2023-08-25_40d60358e0f3712b3bf370a7f8339a77_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-25_40d60358e0f3712b3bf370a7f8339a77_icedid_JC.exe
Size

4.2MB
MD5

40d60358e0f3712b3bf370a7f8339a77
SHA1

8a7a1e4c02a474917b5794e2a76a82cfc0231cc1
SHA256

3419e44d5201f8ea7865a06d0703d090dd3770e5b9d78e979a4560e0289c27c7
SHA512

9d78b90b435fc5bca992382eb447b3495bb747410fc68fa226e89fc2264790403a8f7d7d6a2c06b09b305ef9958c05ca16bb8e21fac2c5e5e222a1efe3a9d33b
SSDEEP

98304:lAdqD3L8gWhGcJNZwPmzezcpJVuMwriMZGbaqjSJI3LcQAPTPne:l13AzJNZwPmzezcpJVuMwriMZGb6CAL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-25_40d60358e0f3712b3bf370a7f8339a77_icedid_JC.exe

Files

2023-08-25_40d60358e0f3712b3bf370a7f8339a77_icedid_JC.exe
.exe windows:4 windows x86

112678b36f0f12665830b8ae01dfdbbb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAAsyncGetHostByName
connect
getpeername
getsockname
WSACancelAsyncRequest
listen
bind
send
htons
WSASetLastError
socket
WSAAsyncSelect
inet_addr
ntohl
WSAStartup
recv
WSAGetLastError
htonl
closesocket
accept
ioctlsocket
getsockopt
shutdown
setsockopt
gethostbyname
gethostname
WSACleanup

iphlpapi

GetIpNetTable
SendARP
GetAdaptersInfo
GetPerAdapterInfo

rasapi32

RasGetErrorStringW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

kernel32

ReadFile
GetSystemInfo
GetComputerNameA
GetCurrentProcessId
CreateToolhelp32Snapshot
Module32FirstW
GetTempFileNameW
GetTempPathW
GetTempFileNameA
GetTempPathA
GetModuleFileNameA
FormatMessageW
LocalFree
DeleteFileW
GetDateFormatA
GetFileAttributesW
CreateFileW
GetFileSize
IsBadStringPtrA
IsBadReadPtr
DeleteFileA
GetDateFormatW
GetTickCount
SystemTimeToFileTime
GetComputerNameW
GetLocalTime
GetSystemTime
CompareStringW
CreateThread
FileTimeToLocalFileTime
FileTimeToSystemTime
GetProcAddress
GlobalHandle
GlobalFree
SetLastError
TlsAlloc
lstrcmpW
MulDiv
lstrcpynA
lstrlenA
GlobalAlloc
GlobalLock
GlobalUnlock
CreateMutexW
ReleaseMutex
Sleep
CopyFileW
FindNextFileW
FindClose
FindFirstFileW
CreateDirectoryW
WideCharToMultiByte
HeapFree
lstrcpynW
lstrcmpiW
InterlockedCompareExchange
SetEnvironmentVariableA
GetLocaleInfoW
SetConsoleCtrlHandler
IsBadCodePtr
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetStdHandle
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualFree
HeapCreate
QueryPerformanceCounter
GetStringTypeW
GetStringTypeA
FatalAppExitA
LCMapStringW
LCMapStringA
TerminateProcess
VirtualQuery
VirtualAlloc
VirtualProtect
GetStartupInfoW
GetTimeFormatA
GetSystemTimeAsFileTime
ExitThread
RtlUnwind
ExitProcess
HeapSize
HeapReAlloc
HeapDestroy
GetFileTime
GetFileAttributesA
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
GetShortPathNameA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
MoveFileA
SetErrorMode
GetCurrentDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetOEMCP
GetCPInfo
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
GlobalFlags
lstrcmpA
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
lstrcatA
GetModuleHandleA
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
LoadLibraryExW
GetLastError
lstrcpyW
lstrlenW
GetModuleFileNameW
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
GetCurrentProcess
FlushInstructionCache
GetProcessHeap
HeapAlloc
LeaveCriticalSection
EnterCriticalSection
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
MultiByteToWideChar
LoadLibraryW
FreeLibrary
CloseHandle
GetCurrentThreadId
RaiseException
DeleteCriticalSection
InitializeCriticalSection
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExW
TlsSetValue
SetThreadPriority
CopyFileA
GlobalSize
TlsGetValue
GlobalReAlloc
LocalAlloc
FindResourceA
GetStringTypeExW
GetStringTypeExA
GetEnvironmentVariableW
GetEnvironmentVariableA
CompareStringA
lstrcmpiA
GetVersion
GetVersionExA
LocalReAlloc
FormatMessageA
TlsFree

user32

MoveWindow
ShowWindow
DefWindowProcW
PeekMessageW
LoadAcceleratorsW
LoadMenuW
LoadStringW
RegisterClassExW
LoadImageW
wsprintfW
LoadCursorW
GetClassInfoExW
CreateWindowExW
SetWindowLongW
CharNextW
SendMessageW
GetMessageW
TranslateMessage
DispatchMessageW
UnregisterClassW
DestroyWindow
GetParent
PostMessageW
GetWindow
PostThreadMessageW
GetClipboardData
DrawStateW
CopyRect
EnumChildWindows
RegisterClipboardFormatW
LoadKeyboardLayoutW
ActivateKeyboardLayout
GetSysColorBrush
UnionRect
GetDlgItemTextW
CheckDlgButton
DrawFocusRect
IsWindowEnabled
OffsetRect
SetDlgItemInt
GetDlgItemInt
FrameRect
DestroyCursor
ClientToScreen
GetDlgCtrlID
AdjustWindowRectEx
DeleteMenu
IsDlgButtonChecked
EnableWindow
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
KillTimer
SetTimer
CharLowerBuffW
DialogBoxIndirectParamW
DrawEdge
GetWindowDC
TrackPopupMenuEx
CreatePopupMenu
InvalidateRgn
CreateAcceleratorTableW
GetDesktopWindow
GetClassNameW
RedrawWindow
FillRect
IsChild
DestroyAcceleratorTable
ReleaseCapture
SetCapture
UpdateWindow
GetCapture
SetCursor
GetMenuItemID
PtInRect
MessageBeep
SetForegroundWindow
EndPaint
BeginPaint
DrawTextW
GetFocus
MonitorFromPoint
GetMonitorInfoW
DestroyMenu
LoadStringA
PostQuitMessage
SetFocus
SendDlgItemMessageW
MapDialogRect
SetRectEmpty
CreateDialogParamW
InflateRect
ReleaseDC
GetDC
SetWindowContextHelpId
EndDialog
DialogBoxParamW
RemoveMenu
ModifyMenuW
InsertMenuW
GetSubMenu
GetMenuStringW
GetMenuState
GetMenuItemCount
AppendMenuW
TrackPopupMenu
CreateMenu
TranslateAcceleratorW
GetWindowTextLengthW
GetWindowTextW
RegisterWindowMessageW
CharLowerA
CharLowerW
CharUpperA
CharUpperW
UnregisterClassA
GetLastActivePopup
GetWindowLongA
MessageBoxA
SendMessageA
UnhookWindowsHookEx
InsertMenuA
AppendMenuA
GetMenuStringA
ValidateRect
PeekMessageA
DispatchMessageA
GetMessageA
CallNextHookEx
SetWindowsHookExA
LoadCursorA
LoadBitmapA
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
ModifyMenuA
SetMenuItemBitmaps
IsIconic
SystemParametersInfoA
IntersectRect
SetWindowLongA
CallWindowProcA
DefWindowProcA
SetWindowPlacement
RegisterClassA
GetClassInfoA
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
PostMessageA
ShowScrollBar
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
ScrollWindow
LoadIconA
GetMessageTime
EndDeferWindowPos
BeginDeferWindowPos
SetActiveWindow
GetForegroundWindow
GetWindowTextA
GetWindowTextLengthA
SendDlgItemMessageA
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassInfoExA
GetClassLongA
CreateWindowExA
WinHelpA
RegisterWindowMessageA
CheckRadioButton
GetDlgItemTextA
SetDlgItemTextA
IsDialogMessageA
SetWindowTextA
ScrollWindowEx
GetMenuItemInfoA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
wsprintfA
ShowOwnedPopups
DestroyIcon
GetNextDlgTabItem
CreateDialogIndirectParamA
GetDialogBaseUnits
GetCursorPos
IsWindowVisible
SetDlgItemTextW
IsWindow
GetWindowPlacement
MapWindowPoints
GetActiveWindow
GetMenu
SetWindowTextW
GetSystemMetrics
GetClientRect
MessageBoxW
GetDlgItem
GetWindowRect
SetWindowPos
SetMenuDefaultItem
GetMenuItemInfoW
SetMenuItemInfoW
ScreenToClient
GetMessagePos
GetKeyState
InvalidateRect
SystemParametersInfoW
GetSysColor
CallWindowProcW
GetWindowLongW
GetTopWindow

gdi32

GetObjectA
GetTextMetricsA
GetMapMode
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateHatchBrush
LineTo
MoveToEx
CreateFontW
Rectangle
GetClipBox
SetWindowOrgEx
LPtoDP
DPtoLP
CreateBitmap
CreatePatternBrush
PatBlt
GetStockObject
GetObjectW
GetDeviceCaps
CreateCompatibleBitmap
SetViewportOrgEx
CreateCompatibleDC
BitBlt
CreateSolidBrush
CreatePen
ExtTextOutW
RoundRect
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetTextExtentPoint32W
SelectObject
DeleteDC
DeleteObject
CreateFontIndirectW
CopyMetaFileA
CreateDCA
GetDCOrgEx
SetColorAdjustment
CreateFontIndirectA
ExtTextOutA
GetTextExtentPoint32A
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SelectClipRgn
GetClipRgn
CreateRectRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocA
PtVisible
RectVisible
TextOutA
Escape
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateDIBPatternBrushPt
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
ExtCreatePen

comdlg32

GetOpenFileNameW
GetSaveFileNameW
GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

advapi32

RegOpenKeyExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyA
RegOpenKeyA
RegSetValueA
GetUserNameA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExW
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExA

shell32

Shell_NotifyIconW
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW
ExtractIconA
SHGetFileInfoA

ole32

CreateBindCtx
ReleaseStgMedium
OleDuplicateData
CoDisconnectObject
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTreatAsClass
StringFromCLSID
OleLockRunning
ReadClassStg
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleInitialize
CreateStreamOnHGlobal
OleUninitialize
CoCreateGuid
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoInitialize
CoUninitialize
ReadFmtUserTypeStg
StringFromGUID2
OleRegGetUserType

oleaut32

SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayPtrOfIndex
SafeArrayRedim
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayGetDim
SafeArrayPutElement
SafeArrayGetElemsize
SysFreeString
SafeArrayGetLBound
SysAllocString
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
SysAllocStringLen
VarBstrFromDate
VariantClear
SysStringLen
SysStringByteLen
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
SysAllocStringByteLen
VarBstrCmp
VariantCopy
SafeArrayGetElement
SafeArrayGetUBound
VarUI4FromStr
VariantChangeType
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen
VarDateFromStr
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromCy
VariantInit

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveExtensionA
PathFindExtensionA

comctl32

ord17
ImageList_GetIcon
_TrackMouseEvent
InitCommonControlsEx
CreateStatusWindowW
ImageList_LoadImageW
ImageList_Destroy
ImageList_GetIconSize

msimg32

GradientFill

wininet

HttpOpenRequestW
HttpSendRequestW
InternetReadFile
InternetConnectW
InternetOpenW
InternetCloseHandle

wsock32

inet_addr

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 564KB - Virtual size: 563KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

112678b36f0f12665830b8ae01dfdbbb

Headers

File Characteristics

Imports

ws2_32

iphlpapi

rasapi32

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

wininet

wsock32

oleacc

winspool.drv

Sections

.text Size: 3.5MB - Virtual size: 3.5MB

.rdata Size: 564KB - Virtual size: 563KB

.data Size: 24KB - Virtual size: 120KB

.rsrc Size: 176KB - Virtual size: 173KB

.text
Size: 3.5MB - Virtual size: 3.5MB

.rdata
Size: 564KB - Virtual size: 563KB

.data
Size: 24KB - Virtual size: 120KB

.rsrc
Size: 176KB - Virtual size: 173KB