2023-08-26_88a8e34dc65057718408952b67bfe4bb_icedid_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

2023-08-26_88a8e34dc65057718408952b67bfe4bb_icedid_JC.exe
Size

301KB
MD5

88a8e34dc65057718408952b67bfe4bb
SHA1

80d89e4d70e6c0ddb20e53f2b65b8cca23c94688
SHA256

70e3a5c7d160ab1563e3c04b4718097b8a1e9bcd215f2caca6720eb3cd8ebbfa
SHA512

8780e56a21c545b7094a53371ae2a9d36c4eac7e607df992c5a57f5923bf2dccd7a1c4b9199663b4b5939ccc0d30020d7ed3d56cc89db1b10b7cbb26bec29a33
SSDEEP

6144:FouUG1GYyDIxvrHvdgWc1zQfDt6AD6Vj5VEPfPTcvaCl+:FovmGYo+vrAQgAD6VzEPfYv9I

Score

1^/10

Malware Config

Signatures

Files

2023-08-26_88a8e34dc65057718408952b67bfe4bb_icedid_JC.exe
.exe windows:4 windows x86

4e2666088687c235c86fdf7d18dd6acb

Code Sign

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2024 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

19:9d:f8:8e
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign eCommerce Services Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2024 01:00

Subject

CN=WoSign Class 3 Code Signing CA,O=WoSign eCommerce Services Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

05:d9:c9:2a:76:5e:cd
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA,O=WoSign eCommerce Services Limited,C=CN

Not Before

26-12-2012 05:33

Not After

29-12-2014 13:59

Subject

CN=金华长风信息技术有限公司,O=金华长风信息技术有限公司,L=金华市,ST=浙江省,C=CN,1.2.840.113549.1.9.1=#0c156d696e676d696e674031376775616775612e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

61:e3:ef:13:de:0e:fb:24:d0:c8:6f:1c:b3:c4:5e:f3:d1:e6:c9:c4
Signer

Actual PE Digest

61:e3:ef:13:de:0e:fb:24:d0:c8:6f:1c:b3:c4:5e:f3:d1:e6:c9:c4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
IsBadWritePtr
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapFree
TerminateProcess
ExitProcess
RtlUnwind
GetStartupInfoW
GetTickCount
GetFileTime
GetFileAttributesW
FileTimeToLocalFileTime
SetErrorMode
FileTimeToSystemTime
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GlobalFlags
InterlockedIncrement
lstrcmpiW
WritePrivateProfileStringW
InterlockedDecrement
GlobalFindAtomW
lstrlenA
GetModuleHandleA
LoadLibraryA
lstrcatW
GetVersionExA
GetLastError
SetLastError
MulDiv
FormatMessageW
lstrcpynW
LocalFree
GlobalFree
GlobalAddAtomW
lstrlenW
GetCurrentThread
GetCurrentThreadId
lstrcmpW
FreeLibrary
GlobalDeleteAtom
WideCharToMultiByte
GetModuleFileNameW
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcpyW
LoadLibraryW
GetLocaleInfoW
GlobalAlloc
GlobalLock
GlobalUnlock
FreeResource
MultiByteToWideChar
LoadResource
LockResource
SizeofResource
FindResourceW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExW
GetModuleHandleW
GetProcAddress
OpenProcess
VirtualAllocEx
WriteProcessMemory
ReadProcessMemory
VirtualFreeEx
GetCurrentProcessId
CloseHandle

user32

PostThreadMessageW
DestroyMenu
MessageBeep
GetNextDlgTabItem
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
CopyAcceleratorTableW
SetRect
IsRectEmpty
CharNextW
CharUpperW
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
wsprintfW
GetDesktopWindow
ReleaseCapture
LoadCursorW
SetCapture
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SetFocus
IsChild
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
LoadIconW
MapWindowPoints
MessageBoxW
SetForegroundWindow
UpdateWindow
GetClientRect
GetMenu
GetSysColor
AdjustWindowRectEx
EqualRect
GetClassInfoW
RegisterClassW
UnregisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetWindowLongW
SetWindowLongW
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
CopyRect
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatW
CreateDialogIndirectParamW
SetWindowPos
GetDlgItem
SetMenuItemBitmaps
GetFocus
GetParent
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
SetWindowsHookExW
CallNextHookEx
EndDialog
SendDlgItemMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
SetCursor
PostQuitMessage
EnableWindow
PostMessageW
PtInRect
GetDC
UpdateLayeredWindow
ReleaseDC
GetWindowThreadProcessId
SendMessageW
FindWindowW
FindWindowExW
GetWindow
ClientToScreen
OffsetRect
IsWindow
GetMessageW
TranslateMessage
DispatchMessageW
SetActiveWindow

gdi32

GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
PtVisible
GetWindowExtEx
GetViewportExtEx
GetStockObject
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
DeleteDC
SetMapMode
RestoreDC
SaveDC
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
CreateBitmap
CreateCompatibleDC
CreateDIBSection
SelectObject
DeleteObject
RectVisible

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW
RegQueryValueW
RegCreateKeyExW
RegSetValueExW
RegCloseKey

comctl32

InitCommonControlsEx
ord17

shlwapi

PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoTaskMemFree
CLSIDFromProgID
CoInitialize
CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemAlloc
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
CLSIDFromString
OleUninitialize

oleaut32

VariantCopy
SysAllocString
SafeArrayDestroy
SystemTimeToVariantTime
OleCreateFontIndirect
VariantInit
VariantChangeType
VariantClear
SysStringLen
SysAllocStringLen
SysFreeString

gdiplus

GdipDrawImageRectRect
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipFree
GdipAlloc
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipDeleteGraphics
GdipCloneImage
GdipDisposeImage

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e2666088687c235c86fdf7d18dd6acb

Code Sign

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4cCertificate

Extended Key Usages

Key Usages

19:9d:f8:8eCertificate

Key Usages

05:d9:c9:2a:76:5e:cdCertificate

Extended Key Usages

Key Usages

61:e3:ef:13:de:0e:fb:24:d0:c8:6f:1c:b3:c4:5e:f3:d1:e6:c9:c4Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 8KB - Virtual size: 23KB

.rsrc Size: 84KB - Virtual size: 83KB

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

19:9d:f8:8e
Certificate

05:d9:c9:2a:76:5e:cd
Certificate

61:e3:ef:13:de:0e:fb:24:d0:c8:6f:1c:b3:c4:5e:f3:d1:e6:c9:c4
Signer

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 8KB - Virtual size: 23KB

.rsrc
Size: 84KB - Virtual size: 83KB