2023-08-27_3a05eb8c76b7261241715f6795fe7906_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-27_3a05eb8c76b7261241715f6795fe7906_icedid_JC.exe
Size

332KB
MD5

3a05eb8c76b7261241715f6795fe7906
SHA1

d2908b829c188d9676cad516a77c721020f38f39
SHA256

2c8b73ced7a8c5aa50b652fcd2af0e262e4dce7fb3383a01ac24c3ce33f960b4
SHA512

a9a23ff31fd712f12ff963883d7abe40df0d3635dc6198e4570a59244c7b23b9644d174297572540acf67135efb46aa58fbc95ae0942b1ebcd2c3d76f0a05e4e
SSDEEP

6144:GM+JeRgXN32nD11arNLgzVbYL4z6/ut865uc27:noeRgXN32D11arwuO5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-27_3a05eb8c76b7261241715f6795fe7906_icedid_JC.exe

Files

2023-08-27_3a05eb8c76b7261241715f6795fe7906_icedid_JC.exe
.exe windows:4 windows x86

ca51d8cc9014f62cdf0c950413cfb292

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutPause
waveOutRestart
waveOutGetPosition
waveOutClose
waveOutUnprepareHeader
waveOutReset
waveOutGetErrorTextA
waveOutWrite
waveOutSetVolume
waveOutPrepareHeader
waveOutGetVolume
waveOutGetDevCapsA
waveOutOpen

kernel32

SetErrorMode
RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapAlloc
HeapFree
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
ExitThread
CreateThread
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CreateFileA
GetCurrentProcess
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
WritePrivateProfileStringA
RaiseException
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedDecrement
SuspendThread
ResumeThread
SetThreadPriority
GetCurrentThread
lstrcmpA
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
LockResource
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
GetProcAddress
ResetEvent
SetPriorityClass
CreateEventA
DeleteFileA
GetTempPathA
FindResourceA
LoadResource
SizeofResource
CloseHandle
WaitForSingleObject
SetEvent
GetLastError
lstrlenA
lstrcmpiA
WideCharToMultiByte
MultiByteToWideChar
GetVersion
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
HeapReAlloc

user32

DestroyMenu
EndPaint
BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
wsprintfA
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMessageA
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
SetCursor
PostQuitMessage
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
IsWindowEnabled
ShowWindow
SetWindowTextA
IsDialogMessageA
ReleaseDC
GetDC
GetMenuState
RegisterWindowMessageA
WinHelpA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
IsWindow
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
MessageBoxA
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
GetWindow
IsIconic
DrawIcon
GetSystemMetrics
LoadIconA
ReleaseCapture
LoadCursorA
GetCapture
GetSysColorBrush
SendMessageA
GetParent
SetCapture
GetClientRect
PostMessageA
EnableWindow
SetFocus

gdi32

DeleteDC
GetStockObject
ScaleWindowExtEx
DeleteObject
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
RestoreDC
SaveDC
CreateBitmap
GetDeviceCaps
GetObjectA
SetBkColor
SetTextColor
GetClipBox
SetMapMode
PtVisible

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

comctl32

ord17

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantInit
VariantChangeType

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca51d8cc9014f62cdf0c950413cfb292

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

shlwapi

oleaut32

Sections

.text Size: 180KB - Virtual size: 179KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 24KB - Virtual size: 39KB

.rsrc Size: 96KB - Virtual size: 92KB

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 24KB - Virtual size: 39KB

.rsrc
Size: 96KB - Virtual size: 92KB