2023-08-26_2f8c1c2fb9fc0baa869d62b47cb2e822_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-26_2f8c1c2fb9fc0baa869d62b47cb2e822_icedid_JC.exe
Size

717KB
MD5

2f8c1c2fb9fc0baa869d62b47cb2e822
SHA1

69a96e3a48dc90683dc2151683a0bb01e2d8e90e
SHA256

8c7b17b0c9b805287655deeed9419ebc432532b59aed23ba59ea709c08b9d140
SHA512

7f359548ac5e2063a79bcd2d82e273d3c40508ff408938f9e6399a340bf31783b4331a9a8669900058535ac9c8623c1e691e5edd8d9536ced487521fef565538
SSDEEP

12288:MNR+KXwoHjdCLsLzuOnpozPPs5DSgxQ8rteO/lxe6k:MNRLzHwwuqpQE5DSd8temne6k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-26_2f8c1c2fb9fc0baa869d62b47cb2e822_icedid_JC.exe

Files

2023-08-26_2f8c1c2fb9fc0baa869d62b47cb2e822_icedid_JC.exe
.exe windows x86

95c515dc5b477ea093170212e7303ddc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

FlushFileBuffers
SetEndOfFile
GetCurrentProcess
SetErrorMode
GetCPInfo
GetOEMCP
RtlUnwind
GetCommandLineA
GetStartupInfoA
RaiseException
ExitProcess
VirtualAlloc
TerminateProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
VirtualFree
QueryPerformanceCounter
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalFree
LocalAlloc
GlobalFlags
GlobalFree
GlobalUnlock
InterlockedDecrement
WritePrivateProfileStringA
GetCurrentProcessId
SetLastError
GlobalAddAtomA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
CompareStringA
InterlockedExchange
GlobalLock
GlobalAlloc
GetModuleHandleA
GetWindowsDirectoryW
GetVolumeInformationW
GetTickCount
ExpandEnvironmentStringsA
ExitThread
Sleep
CreateThread
GetModuleHandleW
GetModuleFileNameW
WideCharToMultiByte
HeapReAlloc
HeapSize
FindResourceA
LoadResource
SizeofResource
LockResource
FreeResource
CreateFileMappingA
MapViewOfFile
GetTempPathA
GetTempFileNameA
CopyFileA
UnmapViewOfFile
WriteFile
SetFilePointer
ReadFile
lstrcpyA
lstrcmpA
lstrlenA
GetLastError
GetProcessHeap
HeapAlloc
HeapFree
GetModuleFileNameA
GetWindowsDirectoryA
SetFileAttributesA
DeleteFileA
MoveFileA
GetEnvironmentVariableA
CreateDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
GetFileAttributesA
GetVersionExA
CreateFileA
GetFileSize
MultiByteToWideChar
CreateProcessA
CloseHandle
GetSystemTimeAsFileTime
UnhandledExceptionFilter

user32

GetClassLongA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetCapture
GetMenuItemID
GetSubMenu
GetWindow
GetDlgCtrlID
GetClassNameA
ClientToScreen
GrayStringA
TabbedTextOutA
UnhookWindowsHookEx
GetMenuItemCount
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetParent
SendMessageA
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
PostMessageA
PostQuitMessage
KillTimer
SetTimer
LoadIconW
DestroyIcon
IsWindow
wsprintfA
UnregisterClassW
DefWindowProcW
LoadCursorW
RegisterClassW
PtInRect
TrackMouseEvent
PostMessageW
ReleaseCapture
SetCapture
InvalidateRect
SetWindowLongW
GetDC
ReleaseDC
UnregisterClassA
DestroyMenu
GetSysColorBrush
DestroyWindow
CreateWindowExW
RegisterWindowMessageA
LoadIconA
WinHelpA
LoadCursorA
GetWindowLongW
AdjustWindowRect
ScreenToClient
GetDlgItemTextA
GetWindowTextA
DrawTextA
IsDlgButtonChecked
GetWindowRect
MonitorFromWindow
GetMonitorInfoW
SetWindowPos
EnableWindow
GetActiveWindow
SendMessageW
SetFocus
EndDialog
MessageBoxA
GetClientRect
BeginPaint
GetSysColor
FillRect
GetWindowTextW
DrawTextW
EndPaint
MapDialogRect
CheckDlgButton
SetDlgItemTextA
SetWindowTextA
GetDlgItem
ShowWindow
DialogBoxParamW
LoadImageW
DrawTextExA

gdi32

GetDeviceCaps
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateSolidBrush
CreateFontW
SelectObject
SetBkMode
SetTextColor
DeleteObject
GetClipBox
SetMapMode
SetBkColor
RestoreDC
SaveDC
CreateBitmap
CreateCompatibleDC
DeleteDC
GetObjectW
GetStockObject
GetTextExtentPoint32W

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegDeleteValueA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetMalloc
ShellExecuteA

comctl32

ord17

shlwapi

UrlEscapeA
PathFindExtensionA
PathFindFileNameA
StrTrimA

ole32

CoUninitialize
CoInitializeEx
CoInitialize

oleaut32

VariantClear
VariantChangeType
VariantInit

wininet

InternetOpenUrlA
InternetCheckConnectionW
InternetOpenA
InternetCheckConnectionA
InternetCloseHandle
InternetReadFile
InternetAttemptConnect

Exports

Exports

GetLibActivationManager

Sections

.text
Size: 227KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 433KB - Virtual size: 433KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95c515dc5b477ea093170212e7303ddc

Headers

DLL Characteristics

File Characteristics

Imports

msimg32

version

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

wininet

Exports

Exports

Sections

.text Size: 227KB - Virtual size: 227KB

.rdata Size: 46KB - Virtual size: 46KB

.data Size: 9KB - Virtual size: 27KB

.rsrc Size: 433KB - Virtual size: 433KB

.text
Size: 227KB - Virtual size: 227KB

.rdata
Size: 46KB - Virtual size: 46KB

.data
Size: 9KB - Virtual size: 27KB

.rsrc
Size: 433KB - Virtual size: 433KB