2023-08-26_b106c4f51cd1d39f7b73b7cbaff20a96_icedid_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

2023-08-26_b106c4f51cd1d39f7b73b7cbaff20a96_icedid_JC.exe
Size

6.6MB
MD5

b106c4f51cd1d39f7b73b7cbaff20a96
SHA1

dabcf8dd348dd0e3da2cd04db9a65460370b69c0
SHA256

4c204c3c57bd390391434d6dbb13fa3fd5278b4a3cdd380aae3210874758949a
SHA512

9d3bb75629a42dd1e682f05f65f7956ff029030b3b2007adb3e29ceac2869f68cc1c98f91bcdfdde484f66bdc5b7d4fbd98d4cf74abb34eab0a34da97d49b332
SSDEEP

196608:PlqXMq+fGQkZFctnpmjaioinp+W5kNfbsnDZxOT26DN:wfG7fp26DN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-26_b106c4f51cd1d39f7b73b7cbaff20a96_icedid_JC.exe

Files

2023-08-26_b106c4f51cd1d39f7b73b7cbaff20a96_icedid_JC.exe
.exe windows:4 windows x86

bc7b43536db558cafddd8171c4bf1fc5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStringTypeA
VirtualAlloc
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
VirtualProtect
RtlUnwind
ExitProcess
GetTickCount
GetFileTime
SetErrorMode
GetOEMCP
GetCPInfo
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
InterlockedIncrement
FileTimeToLocalFileTime
FileTimeToSystemTime
InterlockedDecrement
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
FreeResource
SetLastError
GlobalFree
MulDiv
GlobalUnlock
FormatMessageA
lstrcpynA
GlobalAddAtomA
GetCurrentThreadId
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
GetCurrentDirectoryA
SetCurrentDirectoryA
FindNextFileA
GetSystemTime
GetCPInfoExA
GetSystemDefaultLangID
GetUserDefaultLangID
GetSystemDefaultLCID
GetUserDefaultLCID
RemoveDirectoryA
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
MultiByteToWideChar
LocalFree
GetProcessHeap
HeapAlloc
GetModuleHandleA
HeapFree
GetTempFileNameA
MoveFileExA
GetLogicalDriveStringsA
GetDriveTypeA
GetFileAttributesA
SetFileAttributesA
SetEndOfFile
TerminateProcess
WritePrivateProfileStringA
CreateFileMappingA
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
WinExec
WriteFile
Sleep
SetFilePointer
ReadFile
GetTempPathA
LoadLibraryA
GetProcAddress
FreeLibrary
GetPrivateProfileIntA
GetPrivateProfileStringA
MoveFileA
FindFirstFileA
FindClose
DeleteFileA
CreateFileA
GetFileSize
GetSystemDirectoryA
CopyFileA
GetLastError
CreateToolhelp32Snapshot
Process32First
Process32Next
OpenProcess
DeleteCriticalSection
InitializeCriticalSection
RaiseException
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetModuleFileNameA
GetShortPathNameA
GetEnvironmentVariableA
lstrcpyA
lstrcatA
SetPriorityClass
GetCurrentProcess
GetCurrentThread
SetThreadPriority
OutputDebugStringA
CreateProcessA
WaitForSingleObject
GetStringTypeW
CloseHandle

user32

MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
CopyAcceleratorTableA
SetRect
IsRectEmpty
CharNextA
GetSysColorBrush
wsprintfA
ReleaseCapture
SetCapture
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyMenu
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
DrawIcon
SendMessageA
GetDlgItem
ShowWindow
EnableWindow
AppendMenuA
GetSystemMenu
IsIconic
GetClientRect
LoadIconA
UnregisterClassA
GetSystemMetrics
MessageBoxA
SetForegroundWindow
UpdateWindow
GetMenu
GetSysColor
AdjustWindowRectEx
EqualRect
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetNextDlgTabItem
EndDialog
GetMenuItemID
RegisterClipboardFormatA
PostThreadMessageA
GetMenuItemCount
GetSubMenu
SetMenuItemBitmaps
GetFocus
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
MapWindowPoints
SetCursor
LoadCursorA
FindWindowA
LoadImageA
CharUpperA
PostMessageA
PostQuitMessage
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
GetParent
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
SetWindowsHookExA

gdi32

GetMapMode
GetRgnBox
CreateRectRgnIndirect
GetTextColor
GetBkColor
GetStockObject
PtVisible
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
ExtTextOutA
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
RectVisible

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegCloseKey
OpenProcessToken
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
StartServiceA
CloseServiceHandle
OpenServiceA
OpenSCManagerA
SetSecurityDescriptorDacl
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
GetNamedSecurityInfoA
BuildExplicitAccessWithNameA
SetEntriesInAclA
SetNamedSecurityInfoA
LookupAccountNameA
GetFileSecurityA
GetSecurityDescriptorDacl
GetAclInformation
GetLengthSid
InitializeAcl
GetAce
EqualSid
AddAce
AddAccessAllowedAce
GetSecurityDescriptorControl
SetFileSecurityA
LookupPrivilegeValueA
AdjustTokenPrivileges
InitiateSystemShutdownA
ControlService
QueryServiceStatus
DeleteService
CreateServiceA
InitializeSecurityDescriptor
RegCreateKeyExA

shell32

ShellExecuteExA
SHGetFolderPathA
SHCreateDirectoryExA
SHChangeNotify

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
StgOpenStorageOnILockBytes
CoTaskMemFree
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries

oleaut32

SysFreeString
SysStringLen
SysAllocStringByteLen
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
SysAllocString
OleCreateFontIndirect

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc7b43536db558cafddd8171c4bf1fc5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 208KB - Virtual size: 207KB

.rdata Size: 52KB - Virtual size: 51KB

.data Size: 12KB - Virtual size: 22KB

.rsrc Size: 120KB - Virtual size: 118KB

.text
Size: 208KB - Virtual size: 207KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 12KB - Virtual size: 22KB

.rsrc
Size: 120KB - Virtual size: 118KB