NEAS[.]2023-09-07_74386ae59cc45552acf0765028734b75_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.2023-09-07_74386ae59cc45552acf0765028734b75_icedid_JC.exe
Size

948KB
MD5

74386ae59cc45552acf0765028734b75
SHA1

956487192e122953ac10c6ecaada9a21b8807fba
SHA256

6d3fee81285b9cebef8617f59d26f0108db2cd5075f46c17e72975574cb7fe67
SHA512

6a988d7bf68c862bcf6edfa479ca1cc26b47bbe55960575016679e473118b390791f33174147f2c845372fb642feb1377e0b9227b3494b4412fd74af95fbe950
SSDEEP

24576:BJddCv+YHxkJn+ntCMtiHVVFXZLrALJ1lDJ:BPdCv+YHxkJn+ntCMtiHVVFXZLrANTJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.2023-09-07_74386ae59cc45552acf0765028734b75_icedid_JC.exe

Files

NEAS.2023-09-07_74386ae59cc45552acf0765028734b75_icedid_JC.exe
.exe windows:4 windows x86

a2341c0c4898cc38c48e1bb873c0283b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
HeapCreate
GetStringTypeW
LCMapStringA
LCMapStringW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
HeapDestroy
IsValidCodePage
GetACP
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FindResourceA
TerminateProcess
Sleep
HeapSize
ExitProcess
GetFileType
SetStdHandle
RaiseException
GetStartupInfoA
GetProcessHeap
GetCommandLineA
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapAlloc
HeapFree
RtlUnwind
SetErrorMode
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
TlsGetValue
LocalAlloc
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalReAlloc
GetProfileIntA
GetTickCount
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedDecrement
GetModuleFileNameW
GetDiskFreeSpaceA
GetTempFileNameA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentProcessId
lstrcmpA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
DeleteFileA
MoveFileA
GetFileTime
GetFileSize
GetFileAttributesA
CreateFileA
SetFileTime
CloseHandle
SystemTimeToFileTime
LocalFileTimeToFileTime
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
LoadLibraryA
SetLastError
lstrcmpW
GetModuleHandleA
GetProcAddress
GetVersionExA
GetLastError
lstrlenA
lstrcmpiA
GetStringTypeExA
lstrlenW
CompareStringA
CompareStringW
MultiByteToWideChar
InterlockedExchange
GetVersion
GetLocalTime
GetDateFormatA
GetCurrentDirectoryA
GetModuleFileNameA
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
GetStringTypeA

user32

CopyAcceleratorTableA
CharNextA
DestroyIcon
UnregisterClassA
SetParent
DeleteMenu
GetSysColorBrush
GetMenuItemInfoA
KillTimer
SetWindowRgn
DrawIcon
IsRectEmpty
FindWindowA
GetDCEx
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
ValidateRect
IsClipboardFormatAvailable
DestroyCursor
SetCursorPos
RedrawWindow
InflateRect
WaitMessage
GetMessageA
TranslateMessage
GetCursorPos
LoadCursorA
WindowFromPoint
SetCapture
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
SetCursor
ReleaseCapture
LoadAcceleratorsA
InsertMenuItemA
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorA
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
ReleaseDC
GetDC
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMenuStringA
InsertMenuA
RemoveMenu
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetScrollRange
SetForegroundWindow
ShowScrollBar
IsWindowVisible
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
LockWindowUpdate
GetTabbedTextExtentA
CreateMenu
CharUpperA
PostThreadMessageA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyRect
PostMessageA
GetKeyState
ScreenToClient
DrawMenuBar
GetMenu
GetFocus
ClientToScreen
GetWindowRect
EnableMenuItem
CheckMenuItem
AppendMenuA
CreatePopupMenu
PtInRect
RegisterClipboardFormatA
UpdateWindow
GetSystemMetrics
SetTimer
PeekMessageA
SetScrollRange
SetScrollPos
GetScrollPos
MapDialogRect
InvalidateRect
GetClientRect
DrawEdge
SetRect
GetSysColor
EnableWindow
GetParent
SendMessageA
SetDlgItemTextA

gdi32

SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
SetBkMode
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
GetStockObject
CreateSolidBrush
Rectangle
UnrealizeObject
CreateEllipticRgn
DPtoLP
LPtoDP
Ellipse
SetAbortProc
GetViewportOrgEx
CreateFontIndirectA
SetRectRgn
CombineRgn
GetMapMode
GetCharWidthA
GetBkColor
GetTextColor
GetRgnBox
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetWindowOrgEx
RestoreDC
SaveDC
CreateRectRgnIndirect
CreateDCA
CopyMetaFileA
GetDeviceCaps
GetObjectA
SetTextCharacterExtra
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
SetMapMode
SetStretchBltMode
SetROP2
GdiFlush
SetBkColor
SetTextColor
GetClipBox
EndDoc
AbortDoc
EndPage
StartPage
StartDocA
GetTextFaceA
GetTextExtentPoint32A
ExtTextOutA
Polyline
Arc
SelectObject
CreatePen
GetCharABCWidthsA
GetTextMetricsA
RemoveFontResourceA
CreateScalableFontResourceA
AddFontResourceA
PlgBlt
StretchBlt
CreateBitmap
CreateDIBSection
DeleteObject
CreateFontA
EnumFontFamiliesExA
BitBlt
PatBlt
CreateCompatibleDC
CreateCompatibleBitmap
SetPolyFillMode

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA
GetJobA

advapi32

RegDeleteValueA
RegCreateKeyA
RegQueryValueA
RegEnumKeyA
GetFileSecurityA
SetFileSecurityA
RegDeleteKeyA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyA
RegSetValueA

shell32

DragFinish
DragQueryFileA
ExtractIconA
SHGetFileInfoA

comctl32

ord17

shlwapi

PathIsUNCA
PathFindExtensionA
PathStripToRootA
PathFindFileNameA

oledlg

ord8

ole32

CoRevokeClassObject
OleDestroyMenuDescriptor
CreateStreamOnHGlobal
DoDragDrop
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
OleGetClipboard
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CreateILockBytesOnHGlobal
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoGetClassObject
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes

oleaut32

VariantClear
SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysAllocStringByteLen
SysFreeString
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 684KB - Virtual size: 683KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a2341c0c4898cc38c48e1bb873c0283b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

version

Sections

.text Size: 684KB - Virtual size: 683KB

.rdata Size: 148KB - Virtual size: 146KB

.data Size: 16KB - Virtual size: 21.0MB

.rsrc Size: 96KB - Virtual size: 93KB

.text
Size: 684KB - Virtual size: 683KB

.rdata
Size: 148KB - Virtual size: 146KB

.data
Size: 16KB - Virtual size: 21.0MB

.rsrc
Size: 96KB - Virtual size: 93KB