringLen
SafeArrayGetElement
SafeArrayGetVartype

Sections

.text
Size: 872KB - Virtual size: 871KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 204KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 92KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 740KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d8bc03de5ead5ed23be4100ff3734b1c

Headers

File Characteristics

PDB Paths

Imports

winmm

version

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

Sections

.text Size: 872KB - Virtual size: 871KB

.rdata Size: 204KB - Virtual size: 200KB

.data Size: 92KB - Virtual size: 110KB

.rsrc Size: 740KB - Virtual size: 740KB

.text
Size: 872KB - Virtual size: 871KB

.rdata
Size: 204KB - Virtual size: 200KB

.data
Size: 92KB - Virtual size: 110KB

.rsrc
Size: 740KB - Virtual size: 740KB