NEAS[.]2023-09-25_848defd6eb2a329dc1f9e14c75e9d696_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.2023-09-25_848defd6eb2a329dc1f9e14c75e9d696_icedid_JC.exe
Size

1.7MB
MD5

848defd6eb2a329dc1f9e14c75e9d696
SHA1

d93cf4074fad751fb38f4ead2b5114d41b00f1ed
SHA256

a9dcef64b7be8f008d7b9cac1e5bd70717bb0bfc4982752301156fc5e0deee36
SHA512

261e845579ac8c994c603ce6dff8ee86058d4ac09d256681cd9748a27a85b502abaf699895c0d6b2b7edbfd87016e06fdc53dde678872621e327a7be5f945b1a
SSDEEP

49152:5jqK/Gw9s0qnnwZUCLxAysU2dph7eG2h/aTUESjUoLNvDqXxnCF:9qq9sxnwZfxAysU2rh7eG2h/aT3Tk7qs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.2023-09-25_848defd6eb2a329dc1f9e14c75e9d696_icedid_JC.exe

Files

NEAS.2023-09-25_848defd6eb2a329dc1f9e14c75e9d696_icedid_JC.exe
.exe windows:5 windows x86

dc8c81e0ab66eaa5c3c9d35896b47b6f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetIconSize
ord17

imagehlp

GetTimestampForLoadedLibrary

otsw32

s_1mains

kernel32

CompareStringW
GetStringTypeW
QueryPerformanceCounter
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
IsProcessorFeaturePresent
WriteConsoleW
GetStdHandle
SetHandleCount
IsValidCodePage
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapQueryInformation
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
EncodePointer
RtlUnwind
RemoveDirectoryA
GetProcessHeap
HeapSize
HeapFree
HeapAlloc
FindNextFileA
FindFirstFileExA
GetStartupInfoW
HeapSetInformation
GetCommandLineA
SetStdHandle
CreateDirectoryA
GetDriveTypeW
GetSystemTimeAsFileTime
GetTimeZoneInformation
CreateThread
ExitThread
DecodePointer
ExitProcess
SetCurrentDirectoryA
SetEnvironmentVariableA
GetFileType
GetConsoleMode
GetConsoleCP
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateFileW
RaiseException
CompareStringA
GetLastError
Sleep
CloseHandle
GetExitCodeProcess
CreateProcessA
SetEndOfFile
GlobalMemoryStatusEx
FormatMessageA
CopyFileA
GetDiskFreeSpaceA
FreeLibrary
GetProcAddress
LoadLibraryA
UnlockFile
LockFile
lstrlenA
GetModuleFileNameA
SetErrorMode
SetLastError
DeactivateActCtx
CreateActCtxW
ReleaseActCtx
ActivateActCtx
GetModuleFileNameW
InterlockedDecrement
SizeofResource
LockResource
LoadResource
FindResourceW
WideCharToMultiByte
MulDiv
GlobalUnlock
GlobalLock
SetThreadPriority
ResumeThread
GetCurrentThreadId
WaitForSingleObject
LocalAlloc
LocalFree
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
GlobalAlloc
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
GlobalFree
TlsFree
GetCurrentProcessId
MultiByteToWideChar
lstrlenW
GlobalSize
lstrcmpA
GlobalFlags
GetLocalTime
lstrcmpW
LoadLibraryW
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
GetVersionExA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
FreeResource
FindResourceA
GetModuleHandleW
InterlockedIncrement
FileTimeToSystemTime
InterlockedExchange
GetLocaleInfoA
GetUserDefaultUILanguage
GetCPInfo
GetOEMCP
GetSystemDirectoryW
lstrcpyA
GetACP
lstrcmpiA
CreateFileA
DeleteFileA
MoveFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetCurrentDirectoryA
GetTempFileNameA
GetTempPathA
GetWindowsDirectoryA
GetNumberFormatA
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileAttributesA
GetFileSizeEx
GetFileTime
GetTickCount
GetProfileIntA
SearchPathA
VirtualProtect
FindResourceExW

user32

DefMDIChildProcA
DefFrameProcA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
GetNextDlgGroupItem
LoadImageA
GetIconInfo
GetNextDlgTabItem
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyA
ToAsciiEx
CopyAcceleratorTableA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateA
MessageBeep
ReleaseCapture
SetCapture
GetSystemMenu
LoadMenuW
SetClassLongA
GetAsyncKeyState
NotifyWinEvent
WindowFromPoint
CreatePopupMenu
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
IsIconic
OffsetRect
IsRectEmpty
KillTimer
SetTimer
DeleteMenu
ShowOwnedPopups
SetCursor
InvalidateRect
CharUpperA
DestroyIcon
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
CopyImage
PostQuitMessage
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
LoadCursorA
GetSysColorBrush
RegisterWindowMessageA
LoadIconW
LoadIconA
WinHelpA
IsChild
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
RegisterClipboardFormatA
ValidateRect
DrawMenuBar
PeekMessageA
GetKeyState
IsWindowVisible
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
RedrawWindow
UpdateWindow
GetClientRect
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
TranslateMDISysAccel
MonitorFromPoint
UnionRect
UpdateLayeredWindow
IsMenu
CreateMenu
PostThreadMessageA
WaitMessage
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
CallNextHookEx
SetWindowsHookExA
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
GetParent
GetWindowThreadProcessId
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuA
GetSysColor
GetMenuItemID
AppendMenuA
GetMenuStringA
GetMenuState
GetWindow
SendDlgItemMessageA
IsDialogMessageA
IsWindow
GetDlgCtrlID
SetWindowLongA
SetWindowPos
SetFocus
GetFocus
GetWindowTextLengthA
PtInRect
GetClassNameA
RealChildWindowFromPoint
GetDesktopWindow
CopyRect
InflateRect
IntersectRect
CheckMenuItem
EnableMenuItem
ModifyMenuA
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetMenu
CallWindowProcA
DefWindowProcA
GetWindowPlacement
SetWindowPlacement
SetScrollInfo
GetScrollInfo
CopyIcon
CharUpperBuffA
GetDoubleClickTime
IsCharLowerA
CreateDialogIndirectParamA
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
GetCursorPos
LoadImageW
GetKeyNameTextA
MapVirtualKeyExA
SetDlgItemTextA
ShowWindow
EndDialog
MessageBoxA
DialogBoxParamA
SendMessageA
GetDlgItem
SetWindowTextA
MoveWindow
GetWindowRect
IsDlgButtonChecked
SetActiveWindow
SetForegroundWindow
DestroyWindow
GetSystemMetrics
CheckDlgButton
GetWindowTextA
UnhookWindowsHookEx
FillRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ScreenToClient
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
GetWindowRgn
DestroyCursor
DrawIcon
MapDialogRect
GetMessagePos
SubtractRect

gdi32

SetPixelV
GetTextFaceA
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
EnumFontFamiliesExA
Rectangle
SetPixel
StretchBlt
SetDIBColorTable
GetRgnBox
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Ellipse
Polyline
CreateEllipticRgn
GetTextColor
GetBkColor
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
GetTextCharsetInfo
EnumFontFamiliesA
GetTextMetricsA
CreateCompatibleBitmap
CreateDIBitmap
GetTextExtentPoint32A
DPtoLP
PatBlt
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateFontIndirectA
CreateDCA
CopyMetaFileA
CreateHatchBrush
CreateSolidBrush
CreatePen
GetDeviceCaps
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreateBitmap
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectA
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

comdlg32

GetFileTitleA

advapi32

RegQueryValueExA
RegCloseKey
RegEnumKeyExA
RegSetValueExA
RegDeleteValueA
RegOpenKeyExA
RegDeleteKeyA
RegCreateKeyExA

shell32

SHAppBarMessage
SHGetFileInfoA
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA
DragQueryFileA
DragFinish
ShellExecuteA

ole32

OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleDuplicateData
CoInitializeEx
DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree

oleaut32

SysStringLen
VariantInit
VariantChangeType
VariantClear
SysFreeString
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
SysAllocString
SysAllocStringLen

msimg32

TransparentBlt
AlphaBlend

shlwapi

PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipGetImagePixelFormat
GdipSetInterpolationMode
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipDrawImageRectI
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 258KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 454KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc8c81e0ab66eaa5c3c9d35896b47b6f

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

imagehlp

otsw32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

msimg32

shlwapi

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 258KB - Virtual size: 258KB

.data Size: 120KB - Virtual size: 454KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 258KB - Virtual size: 258KB

.data
Size: 120KB - Virtual size: 454KB

.rsrc
Size: 6KB - Virtual size: 6KB