2024-02-19_20e1ef585d9fc6b6f8a004533f0334ea_icedid_ramnit

Sharing

Copy URL

Twitter E-mail

General

Target

2024-02-19_20e1ef585d9fc6b6f8a004533f0334ea_icedid_ramnit
Size

1.6MB
MD5

20e1ef585d9fc6b6f8a004533f0334ea
SHA1

b99e06d696f8fed56546f32847b3d794bfc39958
SHA256

afa7a5713abb3b8c18a95a51bcabc53f5f73f14c72d37a29ca4998268142ef77
SHA512

ad23b0f21f3e275e0075a7a00d6bb6ac917cb253467ce8dffd30b3723cebb45d5558a1d4bcd69a4655ca8c63948b14c5b4e8ff15cca3db4ca7ed20352b96255e
SSDEEP

24576:GJl2bGu1S8Fy7KwHuXySyityqJUOMVI5kZicz+pS2sz:c38F9XXyotyqaOpkZbSW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-19_20e1ef585d9fc6b6f8a004533f0334ea_icedid_ramnit

Files

2024-02-19_20e1ef585d9fc6b6f8a004533f0334ea_icedid_ramnit
.exe windows:4 windows x86 arch:x86

e189cb7377d0ae74a09cae092e579446

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

bmaframe

CreateBMAFramework
CreateXmlConfigParse

channel

ReleaseChannel
CreateChannel

kernel32

HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
HeapReAlloc
SetStdHandle
SetUnhandledExceptionFilter
VirtualAlloc
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetCPInfo
CompareStringA
CompareStringW
GetDriveTypeA
GetACP
GetOEMCP
SetEnvironmentVariableA
TerminateProcess
HeapFree
HeapAlloc
RaiseException
GetSystemTime
GetTimeZoneInformation
RtlUnwind
ExitProcess
GetStartupInfoW
GetCurrentDirectoryW
FindResourceExW
SetErrorMode
SystemTimeToFileTime
LocalFileTimeToFileTime
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GlobalFlags
SizeofResource
GlobalGetAtomNameW
GetDiskFreeSpaceW
SetFileTime
GetTempFileNameW
lstrcmpW
InterlockedExchange
GetProfileStringA
GlobalAddAtomA
FindResourceA
GlobalAlloc
lstrcmpA
lstrcmpiA
GetCurrentThread
MulDiv
GetShortPathNameW
lstrcmpiW
GetThreadLocale
GetStringTypeExW
GetFullPathNameW
GetVolumeInformationW
LoadLibraryW
MoveFileW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
SetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
FormatMessageW
LocalFree
GetModuleHandleA
LoadLibraryA
FreeLibrary
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetModuleHandleW
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceW
LoadResource
lstrcpynW
lstrcpyW
lstrcatW
IsBadReadPtr
IsBadWritePtr
GetModuleFileNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetFileTime
CreateFileMappingW
MapViewOfFile
GetLocalTime
UnmapViewOfFile
FindNextFileW
EnterCriticalSection
LeaveCriticalSection
ResetEvent
lstrlenA
MultiByteToWideChar
DeleteCriticalSection
InitializeCriticalSection
GetPrivateProfileSectionW
WritePrivateProfileSectionW
FindFirstFileW
FindClose
lstrlenW
GetModuleFileNameW
GetVersion
GetPrivateProfileStringW
Sleep
SetEvent
WaitForSingleObject
CreateThread
CreateEventW
GetFileAttributesW
SetFileAttributesW
WritePrivateProfileStringW
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
DeleteFileW
RemoveDirectoryW
GetTickCount
GetTempPathW
CreateDirectoryW
GetLastError
WriteFile
GetFileSize
CloseHandle
ReadFile
CreateFileW
GetPrivateProfileIntW
LCMapStringW

user32

IsZoomed
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
LoadMenuW
DestroyMenu
TranslateAcceleratorW
LoadAcceleratorsW
SetWindowContextHelpId
GetMessageW
ValidateRect
SetCursor
ShowOwnedPopups
PostQuitMessage
SetRectEmpty
LoadStringW
GetCursorPos
WindowFromPoint
GrayStringW
TabbedTextOutW
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
MapDialogRect
GetAsyncKeyState
CharUpperW
wvsprintfW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
SendDlgItemMessageW
SendDlgItemMessageA
SetFocus
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
MessageBoxW
IsChild
WinHelpW
wsprintfW
GetClassInfoW
RegisterClassW
GetMenu
CopyAcceleratorTableW
GetSubMenu
GetMenuItemID
GetWindowTextLengthW
GetWindowTextLengthA
HideCaret
ShowCaret
ExcludeUpdateRgn
GetWindowTextA
GetDlgCtrlID
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
GetMessageTime
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowLongW
SetWindowPos
RegisterWindowMessageW
IntersectRect
LoadCursorW
GetSysColorBrush
GetDCEx
LockWindowUpdate
InsertMenuW
DeleteMenu
GetMenuStringW
DestroyIcon
AdjustWindowRectEx
CharNextW
SystemParametersInfoW
IsIconic
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
DrawIcon
GetDesktopWindow
PtInRect
GetMessagePos
ScreenToClient
GetCapture
ReleaseCapture
MapWindowPoints
OffsetRect
SetCapture
GetSystemMetrics
DrawTextA
GetClassInfoA
DefDlgProcA
DefWindowProcA
CharNextA
CallWindowProcA
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA
GetPropA
DrawFrameControl
DrawFocusRect
GetDC
ReleaseDC
GetNextDlgGroupItem
SetParent
GetMenuItemCount
GetWindow
GetClassNameW
LoadImageW
FrameRect
IsRectEmpty
IsWindow
GetWindowTextW
EnumWindows
PeekMessageW
SetMenu
GetKeyState
UnregisterClassW
RegisterClipboardFormatW
MessageBeep
TranslateMessage
DispatchMessageW
SetRect
GetCaretPos
keybd_event
KillTimer
SetTimer
GetSysColor
CopyRect
InflateRect
UpdateWindow
GetFocus
PostMessageW
PostThreadMessageW
FillRect
GetClientRect
GetParent
DrawTextW
LoadBitmapW
GetWindowRect
EnableWindow
InvalidateRect
LoadIconW
SendMessageW
IsWindowVisible

gdi32

StretchDIBits
GetCharWidthW
GetMapMode
SetRectRgn
PtVisible
DPtoLP
EnumFontFamiliesExW
GetTextColor
GetBkColor
LPtoDP
GetTextExtentPointA
ExtTextOutA
CreatePatternBrush
SetWindowExtEx
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
Escape
CreateRectRgn
LineTo
MoveToEx
IntersectClipRect
ExcludeClipRect
SelectClipRgn
TextOutW
RectVisible
CreateDIBitmap
GetObjectW
BitBlt
CombineRgn
CreateFontIndirectW
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
RestoreDC
SaveDC
CreateRectRgnIndirect
PatBlt
CreateBitmap
SetBkColor
GetClipBox
CreateFontW
CreateDIBSection
Rectangle
ExtTextOutW
CreatePen
GetTextMetricsW
CreateCompatibleBitmap
DeleteDC
GetTextExtentPoint32W
SetBkMode
SelectObject
SetTextColor
DeleteObject
CreateSolidBrush
CreateCompatibleDC
ScaleWindowExtEx

comdlg32

GetOpenFileNameW
GetFileTitleW
GetSaveFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCloseKey
CryptAcquireContextW
CryptReleaseContext
CryptGenRandom
RegOpenKeyW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegDeleteValueW
SetFileSecurityW
GetFileSecurityW
RegCreateKeyW
RegSetValueW
RegQueryValueExW

shell32

DragQueryFileW
DragFinish
SHGetFileInfoW
ShellExecuteW
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW
ExtractIconW

comctl32

ImageList_DragLeave
ImageList_Draw
ImageList_GetIconSize
ImageList_AddMasked
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_BeginDrag
PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW
ImageList_Destroy
ImageList_Create
ImageList_DragMove
ord17
ImageList_EndDrag
ImageList_LoadImageW
ImageList_DrawEx

oledlg

OleUIBusyW

ole32

CoFreeUnusedLibraries
CoTaskMemAlloc
CoTaskMemFree
OleFlushClipboard
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoUninitialize
OleUninitialize
OleInitialize
CoInitialize
CoCreateInstance
OleRun
OleIsCurrentClipboard
CoRegisterMessageFilter
CoRevokeClassObject
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal

olepro32

ord253

oleaut32

SysStringLen
VariantInit
VariantClear
SysAllocString
SysFreeString
VariantChangeType
VariantCopy
SysAllocStringLen
VariantTimeToSystemTime
GetErrorInfo

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupDiOpenDevRegKey

Sections

.text
Size: 480KB - Virtual size: 476KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 212KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 744KB - Virtual size: 743KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e189cb7377d0ae74a09cae092e579446

Headers

File Characteristics

Imports

version

bmaframe

channel

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

setupapi

Sections

.text Size: 480KB - Virtual size: 476KB

.rdata Size: 212KB - Virtual size: 210KB

.data Size: 36KB - Virtual size: 56KB

.rsrc Size: 744KB - Virtual size: 743KB

.text Size: 120KB - Virtual size: 120KB

.text
Size: 480KB - Virtual size: 476KB

.rdata
Size: 212KB - Virtual size: 210KB

.data
Size: 36KB - Virtual size: 56KB

.rsrc
Size: 744KB - Virtual size: 743KB

.text
Size: 120KB - Virtual size: 120KB