2023-08-25_926df749654e2981096649b87227db85_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-25_926df749654e2981096649b87227db85_icedid_JC.exe
Size

328KB
MD5

926df749654e2981096649b87227db85
SHA1

4734b63f378fec20d2ae817e2301f3dc5c340e43
SHA256

a1bb3e524df7c4bf8e5f563474f36aae809ce79b1d1451d38cd5472377db8e59
SHA512

e2d7c9a72ad2a2f6df166e85d8ae45c22c48315161cd4ab8798b43a0b60717d82b5d5219dfac7bf6a915847e659676faa984a7a9c608ce7fd5ac458cd82d4b01
SSDEEP

6144:7K9uOpiwjTzwN9yLUetK4ppBqWfbGJN5QGuWja38dgN:u9lwN10zppBqWfiFuWGN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-25_926df749654e2981096649b87227db85_icedid_JC.exe

Files

2023-08-25_926df749654e2981096649b87227db85_icedid_JC.exe
.exe windows:4 windows x86

55724cc24ab80591b7362eb09ae93531

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
InterlockedExchange
LoadLibraryA
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
CompareStringA
FreeLibrary
CreateToolhelp32Snapshot
OpenProcess
TerminateProcess
Process32FirstW
Process32NextW
GetCurrentProcess
Sleep
WaitForSingleObject
GetExitCodeProcess
GetLastError
GetFileSize
ReadFile
CloseHandle
LoadResource
LockResource
SizeofResource
GetConsoleOutputCP
WriteConsoleA
FreeResource
GlobalFree
GlobalUnlock
GlobalLock
MulDiv
LocalFree
GlobalAlloc
GetVersionExA
GlobalDeleteAtom
GetCurrentThreadId
lstrcmpA
lstrlenA
GetCurrentProcessId
InterlockedDecrement
SetThreadPriority
ResumeThread
SetEvent
SuspendThread
EnumResourceLanguagesW
GetVersion
ConvertDefaultLocale
GetCurrentThread
GlobalFlags
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
GetThreadLocale
WriteFile
SetFilePointer
FlushFileBuffers
SetErrorMode
HeapFree
HeapAlloc
GetProcessHeap
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
RaiseException
HeapReAlloc
ExitThread
CreateThread
ExitProcess
HeapSize
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetACP
GetOEMCP
VirtualAlloc
SetEnvironmentVariableA
LCMapStringA
GetStringTypeA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
SetStdHandle
CreateFileA

advapi32

OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCloseKey

user32

MapWindowPoints
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
GetTopWindow
GetLastActivePopup
GetForegroundWindow
SetFocus
GetFocus
CallNextHookEx
GetCapture
SendDlgItemMessageA
CheckMenuItem
EnableMenuItem
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ShowWindow
FillRect
DrawFocusRect
GetWindowThreadProcessId
GetDC
ReleaseDC
ValidateRect
GetKeyState
TranslateMessage
ClientToScreen
BeginPaint
EndPaint
SetCursor
GetSysColorBrush
DestroyMenu
UnregisterClassA
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
GetSystemMetrics
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetParent
SetTimer
KillTimer
GetSysColor
IsRectEmpty
InflateRect
GetClientRect
InvalidateRect
ExitWindowsEx
PostQuitMessage
GetNextDlgTabItem
EndDialog
GetCursorPos

gdi32

SelectObject
SaveDC
RestoreDC
DeleteObject
SetMapMode
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetStockObject
CreatePen
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
Rectangle
BitBlt
DeleteDC
GetDeviceCaps
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
RectVisible
PtVisible

comctl32

ord17

shlwapi

PathFindExtensionW
PathFindFileNameW

oleaut32

SysAllocStringLen
VariantClear
VariantChangeType
VariantInit

urlmon

URLDownloadToFileW

winspool.drv

ClosePrinter

Sections

.text
Size: 224KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55724cc24ab80591b7362eb09ae93531

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

comctl32

shlwapi

oleaut32

urlmon

winspool.drv

Sections

.text Size: 224KB - Virtual size: 221KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 12KB - Virtual size: 26KB

.rsrc Size: 32KB - Virtual size: 30KB

.text
Size: 224KB - Virtual size: 221KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 32KB - Virtual size: 30KB