ea2df044e281ca8d53e10a12a63bf564_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

ea2df044e281ca8d53e10a12a63bf564_icedid_JC.exe
Size

3.0MB
MD5

ea2df044e281ca8d53e10a12a63bf564
SHA1

81771852052e80f46e0afe384f480bdbf646d94e
SHA256

b5d9d0479e6dc067a50f24293dc926b37d78ea27cfa26ee3ee76effdf9b3b7f0
SHA512

d454c77032be37b0f1c331f487c344999e2bf03ff706d1eda333ebb4d3f558eb736d9feca55d02d24b28e4da7b59caaac43611e7c14d68f231622eb17a2d59b7
SSDEEP

24576:ek06S4O0nF/Spgwyd/9ZiwROB2lXMp0s8tYkiGGGkGGGXG23FvGGGrTGGGGNG5kL:ek06A0nF/SpgUkdQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea2df044e281ca8d53e10a12a63bf564_icedid_JC.exe

Files

ea2df044e281ca8d53e10a12a63bf564_icedid_JC.exe
.exe windows x86

9d16b1fe8a0610e7e6d266913ba52554

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

sndPlaySoundA

kernel32

HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
SizeofResource
LockResource
LoadResource
FindResourceA
InterlockedIncrement
LocalFree
WideCharToMultiByte
LocalAlloc
lstrlenA
FormatMessageA
InterlockedDecrement
GetLastError
MultiByteToWideChar
GetVersion
lstrcmpiA
GetCPInfo
lstrlenW
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
GlobalReAlloc
CloseHandle
ReadFile
HeapSize
CreateThread
ExitThread
HeapReAlloc
GetCommandLineA
GetStartupInfoA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
GetDateFormatA
GetTimeFormatA
TerminateProcess
ExitProcess
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
RtlUnwind
GetTickCount
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
GetOEMCP
GlobalFlags
TlsFree
GetFileSize
CreateFileA
lstrcpyA
WritePrivateProfileStringA
GetPrivateProfileStringA
CreateMutexA
GetModuleFileNameA
Sleep
GetCurrentDirectoryA
MulDiv
GetProcAddress
GetModuleHandleA
InterlockedExchange
RaiseException
InitializeCriticalSection
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
LeaveCriticalSection
FileTimeToSystemTime
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
lstrcmpA
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
CompareStringA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
FreeResource
SetLastError
lstrcpynA
CompareStringW

user32

RegisterClipboardFormatA
PostThreadMessageA
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
CreateDialogIndirectParamA
EndDialog
EndPaint
BeginPaint
GetWindowDC
GetMessageA
TranslateMessage
ValidateRect
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
ShowWindow
SetWindowTextA
IsDialogMessageA
WinHelpA
CreateWindowExA
SetWindowsHookExA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
GetWindowTextLengthA
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
TrackPopupMenu
GetMenu
AdjustWindowRectEx
EqualRect
GetClassInfoA
RegisterClassA
SetParent
CallWindowProcA
SetWindowPos
IsIconic
GetWindow
DefWindowProcA
GetDlgCtrlID
GetKeyState
IsChild
ScreenToClient
DeferWindowPos
IsWindow
SetRectEmpty
DestroyMenu
GetLastActivePopup
IsWindowEnabled
GetMenuStringA
MessageBoxA
UnregisterClassA
CharUpperA
LoadCursorA
IsWindowVisible
SetWindowLongA
MessageBoxExA
IntersectRect
PtInRect
GetMonitorInfoA
MonitorFromWindow
EnumDisplayMonitors
GetForegroundWindow
GetWindowTextA
GetWindowPlacement
MoveWindow
SetCursorPos
CallNextHookEx
GetCursorPos
LoadIconA
SetForegroundWindow
FindWindowA
GetSystemMenu
RegisterWindowMessageA
MessageBeep
LoadMenuA
KillTimer
SetTimer
SetCursor
GetNextDlgTabItem
OffsetRect
InflateRect
DrawStateA
LoadImageA
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
IsRectEmpty
CharNextA
GetWindowRect
SetWindowRgn
PostMessageA
GetClassNameA
ReleaseCapture
SendMessageA
GetWindowLongA
WindowFromPoint
GetParent
SetCapture
GetCapture
GetActiveWindow
InvalidateRect
ClientToScreen
GetClientRect
GetSystemMetrics
SystemParametersInfoA
LockWindowUpdate
GetDCEx
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
EnableWindow
GetDesktopWindow
ReleaseDC
GetDC
ModifyMenuA
InsertMenuA
GetSubMenu
GetMenuState
GetMenuItemID
GetMenuItemCount
AppendMenuA
CreatePopupMenu
CreateMenu
LoadBitmapA
GetSysColorBrush
FillRect
GetSysColor
CopyRect
SetRect
wsprintfA
UpdateWindow

gdi32

CreateDCA
CreateDIBitmap
ExtCreateRegion
SetViewportExtEx
SetViewportOrgEx
GetTextColor
StretchDIBits
GetCharWidthA
CreateFontA
GetBkColor
GetClipBox
SaveDC
RestoreDC
SetBkMode
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
GetCurrentObject
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
CreateRectRgnIndirect
SetRectRgn
GetMapMode
DPtoLP
GetRgnBox
StretchBlt
CreateBitmap
SetBkColor
SetTextColor
GetStockObject
CombineRgn
CreateRectRgn
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetTextExtentPoint32A
PatBlt
Rectangle
GetDeviceCaps
GetObjectA
CreateCompatibleBitmap
CreateFontIndirectA
CreatePen
CreateCompatibleDC
CreateDIBSection
SelectObject
BitBlt
CreateSolidBrush
DeleteDC
DeleteObject

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegQueryValueExA

shell32

Shell_NotifyIconA

comctl32

ImageList_Draw
ord17
ImageList_Destroy
ImageList_LoadImageA

shlwapi

PathIsUNCA
PathFindExtensionA
PathStripToRootA
PathFindFileNameA

oledlg

ord8

ole32

CoTaskMemFree
StgCreateDocfileOnILockBytes
CreateStreamOnHGlobal
CoInitialize
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleRun
CoUninitialize
CoTaskMemAlloc
CoGetClassObject
StgOpenStorageOnILockBytes
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
OleInitialize

oleaut32

SysAllocStringByteLen
GetErrorInfo
OleCreateFontIndirect
VarBstrFromCy
SafeArrayDestroy
SysStringLen
SysAllocStringLen
SafeArrayAccessData
SafeArrayUnaccessData
VariantChangeType
VariantCopy
SystemTimeToVariantTime
VariantInit
OleLoadPicture
VariantClear
SysFreeString
SysStringByteLen
SysAllocString

Sections

.text
Size: 276KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9d16b1fe8a0610e7e6d266913ba52554

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 276KB - Virtual size: 273KB

.rdata Size: 68KB - Virtual size: 66KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 2.6MB - Virtual size: 2.6MB

.text
Size: 276KB - Virtual size: 273KB

.rdata
Size: 68KB - Virtual size: 66KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 2.6MB - Virtual size: 2.6MB