946c702743d0fdb2bbee3dcc51c5793b_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

946c702743d0fdb2bbee3dcc51c5793b_icedid_JC.exe
Size

1.4MB
MD5

946c702743d0fdb2bbee3dcc51c5793b
SHA1

aeeb037e8aafea7ae7bc8f3260dac3339e83ba65
SHA256

75aa7ce746c0f9e6f941a6cc487219fe097415aacf82ee09132f6f015f4f7ff5
SHA512

15bac8b77b8a9034b7cbc677ebb9c73c3d8307fe45a994df5d345e5f5fd75a5b49eb4ad61b6726d671d2643bee25b0b61f3e7e2974bd73f6aada7c864efc0c2f
SSDEEP

24576:0rDSnBuwKfxVLEkFAyGGGPqr29R3pdfwAzWFFql:2yDGGPqAR4AzWvql

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
946c702743d0fdb2bbee3dcc51c5793b_icedid_JC.exe

Files

946c702743d0fdb2bbee3dcc51c5793b_icedid_JC.exe
.exe windows x86

778cc74674d843d880d05ba65f50ce17

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
HeapSize
SetStdHandle
GetTimeZoneInformation
GetACP
IsValidCodePage
SetHandleCount
GetStdHandle
HeapCreate
VirtualFree
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetProcessHeap
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
CompareStringW
SetEnvironmentVariableA
HeapReAlloc
HeapAlloc
RaiseException
RtlUnwind
GetStartupInfoA
ExitProcess
GetFileType
CreateDirectoryA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapFree
GetSystemTimeAsFileTime
GetTickCount
GetSystemDirectoryW
LoadLibraryW
SetErrorMode
GetModuleHandleW
GetShortPathNameA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
GetStringTypeExA
DeleteFileA
MoveFileA
GetThreadLocale
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GlobalFlags
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetFileSizeEx
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileAttributesExA
FileTimeToLocalFileTime
FileTimeToSystemTime
InterlockedDecrement
GetModuleFileNameW
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
FormatMessageA
LocalFree
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
LoadLibraryExA
InterlockedExchange
lstrcmpA
lstrlenA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
CompareStringA
LoadLibraryA
SetLastError
MultiByteToWideChar
lstrcmpW
GetModuleHandleA
GetProcAddress
FreeResource
GlobalAlloc
GlobalFree
DeviceIoControl
GetLastError
GetDiskFreeSpaceExA
GetDriveTypeA
GetVolumeInformationA
CreateProcessA
WaitForSingleObject
Sleep
CloseHandle
GetFileTime
GetFileAttributesA
SetFileTime
CreateFileA
MulDiv
GetVersionExA
LockResource
GlobalUnlock
SizeofResource
WideCharToMultiByte
GetCommandLineA
GlobalLock
LoadResource
FindResourceA
CreateFileW

user32

InsertMenuA
RemoveMenu
GetMessageA
GetCursorPos
ValidateRect
GetWindowThreadProcessId
ShowOwnedPopups
PostQuitMessage
ShowWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxA
CreateWindowExA
GetClassInfoExA
RegisterClassA
AppendMenuA
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
GetWindowPlacement
GetWindowRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
GetParent
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
TranslateMessage
PeekMessageA
DispatchMessageA
IsIconic
EnableWindow
UnregisterClassA
GetTabbedTextExtentA
LoadIconA
DrawIcon
GetSystemMetrics
SendMessageA
SetCursor
SetTimer
KillTimer
LoadBitmapA
GetClientRect
SetRect
LoadCursorA
RedrawWindow
PostMessageA
SystemParametersInfoA
CloseWindow
GetMenuStringA
IsZoomed
SetRectEmpty
InvalidateRect
DestroyCursor
ReleaseDC
UpdateWindow
FindWindowA
RegisterClipboardFormatA
GetSysColor
PostThreadMessageA
CreateMenu
CopyAcceleratorTableA
SetCapture
SetWindowRgn
WindowFromPoint
GetDC
DestroyIcon
GetMenuItemInfoA
GetSysColorBrush
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
ReleaseCapture
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorA
InflateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetClassInfoA
FillRect
CharUpperA

gdi32

DPtoLP
Rectangle
PatBlt
GetStockObject
StartDocA
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
DeleteDC
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
DeleteObject
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
GetViewportOrgEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
CreatePatternBrush
CreateSolidBrush
CreateCompatibleBitmap
GetBkColor
CreateEllipticRgn
Ellipse
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetTextAlign
GetTextFaceA
GetCharWidthA
GetTextExtentPointA
GetWindowOrgEx
GetTextMetricsA
CreatePen
CreateDCA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
BitBlt
GetTextExtentPoint32A
LPtoDP
GetDeviceCaps
StretchBlt
CreateFontIndirectA
SelectObject
CreateCompatibleDC
SetViewportExtEx
ExtTextOutA
GetObjectA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
GetJobA
ClosePrinter
OpenPrinterA

advapi32

RegCreateKeyExA
RegCreateKeyA
GetFileSecurityA
SetFileSecurityA
RegSetValueA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
RegOpenKeyExA

shell32

DragFinish
DragQueryFileA
ExtractIconA
SHGetFileInfoA
ShellExecuteA

comctl32

ord17

shlwapi

PathFindExtensionA
PathRemoveFileSpecW
UrlUnescapeA
PathStripToRootA
PathFindFileNameA
PathIsUNCA

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoInitializeEx
CoCreateInstance
CoTaskMemFree
CoUninitialize

oleaut32

VariantTimeToSystemTime
VariantClear
VariantChangeType
VariantInit
SystemTimeToVariantTime

wininet

InternetOpenUrlA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
HttpQueryInfoA
InternetQueryDataAvailable
InternetSetOptionExA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA

Sections

.text
Size: 717KB - Virtual size: 716KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 589KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

778cc74674d843d880d05ba65f50ce17

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

wininet

Sections

.text Size: 717KB - Virtual size: 716KB

.rdata Size: 153KB - Virtual size: 153KB

.data Size: 14KB - Virtual size: 47KB

.rsrc Size: 589KB - Virtual size: 588KB

.text
Size: 717KB - Virtual size: 716KB

.rdata
Size: 153KB - Virtual size: 153KB

.data
Size: 14KB - Virtual size: 47KB

.rsrc
Size: 589KB - Virtual size: 588KB