2023-08-26_d3c3754f10a73ae0a8430ba5e1cc834f_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-26_d3c3754f10a73ae0a8430ba5e1cc834f_icedid_JC.exe
Size

1.1MB
MD5

d3c3754f10a73ae0a8430ba5e1cc834f
SHA1

346a16f4aaeeccae7b6db79da9f32b289a000ebc
SHA256

fa2ee6f69456ef585d6c0d76183cfb589ebba1c89ae7622e5be85fb87e36444d
SHA512

5bc8ca0d3d7c6c24aa8173cd11a147ee49739933dea85ccc4dec955ee583a7ce20e396e17810b0bc150e9fd99b891f2be3db81aff96f00f2a36fa0ed727100db
SSDEEP

12288:5TNRUnHINMpW+HYxB/iYmod/2X8IxgKTQUyoB7F1+vcK5Sk96BbFH/QBabfb4n:5onoNQJaBn29gER98vcK5SE6nYBabc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-26_d3c3754f10a73ae0a8430ba5e1cc834f_icedid_JC.exe

Files

2023-08-26_d3c3754f10a73ae0a8430ba5e1cc834f_icedid_JC.exe
.exe windows:4 windows x86

6f7e13ec64478408f3c7f79e3d23c6eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
CompareStringA
DeviceIoControl
GetSystemTime
GlobalLock
GlobalAlloc
FileTimeToSystemTime
SetFileTime
LocalFileTimeToFileTime
Beep
DosDateTimeToFileTime
FileTimeToLocalFileTime
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
DeleteCriticalSection
RaiseException
InitializeCriticalSection
CreateFileA
Sleep
SystemTimeToFileTime
WriteFile
SetFilePointer
GetLastError
VirtualFree
VirtualAlloc
SetLastError
WaitForSingleObject
FreeLibrary
IsBadWritePtr
CloseHandle
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
ReadFile
LoadResource
LockResource
SizeofResource
SetEnvironmentVariableA
IsBadCodePtr
IsBadReadPtr
GetOEMCP
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
LCMapStringA
GetTimeZoneInformation
GetDateFormatA
GetTimeFormatA
HeapCreate
HeapDestroy
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStrings
FreeResource
GlobalFree
GlobalUnlock
InterlockedDecrement
GetVersionExA
lstrlenA
GlobalDeleteAtom
LocalFree
MulDiv
GetVersion
GetFileTime
EnumResourceLanguagesW
ConvertDefaultLocale
lstrcmpiA
lstrcmpA
GetCurrentThread
GetTickCount
GlobalFlags
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
FindClose
SetErrorMode
ExitProcess
TerminateProcess
GetSystemTimeAsFileTime
HeapAlloc
HeapReAlloc
HeapFree
RtlUnwind
SetStdHandle
GetFileType
HeapSize
VirtualProtect
GetSystemInfo
VirtualQuery
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA

user32

GetFocus
PtInRect
CopyRect
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenu
IsWindowVisible
ShowScrollBar
SetForegroundWindow
GetScrollRange
SetScrollRange
GetKeyState
TrackPopupMenu
ScrollWindow
MapWindowPoints
GetMessagePos
GetMessageTime
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
GetLastActivePopup
GetForegroundWindow
IsChild
SendDlgItemMessageA
CallNextHookEx
GetCapture
RemoveMenu
GetMenuState
SetWindowPos
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
SetMenu
BringWindowToTop
SetRectEmpty
CreatePopupMenu
InvalidateRect
ReleaseCapture
SetCursor
ReuseDDElParam
UnpackDDElParam
DestroyMenu
IsZoomed
IsRectEmpty
UnionRect
SetRect
ClientToScreen
KillTimer
WindowFromPoint
GetCursorPos
ReleaseDC
GetDC
DeleteMenu
GetSystemMenu
SetParent
GetWindowDC
BeginPaint
EndPaint
ValidateRect
InflateRect
PostQuitMessage
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
DestroyCursor
GetSysColorBrush
GetDCEx
LockWindowUpdate
SetCapture
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
DestroyIcon
DrawIcon
SetWindowRgn
CreateMenu
GetTabbedTextExtentA
ShowWindow
MoveWindow
GetDlgCtrlID
GetScrollPos
SetScrollPos
GetWindow
SetFocus
UnhookWindowsHookEx
GetDesktopWindow
GetActiveWindow
SetActiveWindow
GetSystemMetrics
DestroyWindow
IsWindow
SetTimer
UpdateWindow
GetSysColor
FillRect
TranslateMessage
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetClientRect
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
GetMenuCheckMarkDimensions

gdi32

MoveToEx
SetTextAlign
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
CreateBitmap
PtVisible
LineTo
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
StretchDIBits
SelectObject
DeleteObject
CreateCompatibleDC
BitBlt
GetDeviceCaps
SetBkColor
SetTextColor
DeleteDC
GetBkColor
RectVisible
CreateCompatibleBitmap
GetClipBox
GetPixel
LPtoDP
GetWindowOrgEx
GetTextExtentPoint32A
GetTextAlign
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetNearestColor
Ellipse
CreateEllipticRgn
GetRgnBox
GetTextColor
Rectangle
GetViewportOrgEx
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
PatBlt
CreateRectRgnIndirect
CreateSolidBrush
CreatePen
GetStockObject
CreatePatternBrush
ExtSelectClipRgn
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx

advapi32

RegCloseKey
GetFileSecurityW
CloseServiceHandle
OpenSCManagerW
SetFileSecurityW

comctl32

InitCommonControlsEx
ImageList_AddMasked
ord17
ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy
ImageList_Create
ImageList_GetImageCount

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFindExtensionW

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoGetClassObject
CLSIDFromString
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromProgID

oleaut32

OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
SysFreeString
SysStringLen
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit

shell32

DragFinish

comdlg32

CommDlgExtendedError

winspool.drv

ClosePrinter

Sections

.text
Size: 396KB - Virtual size: 394KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 572KB - Virtual size: 570KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f7e13ec64478408f3c7f79e3d23c6eb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

shlwapi

ole32

oleaut32

shell32

comdlg32

winspool.drv

Sections

.text Size: 396KB - Virtual size: 394KB

.rdata Size: 108KB - Virtual size: 104KB

.data Size: 12KB - Virtual size: 32KB

.rsrc Size: 572KB - Virtual size: 570KB

.text
Size: 396KB - Virtual size: 394KB

.rdata
Size: 108KB - Virtual size: 104KB

.data
Size: 12KB - Virtual size: 32KB

.rsrc
Size: 572KB - Virtual size: 570KB