2023-08-22_29a0f71fb6d80bf6a26039860098cd1a_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-22_29a0f71fb6d80bf6a26039860098cd1a_icedid_JC.exe
Size

321KB
MD5

29a0f71fb6d80bf6a26039860098cd1a
SHA1

49cb0d9b65f4637fbbbdcf991c905829035f4ead
SHA256

35fb0956ee03dc1b3e1672dbc5091982467f82e1cec1cb0c290dfe0663b45a23
SHA512

ed46e7ca965d22a2d7acd6b270da1225e45176e2e259fde844a729e96ba1a394aeb113a66b104b20f152939b4ad2b585ce0c71736038c8d5ae0df48f4359ed59
SSDEEP

6144:tks2itNnAfBDP/fSeORzGD2c9fueTJ8teS/5YPMDdwuQvq:tOfBD/s6D2c9fuCejBuwdh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-22_29a0f71fb6d80bf6a26039860098cd1a_icedid_JC.exe

Files

2023-08-22_29a0f71fb6d80bf6a26039860098cd1a_icedid_JC.exe
.exe windows x86

adc63f23a7db85c5e6762961f97c11c7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSizeEx
GetFileTime
GetCommandLineA
GetStartupInfoA
RtlUnwind
RaiseException
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
Sleep
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
GetStringTypeA
GetStringTypeW
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetFileAttributesA
SetHandleCount
GetFileType
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
FileTimeToLocalFileTime
GetTickCount
SetErrorMode
GetOEMCP
GetCPInfo
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFlags
FileTimeToSystemTime
GetThreadLocale
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GetModuleHandleW
InterlockedDecrement
GetModuleFileNameW
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetCurrentProcessId
GlobalAddAtomA
WritePrivateProfileStringA
FreeResource
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
CompareStringA
InterlockedExchange
lstrcmpA
GetModuleHandleA
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MultiByteToWideChar
MulDiv
lstrlenA
OpenProcess
HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress
LoadLibraryA
CloseHandle
FreeLibrary
GetVersionExA
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
GetWindowsDirectoryA

user32

RegisterClipboardFormatA
PostThreadMessageA
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableA
CharNextA
ReleaseCapture
SetCapture
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
EqualRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
ReleaseDC
GetDC
CopyRect
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
UnregisterClassA
DestroyMenu
CharUpperA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetWindow
SetWindowContextHelpId
GetParent
MapDialogRect
SetWindowPos
PostQuitMessage
PostMessageA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
LoadCursorA
SetCursor
SetTimer
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
SendMessageA
LoadIconA
EnableWindow

gdi32

ExtSelectClipRgn
DeleteDC
GetStockObject
RectVisible
GetBkColor
GetTextColor
GetRgnBox
GetMapMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
GetDeviceCaps
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateRectRgnIndirect
CreateBitmap
TextOutA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA

oledlg

ord8

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoRevokeClassObject
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CLSIDFromString

oleaut32

SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysStringLen
SysFreeString
SysAllocStringByteLen
SysAllocStringLen

psapi

GetModuleBaseNameA
EnumProcessModules
EnumProcesses

ws2_32

ntohs
inet_ntoa

Sections

.text
Size: 210KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vudlcde
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

adc63f23a7db85c5e6762961f97c11c7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

psapi

ws2_32

Sections

.text Size: 210KB - Virtual size: 210KB

.rdata Size: 52KB - Virtual size: 52KB

.data Size: 10KB - Virtual size: 25KB

.rsrc Size: 47KB - Virtual size: 48KB

vudlcde Size: - Virtual size: 4KB

.text
Size: 210KB - Virtual size: 210KB

.rdata
Size: 52KB - Virtual size: 52KB

.data
Size: 10KB - Virtual size: 25KB

.rsrc
Size: 47KB - Virtual size: 48KB

vudlcde
Size: - Virtual size: 4KB