2023-08-26_30d2a927822326f911f55d5a52a0390e_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-26_30d2a927822326f911f55d5a52a0390e_icedid_JC.exe
Size

1.3MB
MD5

30d2a927822326f911f55d5a52a0390e
SHA1

c78b5af457f7449e10e27544be1de22e8a35f996
SHA256

07dd151500b8eee6ddd6ad9aa15c0a5649f2829e5c91dfbb146045a7acc4a701
SHA512

a217cb1fdf67b526f2dfcc7a8f946e703d13e19428a0487405af761b8337a76bbb67d97183a9c6d26a2f1f764ab0e03b388b5781e7fa2a3f9960b30509b6d6b7
SSDEEP

12288:W25DVr1+aOY4OE+s7R6gewBM2bbdZZbZdZLpcOIwTXx6b6WVkapiUZoN9qoVs:WAr1+l13+yZewu2zXsbzeapiUZoNs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-26_30d2a927822326f911f55d5a52a0390e_icedid_JC.exe

Files

2023-08-26_30d2a927822326f911f55d5a52a0390e_icedid_JC.exe
.exe windows:4 windows x86

3931dd25206de49023af420e072d4719

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACleanup
gethostbyname
inet_ntoa
WSAStartup

kernel32

TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
GetTickCount
RtlUnwind
GetSystemTimeAsFileTime
ExitProcess
HeapFree
GetExitCodeProcess
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapReAlloc
ExitThread
CreateThread
HeapSize
TlsAlloc
GetFileType
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetTimeZoneInformation
GetDriveTypeA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
TlsGetValue
GlobalHandle
GlobalReAlloc
InterlockedIncrement
GetFileTime
SetErrorMode
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
InterlockedDecrement
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
FormatMessageA
LocalFree
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
MulDiv
SetLastError
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcatA
lstrcmpW
GetModuleHandleA
GlobalAlloc
GlobalLock
GlobalFree
GlobalUnlock
LoadLibraryA
GetProcAddress
GetModuleFileNameA
GetFullPathNameA
GetVolumeInformationA
lstrcpyA
lstrcpynA
GetCurrentProcess
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
SetEndOfFile
GetSystemTime
SystemTimeToFileTime
FileTimeToDosDateTime
MoveFileExA
WriteFile
ReadFile
GetFileSize
SetFilePointer
CreateFileA
FindFirstFileA
FindNextFileA
FindClose
RemoveDirectoryA
CreateDirectoryA
CompareStringW
CompareStringA
lstrlenA
lstrlenW
lstrcmpiA
GetVersion
GetLastError
MultiByteToWideChar
Sleep
GetTempPathA
CopyFileA
DeleteFileA
GetDiskFreeSpaceExA
LeaveCriticalSection
EnterCriticalSection
SetFileAttributesA
GetCurrentDirectoryA
GetFileAttributesA
CreateProcessA
GetCurrentProcessId
CreateToolhelp32Snapshot
Process32First
CloseHandle
OpenProcess
TerminateProcess
Process32Next
DeleteCriticalSection
InitializeCriticalSection
RaiseException
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
SetStdHandle

user32

InflateRect
SetWindowContextHelpId
MapDialogRect
CharNextA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorA
InvalidateRgn
CopyAcceleratorTableA
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
ReleaseCapture
SetCapture
SetWindowRgn
DrawIcon
FindWindowA
GetMessageA
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
ShowOwnedPopups
SetCursor
PostQuitMessage
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
FillRect
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
PostThreadMessageA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
GetParent
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoA
GetDlgCtrlID
CallWindowProcA
SetWindowLongA
OffsetRect
IntersectRect
IsIconic
GetWindowPlacement
CopyRect
MessageBeep
GetNextDlgGroupItem
RegisterClipboardFormatA
PtInRect
GetWindow
IsWindow
GetClientRect
GetSystemMetrics
CharUpperA
MessageBoxA
GetDC
ReleaseDC
GetSysColorBrush
WinHelpA
GetMenuItemInfoA
wsprintfA
GetWindowLongA
GetMenu
AdjustWindowRectEx
SetWindowPos
SystemParametersInfoA
InvalidateRect
UnregisterClassA
BeginPaint
DrawTextA
EndPaint
KillTimer
SetTimer
DefWindowProcA
RegisterClassA
LoadIconA
LoadCursorA
UpdateWindow
EnableWindow
GetWindowRect
SendMessageA
PostMessageA
LoadBitmapA
SetRect
GetPropA
IsRectEmpty

gdi32

CreateSolidBrush
CreateEllipticRgn
LPtoDP
Escape
Ellipse
CreateRectRgnIndirect
GetRgnBox
CreateCompatibleBitmap
GetBkColor
GetTextColor
CreateFontIndirectA
GetTextExtentPoint32A
GetMapMode
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
CreateCompatibleDC
SelectObject
BitBlt
DeleteObject
DeleteDC
SetMapMode
RestoreDC
SaveDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetBkMode
SetBkMode
GetStockObject
SetViewportOrgEx

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCloseKey

shell32

ShellExecuteA
DragFinish
DragQueryFileA

comctl32

ord17
ImageList_Destroy
ImageList_Draw
ImageList_GetImageInfo

shlwapi

PathIsUNCA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA

oledlg

ord8

ole32

CoGetClassObject
CoTaskMemAlloc
OleUninitialize
StgOpenStorageOnILockBytes
CoTaskMemFree
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter

oleaut32

OleCreateFontIndirect
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
LoadRegTypeLi
SysAllocString
DispCallFunc
VariantCopy
SysAllocStringByteLen
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysStringLen
SysFreeString

wininet

InternetQueryDataAvailable
FtpSetCurrentDirectoryA
FtpGetCurrentDirectoryA
InternetFindNextFileA
InternetGetLastResponseInfoA
InternetOpenA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
FtpOpenFileA
FtpFindFirstFileA
InternetConnectA
InternetCloseHandle

Sections

.text
Size: 320KB - Virtual size: 317KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 900KB - Virtual size: 899KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3931dd25206de49023af420e072d4719

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

Sections

.text Size: 320KB - Virtual size: 317KB

.rdata Size: 84KB - Virtual size: 81KB

.data Size: 16KB - Virtual size: 33KB

.rsrc Size: 900KB - Virtual size: 899KB

.text
Size: 320KB - Virtual size: 317KB

.rdata
Size: 84KB - Virtual size: 81KB

.data
Size: 16KB - Virtual size: 33KB

.rsrc
Size: 900KB - Virtual size: 899KB