2023-08-25_55b1350c80476151024717e5ab274f2c_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-25_55b1350c80476151024717e5ab274f2c_icedid_JC.exe
Size

3.8MB
MD5

55b1350c80476151024717e5ab274f2c
SHA1

29e4803d63fa1d3f04b9a41bc36598fc4fc8a3c0
SHA256

a3a6dbf1954f8b5250d09c61ad55c6d1d97270f4223a3b7678c6dced8b903e3d
SHA512

887d23069e2a290d765ea7cac27c0ed07facdcc0790af1ec888550a910f30345db78a80722e5d041119324f101fd2c2540837d448ceef67b01dd8f0141c34d12
SSDEEP

98304:AAE7GL2dOXVpGd2eV26UMPmV+c4WBykETppG7iz:QGSorGceVHu0cHE9G8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-25_55b1350c80476151024717e5ab274f2c_icedid_JC.exe

Files

2023-08-25_55b1350c80476151024717e5ab274f2c_icedid_JC.exe
.exe windows:5 windows x86

300d93fbe19d1c12b761c857f4e3a6b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

wininet

InternetOpenUrlW
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetQueryDataAvailable
InternetSetOptionExW
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetReadFile
InternetOpenW
GetUrlCacheEntryInfoW
DeleteUrlCacheEntryW
InternetConnectW
HttpSendRequestW
HttpAddRequestHeadersW
HttpQueryInfoW
HttpOpenRequestW
InternetCloseHandle

psapi

GetModuleBaseNameW
EnumProcessModules
GetModuleFileNameExW
EnumProcesses

kernel32

CreateFileMappingA
CreateFileMappingW
GetDiskFreeSpaceA
GetSystemInfo
GetFileAttributesExW
DeleteCriticalSection
GetCurrentThreadId
OutputDebugStringA
GetVersionExA
GetCurrentProcessId
GetTempPathA
LocalFree
GetSystemTime
AreFileApisANSI
DeleteFileA
SetFileTime
GetCurrentDirectoryW
LocalFileTimeToFileTime
GetModuleHandleW
FileTimeToSystemTime
GetSystemDirectoryW
ResumeThread
SetEvent
CreateEventW
ExitThread
WaitForMultipleObjects
GetDriveTypeW
SetVolumeLabelW
MoveFileW
ReleaseSemaphore
CreateSemaphoreW
lstrcmpW
InterlockedExchange
CompareStringA
GetLocaleInfoW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
GlobalDeleteAtom
SetLastError
GlobalAddAtomW
FileTimeToLocalFileTime
LocalAlloc
InterlockedDecrement
MulDiv
LockFileEx
GetThreadLocale
DuplicateHandle
GetVolumeInformationW
GetModuleHandleA
CompareStringW
GlobalFindAtomW
GlobalFlags
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
GetFileSizeEx
GetFileTime
SetErrorMode
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
CreateThread
GetConsoleCP
GetConsoleMode
GetFileType
SetStdHandle
RtlUnwind
RaiseException
VirtualProtect
VirtualAlloc
VirtualQuery
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
VirtualFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
LCMapStringA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetEnvironmentVariableA
GetCurrentDirectoryA
GetDriveTypeA
HeapSize
GetTempPathW
FlushFileBuffers
HeapValidate
HeapCreate
GetFileAttributesA
LeaveCriticalSection
HeapDestroy
FormatMessageW
InitializeCriticalSection
FormatMessageA
GetProcessHeap
UnlockFileEx
OutputDebugStringW
WaitForSingleObjectEx
LockFile
FlushViewOfFile
UnlockFile
InterlockedCompareExchange
HeapFree
QueryPerformanceCounter
SystemTimeToFileTime
HeapAlloc
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
TryEnterCriticalSection
SetFilePointer
HeapCompact
CreateMutexW
CreateFileA
HeapReAlloc
GetFullPathNameA
GetFullPathNameW
GetStdHandle
GetCurrentProcess
FreeLibrary
FindNextFileW
GetExitCodeProcess
FindClose
FindFirstFileW
CreatePipe
GetProcAddress
GetStartupInfoW
LoadLibraryW
CreateProcessW
lstrlenA
GetDiskFreeSpaceExW
GetShortPathNameW
RemoveDirectoryW
TerminateProcess
GetVersionExW
OpenProcess
WaitForSingleObject
GlobalFree
GetLastError
CreateDirectoryA
CreateToolhelp32Snapshot
UpdateResourceW
Process32NextW
Process32FirstW
BeginUpdateResourceW
lstrlenW
ReadFile
WideCharToMultiByte
EndUpdateResourceW
GetFileSize
Sleep
WriteFile
CreateDirectoryW
DeleteFileW
CloseHandle
WritePrivateProfileStringW
CreateFileW
CopyFileW
GetPrivateProfileStringW
FreeResource
LockResource
GlobalUnlock
MultiByteToWideChar
GetModuleFileNameW
SizeofResource
GlobalAlloc
GetTickCount
GlobalLock
LoadResource
FindResourceW
SetFileAttributesW
GetFileAttributesW
GetSystemTimeAsFileTime
GetDiskFreeSpaceW
EnterCriticalSection

user32

GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
SetActiveWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
SetMenu
SetForegroundWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
GetMenu
OffsetRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetWindowTextLengthW
GetWindowTextW
ShowWindow
MoveWindow
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
SendDlgItemMessageW
GetDlgItem
RegisterClipboardFormatW
GetMenuItemID
GetMenuItemCount
GetSubMenu
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
ValidateRect
GetWindow
SetWindowContextHelpId
SetWindowPos
GetLastActivePopup
IsWindowEnabled
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
IsRectEmpty
IntersectRect
SetRectEmpty
CopyRect
SetCursor
SetCapture
SetFocus
GetWindowLongW
SetWindowLongW
ReleaseCapture
CallWindowProcW
DefWindowProcW
DestroyMenu
PostThreadMessageW
UnregisterClassW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
PtInRect
SetRect
CharNextW
GetSysColorBrush
CreateDialogIndirectParamW
GetNextDlgTabItem
CharUpperW
EndDialog
IsWindow
GetWindowThreadProcessId
GetDesktopWindow
SetWindowRgn
SetTimer
ScreenToClient
PostMessageW
KillTimer
LoadCursorW
GetCursorPos
GetSystemMetrics
SendMessageW
GetClientRect
wsprintfW
InvalidateRect
GetSysColor
EnableWindow
GetIconInfo
GetDC
MessageBoxW
UpdateWindow
LoadIconW
SendDlgItemMessageA
WinHelpW
IsChild
MapDialogRect
MapWindowPoints

gdi32

RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
GetDeviceCaps
CreateFontIndirectW
GetMapMode
DPtoLP
GetBkColor
GetTextColor
GetRgnBox
GetViewportExtEx
CreateBitmap
SelectClipRgn
CreateRectRgnIndirect
GetClipBox
ExtSelectClipRgn
PtVisible
CreateRoundRectRgn
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
GetDIBits
DeleteObject
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
GetWindowExtEx

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueW
RegEnumKeyW
RegQueryValueExW
RegDeleteKeyW
RegOpenKeyW
RegSetValueExW
RegCreateKeyExW
InitializeSecurityDescriptor
RegCloseKey
RegOpenKeyExW

shell32

ShellExecuteW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ExtractIconW
SHBrowseForFolderW
ShellExecuteExW

comctl32

_TrackMouseEvent

shlwapi

PathIsDirectoryW
PathFileExistsW
PathFindExtensionW
PathFindFileNameW
UrlUnescapeW
PathStripToRootW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoTaskMemAlloc
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CreateStreamOnHGlobal
CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree
CLSIDFromProgID
CLSIDFromString
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysAllocStringLen
OleCreateFontIndirect
SysAllocString
VariantInit
VariantChangeType
VariantClear
SysFreeString
SysStringLen

gdiplus

GdipDrawImageRectRect
GdipDeleteBrush
GdipDeletePen
GdipCloneBrush
GdipSetImageAttributesColorMatrix
GdipSetTextRenderingHint
GdipDeleteFont
GdipSetImageAttributesWrapMode
GdipSetStringFormatAlign
GdipDeleteFontFamily
GdipCreateSolidFill
GdipDisposeImageAttributes
GdipCreateFont
GdipCreateImageAttributes
GdipDrawString
GdipCreateFontFamilyFromName
GdipSetSolidFillColor
GdipFillRectangleI
GdipCreateStringFormat
GdipCreatePen1
GdipDeleteStringFormat
GdipDrawRectangleI
GdipGetPathWorldBounds
GdipGetFontStyle
GdipGetFamily
GdipAddPathString
GdipGetFontSize
GdipDeletePath
GdipCreatePath
GdipGetImageWidth
GdipCreateFromHDC
GdipDeleteGraphics
GdipGetImageHeight
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipAlloc
GdipFree
GdipLoadImageFromStream
GdiplusShutdown

iphlpapi

GetAdaptersInfo
GetAdaptersAddresses

netapi32

Netbios

snmpapi

SnmpUtilVarBindFree
SnmpUtilOidNCmp
SnmpUtilOidCpy

ws2_32

htons
WSAGetLastError
select
connect
send
WSAStartup
closesocket
gethostbyname
__WSAFDIsSet
socket
recv

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 25KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

300d93fbe19d1c12b761c857f4e3a6b7

Headers

DLL Characteristics

File Characteristics

Imports

version

wininet

psapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

iphlpapi

netapi32

snmpapi

ws2_32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 210KB - Virtual size: 209KB

.data Size: 25KB - Virtual size: 51KB

.rsrc Size: 2.3MB - Virtual size: 2.3MB

.reloc Size: 152KB - Virtual size: 152KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 210KB - Virtual size: 209KB

.data
Size: 25KB - Virtual size: 51KB

.rsrc
Size: 2.3MB - Virtual size: 2.3MB

.reloc
Size: 152KB - Virtual size: 152KB