NEAS[.]2023-09-05_a6111b073606f2c7c9372ef46e4124dc_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.2023-09-05_a6111b073606f2c7c9372ef46e4124dc_icedid_JC.exe
Size

728KB
MD5

a6111b073606f2c7c9372ef46e4124dc
SHA1

a6042ab9e2a2d1904089aef9832c01b5c9ebd4a6
SHA256

258b8d5bae6c40f5373b40c8b538be1c0ba2c350812463d93bb3a446ccac9720
SHA512

52f8f514eecb35fe4f6a2975f7a1971a9e60761ccdf38f1b7e16579f5c5bbcfbc6f1efcf79eafccb61930ea719ffece0ab54ce686ec7459dba512de62eb7db1d
SSDEEP

12288:r0yPzefetFkSLMGbukxlqnUmsGKomPa9KXQDh1EZFq/LxU1J8gZOQLGMMUkh:r0y7eAFkSLbukxZmzrmPtQDs+SdHZY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.2023-09-05_a6111b073606f2c7c9372ef46e4124dc_icedid_JC.exe

Files

NEAS.2023-09-05_a6111b073606f2c7c9372ef46e4124dc_icedid_JC.exe
.exe windows:4 windows x86

b465d605d69c79aa26bc27487027fbae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatA
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
ExitThread
CreateThread
TerminateProcess
HeapSize
LCMapStringA
LCMapStringW
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetTimeFormatA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
GetDriveTypeA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
RtlUnwind
GetTickCount
GetCurrentDirectoryA
LocalFileTimeToFileTime
SetErrorMode
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
InterlockedIncrement
GlobalFlags
RaiseException
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetFileAttributesA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcmpA
SystemTimeToFileTime
GetShortPathNameA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
GetModuleHandleA
GetProcAddress
InterlockedDecrement
SetLastError
MulDiv
GlobalAlloc
FormatMessageA
LocalFree
FreeResource
SetCommMask
WaitCommEvent
CreateEventA
WaitForSingleObject
GetOverlappedResult
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetCommTimeouts
SetupComm
GetCommState
SetCommState
PurgeComm
WriteFile
ReadFile
SetCommTimeouts
GetStringTypeExA
CompareStringW
CompareStringA
lstrcmpiA
GetVersion
MultiByteToWideChar
GetFullPathNameA
GetVolumeInformationA
lstrcpyA
lstrlenA
lstrcpynA
CreateMutexA
GetLastError
CreateDirectoryA
ReleaseMutex
GlobalLock
GlobalUnlock
GlobalFree
GetTempPathA
GetTempFileNameA
FindFirstFileA
FindClose
CopyFileA
DeleteFileA
MoveFileA
GetModuleFileNameA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
CreateFileA
CloseHandle
Sleep
GetExitCodeThread
GetEnvironmentStrings
TerminateThread

user32

RegisterClipboardFormatA
CharNextA
GetSysColorBrush
DestroyCursor
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
IsZoomed
SetRect
SetParent
GetSystemMenu
DeleteMenu
IsRectEmpty
WaitMessage
GetWindowThreadProcessId
LoadCursorA
WindowFromPoint
SetCapture
DrawFocusRect
GetMenuItemInfoA
InflateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
LoadMenuA
DestroyMenu
UnpackDDElParam
ReuseDDElParam
SetCursor
ReleaseCapture
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
SetMenu
RedrawWindow
TranslateAcceleratorA
TranslateMDISysAccel
BringWindowToTop
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
GetMessageA
ValidateRect
wsprintfA
SetMenuItemBitmaps
ModifyMenuA
GetMenuCheckMarkDimensions
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
MessageBoxA
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoA
RegisterClassA
EnableWindow
SendMessageA
SetTimer
KillTimer
LoadIconA
GetClientRect
CheckMenuItem
PostMessageA
GetMenu
GetWindowRect
GetParent
DispatchMessageA
TranslateMessage
PeekMessageA
GetSystemMetrics
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
PtInRect
GetWindow
GetTabbedTextExtentA
PostThreadMessageA
CreateMenu
SetWindowRgn
DrawIcon
GetNextDlgGroupItem
UnhookWindowsHookEx
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
InvalidateRgn
CopyAcceleratorTableA
DestroyIcon
LockWindowUpdate
GetClassNameA
GetDCEx
MessageBeep
LoadStringA
FindWindowA
LoadBitmapA
FillRect
UpdateWindow
CharUpperA
FrameRect
AppendMenuA
EnableMenuItem
GetMenuState
GetSubMenu
GetDC
ReleaseDC
InvalidateRect
GetFocus
GetCursorPos
EndDialog
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
GetWindowLongA
DrawTextA

gdi32

DeleteDC
GetStockObject
CreateSolidBrush
CreateFontIndirectA
GetTextMetricsA
CreateRectRgnIndirect
PatBlt
StretchDIBits
GetCharWidthA
CreateFontA
GetBkColor
SetRectRgn
CombineRgn
GetMapMode
ExtSelectClipRgn
GetViewportOrgEx
Rectangle
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetTextColor
GetRgnBox
LPtoDP
Ellipse
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetWindowOrgEx
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
StartDocA
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
DPtoLP
CreatePolygonRgn
DeleteObject
SetTextAlign
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CreateDCA
GetSystemPaletteEntries
GetBitmapBits
CreatePen
GetObjectA
MoveToEx
GetPixel
GetDeviceCaps
GetTextExtentPoint32A
BitBlt
FillRgn
CreateCompatibleDC
CreateEllipticRgn
CreateCompatibleBitmap
CreatePatternBrush
PaintRgn
SelectClipRgn

comdlg32

ChooseFontA
PrintDlgA
GetOpenFileNameA
GetFileTitleA
CommDlgExtendedError
GetSaveFileNameA

winspool.drv

GetJobA
OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

GetFileSecurityA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegDeleteValueA
RegCreateKeyA
RegCloseKey
SetFileSecurityA

shell32

ExtractIconA
DragAcceptFiles
SHGetFolderPathA
DragFinish
DragQueryFileA
ShellExecuteA
SHGetFileInfoA

comctl32

ord17
ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA

oledlg

ord8

ole32

CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator

oleaut32

VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocStringByteLen
SystemTimeToVariantTime
SysAllocString
VariantCopy
SafeArrayDestroy
OleCreateFontIndirect
VariantClear

Sections

.text
Size: 520KB - Virtual size: 516KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b465d605d69c79aa26bc27487027fbae

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 520KB - Virtual size: 516KB

.rdata Size: 136KB - Virtual size: 132KB

.data Size: 12KB - Virtual size: 42KB

.rsrc Size: 56KB - Virtual size: 54KB

.text
Size: 520KB - Virtual size: 516KB

.rdata
Size: 136KB - Virtual size: 132KB

.data
Size: 12KB - Virtual size: 42KB

.rsrc
Size: 56KB - Virtual size: 54KB