icytower15[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

icytower15.exe
Size

3.6MB
MD5

b76943ebf23579fe699a0ebc1f3832d3
SHA1

d18f2c7ec875a722654965f97b2ac58964923edf
SHA256

7570c6b0c7cddf6180d7c421bdc7d7bc1486c47a6d62cc6fde90670f62d4388d
SHA512

fa81b34c0544172867d96baf1e1d3c125c37d9187c7e193ad1aab9822672ab4a03aa8777b769f43ac867e48bd5a40ec4effe5f6e0819fcfaab1684796d79703d
SSDEEP

49152:pgip+XZYWPO5vjL8TVRFdJyMrGrJxnPl0Rj+9oIkOOXYFeahQ:pgip+pYWPOhjOBrMll0RKmYFeahQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
icytower15.exe

Files

icytower15.exe
.exe windows:4 windows x86 arch:x86

16fcf68aa6af21e7f8f6b367895ad512

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawCreate

dinput

DirectInputCreateA

dsound

DirectSoundCreate
DirectSoundEnumerateA

gdi32

BitBlt
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBitmap
CreatePalette
CreateSolidBrush
DeleteDC
DeleteObject
GetDIBits
GetDeviceCaps
GetObjectA
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
SelectObject
SelectPalette
SetPaletteEntries
SetPixel
StretchBlt
StretchDIBits

kernel32

AddAtomA
CloseHandle
CreateEventA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
ExitProcess
FindAtomA
FormatMessageA
FreeLibrary
GetAtomNameA
GetCommandLineA
GetCurrentProcess
GetCurrentThread
GetLogicalDrives
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetTempPathA
GetThreadPriority
GetVersion
GetVersionExA
InitializeCriticalSection
InterlockedExchange
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
OutputDebugStringA
PulseEvent
QueryPerformanceCounter
QueryPerformanceFrequency
ResetEvent
SetEvent
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte

msvcrt

_chdir
_close
_dup
_getcwd
_hypot
_lseek
_mkdir
_open
_read
_rmdir
_stat
_strdup
_stricmp
_unlink
_write
__getmainargs
__lc_codepage
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_assert
_beginthread
_cexit
_errno
_findclose
_findfirst
_findnext
_getdcwd
_getdrive
_iob
_isctype
_onexit
_pctype
_setjmp
_setmode
_stat
_strnicmp
_tzname
_tzset
_wfindfirst
_wfindnext
_wgetdcwd
_wopen
_wstat
_wunlink
abort
acos
atan
atexit
atof
calloc
ceil
clock
cos
exit
exp
fclose
fflush
fgets
floor
fmod
fopen
fprintf
fputc
fputs
fread
free
frexp
fseek
ftell
fwrite
getenv
gmtime
ldexp
localeconv
localtime
log
log10
malloc
memchr
memcpy
memmove
memset
mktime
perror
pow
printf
qsort
rand
realloc
signal
sin
sprintf
sqrt
srand
sscanf
strcat
strchr
strcmp
strcpy
strerror
strlen
strncat
strncmp
strncpy
strpbrk
strtol
time
tmpnam
toupper
vfprintf
vsprintf
wcslen

ole32

CoCreateInstance
CoInitialize
CoUninitialize

libpng3

png_create_info_struct
png_create_read_struct
png_create_write_struct
png_destroy_read_struct
png_destroy_write_struct
png_error
png_get_IHDR
png_get_PLTE
png_get_gAMA
png_get_io_ptr
png_get_rowbytes
png_get_sRGB
png_get_valid
png_read_end
png_read_info
png_read_row
png_read_update_info
png_set_IHDR
png_set_PLTE
png_set_bgr
png_set_compression_level
png_set_expand
png_set_gamma
png_set_gray_to_rgb
png_set_interlace_handling
png_set_packing
png_set_read_fn
png_set_sig_bytes
png_set_strip_16
png_set_tRNS_to_alpha
png_set_write_fn
png_sig_cmp
png_write_end
png_write_info
png_write_row

pthreadgc2

pthread_create
pthread_mutex_lock
pthread_mutex_unlock

shell32

ShellExecuteA

user32

AdjustWindowRect
BeginPaint
CallWindowProcA
ClientToScreen
CreateIconIndirect
CreateWindowExA
DefWindowProcA
DestroyIcon
DestroyWindow
DispatchMessageA
EnableMenuItem
EndPaint
GetActiveWindow
GetAsyncKeyState
GetClassLongA
GetClientRect
GetCursorPos
GetDC
GetForegroundWindow
GetKeyNameTextA
GetKeyboardState
GetMessageA
GetSystemMenu
GetSystemMetrics
GetWindowLongA
GetWindowRect
InvalidateRect
IsIconic
KillTimer
LoadCursorA
LoadIconA
MapVirtualKeyA
MessageBoxA
MessageBoxW
MoveWindow
MsgWaitForMultipleObjects
PeekMessageA
PostMessageA
PostQuitMessage
RedrawWindow
RegisterClassA
RegisterWindowMessageA
ReleaseDC
SendMessageA
SetClassLongA
SetCursor
SetCursorPos
SetForegroundWindow
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
SystemParametersInfoA
ToAscii
UpdateWindow

winmm

joyGetDevCapsA
joyGetNumDevs
joyGetPosEx
midiInClose
midiInGetDevCapsA
midiInGetNumDevs
midiInOpen
midiInReset
midiInStart
midiInStop
midiOutClose
midiOutGetDevCapsA
midiOutGetNumDevs
midiOutGetVolume
midiOutOpen
midiOutReset
midiOutSetVolume
midiOutShortMsg
timeGetTime
waveOutClose
waveOutGetPosition
waveOutGetVolume
waveOutOpen
waveOutPause
waveOutPrepareHeader
waveOutReset
waveOutRestart
waveOutSetVolume
waveOutUnprepareHeader
waveOutWrite

wsock32

WSAGetLastError
WSAStartup
closesocket
connect
gethostbyname
htons
recv
send
setsockopt
socket

Sections

.text
Size: 744KB - Virtual size: 744KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 218KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_DISCARDABLE

/19
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_MEM_DISCARDABLE

/35
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_MEM_DISCARDABLE

/47
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_MEM_DISCARDABLE

/61
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_MEM_DISCARDABLE

/73
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_MEM_DISCARDABLE

/86
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_MEM_DISCARDABLE

/97
Size: 428KB - Virtual size: 427KB

IMAGE_SCN_MEM_DISCARDABLE

/108
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_MEM_DISCARDABLE

Sharing

General

Malware Config

Signatures

Files

16fcf68aa6af21e7f8f6b367895ad512

Headers

File Characteristics

Imports

ddraw

dinput

dsound

gdi32

kernel32

msvcrt

ole32

libpng3

pthreadgc2

shell32

user32

winmm

wsock32

Sections

.text Size: 744KB - Virtual size: 744KB

.data Size: 94KB - Virtual size: 93KB

.rdata Size: 34KB - Virtual size: 34KB

.bss Size: - Virtual size: 218KB

.idata Size: 9KB - Virtual size: 9KB

.rsrc Size: 2KB - Virtual size: 2KB

/4 Size: 4KB - Virtual size: 4KB

/19 Size: 41KB - Virtual size: 41KB

/35 Size: 1.6MB - Virtual size: 1.6MB

/47 Size: 95KB - Virtual size: 95KB

/61 Size: 152KB - Virtual size: 151KB

/73 Size: 62KB - Virtual size: 61KB

/86 Size: 39KB - Virtual size: 39KB

/97 Size: 428KB - Virtual size: 427KB

/108 Size: 38KB - Virtual size: 37KB

.text
Size: 744KB - Virtual size: 744KB

.data
Size: 94KB - Virtual size: 93KB

.rdata
Size: 34KB - Virtual size: 34KB

.bss
Size: - Virtual size: 218KB

.idata
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 2KB - Virtual size: 2KB

/4
Size: 4KB - Virtual size: 4KB

/19
Size: 41KB - Virtual size: 41KB

/35
Size: 1.6MB - Virtual size: 1.6MB

/47
Size: 95KB - Virtual size: 95KB

/61
Size: 152KB - Virtual size: 151KB

/73
Size: 62KB - Virtual size: 61KB

/86
Size: 39KB - Virtual size: 39KB

/97
Size: 428KB - Virtual size: 427KB

/108
Size: 38KB - Virtual size: 37KB