2023-08-27_59c6a969b74f65ab94d70a2a4b90ad2d_icedid_silence_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-27_59c6a969b74f65ab94d70a2a4b90ad2d_icedid_silence_JC.exe
Size

379KB
MD5

59c6a969b74f65ab94d70a2a4b90ad2d
SHA1

ce4e286761767db4470a543a812f6f34f87ca676
SHA256

0db802f606f5928386dc61c6cd12ebf4ca7b1cd80610b1d46ddbf910fa9bfcbb
SHA512

86b5df90f044370b07fb8ba67ff1aa85526fc5e1f920eadea3a06da9bde405a620e0f9f7ad0553b32e1937a8ff0ff1f9d280f6de0b94880343aea2c3943ebf74
SSDEEP

6144:zp/mFIDnRXxOMGdFKQ/T8Nlrlz4q5Tkz+6hpeeBW1KL:dHDVGdEQ/oNX4Rz+snd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-27_59c6a969b74f65ab94d70a2a4b90ad2d_icedid_silence_JC.exe

Files

2023-08-27_59c6a969b74f65ab94d70a2a4b90ad2d_icedid_silence_JC.exe
.exe windows:5 windows x86

5b5f3bcb13907475a125c6eddc0f8e5a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
SetErrorMode
RtlUnwind
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
RaiseException
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
HeapFree
HeapAlloc
HeapReAlloc
ExitProcess
GetModuleHandleExW
AreFileApisANSI
HeapSize
HeapQueryInformation
IsValidCodePage
GetStdHandle
GetCPInfo
GetStartupInfoW
ReadConsoleW
DeleteFileW
GetTimeZoneInformation
SetStdHandle
SetFilePointerEx
WriteConsoleW
CreateFileW
CreateDirectoryW
Sleep
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetStringTypeW
GetProcessHeap
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetDriveTypeW
OutputDebugStringW
LCMapStringW
GetFileAttributesExW
GetCurrentDirectoryW
SetEnvironmentVariableA
GetOEMCP
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
InterlockedIncrement
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
GetCurrentThread
InterlockedExchange
WaitForSingleObject
InterlockedDecrement
GetVersionExA
GetVolumeInformationA
LoadLibraryExA
GetCurrentProcess
DuplicateHandle
CloseHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
DeleteFileA
CreateFileA
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
DecodePointer
EncodePointer
FindResourceA
LoadLibraryW
GetModuleHandleW
GetModuleFileNameW
FreeResource
GetVersion
OutputDebugStringA
GetFileAttributesW
FileTimeToSystemTime
GetProcAddress
GetModuleHandleA
FindNextFileA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
GetModuleFileNameA
GetCurrentProcessId
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
SetLastError
GetLastError
GetACP
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
FindResourceW
SizeofResource
LoadResource
GetFileType
LockResource

user32

KillTimer
SetTimer
WaitMessage
PostQuitMessage
TranslateMessage
GetMessageA
WindowFromPoint
GetCursorPos
CharUpperA
IsDialogMessageA
SetWindowTextA
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
ValidateRect
GetSysColorBrush
GetForegroundWindow
SetMenu
GetMenu
GetCapture
GetKeyState
IsWindowVisible
SetWindowPos
CreateWindowExA
GetClassInfoExA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
GetWindow
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
SetFocus
GetDesktopWindow
SetActiveWindow
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetTabbedTextExtentW
GetLastActivePopup
GetWindowThreadProcessId
GetWindowLongA
MessageBoxA
IsWindowEnabled
RealChildWindowFromPoint
DestroyMenu
UnregisterClassA
SetForegroundWindow
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetParent
SendDlgItemMessageA
LoadCursorA
SetCursor
PeekMessageA
DispatchMessageA
LoadIconW
GetDlgCtrlID
GetWindowRect
PostMessageA
ReleaseDC
GetDC
GetClientRect
InvalidateRect
UpdateWindow
GetSystemMetrics
EnableWindow
SendMessageA
GetClassInfoA

gdi32

GetObjectA
MoveToEx
TextOutA
ExtTextOutA
SetTextColor
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CloseMetaFile
DeleteMetaFile
GetTextAlign
SaveDC
RestoreDC
RectVisible
PtVisible
SetMapMode
SetBkMode
SetBkColor
SetViewportExtEx
CreateFontIndirectA
LineTo
GetStockObject
GetCurrentPositionEx
GetClipBox
Escape
DeleteObject
DeleteDC
CreateBitmap
GetTextMetricsA
CreateFontA
DPtoLP
GetDeviceCaps
DeleteEnhMetaFile
CreateEnhMetaFileA
CloseEnhMetaFile
SelectObject
GetTextExtentPoint32A
CreatePen

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc

shlwapi

PathStripToRootA
PathFindExtensionA
PathFindFileNameA
PathIsUNCA
PathRemoveFileSpecW

ole32

CoInitializeEx
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoCreateGuid
CoInitialize

oleaut32

SysFreeString
SysAllocStringLen
VariantInit
VariantClear
VariantChangeType

wsock32

gethostbyname
socket
sendto
send
select
recvfrom
recv
ntohs
WSAStartup
ioctlsocket
htons
getsockname
connect
closesocket
bind
WSACleanup
WSASetLastError
WSAGetLastError
WSAAsyncSelect
inet_addr
htonl
ntohl
accept

Sections

.text
Size: 266KB - Virtual size: 265KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b5f3bcb13907475a125c6eddc0f8e5a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

wsock32

Sections

.text Size: 266KB - Virtual size: 265KB

.rdata Size: 78KB - Virtual size: 77KB

.data Size: 13KB - Virtual size: 185KB

.rsrc Size: 21KB - Virtual size: 21KB

.text
Size: 266KB - Virtual size: 265KB

.rdata
Size: 78KB - Virtual size: 77KB

.data
Size: 13KB - Virtual size: 185KB

.rsrc
Size: 21KB - Virtual size: 21KB