2024-04-21_4c6428b79080d5bc5dbeb01904644f07_icedid_ramnit

Sharing

Copy URL

Twitter E-mail

General

Target

2024-04-21_4c6428b79080d5bc5dbeb01904644f07_icedid_ramnit
Size

452KB
MD5

4c6428b79080d5bc5dbeb01904644f07
SHA1

a0de7dee29d5e0ebdd8648f92e5f2d5b4e3fb086
SHA256

72089da2ba228769e2e005e382bac4c084b01bcf2f13803c5a1dded4830fed2a
SHA512

47ab12e4d8a23d1318b3658c74234a55bc12bb4f991e95b6f3cd2af390c95f496d1b410449acd43e16d18882313d941029d6534768495578e4f615a46dec1a97
SSDEEP

6144:tg3uQNAJ3PgGbQEds7hPpwvzsFemJlyWNCQk44LObFzNea9ivpf:a3tN8Pg8Qgshp0mJHY2E66N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-21_4c6428b79080d5bc5dbeb01904644f07_icedid_ramnit

Files

2024-04-21_4c6428b79080d5bc5dbeb01904644f07_icedid_ramnit
.exe windows:4 windows x86 arch:x86

7c0b8659ee93d5df4ba502f2e87d33ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Devpl\viewer\Release\Viewer.pdb

Imports

kernel32

HeapFree
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
RtlUnwind
ExitProcess
HeapReAlloc
TerminateProcess
SetStdHandle
GetFileType
HeapSize
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetTickCount
GetStringTypeW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GlobalFlags
GetFileTime
SetErrorMode
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcatA
lstrcmpW
FreeResource
GetModuleHandleA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
lstrcmpA
SetLastError
lstrcpynA
LoadLibraryA
GetProcAddress
GetModuleFileNameA
SetCurrentDirectoryA
FormatMessageA
LocalFree
GetCurrentThreadId
ReleaseMutex
GetCommandLineA
CreateMutexA
CreateProcessA
GetSystemDirectoryA
CreateThread
WaitForSingleObject
CreateEventA
GetVersion
DeleteCriticalSection
CompareStringA
lstrcmpiA
GetLastError
RaiseException
CompareStringW
InitializeCriticalSection
GetCurrentDirectoryA
lstrlenA
DeleteFileA
MultiByteToWideChar
InterlockedDecrement
Sleep
GetFileAttributesA
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
MulDiv
GetFileAttributesW
CloseHandle
ReadFile
GetFileSize
CreateFileW
FindResourceA
LoadResource
LockResource
SizeofResource
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetStringTypeA
WideCharToMultiByte

user32

MessageBeep
GetNextDlgGroupItem
CharNextA
InvalidateRgn
CopyAcceleratorTableA
SetRect
IsRectEmpty
LoadCursorA
GetSysColorBrush
DestroyMenu
SetCursor
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
IsChild
GetForegroundWindow
GetLastActivePopup
GetTopWindow
GetMessageTime
MapWindowPoints
MessageBoxA
GetMenu
AdjustWindowRectEx
EqualRect
GetClassInfoA
RegisterClassA
DefWindowProcA
CallWindowProcA
OffsetRect
IntersectRect
CopyRect
PtInRect
GetWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetNextDlgTabItem
EndDialog
GetWindowTextA
SetWindowPos
ShowWindow
MoveWindow
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
GetSysColor
EndPaint
RegisterClipboardFormatA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetDC
ReleaseDC
GetWindowLongA
SetWindowLongA
SetWindowRgn
SetTimer
KillTimer
GetClientRect
GetSystemMetrics
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetParent
IsWindowEnabled
IsWindow
SetFocus
wsprintfA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
PeekMessageA
GetCursorPos
ValidateRect
FillRect
PostThreadMessageA
GetWindowPlacement
InvalidateRect
UpdateWindow
EnableWindow
UnregisterClassA
CharUpperA
PostMessageA
RegisterWindowMessageA
FindWindowA
SendMessageA
GetFocus
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
LoadBitmapA
InflateRect
LoadIconA
GetDesktopWindow
GetSystemMenu
AppendMenuA
IsIconic
IsWindowVisible
SetForegroundWindow
BringWindowToTop
GetKeyState
ScreenToClient
SystemParametersInfoA
SetCapture
GetWindowRect
ReleaseCapture
GetMessagePos

gdi32

GetMapMode
GetRgnBox
GetBkColor
GetStockObject
CreateBitmap
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
GetTextColor
GetDeviceCaps
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetObjectA
MoveToEx
LineTo
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
DeleteObject
CreateSolidBrush
SelectObject
CreateCompatibleBitmap
GetTextExtentPoint32A
CreateFontA
CreateDCA
CombineRgn
CreatePolygonRgn
BitBlt
CreateCompatibleDC
CreatePen
CreateRectRgnIndirect
CreateRectRgn
ExtTextOutA

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA

comctl32

ord17

shlwapi

UrlCreateFromPathA
PathRenameExtensionA
PathStripToRootA
PathRemoveFileSpecA
PathAppendA
PathIsUNCA
PathFindExtensionA
PathAddBackslashA
PathFindFileNameA

oledlg

ord8

ole32

CLSIDFromString
CoTaskMemAlloc
CoGetClassObject
CoTaskMemFree
OleDraw
CoCreateInstance
CLSIDFromProgID
CreateStreamOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard

oleaut32

VariantInit
SysFreeString
SysStringLen
OleLoadPicture
SysAllocString
SysAllocStringLen
SafeArrayCreate
SafeArrayPutElement
SysAllocStringByteLen
SysStringByteLen
VariantCopy
VariantChangeType
VarBstrCmp
DispCallFunc
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayDestroy
SystemTimeToVariantTime
OleCreateFontIndirect
GetErrorInfo
VariantClear

Sections

.text
Size: 224KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7c0b8659ee93d5df4ba502f2e87d33ac

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 224KB - Virtual size: 222KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 44KB - Virtual size: 41KB

.text Size: 112KB - Virtual size: 112KB

.text
Size: 224KB - Virtual size: 222KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 44KB - Virtual size: 41KB

.text
Size: 112KB - Virtual size: 112KB