5e5467deaf17671ed2da7898a428773d_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

5e5467deaf17671ed2da7898a428773d_icedid_JC.exe
Size

3.5MB
MD5

5e5467deaf17671ed2da7898a428773d
SHA1

6d2ec54ca0aae85fd3047234309e9ca786d375fe
SHA256

6dacc566c1b7ec05939b831be9bec487ce07a2ce8b1c1233bfbeaa17764467ee
SHA512

5c320d24a338d2dad232557d7c2d5b0752baca94bd9495ddd95c91d69541e25406c28741f7e88ae5d0cdae8b7f60a153a5cf76dd8d8b7beb4ab84378632ed01f
SSDEEP

49152:lUHKYhEVU4pdMJD16EWtvqUkLpMjMVvglf7TBPUBSnZ:Zkj+q65UBcZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e5467deaf17671ed2da7898a428773d_icedid_JC.exe

Files

5e5467deaf17671ed2da7898a428773d_icedid_JC.exe
.exe windows x86

867ea682c591240c6c8b06d69046221d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
CreateFileW
LCMapStringW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
HeapQueryInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeW
GetStartupInfoW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
IsValidCodePage
GetSystemTimeAsFileTime
WriteConsoleW
OutputDebugStringW
GetStdHandle
GetFileType
SetStdHandle
ExitProcess
HeapValidate
GetCommandLineA
IsProcessorFeaturePresent
IsDebuggerPresent
VirtualQuery
VirtualAlloc
GetSystemInfo
RtlUnwind
ExitThread
CreateThread
GetModuleHandleExW
SearchPathA
Sleep
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
lstrcpyA
GetTempFileNameA
GetWindowsDirectoryA
FindResourceExW
GetACP
GetCPInfo
GetOEMCP
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
VirtualProtect
GetProfileIntA
SetErrorMode
LocalReAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetAtomNameA
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetThreadLocale
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
GetHandleInformation
DuplicateHandle
SetEndOfFile
LockFile
GetFullPathNameA
FlushFileBuffers
FindFirstFileA
FindClose
CreateMutexA
ReleaseMutex
GetCurrentProcessId
lstrcmpA
GetModuleFileNameA
GetVersionExA
GetCurrentThread
WaitForSingleObject
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
OutputDebugStringA
LocalAlloc
LoadLibraryExW
FileTimeToLocalFileTime
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalSize
SetLastError
GetTickCount
FileTimeToSystemTime
GetFileSize
DeleteFileA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetFileAttributesA
GetCurrentDirectoryA
SetFilePointer
ReadFile
GlobalFree
GlobalReAlloc
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
DecodePointer
FindResourceA
LoadLibraryA
GlobalUnlock
GlobalLock
GlobalAlloc
FreeLibrary
FreeResource
GetModuleHandleA
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetLastError
InterlockedExchange
WideCharToMultiByte
MultiByteToWideChar
CreateFileA
FindResourceW
CloseHandle
WriteFile
SizeofResource
LoadResource
LockResource
ResumeThread
SetThreadPriority
UnlockFile

user32

UnhookWindowsHookEx
SetWindowsHookExA
GetClassNameA
GetClassLongA
EqualRect
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
ScrollWindow
TrackPopupMenu
SetMenu
GetMenu
GetKeyState
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
DispatchMessageA
RegisterWindowMessageA
IsDialogMessageA
SetWindowLongA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
IsWindowEnabled
SetFocus
GetDlgCtrlID
SendDlgItemMessageA
CheckDlgButton
GetDlgItem
SetWindowPos
MoveWindow
ShowWindow
NotifyWinEvent
LoadIconW
LoadIconA
LoadCursorW
LoadCursorA
GetWindow
GetLastActivePopup
GetTopWindow
SetParent
GetParent
GetWindowLongA
WindowFromPoint
MapWindowPoints
HideCaret
SetWindowContextHelpId
GetWindowRect
GetClientRect
EnableScrollBar
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
LockWindowUpdate
RedrawWindow
InvalidateRgn
ValidateRect
InvalidateRect
GetWindowRgn
SetWindowRgn
GetUpdateRect
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
CopyImage
GetSystemMenu
CallNextHookEx
EnableWindow
KillTimer
SetTimer
SetCapture
GetCapture
GetActiveWindow
OpenClipboard
GetNextDlgTabItem
GetNextDlgGroupItem
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
ShowOwnedPopups
IsChild
PostThreadMessageA
GetMenuCheckMarkDimensions
GetFocus
IntersectRect
InflateRect
LoadBitmapW
InvertRect
FrameRect
FillRect
DrawFocusRect
GetSysColorBrush
DrawStateA
GrayStringA
DrawTextExA
DrawTextA
DrawIcon
SetMenuDefaultItem
GetMenuDefaultItem
SetMenuItemInfoA
GetMenuItemInfoA
InsertMenuItemA
SetMenuItemBitmaps
DeleteMenu
ModifyMenuA
EnableMenuItem
CheckMenuItem
CreatePopupMenu
CreateMenu
LoadMenuW
LoadMenuA
DrawFrameControl
DrawEdge
CopyRect
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
MapDialogRect
TabbedTextOutA
GetClipboardFormatNameA
UnpackDDElParam
LoadAcceleratorsW
SetRectEmpty
PtInRect
SetClassLongA
IsWindow
PostMessageA
SendMessageA
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
IsMenu
PostQuitMessage
PeekMessageA
GetDesktopWindow
SetScrollInfo
GetScrollInfo
WinHelpA
MonitorFromWindow
GetMonitorInfoA
CreateDialogIndirectParamA
EndDialog
GetMessageA
TranslateMessage
GetCursorPos
SetCursor
GetWindowThreadProcessId
CharUpperA
GetSystemMetrics
SetRect
MessageBoxA
OffsetRect
ReleaseCapture
GetAsyncKeyState
RealChildWindowFromPoint
GetKeyNameTextA
MapVirtualKeyA
DestroyMenu
DrawMenuBar
SystemParametersInfoA
DestroyCursor
SubtractRect
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
IsClipboardFormatAvailable
CharUpperBuffA
CopyIcon
GetDoubleClickTime
SetCursorPos
DestroyAcceleratorTable
UnregisterClassA
CreateAcceleratorTableA
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
GetComboBoxInfo
TrackMouseEvent
MonitorFromPoint
UpdateLayeredWindow
LoadImageW
EmptyClipboard
SetClipboardData
CloseClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
GetIconInfo
DrawIconEx
RegisterClipboardFormatA
UnionRect
MessageBeep
IsRectEmpty
CopyAcceleratorTableA
CharNextA
WaitMessage
ReuseDDElParam
LoadImageA
TranslateAcceleratorA
LoadAcceleratorsA
UpdateWindow
DestroyIcon

gdi32

ExtTextOutA
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
ExcludeClipRect
GetClipBox
GetObjectType
GetStockObject
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateBitmap
CreateCompatibleBitmap
CreateEllipticRgn
CreateFontIndirectA
CreatePalette
CreateRectRgnIndirect
CreateRoundRectRgn
Ellipse
Escape
ExtFloodFill
FillRgn
FrameRgn
GetBkColor
GetBoundsRect
GetMapMode
GetNearestPaletteIndex
GetPaletteEntries
GetPixel
GetRgnBox
GetTextColor
GetTextExtentPoint32A
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
OffsetRgn
PatBlt
PtInRegion
PtVisible
RectVisible
Rectangle
RealizePalette
RoundRect
SetPaletteEntries
SetPixel
SetPixelV
SetRectRgn
GetTextMetricsA
TextOutA
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
GetTextFaceA
GetDeviceCaps
CreateDCA
CopyMetaFileA
ExtCreateRegion
CombineRgn
BitBlt
GetObjectA
SetDIBColorTable
CreateDIBSection
GetDIBColorTable
StretchBlt
SetBkMode
SelectObject
DeleteObject
DeleteDC
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
GetSystemPaletteEntries
EnumFontFamiliesExA
CreateCompatibleDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
RegCloseKey

shell32

SHBrowseForFolderA
SHGetFileInfoA
DragQueryFileA
DragFinish
SHGetPathFromIDListA
SHAppBarMessage
ShellExecuteA
SHGetDesktopFolder
SHGetSpecialFolderLocation

comctl32

ord17

shlwapi

PathFindExtensionA
PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathRemoveFileSpecW
UrlUnescapeA
StrFormatKBSizeA

uxtheme

CloseThemeData
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeParentBackground
DrawThemeText
GetThemeColor
GetCurrentThemeName
GetThemeSysColor
GetWindowTheme
OpenThemeData

ole32

CreateStreamOnHGlobal
StringFromCLSID
CoTaskMemAlloc
CoTaskMemFree
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleGetClipboard
DoDragDrop
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoInitializeEx
StringFromGUID2
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData

oleaut32

VariantCopy
SafeArrayDestroy
VarBstrFromDate
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
SysFreeString
SysAllocStringByteLen
SysAllocStringLen
VariantInit
VariantClear
VariantChangeType
OleCreateFontIndirect
SysAllocString

oledlg

ord8

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

wininet

InternetSetStatusCallback
InternetCrackUrlA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetCanonicalizeUrlA
InternetOpenA
InternetCloseHandle
InternetConnectA
InternetReadFile
InternetSetFilePointer
InternetWriteFile
InternetQueryDataAvailable
InternetQueryOptionA
InternetSetOptionExA
InternetGetLastResponseInfoA

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 437KB - Virtual size: 436KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

867ea682c591240c6c8b06d69046221d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

wininet

oleacc

imm32

winmm

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 437KB - Virtual size: 436KB

.data Size: 25KB - Virtual size: 64KB

.rsrc Size: 34KB - Virtual size: 33KB

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 437KB - Virtual size: 436KB

.data
Size: 25KB - Virtual size: 64KB

.rsrc
Size: 34KB - Virtual size: 33KB