2023-08-26_d5a6640280171655c62739365eb1d8f3_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-26_d5a6640280171655c62739365eb1d8f3_icedid_JC.exe
Size

848KB
MD5

d5a6640280171655c62739365eb1d8f3
SHA1

bc9def4b7fa5975f92f8a25fd8fbef5e203a2ccb
SHA256

622c1977ae992b5fa09731a36ed9801046df8eb31f5fc9082ca2fa274bb009af
SHA512

f91f7f16ff3f8aa93968480f2ee826c247d14a4eb959021d1b91a2824136808c66ed69f3a3afcc5611dfc0f5d1b5ffdc44b4d683fb15d8aa38880ea7aaea9f1a
SSDEEP

12288:qvqJw5a94S5Dc6GxNRZkIAqlMj1BHLpEzE3gg2NnN7oCDQU:M9a9pIvleH1EI3O/UBU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-26_d5a6640280171655c62739365eb1d8f3_icedid_JC.exe

Files

2023-08-26_d5a6640280171655c62739365eb1d8f3_icedid_JC.exe
.exe windows:4 windows x86

c4ca4d8bbf1d605ff519fa09c99b984f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutPrepareHeader
waveOutPause
waveOutWrite
waveOutUnprepareHeader
timeGetTime
waveOutGetErrorTextW
waveOutRestart
waveOutReset
waveOutClose
waveOutGetDevCapsW
waveOutOpen
waveOutGetNumDevs

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

avifil32

AVIFileInit
AVIFileExit
AVIFileRelease
AVIStreamRelease
AVIFileReadData
AVIStreamLength
AVIFileGetStream
AVIFileInfoW
AVIFileOpenW
AVIStreamRead
AVIStreamFindSample
AVIStreamStart

shlwapi

PathAddExtensionW
PathIsDirectoryW
PathStripToRootW
PathIsRootW
SHDeleteKeyW
PathIsNetworkPathW
PathIsDirectoryEmptyW
PathAppendW
PathFileExistsW
PathRemoveFileSpecW
PathAddBackslashW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW

playctrl

PlayM4_ResetSourceBuffer
PlayM4_GetDDrawDeviceTotalNums
PlayM4_GetBMP
PlayM4_SetDDrawDeviceEx
PlayM4_SetDDrawDevice
PlayM4_ReleaseDDrawDevice
PlayM4_InitDDrawDevice
PlayM4_SetColor
PlayM4_StopSound
PlayM4_PlaySound
PlayM4_SetFileEndMsg
PlayM4_RefreshPlay
PlayM4_GetPlayedTimeEx
PlayM4_GetFileTime
PlayM4_GetFileTotalFrames
PlayM4_GetCaps
PlayM4_GetCapsEx
PlayM4_GetPictureSize
PlayM4_SetDecCallBack
PlayM4_CloseFile
PlayM4_OpenFile
PlayM4_SetVerifyCallBack
PlayM4_SetFileRefCallBack
PlayM4_RigisterDrawFun
PlayM4_ThrowBFrameNum
PlayM4_GetLastError
PlayM4_InputVideoData
PlayM4_InputData
PlayM4_OneByOneBack
PlayM4_OneByOne
PlayM4_GetCurrentFrameNum
PlayM4_SetPlayedTimeEx
PlayM4_SetDisplayCallBack
PlayM4_SetEncTypeChangeCallBack
PlayM4_SetStreamOpenMode
PlayM4_OpenStream
PlayM4_OpenStreamEx
PlayM4_CloseStream
PlayM4_SetDisplayBuf
PlayM4_ResetBuffer
PlayM4_Play
PlayM4_Stop
PlayM4_Pause
PlayM4_Fast
PlayM4_GetPlayPos
PlayM4_SetPlayPos
PlayM4_SetCurrentFrameNum

kernel32

GlobalAlloc
GlobalFree
GetVersionExA
lstrcmpW
LoadLibraryA
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
FreeResource
GetModuleHandleA
WideCharToMultiByte
GetCurrentProcessId
lstrcmpA
lstrlenA
GlobalGetAtomNameW
GetPrivateProfileIntW
WritePrivateProfileStringW
GlobalLock
InterlockedDecrement
GetFileAttributesW
SetFileTime
GetFileTime
GetTempFileNameW
GetFullPathNameW
GetDiskFreeSpaceW
InterlockedIncrement
FileTimeToSystemTime
FileTimeToLocalFileTime
InterlockedExchange
CompareStringA
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
SystemTimeToFileTime
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetThreadLocale
MoveFileW
GetStringTypeExW
lstrcmpiW
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationW
GetShortPathNameW
CreateFileW
LocalFileTimeToFileTime
SetFileAttributesW
SetErrorMode
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetSystemTimeAsFileTime
ExitThread
CreateThread
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitProcess
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
SetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCurrentDirectoryA
GetDriveTypeA
CreateFileA
SetEnvironmentVariableA
GlobalUnlock
lstrlenW
MulDiv
SuspendThread
GetCurrentThreadId
SetThreadPriority
CloseHandle
ReleaseMutex
GetTickCount
GetModuleHandleW
GetProcAddress
SetLastError
GetCurrentDirectoryW
FreeLibrary
CreateMutexW
LoadLibraryW
LocalAlloc
GetVersion
GetDriveTypeW
GetVersionExW
CreateDirectoryW
CopyFileW
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalFree
FormatMessageW
ResumeThread
WaitForMultipleObjects
CreateEventW
ReadFile
LoadResource
LockResource
SizeofResource
FindResourceW
MultiByteToWideChar
GetLocaleInfoW
lstrcpynW
FindFirstFileW
FindNextFileW
FindClose
RemoveDirectoryW
DeleteFileW
GetLastError
Sleep
ResetEvent
SetEvent
WaitForSingleObject
TerminateThread
GetPrivateProfileStringW

user32

GetDCEx
LockWindowUpdate
DeleteMenu
SetParent
UnregisterClassW
CharUpperW
FindWindowW
DrawIcon
SetWindowRgn
CopyAcceleratorTableW
CreateMenu
GetTabbedTextExtentA
DestroyIcon
RegisterClipboardFormatW
UnregisterClassA
SetScrollPos
GetScrollPos
ShowScrollBar
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
DefWindowProcW
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
SetWindowsHookExW
CallNextHookEx
GetMessageW
GetActiveWindow
GetSysColorBrush
ValidateRect
MsgWaitForMultipleObjects
ReleaseCapture
ScreenToClient
SetCapture
GetCursorPos
LoadStringW
IsIconic
GetWindow
GetDesktopWindow
GetPropW
GetSystemMenu
RemoveMenu
GetDC
SetRect
SetTimer
GetWindowRect
GetDlgCtrlID
UpdateWindow
KillTimer
PeekMessageW
TranslateMessage
DispatchMessageW
SetForegroundWindow
GetLastActivePopup
BringWindowToTop
ShowWindow
RemovePropW
IsWindowVisible
GetMenu
IsWindow
AdjustWindowRectEx
SetPropW
OffsetRect
RedrawWindow
GetSystemMetrics
ClientToScreen
PostMessageW
AppendMenuW
CreatePopupMenu
TrackPopupMenuEx
CopyRect
GetSysColor
DrawFrameControl
DrawTextW
DrawFocusRect
SetWindowLongW
EnableWindow
GetParent
CallWindowProcA
SendMessageW
InvalidateRect
GetWindowLongW
GetClientRect
PtInRect
CallWindowProcW
PostThreadMessageW
PostQuitMessage
LoadCursorW
DestroyCursor
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
ShowOwnedPopups
UnpackDDElParam
ReuseDDElParam
LoadMenuW
SetCursor
LoadAcceleratorsW
InsertMenuItemW
SetMenu
UnionRect
IsRectEmpty
IsZoomed
SetRectEmpty
TranslateAcceleratorW
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
WindowFromPoint
GetWindowThreadProcessId
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
TabbedTextOutW
FillRect
IsWindowEnabled
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetScrollRange
ReleaseDC
GetScrollRange

gdi32

GetDeviceCaps
CreateDCW
CreateBitmap
GetClipBox
GetObjectW
SaveDC
RestoreDC
SetPolyFillMode
SetStretchBltMode
SetMapMode
DeleteObject
CreateFontW
CreateSolidBrush
CreateCompatibleBitmap
SetDIBitsToDevice
CreateCompatibleDC
BitBlt
SetBkMode
GetStockObject
SetROP2
SelectObject
Rectangle
CreatePen
CreateBrushIndirect
GetTextMetricsW
SetBkColor
SetTextColor
ExtTextOutW
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetWindowOrgEx
GetTextExtentPoint32A
GetTextFaceW
GetTextAlign
GetTextColor
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetNearestColor
Ellipse
LPtoDP
CreateEllipticRgn
EndDoc
AbortDoc
SetAbortProc
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocW
PtVisible
RectVisible
TextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
DeleteDC
CreatePatternBrush
CreateFontIndirectW
GetTextExtentPoint32W
GetBkColor
GetCharWidthW
StretchDIBits
CreateRectRgnIndirect
PatBlt
SetRectRgn
CombineRgn
DPtoLP
GetViewportOrgEx
StartPage
EndPage

comdlg32

GetFileTitleW

winspool.drv

GetJobW
OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

SetSecurityDescriptorDacl
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegSetValueW
RegOpenKeyW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
SetFileSecurityW
GetFileSecurityW
RegEnumKeyW
RegQueryValueW
RegCreateKeyW
InitializeSecurityDescriptor

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
SHFileOperationW
SHGetFolderPathW
ShellExecuteW
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
DragFinish
DragQueryFileW
ExtractIconW

comctl32

ord17

ole32

CoDisconnectObject
CoUninitialize
CoInitialize
CoCreateInstance
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator

oleaut32

SystemTimeToVariantTime
SysAllocString
VariantCopy
SysFreeString
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
LoadTypeLi
VarUdateFromDate
VarDateFromStr
VariantTimeToSystemTime

Sections

.text
Size: 524KB - Virtual size: 521KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4ca4d8bbf1d605ff519fa09c99b984f

Headers

File Characteristics

Imports

winmm

version

avifil32

shlwapi

playctrl

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

Sections

.text Size: 524KB - Virtual size: 521KB

.rdata Size: 192KB - Virtual size: 188KB

.data Size: 16KB - Virtual size: 31KB

.rsrc Size: 112KB - Virtual size: 111KB

.text
Size: 524KB - Virtual size: 521KB

.rdata
Size: 192KB - Virtual size: 188KB

.data
Size: 16KB - Virtual size: 31KB

.rsrc
Size: 112KB - Virtual size: 111KB