f7df7f56d2fa852c1407e30d953127da_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

f7df7f56d2fa852c1407e30d953127da_icedid_JC.exe
Size

17.9MB
MD5

f7df7f56d2fa852c1407e30d953127da
SHA1

c5495d41adafe788c0dd6765c8efc2acc8c54c9c
SHA256

8b57887c9257b805611d7503f1e0fbad6cb6b8ac68d7a3744a372869f53343d6
SHA512

77acf6264d5a68f0372f5a5e3ed63b6f584e24aa7d27a1cc565efd4826a989da61342c3eeed60deaaa62b69d667c59ff117543a7c7c756cf9b9a0ac2e4629623
SSDEEP

393216:36p+4OzHh49S2uCXxsVYZ2Oz1oMzHh2HS2D:3m+4ObIS2hoYZrXbASe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7df7f56d2fa852c1407e30d953127da_icedid_JC.exe

Files

f7df7f56d2fa852c1407e30d953127da_icedid_JC.exe
.exe windows x86

e24ceaae580e549d438852abf7957ad7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

mpr

WNetGetConnectionA

kernel32

HeapQueryInformation
SetStdHandle
GetFileType
UnhandledExceptionFilter
IsDebuggerPresent
GetTimeZoneInformation
IsValidCodePage
IsProcessorFeaturePresent
SetHandleCount
GetStdHandle
GetConsoleCP
GetConsoleMode
HeapCreate
HeapSize
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetLocaleInfoW
SetEnvironmentVariableA
CompareStringW
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
CreateFileW
GetCurrentThreadId
FindResourceW
ExitProcess
VirtualQuery
LCMapStringW
VirtualAlloc
SizeofResource
CreateThread
LockResource
LoadResource
WideCharToMultiByte
DeleteFileA
CloseHandle
CreateFileA
GetVolumeInformationA
GetTickCount
GetModuleFileNameA
lstrcpynA
FreeLibrary
GetProcAddress
GetLastError
LoadLibraryA
WritePrivateProfileStringA
lstrcatA
GetPrivateProfileStringA
ExpandEnvironmentStringsA
GetProfileStringA
GetPrivateProfileIntA
lstrlenA
WriteProfileStringA
LocalFree
FormatMessageA
GetCurrentProcess
FreeResource
WriteFile
FindResourceA
GlobalUnlock
GlobalLock
GlobalAlloc
ReadFile
ExitThread
GetStartupInfoW
HeapSetInformation
GetDateFormatA
GetTimeFormatA
RaiseException
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
RtlUnwind
FindResourceExW
GetUserDefaultLCID
VirtualProtect
GetNumberFormatA
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GetFileAttributesExA
GetFullPathNameA
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
lstrcmpiA
GetOEMCP
GetCPInfo
GetACP
GetSystemDirectoryW
GetCurrentDirectoryA
GlobalFlags
GlobalHandle
GlobalReAlloc
SetFilePointer
GlobalSize
ReleaseMutex
LocalAlloc
GetVersionExA
GlobalGetAtomNameA
GlobalAddAtomA
GetModuleHandleA
GetVersion
lstrcpyA
GlobalFindAtomA
InitializeCriticalSectionAndSpinCount
LoadLibraryW
lstrcmpW
GlobalDeleteAtom
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
CompareStringA
GetModuleHandleW
InterlockedExchange
lstrlenW
MultiByteToWideChar
MulDiv
GetModuleFileNameW
ActivateActCtx
ReleaseActCtx
DeactivateActCtx
SuspendThread
ResumeThread
SetThreadPriority
SetUnhandledExceptionFilter
_lopen
_lcreat
_llseek
_lclose
GetCommandLineA
GetExitCodeProcess
GetTempPathA
GetTempFileNameA
_lwrite
GetProfileIntA
HeapAlloc
FindNextFileA
InitializeCriticalSection
GetLocalTime
SetErrorMode
HeapReAlloc
InterlockedIncrement
GetSystemTime
CreateSemaphoreA
DeleteCriticalSection
LeaveCriticalSection
TlsFree
HeapFree
OpenSemaphoreA
OutputDebugStringA
FileTimeToSystemTime
EnterCriticalSection
TlsAlloc
TlsGetValue
GetFileSize
InterlockedCompareExchange
CreateMutexA
ReleaseSemaphore
InterlockedDecrement
SystemTimeToFileTime
TlsSetValue
GetProcessHeap
SearchPathA
lstrcmpA
CreateProcessA
SetEvent
WaitForSingleObject
GetCurrentProcessId
LocalReAlloc
CreateEventA
TerminateProcess
OpenProcess
DeviceIoControl
CreateDirectoryA
MoveFileA
FindFirstFileA
FindClose
Sleep
GlobalFree
RemoveDirectoryA
OpenFile
GetSystemDirectoryA
GetWindowsDirectoryA
CopyFileA
SetFileAttributesA
SetLastError
GetFileAttributesA
GetSystemInfo
GetEnvironmentVariableA
GlobalMemoryStatus

user32

IsClipboardFormatAvailable
SetMenuDefaultItem
CreateMenu
UpdateLayeredWindow
UnionRect
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
GetNextDlgGroupItem
LoadImageA
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyA
ToAsciiEx
CopyAcceleratorTableA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateA
MessageBeep
ReleaseCapture
SetCapture
GetSystemMenu
LoadMenuW
SetClassLongA
GetAsyncKeyState
NotifyWinEvent
WindowFromPoint
CreatePopupMenu
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
IsIconic
IsRectEmpty
CharUpperA
DestroyIcon
IntersectRect
CopyImage
DestroyMenu
GetMenuItemInfoA
InflateRect
InvalidateRect
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoA
DeleteMenu
ShowOwnedPopups
SetCursor
GetSysColorBrush
RealChildWindowFromPoint
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
MoveWindow
IsDialogMessageA
SetDlgItemTextA
RegisterWindowMessageA
LoadIconW
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
RedrawWindow
GetClassInfoExA
GetClassInfoA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
CallWindowProcA
GetMenu
SetWindowLongA
CopyRect
PtInRect
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
PostQuitMessage
GetMenuStringA
AppendMenuA
RemoveMenu
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMessageA
GetCursorPos
ValidateRect
SetWindowsHookExA
GetKeyState
CallNextHookEx
DdeDisconnect
RegisterClipboardFormatA
FindWindowExA
LoadCursorA
RegisterClassA
CreateWindowExA
SetTimer
WaitMessage
KillTimer
wvsprintfA
FrameRect
GetUpdateRect
LoadImageW
CopyIcon
CharUpperBuffA
GetWindowRgn
DestroyCursor
DrawIcon
TranslateMessage
DispatchMessageA
PostMessageA
DestroyWindow
DefWindowProcA
IsMenu
GetMenuState
GetMenuItemCount
GetSubMenu
GetMenuItemID
MapDialogRect
SubtractRect
MapVirtualKeyExA
GetKeyNameTextA
IsCharLowerA
CheckDlgButton
GetDoubleClickTime
InsertMenuA
UnhookWindowsHookEx
FindWindowA
SendMessageA
SetForegroundWindow
SendMessageCallbackA
PeekMessageA
GetWindowThreadProcessId
IsWindowVisible
GetWindowTextA
EnumWindows
GetKeyboardType
DialogBoxParamA
GetDlgItem
SetWindowTextA
IsDlgButtonChecked
EndDialog
GetWindow
GetClientRect
MapWindowPoints
SetWindowPos
OemToCharA
SetRectEmpty
GetSystemMetrics
OffsetRect
GetClipboardData
GetActiveWindow
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
wsprintfA
GetParent
UpdateWindow
GetWindowRect
ShowWindow
EnableWindow
IsWindow
MessageBoxA
PostThreadMessageA
FillRect

gdi32

SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateDIBitmap
CreateFontIndirectA
CreateCompatibleBitmap
CreateRectRgnIndirect
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
GetTextExtentPoint32A
SetRectRgn
CombineRgn
PatBlt
DPtoLP
CreateDIBSection
CreateRoundRectRgn
Escape
GetBkColor
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
GetRgnBox
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExA
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceA
SetPixelV
TextOutA
ExtTextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
CreateDCA
CopyMetaFileA
CreatePolygonRgn
CreateBitmap
GetDeviceCaps

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegSaveKeyA
RegEnumValueA
RegQueryValueA
DeleteService
StartServiceA
ControlService
QueryServiceStatus
CreateServiceA
RegCloseKey
RegCreateKeyA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
QueryServiceStatusEx
RegOpenKeyA
GetUserNameA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegRestoreKeyA

shell32

SHAppBarMessage
SHGetFileInfoA
SHGetDesktopFolder
SHGetPathFromIDListA
SHBrowseForFolderA
DragQueryFileA
DragFinish
ShellExecuteA
SHGetSpecialFolderLocation

comctl32

ImageList_GetIconSize

shlwapi

PathFindExtensionA
PathRemoveFileSpecW
PathStripToRootA
PathFindFileNameA
PathIsUNCA

ws2_32

gethostname

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipFree
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipAlloc

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

ole32

OleGetClipboard
RevokeDragDrop
CoTaskMemFree
ReleaseStgMedium
DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitialize
CoInitializeEx
CoCreateInstance
CoCreateGuid
CoUninitialize
CoTaskMemAlloc
OleDuplicateData
CoLockObjectExternal
RegisterDragDrop

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VariantInit
VariantChangeType
SysAllocStringLen
SysFreeString
VarBstrFromDate
SysAllocString
VariantClear

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.6MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8.2MB - Virtual size: 8.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e24ceaae580e549d438852abf7957ad7

Headers

DLL Characteristics

File Characteristics

Imports

version

mpr

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ws2_32

oleacc

gdiplus

imm32

winmm

ole32

oleaut32

Sections

.text Size: 3.5MB - Virtual size: 3.5MB

.rdata Size: 4.6MB - Virtual size: 4.6MB

.data Size: 1.6MB - Virtual size: 2.9MB

.rsrc Size: 8.2MB - Virtual size: 8.2MB

.text
Size: 3.5MB - Virtual size: 3.5MB

.rdata
Size: 4.6MB - Virtual size: 4.6MB

.data
Size: 1.6MB - Virtual size: 2.9MB

.rsrc
Size: 8.2MB - Virtual size: 8.2MB