2023-08-26_865934a6a237ea0c9351584797a52e03_icedid_ramnit_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-26_865934a6a237ea0c9351584797a52e03_icedid_ramnit_JC.exe
Size

584KB
MD5

865934a6a237ea0c9351584797a52e03
SHA1

dd0df9b7912fdd77d735e90ecb2445f208f3c799
SHA256

5cb1d4e095ecab943c29808875cb274a1eccfec50172de6af2d9d936df1763fd
SHA512

8e468f8385a689cefc90ba28688c85af428cbf2285e3898af1625ce2185c5d13e750aa6d6430fa2c0efb35a158d9a5b03f76fcadf99f530b3982c93d26b4392e
SSDEEP

12288:OdCloxsdWB+k7xenhpqabGKJMBaM9xV9Y2kkv:eCloxs0nxWh4abH2aM9xV9Y2X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-26_865934a6a237ea0c9351584797a52e03_icedid_ramnit_JC.exe

Files

2023-08-26_865934a6a237ea0c9351584797a52e03_icedid_ramnit_JC.exe
.exe windows:4 windows x86

fcfcce4cdcdef8fe16905f0024931ec0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
MulDiv
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
RaiseException
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
SetStdHandle
GetFileType
HeapSize
SetHandleCount
LCMapStringA
LCMapStringW
TlsAlloc
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetErrorMode
GetProfileStringA
GetFileTime
GetFileSize
GetFileAttributesA
SetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetModuleHandleA
GlobalUnlock
GlobalFree
LockResource
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
GetCurrentThread
GetCurrentThreadId
LocalAlloc
FreeLibrary
lstrcmpiA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
LoadLibraryA
GetProcAddress
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
CreateFileA
GetCurrentProcess
DuplicateHandle
GetLastError
LocalFree
lstrlenA
InterlockedDecrement
InterlockedIncrement
TerminateProcess
FindFirstFileA
CreateDirectoryA
FindClose
WideCharToMultiByte
MultiByteToWideChar
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
OpenProcess
GetStartupInfoA
GetStdHandle
CreateProcessA
ReadFile
WriteFile
lstrcpyA
ExitProcess
CopyFileA
FindResourceA
LoadResource
SizeofResource
GetSystemDirectoryA
WritePrivateProfileStringA
Sleep
GetPrivateProfileStringA
GetTickCount
CreateThread
GetModuleFileNameA
GetEnvironmentVariableA

user32

IsDialogMessageA
ShowWindow
LoadStringA
LoadCursorA
ClientToScreen
GetClassNameA
PtInRect
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetSysColorBrush
InflateRect
DestroyMenu
InvalidateRect
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
UpdateWindow
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
AdjustWindowRectEx
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
GetClientRect
GetDC
ReleaseDC
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
MessageBoxA
DestroyWindow
EndDialog
UnregisterClassA
HideCaret
ShowCaret
IsWindowEnabled
GetWindowLongA
SetCursor
PostQuitMessage
PostMessageA
GetSystemMetrics
CharUpperA
wsprintfA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
GetDlgCtrlID
SetFocus
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
EnableWindow
RegisterHotKey
SendMessageA
LoadIconA
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
CharNextA
IsWindowUnicode
FindWindowA
DefWindowProcA
ScreenToClient

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
GetObjectA
SetBkColor
SetTextColor
GetClipBox
PatBlt
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
IsTextUnicode

comctl32

ord17

ws2_32

htonl
bind
listen
accept
getpeername
inet_ntoa
WSACleanup
recv
send
gethostbyname
htons
inet_addr
connect
socket
WSAStartup
closesocket
setsockopt

wininet

InternetCrackUrlA
InternetCanonicalizeUrlA

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 328KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fcfcce4cdcdef8fe16905f0024931ec0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

ws2_32

wininet

Sections

.text Size: 128KB - Virtual size: 127KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 20KB - Virtual size: 39KB

.rsrc Size: 328KB - Virtual size: 326KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 128KB - Virtual size: 127KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 20KB - Virtual size: 39KB

.rsrc
Size: 328KB - Virtual size: 326KB

.rmnet
Size: 60KB - Virtual size: 60KB