2024-10-17_e251d9e7a75b2ecc697f04c3c2d1a109_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-10-17_e251d9e7a75b2ecc697f04c3c2d1a109_icedid
Size

308KB
MD5

e251d9e7a75b2ecc697f04c3c2d1a109
SHA1

6e32b7c54b939dc3a1d84d1608bf426bd8d72977
SHA256

657dba55c3f9df98121aabf1ba922e69a193cc84b7081843622b8be4789e1e0b
SHA512

8c39bf982330c78ce8e43b39e8e6e1a3113c2ce56825f725b8ca5db58b50bb071fecf897d4d523d080208e9d579fd22b188da6e802088b4b80de313adb39e701
SSDEEP

6144:k8hg7V2//I/LOpqLV5HxY3R5n62+kxiO/b/3g:kCkVg/I68V5HxY3b6V+iOM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-10-17_e251d9e7a75b2ecc697f04c3c2d1a109_icedid

Files

2024-10-17_e251d9e7a75b2ecc697f04c3c2d1a109_icedid
.exe windows:4 windows x86 arch:x86

831a622cfb10ef9e269d53066cfe4761

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\JinZQ\Hook开机启动\sttray-setup\Release\sttray.pdb

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

wininet

InternetReadFile
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetGetConnectedState
HttpQueryInfoA

winmm

timeGetTime

kernel32

GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
ExitProcess
RtlUnwind
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetEndOfFile
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetTimeZoneInformation
SetStdHandle
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
UnlockFile
LockFile
FlushFileBuffers
RaiseException
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
FileTimeToSystemTime
InterlockedDecrement
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
LocalFree
CreateThread
LoadLibraryA
GetProcAddress
FreeLibrary
CreateMutexA
GetPrivateProfileStringA
OpenProcess
GetPriorityClass
TerminateProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
FindResourceA
LoadResource
LockResource
SizeofResource
WritePrivateProfileStringA
GetModuleFileNameA
CopyFileA
CreateProcessA
CompareStringW
CompareStringA
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
WriteFile
CreateFileA
ReadFile
SetFilePointer
CloseHandle
BeginUpdateResourceA
UpdateResourceA
EndUpdateResourceA
CreateDirectoryA
GetTickCount
Sleep
MoveFileExA
lstrlenA
DeleteFileA
GetSystemTimeAsFileTime

user32

RegisterClipboardFormatA
PostThreadMessageA
ReleaseCapture
SetCapture
CharNextA
LoadCursorA
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyMenu
SetWindowContextHelpId
MapDialogRect
wsprintfA
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMessageA
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
SetCursor
PostQuitMessage
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
GetFocus
IsWindow
SetFocus
IsChild
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
MessageBoxA
GetKeyState
SetForegroundWindow
IsWindowVisible
GetMenu
PostMessageA
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
GetParent
EqualRect
GetClassInfoA
RegisterClassA
UnregisterClassA
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
GetWindowLongA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
GetWindow
GetSystemMetrics
InvalidateRect
CopyAcceleratorTableA
SetRect
IsRectEmpty
LoadIconA
GetClientRect
IsIconic
GetSystemMenu
SendMessageA
AppendMenuA
DrawIcon
CharUpperA
GetIconInfo
EnableWindow
SendDlgItemMessageA
UpdateWindow
SetDlgItemTextA
RemovePropA

gdi32

ExtSelectClipRgn
GetStockObject
PtVisible
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
GetWindowExtEx
GetViewportExtEx
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
GetDeviceCaps
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
DeleteObject
CreateCompatibleDC
GetDIBits
DeleteDC
GetObjectA
SetMapMode
RestoreDC
SaveDC
ExtTextOutA
RectVisible

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegEnumValueA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

SHGetSpecialFolderPathA
ShellExecuteA
ExtractIconA

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoGetClassObject
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes

oleaut32

VariantClear
SafeArrayDestroy
VariantCopy
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
SysFreeString
VariantInit
VariantChangeType
SysAllocString
SystemTimeToVariantTime
OleCreateFontIndirect

Sections

.text
Size: 196KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

831a622cfb10ef9e269d53066cfe4761

Headers

File Characteristics

PDB Paths

Imports

version

wininet

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 196KB - Virtual size: 194KB

.rdata Size: 48KB - Virtual size: 44KB

.data Size: 12KB - Virtual size: 58KB

.rsrc Size: 48KB - Virtual size: 45KB

.text
Size: 196KB - Virtual size: 194KB

.rdata
Size: 48KB - Virtual size: 44KB

.data
Size: 12KB - Virtual size: 58KB

.rsrc
Size: 48KB - Virtual size: 45KB