2023-08-22_48d54e3b6c5af84aba21f9d072423de7_icedid_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

2023-08-22_48d54e3b6c5af84aba21f9d072423de7_icedid_JC.exe
Size

3.0MB
MD5

48d54e3b6c5af84aba21f9d072423de7
SHA1

0ed7f60b24ad1e152efb88c2e0104bbeddf819d9
SHA256

202641c3dbfb74354b1b7f2152b850b44f4d50d19d01cd34341d265dc5a0e7f0
SHA512

b237b18bc0a85dafd523e555518e35173e4d6b844d03276012eba6a111c40f26f22c2a16f1a0abcaeed9ce0bc7c911424df0107315f61075ce7053d79ae8987d
SSDEEP

49152:EoDH4rJ/Zp5AXXb+UI+pLbCaWhcUcltOap34XwsXLy00EjRaSV0aMMOx12Eskp1+:/D4J/Zp5mXb+UIolU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-22_48d54e3b6c5af84aba21f9d072423de7_icedid_JC.exe

Files

2023-08-22_48d54e3b6c5af84aba21f9d072423de7_icedid_JC.exe
.exe windows x86

72a1069500e6d2f29330fec64dd36ea8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wmvcore

WMCreateProfileManager
WMCreateWriter

winmm

PlaySoundW
waveOutSetVolume
waveInClose
waveInOpen

olepro32

ord250

wsock32

connect
socket
send
htons
ioctlsocket
gethostbyname
WSAStartup
closesocket
recv
WSAGetLastError

shell32

ShellExecuteW
SHGetFolderPathW
SHGetMalloc
DragFinish
DragQueryFileW
FindExecutableW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteA

register

?LaunchRegistrationDialog@CRegisterLib@@QAEPA_WPB_W0000H@Z
??1CRegisterLib@@QAE@XZ
??0CRegisterLib@@QAE@XZ

kernel32

GetVersionExA
LoadLibraryA
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GetCurrentThreadId
FreeResource
GetModuleHandleA
GlobalGetAtomNameW
GetVersion
InterlockedExchange
CompareStringA
GetLocaleInfoW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
ResumeThread
WaitForSingleObject
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
LocalAlloc
GetThreadLocale
MoveFileW
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetFullPathNameW
SetLastError
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
WritePrivateProfileStringW
GetFileAttributesW
SetErrorMode
RtlUnwind
GetSystemTimeAsFileTime
ExitThread
CreateThread
WriteConsoleW
GetStdHandle
RaiseException
HeapReAlloc
HeapSize
SetStdHandle
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
VirtualFree
QueryPerformanceCounter
TerminateProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
CreateFileA
SetEnvironmentVariableA
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
InterlockedDecrement
InterlockedIncrement
GetDriveTypeW
Beep
GetStartupInfoA
DeleteFileA
GetShortPathNameW
GetVolumeInformationW
GetStartupInfoW
CreateProcessW
GetExitCodeProcess
FindClose
SetThreadExecutionState
GetSystemDirectoryW
GetVersionExW
GetModuleHandleW
FindFirstFileA
FindNextFileA
LoadLibraryW
GetProcAddress
FreeLibrary
FindFirstFileW
FindNextFileW
GetLocalTime
SystemTimeToFileTime
GetLogicalDriveStringsW
MultiByteToWideChar
GetProcessHeap
HeapFree
CopyFileW
CompareFileTime
GetFileTime
CreateDirectoryW
lstrlenW
lstrcpyW
SetFilePointer
FileTimeToLocalFileTime
FileTimeToSystemTime
OutputDebugStringW
lstrcmpW
WriteFile
SetCurrentDirectoryW
ExitProcess
GetCurrentProcess
SetPriorityClass
GetCurrentThread
SetThreadPriority
GetModuleFileNameW
HeapCreate
HeapAlloc
HeapDestroy
GetTickCount
GlobalAlloc
Sleep
GlobalFree
GetCurrentProcessId
LoadResource
LockResource
SizeofResource
FindResourceW
DeleteFileW
CreateFileW
GetLastError
GetFileType
GetFileSize
ReadFile
WideCharToMultiByte
CloseHandle
lstrlenA

user32

IsWindowEnabled
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
TranslateAcceleratorW
SetRectEmpty
CreatePopupMenu
InsertMenuItemW
InvalidateRect
LoadAcceleratorsW
SetCursor
GetActiveWindow
DestroyMenu
ReuseDDElParam
UnpackDDElParam
MapDialogRect
SetWindowContextHelpId
InflateRect
GetMenuItemInfoW
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
ValidateRect
GetCursorPos
GetMessageW
ShowOwnedPopups
WindowFromPoint
CharUpperW
GetSysColorBrush
UnregisterClassW
CharNextW
CopyAcceleratorTableW
SetRect
InvalidateRgn
GetNextDlgGroupItem
RegisterClipboardFormatW
PostThreadMessageW
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
UnregisterClassA
TrackPopupMenu
GetKeyState
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
GetParent
EqualRect
DeferWindowPos
PtInRect
GetDlgCtrlID
DefWindowProcW
SetMenuItemBitmaps
OffsetRect
SystemParametersInfoA
GetWindow
IsDialogMessageW
GetMenuItemID
GetMenuItemCount
GetAsyncKeyState
GetFocus
RegisterHotKey
UnregisterHotKey
GetMessagePos
ScreenToClient
SetWindowTextW
IntersectRect
SetCursorPos
FindWindowA
MoveWindow
ReleaseCapture
SetCapture
GetSubMenu
ModifyMenuW
LoadImageW
GetSystemMenu
AppendMenuW
EnumWindows
GetForegroundWindow
EnumThreadWindows
GetClassNameW
GetWindowThreadProcessId
SetWindowPos
RedrawWindow
EnumChildWindows
EnableMenuItem
CheckMenuItem
MonitorFromWindow
GetMonitorInfoW
MonitorFromPoint
IsWindowVisible
IsIconic
BringWindowToTop
GetWindowPlacement
DestroyWindow
ShowWindow
GetWindowTextW
GetDesktopWindow
MessageBeep
EnumDisplaySettingsW
ChangeDisplaySettingsW
wsprintfW
RegisterWindowMessageW
SetFocus
CopyRect
GetWindowRect
LoadBitmapW
KillTimer
LoadIconW
LoadCursorW
LoadMenuW
SetMenu
DrawMenuBar
SetTimer
FindWindowW
UpdateWindow
PostQuitMessage
MessageBoxW
GetSystemMetrics
SystemParametersInfoW
PostMessageW
GetWindowLongW
SetWindowLongW
SetLayeredWindowAttributes
GetDC
ReleaseDC
IsRectEmpty
EnableWindow
GetClientRect
SendMessageW
FillRect
PeekMessageW
TranslateMessage
DispatchMessageW
GetMenuCheckMarkDimensions
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
GetMenuState
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
CallWindowProcW
GetLastActivePopup
SetForegroundWindow
MapWindowPoints

gdi32

CreateBitmap
SaveDC
RestoreDC
SetBkMode
SetMapMode
CreateRectRgnIndirect
SetBkColor
SetTextColor
GetClipBox
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
Rectangle
ExtSelectClipRgn
CreatePatternBrush
GetStockObject
CreatePen
CreateSolidBrush
CreateFontIndirectW
GetTextExtentPoint32W
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
MoveToEx
LineTo
GetDeviceCaps
CreateFontW
GetObjectW
DeleteObject
CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
GetDIBits
ScaleWindowExtEx
DeleteDC

msimg32

GradientFill

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueW
RegDeleteKeyW
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegOpenKeyW
RegQueryValueExW
RegCloseKey
RegEnumKeyW

comctl32

ord17

shlwapi

PathStripToRootW
UrlUnescapeW
PathFindFileNameW
PathFindExtensionW
PathAppendW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoCreateInstance
CoTaskMemFree
CLSIDFromString
CoUninitialize
CoInitializeEx
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromProgID
CoTaskMemAlloc

oleaut32

VariantClear
VariantCopy
SysAllocStringLen
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
OleCreateFontIndirect
SysAllocString
VariantInit
VariantChangeType
SysFreeString

wininet

InternetCanonicalizeUrlW
HttpOpenRequestW
InternetConnectW
HttpSendRequestW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
HttpQueryInfoW
HttpAddRequestHeadersW
InternetErrorDlg
InternetQueryDataAvailable
InternetCrackUrlW

Sections

.text
Size: 652KB - Virtual size: 652KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

72a1069500e6d2f29330fec64dd36ea8

Headers

File Characteristics

Imports

wmvcore

winmm

olepro32

wsock32

shell32

register

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

Sections

.text Size: 652KB - Virtual size: 652KB

.rdata Size: 260KB - Virtual size: 260KB

.data Size: 16KB - Virtual size: 396KB

.rsrc Size: 2.0MB - Virtual size: 2.0MB

.data Size: 80KB - Virtual size: 80KB

.text
Size: 652KB - Virtual size: 652KB

.rdata
Size: 260KB - Virtual size: 260KB

.data
Size: 16KB - Virtual size: 396KB

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

.data
Size: 80KB - Virtual size: 80KB