2023-08-26_41dd4fa78a3c9fa17235a8cfb86c948e_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-26_41dd4fa78a3c9fa17235a8cfb86c948e_icedid_JC.exe
Size

240KB
MD5

41dd4fa78a3c9fa17235a8cfb86c948e
SHA1

0f95cf6d4e8c1a297656a60b812f4c60317081fb
SHA256

eeaa4f7da77976ee65fd432facbabd01ef697eef452ec047dea59c652115964f
SHA512

8e631f49fc794f8bb264a8eb38401673bca1a1ddddb4658a2f75db593eb0f5758128cd3be6476cc0e6c99cd360aa13dd29bd4c0ba9e9d66752a2157ee338e2c3
SSDEEP

3072:Pi6zFNYz6gHOb1YTX6RhKWHOTKJmGZGWQviGmuWsWYd+V/P7jRBYIlvuJFbihD:PzF6EbOT6RYWuGnZGWQj+7jRsJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-26_41dd4fa78a3c9fa17235a8cfb86c948e_icedid_JC.exe

Files

2023-08-26_41dd4fa78a3c9fa17235a8cfb86c948e_icedid_JC.exe
.exe windows x86

8b0f62007392f540b0623ef1746337eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
HeapReAlloc
TerminateProcess
ExitThread
CreateThread
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetTimeZoneInformation
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
VirtualAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
VirtualProtect
HeapFree
HeapAlloc
ExitProcess
RtlUnwind
WritePrivateProfileStringA
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
FileTimeToSystemTime
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
DeleteCriticalSection
InitializeCriticalSection
RaiseException
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
InterlockedDecrement
lstrcmpA
GetModuleFileNameA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
DuplicateHandle
CloseHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
SetLastError
MulDiv
GlobalAlloc
FormatMessageA
LocalFree
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetExitCodeThread
GetCurrentProcess
Sleep
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetLastError
MultiByteToWideChar
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetCurrentDirectoryA
GetVersion
GetEnvironmentStrings
SetCurrentDirectoryA

user32

DestroyMenu
LoadCursorA
GetSysColorBrush
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
SetCursor
PostQuitMessage
EndPaint
BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
wsprintfA
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
ShowWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
CheckRadioButton
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
EnableWindow
SendMessageA
DrawIcon
IsIconic
GetClientRect
LoadIconA
GetSystemMetrics
SetTimer
KillTimer
CharUpperA
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
PostMessageA
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
SetWindowsHookExA
ExitWindowsEx
MessageBoxA
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
GetWindowLongA
IsWindow
DestroyWindow
CreateDialogIndirectParamA
SetActiveWindow
GetActiveWindow
GetDesktopWindow
GetWindow
PtInRect
CopyRect
GetWindowRect
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
GetWindowPlacement

gdi32

GetStockObject
DeleteDC
PtVisible
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetDeviceCaps
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
RectVisible

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
AdjustTokenPrivileges
RegSetValueExA
RegCreateKeyExA

shell32

ShellExecuteA

comctl32

ord17
ImageList_Destroy

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pmj
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8b0f62007392f540b0623ef1746337eb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 44KB - Virtual size: 40KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 24KB - Virtual size: 21KB

.pmj Size: - Virtual size: 1B

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 24KB - Virtual size: 21KB

.pmj
Size: - Virtual size: 1B