faaf52fa85eec4131d251692b37f8231_icedid_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

faaf52fa85eec4131d251692b37f8231_icedid_JC.exe
Size

5.4MB
MD5

faaf52fa85eec4131d251692b37f8231
SHA1

5def9f066a93a13ae0aef710dc77b7f0bdd70607
SHA256

f8ace482b0acdd1fd122668cd862d41d012a9f7cbe98c54edc664a77b015ce97
SHA512

d853d05b1bab608082738789764a7e7d5fce6324e50266b98e1c32bc859dca8b2ed525f512519be1766d018b8e49deaa245ccd3f5f595b726cdb6a80ecd03f5c
SSDEEP

98304:5DwXheeaXVQe9rPlxNRDvtm6k808M4Yg5H9rnXPw1ndzGk+rcYQbd0T2KCpesBKB:5DwXhBaXVQe9rPlxNRDvtm6k808M4Ygp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
faaf52fa85eec4131d251692b37f8231_icedid_JC.exe

Files

faaf52fa85eec4131d251692b37f8231_icedid_JC.exe
.exe windows x86

eed6f56890721cebd7e83a54fbc749d3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

winmm

waveOutGetDevCapsW
PlaySoundW
mmioSeek
mmioRead
mmioWrite
mmioAscend
waveOutGetPosition
mmioDescend
mmioClose
mmioCreateChunk
waveOutReset
waveOutOpen
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
timeGetTime
waveOutRestart
waveOutPause
mmioOpenW
waveOutClose

comctl32

ImageList_DrawEx
ImageList_GetIcon
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Create
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Destroy

shell32

ShellExecuteW
ord155
ord16
SHBindToParent
ord190
DragQueryFileW
SHAppBarMessage
ExtractIconW
DragFinish
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
DragAcceptFiles
SHGetDesktopFolder
SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
SHGetFileInfoW
SHFileOperationW
SHGetFolderPathW

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

mpr

WNetGetUserW

uxtheme

SetWindowTheme

kernel32

HeapFree
GetConsoleCP
GetConsoleMode
GetFileType
SetErrorMode
GetSystemTimeAsFileTime
RtlUnwind
ExitProcess
SetStdHandle
HeapSize
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
LCMapStringW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetCurrentDirectoryA
GetDriveTypeA
SetEnvironmentVariableA
FindResourceExW
GetFileSizeEx
GlobalFlags
TlsFree
TlsSetValue
TlsAlloc
GlobalHandle
TlsGetValue
GlobalReAlloc
SystemTimeToFileTime
GetProfileIntW
SearchPathW
GetShortPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetStringTypeExW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
CompareStringA
InterlockedExchange
lstrcmpA
WritePrivateProfileStringW
VirtualProtect
GetDiskFreeSpaceW
GlobalGetAtomNameW
SuspendThread
SetThreadPriority
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryA
GetVersionExA
GetModuleHandleA
GetCurrentProcessId
FreeResource
lstrcpyA
WriteFileEx
SleepEx
MulDiv
HeapReAlloc
lstrlenA
LocalReAlloc
CompareStringW
lstrcmpW
GetDiskFreeSpaceExW
CreateSemaphoreW
LocalAlloc
ReleaseSemaphore
CreateThread
ExitThread
lstrcatW
GetLocaleInfoW
GetLocalTime
FileTimeToSystemTime
GetFileTime
GetWindowsDirectoryW
CreateProcessW
SetCurrentDirectoryW
GetComputerNameW
ReleaseMutex
ResumeThread
CreateMutexW
OpenMutexW
GetLongPathNameW
SetThreadLocale
GetThreadLocale
GetVersionExW
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryExW
EnterCriticalSection
RaiseException
LeaveCriticalSection
lstrcmpiW
MoveFileW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetModuleFileNameW
GetFullPathNameW
LocalFree
CompareFileTime
VirtualFree
VirtualAlloc
GetDriveTypeW
lstrcpyW
GetProcAddress
GetModuleHandleW
LoadLibraryW
SetLastError
GetCurrentDirectoryW
GetFileSize
ReadFile
GetTempFileNameW
GetTempPathW
FreeLibrary
WriteFile
CreateFileW
FindClose
FindNextFileW
FindFirstFileW
SetFileAttributesW
CopyFileW
DeleteFileW
CreateDirectoryW
GetFileAttributesW
FileTimeToLocalFileTime
GetFileInformationByHandle
SetFileAttributesA
CloseHandle
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CreateFileA
GetFileAttributesA
FileTimeToDosDateTime
FindResourceW
LoadResource
LockResource
SizeofResource
GetFileAttributesExW
lstrlenW
Sleep
WideCharToMultiByte
CreateEventW
WaitForSingleObject
ResetEvent
GetTickCount
SetEvent
MultiByteToWideChar
FormatMessageW
OutputDebugStringW
GetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalSize
HeapAlloc
GetStartupInfoW
SetFilePointer
DeleteFileA

user32

UpdateLayeredWindow
EnableScrollBar
UnionRect
IsMenu
GetMenuItemInfoW
CopyImage
GetIconInfo
CharUpperW
MessageBeep
DestroyAcceleratorTable
NotifyWinEvent
MapDialogRect
InSendMessage
CopyAcceleratorTableW
IsRectEmpty
DeleteMenu
CreateMenu
UnpackDDElParam
ReuseDDElParam
DestroyMenu
LoadAcceleratorsW
InsertMenuItemW
CreatePopupMenu
SetRectEmpty
DestroyCursor
SetCursorPos
TranslateAcceleratorW
TranslateMDISysAccel
BringWindowToTop
DefMDIChildProcW
DefFrameProcW
MapVirtualKeyW
GetKeyNameTextW
InflateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
CheckMenuItem
SendDlgItemMessageA
WinHelpW
GetClassLongW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetMessageTime
ScrollWindow
TrackPopupMenu
GetScrollRange
GetClassInfoW
RegisterClassW
EqualRect
DeferWindowPos
IntersectRect
SystemParametersInfoA
GrayStringW
DrawTextExW
TabbedTextOutW
CreateDialogIndirectParamW
IsWindow
EndDialog
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
RemoveMenu
CharLowerBuffW
GetDoubleClickTime
RegisterWindowMessageW
GetClassInfoExW
MsgWaitForMultipleObjects
EnableMenuItem
GetMessagePos
GetAsyncKeyState
OffsetRect
DrawIcon
DrawFocusRect
FrameRect
ReleaseCapture
WaitForInputIdle
PtInRect
ScreenToClient
MessageBoxA
GetSubMenu
LoadMenuW
GetDesktopWindow
PostThreadMessageW
RegisterClipboardFormatW
CharNextW
EnumWindows
GetClassNameW
wsprintfW
SetForegroundWindow
SetScrollRange
SetScrollPos
GetScrollPos
RedrawWindow
DrawFrameControl
SetCursor
DrawTextW
DestroyIcon
LoadIconW
CopyRect
LoadBitmapW
DispatchMessageW
GetMessageW
PeekMessageW
GetSystemMetrics
GetCursorPos
GetSysColor
GetSysColorBrush
GetClipboardViewer
DrawStateW
GetClipboardOwner
SetClipboardViewer
ChangeClipboardChain
SendNotifyMessageW
PostMessageW
TranslateMessage
MessageBoxW
FlashWindow
KillTimer
SetTimer
HiliteMenuItem
GetSystemMenu
DrawMenuBar
SetMenu
GetMenu
SetDlgItemTextW
SetDlgItemInt
SendDlgItemMessageW
IsDialogMessageW
GetNextDlgTabItem
GetNextDlgGroupItem
GetDlgItemTextW
GetDlgItemInt
DlgDirSelectComboBoxExW
DlgDirSelectExW
DlgDirListComboBoxW
DlgDirListW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
DestroyCaret
CreateCaret
ShowScrollBar
SetScrollInfo
ScrollWindowEx
GetScrollInfo
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
IsWindowVisible
ShowWindow
ValidateRgn
ValidateRect
InvalidateRgn
InvalidateRect
GetUpdateRgn
GetUpdateRect
UpdateWindow
GetWindowDC
EndPaint
BeginPaint
GetDlgItem
SetParent
GetParent
IsChild
ChildWindowFromPoint
WindowFromPoint
AdjustWindowRectEx
SetWindowPos
ClientToScreen
MoveWindow
MapWindowPoints
IsZoomed
IsIconic
SetWindowRgn
GetWindowRgn
SetWindowPlacement
GetWindowPlacement
SetCapture
GetCapture
SetActiveWindow
GetActiveWindow
IsWindowEnabled
EnableWindow
GetPropW
RemovePropW
SetWindowLongW
SetPropW
DestroyWindow
SystemParametersInfoW
GetWindowRect
GetClientRect
CreateWindowExW
GetWindow
GetDlgCtrlID
GetTopWindow
SetFocus
CallWindowProcW
ToAscii
GetKeyboardState
GetKeyState
GetFocus
DefWindowProcW
GetWindowLongW
UnregisterClassW
RegisterClassExW
LoadCursorW
FillRect
SendMessageW
UnhookWindowsHookEx
GetWindowThreadProcessId
SetWindowsHookExW
CallNextHookEx
ReleaseDC
GetDC
SetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
IsClipboardFormatAvailable
SetRect
DrawIconEx
DrawEdge
LockWindowUpdate
PostQuitMessage
SetWindowContextHelpId
MapVirtualKeyExW
IsCharLowerW
EnumChildWindows
SubtractRect
CreateAcceleratorTableW
GetKeyboardLayout
ToUnicodeEx
CharUpperBuffW
CopyIcon
SetClassLongW
GetMenuDefaultItem
LoadImageW
SetMenuDefaultItem
WaitMessage
GetOpenClipboardWindow
ShowOwnedPopups
GetLastActivePopup

gdi32

EndPage
GetPixel
StartDocW
OffsetViewportOrgEx
ScaleViewportExtEx
OffsetWindowOrgEx
ScaleWindowExtEx
ExtSelectClipRgn
GetViewportExtEx
CreatePatternBrush
GetObjectType
CreateHatchBrush
GetDCOrgEx
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
GetWindowOrgEx
CreateBitmap
CreateDIBSection
CreateEllipticRgn
GetBkColor
StartPage
RoundRect
GetTextExtentPoint32W
EnumFontFamiliesExW
OffsetRgn
GetRgnBox
EnumFontFamiliesW
GetTextCharsetInfo
SetDIBColorTable
GetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
GetTextFaceW
SetPixelV
SelectClipRgn
Escape
ExtTextOutW
RectVisible
GetTextColor
PtVisible
CreateFontIndirectW
LPtoDP
SetViewportExtEx
PolylineTo
Arc
Ellipse
SetPixel
RestoreDC
SetBkColor
SetWindowExtEx
SetMapMode
ExcludeClipRect
GetCurrentObject
GetDeviceCaps
IntersectClipRect
SaveDC
LineTo
MoveToEx
CreateSolidBrush
CreatePen
GetObjectW
DeleteDC
DeleteObject
BitBlt
SelectObject
CreateCompatibleBitmap
CreateRoundRectRgn
CreateCompatibleDC
SetTextAlign
SetROP2
SetPolyFillMode
CreateDCW
CopyMetaFileW
SelectPalette
RealizePalette
CreateDIBitmap
PatBlt
TextOutA
SetDIBitsToDevice
CreatePalette
GetClipBox
Polygon
SetViewportOrgEx
SetWindowOrgEx
CreatePolygonRgn
PtInRegion
GetStretchBltMode
CreateFontIndirectA
SetBitmapBits
GetBitmapBits
CreateRectRgn
Rectangle
GetDIBits
StretchBlt
SetStretchBltMode
StretchDIBits
SetBrushOrgEx
TextOutW
GetTextMetricsW
SetTextColor
SetBkMode
SetDCPenColor
GetStockObject
Polyline
CreateFontW
PlayEnhMetaFile
SetWinMetaFileBits
DeleteEnhMetaFile
AbortDoc
EndDoc
GetWindowExtEx

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetSaveFileNameW
GetOpenFileNameW
PrintDlgW
GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

SetFileSecurityW
RegEnumKeyExW
RegDeleteKeyW
RegCloseKey
RegQueryValueExW
RegCreateKeyW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
GetFileSecurityW
RegOpenKeyExW
RegSetValueW
RegFlushKey
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryInfoKeyW

oledlg

OleUIInsertObjectW
OleUIConvertW
OleUIEditLinksW
OleUIBusyW
OleUIAddVerbMenuW

ole32

OleRun
CoInitializeEx
OleDuplicateData
CoTreatAsClass
StringFromCLSID
ReleaseStgMedium
CreateBindCtx
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
OleSetClipboard
StgCreateDocfileOnILockBytes
StgOpenStorage
CoRevokeClassObject
CoUninitialize
StringFromGUID2
CoRegisterClassObject
CoInitialize
CoTaskMemRealloc
StgIsStorageFile
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
CreateILockBytesOnHGlobal
OleSave
WriteClassStm
OleSaveToStream
OleLockRunning
OleCreateStaticFromData
OleCreate
OleLoad
StgOpenStorageOnILockBytes
GetHGlobalFromILockBytes
OleSetContainedObject
OleCreateFromFile
OleCreateLinkToFile
OleGetIconOfClass
CreateItemMoniker
CreateGenericComposite
OleSetMenuDescriptor
StgCreateDocfile
CreateStreamOnHGlobal
CreateFileMoniker
CoFreeUnusedLibraries
OleInitialize
CLSIDFromProgID
CLSIDFromString
GetClassFile
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
DoDragDrop
CoDisconnectObject
CoGetClassObject
CoRegisterMessageFilter
OleTranslateAccelerator
IsAccelerator
StgOpenStorageEx
OleGetClipboard
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
SetConvertStg

oleaut32

OleCreateFontIndirect
SafeArrayDestroy
VariantInit
VariantCopy
VariantChangeType
SysStringByteLen
SysAllocStringLen
OleLoadPicture
SystemTimeToVariantTime
VariantTimeToSystemTime
LoadTypeLi
SysStringLen
RegisterTypeLi
VarUI4FromStr
SysFreeString
SysAllocString
VariantClear

odbc32

ord72
ord4
ord117
ord141
ord110
ord61
ord16
ord2
ord1
ord23
ord15
ord9
ord14
ord3
ord108
ord48
ord49
ord111
ord119
ord12
ord46
ord18
ord13
ord59
ord43
ord68
ord44
ord145
ord150
ord51
ord5
ord20

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCloneImage

avifil32

AVIStreamGetFrame
AVIStreamGetFrameOpen
AVIStreamInfoW
AVIFileInit
AVIStreamRelease
AVIFileExit
AVIStreamOpenFromFileW

shlwapi

PathFindExtensionW
PathRemoveExtensionW
PathFindFileNameW
PathStripToRootW
PathRemoveFileSpecW
PathIsUNCW

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 553KB - Virtual size: 552KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 23.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eed6f56890721cebd7e83a54fbc749d3

Headers

DLL Characteristics

File Characteristics

Imports

version

winmm

comctl32

shell32

imm32

mpr

uxtheme

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

oledlg

ole32

oleaut32

odbc32

gdiplus

avifil32

shlwapi

Sections

.text Size: 3.7MB - Virtual size: 3.7MB

.rdata Size: 553KB - Virtual size: 552KB

.data Size: 97KB - Virtual size: 23.7MB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 3.7MB - Virtual size: 3.7MB

.rdata
Size: 553KB - Virtual size: 552KB

.data
Size: 97KB - Virtual size: 23.7MB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB