2023-08-23_46df179b6a178796b74fffb06a975064_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-23_46df179b6a178796b74fffb06a975064_icedid_JC.exe
Size

348KB
MD5

46df179b6a178796b74fffb06a975064
SHA1

6976288f8bb7399be07aa12b18ab5a91aca9fb0f
SHA256

955f22940a03f4d848168a718984d5e409ce589c3cae3fcf9a23f00a82d8e40b
SHA512

e430df523f1ecf4ae9ca830082ee6232a3db0355297d6466e31ccbf47e0c13334c1e9c943529c1f41d4c92b09ff7df7e8cdb4fb175f6da7a1c11902cf130ae22
SSDEEP

6144:fTCrUcIgqfDiaE/dxlLfby4/NVQ2po5SDjd1v/Q:fTCrUcIgUDbEFxhPFdpND

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-23_46df179b6a178796b74fffb06a975064_icedid_JC.exe

Files

2023-08-23_46df179b6a178796b74fffb06a975064_icedid_JC.exe
.exe windows x86

1f4d8833f0f81d0bc79d2f9936ea50b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
RtlUnwind
ExitProcess
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
HeapReAlloc
ExitThread
CreateThread
HeapSize
SetStdHandle
GetFileType
QueryPerformanceCounter
HeapDestroy
HeapCreate
GetFileTime
IsBadWritePtr
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
LocalAlloc
SetThreadPriority
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
InterlockedDecrement
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetModuleHandleA
FreeResource
SetLastError
MulDiv
FormatMessageA
lstrcpynA
LocalFree
CreateEventA
ResetEvent
WaitForSingleObject
SetUnhandledExceptionFilter
MoveFileExA
RemoveDirectoryA
DeleteFileA
SetEvent
SuspendThread
ResumeThread
GetCurrentProcessId
OpenProcess
TerminateProcess
CreateMutexA
SetFileTime
GetCurrentDirectoryA
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFilePointer
CompareStringW
CompareStringA
lstrcmpiA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
RaiseException
CreateDirectoryA
CopyFileA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetModuleFileNameA
GlobalLock
WriteFile
GlobalUnlock
GlobalAlloc
GlobalReAlloc
GlobalFree
GetFileAttributesA
GetTickCount
LoadLibraryA
GetLastError
GetProcAddress
FreeLibrary
CreateToolhelp32Snapshot
Process32First
Process32Next
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
lstrcatA
lstrlenA
WinExec
lstrcpyA
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
CreateFileA
GetFileSize
ReadFile
VirtualFree
CloseHandle

user32

RegisterClipboardFormatA
MessageBeep
GetNextDlgGroupItem
CharNextA
ReleaseCapture
SetCapture
InvalidateRgn
CopyAcceleratorTableA
SetRect
IsRectEmpty
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
MapDialogRect
GetMessageA
ValidateRect
PostQuitMessage
GetCursorPos
WindowFromPoint
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
WaitMessage
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthA
GetForegroundWindow
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
AdjustWindowRectEx
ScreenToClient
EqualRect
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CopyRect
PtInRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
RegisterWindowMessageA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PostThreadMessageA
GetSystemMetrics
LoadIconA
KillTimer
SetTimer
IsIconic
GetSystemMenu
AppendMenuA
DrawIcon
wsprintfA
GetSysColor
IsWindow
GetWindowTextA
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RedrawWindow
UnregisterClassA
CharUpperA
PeekMessageA
TranslateMessage
DispatchMessageA
SetWindowLongA
GetParent
InvalidateRect
ReleaseDC
GetDC
GetClientRect
GetWindowRect
SendMessageA
InflateRect
SetCursor
LoadCursorA
PostMessageA
EnableWindow
MessageBoxA

gdi32

CreateRectRgnIndirect
GetMapMode
GetRgnBox
GetBkColor
GetTextColor
SetMapMode
DeleteObject
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
GetWindowExtEx
GetViewportExtEx
CreateFontIndirectA
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
BitBlt
CreateCompatibleDC
CreateRectRgn
GetDeviceCaps
DeleteDC
CreateCompatibleBitmap
GetTextExtentPoint32A
GetStockObject
GetObjectA
SelectClipRgn

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA
SHGetSpecialFolderPathA

comctl32

ord17

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA
PathFileExistsA
UrlUnescapeA

oledlg

ord8

ole32

CoRevokeClassObject
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleInitialize

oleaut32

OleCreateFontIndirect
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
VariantChangeType
VariantCopy
VariantClear
VariantInit
SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocStringLen

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA

ws2_32

getprotobyname
closesocket
setsockopt
recv
connect
htons
gethostbyname
send
WSACleanup
WSAStartup
socket
recvfrom
sendto
WSASetLastError
WSAGetLastError
select
accept
WSAAsyncSelect

Sections

.text
Size: 216KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f4d8833f0f81d0bc79d2f9936ea50b7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

ws2_32

Sections

.text Size: 216KB - Virtual size: 214KB

.rdata Size: 60KB - Virtual size: 58KB

.data Size: 12KB - Virtual size: 22KB

.rsrc Size: 56KB - Virtual size: 55KB

.text
Size: 216KB - Virtual size: 214KB

.rdata
Size: 60KB - Virtual size: 58KB

.data
Size: 12KB - Virtual size: 22KB

.rsrc
Size: 56KB - Virtual size: 55KB