96ac407059aa95ff6cade3664ea4e82d_icedid_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

96ac407059aa95ff6cade3664ea4e82d_icedid_JC.exe
Size

2.1MB
MD5

96ac407059aa95ff6cade3664ea4e82d
SHA1

9ba0a4aa138cef32c25131f320114d59f2c7b4e1
SHA256

2c9d1d2cd2490acb9230bf4565e7e6440f3a1554bd39757e33401cd198229c19
SHA512

4735205bc9428d4697907c66d2e479ef160a596d4a21e8fb2219df75e16f471a9ffb972125abe003be087a32afa300c1855f076befffd648fa42d3c3033d6817
SSDEEP

49152:RrwCL1ljGbMnUdsj9YeiNlTBGZU1LLYAeX3zT:RrrxljGbHdsj9u7TBGZpX3zT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96ac407059aa95ff6cade3664ea4e82d_icedid_JC.exe

Files

96ac407059aa95ff6cade3664ea4e82d_icedid_JC.exe
.exe windows x86

f37258e1d9d0beca7e719fb42ae7f9a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17
CreatePropertySheetPageA
DestroyPropertySheetPage
PropertySheetA
ImageList_Destroy

shell32

ShellExecuteA

kernel32

HeapFree
RtlUnwind
ExitProcess
HeapAlloc
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
TerminateProcess
HeapReAlloc
ExitThread
CreateThread
HeapSize
SetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
lstrlenW
GetSystemTimeAsFileTime
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
GetDiskFreeSpaceA
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
SetEnvironmentVariableA
GlobalMemoryStatus
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetSystemDefaultLCID
Sleep
GetTempFileNameA
SetErrorMode
GetOEMCP
GetCPInfo
GetFileTime
GetFileAttributesA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
FindFirstFileA
FindClose
FindResourceExA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
InterlockedIncrement
GlobalFlags
CopyFileA
GlobalSize
WritePrivateProfileStringA
GlobalGetAtomNameA
GlobalFindAtomA
lstrcatA
lstrcmpW
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
GlobalAddAtomA
RaiseException
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FormatMessageA
LocalFree
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
VirtualProtect
MulDiv
SetLastError
InterlockedDecrement
GetCurrentThread
GetCurrentThreadId
GlobalAlloc
FreeLibrary
GlobalDeleteAtom
lstrcmpA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
lstrcpynA
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
FindResourceA
LoadResource
LockResource
SizeofResource
LoadLibraryA
GetModuleHandleA
GetModuleFileNameA
GetLogicalDriveStringsA
SetupComm
SetCommTimeouts
SetCommState
PurgeComm
GetCommTimeouts
GetCommState
ClearCommError
lstrcmpiA
GetVersion
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetTempPathA
CreateDirectoryA
GetLastError
CompareStringW
CompareStringA
lstrlenA
IsBadCodePtr
GetCurrentProcessId
GetOverlappedResult
ResetEvent
IsDBCSLeadByteEx
GetHandleInformation
DeviceIoControl
WaitForMultipleObjects

gdi32

Polyline
DeleteMetaFile
GetDIBColorTable
RealizePalette
CreateHalftonePalette
CreatePalette
CreateCompatibleBitmap
EnumFontFamiliesExA
GetTextMetricsA
GetTextExtentPoint32A
CopyMetaFileA
CreateSolidBrush
CreatePen
GetDeviceCaps
SelectPalette
GetStockObject
CreateCompatibleDC
CreateBitmap
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
BitBlt
GetObjectA
DeleteObject
MoveToEx
LineTo
GetClipBox
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueA
RegSetValueExA
RegDeleteValueA
RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyExA
RegCreateKeyExA

shlwapi

PathFindExtensionA
UrlUnescapeA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

ole32

CoTaskMemAlloc
ReleaseStgMedium
OleDuplicateData
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
CreateStreamOnHGlobal
CoTaskMemFree
OleInitialize

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 376KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f37258e1d9d0beca7e719fb42ae7f9a4

Headers

File Characteristics

Imports

comctl32

shell32

kernel32

gdi32

comdlg32

winspool.drv

advapi32

shlwapi

ole32

version

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 376KB - Virtual size: 375KB

.data Size: 56KB - Virtual size: 104KB

.rsrc Size: 2KB - Virtual size: 5KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 376KB - Virtual size: 375KB

.data
Size: 56KB - Virtual size: 104KB

.rsrc
Size: 2KB - Virtual size: 5KB