a0c7833b2be40ab770e71e5e4f1d6b66_icedid_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

a0c7833b2be40ab770e71e5e4f1d6b66_icedid_JC.exe
Size

1.5MB
MD5

a0c7833b2be40ab770e71e5e4f1d6b66
SHA1

6de169506f6bf75219359dc3a9f88eea5cba328b
SHA256

7e75bff93680fb0819f471705ed84a71198cd9e3ce79aefd66ee824771e2940b
SHA512

b7619ab2a1914a676c454df0effa836488b497abfa0a669890cba04cb6d6cc6ba11133562b8f61de3d9f83be55742e6c144085baa4ffabcd76ab93bb0f35282c
SSDEEP

24576:+eKJw43yH/lvaQWDGMMEW4vM0IqYNn+zcVT2pLj3HCCSLbVpkCb:+b8zivxIqYNn+4h25jXCCyhpkCb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0c7833b2be40ab770e71e5e4f1d6b66_icedid_JC.exe

Files

a0c7833b2be40ab770e71e5e4f1d6b66_icedid_JC.exe
.exe windows x86

34f918fb64de037d3056f70d6861292d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
GetFileType
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
VirtualFree
HeapCreate
GetStdHandle
GetModuleFileNameA
GetTimeZoneInformation
SetHandleCount
GetStartupInfoA
GetSystemTimeAsFileTime
GetDateFormatA
GetCurrentDirectoryA
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetDriveTypeA
RtlUnwind
GetCurrentDirectoryW
GetFileSizeEx
LocalFileTimeToFileTime
SetErrorMode
GetTickCount
GlobalFlags
GetDiskFreeSpaceW
GetTempFileNameW
GetFileTime
SetFileTime
TlsFree
LocalReAlloc
TlsSetValue
HeapReAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
SystemTimeToFileTime
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
ReadFile
GetStringTypeExW
GlobalGetAtomNameW
lstrlenA
lstrcmpA
SuspendThread
ResumeThread
GetThreadLocale
GetStartupInfoW
GetCurrentProcessId
GetModuleHandleA
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
GetVersionExA
GlobalSize
FormatMessageW
LocalFree
MulDiv
GetExitCodeThread
LoadLibraryExW
GetModuleFileNameW
DeleteCriticalSection
InitializeCriticalSection
RaiseException
QueryPerformanceFrequency
WinExec
ExpandEnvironmentStringsW
ResetEvent
QueryPerformanceCounter
WaitForSingleObject
SetThreadPriority
lstrlenW
GetTempPathW
GetFileAttributesW
RemoveDirectoryW
GetFileSize
SetFilePointer
GetCurrentProcess
GetProcessHeap
HeapAlloc
ExitProcess
CreateThread
TlsAlloc
ExitThread
HeapFree
CreateEventW
SetEvent
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
OpenProcess
TerminateProcess
CreateFileW
WriteFile
CloseHandle
FreeResource
FreeLibrary
GetWindowsDirectoryW
SetCurrentDirectoryW
GetVersionExW
lstrcpyW
FindFirstFileA
CreateDirectoryW
SetFileAttributesW
CopyFileW
GetLastError
SetLastError
GetProcAddress
GetModuleHandleW
LoadLibraryW
lstrcmpW
FindFirstFileW
FindNextFileW
FindClose
lstrcmpiW
MoveFileW
DeleteFileW
FileTimeToLocalFileTime
FileTimeToSystemTime
Sleep
InterlockedDecrement
InterlockedIncrement
TerminateThread
WideCharToMultiByte
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
GetTimeFormatA
SizeofResource

user32

GetKeyNameTextW
EndPaint
BeginPaint
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
SetMenu
GetScrollRange
UpdateWindow
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
SetScrollInfo
GetDlgCtrlID
GetMenu
IntersectRect
SystemParametersInfoA
GetWindowTextLengthW
GetScrollPos
SetScrollPos
SetFocus
GetMenuState
GetMenuItemID
GetMenuItemCount
CopyAcceleratorTableW
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
FrameRect
GetWindowDC
GetScrollInfo
IsRectEmpty
CopyRect
GetWindowPlacement
CharNextW
GetLastActivePopup
SetLayeredWindowAttributes
SendMessageTimeoutW
RegisterWindowMessageW
GetWindowTextW
GetClassInfoW
DefWindowProcW
LoadIconW
UnregisterHotKey
RegisterHotKey
SystemParametersInfoW
FindWindowW
SetCursorPos
BringWindowToTop
IsZoomed
IsIconic
ActivateKeyboardLayout
GetForegroundWindow
GetMessageW
mouse_event
GetKeyboardLayoutNameW
GetKeyboardLayout
FindWindowExW
DispatchMessageW
TranslateMessage
FillRect
EqualRect
GetWindowLongW
GetAsyncKeyState
LoadCursorW
CharLowerBuffW
GetWindowThreadProcessId
DestroyCursor
SetCursor
WindowFromPoint
GetSystemMetrics
SwitchToThisWindow
MapVirtualKeyW
keybd_event
SetWindowRgn
GetCursor
SetMenuItemInfoW
InsertMenuW
SetWindowLongW
TrackPopupMenu
GetParent
SetRect
InvalidateRgn
ValidateRect
GetMenuItemInfoW
DestroyMenu
UnregisterClassW
RegisterClipboardFormatW
GetSysColorBrush
ShowOwnedPopups
MessageBeep
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
IsWindow
GetNextDlgGroupItem
CheckMenuItem
CharUpperW
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsW
InsertMenuItemW
CreatePopupMenu
TranslateAcceleratorW
CallWindowProcW
GetWindow
GetCursorPos
GetDesktopWindow
SetCapture
SetTimer
ScreenToClient
LoadMenuW
GetSubMenu
EnableMenuItem
DeleteMenu
CreateWindowExW
ShowWindow
wsprintfW
SetWindowPos
SetParent
KillTimer
OffsetRect
CopyIcon
DrawIconEx
GetSysColor
DestroyIcon
ClientToScreen
InflateRect
ReleaseCapture
PostThreadMessageW
ReleaseDC
GetDC
GetClientRect
SetForegroundWindow
GetFocus
GetKeyState
OpenClipboard
EmptyClipboard
SetClipboardData
MessageBoxW
CloseClipboard
IsWindowVisible
MoveWindow
LoadImageW
InvalidateRect
GetWindowRect
SendMessageW
PostMessageW
SetRectEmpty
PtInRect
EnableWindow
GetMenuStringW

gdi32

CreateRectRgnIndirect
GetRgnBox
GetBkColor
GetTextColor
CreateFontIndirectW
GetMapMode
GetStockObject
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateFontW
SetTextAlign
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CopyMetaFileW
GetDeviceCaps
Rectangle
PtInRegion
CreatePolygonRgn
CreateDIBSection
GetDIBits
GetObjectW
CreatePen
CreateDCW
MoveToEx
LineTo
DeleteDC
SelectObject
DeleteObject
StretchBlt
CombineRgn
CreateRoundRectRgn
CreateRectRgn
GetTextExtentPoint32W
CreateSolidBrush
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegSetKeySecurity
RegQueryValueExW
RegCreateKeyW
GetFileSecurityW
SetFileSecurityW
RegQueryValueW
RegSetValueW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
GetUserNameW
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
RegCloseKey
RegQueryInfoKeyW
RegEnumKeyW
AllocateAndInitializeSid
InitializeAcl
AddAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
RegOpenKeyExW
RegGetKeySecurity
OpenProcessToken
GetTokenInformation
GetLengthSid
CopySid
RegOpenKeyW

shell32

DragQueryFileW
SHBrowseForFolderW
ShellExecuteW
SHFileOperationW
ShellExecuteExW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetFolderPathW
ExtractIconW
Shell_NotifyIconW
SHGetFileInfoW
SHGetPathFromIDListW
DragFinish
DragAcceptFiles
SHGetSpecialFolderPathW

comctl32

ImageList_AddMasked
_TrackMouseEvent

shlwapi

SHDeleteKeyW
SHDeleteValueW
PathStripToRootW
PathIsUNCW
UrlUnescapeW
PathRemoveFileSpecW
PathFindExtensionW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoGetInterfaceAndReleaseStream
CreateStreamOnHGlobal
CoCreateInstance
CoCreateGuid
CoMarshalInterThreadInterfaceInStream
CoGetClassObject
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
CoUninitialize
StringFromGUID2
CoInitializeEx
CLSIDFromString
ReleaseStgMedium
OleDuplicateData
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleGetClipboard
CLSIDFromProgID
OleUninitialize
CoFreeUnusedLibraries
OleInitialize

oleaut32

VariantCopy
OleCreateFontIndirect
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantChangeType
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysStringByteLen
SysAllocStringByteLen
SysAllocString
VarBstrCmp
VarBstrCat
SysAllocStringLen
SysFreeString
VariantInit
VariantClear
SysStringLen

urlmon

CoInternetGetSession

gdiplus

GdipGetImageEncoders
GdipCloneImage
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipSaveImageToFile
GdipCreateBitmapFromHBITMAP
GdipGetImageThumbnail
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateHBITMAPFromBitmap
GdipGetImageEncodersSize
GdipDisposeImageAttributes
GdipSetSmoothingMode
GdiplusShutdown
GdiplusStartup
GdipFree
GdipDrawImageRectRectI
GdipReleaseDC
GdipCreateFromHDC
GdipGetImageHeight
GdipDisposeImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipCreateImageAttributes
GdipGetImageWidth
GdipDeleteGraphics
GdipAlloc

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

imm32

ImmGetConversionStatus
ImmSetConversionStatus
ImmReleaseContext
ImmGetContext

wininet

InternetCanonicalizeUrlW
InternetCrackUrlW
InternetSetOptionW
FindFirstUrlCacheEntryW
FindNextUrlCacheEntryW
DeleteUrlCacheEntryW
HttpSendRequestA
HttpQueryInfoW
InternetReadFileExA
InternetOpenA
InternetOpenW
InternetReadFile
GetUrlCacheEntryInfoW
InternetOpenUrlW
InternetCloseHandle

Sections

.text
Size: 912KB - Virtual size: 911KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 424KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34f918fb64de037d3056f70d6861292d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

gdiplus

version

imm32

wininet

Sections

.text Size: 912KB - Virtual size: 911KB

.rdata Size: 204KB - Virtual size: 203KB

.data Size: 15KB - Virtual size: 36KB

.rsrc Size: 424KB - Virtual size: 424KB

.text
Size: 912KB - Virtual size: 911KB

.rdata
Size: 204KB - Virtual size: 203KB

.data
Size: 15KB - Virtual size: 36KB

.rsrc
Size: 424KB - Virtual size: 424KB