D:\Projects\Proxifier\Program\Repo\ProxifierWin\ProxyChecker\Release\ProxyChecker.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-06-30_a5e533b76eaf9ba13d43b1ea6403a48c_bkransomware_icedid.exe
Resource
win7-20240508-en
windows7-x64
16 signatures
150 seconds
General
-
Target
2024-06-30_a5e533b76eaf9ba13d43b1ea6403a48c_bkransomware_icedid
-
Size
786KB
-
MD5
a5e533b76eaf9ba13d43b1ea6403a48c
-
SHA1
8d15333bc68755a56c77048b7cd1c82fd77c8667
-
SHA256
184ed3a1261abbb94e11431e3938f79fd8943841120ed608cbee98938e18667d
-
SHA512
12ad7d16b5463a7dc3b390b6cb58721c16a61d1e27c5e06fb36e20231b49d1d9bad0b9eae4a705bc4c6e82f81b977952653588941ecbcbbaf7ef500d681a95b3
-
SSDEEP
12288:+KQeX4+gJq5A6pe776wioj78+g4gOn27vQUQTnLUoN:JDhgr6M1jgLOXpjAQ
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 2024-06-30_a5e533b76eaf9ba13d43b1ea6403a48c_bkransomware_icedid
Files
-
2024-06-30_a5e533b76eaf9ba13d43b1ea6403a48c_bkransomware_icedid.exe windows:5 windows x86 arch:x86
89d53cf2db9e17217dbff70fcf54241e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
GetCommandLineW
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
RtlUnwind
ExitProcess
GetModuleHandleExW
CreateThread
ExitThread
HeapQueryInformation
SetStdHandle
GetFileType
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualQuery
GetStdHandle
GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
GetTickCount
Sleep
TerminateProcess
IsValidCodePage
GetOEMCP
GetCPInfo
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
LCMapStringW
GetStringTypeW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
OutputDebugStringW
WriteConsoleW
SetEnvironmentVariableA
SetErrorMode
ExpandEnvironmentStringsA
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
DeleteFileW
GetThreadLocale
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalFlags
FileTimeToSystemTime
LocalAlloc
FileTimeToLocalFileTime
SuspendThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
CloseHandle
GetCurrentProcessId
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetCurrentThread
FormatMessageW
LocalFree
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
LeaveCriticalSection
EnterCriticalSection
EncodePointer
MulDiv
GlobalUnlock
GlobalLock
FreeResource
GetModuleHandleW
GetModuleHandleA
OutputDebugStringA
GetACP
ResumeThread
DeleteCriticalSection
DecodePointer
HeapSize
RaiseException
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
GetLastError
GetCurrentThreadId
GetModuleFileNameW
LoadLibraryW
GlobalFree
GlobalAlloc
WideCharToMultiByte
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryA
GetVersionExW
GetComputerNameA
SetLastError
FindResourceW
LoadResource
LockResource
SetUnhandledExceptionFilter
SizeofResource
user32
RegisterClipboardFormatW
PostThreadMessageW
GetMonitorInfoW
MonitorFromWindow
WinHelpW
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
EqualRect
CopyRect
MapWindowPoints
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ValidateRect
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
IsWindowVisible
InvalidateRgn
SetWindowPos
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
PostMessageW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetDesktopWindow
GetWindowLongW
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetParent
SendDlgItemMessageA
EnableWindow
LoadImageW
CopyAcceleratorTableW
OffsetRect
CharNextW
UnregisterClassW
LoadCursorW
SetCursor
GetSysColorBrush
RedrawWindow
GetSubMenu
LoadMenuW
PtInRect
GetWindowRect
DrawIcon
GetSystemMetrics
IsIconic
SetTimer
GetClientRect
SendMessageW
CharUpperW
AppendMenuW
GetSystemMenu
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
SetRect
InvalidateRect
KillTimer
ReleaseCapture
SetCapture
CheckMenuItem
IntersectRect
RealChildWindowFromPoint
DestroyMenu
GetCursorPos
TranslateMessage
GetMessageW
GetWindowThreadProcessId
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
IsDialogMessageW
SetWindowTextW
IsDlgButtonChecked
CheckRadioButton
MoveWindow
ShowWindow
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
gdi32
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
RestoreDC
SaveDC
ExtSelectClipRgn
SelectObject
SetBkColor
SetBkMode
SetMapMode
SetTextColor
GetObjectW
TextOutW
ExtTextOutW
GetDeviceCaps
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
GetClipBox
Escape
DeleteObject
DeleteDC
CreateBitmap
CreateFontW
GetStockObject
winspool.drv
ClosePrinter
DocumentPropertiesW
OpenPrinterW
advapi32
RegOpenKeyExA
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExA
shell32
ShellExecuteW
comctl32
InitCommonControlsEx
shlwapi
PathFindFileNameW
UrlUnescapeW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
ole32
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CoCreateGuid
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoRegisterMessageFilter
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
oleaut32
SysAllocString
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantChangeType
VariantCopy
OleCreateFontIndirect
VariantClear
VariantInit
SysFreeString
SysAllocStringLen
oledlg
OleUIBusyW
ws2_32
closesocket
gethostbyname
WSAStartup
htons
connect
send
WSAGetLastError
recv
inet_ntoa
socket
inet_addr
oleacc
LresultFromObject
CreateStdAccessibleObject
wininet
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetQueryOptionW
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetOpenUrlW
HttpQueryInfoW
InternetCrackUrlW
InternetCloseHandle
InternetOpenW
InternetCanonicalizeUrlW
Sections
.text Size: 312KB - Virtual size: 312KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 98KB - Virtual size: 98KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 12KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 343KB - Virtual size: 344KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE