2023-08-23_504de0fd23e209147db477a327516379_icedid_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

2023-08-23_504de0fd23e209147db477a327516379_icedid_JC.exe
Size

934KB
MD5

504de0fd23e209147db477a327516379
SHA1

eca4e305fb28b68ab30dc2f3d207edada35125e3
SHA256

d17d19166f5cebb8eee6774f7c1988a007b7dfb17eeb12658c3a9c09176bc343
SHA512

eab3479ee3acdf5229977f0fe66ddba32f04cebd0e51f8ab0a4493a1d51d3150d7cba57061eb66d37cccf97e92628487ba4f84ea4e63494697d56e63f52cc9c9
SSDEEP

12288:QvQWyM812m6SDPveDSU2xFE8h05PCfOX1pDy5W2pE4W2pE5OotUJ5CQU:FWARPESU+FJiPCCpcWozWoCOoOJM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-23_504de0fd23e209147db477a327516379_icedid_JC.exe

Files

2023-08-23_504de0fd23e209147db477a327516379_icedid_JC.exe
.exe windows x86

d0a19ec442714fc7a09285830c6de1fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetProcessImageFileNameA

kernel32

VirtualQuery
HeapAlloc
HeapFree
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
TerminateProcess
ExitThread
CreateThread
HeapSize
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
GetSystemInfo
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
VirtualAlloc
VirtualProtect
RtlUnwind
GetTickCount
GetFileTime
GetFileAttributesA
SetErrorMode
CreateFileA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
GlobalFlags
CreateEventA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
FormatMessageA
MulDiv
SetLastError
InterlockedDecrement
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
FreeResource
ReadProcessMemory
VirtualFreeEx
GetCurrentProcessId
VirtualAllocEx
FreeLibrary
lstrcpynA
WaitForSingleObject
GetModuleHandleA
GetProcAddress
LoadLibraryA
OpenProcess
CloseHandle
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
RaiseException
DeleteCriticalSection
InitializeCriticalSection
GetLastError
EnterCriticalSection
LeaveCriticalSection
lstrlenA
lstrcmpiA
lstrlenW
CompareStringA
CompareStringW
GetVersion
WritePrivateProfileStringA
GetPrivateProfileStringA
GetModuleFileNameA
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
LocalAlloc
LocalFree
Sleep
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
MultiByteToWideChar
FreeEnvironmentStringsA

user32

RegisterClipboardFormatA
PostThreadMessageA
SetWindowContextHelpId
MapDialogRect
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
DestroyMenu
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
wsprintfA
SetMenuItemBitmaps
GetMenuState
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthA
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
PeekMessageA
MapWindowPoints
MessageBoxA
TrackPopupMenu
GetKeyState
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
IntersectRect
GetWindowPlacement
CopyRect
GetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowInfo
SetWindowLongA
EnumWindows
IsZoomed
SetWindowPos
SystemParametersInfoA
GetWindowThreadProcessId
AppendMenuA
CreatePopupMenu
GetMenu
ChildWindowFromPoint
FindWindowA
GetWindowLongA
ShowWindow
WindowFromPoint
GetWindowTextA
AnimateWindow
GetClassNameA
RedrawWindow
UpdateWindow
SendMessageTimeoutA
GetClassLongA
UnregisterClassA
FindWindowExA
IsWindowEnabled
UpdateLayeredWindow
CharUpperA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
SetRect
IsRectEmpty
CharNextA
GetClientRect
OffsetRect
GetParent
PostMessageA
PtInRect
KillTimer
GetForegroundWindow
SetForegroundWindow
LoadMenuA
RemoveMenu
ModifyMenuA
GetSubMenu
ReleaseCapture
SetCapture
GetMessageTime
GetSysColorBrush
EnableMenuItem
GetCursorPos
LoadCursorA
GetAsyncKeyState
SetCursor
DrawIconEx
IsWindow
SetWindowRgn
SetActiveWindow
GetDesktopWindow
GetWindow
IsWindowVisible
IsIconic
SetTimer
GetSystemMetrics
ReleaseDC
GetDC
GetWindowRect
LoadImageA
DrawIcon
DestroyIcon
InvalidateRect
LoadIconA
SendMessageA
EnableWindow
GetMessagePos

gdi32

GetDeviceCaps
CreatePen
CreateSolidBrush
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
GetViewportExtEx
GetStockObject
ExtSelectClipRgn
GetWindowExtEx
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CombineRgn
DeleteObject
SetMapMode
SetStretchBltMode
RestoreDC
SaveDC
GetClipBox
SetBkColor
SetTextColor
CreateBitmap
BitBlt
CreateRectRgn
CreateRoundRectRgn
GetObjectA
DeleteDC
SelectObject
CreateDIBSection
RoundRect
Rectangle
StretchBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreatePolygonRgn

comdlg32

GetFileTitleA
ChooseColorA
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegCloseKey

shell32

ExtractAssociatedIconA
ShellExecuteA
Shell_NotifyIconA
DragQueryFileA

comctl32

ord17
ImageList_Destroy

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

OleInitialize
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoFreeUnusedLibraries
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject

oleaut32

OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
SysFreeString
VariantCopy
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear

gdiplus

GdipDrawRectangleI
GdipSetTextRenderingHint
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipSetLineLinearBlend
GdipCreateSolidFill
GdipFillPath
GdipAddPathArc
GdipAddPathLine
GdipDrawString
GdipDeletePath
GdipCreatePath
GdipFillPolygon
GdipDrawLineI
GdipDeletePen
GdipCreatePen1
GdipCreateBitmapFromScan0
GdipCloneImage
GdipDisposeImage
GdipCreateBitmapFromFileICM
GdipCreateFont
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily
GdipDeleteFont
GdiplusShutdown
GdipCreateBitmapFromHICON
GdipSetSmoothingMode
GdipGraphicsClear
GdipFillEllipseI
GdipCreateBitmapFromHBITMAP
GdipDrawImagePointsI
GdiplusStartup
GdipClosePathFigure
GdipCreateLineBrushFromRectWithAngle
GdipDeleteBrush
GdipCloneBrush
GdipFree
GdipAlloc
GdipSetLineSigmaBlend
GdipCreateFromHDC
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipGetDC
GdipReleaseDC
GdipFillRectangle
GdipDrawImageRectI
GdipCreateBitmapFromFile

Sections

.text
Size: 317KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 529KB - Virtual size: 529KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d0a19ec442714fc7a09285830c6de1fa

Headers

File Characteristics

Imports

psapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

Sections

.text Size: 317KB - Virtual size: 316KB

.rdata Size: 78KB - Virtual size: 78KB

.data Size: 9KB - Virtual size: 23KB

.rsrc Size: 529KB - Virtual size: 529KB

.text
Size: 317KB - Virtual size: 316KB

.rdata
Size: 78KB - Virtual size: 78KB

.data
Size: 9KB - Virtual size: 23KB

.rsrc
Size: 529KB - Virtual size: 529KB