82d6e2a847f29860cb2117836d925a30_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

82d6e2a847f29860cb2117836d925a30_icedid_JC.exe
Size

823KB
MD5

82d6e2a847f29860cb2117836d925a30
SHA1

11d70b36ddece82dc28d3026a4c1038731f91a69
SHA256

be5a3ab5fc439bbd3d580bd8ed47781b7dce08fd2c6ee348719c4ad8ce2886c3
SHA512

7360388b8ddbe489cf71538851cdf997c20416436e204de2614a81f58604a9f1187ea5490ade3d333a23b5b00a98b573a25b53f1850b5df9fd7ff72ca9f33367
SSDEEP

24576:KEbzYJuX3+g8/oOCFQvPh/3zw2dE5NOlV:KMXH+X/oOCqvPpdE7OH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82d6e2a847f29860cb2117836d925a30_icedid_JC.exe

Files

82d6e2a847f29860cb2117836d925a30_icedid_JC.exe
.exe windows x86

f141d06f08b8984823619fb585f28476

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
GetTickCount
RtlUnwind
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
ExitProcess
HeapFree
HeapAlloc
GetCommandLineA
GetStartupInfoA
VirtualQuery
ExitThread
CreateThread
HeapReAlloc
HeapSize
GetACP
IsValidCodePage
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetUserDefaultLCID
EnumSystemLocalesA
GetFileSizeEx
GetStringTypeA
GetStringTypeW
HeapCreate
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
SizeofResource
GetFileAttributesExA
FileTimeToLocalFileTime
GetShortPathNameA
GetVolumeInformationA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetDriveTypeA
GetFileInformationByHandle
ExpandEnvironmentStringsA
WaitForMultipleObjects
PeekNamedPipe
GetSystemDirectoryA
VerSetConditionMask
VerifyVersionInfoA
SleepEx
lstrcmpiA
GetStringTypeExA
MoveFileA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GetModuleHandleW
GlobalFlags
GetModuleFileNameW
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
FileTimeToSystemTime
GetThreadLocale
GetModuleFileNameA
GetCurrentProcessId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetVersionExA
WaitForSingleObject
GetCurrentThreadId
SetLastError
GlobalAlloc
FormatMessageA
LocalFree
MultiByteToWideChar
MulDiv
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
WriteFile
SetFileTime
GetCurrentDirectoryA
GetFileAttributesA
CreateDirectoryA
LocalFileTimeToFileTime
lstrcpyA
lstrlenA
lstrcatA
SystemTimeToFileTime
ReadFile
SetFilePointer
OpenProcess
VirtualAllocEx
ReadProcessMemory
VirtualFreeEx
GetModuleHandleA
GetCurrentProcess
LoadLibraryA
GetProcAddress
FreeLibrary
CreateFileA
UnmapViewOfFile
CloseHandle
FindFirstFileA
FindClose
GetLastError
DeleteFileA
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
InterlockedDecrement
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
IsValidLocale

user32

DestroyIcon
WindowFromPoint
KillTimer
SetTimer
SetRect
IsRectEmpty
LoadCursorA
GetSysColorBrush
GetMenuItemInfoA
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
IsZoomed
InflateRect
EndPaint
BeginPaint
GetWindowDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
UnpackDDElParam
ReuseDDElParam
DestroyMenu
SetCursor
ReleaseCapture
LoadAcceleratorsA
InvalidateRect
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CharUpperA
RegisterWindowMessageA
LoadIconA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
SetMenu
SetForegroundWindow
PostMessageA
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
SendMessageA
EnableWindow
SetWindowLongA
GetWindowLongA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
CopyRect
DefWindowProcA
CallWindowProcA
PtInRect
GetMenu
OffsetRect
CharNextA
CopyAcceleratorTableA
InvalidateRgn
SetCapture
GetNextDlgGroupItem
MessageBeep
UnregisterClassA
PostThreadMessageA
CheckMenuItem
RegisterClipboardFormatA
FindWindowExA
FindWindowA
UpdateWindow
GetWindowThreadProcessId
GetSubMenu
LoadMenuA
GetClientRect
wsprintfA
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
ReleaseDC
IsWindow
DestroyWindow
CreateDialogIndirectParamA
SetActiveWindow
GetActiveWindow
GetDesktopWindow
GetMenuItemCount
GetMenuItemID
GetMenuState
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
IsWindowVisible
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
SetWindowsHookExA
SetFocus
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetFocus
SetWindowPos
ShowWindow
MoveWindow
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetWindowTextLengthA
GetWindowTextA
GetWindow

gdi32

CreateFontIndirectA
CreateRectRgnIndirect
GetMapMode
DPtoLP
GetTextMetricsA
GetTextExtentPoint32A
GetBkColor
GetTextColor
GetRgnBox
CreateSolidBrush
GetStockObject
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
DeleteObject
IntersectClipRect
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
GetDeviceCaps
Escape

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
CryptEncrypt
CryptDestroyKey
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
CryptImportKey
RegCreateKeyA
RegCreateKeyExA
GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueA
RegCloseKey

shell32

DragFinish
DragQueryFileA
ExtractIconA
SHGetFileInfoA
ShellExecuteA

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

oledlg

ord8

ole32

StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoUninitialize
CoInitializeEx
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoTaskMemFree
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemAlloc

oleaut32

VariantInit
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString
SysFreeString
VariantCopy
VariantChangeType
VarUdateFromDate
SysStringLen
SysAllocStringByteLen
SysAllocStringLen
SafeArrayDestroy
VarDateFromStr
VarBstrFromDate
OleCreateFontIndirect
GetErrorInfo

wldap32

ord22
ord211
ord143
ord60
ord50
ord26
ord30
ord200
ord32
ord35
ord79
ord33
ord301
ord46
ord41
ord27

ws2_32

connect
freeaddrinfo
getaddrinfo
sendto
recvfrom
accept
listen
ioctlsocket
gethostname
htonl
ntohl
socket
WSACleanup
WSAStartup
WSASetLastError
__WSAFDIsSet
WSAGetLastError
select
recv
send
WSAIoctl
setsockopt
closesocket
ntohs
bind
htons
getsockopt
getpeername
getsockname

crypt32

CertFreeCertificateContext

Sections

.text
Size: 627KB - Virtual size: 626KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f141d06f08b8984823619fb585f28476

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

wldap32

ws2_32

crypt32

Sections

.text Size: 627KB - Virtual size: 626KB

.rdata Size: 135KB - Virtual size: 135KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 47KB - Virtual size: 47KB

.text
Size: 627KB - Virtual size: 626KB

.rdata
Size: 135KB - Virtual size: 135KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 47KB - Virtual size: 47KB