2023-08-25_e155b1aca5cc30d914f3aaaeacaca5d4_icedid_silence_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-25_e155b1aca5cc30d914f3aaaeacaca5d4_icedid_silence_JC.exe
Size

4.2MB
MD5

e155b1aca5cc30d914f3aaaeacaca5d4
SHA1

4327aaf1c0a7dc0a8f8ae026d54bc792fd3ecc23
SHA256

15df46e76b084b88cdd4aa1ce641000fa46786becf7ccb01f3e0f558f0d57306
SHA512

d0c7a342b1464d6cecd8511e8c096831f1c209de171ab3ee47b2880a0de008a1b5ec0f5e9d88bb631324a11c0e6fc410cc3d0801853398b618884ba527492910
SSDEEP

98304:RTn8gVVM3Df6OJpZJd40LHAs+WkHbczFLOAkGkzdnEVomFHKnPF:ha3TxD7As+WkHbSFLOyomFHKnPF

Score

1^/10

Malware Config

Signatures

Files

2023-08-25_e155b1aca5cc30d914f3aaaeacaca5d4_icedid_silence_JC.exe
.exe windows:5 windows x86

82cc2fc7120c7a82a9c7da5a0143fc86

Code Sign

da:db:cc:8f:90:c3:1d:38:cb:28:28:e3:ca:61:cc:51
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/04/2015, 00:00

Not After

23/04/2018, 23:59

Subject

CN=Voicent Communications\, Inc,O=Voicent Communications\, Inc,POSTALCODE=94043,STREET=2672 Bayshore Parkway STE 915,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ff:57:31:b2:bf:88:cb:e3:2c:50:da:f4:c3:63:82:dd:a0:4a:21:cb
Signer

Actual PE Digest

ff:57:31:b2:bf:88:cb:e3:2c:50:da:f4:c3:63:82:dd:a0:4a:21:cb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointerEx
GetDateFormatW
GetTimeFormatW
LCMapStringW
SetUnhandledExceptionFilter
GetConsoleMode
WriteConsoleW
CreateFileW
lstrlenA
ReadConsoleW
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetConsoleCP
OutputDebugStringW
TerminateProcess
QueryPerformanceCounter
GetStartupInfoW
GetStdHandle
GetStringTypeW
IsValidCodePage
GetFileType
SetStdHandle
HeapQueryInformation
HeapSize
AreFileApisANSI
GetModuleHandleExW
ExitProcess
HeapReAlloc
ExitThread
CreateThread
GetTimeZoneInformation
IsProcessorFeaturePresent
IsDebuggerPresent
RaiseException
SetEnvironmentVariableA
VirtualQuery
VirtualAlloc
GetSystemInfo
GetSystemTimeAsFileTime
GetCommandLineA
RtlUnwind
GetWindowsDirectoryA
SetErrorMode
GetTempPathA
GetProfileIntA
SearchPathA
LocalFileTimeToFileTime
GetFileSizeEx
GetFileAttributesExA
FindResourceExW
GetCPInfo
GetOEMCP
GetSystemDefaultUILanguage
CompareStringW
LocalReAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetACP
GlobalFlags
GetCurrentDirectoryA
GetStringTypeExA
GetThreadLocale
GetVolumeInformationA
lstrcmpiA
GetShortPathNameA
LoadLibraryExA
DuplicateHandle
WriteFile
UnlockFile
SetEndOfFile
LockFile
FlushFileBuffers
VerifyVersionInfoA
VerSetConditionMask
LocalAlloc
lstrcpyA
SystemTimeToFileTime
ReplaceFileA
GetTempFileNameA
SetFileTime
GetDiskFreeSpaceA
GetTickCount
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
InterlockedExchange
ResumeThread
SetThreadPriority
VirtualProtect
MulDiv
LocalFree
GlobalSize
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetSystemDirectoryW
DecodePointer
EncodePointer
FindResourceA
LoadLibraryW
GetModuleHandleW
GetModuleFileNameW
FreeResource
GetVersion
OutputDebugStringA
GetFileAttributesW
CreateEventA
ResetEvent
SetEvent
GetExitCodeThread
TerminateThread
GetUserDefaultUILanguage
GetLocaleInfoW
SetLastError
GetCurrentProcessId
OpenProcess
GetVersionExA
MoveFileA
CopyFileA
DeleteFileA
GetSystemDirectoryA
CreateProcessA
GetModuleHandleA
SetFilePointer
WaitForMultipleObjects
GetCurrentThreadId
GetProcessHeap
HeapFree
HeapAlloc
FindNextFileA
GetFileAttributesA
GetFullPathNameA
lstrcmpA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
GlobalUnlock
GlobalLock
GetCurrentProcess
SetProcessWorkingSetSize
GetComputerNameA
GetModuleFileNameA
WaitForSingleObject
LockResource
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetLongPathNameA
MultiByteToWideChar
FindFirstFileA
CreateFileA
CreateDirectoryA
FormatMessageA
CloseHandle
FindClose
ReadFile
GetFileSize
Sleep
GetLastError
LoadLibraryA
GetProcAddress
ExpandEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
GlobalFree
GlobalReAlloc
GlobalAlloc
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
FindResourceW
SizeofResource
LoadResource

user32

SetRectEmpty
MonitorFromPoint
SetWindowRgn
WaitMessage
MessageBeep
IsZoomed
RegisterClipboardFormatA
ShowOwnedPopups
PostQuitMessage
TranslateMessage
GetMessageA
MapDialogRect
GetAsyncKeyState
MapVirtualKeyA
GetKeyNameTextA
SystemParametersInfoA
InflateRect
GetMenuItemInfoA
DestroyMenu
FillRect
EndPaint
BeginPaint
GetWindowDC
RemoveMenu
InsertMenuA
GetMenuState
GetMenuStringA
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
SetDlgItemTextA
MoveWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetLastActivePopup
GetTopWindow
GetClassLongA
SetWindowLongA
PtInRect
MapWindowPoints
ScreenToClient
MessageBoxA
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
GetScrollRange
SetScrollRange
ScrollWindow
ValidateRect
GetForegroundWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
SetMenu
GetMenu
GetCapture
GetKeyState
GetDlgCtrlID
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
WindowFromPoint
SetWindowPlacement
GetWindowPlacement
IsChild
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
PeekMessageA
DispatchMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
GetFocus
GetWindow
GetScrollPos
SetScrollPos
SetFocus
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
LoadCursorW
LoadCursorA
SetCursor
GetWindowRgn
MapVirtualKeyExA
IsCharLowerA
EnableWindow
CreatePopupMenu
DrawFrameControl
GetWindowThreadProcessId
EnumWindows
SetForegroundWindow
ShowWindow
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
GetClassNameA
GetWindowLongA
GetWindowTextLengthA
GetWindowTextA
EnableMenuItem
GetSystemMenu
DrawMenuBar
KillTimer
SetTimer
GetDesktopWindow
EqualRect
RegisterWindowMessageA
GetParent
BringWindowToTop
OffsetRect
GetWindowRect
IsWindow
CopyRect
GetSysColor
ClientToScreen
ShowScrollBar
RedrawWindow
ReleaseDC
GetDC
ModifyMenuA
GetSubMenu
SetRect
IsIconic
InvalidateRect
DestroyCursor
ReleaseCapture
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
IntersectRect
DestroyIcon
LoadImageA
UnpackDDElParam
ReuseDDElParam
IsRectEmpty
LoadMenuW
GetSystemMetrics
TrackMouseEvent
CharUpperA
SetCapture
DeleteMenu
NotifyWinEvent
IsMenu
DestroyAcceleratorTable
DrawEdge
SetWindowContextHelpId
DrawStateA
BeginDeferWindowPos
GetSysColorBrush
AppendMenuA
GetCursorPos
SendMessageA
GetClientRect
UpdateWindow
PostMessageA
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
InvertRect
DrawFocusRect
HideCaret
GetComboBoxInfo
GetUpdateRect
SubtractRect
GetDoubleClickTime
GetNextDlgGroupItem
InvalidateRgn
CharNextA
CopyIcon
SetCursorPos
CharUpperBuffA
IsClipboardFormatAvailable
CreateMenu
GetTabbedTextExtentW
EnumChildWindows
CopyAcceleratorTableA
CreateAcceleratorTableA
ToAsciiEx
GetKeyboardState
GetKeyboardLayout
LoadImageW
PostThreadMessageA
LoadAcceleratorsW
UnregisterClassA
RealChildWindowFromPoint
SetMenuDefaultItem
GetMenuDefaultItem
UpdateLayeredWindow
FrameRect
EnableScrollBar
UnionRect
GetIconInfo
CopyImage
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
SetClassLongA
DrawIcon
EnumDisplayMonitors
SetLayeredWindowAttributes
SetParent
LockWindowUpdate
DrawIconEx
SetWindowPos

gdi32

GetCurrentPositionEx
GetObjectType
GetPixel
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
StartDocA
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
CreateRoundRectRgn
EndDoc
GetClipBox
EndPage
AbortDoc
SetAbortProc
GetViewportOrgEx
Rectangle
GetTextColor
CombineRgn
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateDIBSection
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
RoundRect
SetRectRgn
EnumFontFamiliesExA
SetPixel
StretchBlt
SetDIBColorTable
GetRgnBox
OffsetRgn
GetROP2
GetBkMode
GetCharWidthA
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextExtentPointA
GetTextExtentPoint32W
GetWindowOrgEx
GetTextFaceA
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
SetPixelV
ExcludeClipRect
DeleteObject
DeleteDC
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CopyMetaFileA
SetTextColor
SetBkColor
CreateFontA
LPtoDP
DPtoLP
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetMapMode
GetBkColor
Escape
CreateSolidBrush
GetObjectA
GetTextMetricsA
StretchDIBits
SelectPalette
RealizePalette
GetTextExtentPoint32A
GetStockObject
GetDIBits
GetDeviceCaps
CreateFontIndirectA
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
StartPage
CreateDCA
BitBlt

msimg32

AlphaBlend
TransparentBlt

winspool.drv

GetJobA
ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

GetUserNameA
RegQueryValueExA
RegOpenKeyExA
EqualSid
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExW
RegDeleteValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegSetValueA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
LookupAccountNameA
GetFileSecurityA
SetFileSecurityA
GetSecurityDescriptorDacl
SetSecurityDescriptorDacl
GetSecurityDescriptorControl
InitializeSecurityDescriptor
AddAccessAllowedAce
GetAce
AddAce
GetAclInformation
InitializeAcl
GetLengthSid
AllocateAndInitializeSid

shell32

ExtractIconA
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetFolderPathA
SHBrowseForFolderA
DragQueryFileA
DragFinish
SHGetDesktopFolder
SHGetMalloc
DragAcceptFiles
SHAddToRecentDocs
SHGetFileInfoA
SHAppBarMessage

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathRemoveExtensionA
PathRemoveFileSpecW
UrlUnescapeA
PathIsUNCA
PathStripToRootA
PathFindExtensionA
StrFormatKBSizeA

uxtheme

DrawThemeText
GetWindowTheme
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeSysColor
DrawThemeParentBackground
GetCurrentThemeName
GetThemeColor
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CreateStreamOnHGlobal
CoTaskMemAlloc
CoTaskMemFree
StringFromCLSID
OleDuplicateData
ReleaseStgMedium
CoInitializeEx
CoCreateGuid
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CLSIDFromString
CLSIDFromProgID
OleDraw
CoDisconnectObject
CoGetClassObject
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleGetClipboard
DoDragDrop
OleLockRunning
StgOpenStorageOnILockBytes
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal

oleaut32

SysAllocString
SafeArrayCreate
SafeArrayDestroy
SafeArrayAccessData
SafeArrayUnaccessData
VariantInit
VarBstrFromDate
VariantChangeType
SysAllocStringByteLen
SysStringLen
VariantCopy
LoadTypeLi
VariantClear
VarDateFromStr
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
SafeArrayGetLBound
OleCreateFontIndirect
SysFreeString
SysAllocStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime

oledlg

ord8

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdiplusShutdown

wsock32

WSASetLastError
WSACleanup
WSAStartup
inet_addr
gethostbyname
gethostname
ioctlsocket
closesocket
htons
connect
send
recv

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

mmioOpenA
mmioRead
mmioSeek
mmioGetInfo
PlaySoundA
mixerSetControlDetails
mixerGetControlDetailsA
mixerGetLineControlsA
mixerGetLineInfoA
mixerClose
mixerOpen
waveInStart
waveInAddBuffer
waveInPrepareHeader
waveInOpen
waveInGetDevCapsA
waveInGetNumDevs
waveOutWrite
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutClose
mmioSetInfo
mmioAdvance
waveOutOpen
waveOutGetErrorTextA
waveOutSetVolume
waveOutGetDevCapsA
waveOutGetNumDevs
mmioCreateChunk
mmioWrite
mmioAscend
mmioDescend
mmioClose

iphlpapi

IcmpCreateFile
IcmpSendEcho

ws2_32

WSAEnumNetworkEvents
WSASocketA
WSAEventSelect
WSACreateEvent

wininet

HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetSetStatusCallback
InternetGetLastResponseInfoA
InternetSetOptionExA
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetConnectA
InternetCloseHandle
InternetOpenA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetQueryOptionA
HttpSendRequestExA
HttpEndRequestA
HttpQueryInfoA

psapi

EnumProcesses
GetModuleFileNameExA
EnumProcessModules

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 549KB - Virtual size: 548KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

82cc2fc7120c7a82a9c7da5a0143fc86

Code Sign

da:db:cc:8f:90:c3:1d:38:cb:28:28:e3:ca:61:cc:51Certificate

Extended Key Usages

Key Usages

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

ff:57:31:b2:bf:88:cb:e3:2c:50:da:f4:c3:63:82:dd:a0:4a:21:cbSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

wsock32

oleacc

imm32

winmm

iphlpapi

ws2_32

wininet

psapi

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 549KB - Virtual size: 548KB

.data Size: 34KB - Virtual size: 72KB

.rsrc Size: 1.7MB - Virtual size: 1.7MB

da:db:cc:8f:90:c3:1d:38:cb:28:28:e3:ca:61:cc:51
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

ff:57:31:b2:bf:88:cb:e3:2c:50:da:f4:c3:63:82:dd:a0:4a:21:cb
Signer

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 549KB - Virtual size: 548KB

.data
Size: 34KB - Virtual size: 72KB

.rsrc
Size: 1.7MB - Virtual size: 1.7MB