2023-08-25_44e588a8b1743d8d39b3bf48b7a6a547_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-25_44e588a8b1743d8d39b3bf48b7a6a547_icedid_JC.exe
Size

5.2MB
MD5

44e588a8b1743d8d39b3bf48b7a6a547
SHA1

425864327b396b936d97de0883d49ea57ff9eac4
SHA256

373e41c1cfdab671ad60d1ee6c74c267e68b1d4ec700aaf71cbccc8c6d225d7f
SHA512

2af65cf53aa8f09d12cd2c48016300941a3ea676cb424066d76cf68f1edb26abaae913eaacc75a4b5e6dd885aebfbc0c56b81a980d0ea3e92581ece555c07ad1
SSDEEP

98304:TuywdFL8yw0hw3XNywzywfSduT/zywrWX+3ywf9ywu3o0eqBh:Tuywf8ywrHNywzywf0U7ywrn3ywVyw8t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-25_44e588a8b1743d8d39b3bf48b7a6a547_icedid_JC.exe

Files

2023-08-25_44e588a8b1743d8d39b3bf48b7a6a547_icedid_JC.exe
.exe windows:4 windows x86

8cc60a14073512dd89593a8d4ebe4629

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsA
SHDeleteKeyA

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiSetDeviceRegistryPropertyA
SetupDiOpenDevRegKey
SetupDiGetClassDevsA

psapi

GetModuleFileNameExA

mfc42

ord567
ord398
ord2302
ord3996
ord2642
ord2379
ord755
ord470
ord3998
ord2818
ord2915
ord6007
ord4277
ord5683
ord5981
ord535
ord860
ord823
ord4673
ord4274
ord6375
ord4486
ord2554
ord1168
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord1200
ord537
ord4202
ord5710
ord4129
ord2763
ord4204
ord1979
ord665
ord5442
ord5186
ord354
ord6877
ord941
ord2614
ord2764
ord6648
ord1146
ord858
ord700
ord609
ord693
ord3574
ord4424
ord3402
ord5290
ord4396
ord1776
ord6055
ord2575
ord3640
ord3370
ord4402
ord2582
ord4234
ord641
ord825
ord324
ord3597
ord4425
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4710
ord4998
ord4853
ord4376
ord5265
ord800
ord540
ord2512
ord1576

msvcrt

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
_mbsicmp
_mbsrchr
_itoa
_mbstok
_mbsnbcmp
malloc
free
_mbsnbcpy
sprintf
_splitpath
_stricmp
vsprintf
_mbscmp
fopen
fclose
__CxxFrameHandler
strstr
_strlwr
_setmbcp
_controlfp

kernel32

Process32Next
SetFileAttributesA
CopyFileA
GetSystemDirectoryA
DeleteFileA
FindResourceA
SizeofResource
LoadResource
LockResource
CreateFileA
WriteFile
GetPriorityClass
WaitForSingleObject
TerminateProcess
GetExitCodeProcess
CloseHandle
OpenProcess
OutputDebugStringA
GetLastError
GetDiskFreeSpaceExA
GetDriveTypeA
GetFullPathNameA
GetModuleFileNameA
GetVersionExA
LoadLibraryA
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
LocalUnlock
LocalFree
LocalLock
LocalAlloc
MultiByteToWideChar
GetStartupInfoA
Process32First
CreateToolhelp32Snapshot
Sleep
GetVersion
GetSystemDefaultLangID
FreeLibrary
GetProcAddress
LoadLibraryExA
SetErrorMode
GetModuleHandleA
GetCurrentProcess
CreateProcessA
CreateDirectoryA
SetEndOfFile
GetTempPathA

user32

SetWindowPos
SetFocus
CheckDlgButton
EnableMenuItem
GetSystemMenu
GetClassNameA
IsWindow
GetDlgItem
SetWindowLongA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetWindow
GetAsyncKeyState
DestroyWindow
PostQuitMessage
WaitMessage
DispatchMessageA
TranslateMessage
IsDialogMessageA
SetForegroundWindow
CreateDialogIndirectParamA
GetWindowLongA
EndPaint
GetActiveWindow
GetLastActivePopup
MessageBeep
wsprintfA
MessageBoxA
EnableWindow
GetWindowThreadProcessId
GetWindowTextA
GetWindowTextLengthA
IsWindowVisible
GetParent
EnumWindows
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SendMessageA
LoadIconA
GetWindowRect
MoveWindow
SetTimer
FillRect
KillTimer
SetWindowTextA
WinHelpA
RedrawWindow
DestroyIcon
GetSysColor
GetDialogBaseUnits
LoadStringA
SystemParametersInfoA
SetRect
DrawTextA
PeekMessageA
BeginPaint

gdi32

SetBkColor
SetTextColor
DeleteObject
CreateFontIndirectA
SelectObject
GetTextExtentPoint32A
CreateSolidBrush
DeleteDC
CreateDCA

advapi32

RegDeleteValueA
RegCreateKeyExA
ControlService
DeleteService
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteKeyA

shell32

SHGetSpecialFolderPathA
ShellExecuteExA

ole32

OleUninitialize
OleInitialize

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8cc60a14073512dd89593a8d4ebe4629

Headers

File Characteristics

Imports

shlwapi

setupapi

psapi

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 5.1MB - Virtual size: 5.1MB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 5.1MB - Virtual size: 5.1MB