2023-08-22_3b244137bea6a53a7aa8e0a841c125ea_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-22_3b244137bea6a53a7aa8e0a841c125ea_icedid_JC.exe
Size

472KB
MD5

3b244137bea6a53a7aa8e0a841c125ea
SHA1

5e5a517f58aa2e3feac03d2449cf0b0ffee26d1d
SHA256

96790f4e78a6d2f244062a8f15398eb73bd727929941bd406975bbc0f7617904
SHA512

e2d5d0bc674113c2a82cd8fc83c9cd182adb39fd025ff281de94c94ecaabcc96f9b1ae9981cf60eacac05fdc67618458b0f75e58e7290f99a3a0faee91b0666e
SSDEEP

12288:WiA3CmE1OtO3hmxcQA06A2MdZi//o67w:23CmqOtOUc/06DGinX7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-22_3b244137bea6a53a7aa8e0a841c125ea_icedid_JC.exe

Files

2023-08-22_3b244137bea6a53a7aa8e0a841c125ea_icedid_JC.exe
.exe windows x86

81a739e6927022b5acc2afa8b7849008

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

gethostbyaddr
WSACleanup
WSAConnect
WSAEnumNetworkEvents
htonl
getsockname
WSACreateEvent
WSAEventSelect
WSAWaitForMultipleEvents
WSACloseEvent
ntohl
listen
gethostbyname
select
__WSAFDIsSet
recv
WSAGetLastError
send
shutdown
WSASocketA
setsockopt
bind
closesocket
ioctlsocket
WSAStartup
htons
inet_ntoa
ntohs
inet_addr
accept

wininet

InternetSetOptionA

kernel32

GetDiskFreeSpaceA
InterlockedDecrement
GlobalFlags
InterlockedIncrement
LocalAlloc
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
FileTimeToSystemTime
SystemTimeToFileTime
GetCPInfo
GetOEMCP
MoveFileA
DeleteFileA
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
FindClose
FindFirstFileA
GetVolumeInformationA
GetShortPathNameA
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetErrorMode
RtlUnwind
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
VirtualQuery
GetStartupInfoA
GetCommandLineA
ExitProcess
GetFullPathNameA
HeapSize
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
SetLastError
MulDiv
FormatMessageA
lstrcpynA
GlobalFree
GlobalUnlock
HeapReAlloc
GlobalLock
IsBadWritePtr
GlobalAlloc
GlobalSize
GetLocalTime
lstrcpyA
InterlockedExchange
GetACP
LocalFree
FreeResource
GetStringTypeExA
CompareStringW
CompareStringA
lstrcmpiA
GetVersion
RaiseException
MultiByteToWideChar
GetCurrentProcess
TerminateProcess
CreateProcessA
GetModuleHandleA
GetModuleFileNameA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetEvent
TerminateThread
DeleteCriticalSection
CreateThread
GetFileSize
ReadFile
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetLocaleInfoA
CreateEventA
CreateFileA
WriteFile
CloseHandle
GetCurrentProcessId
GetLastError
GetTickCount
GetProcAddress
Sleep
WaitForSingleObject
GetSystemInfo
lstrcatA
lstrlenA
WinExec
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale

user32

GetWindowDC
BeginPaint
EndPaint
WindowFromPoint
TranslateAcceleratorA
SetMenu
BringWindowToTop
SetRectEmpty
InsertMenuItemA
LoadAcceleratorsA
ReleaseCapture
ReuseDDElParam
UnpackDDElParam
LoadMenuA
PostQuitMessage
ShowOwnedPopups
ValidateRect
TranslateMessage
GetMessageA
MapDialogRect
SetWindowContextHelpId
GetSysColorBrush
GetMenuItemInfoA
IsRectEmpty
SetRect
DeleteMenu
DestroyIcon
CharNextA
CopyAcceleratorTableA
InvalidateRgn
SetCapture
GetNextDlgGroupItem
GetDCEx
LockWindowUpdate
RegisterClipboardFormatA
SetParent
PostThreadMessageA
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
ClientToScreen
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageA
GetKeyState
SetForegroundWindow
IsWindowVisible
GetMenu
AdjustWindowRectEx
GrayStringA
DeferWindowPos
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetWindow
SetFocus
GetMenuState
GetMenuStringA
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
EndDialog
UnregisterClassA
CharUpperA
GetDesktopWindow
MapWindowPoints
DrawEdge
GetSystemMetrics
GetClipboardData
ExitWindowsEx
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetCursorPos
DestroyMenu
CreatePopupMenu
AppendMenuA
TrackPopupMenu
LoadIconA
GetNextDlgTabItem
GetFocus
RedrawWindow
IsZoomed
IsIconic
FillRect
CopyRect
UpdateWindow
MessageBoxA
DrawTextExA
DrawTextA
PostMessageA
MessageBeep
SetWindowLongA
LoadCursorA
CopyIcon
DestroyCursor
IsWindow
GetSysColor
GetMessagePos
GetParent
KillTimer
SetTimer
ReleaseDC
GetDC
ScreenToClient
GetClientRect
GetWindowRect
InflateRect
TabbedTextOutA
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
PtInRect
SetCursor
SendMessageA
InvalidateRect
wsprintfA
EnableWindow
WinHelpA
EqualRect
ShowWindow
InsertMenuA
IsChild

gdi32

MoveToEx
LineTo
IntersectClipRect
DeleteObject
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ExcludeClipRect
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
CreateCompatibleBitmap
StretchDIBits
GetCharWidthA
GetBkColor
GetTextColor
GetRgnBox
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
GetCurrentObject
Rectangle
Polygon
CreateFontA
CreateSolidBrush
CreatePen
GetTextExtentPoint32A
GetObjectA
CreateFontIndirectA
ScaleWindowExtEx
GetStockObject

comdlg32

GetOpenFileNameA
ChooseFontA
ChooseColorA
GetFileTitleA
GetSaveFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCreateKeyExA
RegSetValueExA
RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegQueryValueA
RegSetValueA
GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegCloseKey
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA

shell32

ExtractIconA
DragAcceptFiles
SHGetFileInfoA
ShellExecuteA
DragQueryFileA
DragFinish

comctl32

ImageList_SetBkColor
ord17
ImageList_Draw
ImageList_GetImageInfo
ImageList_Create
ImageList_ReplaceIcon
ImageList_Destroy

shlwapi

PathStripToRootA
PathFindExtensionA
PathRemoveExtensionA
PathIsUNCA
PathFindFileNameA

oledlg

ord8

ole32

StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CreateILockBytesOnHGlobal
CoTaskMemFree
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemAlloc

oleaut32

SysFreeString
OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringByteLen
SysStringLen

Sections

.text
Size: 328KB - Virtual size: 327KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81a739e6927022b5acc2afa8b7849008

Headers

File Characteristics

Imports

ws2_32

wininet

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 328KB - Virtual size: 327KB

.rdata Size: 88KB - Virtual size: 85KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 40KB - Virtual size: 39KB

.text
Size: 328KB - Virtual size: 327KB

.rdata
Size: 88KB - Virtual size: 85KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 40KB - Virtual size: 39KB