Static task
static1
Behavioral task
behavioral1
Sample
2023-08-26_e4a629f35fe2c8341d73ab6f6f3ed013_icedid_JC.exe
Resource
win7-20230831-en
windows7-x64
Behavioral task
behavioral2
Sample
2023-08-26_e4a629f35fe2c8341d73ab6f6f3ed013_icedid_JC.exe
Resource
win10v2004-20230915-en
windows10-2004-x64
General
-
Target
2023-08-26_e4a629f35fe2c8341d73ab6f6f3ed013_icedid_JC.exe
-
Size
2.1MB
-
MD5
e4a629f35fe2c8341d73ab6f6f3ed013
-
SHA1
5706f6d8e727324b226a0c4efa852a5417ecd51f
-
SHA256
1f177e63f69c8b1e124650ff4731fba3f76d2a94643c58ce266272e9e0df3744
-
SHA512
916cbb4c9df3f2cefa4599bef6ad420058cca0a7cf736e8362d50629f75018343bac3f8d8e1f6aa5aa9e26ac43ad37376bee9feefb2d5bcfb90060849cc0ca42
-
SSDEEP
24576:AaFM5VdLgGm/TFybkHqfchZgMKt63jrCdn8Tebrn3lOiesfXxDRNhOS3O:pS3w9663bTk73IXsfXjNh
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2023-08-26_e4a629f35fe2c8341d73ab6f6f3ed013_icedid_JC.exe
Files
-
2023-08-26_e4a629f35fe2c8341d73ab6f6f3ed013_icedid_JC.exe.exe windows:4 windows x86
19c093db405bac9f10b06ae236b35507
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
dsetup
ord11
kernel32
TlsSetValue
SetEnvironmentVariableA
GetLocaleInfoW
GetTimeZoneInformation
GetUserDefaultLCID
ReleaseMutex
GetLastError
CreateMutexA
GetModuleFileNameW
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
OutputDebugStringW
lstrcpyW
OpenEventA
EnumSystemLocalesA
IsValidCodePage
IsValidLocale
GetDateFormatA
GetTimeFormatA
IsBadCodePtr
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
VirtualFree
HeapCreate
HeapDestroy
HeapReAlloc
SetStdHandle
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
SetUnhandledExceptionFilter
GetProcessHeap
HeapAlloc
HeapFree
SetConsoleCtrlHandler
FatalAppExitA
ExitThread
CreateThread
GetCommandLineA
GetStartupInfoA
HeapValidate
VirtualQuery
GetSystemInfo
VirtualAlloc
ExitProcess
FileTimeToLocalFileTime
OpenMutexA
CreateProcessA
DeleteFileA
Sleep
GetVersionExA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetCurrentProcessId
MultiByteToWideChar
FindResourceA
SizeofResource
LockResource
LoadResource
WideCharToMultiByte
GetLocalTime
OutputDebugStringA
IsBadStringPtrA
SetFileAttributesA
GetFileAttributesA
TerminateThread
FormatMessageA
GetModuleHandleA
SetFileTime
MulDiv
GetTickCount
WaitForSingleObject
GetCurrentDirectoryA
CreateDirectoryA
FileTimeToSystemTime
GetFileAttributesExA
SystemTimeToFileTime
lstrlenA
GetEnvironmentVariableW
GetVersion
GetEnvironmentVariableA
CompareStringW
CompareStringA
lstrlenW
GetStringTypeExW
GetStringTypeExA
lstrcmpiW
lstrcmpiA
Process32Next
CloseHandle
TerminateProcess
GetExitCodeProcess
OpenProcess
Process32First
CreateToolhelp32Snapshot
DeleteCriticalSection
RaiseException
IsDBCSLeadByte
lstrcpyA
FreeLibrary
LoadLibraryA
GetWindowsDirectoryA
WinExec
lstrcatA
FreeResource
EnumResourceLanguagesA
ConvertDefaultLocale
GetProcAddress
GetCurrentThreadId
GetCurrentThread
GetModuleFileNameA
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
GlobalLock
GlobalAddAtomA
SetEvent
SuspendThread
CreateEventA
SetThreadPriority
GetThreadPriority
ResumeThread
GlobalFree
GlobalUnlock
lstrcpynA
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
SetLastError
InterlockedDecrement
InterlockedIncrement
LocalFree
GlobalSize
CopyFileA
DuplicateHandle
GetCurrentProcess
CreateFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
MoveFileA
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetShortPathNameA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GlobalFlags
SetErrorMode
LocalAlloc
InitializeCriticalSection
TlsAlloc
GlobalHandle
TlsFree
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
FindNextFileA
LocalReAlloc
TlsGetValue
IsBadWritePtr
IsBadReadPtr
VirtualProtect
GetProfileIntA
GetCPInfo
GetOEMCP
GetFileTime
LocalFileTimeToFileTime
GetTempFileNameA
GetDiskFreeSpaceA
FindResourceExA
LocalUnlock
LocalLock
lstrcpynW
RtlUnwind
DebugBreak
GetStdHandle
user32
DestroyCursor
DestroyIcon
SetCursor
PostMessageA
TrackPopupMenuEx
GetSubMenu
GetSysColor
FillRect
ReleaseDC
CreateIconIndirect
GetDC
GetIconInfo
LoadImageA
LoadMenuA
SetWindowLongA
MessageBeep
GetMessagePos
IsWindow
CopyIcon
LoadCursorA
MessageBoxA
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetParent
GetWindowLongA
DispatchMessageA
TranslateMessage
GetMessageA
ValidateRect
SetWindowsHookExA
GetCursorPos
PeekMessageA
CallNextHookEx
GetKeyState
GetFocus
SetMenuItemBitmaps
LoadBitmapA
GetMenuCheckMarkDimensions
MapDialogRect
TabbedTextOutA
DragDetect
GetMenu
SetMenu
DrawMenuBar
GetSystemMenu
HiliteMenuItem
IsIconic
IsZoomed
ArrangeIconicWindows
GetWindowRgn
BringWindowToTop
IsRectEmpty
InSendMessage
IsClipboardFormatAvailable
RegisterClipboardFormatA
CopyAcceleratorTableA
GetDialogBaseUnits
SetRectEmpty
GetAsyncKeyState
GetClipboardFormatNameA
UnpackDDElParam
ReuseDDElParam
TranslateAcceleratorA
LoadAcceleratorsA
GetWindowThreadProcessId
WaitMessage
ReleaseCapture
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
MapVirtualKeyA
GetKeyNameTextA
RegisterWindowMessageA
SendDlgItemMessageA
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
DestroyMenu
WinHelpA
GetClassInfoA
RegisterClassA
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
SetWindowPos
EndDialog
CreateDialogIndirectParamA
GetClientRect
MapWindowPoints
ClientToScreen
ScreenToClient
BeginPaint
EndPaint
GetWindowDC
MsgWaitForMultipleObjects
IsWindowUnicode
GetMessageW
DispatchMessageW
SubtractRect
UnionRect
InflateRect
SetRect
DestroyWindow
GetDlgItem
CheckMenuRadioItem
GetMenuContextHelpId
SetMenuContextHelpId
LoadMenuIndirectA
RemoveMenu
ModifyMenuA
InsertMenuItemA
InsertMenuA
SetMenuItemInfoA
GetMenuItemInfoA
GetMenuStringA
GetMenuState
GetMenuItemID
CharNextA
UnregisterClassA
CharUpperA
CharUpperW
CharLowerA
CharLowerW
CharNextExA
FindWindowA
GetMenuItemCount
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
AppendMenuA
DeleteMenu
IsMenu
CreatePopupMenu
CreateMenu
ScrollDC
GrayStringA
GetTabbedTextExtentA
DrawTextExA
DrawTextA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawStateA
DrawIcon
InvertRect
FrameRect
ExcludeUpdateRgn
WindowFromDC
GetSysColorBrush
OpenIcon
CloseWindow
LoadIconA
PostThreadMessageA
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
GetWindowContextHelpId
SetWindowContextHelpId
SendNotifyMessageA
GetForegroundWindow
SetForegroundWindow
SendMessageA
SetWindowRgn
PostQuitMessage
wsprintfA
SetScrollInfo
GetSystemMetrics
PtInRect
UpdateWindow
GetUpdateRect
GetUpdateRgn
InvalidateRect
InvalidateRgn
ValidateRgn
IsWindowVisible
ShowOwnedPopups
GetDCEx
LockWindowUpdate
RedrawWindow
EnableScrollBar
DrawAnimatedRects
DrawCaption
SetTimer
KillTimer
GetActiveWindow
SetActiveWindow
GetCapture
SetCapture
GetDesktopWindow
DlgDirListA
DlgDirListComboBoxA
DlgDirSelectExA
DlgDirSelectComboBoxExA
GetNextDlgGroupItem
GetNextDlgTabItem
ShowScrollBar
ChildWindowFromPoint
ChildWindowFromPointEx
FindWindowExA
GetWindow
GetTopWindow
IsChild
SetParent
WindowFromPoint
FlashWindow
ChangeClipboardChain
SetClipboardViewer
OpenClipboard
GetOpenClipboardWindow
GetClipboardOwner
GetClipboardViewer
CreateCaret
GetCaretPos
SetCaretPos
HideCaret
ShowCaret
GetWindowRect
gdi32
DeleteMetaFile
EnumFontFamiliesExA
StretchDIBits
CopyMetaFileA
PlayMetaFile
EnumMetaFile
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
GetClipRgn
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
MoveToEx
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
RestoreDC
SaveDC
GetClipBox
GetDCOrgEx
PlayEnhMetaFile
GdiComment
WidenPath
StrokePath
StrokeAndFillPath
SetMiterLimit
GetPath
GetMiterLimit
FlattenPath
FillPath
EndPath
CloseFigure
BeginPath
AbortPath
GetCharWidthFloatA
GetCharABCWidthsFloatA
ExtEscape
DrawEscape
PolyBezier
GetCurrentObject
GetColorAdjustment
PolyPolyline
GetArcDirection
AngleArc
SetPixelV
PlgBlt
MaskBlt
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
StartDocA
GetGlyphOutlineA
GetKerningPairsA
GetFontData
GetCharABCWidthsA
GetOutlineTextMetricsA
ResetDCA
GetBoundsRect
SetBoundsRect
Escape
GetAspectRatioFilterEx
GetCharacterPlacementA
GetFontLanguageInfo
GetCharWidthA
GetTextCharacterExtra
GetTextMetricsA
GetTextFaceA
GetTextAlign
GetTextExtentPoint32A
TextOutA
ExtFloodFill
FloodFill
StretchBlt
PatBlt
RoundRect
Rectangle
PolyPolygon
Polygon
Pie
Ellipse
Chord
Polyline
Arc
GetCurrentPositionEx
RectVisible
PtVisible
PaintRgn
InvertRgn
FrameRgn
FillRgn
LPtoDP
DPtoLP
GetWindowExtEx
GetWindowOrgEx
GetViewportExtEx
GetViewportOrgEx
GetMapMode
GetTextColor
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetBkColor
UpdateColors
RealizePalette
GetNearestColor
EnumObjects
SetBrushOrgEx
GetBrushOrgEx
GetDeviceCaps
CreateICA
CreateDCA
RectInRegion
PtInRegion
GetRgnBox
OffsetRgn
EqualRgn
CombineRgn
SetRectRgn
GetRegionData
ExtCreateRegion
PathToRegion
CreatePolyPolygonRgn
CreatePolygonRgn
CreateEllipticRgnIndirect
CreateEllipticRgn
CreateRectRgnIndirect
CreateRectRgn
ResizePalette
GetNearestPaletteIndex
AnimatePalette
SetPaletteEntries
GetPaletteEntries
CreateHalftonePalette
CreatePalette
CreateDiscardableBitmap
GetBitmapDimensionEx
SetBitmapDimensionEx
GetBitmapBits
SetBitmapBits
CreateBitmapIndirect
CreateFontA
CreateFontIndirectA
CreateDIBPatternBrushPt
CreatePatternBrush
CreateBrushIndirect
CreateHatchBrush
ExtCreatePen
CreatePenIndirect
CreatePen
GetObjectType
UnrealizeObject
ExtTextOutA
CloseEnhMetaFile
CreateEnhMetaFileA
CloseMetaFile
CreateMetaFileA
CreateSolidBrush
GetPixel
SetPixel
CreateCompatibleBitmap
CreateBitmap
SetBkColor
SetTextColor
DeleteObject
GetObjectA
CreateRoundRectRgn
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetStockObject
comdlg32
ChooseColorA
ReplaceTextA
GetFileTitleA
GetSaveFileNameA
CommDlgExtendedError
PrintDlgA
PageSetupDlgA
GetOpenFileNameA
FindTextA
winspool.drv
DocumentPropertiesA
OpenPrinterA
GetJobA
ClosePrinter
advapi32
RegCloseKey
RegSetValueExA
OpenThreadToken
RevertToSelf
SetThreadToken
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegSetValueA
RegDeleteValueA
RegCreateKeyA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyExA
shell32
ExtractIconA
ShellExecuteExA
DragAcceptFiles
SHGetFileInfoA
DragFinish
ShellExecuteA
DragQueryFileA
comctl32
ImageList_BeginDrag
ImageList_GetImageInfo
ImageList_SetOverlayImage
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_DrawEx
ImageList_Draw
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Replace
ImageList_EndDrag
ImageList_AddMasked
ImageList_Add
ImageList_GetImageCount
ord14
ImageList_Write
ImageList_Read
ImageList_Merge
ImageList_LoadImageA
ImageList_Create
ImageList_Destroy
ord13
ord17
ord8
_TrackMouseEvent
ImageList_DragMove
ImageList_SetDragCursorImage
ImageList_DragShowNolock
ImageList_GetDragImage
ImageList_DragEnter
ImageList_DragLeave
ImageList_SetImageCount
ImageList_Copy
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_Remove
shlwapi
PathRemoveExtensionA
PathFindFileNameA
PathIsUNCA
PathFindExtensionA
PathStripToRootA
oledlg
ord3
ord7
ord6
ord5
ord9
ord4
ord8
ole32
OleTranslateAccelerator
IsAccelerator
GetRunningObjectTable
CoLockObjectExternal
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
CoGetMalloc
CreateStreamOnHGlobal
GetClassFile
CreateFileMoniker
CreateGenericComposite
CreateItemMoniker
OleFlushClipboard
OleSetClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoRegisterClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
CreateDataAdviseHolder
OleRun
OleDestroyMenuDescriptor
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
ReleaseStgMedium
CoTreatAsClass
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
CoTaskMemAlloc
OleDuplicateData
StringFromGUID2
CoCreateInstance
CoDisconnectObject
StringFromCLSID
CoTaskMemFree
CLSIDFromString
OleInitialize
CreateOleAdviseHolder
OleCreateMenuDescriptor
OleRegGetMiscStatus
OleRegEnumVerbs
DoDragDrop
OleSetMenuDescriptor
OleGetClipboard
OleQueryLinkFromData
OleQueryCreateFromData
OleIsRunning
CLSIDFromProgID
OleSaveToStream
WriteClassStm
OleGetIconOfClass
GetHGlobalFromILockBytes
CoUnmarshalInterface
CoMarshalInterface
CoReleaseMarshalData
StgIsStorageILockBytes
OleSave
OleLoad
OleCreate
OleCreateLinkToFile
OleCreateFromFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSetContainedObject
CreateILockBytesOnHGlobal
OleLockRunning
oleaut32
SysAllocStringLen
OleLoadPicture
SysFreeString
VariantClear
VariantChangeType
VariantInit
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayRedim
SafeArrayCreate
VariantCopy
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VarBstrFromDec
VarDecFromStr
SysStringLen
VarDateFromStr
VarBstrFromDate
OleCreateFontIndirect
LoadTypeLi
DosDateTimeToVariantTime
VariantTimeToSystemTime
VarUdateFromDate
SystemTimeToVariantTime
VarDateFromUdate
d3d9
Direct3DCreate9
wininet
InternetSetOptionA
InternetOpenA
InternetCloseHandle
InternetReadFile
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
Sections
.text Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 356KB - Virtual size: 352KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 20KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 600KB - Virtual size: 598KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ