2024-10-21_6733924c670207ed7755dc0fe2286c36_icedid_rhadamanthys

Sharing

Copy URL

Twitter E-mail

General

Target

2024-10-21_6733924c670207ed7755dc0fe2286c36_icedid_rhadamanthys
Size

5.0MB
MD5

6733924c670207ed7755dc0fe2286c36
SHA1

2fea9c1b0c3b0a923232dbcadcfc661bb08031d0
SHA256

a555018ed03a0b191f64f625b75cebd9f62c194c7b1c1a66b91266f2f1c1b6c4
SHA512

692d642223ddcff9e75e0d76437fbc760f9a356609fc4c3cccdddbdeb453f2bf04ce8438c3820b4445c320840a28f86215da880f1d8fe96dc9f65567e4505e67
SSDEEP

98304:6o4H5BopFuyJBk7f2lMmojnMH1u/FRrxrjUJMJCG:6oQ5Ba3k7LMH1u/rrxrjUJ0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-10-21_6733924c670207ed7755dc0fe2286c36_icedid_rhadamanthys

Files

2024-10-21_6733924c670207ed7755dc0fe2286c36_icedid_rhadamanthys
.exe windows:6 windows x86 arch:x86

5fa0dd7af81deb1f09c5f1284bf22c64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\dev\sw\hbautil\source\windows\bench32\Release\Bench32.exe.pdb

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

GetDateFormatW
GetStdHandle
ExitProcess
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
GetTimeZoneInformation
VirtualQuery
GetSystemInfo
GetConsoleCP
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
SetConsoleCtrlHandler
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
OutputDebugStringW
GetTimeFormatW
CompareStringW
LCMapStringW
IsValidLocale
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetStringTypeW
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
CreateEventW
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LocalUnlock
EnumSystemLocalesW
LocalLock
SearchPathA
GetProfileIntA
GetTickCount
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
GetWindowsDirectoryA
FindResourceExW
lstrcpyA
SetErrorMode
SystemTimeToTzSpecificLocalTime
SetFileAttributesA
LocalFileTimeToFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
GetCurrentDirectoryA
GetACP
GetCPInfo
GetOEMCP
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
FileTimeToSystemTime
GetAtomNameA
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetStringTypeExA
GetThreadLocale
GetVolumeInformationA
MoveFileA
lstrcmpiA
GetShortPathNameA
LoadLibraryExA
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
GetUserDefaultLCID
SystemTimeToFileTime
ReplaceFileA
GetTempFileNameA
SetFileTime
GetFullPathNameA
GetFileTime
GetFileAttributesA
GetCurrentProcessId
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
GetVersionExA
GetCurrentThread
SuspendThread
SetThreadPriority
SetEvent
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
lstrcmpW
GlobalDeleteAtom
LoadLibraryW
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
FreeResource
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
OutputDebugStringA
CopyFileA
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
GetModuleHandleA
GetModuleFileNameA
MultiByteToWideChar
ResumeThread
LeaveCriticalSection
EnterCriticalSection
GetLogicalDrives
GetDiskFreeSpaceA
VirtualFree
VirtualAlloc
CreateEventA
GetOverlappedResult
WriteFile
SetFilePointer
ReadFile
CreateFileA
WideCharToMultiByte
FindResourceW
SizeofResource
LockResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
RaiseException
DecodePointer
FormatMessageA
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentProcess
Sleep
WaitForSingleObject
SetLastError
CloseHandle
WriteConsoleW
QueryDosDeviceA
GetLastError
FreeEnvironmentStringsW
SetEnvironmentVariableW
CreateFileW
GetCommandLineW

user32

GetMenuBarInfo
LoadImageA
DestroyIcon
InsertMenuItemA
CreatePopupMenu
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
WindowFromPoint
WaitMessage
LoadCursorW
IsRectEmpty
SetWindowRgn
DrawIcon
KillTimer
SetTimer
ReleaseCapture
SetCapture
OffsetRect
SystemParametersInfoA
InflateRect
GetMenuItemInfoA
DestroyMenu
CharUpperA
SetRectEmpty
ClientToScreen
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
GetWindowThreadProcessId
ShowOwnedPopups
GetCursorPos
GetMessageA
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
IsDialogMessageA
SetWindowTextA
ScrollWindowEx
IsWindowEnabled
SendDlgItemMessageA
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetTopWindow
UnpackDDElParam
GetClassLongA
GetWindowLongA
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxA
AdjustWindowRectEx
GetClientRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
SetLayeredWindowAttributes
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
IsWindowVisible
EnumDisplayMonitors
SetClassLongA
OpenClipboard
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
UnregisterClassA
EnableWindow
TranslateMessage
DispatchMessageA
PeekMessageA
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
ReuseDDElParam
GetSysColorBrush
RealChildWindowFromPoint
CopyImage
GetAsyncKeyState
MapDialogRect
GetDialogBaseUnits
DeleteMenu
LoadAcceleratorsW
LoadMenuW
LoadImageW
GetKeyNameTextA
MapVirtualKeyA
UnionRect
LoadBitmapW
SetMenuItemInfoA
SetParent
GetMenuDefaultItem
GetNextDlgGroupItem
DrawFocusRect
DrawIconEx
GetIconInfo
MessageBeep
EnableScrollBar
HideCaret
InvertRect
GetClassNameA
SendMessageA
PostMessageA
GetSystemMetrics
DrawMenuBar
GetSystemMenu
EnableMenuItem
UpdateWindow
GetDC
ReleaseDC
InvalidateRect
GetWindowRect
FillRect
IntersectRect
GetParent
TrackMouseEvent
SetCursor
SetWindowLongA
LoadCursorA
DestroyCursor
CopyIcon
PostQuitMessage
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
GetFocus
CheckMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
NotifyWinEvent
GetTabbedTextExtentW
GetTabbedTextExtentA
GetWindowRgn
WindowFromDC
CreateMenu
InSendMessage
MonitorFromRect
SendNotifyMessageA
SubtractRect
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
EnumChildWindows
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffA
RegisterClipboardFormatA
ModifyMenuA
GetDoubleClickTime
SetMenuDefaultItem
CopyAcceleratorTableA
DestroyAcceleratorTable
CreateAcceleratorTableA
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
PostThreadMessageA
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
LockWindowUpdate
GetDCEx
SetRect
FrameRect
SetCursorPos
IsZoomed
DrawFrameControl
GetPropA
DrawEdge

gdi32

GetClipBox
GetClipRgn
GetCurrentPositionEx
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocA
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
TextOutA
ExtTextOutA
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
GetTextExtentPoint32A
CreateEllipticRgn
Ellipse
ExcludeClipRect
DPtoLP
LPtoDP
GetTextMetricsA
CombineRgn
CreateRectRgnIndirect
GetMapMode
PatBlt
SetRectRgn
CreateFontA
GetCharWidthA
StretchDIBits
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
SetDIBColorTable
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
GetRgnBox
OffsetRgn
GetCurrentObject
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileA
DeleteMetaFile
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextExtentPointA
GetTextExtentPoint32W
GetTextFaceA
Escape
CreateRectRgn
CreateSolidBrush
CreatePatternBrush
CreateHatchBrush
CreateDIBPatternBrushPt
SetTextColor
SetBkColor
CreateBitmap
GetDeviceCaps
CopyMetaFileA
GetObjectA
SelectObject
Rectangle
DeleteDC
CreatePen
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
CreateDIBSection
DeleteObject
BitBlt

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetSaveFileNameA
CommDlgExtendedError

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter
GetJobA

advapi32

RegEnumKeyA
RegSetValueA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExW
GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegCloseKey
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA
DragQueryFileA
DragFinish
SHAddToRecentDocs
ExtractIconA
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetMalloc
SHAppBarMessage
ShellExecuteExA
SHGetFileInfoA

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionA
PathFindExtensionW
PathIsUNCServerShareA
PathFindFileNameA
PathFileExistsA
PathIsUNCA
PathStripToRootA
StrFormatKBSizeA
PathRemoveFileSpecW
PathRemoveExtensionA

uxtheme

OpenThemeData
DrawThemeParentBackground
CloseThemeData
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetWindowTheme
IsAppThemed
GetThemePartSize
GetCurrentThemeName
DrawThemeText
DrawThemeBackground
GetThemeColor

ole32

OleIsCurrentClipboard
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleSetMenuDescriptor
OleLockRunning
StgCreateDocfile
StgOpenStorage
StgOpenStorageOnILockBytes
StgIsStorageFile
CreateILockBytesOnHGlobal
CreateFileMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
StgCreateDocfileOnILockBytes
WriteClassStm
GetHGlobalFromILockBytes
CreateGenericComposite
CreateItemMoniker
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleFlushClipboard
OleSetClipboard
CreateStreamOnHGlobal
CLSIDFromString
CoDisconnectObject
StringFromGUID2
PropVariantCopy
CoInitialize
CoCreateInstance
OleCreateStaticFromData
OleCreateLinkToFile
CoGetMalloc
OleQueryLinkFromData
CoCreateGuid
CoUninitialize
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoInitializeEx
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
OleRun
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleIsRunning
OleQueryCreateFromData
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
CoRegisterClassObject
CoGetClassObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries

oleaut32

RegisterTypeLi
SysStringLen
SysReAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayRedim
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
SysAllocStringLen
LoadRegTypeLi
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VariantCopy
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarDecFromStr
SysAllocString
SysAllocStringByteLen
LoadTypeLi
VariantChangeType
VariantClear
SafeArrayLock
VariantInit
SafeArrayGetLBound
SysFreeString
SysStringByteLen

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipSaveImageToFile
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

oledlg

ord8

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 531KB - Virtual size: 531KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5fa0dd7af81deb1f09c5f1284bf22c64

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

oledlg

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 531KB - Virtual size: 531KB

.data Size: 31KB - Virtual size: 129KB

.rsrc Size: 2.1MB - Virtual size: 2.1MB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 531KB - Virtual size: 531KB

.data
Size: 31KB - Virtual size: 129KB

.rsrc
Size: 2.1MB - Virtual size: 2.1MB