2023-08-26_95684274c8d28cfabeb0562c0b2376cd_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-26_95684274c8d28cfabeb0562c0b2376cd_icedid_JC.exe
Size

1.3MB
MD5

95684274c8d28cfabeb0562c0b2376cd
SHA1

5575e536f96abbcafc47537dbfe55059da4138cb
SHA256

961ce59c1a09f80be5886deb7e5dedd845827b73801ef427eb65aae45da90124
SHA512

d4c27aefe62f2dd412186741877727b40dc9d7a5200c7a5c7db448fbe56ec1ef07c6d18e0d746d9c1543a7e90147b408dfb2de100b365c854f71033fa77b76f2
SSDEEP

24576:1Isig6TcB+LoqSZQRbw+NAybxJFClvn6IIYMflJZsQ:1piy+LoqGQRbCIIPMflJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-26_95684274c8d28cfabeb0562c0b2376cd_icedid_JC.exe

Files

2023-08-26_95684274c8d28cfabeb0562c0b2376cd_icedid_JC.exe
.exe windows:5 windows x86

6e524689b38d62cf565cb7fd4de77cbe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
RtlUnwind
RaiseException
GetCommandLineA
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStdHandle
GetFileType
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
SetFilePointer
WriteFile
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
TlsFree
DeleteCriticalSection
LocalReAlloc
GetCurrentProcess
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GetModuleHandleW
GlobalFlags
InterlockedDecrement
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetVersionExA
FreeResource
GetCurrentProcessId
GlobalGetAtomNameA
GlobalAddAtomA
GetLastError
GlobalAlloc
FormatMessageA
LocalFree
MultiByteToWideChar
MulDiv
GetModuleHandleA
SetLastError
GetWindowsDirectoryA
lstrcatA
lstrlenA
WinExec
lstrcpyA
GlobalLock
GlobalUnlock
GlobalFree
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
Sleep
ExitProcess
FreeLibrary
IsBadReadPtr
LoadLibraryA
GetProcAddress
VirtualFree
VirtualProtect
HeapReAlloc
HeapAlloc
VirtualAlloc
GetProcessHeap
HeapFree
CreateFileA
CloseHandle
TlsSetValue
HeapSize

user32

GetSysColorBrush
WindowFromPoint
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
SetWindowTextA
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
SetForegroundWindow
MessageBoxA
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
GetSystemMetrics
GetClassNameA
DestroyMenu
WinHelpA
SetWindowPos
SetFocus
GetWindowThreadProcessId
GetActiveWindow
IsWindowEnabled
GetDlgItem
GetDlgCtrlID
GetKeyState
LoadIconA
PeekMessageA
GetCapture
SetActiveWindow
IsWindowVisible
IsIconic
UpdateWindow
EnableWindow
GetClientRect
InvalidateRect
SetCursor
GetClassInfoA
CopyRect
GetMenu
GetLastActivePopup
PostMessageA
SetMenu
GetDesktopWindow
GetWindow
ShowWindow
RegisterClipboardFormatA
MapWindowPoints
PtInRect
InflateRect
SendMessageA
GetWindowRect
GetDC
ReleaseDC
RedrawWindow
SetCapture
GetParent
IsWindow
GetSysColor
ReleaseCapture
MessageBeep
CopyIcon
LoadCursorA
SetWindowLongA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ScreenToClient
ClientToScreen
BeginPaint
EndPaint
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
GetWindowLongA
LoadBitmapA

gdi32

SetMapMode
DeleteDC
CreateBitmap
GetDeviceCaps
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetTextExtentPoint32A
GetObjectA
CreateFontIndirectA
GetStockObject
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteObject
GetClipBox

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegQueryValueExA
RegQueryValueA
RegCloseKey
RegOpenKeyExA

shell32

ShellExecuteA

shlwapi

PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e524689b38d62cf565cb7fd4de77cbe

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

oleaut32

Sections

.text Size: 138KB - Virtual size: 137KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 1.1MB - Virtual size: 1.1MB

.rsrc Size: 6KB - Virtual size: 8KB

.text
Size: 138KB - Virtual size: 137KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 1.1MB - Virtual size: 1.1MB

.rsrc
Size: 6KB - Virtual size: 8KB