Static task
static1
Behavioral task
behavioral1
Sample
7e869264d0e7a3807011210c9417c46d_icedid_JC.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
7e869264d0e7a3807011210c9417c46d_icedid_JC.exe
Resource
win10v2004-20230703-en
General
-
Target
7e869264d0e7a3807011210c9417c46d_icedid_JC.exe
-
Size
441KB
-
MD5
7e869264d0e7a3807011210c9417c46d
-
SHA1
eaa375efffdc14e521f27cb344a9f4b7a6341798
-
SHA256
fe2b280269951a4c6423812db66c422bb5894237a700f3bf3291673b3870e86f
-
SHA512
8c558e700d2ba6fa361ff717a845c2ea94533af89c3d33414c17271b7101e4bca71b5e44c11a1f189f6cbb2e0aeb203c72898eb4a4fa92983a3f185de1250863
-
SSDEEP
12288:DIdhKUaai50+SigWJX3elt5PZCPxJIrayEPN:8mUaaWJ+DTCPxV
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 7e869264d0e7a3807011210c9417c46d_icedid_JC.exe
Files
-
7e869264d0e7a3807011210c9417c46d_icedid_JC.exe.exe windows x86
d597536f1cb0c4aa6db0ec6ce4770335
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
version
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
dbghelp
MakeSureDirectoryPathExists
kernel32
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GetThreadLocale
GlobalFlags
GetCPInfo
GetOEMCP
FindResourceExA
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetVolumeInformationA
GetFileAttributesA
GetCurrentDirectoryA
SetErrorMode
RtlUnwind
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
GetFileAttributesW
GetStartupInfoA
HeapAlloc
HeapFree
RaiseException
VirtualQuery
InitializeCriticalSection
SetStdHandle
GetFileType
ExitProcess
ExitThread
CreateThread
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetDriveTypeA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GetModuleHandleW
FileTimeToLocalFileTime
FindNextFileA
InterlockedDecrement
GetModuleFileNameW
GetCurrentProcessId
CreateEventA
SuspendThread
ResumeThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
VirtualProtect
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
CompareStringA
LoadLibraryA
lstrcmpW
GetModuleHandleA
GetProcAddress
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
lstrlenA
CopyFileA
GetSystemInfo
VirtualAlloc
GetExitCodeThread
Sleep
VirtualFree
GetFileSizeEx
GetSystemTime
CopyFileExA
FormatMessageA
LocalFree
WriteFile
ReadFile
DeleteFileA
GetLogicalDrives
GetDiskFreeSpaceExA
GetTickCount
WaitForSingleObject
ResetEvent
SetEvent
GetVersionExA
lstrcmpiA
GetLocalTime
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
FindFirstFileA
FindClose
GetCurrentProcess
IsWow64Process
GetCommandLineA
GetNativeSystemInfo
CreateFileA
GetFileTime
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
CloseHandle
OutputDebugStringA
GetFullPathNameA
GetLastError
MultiByteToWideChar
GetModuleFileNameA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
HeapReAlloc
user32
MessageBeep
UnregisterClassA
RegisterClipboardFormatA
PostThreadMessageA
LoadCursorA
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
GetWindowThreadProcessId
SetCursor
GetMessageA
GetCursorPos
ValidateRect
PostQuitMessage
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetActiveWindow
MapDialogRect
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetNextDlgGroupItem
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
IsWindow
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetParent
EqualRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
GetWindowLongA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableA
CharNextA
GrayStringA
DrawTextExA
ReleaseCapture
SetCapture
CharUpperA
SetWindowsHookExA
DrawTextA
TabbedTextOutA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
UnregisterDeviceNotification
PeekMessageA
TranslateMessage
DispatchMessageA
GetAsyncKeyState
GetSystemMetrics
LoadIconA
GetClientRect
GetWindowRect
IsIconic
GetSystemMenu
AppendMenuA
DrawIcon
RegisterWindowMessageA
PostMessageA
GetSysColor
SendMessageA
EnableWindow
InvalidateRect
ReleaseDC
GetDC
CopyRect
gdi32
ExtSelectClipRgn
DeleteDC
CreateBitmap
GetStockObject
TextOutA
CreateSolidBrush
SetWindowExtEx
CreateRectRgnIndirect
GetMapMode
EnumFontFamiliesExA
GetBkColor
GetTextColor
GetRgnBox
ScaleWindowExtEx
RectVisible
PtVisible
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
SaveDC
GetDeviceCaps
CreateFontA
GetTextExtentPoint32A
GetWindowExtEx
GetViewportExtEx
GetObjectA
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
ExtTextOutA
comdlg32
GetFileTitleA
winspool.drv
ClosePrinter
DocumentPropertiesA
OpenPrinterA
advapi32
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
shell32
CommandLineToArgvW
comctl32
InitCommonControlsEx
shlwapi
PathFindFileNameA
PathRemoveFileSpecW
PathStripToRootA
PathFileExistsA
PathFindExtensionA
PathIsUNCA
oledlg
ord8
ole32
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitializeEx
CoCreateInstance
CoUninitialize
CLSIDFromString
CoFreeUnusedLibraries
CoTaskMemAlloc
CoTaskMemFree
CoRegisterMessageFilter
OleFlushClipboard
OleInitialize
CoRevokeClassObject
CLSIDFromProgID
OleIsCurrentClipboard
oleaut32
SysAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysAllocStringByteLen
SysFreeString
SysStringLen
OleCreateFontIndirect
SysAllocString
Sections
.text Size: 307KB - Virtual size: 306KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 75KB - Virtual size: 75KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 11KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 46KB - Virtual size: 45KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ