2023-08-22_15ce49af34eda703e6a570b1153d09f1_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-22_15ce49af34eda703e6a570b1153d09f1_icedid_JC.exe
Size

1.8MB
MD5

15ce49af34eda703e6a570b1153d09f1
SHA1

27cadf576835dd3a0b7813a0e5f9ef4025e1e4ba
SHA256

9270c90bc3d6a573fea89864519677db05058d995c4bbffdc877c8faf9c23099
SHA512

f2d9950d3040ffddfe25f3c0f040f599f708e479ab688172903d21ddf09e94f0596043dbe344c3e171a474a38af86fdd0a91b86f4ffc20a9b059379eb20eb42f
SSDEEP

24576:O6MBHJCtzyI3vYacFhSkHQlguMdU3EzdS78h7Cdbwj97nfPv8ShLcfPncTjWdT:DMBHJGz8QhMd/5S78hYaTj0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-22_15ce49af34eda703e6a570b1153d09f1_icedid_JC.exe

Files

2023-08-22_15ce49af34eda703e6a570b1153d09f1_icedid_JC.exe
.exe windows x86

64d7c0353a268d11e718ba20fb8d33ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipBitmapSetPixel
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipDisposeImage
GdipGetImageWidth
GdipAlloc
GdipFree
GdipGetImageHeight
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromFile
GdiplusStartup
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipGetImageEncoders
GdipGetImageEncodersSize
GdiplusShutdown
GdipCloneImage

kernel32

ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetVolumeInformationW
GetFullPathNameW
GetFileAttributesW
GetFileSizeEx
SetErrorMode
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
RtlUnwind
RaiseException
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetStdHandle
GetFileType
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
LCMapStringA
GetStringTypeA
GetStringTypeW
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCurrentDirectoryA
GetDriveTypeA
CreateFileA
GetProcessHeap
SetEnvironmentVariableA
GlobalGetAtomNameW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
InterlockedIncrement
GlobalFlags
LocalAlloc
FindFirstFileW
FindNextFileW
FindClose
GetThreadLocale
WaitForSingleObject
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetModuleHandleA
CompareStringW
GetVersionExA
GetCurrentProcessId
GetProfileIntW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetCurrentThreadId
GetVersion
FreeResource
LocalFree
FormatMessageW
GetWindowsDirectoryW
SetPriorityClass
DeviceIoControl
Process32NextW
TerminateProcess
OpenProcess
Process32FirstW
CreateToolhelp32Snapshot
LocalFileTimeToFileTime
SystemTimeToFileTime
lstrlenA
lstrcmpiW
LoadLibraryA
VirtualProtectEx
lstrcmpW
GetFileSize
GetFileTime
TerminateThread
Beep
GetSystemDefaultLangID
InterlockedDecrement
SetCurrentDirectoryW
SetCurrentDirectoryA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
SetFileTime
CreateFileW
GetLongPathNameW
CopyFileW
CreateThread
GetTickCount
FreeLibrary
GetProcAddress
LoadLibraryW
GetCurrentDirectoryW
MulDiv
IsBadReadPtr
FileTimeToLocalFileTime
FileTimeToSystemTime
GetModuleHandleW
MoveFileW
DeleteFileW
CreateMutexW
SetLastError
ExitProcess
GetVersionExW
GetLastError
GetCurrentProcess
CreateDirectoryW
Sleep
lstrcatW
lstrcpynW
lstrcpyW
GetModuleFileNameW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenW
GetModuleFileNameA
MultiByteToWideChar
CloseHandle
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
HeapReAlloc

user32

CheckMenuItem
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
GetActiveWindow
PostQuitMessage
MapDialogRect
SetWindowContextHelpId
WindowFromPoint
ValidateRect
RegisterClipboardFormatW
ShowOwnedPopups
DestroyMenu
LoadAcceleratorsW
GetSysColorBrush
UnregisterClassW
CharNextW
CopyAcceleratorTableW
GetNextDlgGroupItem
PostThreadMessageW
CharUpperW
TranslateAcceleratorW
BringWindowToTop
InsertMenuItemW
ReuseDDElParam
UnpackDDElParam
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
DefWindowProcW
SystemParametersInfoA
GetWindowPlacement
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
GetMenuStringW
GetCapture
SetRectEmpty
HideCaret
InvalidateRgn
SetWindowRgn
GetDlgCtrlID
GetWindow
EndPaint
BeginPaint
SetPropW
CallWindowProcW
RemovePropW
GetPropW
ClientToScreen
GetMenuDefaultItem
DrawFocusRect
DrawEdge
GetMessagePos
TabbedTextOutW
DrawTextW
SetWindowTextW
GrayStringW
GetMenu
WindowFromDC
GetMenuInfo
DestroyIcon
GetWindowLongW
GetMenuItemInfoW
IsMenu
GetWindowDC
DrawStateW
FillRect
RemoveMenu
ModifyMenuW
GetMenuState
GetMenuItemID
CreateMenu
CreatePopupMenu
GetSysColor
CopyRect
VkKeyScanW
MessageBeep
InsertMenuW
LoadImageW
GetDlgItem
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
ReleaseCapture
SetCapture
SetCursor
LoadCursorW
GetFocus
InflateRect
SetActiveWindow
KillTimer
ExitWindowsEx
SetTimer
GetDesktopWindow
RedrawWindow
GetSubMenu
LoadMenuW
EnableMenuItem
UpdateWindow
IsZoomed
GetMenuItemCount
PtInRect
InvalidateRect
SetWindowPos
IsWindow
DrawIcon
RegisterHotKey
UnregisterHotKey
MoveWindow
SetWindowLongW
DeleteMenu
LoadBitmapW
OffsetRect
AppendMenuW
GetSystemMenu
LoadIconW
SetForegroundWindow
ShowWindow
IsIconic
PostMessageW
MessageBoxW
IntersectRect
GetForegroundWindow
mouse_event
GetMessageW
SetClipboardData
EmptyClipboard
EnumWindows
GetClassNameW
IsWindowVisible
GetWindowTextW
CloseClipboard
GetClipboardData
OpenClipboard
EqualRect
IsDialogMessageW
IsRectEmpty
SetRect
keybd_event
GetAsyncKeyState
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetClassLongW
SetFocus
DrawTextExW
GetWindowTextLengthW
SetCursorPos
GetKeyState
GetCursorPos
IsChild
GetClassInfoW
FindWindowW
LoadImageA
DispatchMessageW
TranslateMessage
PeekMessageW
ReleaseDC
GetDC
ScreenToClient
GetWindowRect
SystemParametersInfoW
GetSystemMetrics
GetKeyNameTextW
MapVirtualKeyW
GetClientRect
SendMessageW
GetParent
EnableWindow
CopyIcon

gdi32

SaveDC
RestoreDC
SetBkMode
SetMapMode
ExcludeClipRect
LineTo
MoveToEx
GetViewportExtEx
GetWindowExtEx
GetMapMode
SetViewportOrgEx
SetTextColor
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreateEllipticRgn
LPtoDP
Ellipse
GetBkColor
GetRgnBox
SetBkColor
CreateBitmap
CombineRgn
CreateRectRgnIndirect
CreateRectRgn
GetClipBox
DeleteObject
CreatePen
GetTextExtentPoint32W
CreateFontIndirectW
DPtoLP
GetCurrentObject
GetBitmapBits
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetDIBits
RealizePalette
SelectPalette
GetStockObject
GetObjectW
CreateDIBSection
DeleteDC
GetDeviceCaps
OffsetViewportOrgEx
CreateDCW
GetTextExtentPointA
GetTextMetricsA
SetBrushOrgEx
UnrealizeObject
PtVisible
RectVisible
ExtTextOutW
Escape
TextOutW
RoundRect
SetPixel
GetPixel
GetNearestColor
CreateSolidBrush
CreatePatternBrush
GetTextMetricsW
CreateFontW
GetTextColor
Rectangle
SetBitmapBits

comdlg32

GetOpenFileNameW
GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegCloseKey
LookupPrivilegeValueA
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegQueryValueW
RegSetValueExW
RegCreateKeyExW

shell32

ShellExecuteW
DragQueryFileW
DragFinish
SHGetSpecialFolderPathW

comctl32

_TrackMouseEvent
InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathRemoveFileSpecW
PathFindFileNameW
UrlUnescapeW
PathStripToRootW
PathFileExistsW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleRun
CreateStreamOnHGlobal
CoFreeUnusedLibraries
CoUninitialize
CoInitializeEx
OleUninitialize
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject

oleaut32

SysAllocString
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
VariantChangeType
VariantInit
VariantCopy
VariantClear
SafeArrayDestroy
OleCreateFontIndirect
GetErrorInfo

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

winmm

PlaySoundW
timeGetTime

wininet

InternetQueryOptionW
HttpOpenRequestW
InternetOpenUrlW
InternetConnectW
HttpSendRequestExW
HttpEndRequestW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
HttpQueryInfoW
HttpAddRequestHeadersW
InternetQueryDataAvailable
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetSetStatusCallbackW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 310KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64d7c0353a268d11e718ba20fb8d33ee

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

version

winmm

wininet

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 310KB - Virtual size: 310KB

.data Size: 46KB - Virtual size: 120KB

.rsrc Size: 200KB - Virtual size: 199KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 310KB - Virtual size: 310KB

.data
Size: 46KB - Virtual size: 120KB

.rsrc
Size: 200KB - Virtual size: 199KB