2023-08-26_c89545c8cc64d93ee5e570b2f0163109_icedid_ramnit_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-26_c89545c8cc64d93ee5e570b2f0163109_icedid_ramnit_JC.exe
Size

564KB
MD5

c89545c8cc64d93ee5e570b2f0163109
SHA1

cc6e292cf1557b356967f8427fda2b8252490fbe
SHA256

62ce6843ad1fff3d338854f0fee3de64ef14f4109ebfad0e400809e4e491c396
SHA512

50993cd8941089fee27d670204ae8fab3134b5c772a1628062febe7769eb2634f9da24081a27e0fe5adff24c78cf409b14f5488f55368070331cab8ab0c9c7ca
SSDEEP

12288:OdCloxsdWB+k7xozhpqabGKJMBaM9xV9Y2Vr/icdAL:eCloxs0nxoh4abH2aM9xV9Y2VrKz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-26_c89545c8cc64d93ee5e570b2f0163109_icedid_ramnit_JC.exe

Files

2023-08-26_c89545c8cc64d93ee5e570b2f0163109_icedid_ramnit_JC.exe
.exe windows:4 windows x86

fcfcce4cdcdef8fe16905f0024931ec0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
MulDiv
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
RaiseException
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
SetStdHandle
GetFileType
HeapSize
SetHandleCount
LCMapStringA
LCMapStringW
TlsAlloc
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetErrorMode
GetProfileStringA
GetFileTime
GetFileSize
GetFileAttributesA
SetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetModuleHandleA
GlobalUnlock
GlobalFree
LockResource
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
GetCurrentThread
GetCurrentThreadId
LocalAlloc
FreeLibrary
lstrcmpiA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
LoadLibraryA
GetProcAddress
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
CreateFileA
GetCurrentProcess
DuplicateHandle
GetLastError
LocalFree
lstrlenA
InterlockedDecrement
InterlockedIncrement
TerminateProcess
FindFirstFileA
CreateDirectoryA
FindClose
WideCharToMultiByte
MultiByteToWideChar
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
OpenProcess
GetStartupInfoA
GetStdHandle
CreateProcessA
ReadFile
WriteFile
lstrcpyA
ExitProcess
CopyFileA
FindResourceA
LoadResource
SizeofResource
GetSystemDirectoryA
WritePrivateProfileStringA
Sleep
GetPrivateProfileStringA
GetTickCount
CreateThread
GetModuleFileNameA
GetEnvironmentVariableA

user32

IsDialogMessageA
ShowWindow
LoadStringA
LoadCursorA
ClientToScreen
GetClassNameA
PtInRect
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetSysColorBrush
InflateRect
DestroyMenu
InvalidateRect
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
UpdateWindow
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
AdjustWindowRectEx
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
GetClientRect
GetDC
ReleaseDC
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
MessageBoxA
DestroyWindow
EndDialog
UnregisterClassA
HideCaret
ShowCaret
IsWindowEnabled
GetWindowLongA
SetCursor
PostQuitMessage
PostMessageA
GetSystemMetrics
CharUpperA
wsprintfA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
GetDlgCtrlID
SetFocus
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
EnableWindow
RegisterHotKey
SendMessageA
LoadIconA
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
CharNextA
IsWindowUnicode
FindWindowA
DefWindowProcA
ScreenToClient

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
GetObjectA
SetBkColor
SetTextColor
GetClipBox
PatBlt
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
IsTextUnicode

comctl32

ord17

ws2_32

htonl
bind
listen
accept
getpeername
inet_ntoa
WSACleanup
recv
send
gethostbyname
htons
inet_addr
connect
socket
WSAStartup
closesocket
setsockopt

wininet

InternetCrackUrlA
InternetCanonicalizeUrlA

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 328KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fcfcce4cdcdef8fe16905f0024931ec0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

ws2_32

wininet

Sections

.text Size: 128KB - Virtual size: 127KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 20KB - Virtual size: 39KB

.rsrc Size: 328KB - Virtual size: 326KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 128KB - Virtual size: 127KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 20KB - Virtual size: 39KB

.rsrc
Size: 328KB - Virtual size: 326KB

.rmnet
Size: 60KB - Virtual size: 60KB