2023-08-25_aff97077dd26d81ab34a3522d9e123a9_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-25_aff97077dd26d81ab34a3522d9e123a9_icedid_JC.exe
Size

3.8MB
MD5

aff97077dd26d81ab34a3522d9e123a9
SHA1

5617ac866a2dc32ce9a5861d35692ce92face60b
SHA256

4fc84eeee2fd1ed03b90e0dd3b95b6e362d165381b71b0b4c8e6bdb9eaf18478
SHA512

4a0cfb804ba0fa6d52ea5d7d7141aeed7f90e41735a420cdb387e9298efd00e6ef97126b6684d16a69490f1aa92a3ff1314645db2e75ebdfe60808ac7683aa3d
SSDEEP

98304:xM7gVfCruxaTjD+HEzTSqQfZVtPA+soOKtlDdf:y7gl8tTjSH62v7A+4UF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-25_aff97077dd26d81ab34a3522d9e123a9_icedid_JC.exe

Files

2023-08-25_aff97077dd26d81ab34a3522d9e123a9_icedid_JC.exe
.exe windows:4 windows x86

2bbf328b8ae0f34b14a7da3e8e0757f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
GetCPInfo
GetOEMCP
SetErrorMode
WritePrivateProfileStringA
GetTickCount
HeapReAlloc
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapFree
GetCommandLineA
GetProcessHeap
GetStartupInfoA
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
SetEnvironmentVariableA
SetCurrentDirectoryA
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsFree
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
GetACP
IsValidCodePage
Sleep
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
LCMapStringA
LCMapStringW
GetTimeZoneInformation
SetStdHandle
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalFlags
GetFileTime
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
InterlockedDecrement
GetModuleFileNameW
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WriteFile
GetThreadLocale
GetCurrentProcessId
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
LoadLibraryA
SetLastError
lstrcmpW
GetModuleHandleA
GetProcAddress
GetVersionExA
FreeResource
GetCurrentDirectoryA
GetDriveTypeA
GetFileAttributesA
SetFileAttributesA
GetFileSize
FormatMessageA
LocalFree
CreateFileA
CreateDirectoryA
SetFilePointer
GetModuleFileNameA
ReadFile
CompareStringW
MultiByteToWideChar
GetVersion
CompareStringA
GetLastError
lstrlenA
InterlockedExchange
SizeofResource
LoadResource
FindResourceA
CloseHandle
GetTempFileNameA
MulDiv
WideCharToMultiByte
WaitForSingleObject
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetTempPathA
LockResource
DeleteFileA
CreateProcessA

user32

PostThreadMessageA
IsRectEmpty
CopyAcceleratorTableA
CharNextA
UnregisterClassA
DestroyMenu
LoadCursorA
GetSysColorBrush
SetCursor
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
LoadIconA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
PostMessageA
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
SendMessageA
GetClientRect
GetWindowRect
GetDC
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
RegisterClipboardFormatA
MessageBeep
GetNextDlgGroupItem
GetWindowPlacement
GetDesktopWindow
ReleaseCapture
SetCapture
InvalidateRgn
InvalidateRect
SendDlgItemMessageA
SetRect
ReleaseDC
EnableWindow
CopyRect
IsWindow
SetRectEmpty
CharUpperA
RegisterWindowMessageA
OemToCharBuffA
CharToOemBuffA
SetFocus
GetWindowLongA
GetWindow
GetParent
GetWindowTextA
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
GetFocus
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EndDialog
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
DestroyWindow
CreateDialogIndirectParamA
GetSystemMetrics
SetActiveWindow
GetActiveWindow
GetWindowThreadProcessId

gdi32

GetStockObject
DeleteDC
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
Escape
SetViewportOrgEx
GetDeviceCaps
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
SetStretchBltMode
SelectObject

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegEnumKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyExA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueExA
RegCloseKey

shell32

SHFileOperationA

comctl32

InitCommonControlsEx

shlwapi

PathIsUNCA
PathFindExtensionA
PathStripToRootA
PathFindFileNameA

oledlg

ord8

ole32

CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CLSIDFromProgID

oleaut32

OleLoadPicture
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
SysFreeString
SysAllocStringByteLen
VariantCopy
SafeArrayDestroy
OleCreateFontIndirect
SysAllocString

Sections

.text
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2bbf328b8ae0f34b14a7da3e8e0757f3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 264KB - Virtual size: 263KB

.rdata Size: 72KB - Virtual size: 70KB

.data Size: 12KB - Virtual size: 26KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 264KB - Virtual size: 263KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB