2024-06-05_0cb695b52402863086ec8cca9fd303d8_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-05_0cb695b52402863086ec8cca9fd303d8_icedid
Size

3.2MB
MD5

0cb695b52402863086ec8cca9fd303d8
SHA1

471a8c41f16e8e17442c5cea5b5e8e733265779e
SHA256

3674d3728b1acd8ce43ec61e389122f0a5abcb88f9159caabdf75fcdb29b7b01
SHA512

08e3029fe897dc9123018850510db89eb329c4581e478ac341b12fed2942fa8b4fb3aa733807ea3a7eebb91e1247b7eeda1748b8c3b9106947428031e2f32493
SSDEEP

98304:EnIR5rDlcEE80bBmwRd0YuDHmPQGnAcxVeJEMuz1TzwyKS5J:EnIR5SEE8CqGVMuz1TzHKS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-05_0cb695b52402863086ec8cca9fd303d8_icedid

Files

2024-06-05_0cb695b52402863086ec8cca9fd303d8_icedid
.exe windows:6 windows x86 arch:x86

fce57f8cfa8a194d06bf68acdecaf0f4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Projects\loggersuite\processors\sgr52proc\Release\sgr52proc.pdb

Imports

ws2_32

WSACleanup
gethostbyname
ntohl
inet_ntoa
WSAStartup
gethostname
inet_addr
WSAWaitForMultipleEvents
WSASocketA
WSASendDisconnect
WSASend
WSARecv
WSAGetOverlappedResult
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSAConnect
WSACloseEvent
WSAAccept
htonl

mpr

WNetEnumResourceA
WNetCloseEnum
WNetOpenEnumA

kernel32

FindFirstFileExW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
EnumSystemLocalesW
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetTimeZoneInformation
GetStringTypeW
GetStdHandle
ExitProcess
IsValidCodePage
QueryPerformanceCounter
QueryPerformanceFrequency
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
VirtualQuery
VirtualAlloc
GetSystemInfo
GetCommandLineW
GetCommandLineA
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
OutputDebugStringW
FindNextFileW
GetEnvironmentStringsW
InitializeSListHead
GetFileType
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
LocalUnlock
LocalLock
GetUserDefaultLCID
ReplaceFileA
GetTempFileNameA
GetDiskFreeSpaceA
Sleep
SearchPathA
GetProfileIntA
GetSystemTimeAsFileTime
GetTickCount
GetTempPathA
FindResourceExW
VerifyVersionInfoA
VerSetConditionMask
GetWindowsDirectoryA
SetErrorMode
SystemTimeToTzSpecificLocalTime
SetFileTime
SetFileAttributesA
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
GetCurrentDirectoryA
GetCPInfo
GetOEMCP
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
GetACP
GetAtomNameA
LocalReAlloc
LocalAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
SystemTimeToFileTime
FileTimeToSystemTime
GetStringTypeExA
GetThreadLocale
MoveFileA
lstrcmpiA
GetShortPathNameA
LoadLibraryExA
GetVolumeInformationA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
CreateFileA
GetCurrentProcessId
GetPrivateProfileIntA
lstrcmpA
GetModuleFileNameA
GetCurrentThread
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
EncodePointer
SuspendThread
SetThreadPriority
GetCurrentThreadId
FindResourceA
LoadLibraryW
GetModuleHandleW
GetModuleFileNameW
OutputDebugStringA
MultiByteToWideChar
CopyFileA
FormatMessageA
LocalFree
SetLastError
MulDiv
GetFileSize
GetTimeFormatA
GetDateFormatA
GetComputerNameA
GetLocalTime
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalAlloc
LeaveCriticalSection
EnterCriticalSection
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrcpyA
InitializeCriticalSectionEx
WaitForMultipleObjects
CreateEventA
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
RaiseException
DecodePointer
LoadLibraryA
FreeLibrary
GetStartupInfoA
GetProcAddress
GetModuleHandleA
CreateMutexA
ReleaseMutex
GetVersionExA
WideCharToMultiByte
FindResourceW
SizeofResource
LockResource
LoadResource
ResumeThread
TerminateThread
GetCurrentProcess
WaitForSingleObject
DuplicateHandle
SetFileAttributesW
CloseHandle
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetConsoleCtrlHandler
CreateFileW
WriteConsoleW
SetCurrentDirectoryA
CreateDirectoryA
FindNextFileA
GetFileInformationByHandle
RemoveDirectoryA
lstrlenA
GetFileAttributesExW
SetStdHandle

user32

DeleteMenu
MapDialogRect
GetAsyncKeyState
CopyImage
LoadImageW
DestroyIcon
TrackMouseEvent
MapVirtualKeyA
GetKeyNameTextA
RealChildWindowFromPoint
GetDialogBaseUnits
LoadCursorA
GetSysColorBrush
GetTabbedTextExtentW
CharUpperA
GetMenuItemInfoA
DestroyMenu
LoadBitmapA
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
ReleaseDC
GetDC
IsZoomed
SetRect
WindowFromPoint
ClientToScreen
KillTimer
GetWindowThreadProcessId
SetCursor
ShowOwnedPopups
PostQuitMessage
IsDialogMessageA
SetWindowTextA
ScrollWindowEx
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
UnhookWindowsHookEx
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
EqualRect
MapWindowPoints
ScreenToClient
MessageBoxA
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
BringWindowToTop
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetDlgCtrlID
SetLayeredWindowAttributes
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
SetWindowPos
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
GetFocus
SendDlgItemMessageA
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
SetFocus
CallNextHookEx
SetWindowsHookExA
EnumDisplayMonitors
OpenClipboard
CloseClipboard
ReleaseCapture
LoadAcceleratorsA
SetClipboardData
EmptyClipboard
DrawStateA
GetCursorPos
ValidateRect
GetKeyState
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
GetDesktopWindow
GetWindowLongA
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
TranslateAcceleratorA
LoadMenuA
CreatePopupMenu
InsertMenuItemA
LoadImageA
GetMenuBarInfo
UnpackDDElParam
ReuseDDElParam
SetParent
WaitMessage
SetCapture
LoadCursorW
GetMenuDefaultItem
GetNextDlgGroupItem
DrawFocusRect
DrawIconEx
GetIconInfo
MessageBeep
EnableScrollBar
HideCaret
InvertRect
ShowScrollBar
SetClassLongA
SetWindowRgn
DrawEdge
DrawFrameControl
LoadMenuW
SetCursorPos
GetTabbedTextExtentA
DestroyCursor
GetWindowRgn
WindowFromDC
CreateMenu
InSendMessage
MonitorFromRect
SendNotifyMessageA
SendMessageA
EnableWindow
PostMessageA
IsWindowVisible
GetParent
InvalidateRect
CopyRect
LoadBitmapW
GetWindowPlacement
IsIconic
SetTimer
GetSystemMetrics
GetSystemMenu
EnableMenuItem
AppendMenuA
DrawIcon
GetClientRect
GetWindowRect
IntersectRect
OffsetRect
GetWindow
LoadIconW
SystemParametersInfoA
UnregisterClassA
FillRect
IsRectEmpty
PtInRect
InflateRect
GetSysColor
SetRectEmpty
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
RemoveMenu
IsWindow
SubtractRect
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
NotifyWinEvent
DrawMenuBar
EnumChildWindows
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffA
RegisterClipboardFormatA
ModifyMenuA
GetDoubleClickTime
SetMenuDefaultItem
CopyAcceleratorTableA
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
PostThreadMessageA
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
LockWindowUpdate
GetDCEx
UnionRect
FrameRect
EndDeferWindowPos
CopyIcon

gdi32

GetTextMetricsA
DeleteObject
GetDeviceCaps
GetDIBits
GetPaletteEntries
PlgBlt
RealizePalette
SelectObject
SetDIBits
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateHalftonePalette
GetTextAlign
Rectangle
Ellipse
DPtoLP
CopyMetaFileA
CreateDCA
CreateBitmap
SetBkColor
SetTextColor
GetBkColor
CreateCompatibleBitmap
CreateFontA
GetCharWidthA
StretchDIBits
CreateDIBPatternBrushPt
CreateHatchBrush
CreatePatternBrush
CreateRectRgn
Escape
ExcludeClipRect
GetClipRgn
GetCurrentPositionEx
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextAlign
SetTextJustification
PlayMetaFileRecord
GetTextExtentPoint32A
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocA
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
MoveToEx
TextOutA
ExtTextOutA
PolyBezierTo
PolylineTo
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
PatBlt
CombineRgn
GetMapMode
SetRectRgn
CreatePalette
GetNearestPaletteIndex
GetSystemPaletteEntries
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
CreateEllipticRgn
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
EnumFontFamiliesExA
GetRgnBox
OffsetRgn
GetCurrentObject
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CreateMetaFileA
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextExtentPointA
GetTextExtentPoint32W
GetTextFaceA
CreateFontIndirectA
SetWindowOrgEx
SetViewportOrgEx
SetViewportExtEx
LPtoDP
ExtCreatePen
CreateSolidBrush
CreatePen
SetMetaFileBitsEx
GetMetaFileBitsEx
DeleteDC
GetDCOrgEx
GetClipBox
GetObjectA
CreateCompatibleDC
EnumMetaFile
SetWindowExtEx
BitBlt

msimg32

AlphaBlend
TransparentBlt

winspool.drv

GetJobA
ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

GetFileSecurityA
SetFileSecurityA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExW
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegSetValueA
RegCloseKey
GetUserNameA

shell32

SHBindToParent
SHGetFileInfoA
SHAddToRecentDocs
ExtractIconA
DragQueryFileA
DragFinish
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteExA
SHAppBarMessage
SHBrowseForFolderA
SHGetMalloc
ShellExecuteA
SHGetDesktopFolder

shlwapi

PathFindExtensionA
PathFindFileNameA
PathRemoveExtensionA
PathIsUNCA
PathStripToRootA
PathRemoveFileSpecW
StrFormatKBSizeA
StrRetToBufA

uxtheme

GetCurrentThemeName
GetThemeColor
DrawThemeText
DrawThemeParentBackground
GetWindowTheme
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
DrawThemeBackground
CloseThemeData
OpenThemeData
IsAppThemed
GetThemeSysColor

ole32

CLSIDFromProgID
OleRegGetMiscStatus
OleRegEnumVerbs
StgCreateDocfileOnILockBytes
WriteClassStm
GetHGlobalFromILockBytes
CreateGenericComposite
DoDragDrop
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateFileMoniker
CreateILockBytesOnHGlobal
StgIsStorageFile
StgOpenStorageOnILockBytes
CreateItemMoniker
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
OleRun
CreateDataAdviseHolder
StgOpenStorage
StgCreateDocfile
OleLockRunning
OleSetMenuDescriptor
PropVariantCopy
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CLSIDFromString
CoDisconnectObject
StringFromGUID2
CoInitializeEx
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CreateStreamOnHGlobal
CreateOleAdviseHolder
GetRunningObjectTable
OleIsRunning
CoGetMalloc
OleQueryLinkFromData
OleQueryCreateFromData
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CoGetClassObject
CoRegisterClassObject
CoRegisterMessageFilter

oleaut32

SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VariantCopy
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
SafeArrayDestroy
SysAllocString
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
SafeArrayGetLBound
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
VarDateFromStr
VariantTimeToSystemTime
VariantClear
SystemTimeToVariantTime
SysFreeString
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
VariantInit
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetUBound
VarDecFromStr
VariantChangeType
SysReAllocStringLen

oledlg

ord8

wsock32

WSAGetLastError
WSASetLastError
ntohs
htons
getsockname
getpeername
closesocket
bind

gdiplus

GdipGetImageEncodersSize
GdipGetImageEncoders
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipDrawImageI
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipSaveImageToStream
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 569KB - Virtual size: 569KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fce57f8cfa8a194d06bf68acdecaf0f4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

mpr

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

wsock32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 569KB - Virtual size: 569KB

.data Size: 33KB - Virtual size: 52KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 569KB - Virtual size: 569KB

.data
Size: 33KB - Virtual size: 52KB

.rsrc
Size: 23KB - Virtual size: 23KB