NEAS[.]2023-09-05_affef3cffea158b73407806141853c28_icedid_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.2023-09-05_affef3cffea158b73407806141853c28_icedid_JC.exe
Size

2.0MB
MD5

affef3cffea158b73407806141853c28
SHA1

5b65137f13ed16f55ec31b2d38054887fe868a26
SHA256

e6ea81fce1e2702c762307d2240fdd5c9b253ec4a8f2d355816e7ae71a949840
SHA512

ec8cb0f712ede81512a4b1c8c67d855d8d7133ec848bff17ae629140a11e6ab6f64daacc0579c5357292f813ec06780bf921c95e8a1ebcd1bc4fbf9fe1ef5e2f
SSDEEP

49152:n6AuUZ6cb4+h3JQY6x869D/hKhBTyyKXv8jFqelxXD26XwRANIX/vT:AUZF4+xzcnJhKhZVKXv2qelxXD26XwR7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.2023-09-05_affef3cffea158b73407806141853c28_icedid_JC.exe

Files

NEAS.2023-09-05_affef3cffea158b73407806141853c28_icedid_JC.exe
.exe windows:5 windows x86

451e81a2281edac184b53836c3bbfe7d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleW
SetFilePointerEx
OutputDebugStringW
GetCPInfo
LCMapStringW
WriteConsoleW
SetEnvironmentVariableA
GetOEMCP
GetACP
IsValidCodePage
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
GetStdHandle
GetFileType
SetStdHandle
GetConsoleMode
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
GetSystemDefaultLangID
ExitThread
GetModuleHandleExW
ExitProcess
RtlUnwind
GetTimeZoneInformation
IsDebuggerPresent
GetCommandLineW
VirtualProtect
GetWindowsDirectoryW
GetProfileIntW
GetTempPathW
GetTempFileNameW
SearchPathW
GetSystemTimeAsFileTime
GetConsoleCP
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
FileTimeToSystemTime
lstrcmpiW
GetCurrentProcess
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
IsProcessorFeaturePresent
GetStringTypeW
FindFirstFileW
FindClose
GetFileAttributesW
VerifyVersionInfoW
lstrcpyW
VerSetConditionMask
DeleteFileW
GetCurrentDirectoryW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalGetAtomNameW
CopyFileW
FormatMessageW
LocalFree
GlobalSize
ResumeThread
SetThreadPriority
GlobalFree
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CompareStringA
lstrcmpA
GlobalAlloc
GetVersionExW
GetCurrentThread
MulDiv
GlobalUnlock
GlobalLock
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryW
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
FreeResource
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
SetLastError
EncodePointer
OutputDebugStringA
GetLocalTime
GetTickCount
SystemTimeToFileTime
CreateThread
ResetEvent
Sleep
SetEvent
WaitForSingleObject
GetCurrentProcessId
CreateEventW
InitializeCriticalSection
GetFileSize
WriteFile
MultiByteToWideChar
WideCharToMultiByte
DeleteCriticalSection
DecodePointer
EnterCriticalSection
HeapSize
GetLastError
RaiseException
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
FindResourceExW
CloseHandle
ReadFile
CreateFileW
GetModuleFileNameW
FindResourceW
LoadResource
LockResource
SizeofResource

user32

DrawMenuBar
IsClipboardFormatAvailable
FrameRect
CopyIcon
SetMenuDefaultItem
GetMenuDefaultItem
EnableScrollBar
UpdateLayeredWindow
CharUpperBuffW
SetCursorPos
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
SetRect
UnionRect
GetKeyNameTextW
SetClassLongW
LockWindowUpdate
RegisterClipboardFormatW
EnumChildWindows
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
MapVirtualKeyW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
PostThreadMessageW
ModifyMenuW
IsMenu
NotifyWinEvent
SetWindowRgn
GetSystemMenu
GetAsyncKeyState
CharUpperW
TrackMouseEvent
IsRectEmpty
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
MonitorFromPoint
SetParent
ReuseDDElParam
UnpackDDElParam
LoadImageW
DestroyIcon
SetRectEmpty
InsertMenuItemW
CreatePopupMenu
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
InvalidateRect
DeleteMenu
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
RealChildWindowFromPoint
LoadCursorW
GetSysColorBrush
CopyImage
InflateRect
GetMenuItemInfoW
DestroyMenu
SendDlgItemMessageA
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuState
GetMenuStringW
GetWindowThreadProcessId
SetCursor
ShowOwnedPopups
GetCursorPos
GetMessageW
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
SystemParametersInfoW
MessageBeep
IsZoomed
PostQuitMessage
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
GetWindowLongW
PtInRect
EqualRect
MapWindowPoints
ScreenToClient
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
SetMenu
GetMenu
GetWindowRgn
GetComboBoxInfo
MapDialogRect
DestroyCursor
CreateMenu
GetDoubleClickTime
InvertRect
HideCaret
GetIconInfo
GetNextDlgGroupItem
GetCapture
GetKeyState
GetUpdateRect
SubtractRect
MapVirtualKeyExW
IsCharLowerW
TranslateMDISysAccel
DefMDIChildProcW
TranslateMessage
DefFrameProcW
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
GetParent
GetWindowRect
GetSubMenu
LoadMenuW
PostMessageW
UnregisterClassW
DrawIcon
GetSystemMetrics
IsIconic
SendMessageW
LoadIconW
KillTimer
SetTimer
OffsetRect
ReleaseDC
FillRect
GetSysColor
CopyRect
GetDC
GetClientRect
EnableWindow
IntersectRect

gdi32

TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CopyMetaFileW
CreateDCW
CreateFontIndirectW
GetTextExtentPoint32W
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetTextMetricsW
GetDIBits
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
GetRgnBox
OffsetRgn
GetTextColor
GetBkColor
SetROP2
Ellipse
CreatePolygonRgn
Polygon
Rectangle
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
ExtFloodFill
SetPaletteEntries
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
MoveToEx
SetTextAlign
CreateEllipticRgn
CreateCompatibleDC
SetBkMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetDeviceCaps
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
CreateBitmap
GetObjectW
SetTextColor
SetBkColor
DeleteDC
Polyline
BitBlt
CreateBrushIndirect
RoundRect
CreatePen
DeleteObject
CreateSolidBrush
SelectObject
CreateCompatibleBitmap

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegEnumKeyW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegCloseKey
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW

shell32

SHGetFileInfoW
DragQueryFileW
DragFinish
SHAppBarMessage
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteW
SHGetDesktopFolder
SHBrowseForFolderW

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathFindExtensionW
PathRemoveFileSpecW

uxtheme

GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeText
DrawThemeParentBackground
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
OpenThemeData
CloseThemeData
GetThemePartSize
IsAppThemed

ole32

OleDestroyMenuDescriptor
CoUninitialize
CoCreateGuid
CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
OleDuplicateData
ReleaseStgMedium
CoDisconnectObject
CreateStreamOnHGlobal
DoDragDrop
OleGetClipboard
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
IsAccelerator
OleCreateMenuDescriptor
OleTranslateAccelerator
CoInitializeEx

oleaut32

SysAllocStringLen
LoadTypeLi
VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysFreeString
SysAllocString
VariantChangeType
VariantClear
VariantInit

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

wininet

InternetSetCookieW
InternetCloseHandle
InternetOpenW
HttpSendRequestExW
InternetReadFile
InternetConnectW
InternetWriteFile
HttpSendRequestW
InternetSetOptionW
HttpAddRequestHeadersW
HttpQueryInfoW
InternetAttemptConnect
HttpOpenRequestW
HttpEndRequestW

iphlpapi

GetNetworkParams

ws2_32

WSAEventSelect
htons
WSAEnumNetworkEvents
ntohs
ntohl
recvfrom
WSAStartup
sendto
WSAWaitForMultipleEvents
WSACreateEvent
inet_addr
WSACleanup
socket

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 322KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 186KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

451e81a2281edac184b53836c3bbfe7d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

wininet

iphlpapi

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 322KB - Virtual size: 322KB

.data Size: 24KB - Virtual size: 128KB

.rsrc Size: 103KB - Virtual size: 102KB

.reloc Size: 186KB - Virtual size: 188KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 322KB - Virtual size: 322KB

.data
Size: 24KB - Virtual size: 128KB

.rsrc
Size: 103KB - Virtual size: 102KB

.reloc
Size: 186KB - Virtual size: 188KB