0b1d3c602ee13d079b90d40371f338d6_icedid_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

0b1d3c602ee13d079b90d40371f338d6_icedid_JC.exe
Size

1.1MB
MD5

0b1d3c602ee13d079b90d40371f338d6
SHA1

f2a92834892b79d33d482c0c53ff591615429452
SHA256

e5a4ba3b4bd70406783a3ae18ce1af20ead5563b62ce785b2d3af7c6f9a85ede
SHA512

af50cb59180a4282f99388809cc2d2c68a38e4fd7b0e85119d856b92781b1d0b341eaa2202f9b7d4e04e30ef22c3410beb5dc2507f3789597f5a50388237c05d
SSDEEP

24576:11wOZcTsKDqqywaTm0Z1heUSWGgx6PtaKzonK:z5iFyScGg6JoK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b1d3c602ee13d079b90d40371f338d6_icedid_JC.exe

Files

0b1d3c602ee13d079b90d40371f338d6_icedid_JC.exe
.exe windows x86

2e0e8d57f804e8f71d84aa0e03ee4e93

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetEnvironmentVariableA
CompareStringW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetTimeZoneInformation
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
GetStringTypeW
GetStringTypeA
IsValidCodePage
GetACP
HeapReAlloc
HeapSize
HeapAlloc
VirtualFree
HeapFree
HeapCreate
HeapDestroy
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
QueryPerformanceCounter
LoadLibraryW
OutputDebugStringW
OutputDebugStringA
DebugBreak
VirtualQuery
GetSystemInfo
ExitProcess
Sleep
IsBadReadPtr
HeapValidate
GetStartupInfoA
GetCommandLineA
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RaiseException
GetStdHandle
GetFileType
WriteConsoleW
GetFileSizeEx
GetFileTime
GetFileAttributesA
GetTickCount
GetModuleHandleW
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
OpenEventA
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
DuplicateHandle
WritePrivateProfileStringA
VirtualProtect
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedIncrement
GetAtomNameA
GetOEMCP
GetCPInfo
GlobalFlags
SetErrorMode
FormatMessageA
LocalFree
InterlockedDecrement
GetModuleFileNameW
GetCurrentProcessId
SetEvent
InterlockedExchange
GlobalAlloc
lstrcmpA
GetCurrentThread
GetLocaleInfoA
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
MulDiv
GlobalLock
GlobalUnlock
GlobalFree
GetThreadLocale
WideCharToMultiByte
SizeofResource
CompareStringA
SetLastError
MultiByteToWideChar
FindResourceA
LoadResource
LockResource
FreeResource
lstrcmpW
FreeLibrary
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
GetModuleHandleA
lstrlenA
lstrcatA
GetLastError
FileTimeToLocalFileTime
LoadLibraryA
FileTimeToSystemTime
CreateEventA
WaitForSingleObject
VirtualAlloc
GetProcAddress
CreateFileA
GetFileSize
ReadFile
CloseHandle
SetConsoleTitleA
GetCurrentProcess
SetEndOfFile

user32

GetLastActivePopup
GetNextDlgTabItem
GetNextDlgGroupItem
GetDesktopWindow
SetCapture
GetActiveWindow
SetTimer
ShowOwnedPopups
IsWindowVisible
ValidateRect
InvalidateRgn
InvalidateRect
GetWindowDC
BeginPaint
BringWindowToTop
GetMenuCheckMarkDimensions
LoadBitmapA
SetMenuItemBitmaps
TabbedTextOutA
PostMessageA
MapDialogRect
RegisterWindowMessageA
GetClassInfoExA
GetClassInfoA
MapWindowPoints
PeekMessageA
DispatchMessageA
SetActiveWindow
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
GetTopWindow
IsChild
GetWindow
GetCapture
WinHelpA
GetKeyState
DestroyWindow
GetClassLongA
GetClassNameA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessagePos
OffsetRect
IsIconic
GetWindowPlacement
GetWindowRect
GetFocus
SetFocus
EnableWindow
IsWindowEnabled
SetWindowPos
MoveWindow
SetWindowLongA
GetDlgCtrlID
SendDlgItemMessageA
GetDlgItem
IsWindow
LoadMenuA
DefWindowProcA
ModifyMenuA
SetMenu
GetForegroundWindow
GetMenu
GetMenuItemCount
SetMenuItemInfoA
GetSubMenu
ModifyMenuW
ClientToScreen
TrackPopupMenu
GetClientRect
FillRect
FindWindowA
ScreenToClient
ChildWindowFromPoint
GetParent
GetWindowLongA
SendMessageA
GetSysColor
DrawFocusRect
CharLowerA
SetWindowTextA
wsprintfA
LoadCursorA
LoadIconA
RegisterClassA
CreateWindowExA
DrawTextA
GetSystemMetrics
EndDeferWindowPos
GetMessageA
LoadAcceleratorsA
GetCursorPos
CheckMenuRadioItem
SystemParametersInfoA
GetWindowTextLengthA
GetSysColorBrush
UpdateWindow
DrawIcon
DrawMenuBar
SetDlgItemTextA
MessageBoxA
GetDlgItemTextA
EndDialog
LoadStringA
GetMessageTime
CallNextHookEx
SetWindowsHookExA
MessageBoxW
UnhookWindowsHookEx
FindWindowExA
GetSystemMenu
IntersectRect
SetForegroundWindow
PostQuitMessage
EndPaint
InflateRect
SetRect
PtInRect
GetPropW
CloseClipboard
GetWindowTextA
OpenClipboard
KillTimer
SetWindowContextHelpId
DrawTextExA
GrayStringA
PostThreadMessageA
CharNextA
CreateDialogIndirectParamA
ReleaseDC
GetDC
DeleteMenu
CreatePopupMenu
IsMenu
IsDialogMessageA
CheckMenuItem
EnableMenuItem
GetMenuItemID
GetMenuState
GetMenuItemInfoA
InsertMenuItemA
TranslateMessage
SetCursor
GetWindowThreadProcessId
GetClipboardFormatNameA
UnpackDDElParam
DestroyMenu
SetRectEmpty
ReleaseCapture
CopyAcceleratorTableA
CharUpperA
TranslateAcceleratorA
ReuseDDElParam
MessageBeep
UnregisterClassA
RegisterClipboardFormatA
IsRectEmpty
ShowWindow

gdi32

SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
GetObjectType
CreatePatternBrush
CreateFontIndirectA
CreateRectRgnIndirect
GetRgnBox
GetTextColor
GetMapMode
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
GetTextExtentPoint32A
Escape
RestoreDC
SaveDC
CreateBitmap
GetClipBox
SelectObject
CreateSolidBrush
DeleteObject
SetBkColor
SetTextColor
GetObjectA
ExtTextOutA
CreateCompatibleBitmap
BitBlt
GetBkColor
DeleteDC
GetStockObject
GetPixel
Rectangle
CreateHatchBrush
Ellipse
CreateCompatibleDC
GetDeviceCaps
ChoosePixelFormat
SetPixelFormat

comdlg32

GetFileTitleA
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

GetOldestEventLogRecord
RevertToSelf
SetThreadToken
OpenEventLogA
CloseEventLog
ReadEventLogA
OpenEventLogW
GetCurrentHwProfileA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
OpenThreadToken

shell32

DragFinish
DragQueryFileA
Shell_NotifyIconA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathIsUNCA
PathFindExtensionA
PathStripToRootA

oledlg

ord8

ole32

OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
CoRevokeClassObject
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
StringFromGUID2
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID

oleaut32

SysAllocStringByteLen
SysAllocString
SafeArrayDestroy
VariantCopy
SysStringLen
SysFreeString
OleCreateFontIndirect
SysAllocStringLen
VariantInit
VariantChangeType
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantClear

urlmon

HlinkSimpleNavigateToMoniker
HlinkNavigateString
HlinkSimpleNavigateToString

psapi

EnumProcesses
GetProcessMemoryInfo

msacm32

acmMetrics
acmFormatEnumA

winmm

timeGetTime

iphlpapi

GetBestRoute
GetExtendedTcpTable

pdh

PdhReadRawLogRecord
PdhSetCounterScaleFactor

gdiplus

GdipCreateSolidFill
GdipDeleteFont
GdipDeleteFontFamily
GdipCreateFromHDC
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDeleteBrush
GdipDrawString
GdipCreateFont
GdipCloneBrush
GdipCreateFontFamilyFromName

opengl32

glViewport
glEnable
wglMakeCurrent
glLoadIdentity
glMatrixMode

oleacc

CreateStdAccessibleObject
LresultFromObject

rasapi32

RasEnumConnectionsA

Sections

.text
Size: 654KB - Virtual size: 654KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 324KB - Virtual size: 342KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e0e8d57f804e8f71d84aa0e03ee4e93

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

psapi

msacm32

winmm

iphlpapi

pdh

gdiplus

opengl32

oleacc

rasapi32

Sections

.text Size: 654KB - Virtual size: 654KB

.rdata Size: 160KB - Virtual size: 160KB

.data Size: 324KB - Virtual size: 342KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 654KB - Virtual size: 654KB

.rdata
Size: 160KB - Virtual size: 160KB

.data
Size: 324KB - Virtual size: 342KB

.rsrc
Size: 5KB - Virtual size: 4KB