Trojan.ICLoader.J
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Popularity Rank: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Popularity Rank: | 3,481 |
| Threat Level: | 80 % (High) |
| Infected Computers: | 21,808 |
| First Seen: | October 13, 2021 |
| Last Seen: | April 15, 2026 |
| OS(es) Affected: | Windows |
Table of Contents
Analysis Report
General information
| Family Name: | Trojan.ICLoader.J |
|---|---|
| Signature status: | No Signature |
Known Samples
Known Samples
This section lists other file samples believed to be associated with this family.|
MD5:
ebac89be50430e0bbfc42b43df686c0e
SHA1:
fe0eecf6607f6b5363266f3eb87e2a83d8441d83
File Size:
5.08 MB, 5084160 bytes
|
|
MD5:
6bd583cad54ae2ec01d6877e6f7c79e9
SHA1:
9173354b027c877ab28974018f0063bc3a82b294
File Size:
5.96 MB, 5964800 bytes
|
|
MD5:
3ad862e6d60ad37225883025e39748c5
SHA1:
0f4f32b18f950aa5a48806cc3a960d084c26e27d
File Size:
2.62 MB, 2621952 bytes
|
|
MD5:
c764a11dd162fdb08784479171889321
SHA1:
4404a150b323553f5588645da4f94873957799bf
File Size:
2.72 MB, 2718208 bytes
|
|
MD5:
4bf6d0bee1f7aae65017208f3ce752ad
SHA1:
f21d7f5625915f5ee07eb20a8cabac765efb411e
File Size:
2.87 MB, 2866688 bytes
|
Show More
|
MD5:
43554b73646e3400d677cc2fc0fb5368
SHA1:
a483628f5f41af2721a57cf5b2cb4f77c7dbfeac
File Size:
5.85 MB, 5854720 bytes
|
|
MD5:
de8f1c05eebbd08c7249f5cfcd6a72f7
SHA1:
5b7ffb2cff0fc2ac7cf3b5ba1868bac87500747d
SHA256:
0C9244DBA80D473E7A3786D1A75DADFE8E5B0CB381857CED8BCF819274CBC4E8
File Size:
5.32 MB, 5319680 bytes
|
|
MD5:
53cfd311d0c8bcbc09cab55d40b0d643
SHA1:
ffdda444e58253add3a92e299c6b12302b4bcf82
SHA256:
47A45B29C2B55E770F3B1A411BFBA3319CDF205CE88BBADE9FA4D8847C6D9671
File Size:
5.70 MB, 5704192 bytes
|
|
MD5:
1c734ac22964a35628fdc94f984a7a54
SHA1:
2ecb5205a02b3e1c4814c0a5af991185454c28ac
SHA256:
C16C0BECF480271E6CC5A38AC462E35B4C007CCE9BDB10B9603BD4F6F9FBCB05
File Size:
6.10 MB, 6095360 bytes
|
|
MD5:
156495bdbd65ee7992bacaec0b50d2ac
SHA1:
1b15313fc1adf4a11cebc75c21fc0f835998f9e8
SHA256:
20D25BC9D30EFB1DCE962365DD91135A772C10A6470F4E5A9343A148E857961F
File Size:
5.96 MB, 5959168 bytes
|
|
MD5:
a8b543b464272ea2450d0f28ec94b610
SHA1:
a401a2645dd6c3b3861f7ad4eafc087e9ef37a7e
SHA256:
4B1A49572A098B08B79C12C2BA4229193E0B607DE3CEDFE910334ECC76FE95F3
File Size:
2.99 MB, 2991844 bytes
|
|
MD5:
5bf8ee3f550ad3e2419b7acb4c7970dd
SHA1:
45ca1653fd14961534d45177a743760fe3c6d8cd
SHA256:
E23C39A7720B8C1D295FEFE70BDC7A8F8657E0EB66A3FD28063972AB4AAB895B
File Size:
6.24 MB, 6237696 bytes
|
|
MD5:
b62e706ecc2ad51e823345a04eb194a9
SHA1:
e7997a078b854451f1d9373c557c51e2167e31c5
SHA256:
122CD9CF320B65FBB033B40E70BFA8FE085C9A25C18D15544F12CE38823E1CB8
File Size:
3.38 MB, 3376640 bytes
|
|
MD5:
2a39a93fd4f84c7dbd9f6e3c7a25e5e5
SHA1:
35f5ec89517957da81a25ae665f0df805cd59930
SHA256:
B3EAC028BF82333BA8CBC595D4E0D47CB3E3E91806EE3CD989D1BBE402205250
File Size:
5.31 MB, 5306368 bytes
|
|
MD5:
902293eaf89b5a63ea31559194c8ee94
SHA1:
7bc699ff413a08da6575cceb4c3dfe6f5ae1ec62
SHA256:
CD5A2205C93D545492E3D1FD97AAC5479C60AD1C2974A6814369DAEDD05046CB
File Size:
4.36 MB, 4356391 bytes
|
|
MD5:
64d64e12d0388eb057677b0d0e15b84a
SHA1:
3ddb11bef45812b661625b6b6335a71fd6d722bc
SHA256:
4E1E5714D5CC5B17339651161DD96942434186CD167AE2EEDB4CC7F0E8BD1AB0
File Size:
2.87 MB, 2871783 bytes
|
|
MD5:
4906e52178b06bf53f96482a3a0e64ef
SHA1:
1c93ede996da902555e1ec63b194931631232268
SHA256:
082395C4EF3E7E7DCFEDE6E0F64744A87AF3F907E55B681D6141DE8CC95052F4
File Size:
2.47 MB, 2473977 bytes
|
|
MD5:
066a83c3e075bbe93806a96cb1984eba
SHA1:
6426462e38d8fa7f0298b78acc64cf04eb8092e0
SHA256:
868D047BB57A174262F101E213F286F86D24232B6CD14676F1532D5956EEADD1
File Size:
2.07 MB, 2072499 bytes
|
|
MD5:
8088e295e80757961a735bbb11f0d328
SHA1:
686f27d1e71ab46cc46dbbba2178df5139e3b156
SHA256:
E9A3E3B189C185E0A50B2898712D999758B617D44DDA297780D9C8C50427959C
File Size:
5.01 MB, 5012992 bytes
|
|
MD5:
36f98c42de1245e141c07c86f357afe0
SHA1:
caae9be205c59dada813dc34dfd7c3afad9bee3a
SHA256:
EA0B2DA04161C1CB61D5F12368882E9332CB2E424E625B07799329C39249D33A
File Size:
2.91 MB, 2911685 bytes
|
|
MD5:
49c173028408dfa0e10f111923d11c4e
SHA1:
255392387e88d9f45ffd2bd7752d033764c0c4df
SHA256:
10B1AE473F127FF57D2C822DD6280C24991B2F676DBD359CFF58F3418A4C1E3E
File Size:
2.35 MB, 2353958 bytes
|
|
MD5:
d94cd81654d80c6adf8aec00540dd56c
SHA1:
106be4d90f1c9190a6c72d31ddfcce268e12ed90
SHA256:
38BFEE5BC37FDC03FBBD29CA0DFBEB6BD3AA22C51DF7B434EC34398EBE0B5CD7
File Size:
2.48 MB, 2478753 bytes
|
|
MD5:
7ad527e44b4e542e040c55d3fc65ee01
SHA1:
c0e5b4c5d92cfabe66a4ee111027d2afdc52fe7d
SHA256:
56F78190E1DF11423544B7D09CF7092302898B34FCE17AD0808A103D4F2D4B12
File Size:
4.35 MB, 4345344 bytes
|
|
MD5:
6e6799a34f6b978988a24c430e39fa44
SHA1:
4bb23c5301214c533b7a1c3d7ccad6cf7cced4c9
SHA256:
77AAF493A19B738015A65D13207AAD91172E18E73D414C8B292C0AB7EAF5A4C7
File Size:
2.84 MB, 2840275 bytes
|
|
MD5:
c02d4d5179ecb1f201b26215bf6bff9c
SHA1:
ef3583bd4e7969edf8c2ef5a9805a6949ce69363
SHA256:
B10324198A0CDC173AD1CF2DB2875849E2B0B4E698DA8446A456C936C52D704B
File Size:
2.83 MB, 2832949 bytes
|
|
MD5:
e57ad5142a50bd8899212f77f809eac6
SHA1:
f4a40f053735b1a97639a0dae1be0f998829d9b1
SHA256:
3B4D777339039888FC54CE188327955D439C455784E06D252F8194EF6AD96046
File Size:
2.64 MB, 2640384 bytes
|
|
MD5:
61e1a7e53cfb64c0cdbdd201585c0c89
SHA1:
47a1c32776ca66f1b9b53e2f0d5d1d5008cb4726
SHA256:
50D88F85ED1A5B49215AE7E64D9888FF0D2FE9AD115AAB3739ABB4695D1BD9F5
File Size:
2.99 MB, 2992392 bytes
|
|
MD5:
3df549e89f13947efdb7fb4626c81adc
SHA1:
bb5dae8b92860e575c7b11c433ea3a03cd1ff92c
SHA256:
1DF57D053AA836A62D8871A751C5D5D41508BE6197AB5493E83EC146D78E1BEB
File Size:
2.49 MB, 2487383 bytes
|
|
MD5:
56a2f4e9d21f48cf443bcb3b6e8e6a2e
SHA1:
ab1497fabc7d690ad569ae57a98bd10120032f32
SHA256:
CB04BF7A9013EDEB7A8B32C2C8DF87BAA1038DE51B6559476F628B9E29BD2E22
File Size:
2.11 MB, 2110555 bytes
|
|
MD5:
bb1d6b43ae044ce6f28034b5daf3999e
SHA1:
dc9b838dc620592543d2d24f7d83739ac3f40a6f
SHA256:
29CED61D4698A80DF64E1F4A1ACB5D334537DD68F25FFAAE923BA254435C129F
File Size:
2.41 MB, 2410770 bytes
|
|
MD5:
e06bc4a265f40edc0f26fdfb5d849e86
SHA1:
7605374d5a4733f5cef4b72d25554bf92d10eb67
SHA256:
2585E26C4AE30158ECB9EC080ABACBC4BD6D5713785B792DF7DD32E59D870A5C
File Size:
1.77 MB, 1769472 bytes
|
|
MD5:
5b883a7108eadcd1fd5edeb1b8b62ad5
SHA1:
b753156f45b4725fd067734190ae78cf96913e26
SHA256:
3E15DDE1B5FE44783B05E0E7154CB64218D7BC6B19E1DC67112AC2E71477746D
File Size:
3.53 MB, 3530763 bytes
|
|
MD5:
c3d38366fa3846d840f8a8c0f959a7de
SHA1:
929accc5e8c710d6bb05fd9b3e59e43c79d81099
SHA256:
8FB5D1FDBF76AE4CCE601FEC99FE31348157E7F54C8E6466D086BBF65978CED9
File Size:
3.74 MB, 3735552 bytes
|
|
MD5:
f318104624294e8928268f440e962430
SHA1:
88bb67799da60286742ccb068bd9ef747f33bc4a
SHA256:
7CDEE0C35A661CD4256FF91EAD1DE31C0EDE4F145EE29220EFBE49FF6935FC68
File Size:
2.66 MB, 2656355 bytes
|
|
MD5:
2ab7ede834791ffa5cd064987a012323
SHA1:
5b8b31be08e3586c42d550c33ea21cc5d99d60f6
SHA256:
24C58B0D54D6D52A31560F3ABD5495747DF13F652DC0970001C473F29BC91054
File Size:
3.39 MB, 3389952 bytes
|
|
MD5:
d69a3007c2506fe1a7231faa769b2073
SHA1:
ce524ea5ce457488a7b6ba8d88dde9a26713cb8e
SHA256:
ADCCE83CCA0001252FF62063FF6173B3A91D8E3645808CD57A212AF5BA7022ED
File Size:
2.90 MB, 2899715 bytes
|
|
MD5:
e411a96dc2e34eb7ae858fbe5d0e2b51
SHA1:
5f56c29244e46d809b0d469dfa0012fd199f00e8
SHA256:
4EEF29CF8B7A41217FCD42DC6DCC2856F5DC6459C002E62C797CE70F19464A0A
File Size:
2.32 MB, 2322764 bytes
|
|
MD5:
6a791e2047017cd1ffa9f51bf89ab5a6
SHA1:
1cda4d8b7b4bf723eeb86025377e675120f51ae3
SHA256:
3F9D79E70221B1180693E52DF98B5090F6E11F9D77D55B88D674ADF7B75004AA
File Size:
4.96 MB, 4956672 bytes
|
|
MD5:
1da12e44f6877f249336497e55d3b630
SHA1:
abb8a5d8b5fcb2b396f063d9296d0a02ffa08db5
SHA256:
5803F45E0161062BED69737174799C300EF618BA7922B337805F5EFBA245BE37
File Size:
3.53 MB, 3531264 bytes
|
|
MD5:
14416ddc2938ee76583e0b126137a7dc
SHA1:
3ef295f6ec3e2d8b4a7fada6bba1e212df3be8a5
SHA256:
7908ECF68C4AED53FF2A94DFAD5A567C13770DB8EBAF3FE78A02764AE6B5B40F
File Size:
2.83 MB, 2832343 bytes
|
|
MD5:
b19be87dff7ac8f4c28b5c2187dfe7fa
SHA1:
a1554a9ee1acc6401936e77f45be623d591c344a
SHA256:
A9BD3CE636A53B07C4A9807C7791FDD8A8F8003D922738560907AA2F0D190906
File Size:
2.40 MB, 2398226 bytes
|
|
MD5:
7229ad8ac1ecbfbef2f482e20dacf139
SHA1:
d389879b825dc15dd1e5ce557bed1cce4860bd7d
SHA256:
FC72EB30BC00413B772CAA58F9E95CA1AC3E801026452421F3CD5ED7882CC8D6
File Size:
5.50 MB, 5496320 bytes
|
|
MD5:
0993b28bfea2be73b6799b2f6430962b
SHA1:
fe4eec80de4bbca1cea64c09efc1a994df87176b
SHA256:
6867DD4987AF870D9E4A853910D01E578362A8E2D6D8AE72761C582C915DB21C
File Size:
3.03 MB, 3031858 bytes
|
|
MD5:
f49575853b6d23f8bd2a63aae81444ca
SHA1:
8c5e6f7d60c7e368d2c1ff839400fcec03e25e6a
SHA256:
DA42C25183FF7670595CD1FD5B4471853CAC31C6BB7916AAD15601279538E0E7
File Size:
3.32 MB, 3320990 bytes
|
|
MD5:
30b1cf2b65fbc7751d6b33912862c45c
SHA1:
6ff214ee8f55e0bda235f2dbce74f512eff718dc
SHA256:
DD199F2B17ECA7C7D796F94A5CB8A9CF379FB3C6DBD6708092A53483114B709E
File Size:
4.38 MB, 4377088 bytes
|
|
MD5:
588a5154e261f76fa2ce16476de8d177
SHA1:
a2d07a4f1422c97a44fa542e8a97cfd970faa719
SHA256:
87E7E9B2EA43BF837C46CF53465DFEE2B9DBC0DC32B0120DB74C651A388D5CB4
File Size:
2.14 MB, 2142038 bytes
|
|
MD5:
79ed2b6fe5c89055b676b7f883412cbe
SHA1:
0dbb18f35191842931a04cbfd1700af7ce204c5e
SHA256:
FE386C702F753BCB15FF30DDF95863AE6F1722DC8473C1E8130ECCBBB6F6F279
File Size:
2.35 MB, 2351692 bytes
|
|
MD5:
9b290258dddadf75788e383eb3978fbd
SHA1:
5ab9dbf548f4c98a2dd4ec8ce4b7796423d47157
SHA256:
B44097907F6BA49CE245A8892F6B0F5CD6D1FD15F1052962299104FF6B391C65
File Size:
2.16 MB, 2160141 bytes
|
|
MD5:
01116a41024acbcf378ce8f149b41f3c
SHA1:
a8b78563ca53f6e4a7f084ab1e51aad71d4be19c
SHA256:
4DAD93978746D40B159D8BBFBDF2407AA1FA6BB3EBCC625833FC94345B9D116A
File Size:
4.51 MB, 4508861 bytes
|
|
MD5:
90e3e6da8b41f1c56e718391093c145b
SHA1:
35757b7f449355802ab3c027ed16a7edd7336859
SHA256:
88DB211D294991122D5B62B3B97EECC8A12C7A585AEB54D3C5B85E4798AEA36B
File Size:
2.53 MB, 2530269 bytes
|
|
MD5:
7af1cdd4138314023bd6ea0a1117df95
SHA1:
9f2f746df509e8daa635c810e4be12a3c50c4243
SHA256:
11DA7020F8F431AD4BF48EC088F72AF2AD9CEC5BAAF850029F747ACC96A63E7F
File Size:
2.56 MB, 2558632 bytes
|
|
MD5:
09401312a13a9a752ec082072d210be6
SHA1:
0f184b6c2e65d4eaf48f9f444815355469fd32ef
SHA256:
7CD8E02BA1BCD955DB0F929E735CCED0F1CF4D714B3F056A7A12D47193E5B95F
File Size:
145.41 KB, 145408 bytes
|
Windows Portable Executable Attributes
- File doesn't have "Rich" header
- File doesn't have debug information
- File doesn't have exports table
- File doesn't have relocations information
- File doesn't have security information
- File has TLS information
- File is 32-bit executable
- File is either console or GUI application
- File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
- File is Native application (NOT .NET application)
Show More
- File is not packed
- IMAGE_FILE_DLL is not set inside PE header (Executable)
- IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)
File Icons
File Icons
This section displays icon resources found within family samples. Malware often replicates icons commonly associated with legitimate software to mislead users into believing the malware is safe.
Show More
220 additional icons are not displayed above.
Windows PE Version Information
Windows PE Version Information
This section displays values and attributes that have been set in the Windows file version information data structure for samples within this family. To mislead users, malware actors often add fake version information mimicking legitimate software.| Name | Value |
|---|---|
| Company Name |
|
| File Description |
Show More
|
| File Version |
Show More
|
| Internal Name |
|
| Legal Copyright | Copyright © Microsoft Corp. |
| Original Filename |
|
| Product Name |
Show More
|
| Product Version |
Show More
|
File Traits
- 2+ executable sections
- HighEntropy
- imgui
- No Version Info
- VirtualQueryEx
- WriteProcessMemory
- x86
Block Information
Block Information
During analysis, EnigmaSoft breaks file samples into logical blocks for classification and comparison with other samples. Blocks can be used to generate malware detection rules and to group file samples into families based on shared source code, functionality and other distinguishing attributes and characteristics. This section lists a summary of this block data, as well as its classification by EnigmaSoft. A visual representation of the block data is also displayed, where available.| Total Blocks: | 97 |
|---|---|
| Potentially Malicious Blocks: | 2 |
| Whitelisted Blocks: | 86 |
| Unknown Blocks: | 9 |
Visual Map
?
x
x
?
?
?
?
?
?
?
0
?
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
1
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block
? - Unknown Block
x - Potentially Malicious Block
Windows API Usage
Windows API Usage
This section lists Windows API calls that are used by the samples in this family. Windows API usage analysis is a valuable tool that can help identify malicious activity, such as keylogging, security privilege escalation, data encryption, data exfiltration, interference with antivirus software, and network request manipulation.| Category | API |
|---|---|
| Service Control |
|
