2023-08-26_30770d23b8364a60f0d96e7e59114e7e_icedid_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

2023-08-26_30770d23b8364a60f0d96e7e59114e7e_icedid_JC.exe
Size

364KB
MD5

30770d23b8364a60f0d96e7e59114e7e
SHA1

c610bb3bd66dc737e15df03da0fa3a9146dc994b
SHA256

7dd30318ae3378f5d33ee341f1dfe6966912ca5aeb6492d5b0610e5675ad92d2
SHA512

fa71f5116b45df98ac45877d039295d24b94e9b7934229689936eee7caeec96f85c95123497272eb1051ccb729dea734098b71f66ec53882d15dd4a8f5ff2c66
SSDEEP

6144:+Gwt49UkCjzGcBWH2MmJzkYh5jwuH2FSvm34/LIZn9:+Gwt4akgzGUg2r5jL2L8a9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-26_30770d23b8364a60f0d96e7e59114e7e_icedid_JC.exe

Files

2023-08-26_30770d23b8364a60f0d96e7e59114e7e_icedid_JC.exe
.exe windows:4 windows x86

f7d1f8da0368e810da9b033e6d4d48f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

zlib

get_crc_table
inflateEnd
inflate
inflateInit2_
crc32

kernel32

GetCPInfo
GetOEMCP
SetErrorMode
HeapFree
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetEnvironmentVariableA
SetCurrentDirectoryA
ExitProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
RtlUnwind
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
HeapDestroy
WritePrivateProfileStringA
VirtualFree
IsBadWritePtr
SetHandleCount
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
IsBadReadPtr
IsBadCodePtr
GetLocaleInfoW
GlobalFlags
InterlockedIncrement
GetFileAttributesA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
FindFirstFileA
FindClose
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
RaiseException
GlobalGetAtomNameA
GlobalFindAtomA
lstrcatA
lstrcmpW
InterlockedDecrement
FreeResource
GlobalAddAtomA
GetCurrentThread
GetCurrentThreadId
GlobalDeleteAtom
lstrcmpA
GetModuleHandleA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryA
FormatMessageA
LocalFree
LocalAlloc
FreeLibrary
FileTimeToLocalFileTime
FileTimeToSystemTime
SetLastError
lstrcpynA
RemoveDirectoryA
LockResource
SizeofResource
LoadResource
FindResourceA
ReadFile
WriteFile
SetFilePointer
LocalFileTimeToFileTime
CreateThread
DeleteFileA
GetVersion
CloseHandle
GetVersionExA
ReleaseMutex
OutputDebugStringA
GetFileTime
CompareStringA
GetCurrentDirectoryA
CreateMutexA
GetModuleFileNameA
GetThreadLocale
lstrcmpiA
GetLastError
InterlockedExchange
CreateDirectoryA
MultiByteToWideChar
GetACP
CompareStringW
Sleep
WideCharToMultiByte
SetFileTime
WaitForSingleObject
GetLocaleInfoA
lstrlenA
CreateFileA
DosDateTimeToFileTime
HeapCreate

user32

LoadCursorA
GetSysColorBrush
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
GetDlgItemTextA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
RemovePropA
SendDlgItemMessageA
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
UpdateWindow
GetMenu
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowPos
GetWindowPlacement
GetWindowRect
PtInRect
SystemParametersInfoA
DestroyMenu
UnhookWindowsHookEx
GetSysColor
EndPaint
BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
wsprintfA
GetWindowTextLengthA
GetWindowTextA
GetWindow
SetFocus
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
MessageBoxA
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
SetCursor
PostMessageA
PostQuitMessage
ReleaseDC
GetDC
CopyRect
SetMenuItemBitmaps
GetFocus
GetParent
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
GetMenuItemID
SetWindowLongA
GetMenuItemCount
GetSubMenu
GetDesktopWindow
GetSystemMenu
IsIconic
LoadIconA
DrawIcon
GetClientRect
GetSystemMetrics
IsWindowVisible
EnableWindow
CharUpperA
SendMessageA
GetPropA

gdi32

GetStockObject
GetObjectA
DeleteObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
CreateBitmap
GetDeviceCaps
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
PtVisible

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA

comctl32

InitCommonControlsEx
ImageList_Destroy
ord17

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
UrlUnescapeA
PathIsUNCA

oleaut32

VariantInit
VariantChangeType
VariantClear

urlmon

URLDownloadToFileA

wininet

InternetQueryDataAvailable
InternetCloseHandle
InternetGetLastResponseInfoA
InternetOpenA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetOpenUrlA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
DeleteUrlCacheEntry

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f7d1f8da0368e810da9b033e6d4d48f3

Headers

File Characteristics

Imports

zlib

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

urlmon

wininet

Sections

.text Size: 168KB - Virtual size: 166KB

.rdata Size: 48KB - Virtual size: 44KB

.data Size: 8KB - Virtual size: 22KB

.rsrc Size: 136KB - Virtual size: 136KB

.text
Size: 168KB - Virtual size: 166KB

.rdata
Size: 48KB - Virtual size: 44KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 136KB - Virtual size: 136KB