2023-08-27_493867125d7687df43a855b530b2f598_icedid_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

2023-08-27_493867125d7687df43a855b530b2f598_icedid_JC.exe
Size

408KB
MD5

493867125d7687df43a855b530b2f598
SHA1

61e26f3a782cc4503274e39b9a4d2a2d9005b952
SHA256

939e2a7fbbdbc79a4750faeb1b783959856b01cbeff3e66d29f050a57f97b715
SHA512

10058a52b0134a7e4820d908a40d7f6876403c30d6ef5b9a2780077228dee0fa92f839dac9c5b304c6b8545aaa2650febd954ef96010bd010713d30b5448f335
SSDEEP

6144:EXPEdRyLFPtnAHekxRfLVeNYs5n3TnVjI1xqiAfo6fB8uFimZe/v6K:EfeRybn0x+Nf3pcu7O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-27_493867125d7687df43a855b530b2f598_icedid_JC.exe

Files

2023-08-27_493867125d7687df43a855b530b2f598_icedid_JC.exe
.exe windows:4 windows x86

295db8776447a7f8489babe16c74172d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
HeapReAlloc
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
ExitProcess
GetCommandLineA
InterlockedExchange
GetStartupInfoA
GetDateFormatA
GetTimeFormatA
GetSystemTimeAsFileTime
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
SetErrorMode
GetCurrentDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SystemTimeToFileTime
FileTimeToSystemTime
GetShortPathNameA
CreateFileA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
RaiseException
LocalAlloc
LocalLock
LocalUnlock
CloseHandle
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
InterlockedDecrement
InterlockedIncrement
GetProfileIntA
GetTickCount
FreeResource
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
GetModuleHandleA
GetProcAddress
GlobalGetAtomNameA
GlobalAddAtomA
SetLastError
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
GetCurrentThreadId
MulDiv
GetModuleFileNameA
FindResourceA
LoadResource
LockResource
SizeofResource
lstrcmpA
GetStringTypeExA
CompareStringW
CompareStringA
lstrlenA
lstrlenW
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
FreeEnvironmentStringsW

user32

EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetTabbedTextExtentA
MessageBeep
GetMessageA
TranslateMessage
ValidateRect
ShowOwnedPopups
RegisterClipboardFormatA
PostQuitMessage
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
WindowFromDC
InSendMessage
IsZoomed
WindowFromPoint
ClientToScreen
SetParent
GetSystemMenu
DeleteMenu
IsRectEmpty
GetDC
ReleaseDC
ClipCursor
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
DestroyIcon
MapWindowPoints
MessageBoxA
TrackPopupMenu
SetScrollRange
SetForegroundWindow
GetClientRect
AdjustWindowRectEx
DeferWindowPos
RegisterClassA
UnregisterClassA
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
RegisterWindowMessageA
wsprintfA
LoadMenuA
GetClassNameA
SetWindowPos
WinHelpA
SetFocus
CharUpperA
GetSystemMetrics
GetWindowRect
SendMessageA
EnableWindow
GetFocus
IsClipboardFormatAvailable
IsWindow
GetSysColor
PtInRect
InflateRect
GetActiveWindow
EqualRect
GetDlgItem
SetWindowLongA
GetKeyState
GetDlgCtrlID
GetMenu
UnpackDDElParam
ReuseDDElParam
LoadIconA
GetClassInfoA
SetCursor
GetCapture
ReleaseCapture
LoadAcceleratorsA
LockWindowUpdate
GetDCEx
GetMenuItemInfoA
GetSysColorBrush
SetActiveWindow
IsWindowVisible
UpdateWindow
IsIconic
InsertMenuItemA
CreatePopupMenu
GetLastActivePopup
BringWindowToTop
PostMessageA
SetMenu
ShowWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
LoadCursorA
SetCapture
GetMessagePos
OffsetRect
IntersectRect
ScreenToClient
GetUpdateRect
InvalidateRect
SetTimer
KillTimer
GetWindowLongA
GetCursorPos
DestroyMenu
PeekMessageA
CopyAcceleratorTableA
CreateMenu
SetRectEmpty
CopyRect
GetParent
PostThreadMessageA
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuA
GetMenuItemID
AppendMenuA
GetMenuStringA
GetMenuState
TranslateAcceleratorA
SetRect

gdi32

GetCurrentPositionEx
CreatePatternBrush
ScaleWindowExtEx
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
UnrealizeObject
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetTextAlign
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
StartDocA
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
MoveToEx
CreateMetaFileA
DeleteObject
IntersectClipRect
ExcludeClipRect
SetMapMode
SetROP2
SetBkMode
RestoreDC
SaveDC
DPtoLP
GetTextExtentPoint32A
GetTextMetricsA
CreateFontA
GetCharWidthA
StretchDIBits
DeleteDC
SetBrushOrgEx
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CreateDCA
CopyMetaFileA
SelectObject
BitBlt
PatBlt
GetBkColor
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
CreateSolidBrush
GetStockObject
Rectangle
Polyline
CreatePen
CreateFontIndirectA
GetDeviceCaps
LineTo

comdlg32

PrintDlgA
FindTextA
ReplaceTextA
CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

GetJobA
OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA
RegOpenKeyExA
RegCreateKeyA
RegCloseKey

shell32

DragQueryFileA
ExtractIconA
SHGetFileInfoA
DragFinish

comctl32

ImageList_AddMasked
ImageList_Draw
ImageList_SetBkColor
ImageList_GetImageInfo
ord17
ImageList_Destroy
ImageList_Create

shlwapi

PathFindFileNameA
PathFindExtensionA
PathStripToRootA
PathIsUNCA

oledlg

ord8

ole32

CreateOleAdviseHolder
CreateDataAdviseHolder
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
WriteClassStm
OleSaveToStream
CreateStreamOnHGlobal
CreateGenericComposite
OleLockRunning
OleInitialize
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
OleRun
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleDuplicateData
ReleaseStgMedium
CoTaskMemAlloc
CreateBindCtx
StringFromCLSID
OleRegGetUserType
WriteClassStg
CoTaskMemFree
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CLSIDFromProgID
CoFreeUnusedLibraries
OleUninitialize
CoRevokeClassObject
CoRegisterClassObject
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
GetRunningObjectTable
CreateFileMoniker
CreateItemMoniker
OleIsRunning
CoDisconnectObject
OleRegGetMiscStatus
OleRegEnumVerbs

oleaut32

GetActiveObject
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
SysStringByteLen
SysAllocString

Sections

.text
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

295db8776447a7f8489babe16c74172d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 260KB - Virtual size: 259KB

.rdata Size: 80KB - Virtual size: 76KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 52KB - Virtual size: 48KB

.text
Size: 260KB - Virtual size: 259KB

.rdata
Size: 80KB - Virtual size: 76KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 52KB - Virtual size: 48KB