d:\work\MRP\MRP\Help\release\Help.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-06-30_e37618892626119e136d078750cf0b29_icedid.exe
Resource
win7-20231129-en
windows7-x64
18 signatures
150 seconds
General
-
Target
2024-06-30_e37618892626119e136d078750cf0b29_icedid
-
Size
997KB
-
MD5
e37618892626119e136d078750cf0b29
-
SHA1
21745b67e2898529aa2f7b51a963c9503bc952b8
-
SHA256
3634a88f7a6b0e230949c1fb0eb44b87443ddb07d2249f25ece6e769272bf9d9
-
SHA512
8f8a8c3b2f1f138b85e7a76967c2381e298d095f933b23b1cba18e19d9b4ecff59169b3646d68642a2e3f1067b6ff617acbff17e96bf5702a1e73eeef5769b48
-
SSDEEP
12288:Fas44a+GJczba9J8DxzXa8JmG4WjoLg+XV28f7Wy1Z:Fe4arcO8DRtsxWag6jWyz
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 2024-06-30_e37618892626119e136d078750cf0b29_icedid
Files
-
2024-06-30_e37618892626119e136d078750cf0b29_icedid.exe windows:4 windows x86 arch:x86
2f9ec0554fdf08256f128f8fee837d28
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
ExitProcess
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
Sleep
HeapReAlloc
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CreateFileA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
RtlUnwind
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
GetProcessHeap
HeapAlloc
HeapFree
SetErrorMode
LocalFileTimeToFileTime
FileTimeToLocalFileTime
CreateFileW
GetShortPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiW
GetStringTypeExW
DeleteFileW
MoveFileW
GetCurrentDirectoryW
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
lstrlenA
GlobalFlags
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
SetFileTime
GetFileAttributesW
CloseHandle
GlobalGetAtomNameW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
CompareStringW
GetVersionExA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrcmpW
GetCurrentProcessId
GlobalFree
GlobalAlloc
InterlockedDecrement
MultiByteToWideChar
GlobalLock
GlobalUnlock
GetModuleHandleA
lstrlenW
LocalFree
FormatMessageW
GlobalFindAtomW
GlobalDeleteAtom
FreeLibrary
GetCurrentThreadId
MulDiv
GetTickCount
GetVersionExW
GetVersion
GlobalAddAtomW
FreeResource
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetLastError
SetLastError
WideCharToMultiByte
GetModuleFileNameW
GetModuleFileNameA
FindResourceW
LoadResource
LockResource
SizeofResource
LoadLibraryA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetCPInfo
GetFileAttributesA
user32
ShowOwnedPopups
FindWindowW
DrawIcon
SetWindowRgn
SetCapture
GetSysColorBrush
IsZoomed
SetCursorPos
WindowFromPoint
UnregisterClassW
PostThreadMessageW
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
CharUpperW
GetDCEx
LockWindowUpdate
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableMenuItem
CheckMenuItem
SetParent
UnpackDDElParam
ReuseDDElParam
ReleaseCapture
LoadAcceleratorsW
InsertMenuItemW
SetRectEmpty
ShowWindow
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatW
TranslateAcceleratorW
BringWindowToTop
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetFocus
SetFocus
GetWindowTextLengthW
GetForegroundWindow
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
GetMessageW
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
DefWindowProcW
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
PostMessageW
PostQuitMessage
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
GetMenuStringW
EndPaint
BeginPaint
GetDC
ScreenToClient
SetCursor
IsWindowVisible
PtInRect
DestroyCursor
LoadCursorW
OffsetRect
IsWindow
GetMenuItemRect
SetMenu
ModifyMenuW
SetMenuInfo
MessageBoxW
CallWindowProcW
GetSubMenu
IsMenu
RemovePropW
InsertMenuW
GetPropW
GetMessagePos
AppendMenuW
GetSysColor
GetWindowLongW
CreatePopupMenu
GetMenuDefaultItem
UnhookWindowsHookEx
DeleteMenu
CopyRect
SetWindowsHookExW
GetMenuItemCount
DrawFocusRect
ReleaseDC
DrawEdge
GetWindowDC
SetWindowPos
RedrawWindow
CallNextHookEx
ClientToScreen
IsRectEmpty
TranslateMessage
ValidateRect
MoveWindow
SetWindowTextW
IsDialogMessageW
GetMenuItemID
SetPropW
SetWindowLongW
SetScrollRange
GetClassNameW
GetMenuState
LoadMenuW
GetWindowRect
GetMenuItemInfoW
WindowFromDC
DestroyIcon
IntersectRect
GetMenuInfo
SystemParametersInfoW
GetDesktopWindow
SetTimer
FrameRect
SetRect
GrayStringW
GetParent
DrawTextExW
DrawTextW
DrawStateW
TabbedTextOutW
GetSystemMetrics
InflateRect
GetWindowTextW
InvalidateRect
LoadBitmapW
GetClientRect
GetCursorPos
GetMenu
KillTimer
UpdateWindow
GetSystemMenu
DestroyMenu
LoadIconW
EnableWindow
FillRect
SendMessageW
EqualRect
UnregisterClassA
gdi32
GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
CreateEllipticRgn
Ellipse
PatBlt
SetRectRgn
GetTextColor
GetRgnBox
ExtSelectClipRgn
LineTo
MoveToEx
SetBkColor
SetBkMode
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
RestoreDC
SaveDC
GetTextMetricsW
CreateBitmap
SetTextColor
DeleteObject
GetNearestColor
CreatePatternBrush
SetBrushOrgEx
UnrealizeObject
GetPixel
SetPixel
GetDeviceCaps
CreateFontIndirectW
SelectClipRgn
FillRgn
CombineRgn
CreateRectRgn
CreateRectRgnIndirect
SelectObject
Escape
GetTextExtentPoint32W
ExtTextOutW
GetBkColor
TextOutW
RectVisible
LPtoDP
PtVisible
RoundRect
CreateFontW
GetMapMode
DPtoLP
Rectangle
BitBlt
CreatePen
CreateCompatibleDC
GetObjectW
GetStockObject
CreateCompatibleBitmap
CreateSolidBrush
DeleteDC
comdlg32
GetFileTitleW
winspool.drv
DocumentPropertiesW
ClosePrinter
OpenPrinterW
advapi32
RegDeleteValueW
RegQueryValueW
RegCreateKeyW
GetFileSecurityW
SetFileSecurityW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyW
RegSetValueW
RegCloseKey
shell32
DragFinish
DragQueryFileW
ExtractIconW
SHGetFileInfoW
comctl32
_TrackMouseEvent
ImageList_GetIconSize
shlwapi
PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW
oledlg
OleUIBusyW
ole32
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleInitialize
StgOpenStorageOnILockBytes
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
oleaut32
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysStringLen
SysFreeString
Sections
.text Size: 408KB - Virtual size: 406KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 108KB - Virtual size: 104KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 16KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 444KB - Virtual size: 444KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE