e977bb510266ba5c8cae1bf9eadc3cf7_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

e977bb510266ba5c8cae1bf9eadc3cf7_icedid_JC.exe
Size

416KB
MD5

e977bb510266ba5c8cae1bf9eadc3cf7
SHA1

f9c14bbed74850d25e9a75c527194b6167822297
SHA256

bc8098dde06f7202d204eaebc709cacdb5d6265b7554b9062d73a3618b0e881a
SHA512

013f45d7a5717487dc782ecf0a2b1bd69e17513ad21c97c37dec1fc34ee16306286dda6b4d4d3b0211218a22a95f64ede1c2d77f24fa382dfb68dd6ac914f6fc
SSDEEP

6144:RuBONxHZnm1c1BSDeQlfwzLPmbcyeUMeeplOKgE20bP0abLGWDq:RugNx5nbSDzw3Y97tYtgy0abLGWDq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e977bb510266ba5c8cae1bf9eadc3cf7_icedid_JC.exe

Files

e977bb510266ba5c8cae1bf9eadc3cf7_icedid_JC.exe
.exe windows x86

5db51a5b8bad9347d26e4cb256422a4c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
ExitProcess
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
HeapReAlloc
ExitThread
CreateThread
TerminateProcess
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
FileTimeToSystemTime
RaiseException
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GetTickCount
WritePrivateProfileStringA
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateEventA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
MulDiv
SetLastError
InterlockedDecrement
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
GetProcAddress
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
MultiByteToWideChar
CreateMutexA
CreateFileMappingA
GetDriveTypeA
GetCommandLineA
OpenMutexA
WaitForSingleObject
OpenFileMappingA
MapViewOfFile
ReleaseMutex
UnmapViewOfFile
CloseHandle
GetLastError
InitializeCriticalSection
DeleteCriticalSection
FormatMessageA
OutputDebugStringA
LocalFree
Sleep
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
EnterCriticalSection
VirtualFree
LeaveCriticalSection

user32

LockWindowUpdate
SetParent
GetSysColorBrush
GetMenuItemInfoA
InflateRect
RegisterClipboardFormatA
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
GetMessageA
GetCursorPos
ValidateRect
IsZoomed
LoadMenuA
DestroyMenu
UnpackDDElParam
ReuseDDElParam
SetCursor
ReleaseCapture
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorA
wsprintfA
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
IsWindowEnabled
MoveWindow
SetWindowTextA
IsDialogMessageA
GetDCEx
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
IsWindow
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
LoadCursorA
GetDC
EnableWindow
SendMessageA
PostMessageA
GetClientRect
InvalidateRect
DispatchMessageA
TranslateMessage
ClientToScreen
PeekMessageA
GetWindowRect
SetWindowPos
SendMessageTimeoutA
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
MessageBoxA
TrackPopupMenu
GetKeyState
IsWindowVisible
PostThreadMessageA
MessageBeep
GetNextDlgGroupItem
SetCapture
InvalidateRgn
CopyAcceleratorTableA
CharNextA
WindowFromPoint
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
GetParent
ScreenToClient
EqualRect
DeferWindowPos
KillTimer
SetTimer
SetRect
IsRectEmpty
UpdateWindow
ShowWindow
IsIconic
SetForegroundWindow
EnumWindows
RegisterWindowMessageA
CharUpperA
GetWindow
PtInRect
CopyRect
GetSystemMetrics
GetWindowPlacement
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowLongA
GetWindowLongA
CallWindowProcA
DefWindowProcA
GetDlgCtrlID
UnregisterClassA
RegisterClassA
GetClassInfoA

gdi32

CreateSolidBrush
CreateCompatibleBitmap
GetTextExtentPoint32A
CreateRectRgnIndirect
PatBlt
CreateFontIndirectA
SetRectRgn
CombineRgn
GetBkColor
GetTextColor
GetRgnBox
GetDeviceCaps
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetMapMode
StretchDIBits
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
IntersectClipRect
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetTextMetricsA
SelectObject

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegCloseKey

shell32

DragQueryFileA
SHGetDesktopFolder
SHGetFileInfoA
SHGetSpecialFolderLocation
SHGetDataFromIDListA
SHGetMalloc
DragFinish
SHGetPathFromIDListA

comctl32

ord17
ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy

shlwapi

PathIsUNCA
PathFindExtensionA
PathStripToRootA
PathFindFileNameA

oledlg

ord8

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoTaskMemFree
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoTaskMemAlloc

oleaut32

VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocStringByteLen
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
SysAllocString
OleCreateFontIndirect

Exports

Exports

??0CImageTransform@@QAE@XZ
??1CImageTransform@@QAE@XZ
??4CImageTransform@@QAEAAV0@ABV0@@Z
?Rotate@CImageTransform@@QAE_NPAE0KKE@Z
?Zoom@CImageTransform@@QAE_NPAE0KKE@Z

Sections

.text
Size: 196KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5db51a5b8bad9347d26e4cb256422a4c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Exports

Exports

Sections

.text Size: 196KB - Virtual size: 193KB

.rdata Size: 52KB - Virtual size: 50KB

.data Size: 12KB - Virtual size: 22KB

.rsrc Size: 140KB - Virtual size: 136KB

.text
Size: 196KB - Virtual size: 193KB

.rdata
Size: 52KB - Virtual size: 50KB

.data
Size: 12KB - Virtual size: 22KB

.rsrc
Size: 140KB - Virtual size: 136KB