2023-08-26_fcec6fb62e7f7dcbd28876e7b3654ec7_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-26_fcec6fb62e7f7dcbd28876e7b3654ec7_icedid_JC.exe
Size

3.7MB
MD5

fcec6fb62e7f7dcbd28876e7b3654ec7
SHA1

5e4fa2e0431afa283e6f8d4421d5436aa05aece1
SHA256

b70987be27fabc0eca710e0920003aaa6e0d5168410ae08bd48f9e609c443e26
SHA512

c98bd7572b9fdf5ca1e2ef19fe901dcb0d75cb094e65f7a74d7af79e363db93d50329930afd46ffe62e619b6e5e874f2b83e3d8a96b7e2dedc720c7f71380db5
SSDEEP

49152:lUm4wE1UJvI9s3uDR98N4rzxVMrGBQn6orOiGk9C:lUmYeMR98Kr/MrKQn/7G+C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-26_fcec6fb62e7f7dcbd28876e7b3654ec7_icedid_JC.exe

Files

2023-08-26_fcec6fb62e7f7dcbd28876e7b3654ec7_icedid_JC.exe
.exe windows:4 windows x86

c5765c456a04d3502c04245546fc207b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mciGetErrorStringA
timeGetTime
timeBeginPeriod
timeEndPeriod
timeSetEvent
timeKillEvent
mciSendCommandA
mciSendStringA

kernel32

FindFirstFileA
GetCurrentProcess
SetFileAttributesA
FindClose
DuplicateHandle
DeleteFileA
GetDriveTypeA
VirtualProtect
GetModuleFileNameA
OutputDebugStringA
GetTickCount
GetCurrentDirectoryA
ResetEvent
MoveFileA
WaitForMultipleObjects
SetCurrentDirectoryA
CreateDirectoryA
ReleaseSemaphore
PulseEvent
GetSystemTime
Sleep
SetEvent
InterlockedExchange
GetLastError
CopyFileA
CreateSemaphoreA
IsBadReadPtr
DeleteCriticalSection
EnterCriticalSection
VirtualFree
HeapCreate
HeapDestroy
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
SetEnvironmentVariableA
CompareStringW
LeaveCriticalSection
ResumeThread
GetStringTypeW
GetACP
GetStringTypeA
GetCPInfo
SetUnhandledExceptionFilter
CompareStringA
GetLocaleInfoW
CreateProcessA
GetExitCodeProcess
IsBadCodePtr
SetEndOfFile
SetStdHandle
FlushFileBuffers
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
SetErrorMode
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileA
FreeLibrary
LoadLibraryA
WriteFile
GetTempFileNameA
GetTempPathA
GetModuleHandleA
GetVersionExA
GetProcAddress
QueryPerformanceCounter
QueryPerformanceFrequency
WaitForSingleObject
CreateEventA
VirtualAlloc
CreateMutexA
InitializeCriticalSection
LCMapStringW
GetFileAttributesA
LCMapStringA
SetThreadPriority
GetCurrentThread
LocalFree
FormatMessageA
SetLastError
ReadFile
SetFilePointer
VirtualQuery
GetSystemInfo
lstrcpyA
lstrlenA
GetFileTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
GlobalMemoryStatus
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
ExitProcess
TerminateProcess
GetTimeZoneInformation
GetLocalTime
WideCharToMultiByte
GetOEMCP
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
FindNextFileA
FileTimeToSystemTime
HeapAlloc
HeapFree
GetStartupInfoA
GetCommandLineA
GetVersion
CreateThread
GetCurrentThreadId
TlsSetValue
ExitThread
TlsAlloc
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
HeapReAlloc
HeapSize

user32

SetCursor
GetMessagePos
GetDC
LoadCursorA
ClientToScreen
ClipCursor
GetCursorPos
MoveWindow
GetClientRect
wsprintfA
SendMessageTimeoutA
ReleaseDC
MsgWaitForMultipleObjects
PostThreadMessageA
DispatchMessageA
TranslateMessage
DrawTextA
PostMessageA
SendMessageA
ShowCursor
IntersectRect
IsRectEmpty
PtInRect
GetSystemMetrics
LoadIconA
wvsprintfA
RegisterClassExA
GetWindowLongA
PostQuitMessage
MessageBoxA
DefWindowProcA
EndPaint
BeginPaint
SetRect
PeekMessageA
SetWindowLongA
GetMessageA
CreateWindowExA
ShowWindow
DestroyWindow
RegisterClassA

gdi32

LineTo
SelectObject
GetTextMetricsA
GetTextExtentPoint32A
GetStockObject
CreateFontIndirectA
GetDeviceCaps
CreateRectRgn
SelectClipRgn
CreatePen
SetBkMode
SetTextColor
DeleteObject
CreateDIBSection
DeleteDC
TextOutA
CreateCompatibleDC
MoveToEx
GetTextExtentExPointA
SetBkColor
CreateFontA
GdiFlush
GetCurrentObject

ole32

CoCreateGuid
CoInitialize
CoUninitialize
CoCreateInstance

advapi32

RegQueryInfoKeyA
RegSetValueExA
RegCloseKey
GetUserNameA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegEnumKeyExA
RegEnumValueA
RegQueryValueExA

shell32

ShellExecuteExA

rpcrt4

UuidToStringA
RpcStringFreeA

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 244KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5765c456a04d3502c04245546fc207b

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

ole32

advapi32

shell32

rpcrt4

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 244KB - Virtual size: 242KB

.data Size: 1.1MB - Virtual size: 1.3MB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 244KB - Virtual size: 242KB

.data
Size: 1.1MB - Virtual size: 1.3MB

.rsrc
Size: 8KB - Virtual size: 6KB