75ca35694d16f439be6ebf45a3d64633_icedid_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

75ca35694d16f439be6ebf45a3d64633_icedid_JC.exe
Size

1.1MB
MD5

75ca35694d16f439be6ebf45a3d64633
SHA1

9998d707c6a926476cc2c55f6cc3fae7d7d1f272
SHA256

20f3f4b0fbc70b2709a349aa012314310fdad2b68f792b9258578e39136eb1b5
SHA512

178b6af2c2e8d217bb8f9996bcf7b99ec6b08c3e6fb8375d14cfcff509ae2823a2828f7a5a0348588c90e95d99186b69d6861a9e9b914d3d74a4eb135f66b5f6
SSDEEP

12288:Z5NppXRQT7eaTqevw6fhghwj8d86YWiRg2a3lmRl0Z/cGmjnpMBLsxMBC2+80tGV:NLXcbxO89Y60Zlmjn4hCttGuCUGY9N23

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75ca35694d16f439be6ebf45a3d64633_icedid_JC.exe

Files

75ca35694d16f439be6ebf45a3d64633_icedid_JC.exe
.exe windows x86

bc2c5172c2faa585bc994d76e14c4fd7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
SetHandleCount
GetFileType
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetStringTypeA
LCMapStringA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetACP
GetStdHandle
VirtualFree
HeapCreate
HeapDestroy
IsDebuggerPresent
GetTickCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSize
ExitProcess
RaiseException
GetStartupInfoA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
RtlUnwind
SetErrorMode
LocalFileTimeToFileTime
FileTimeToLocalFileTime
GetOEMCP
GetCPInfo
CreateFileA
GetShortPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
GetCurrentDirectoryA
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedIncrement
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
FreeResource
GetCurrentProcessId
GlobalAddAtomA
CloseHandle
GetCurrentThread
ConvertDefaultLocale
GetModuleFileNameA
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
GlobalDeleteAtom
GetVersionExA
LoadLibraryA
FreeLibrary
InterlockedDecrement
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
SetLastError
GlobalFree
FormatMessageA
LocalFree
MulDiv
HeapReAlloc
HeapFree
HeapAlloc
GetStringTypeExA
lstrcmpiA
CompareStringW
CompareStringA
lstrlenA
GetCommandLineA
EnterCriticalSection
GetVersion
GetLastError
MultiByteToWideChar
InterlockedExchange
GetLocalTime
GetComputerNameA
GlobalSize
GetProcessHeap
GetTempPathA
TerminateThread
CreateThread
GetCurrentThreadId
GlobalAlloc
GlobalLock
GlobalUnlock
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
InitializeCriticalSection
TryEnterCriticalSection
Sleep
LeaveCriticalSection
ExitThread
GetStringTypeW

user32

SetWindowRgn
DrawIcon
FindWindowA
SetParent
DestroyIcon
DeleteMenu
UnregisterClassA
GetSysColorBrush
GetMenuItemInfoA
DestroyCursor
SetRect
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorA
ShowWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
CheckDlgButton
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
CreateWindowExA
GetClassInfoExA
GetClassInfoA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
KillTimer
PtInRect
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
MessageBoxA
ShowOwnedPopups
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableMenuItem
PostMessageA
PostQuitMessage
GetFocus
IsWindowEnabled
IsWindow
SetFocus
GetParent
IntersectRect
InflateRect
CopyRect
GetSysColor
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
UnhookWindowsHookEx
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
MessageBeep
RedrawWindow
DrawMenuBar
SetMenu
GetMenu
ModifyMenuA
GetSubMenu
CheckMenuItem
ReleaseCapture
SetCursorPos
GetClassLongA
SetClassLongA
CopyAcceleratorTableA
CreateMenu
CharUpperA
LockWindowUpdate
GetDCEx
GetTabbedTextExtentA
SetScrollInfo
PostThreadMessageA
GetSystemMetrics
SetCursor
LoadCursorA
WindowFromPoint
SetCapture
GetActiveWindow
SetTimer
UpdateWindow
ClientToScreen
GetClipboardData
IsWindowVisible
InvalidateRect
LoadIconA
GetDesktopWindow
GetWindowRect
SendMessageA
EnableWindow
SetActiveWindow
GetCursorPos
EmptyClipboard
RegisterClipboardFormatA
SetClipboardData
CloseClipboard
OpenClipboard
ReleaseDC
GetDC
ScreenToClient
GetClientRect
LoadBitmapA
GetKeyState
RegisterClassA

gdi32

GetViewportExtEx
GetWindowExtEx
StartDocA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetTextColor
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
CreatePatternBrush
CreateBitmap
CreateFontIndirectA
CreateRectRgnIndirect
SetRectRgn
PatBlt
DPtoLP
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetViewportOrgEx
GetTextMetricsA
GetCharWidthA
CreateEllipticRgn
LPtoDP
GetNearestColor
GetBkColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetTextAlign
GetTextFaceA
GetWindowOrgEx
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateDCA
SetBrushOrgEx
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
GetClipBox
SetMapMode
CombineRgn
CreatePen
CreateFontA
GetBitmapBits
SetBitmapBits
GetDIBits
CreateDIBSection
GetObjectA
SetPixelV
GetPixel
GetDeviceCaps
SetDIBColorTable
DeleteDC
GetTextExtentPoint32A
SetPixel
StretchDIBits
GetStockObject
CreateSolidBrush
DeleteObject
StretchBlt
BitBlt
Rectangle
Polygon
Ellipse
Polyline
Arc
SelectObject
CreateCompatibleDC
CreateRectRgn
CreateCompatibleBitmap
GetBitmapDimensionEx
SetBitmapDimensionEx

msimg32

TransparentBlt

comdlg32

ChooseFontA
GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter
GetJobA

advapi32

RegQueryValueA
RegCreateKeyA
GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
GetUserNameA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegSetValueA
RegCloseKey

shell32

DragFinish
DragQueryFileA
ExtractIconA
SHGetFileInfoA
ShellExecuteA

comctl32

ord17

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathFindExtensionW
PathIsUNCA

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator

oleaut32

VariantInit
VariantChangeType
VariantClear

gdiplus

GdipCreateBitmapFromScan0
GdipCreateBitmapFromFile
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipCreateBitmapFromHBITMAP
GdipGetImageWidth
GdipSaveImageToFile
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipBitmapLockBits
GdipGetImageEncodersSize
GdipBitmapUnlockBits
GdipGetImageEncoders
GdiplusStartup
GdiplusShutdown
GdipGetImageHeight
GdipDrawImageI
GdipCloneImage
GdipGetImageGraphicsContext

Sections

.text
Size: 792KB - Virtual size: 791KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc2c5172c2faa585bc994d76e14c4fd7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

Sections

.text Size: 792KB - Virtual size: 791KB

.rdata Size: 136KB - Virtual size: 133KB

.data Size: 16KB - Virtual size: 43KB

.rsrc Size: 204KB - Virtual size: 203KB

.text
Size: 792KB - Virtual size: 791KB

.rdata
Size: 136KB - Virtual size: 133KB

.data
Size: 16KB - Virtual size: 43KB

.rsrc
Size: 204KB - Virtual size: 203KB