2024-03-27_5bebde6385e1e9943507c53067b9ca27_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-27_5bebde6385e1e9943507c53067b9ca27_icedid
Size

2.4MB
MD5

5bebde6385e1e9943507c53067b9ca27
SHA1

69714b1be01f26fa2b57bacfad9efef29d9b51b6
SHA256

9cb49a3676980907c80ba55fea37097e0a3ed6b156e218d7d771db3436a16d98
SHA512

bc4d0ffe3741ec7001f897e77c45959a7ffa6c0430c8322054d6c1db4315524d0fa9139b05f3dbb47bced0bd3b6766455cfc69025cdc0dc3abcb2481e817839a
SSDEEP

49152:LJadwX6fP8cKN4c19Yih+WBRK8y45wIc7yPjwjWnO3UTFc/MC:0M6fPx5G9nh+m2Ic7yPjwjWnO81C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-27_5bebde6385e1e9943507c53067b9ca27_icedid

Files

2024-03-27_5bebde6385e1e9943507c53067b9ca27_icedid
.exe windows:5 windows x86 arch:x86

ed4faef2705b6b7d01445b675967db1d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\08 LogPro\08 LogPro V1.0 - zx\Release\LogPro.pdb

Imports

pdflib

PDF_begin_page_ext
PDF_fit_table
PDF_end_page_ext
PDF_delete_table
PDF_get_errnum
PDF_end_document
pdf_catch
PDF_get_apiname
PDF_add_table_cell
PDF_load_font
PDF_set_info
PDF_get_errmsg
PDF_begin_document
PDF_set_parameter
pdf_jbuf
PDF_delete
PDF_new

kernel32

SetHandleCount
GetFileType
HeapCreate
VirtualFree
QueryPerformanceCounter
GetDriveTypeA
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
GetTimeZoneInformation
IsValidCodePage
GetACP
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSize
CreateThread
ExitThread
ExitProcess
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
RaiseException
RtlUnwind
HeapFree
GetTempPathA
GetPrivateProfileSectionNamesA
EnumResourceTypesA
EnumResourceNamesA
GetExitCodeThread
TerminateThread
lstrcpynA
GetLocalTime
GetProcessHeap
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceA
SetLastError
GetLastError
LoadLibraryA
GetModuleHandleA
GetProcAddress
DeleteFileA
CreateDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
SetEvent
CloseHandle
ResetEvent
CreateEventA
InitializeCriticalSection
EnterCriticalSection
CreateFileA
SetCommTimeouts
SetCommMask
GetCommState
BuildCommDCBA
SetCommState
PurgeComm
LeaveCriticalSection
WaitCommEvent
ClearCommError
WaitForMultipleObjects
GetCommMask
ResumeThread
SuspendThread
FormatMessageA
LocalFree
WriteFile
GetOverlappedResult
ReadFile
Sleep
GetModuleFileNameA
GetCurrentProcessId
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
GetProfileIntA
GetFileSizeEx
SetFileAttributesA
LocalFileTimeToFileTime
GetFileAttributesExA
SetErrorMode
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetModuleHandleW
InterlockedIncrement
GetDiskFreeSpaceA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
WaitForSingleObject
SetThreadPriority
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetTickCount
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
lstrcmpiA
GetThreadLocale
GetStringTypeExA
MoveFileA
FindFirstFileA
FileTimeToLocalFileTime
FindNextFileA
FindClose
SystemTimeToFileTime
FileTimeToSystemTime
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetVersionExA
FreeResource
FreeLibrary
InterlockedDecrement
GetModuleFileNameW
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
lstrlenA
GetEnvironmentStringsW

user32

CopyAcceleratorTableA
CharNextA
PostThreadMessageA
DeleteMenu
UnregisterClassA
GetSysColorBrush
WaitMessage
WindowFromPoint
DestroyCursor
SetRect
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorA
ShowOwnedPopups
GetMessageA
TranslateMessage
ValidateRect
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatA
PostQuitMessage
DestroyMenu
GetMenuItemInfoA
InflateRect
CharUpperA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
MapVirtualKeyA
GetKeyNameTextA
ReleaseDC
IsRectEmpty
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
LoadIconA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
SendMessageA
EnableWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
IsWindowVisible
CreateWindowExA
GetClassInfoExA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
DestroyIcon
GetSystemMenu
SetParent
UnionRect
DrawIcon
SetWindowRgn
EqualRect
DeferWindowPos
CreateMenu
GetTabbedTextExtentA
GetDCEx
LockWindowUpdate
IsClipboardFormatAvailable
GetDC
SetTimer
InvalidateRect
GetClientRect
OffsetRect
PostMessageA
ShowWindow
LoadBitmapA
GetCursorPos
LoadMenuA
GetSubMenu
UpdateWindow
GetClassInfoA
SetCursor
LoadCursorA
DrawFocusRect
ReleaseCapture
SetCapture
GetFocus
KillTimer
RegisterWindowMessageA
MessageBoxA
TranslateMDISysAccel
DrawMenuBar
DefFrameProcA
GetClipboardData
SendMessageTimeoutA
IsWindowUnicode
GetWindowLongW
SetWindowLongW
SetClassLongA
GetMenuDefaultItem
GetCursor
SetCursorPos
DrawEdge
GetDoubleClickTime
GetMenuStringW
LookupIconIdFromDirectoryEx
mouse_event
EmptyClipboard
CloseClipboard
OpenClipboard
DrawFrameControl
HideCaret
ShowCaret
IsMenu
GetWindowRgn
GetKeyboardLayout
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayoutList
GetKeyboardState
ToAsciiEx
wsprintfA
OpenInputDesktop
GetUserObjectInformationA
CloseDesktop
IsZoomed
SetClipboardData
LoadImageA
DrawIconEx
CreateIconFromResourceEx
CreateIconIndirect
CopyIcon
GetIconInfo
DrawStateA
InvertRect
RedrawWindow
IsWindowEnabled
GetScrollInfo
SetScrollInfo
CopyRect
DefWindowProcA
CallWindowProcA
PtInRect
GetMenu
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
SetWindowPos
MoveWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
GetWindow
SetFocus
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
GetLastActivePopup
GetWindowLongA
GetParent
GetWindowThreadProcessId
RemoveMenu
GetMenuItemCount
InsertMenuA
GetMenuItemID
AppendMenuA
GetMenuStringA
GetMenuState
UnhookWindowsHookEx
EndDialog

gdi32

GetDeviceCaps
ResetDCA
CreateDIBSection
CreateCompatibleDC
CreateICA
CreatePen
CreateSolidBrush
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
DeleteObject
SelectClipRgn
GetClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
PolyBezierTo
CreateCompatibleBitmap
DeleteDC
CreatePatternBrush
GetStockObject
CreateFontIndirectA
GetTextExtentPoint32A
DPtoLP
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetViewportOrgEx
Rectangle
GetTextMetricsA
SetRectRgn
CombineRgn
GetMapMode
GetCharWidthA
CreateFontA
StretchDIBits
GetBkColor
GetTextColor
GetRgnBox
CreateEllipticRgn
LPtoDP
Ellipse
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetTextExtentPointA
GetWindowOrgEx
ExtSelectClipRgn
BitBlt
CreateDCA
GetClipBox
SetTextColor
SetBkColor
GetObjectA
CreateBitmap
PatBlt
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
GetCurrentPositionEx
Polygon
SetPixel
EnumFontFamiliesExA
StretchBlt
GetDIBits
PtInRegion
GetCurrentObject
Polyline
GetBitmapBits
ExtCreateRegion
CreatePolygonRgn
RoundRect
GetTextExtentPoint32W
ExtTextOutW
StrokePath
FillPath
StrokeAndFillPath
EndPath
CloseFigure
BeginPath
CreateRectRgnIndirect

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
GetJobA
ClosePrinter

advapi32

RegCloseKey
RegCreateKeyA
GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegEnumKeyA
RegQueryValueExA
RegSetValueA
RegOpenKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
RegDeleteKeyA

shell32

SHAppBarMessage
SHGetSpecialFolderLocation
SHGetPathFromIDListA
DragAcceptFiles
ShellExecuteA
SHGetFileInfoA
DragFinish
DragQueryFileA
ExtractIconA
SHGetMalloc

comctl32

_TrackMouseEvent
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_Destroy
ImageList_AddMasked
ImageList_Create
ImageList_Draw
InitCommonControlsEx
ImageList_DrawEx

shlwapi

PathIsUNCA
PathFindExtensionA
PathRemoveExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathStripToRootA
PathFileExistsA

oledlg

ord1
ord8

ole32

CoLockObjectExternal
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoGetClassObject
CoDisconnectObject
CoInitializeEx
CoCreateInstance
CoUninitialize
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
RevokeDragDrop
RegisterDragDrop

oleaut32

SystemTimeToVariantTime
SysFreeString
SysStringLen
SysAllocStringByteLen
SysStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
VarDateFromStr
LoadTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
VariantCopy
SafeArrayDestroy
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
OleLoadPicturePath
VarUdateFromDate
VariantChangeTypeEx
VariantTimeToSystemTime

gdiplus

GdipDeletePen
GdipDrawLineI
GdipFillPolygon
GdipCreatePen1
GdipFillRectangle
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipDrawString
GdipFillRectangleI
GdipCloneBrush
GdipAlloc
GdipFree
GdipDeleteBrush
GdipCreateSolidFill
GdipDeleteGraphics
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateFontFromDC
GdipCreateStringFormat

winmm

PlaySoundA

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 423KB - Virtual size: 423KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 8.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 194KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed4faef2705b6b7d01445b675967db1d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

pdflib

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

winmm

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 423KB - Virtual size: 423KB

.data Size: 40KB - Virtual size: 8.2MB

.rsrc Size: 194KB - Virtual size: 193KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 423KB - Virtual size: 423KB

.data
Size: 40KB - Virtual size: 8.2MB

.rsrc
Size: 194KB - Virtual size: 193KB