2024-05-12_107a0e2527cf24e59422f9fb30f75bca_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-12_107a0e2527cf24e59422f9fb30f75bca_icedid
Size

2.2MB
MD5

107a0e2527cf24e59422f9fb30f75bca
SHA1

482815ef61ed7d5c3ee85cedafbd0b62d4a1c6be
SHA256

7b1dacde53b16d867d095228a243a5003b385cbaddf4365c244405b18d29b812
SHA512

10b0cdcbe4b7074b67f2ca0cbc6cdeae6c39b9971f65f2305fb4b331ce7767a48331a84325f04762e7f524b657af228f81f48c7592071b34fc423bb936abf082
SSDEEP

49152:uzsgKBCN4LQnXsH7AT+Z7DhfQ0aWBxWjpPNOb9pg9pG:uzstA48YFD9QjWHP9pg9p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-12_107a0e2527cf24e59422f9fb30f75bca_icedid

Files

2024-05-12_107a0e2527cf24e59422f9fb30f75bca_icedid
.exe windows:4 windows x86 arch:x86

18fdcb6e24a5b7535361c7a2e3a6d3b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

p:\LogoTransDotNet\Release\LogoTrans.pdb

Imports

kernel32

QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
LCMapStringA
LCMapStringW
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetEnvironmentVariableA
VirtualFree
HeapCreate
HeapDestroy
SetStdHandle
HeapSize
HeapReAlloc
TerminateProcess
CreateThread
ExitThread
GetACP
GetFileType
GetDateFormatA
GetTimeFormatA
GetSystemTimeAsFileTime
IsBadReadPtr
GetCommandLineA
GetStartupInfoA
ExitProcess
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapFree
HeapAlloc
GetFileTime
GetFileAttributesA
SetErrorMode
FindResourceExA
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
GetCurrentDirectoryA
GlobalFlags
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateFileA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetProfileIntA
VirtualProtect
GlobalGetAtomNameA
GlobalFindAtomA
lstrcatA
lstrcmpW
FreeResource
GlobalAddAtomA
SetLastError
CopyFileA
FormatMessageA
lstrcpynA
LocalFree
GetCurrentThread
GlobalDeleteAtom
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
lstrcmpA
ReadProcessMemory
WriteProcessMemory
UnmapViewOfFile
VirtualFreeEx
CreateFileMappingA
MapViewOfFile
VirtualAllocEx
WaitForMultipleObjectsEx
GlobalAlloc
GlobalSize
CreateDirectoryA
FindFirstFileA
FindClose
DeleteFileA
WaitForMultipleObjects
ResetEvent
SetEvent
CreateEventA
OpenProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
EnumSystemCodePagesA
IsDBCSLeadByteEx
GetCurrentProcessId
GlobalUnlock
GlobalFree
GlobalLock
WaitForSingleObject
InterlockedDecrement
InterlockedIncrement
ResumeThread
GetModuleHandleA
Sleep
GetShortPathNameA
CreateProcessA
GetSystemDirectoryA
CloseHandle
LoadResource
LockResource
SizeofResource
GetCurrentThreadId
GetUserDefaultLCID
GetProcAddress
FindResourceA
FreeLibrary
LoadLibraryA
GetModuleFileNameA
GetTickCount
MulDiv
LeaveCriticalSection
EnterCriticalSection
GetStringTypeExA
CompareStringW
CompareStringA
lstrlenA
lstrlenW
lstrcmpiA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
InterlockedExchange
GetTimeZoneInformation

user32

IsZoomed
CharNextA
SetWindowContextHelpId
wsprintfA
DestroyMenu
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsA
InsertMenuItemA
SetRectEmpty
BringWindowToTop
MapDialogRect
GetAsyncKeyState
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
GetMessageA
ValidateRect
ShowOwnedPopups
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxA
TrackPopupMenu
GetScrollRange
GetScrollPos
AdjustWindowRectEx
DeferWindowPos
GetClassInfoA
RegisterClassA
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SendDlgItemMessageA
CheckRadioButton
CheckDlgButton
GrayStringA
DrawTextExA
TabbedTextOutA
GetMenuState
PostQuitMessage
SendMessageTimeoutW
SendMessageTimeoutA
SetClipboardData
CallWindowProcA
EnumWindows
GetWindowTextLengthA
GetWindowTextA
GetClassNameA
EnumChildWindows
SetActiveWindow
ChildWindowFromPointEx
TranslateAcceleratorA
SetClipboardViewer
SetRect
TranslateMessage
CopyRect
RegisterClassExA
CreateWindowExA
SetCursorPos
DestroyCursor
IsChild
DrawFocusRect
GetSystemMetrics
GetClipboardFormatNameA
GetClipboardData
GetDoubleClickTime
MessageBeep
RegisterClipboardFormatA
IsClipboardFormatAvailable
SetMenuItemInfoA
GetMenuStringA
RemoveMenu
GetMenuItemInfoA
GetMenuItemID
SetWindowPos
ScrollWindow
LoadBitmapA
WindowFromDC
GetWindowPlacement
DestroyWindow
GetDlgItem
GetDialogBaseUnits
GetWindowThreadProcessId
IsWindow
MoveWindow
AttachThreadInput
GetSysColor
AppendMenuA
GetCursorPos
FrameRect
InflateRect
GetDlgCtrlID
WindowFromPoint
DispatchMessageA
ClientToScreen
GetForegroundWindow
IsWindowVisible
IntersectRect
PtInRect
DrawTextA
GetSysColorBrush
FillRect
RegisterWindowMessageA
PostThreadMessageA
GetDesktopWindow
GetTopWindow
IsIconic
ShowWindow
SetForegroundWindow
GetWindow
InsertMenuA
IsWindowUnicode
SetFocus
PostMessageA
SetCapture
ReleaseCapture
KillTimer
GetKeyboardLayout
GetKeyState
PeekMessageA
OpenClipboard
EmptyClipboard
RedrawWindow
IsRectEmpty
DeleteMenu
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
GetDCEx
ShowScrollBar
SetScrollInfo
GetScrollInfo
GetFocus
CreateCaret
ShowCaret
SetCaretPos
GetCapture
LoadCursorA
SetCursor
BeginPaint
EndPaint
DefWindowProcA
HideCaret
InvalidateRect
LockWindowUpdate
SetParent
ChangeClipboardChain
CloseClipboard
SystemParametersInfoA
SetTimer
GetWindowDC
OffsetRect
GetWindowLongA
LoadIconA
GetParent
ScreenToClient
GetClientRect
GetWindowRect
GetSystemMenu
SetMenu
GetMenu
SendMessageA
LoadMenuA
GetSubMenu
GetMenuItemCount
CreatePopupMenu
EqualRect
ReleaseDC
GetDC
EnableWindow
SetWindowLongA
UnregisterClassA
UpdateWindow
CharUpperA
IsWindowEnabled

gdi32

SelectClipRgn
ExtTextOutW
GetPixel
StartDocA
PtVisible
RectVisible
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
CreateRectRgnIndirect
GetTextColor
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
SetRectRgn
GetRgnBox
SelectPalette
RealizePalette
CreateDIBSection
CreatePalette
GetTextExtentExPointW
TextOutW
TextOutA
GetTextExtentPointW
GetTextExtentPointA
GetTextCharset
GetTextExtentExPointA
GetTextExtentPoint32W
GetDIBits
FrameRgn
IntersectClipRect
ExcludeClipRect
RestoreDC
SaveDC
CreateDCA
CopyMetaFileA
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
PlayEnhMetaFile
SetWinMetaFileBits
DeleteEnhMetaFile
SetEnhMetaFileBits
StretchDIBits
MoveToEx
LineTo
CreatePen
GetTextExtentPoint32A
PatBlt
GetCurrentObject
GetBkColor
GetBkMode
CreateBitmap
GetMapMode
SetMapMode
ExtTextOutA
EnumFontFamiliesA
EnumFontFamiliesExA
GetObjectA
GdiFlush
CreateCompatibleBitmap
LPtoDP
GetViewportOrgEx
GetWindowOrgEx
DPtoLP
CreateSolidBrush
GetFontData
GetDeviceCaps
SetWindowOrgEx
Rectangle
GetViewportExtEx
GetWindowExtEx
CombineRgn
SetBkColor
GetNearestColor
CreateCompatibleDC
BitBlt
SetBkMode
SetTextColor
DeleteDC
CreateRectRgn
PtInRegion
GetClipBox
GetStockObject
CreateFontIndirectA
GetTextMetricsA
DeleteObject
SelectObject
GetCharacterPlacementW

comdlg32

PrintDlgA
GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter
GetJobA

advapi32

RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegEnumValueA
RegNotifyChangeKeyValue
OpenSCManagerA
OpenServiceA
CloseServiceHandle
QueryServiceStatus
StartServiceA
RegQueryValueA
RegCloseKey
RegDeleteKeyA
RegOpenKeyA
ControlService

shell32

DragQueryFileA
SHGetMalloc
SHGetPathFromIDListW
SHGetDesktopFolder
DragFinish
ShellExecuteA

comctl32

ord17
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
SHDeleteKeyA
UrlUnescapeA

oledlg

ord8

ole32

CoLockObjectExternal
RegisterDragDrop
OleDuplicateData
ReleaseStgMedium
CoTaskMemAlloc
RevokeDragDrop
CoTaskMemFree
CLSIDFromString
CoRevokeClassObject
CLSIDFromProgID
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleGetClipboard
OleIsCurrentClipboard
OleFlushClipboard
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
CoGetClassObject
CoDisconnectObject
DoDragDrop
StgOpenStorageOnILockBytes
OleLockRunning
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal

oleaut32

SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
OleCreateFontIndirect
SysAllocStringByteLen
SysStringLen
LoadTypeLi
VariantChangeType
SysAllocStringLen
VariantInit
VariantClear
SysFreeString

wininet

InternetWriteFile
InternetSetFilePointer
InternetGetLastResponseInfoA
InternetCanonicalizeUrlA
InternetCrackUrlA
HttpOpenRequestA
InternetQueryOptionA
HttpSendRequestA
HttpQueryInfoA
InternetErrorDlg
InternetConnectA
InternetOpenUrlA
InternetQueryDataAvailable
InternetReadFile
InternetOpenA
InternetSetStatusCallback
InternetSetOptionA
InternetGetConnectedState
InternetAutodial
InternetCloseHandle

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 396KB - Virtual size: 394KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 468KB - Virtual size: 465KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18fdcb6e24a5b7535361c7a2e3a6d3b4

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 396KB - Virtual size: 394KB

.data Size: 60KB - Virtual size: 85KB

.rsrc Size: 468KB - Virtual size: 465KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 396KB - Virtual size: 394KB

.data
Size: 60KB - Virtual size: 85KB

.rsrc
Size: 468KB - Virtual size: 465KB