2023-08-26_16cd8e7d04902f77d3e04afe6d53f2f7_icedid_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

2023-08-26_16cd8e7d04902f77d3e04afe6d53f2f7_icedid_JC.exe
Size

5.0MB
MD5

16cd8e7d04902f77d3e04afe6d53f2f7
SHA1

4be5dc39d7f0784abd810e3b0e49f5a425c50db9
SHA256

efb878261e6491c5ec090d0cc82c62be832ec07bdebe31eb26537db9da28c637
SHA512

43ecf034d89b04fc431bac9097f594e26a74d4836b9d7d41364a7e9bd9af86cbfe29493513764e91a463222527ce3533d21b598f449903edd58d46af338175e7
SSDEEP

49152:9pciIOhvFCl5NmTvlb/N5PRVHDLAp85RDM68+SkEj/Zdo++yEjqk2RYslTYDxP0y:92ijqgBZhzx/vSZ/ZdNYsSPW5O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-26_16cd8e7d04902f77d3e04afe6d53f2f7_icedid_JC.exe

Files

2023-08-26_16cd8e7d04902f77d3e04afe6d53f2f7_icedid_JC.exe
.exe windows:4 windows x86

716e1e3368ef652b9cf4f0545bd36e94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
SetLastError
GetLastError
LoadLibraryA
GetSystemDirectoryA
GetWindowsDirectoryA
InterlockedExchange
CompareStringA
FreeLibrary
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
LoadResource
LockResource
GetModuleFileNameA
SetEnvironmentVariableA
GetStringTypeA
IsValidLocale
EnterCriticalSection
LeaveCriticalSection
GlobalUnlock
GlobalLock
GlobalAlloc
lstrlenA
CloseHandle
WriteFile
ReadFile
GetFileSize
GetFileTime
FindClose
SetFilePointer
GetCurrentThreadId
GetCurrentProcess
UnmapViewOfFile
GetExitCodeProcess
WaitForSingleObject
GetTickCount
LocalFree
Process32Next
Process32First
CreateToolhelp32Snapshot
Sleep
MapViewOfFile
ReleaseMutex
GetCurrentProcessId
GlobalFree
FlushFileBuffers
FileTimeToSystemTime
FileTimeToLocalFileTime
InterlockedDecrement
QueryPerformanceCounter
QueryPerformanceFrequency
DeviceIoControl
GetFileInformationByHandle
GetVolumeInformationA
SetErrorMode
SetEndOfFile
SetEvent
TerminateThread
SetThreadPriority
InterlockedIncrement
ResetEvent
TerminateProcess
WinExec
CreateThread
LocalAlloc
GlobalMemoryStatus
GetVersion
GetTimeZoneInformation
ResumeThread
MulDiv
WaitForMultipleObjects
GetSystemInfo
VirtualFree
DuplicateHandle
VirtualAlloc
GetThreadPriority
GetCurrentThread
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapAlloc
GetProcessHeap
HeapFree
HeapSize
InterlockedCompareExchange
GetVersionExA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetDiskFreeSpaceA
GetLocalTime
HeapReAlloc
IsProcessorFeaturePresent
GlobalSize
GetACP
GetLocaleInfoA
GetThreadLocale
lstrcmpA
SuspendThread
LockFile
UnlockFile
GlobalDeleteAtom
FreeResource
EnumResourceLanguagesW
ConvertDefaultLocale
lstrcmpiA
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
RtlUnwind
ExitProcess
ExitThread
VirtualProtect
VirtualQuery
SetStdHandle
GetFileType
GetStdHandle
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
IsBadWritePtr
LCMapStringA
GetDriveTypeA
GetTimeFormatA
GetDateFormatA
GetOEMCP
IsBadReadPtr
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA

comctl32

ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_Create
ImageList_Destroy
ord17
ImageList_GetIconSize
ImageList_AddMasked
ImageList_GetIcon
ImageList_GetImageCount
ImageList_Draw
ImageList_ReplaceIcon
ImageList_Remove

shlwapi

PathFindExtensionW
StrCmpW
StrCmpIW
PathIsUNCW
PathFindFileNameW
PathStripToRootW

ole32

CoCreateInstance
OleRun
CoFreeUnusedLibraries
CoCreateGuid
StringFromCLSID
CoTaskMemFree
CLSIDFromString
OleFlushClipboard
CoUninitialize
CoGetClassObject
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRegisterClassObject
CoRevokeClassObject
CLSIDFromProgID
CoDisconnectObject
OleUninitialize
CoInitialize
OleInitialize
CoLockObjectExternal
ReleaseStgMedium
FreePropVariantArray
CreateStreamOnHGlobal
CoTaskMemAlloc
StringFromGUID2
DoDragDrop
OleDuplicateData
RegisterDragDrop
RevokeDragDrop
OleIsCurrentClipboard
OleGetClipboard

oleaut32

CreateErrorInfo
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
SysAllocString
SysFreeString
VariantClear
SysAllocStringLen
SafeArrayGetDim
VariantTimeToSystemTime
SystemTimeToVariantTime
VarDateFromStr
SysAllocStringByteLen
SysStringByteLen
LoadTypeLibEx
VarUdateFromDate
SysStringLen
VariantInit
VariantChangeType
RevokeActiveObject
RegisterActiveObject
VariantCopy
SafeArrayDestroy
SafeArrayCreate
SafeArrayPutElement
OleLoadPicture
GetErrorInfo
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize

wininet

InternetOpenW
InternetConnectW
FtpPutFileW
InternetCloseHandle
FtpSetCurrentDirectoryW
FtpCreateDirectoryW
InternetCrackUrlW

advapi32

RegSetValueExA
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCreateKeyExA
RegQueryValueExA
RegCloseKey

user32

IsRectEmpty
SetCapture
ReleaseCapture
UnhookWindowsHookEx
SetWindowRgn
GetCapture
GetTopWindow
InvertRect
SetCaretPos
HideCaret
ShowCaret
DestroyCaret
CreateCaret
GetSystemMenu
GetAsyncKeyState
IsWindowEnabled
UnregisterHotKey
RegisterHotKey
InflateRect
MessageBeep
FrameRect
FillRect
EndPaint
BeginPaint
GetWindowDC
TrackPopupMenu
SetMenuDefaultItem
GetMenuDefaultItem
DrawIconEx
GetWindowPlacement
SetWindowWord
GetWindowWord
GetIconInfo
ShowScrollBar
GetMessagePos
WindowFromDC
ShowCursor
GetActiveWindow
SetActiveWindow
DrawEdge
MonitorFromRect
GetUpdateRect
SetScrollPos
GetScrollInfo
MapWindowPoints
GetQueueStatus
SetFocus
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
ValidateRect
CallNextHookEx
SystemParametersInfoA
IntersectRect
GetDlgCtrlID
SetWindowPlacement
SetScrollInfo
DeferWindowPos
AdjustWindowRectEx
GetMenu
GetScrollRange
SetScrollRange
ScrollWindow
GetMessageTime
GetDlgItem
EndDeferWindowPos
BeginDeferWindowPos
GetLastActivePopup
IsChild
SendDlgItemMessageA
GetSysColorBrush
EndDialog
GetNextDlgTabItem
GetSystemMetrics
MoveWindow
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
PostQuitMessage
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
DestroyMenu
DrawIcon
SetMenu
BringWindowToTop
CreatePopupMenu
ReuseDDElParam
UnpackDDElParam
InvalidateRgn
GetNextDlgGroupItem
SetParent
ScreenToClient
ClientToScreen
keybd_event
GetKeyState
WindowFromPoint
GetWindow
ShowWindow
GetSysColor
SetCursor
DestroyWindow
KillTimer
SetTimer
IsZoomed
CopyRect
SetRectEmpty
SetRect
PtInRect
InvalidateRect
DestroyIcon
GetWindowRect
GetDesktopWindow
EnumThreadWindows
IsIconic
EnumWindows
EnumChildWindows
UpdateWindow
RedrawWindow
GetScrollPos
ExitWindowsEx
GetFocus
IsWindowVisible
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
SetWindowPos
GetParent
IsWindow
GetDC
GetClientRect
ReleaseDC
EqualRect
TranslateMessage
OffsetRect
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetCursorPos
MsgWaitForMultipleObjects

gdi32

RectVisible
PtVisible
GetStockObject
SelectObject
GetClipBox
GetWindowExtEx
Escape
GetRgnBox
GetTextColor
Ellipse
LPtoDP
CreateEllipticRgn
DPtoLP
GetMapMode
CreateRectRgnIndirect
CreateBitmap
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
CreateSolidBrush
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetViewportExtEx
SelectClipRgn
SetMapMode
RestoreDC
SaveDC
GetDCOrgEx
SetPixel
GetPixel
StretchBlt
CreatePolyPolygonRgn
Rectangle
Polygon
GetCurrentObject
PtInRegion
GetBkColor
CreateCompatibleBitmap
SetTextColor
SetBkColor
StartPage
EndPage
EndDoc
SetBkMode
MoveToEx
LineTo
CreatePen
GetDeviceCaps
DeleteDC
CreateCompatibleDC
OffsetRgn
RectInRegion
CombineRgn
CreateRectRgn
BitBlt
DeleteObject

shell32

SHGetMalloc
DragAcceptFiles
SHGetDesktopFolder
DragFinish
SHGetSpecialFolderLocation

comdlg32

CommDlgExtendedError

winmm

mixerOpen
timeSetEvent
timeEndPeriod
timeBeginPeriod
timeKillEvent
mixerGetNumDevs
mciSendCommandA
mixerClose
waveInGetNumDevs
waveInOpen
mixerGetID
waveInClose
mixerSetControlDetails

winspool.drv

ClosePrinter

sensapi

IsNetworkAlive

Sections

.text
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 952KB - Virtual size: 949KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

716e1e3368ef652b9cf4f0545bd36e94

Headers

File Characteristics

Imports

kernel32

comctl32

shlwapi

ole32

oleaut32

wininet

advapi32

user32

gdi32

shell32

comdlg32

winmm

winspool.drv

sensapi

Sections

.text Size: 3.8MB - Virtual size: 3.8MB

.rdata Size: 952KB - Virtual size: 949KB

.data Size: 56KB - Virtual size: 106KB

.rsrc Size: 172KB - Virtual size: 168KB

.text
Size: 3.8MB - Virtual size: 3.8MB

.rdata
Size: 952KB - Virtual size: 949KB

.data
Size: 56KB - Virtual size: 106KB

.rsrc
Size: 172KB - Virtual size: 168KB