5a499422db04e6a46c8098da376fdc44_icedid_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

5a499422db04e6a46c8098da376fdc44_icedid_JC.exe
Size

424KB
MD5

5a499422db04e6a46c8098da376fdc44
SHA1

133dcc0acb20d12e4dea061b6f9cbccc5c9d4fb4
SHA256

bc78ddf717024782d2f2ad43174638e739b596cfe24093d30118261057241539
SHA512

a10cc322cf36c3cd5be2343877f960e878311e597af14bf741ae8d90e5f30608ab38d7d03b24a4eeab8ae642030ade874c349d65be7b0525175a480ca4e339e8
SSDEEP

12288:3IpJZ9wbW16X1Snv/TN9vgi4AYFo63vznd3c0T3G4ro5zFP3b0ZhGKf0zsS3O0gc:38JfyX1Snv/TN9vgKYFo63vznd3c0T3H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a499422db04e6a46c8098da376fdc44_icedid_JC.exe

Files

5a499422db04e6a46c8098da376fdc44_icedid_JC.exe
.exe windows x86

d2402f162ddc4d3dd09dddcf3e126c93

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

casediagnostictool

?AppendEventList@CCDT_MainFramework@@QAEXPBD0H@Z
?ClearEventList@CCDT_MainFramework@@QAEXPBD@Z
?AppendCategoryList@CCDT_MainFramework@@QAEXPBDH@Z
?AppendExName@CCDT_MainFramework@@QAEXPBD@Z
?ClearSelection@CCDT_MainFramework@@QAEXXZ
?ClearExName@CCDT_MainFramework@@QAEXXZ
?IsDirectoryExist@CCommFunc@@SA_NABV?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?AppendSelection@CCDT_MainFramework@@QAEXABUEXINTERFACE_INFO@@@Z
?Get_CategoryListByExInterfaceName@CCDT_MainFramework@@QAEPBV?$list@V?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@V?$allocator@V?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@std@@@std@@PBD@Z
?Get_EventListByExInterfaceName@CCDT_MainFramework@@QAEPBV?$list@V?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@V?$allocator@V?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@std@@@std@@PBD@Z
?Get_CategoryToEventIdListByExInterfaceName@CCDT_MainFramework@@QAEPBV?$list@V?$list@HV?$allocator@H@std@@@std@@V?$allocator@V?$list@HV?$allocator@H@std@@@std@@@2@@std@@PBD@Z
?Output_SelectedInstanceList@CCDT_MainFramework@@QAEHXZ
?IsDiskSpaceAvailable@CCommFunc@@SA_NPBDK@Z
?Do_Detection@CCDT_MainFramework@@QAEHXZ
?SetDescription@CCDT_Settings@@QAEXPBD@Z
?SetSaveDirectory@CCDT_Settings@@QAEXPBD@Z
?SetCurrentOutputDir@CCDT_Settings@@QAEXPBD@Z
?SetSystemInfoDir@CCDT_Settings@@QAEXPBD@Z
??0CINIFile@@QAE@PBDAAH@Z
?Read@CINIFile@@QBEHPBD0AAHH@Z
?CDT_SetDebugLevel@@YAXH@Z
?Log@CDT_Logger@@QAAXPBDZZ
??0CCDT_MainFramework@@QAE@XZ
?ForceCreate_Directory@CCommFunc@@SA_NABV?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?Load_Configuration@CCDT_MainFramework@@QAEHPBD@Z
??1CINIFile@@QAE@XZ
?Start_ProcessStatusCheck@CCDT_MainFramework@@QAEHXZ
?Change_DebugMode@CCDT_MainFramework@@QAEHXZ
?Stop_ProcessStatusCheck@CCDT_MainFramework@@QAEHXZ
?Do_Diagnosis@CCDT_MainFramework@@QAEHXZ
?GetAppPath@CCommFunc@@SAHAAV?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?DebugLog@@YAXHPBD0HII@Z
?ClearCategoryList@CCDT_MainFramework@@QAEXPBD@Z
??1CCDT_MainFramework@@QAE@XZ

kernel32

ExitProcess
RtlUnwind
TerminateProcess
HeapFree
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
GetSystemTimeAsFileTime
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetTimeZoneInformation
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
CloseHandle
GetLastError
CreateMutexA
ReleaseMutex
FreeConsole
Sleep
WriteConsoleA
GetStdHandle
AllocConsole
SizeofResource
LockResource
LoadResource
FindResourceA
WideCharToMultiByte
MultiByteToWideChar
GetCurrentDirectoryA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GetVersion
lstrcmpiA
lstrlenA
GetTickCount
SetErrorMode
GetOEMCP
GetCPInfo
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
CompareStringA
CompareStringW
LoadLibraryA
lstrcpyA
EnumResourceLanguagesA
ConvertDefaultLocale
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
lstrcmpA
WriteFile
ReadFile
TlsFree
LocalReAlloc
GlobalDeleteAtom
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
InterlockedIncrement
WritePrivateProfileStringA
FileTimeToSystemTime
InterlockedDecrement
GlobalGetAtomNameA
GlobalFindAtomA
lstrcatA
lstrcmpW
GlobalAddAtomA
FreeResource
SetLastError
GlobalFree
MulDiv
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
GetCurrentThread
GetCurrentThreadId
GlobalLock
GlobalAlloc
FreeLibrary
FreeEnvironmentStringsA

user32

SetWindowContextHelpId
MapDialogRect
CharNextA
InvalidateRgn
InvalidateRect
CopyAcceleratorTableA
SetRect
IsRectEmpty
GetSysColorBrush
ReleaseCapture
SetCapture
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
wsprintfA
DestroyMenu
MoveWindow
IsDialogMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
IsChild
GetWindowTextLengthA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
UpdateWindow
GetMenu
GetSysColor
AdjustWindowRectEx
EqualRect
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
PtInRect
GetWindow
RegisterWindowMessageA
GetClientRect
SetMenuItemBitmaps
GetFocus
ModifyMenuA
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
MessageBoxA
GetLastActivePopup
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
PostThreadMessageA
MessageBeep
GetNextDlgGroupItem
RegisterClipboardFormatA
GetWindowLongA
IsWindowEnabled
GetParent
GetNextDlgTabItem
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PostQuitMessage
PostMessageA
UnregisterClassA
CharUpperA
EndDialog
SetFocus
GetWindowTextA
GetDlgItem
SetWindowTextA
ShowWindow
ScreenToClient
CreateWindowExA
SetWindowLongA
LoadCursorA
SetCursor
KillTimer
SetTimer
IsWindowVisible
GetSystemMetrics
LoadIconA
EnableWindow
SendMessageA
GetWindowRect
GetSystemMenu
EnableMenuItem
AppendMenuA
GetAsyncKeyState
SetWindowPos

gdi32

DeleteObject
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetStockObject
CreateRectRgnIndirect
GetRgnBox
GetBkColor
GetTextColor
GetMapMode
SetMapMode
RestoreDC
SaveDC
ExtTextOutA
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
TextOutA
GetDeviceCaps

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
ShellExecuteA

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromProgID
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter

oleaut32

OleCreateFontIndirect
SafeArrayDestroy
SafeArrayCreate
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnaccessData
SystemTimeToVariantTime
LoadRegTypeLi
SysAllocString
DispCallFunc
VariantChangeType
VariantCopy
VariantClear
VariantInit
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
SysFreeString

ws2_32

WSACleanup
WSAStartup

Sections

.text
Size: 200KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2402f162ddc4d3dd09dddcf3e126c93

Headers

File Characteristics

Imports

casediagnostictool

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 200KB - Virtual size: 196KB

.rdata Size: 72KB - Virtual size: 70KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 136KB - Virtual size: 132KB

We care about your privacy.

.text
Size: 200KB - Virtual size: 196KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 136KB - Virtual size: 132KB