NEAS[.]2023-09-06_604e0a043bd0d439e7c2cbc8475bb4f0_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.2023-09-06_604e0a043bd0d439e7c2cbc8475bb4f0_icedid_JC.exe
Size

880KB
MD5

604e0a043bd0d439e7c2cbc8475bb4f0
SHA1

b87cdfe3401f16a5398fddebeab6deafe594649d
SHA256

52afe4b87174fa158336f85b98738e25f1cf8415d35661ca7645b640aecb753c
SHA512

33810e9738e62026d7ce3cc3fdaee882d9302dc5559db90d8c53eabf0d2622da69437652f2ce9524a6bf6dc05d94957880ec397fce377801f245eee9a016e3b1
SSDEEP

24576:tPMeYiEBH9Po9dyBaAhQJEM1rAd7nMy6+C:8Nj3BakQJCMy6X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.2023-09-06_604e0a043bd0d439e7c2cbc8475bb4f0_icedid_JC.exe

Files

NEAS.2023-09-06_604e0a043bd0d439e7c2cbc8475bb4f0_icedid_JC.exe
.exe windows:4 windows x86

3958e905eb335765530203bd072fc659

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
LCMapStringW
LCMapStringA
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
GetCurrentProcessId
QueryPerformanceCounter
HeapSize
TerminateProcess
HeapReAlloc
GetCommandLineA
GetStartupInfoA
GetSystemTimeAsFileTime
VirtualQuery
VirtualAlloc
ExitProcess
RtlUnwind
GetCurrentDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
SetErrorMode
GetOEMCP
GetCPInfo
GlobalFlags
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
SystemTimeToFileTime
LocalFileTimeToFileTime
ReleaseSemaphore
CreateSemaphoreA
GetProfileIntA
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
LeaveCriticalSection
LocalAlloc
GetDiskFreeSpaceA
GetFileTime
SetFileTime
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrcmpA
GetShortPathNameA
GetFullPathNameA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WriteFile
DeleteFileA
lstrcpyA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
CopyFileA
FormatMessageA
LocalFree
SetLastError
InterlockedDecrement
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
GetModuleHandleA
lstrcpynA
GlobalGetAtomNameA
GlobalAddAtomA
SetFilePointer
HeapFree
GetProcessHeap
HeapAlloc
GlobalReAlloc
VirtualProtect
CreateFileA
GetFileSize
ReadFile
MulDiv
GetProcAddress
GetVolumeInformationA
CreateProcessA
GetModuleFileNameA
GetFileAttributesA
GetDriveTypeA
IsDBCSLeadByte
GlobalSize
FreeResource
GlobalMemoryStatus
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CloseHandle
GetSystemInfo
MoveFileA
WaitForSingleObject
GetTempPathA
GetTempFileNameA
Sleep
GetTickCount
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
FreeLibrary
LoadLibraryA
GetDateFormatA
GetTimeFormatA
GetStringTypeExA
CompareStringW
CompareStringA
lstrlenA
lstrlenW
lstrcmpiA
GetVersion
GetLastError
MultiByteToWideChar
CreateDirectoryA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetFileType
InterlockedExchange

user32

GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
IsChild
GetWindowTextLengthA
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
MessageBoxA
TrackPopupMenu
SetScrollPos
GetScrollPos
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
RegisterClassA
UnregisterClassA
DefWindowProcA
GetWindowPlacement
SetWindowPos
WinHelpA
SetFocus
GetDlgCtrlID
UnpackDDElParam
ReuseDDElParam
GetClassInfoA
SetActiveWindow
InsertMenuItemA
CreatePopupMenu
GetLastActivePopup
BringWindowToTop
ShowWindow
GetWindow
IsWindowEnabled
EnumWindows
GetWindowTextA
GetClassNameA
SetForegroundWindow
GetActiveWindow
GetForegroundWindow
SetWindowLongA
CallWindowProcA
GetUpdateRect
RedrawWindow
SetCursor
InvalidateRgn
LoadStringA
wsprintfA
PeekMessageA
TranslateMessage
DispatchMessageA
WindowFromPoint
ChildWindowFromPointEx
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
IsWindow
DestroyMenu
GetMenuItemInfoA
GetDlgItem
CharNextA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
TrackPopupMenuEx
GetCursorPos
BeginDeferWindowPos
CreateWindowExA
DrawIconEx
LoadCursorA
ScreenToClient
GetMenu
RemoveMenu
InsertMenuA
CheckMenuItem
DrawFrameControl
DrawEdge
GetClassLongA
SetMenu
TranslateAcceleratorA
LoadAcceleratorsA
ModifyMenuA
GetMenuItemID
GetMenuItemCount
CopyRect
EnumChildWindows
GetDesktopWindow
IsWindowVisible
ShowScrollBar
IntersectRect
FillRect
FrameRect
LoadMenuA
GetSubMenu
GetParent
GetFocus
EqualRect
IsRectEmpty
PtInRect
InflateRect
FindWindowA
LockWindowUpdate
DestroyIcon
GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
GetDCEx
EnableWindow
KillTimer
SetTimer
GetClientRect
UnionRect
SetRect
RegisterClipboardFormatA
CharUpperA
SetRectEmpty
ReleaseCapture
GetSysColor
GetWindowLongA
SetDlgItemTextA
IsDialogMessageA
SetWindowTextA
MoveWindow
LoadBitmapA
GetMenuCheckMarkDimensions
SystemParametersInfoA
GetSystemMetrics
LoadIconA
SetCapture
GetCapture
InvalidateRect
UpdateWindow
ClientToScreen
GetWindowRect
SetWindowRgn
IsZoomed
IsIconic
GetSystemMenu
PostMessageA
SendMessageA
EnableMenuItem
DrawIcon
OffsetRect
PostThreadMessageA
MessageBeep
EndDeferWindowPos
GetNextDlgGroupItem
CopyAcceleratorTableA
GetMenuState
DrawMenuBar
DefFrameProcA
SetParent
DeleteMenu
DestroyCursor
SetCursorPos
IsClipboardFormatAvailable
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMessageA
ValidateRect
GetMenuStringA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GetKeyState
SetMenuItemBitmaps
TranslateMDISysAccel

gdi32

GetRgnBox
RealizePalette
LPtoDP
PatBlt
ExtCreateRegion
CreateDIBSection
GetPaletteEntries
CreatePalette
GetMapMode
DPtoLP
StretchBlt
GetDIBColorTable
SetDIBits
SelectObject
GetClipBox
SetTextColor
SetBkColor
SaveDC
RestoreDC
SetBkMode
SetROP2
SetStretchBltMode
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SelectClipRgn
CreateRectRgn
GetViewportExtEx
OffsetRgn
GetPixel
StartDocA
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
SelectPalette
GetTextExtentPoint32A
SetRectRgn
CopyMetaFileA
CreateDCA
StretchDIBits
GetCharWidthA
GetTextMetricsA
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetTextColor
CombineRgn
GetRegionData
CreateCompatibleBitmap
CreateBitmap
CreatePatternBrush
CreateICA
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateFontA
Escape
GetGraphicsMode
SetGraphicsMode
BitBlt
CreateCompatibleDC
DeleteObject
GetBkColor
CreateSolidBrush
GetStockObject
RoundRect
Rectangle
Ellipse
GetDeviceCaps
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgnIndirect
SetPixel
CreatePen
GetObjectA
CreateRectRgnIndirect
GetWindowExtEx
CreateFontIndirectA

comdlg32

CommDlgExtendedError
PrintDlgA
GetOpenFileNameA
ChooseFontA
GetFileTitleA
GetSaveFileNameA

winspool.drv

ClosePrinter
GetJobA
OpenPrinterA
DocumentPropertiesA

advapi32

RegCloseKey
RegCreateKeyA
RegQueryValueExA
RegOpenKeyExA
RegSetValueA
RegOpenKeyA
SetFileSecurityA
GetFileSecurityA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA

shell32

ShellExecuteA
SHGetFileInfoA
ExtractIconA
DragFinish
DragQueryFileA
FindExecutableA

comctl32

ImageList_Draw
ImageList_LoadImageA
ImageList_AddMasked
ImageList_SetBkColor
ord17
ImageList_GetImageInfo
ImageList_Destroy
ImageList_Create

shlwapi

PathIsUNCA
PathFindExtensionA
PathStripToRootA
PathFindFileNameA

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleLockRunning
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
OleGetClipboard
ReleaseStgMedium
CoTaskMemAlloc
CreateStreamOnHGlobal
CoTaskMemFree
CoRegisterMessageFilter
CoRevokeClassObject
CoGetClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
StgOpenStorageOnILockBytes
OleDuplicateData

oleaut32

VariantTimeToSystemTime
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocStringByteLen
VariantCopy
SafeArrayDestroy
SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime

winmm

waveOutReset
waveOutClose
waveOutOpen
waveOutUnprepareHeader
waveInClose
mmioOpenA
mmioClose
mmioDescend
mmioRead
mmioAscend
waveOutWrite
waveOutPrepareHeader
waveInReset

imm32

ImmReleaseContext
ImmSetOpenStatus
ImmGetContext

Sections

.text
Size: 528KB - Virtual size: 526KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3958e905eb335765530203bd072fc659

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

winmm

imm32

Sections

.text Size: 528KB - Virtual size: 526KB

.rdata Size: 112KB - Virtual size: 108KB

.data Size: 12KB - Virtual size: 156KB

.rsrc Size: 224KB - Virtual size: 223KB

.text
Size: 528KB - Virtual size: 526KB

.rdata
Size: 112KB - Virtual size: 108KB

.data
Size: 12KB - Virtual size: 156KB

.rsrc
Size: 224KB - Virtual size: 223KB