2024-04-30_a78dfa41baae6d8ed0c072bc4339cf72_icedid_nymaim

Sharing

Copy URL

Twitter E-mail

General

Target

2024-04-30_a78dfa41baae6d8ed0c072bc4339cf72_icedid_nymaim
Size

328KB
MD5

a78dfa41baae6d8ed0c072bc4339cf72
SHA1

ccc096b356b819203e48ca05cd47c65e0407b004
SHA256

920340e25c9ed04945602a74359d7046c756c41e0f382c591ae6928d371a9cea
SHA512

d5d18f5e98c277381003bc366cea9ece554c661c6cb3a08837bf3cca2fa086f76959403c6a97b8996442c0d0c3c32ade9b710ae16333428a2f0e970720234091
SSDEEP

3072:zxn43W59XJLiqkaQ7cfd4X+TkpRb8b3Mwmio8bzCxn9HfG7LTu7QJwW9cq2HojLl:zdD9XJfk97capQKWCxAdwW2k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-30_a78dfa41baae6d8ed0c072bc4339cf72_icedid_nymaim

Files

2024-04-30_a78dfa41baae6d8ed0c072bc4339cf72_icedid_nymaim
.exe windows:4 windows x86 arch:x86

95aed137474d924b19ef6dd11a729068

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCommandLineA
TerminateProcess
ExitProcess
HeapFree
HeapAlloc
RaiseException
RtlUnwind
GetACP
GetTimeZoneInformation
FormatMessageA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
HeapReAlloc
HeapSize
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetLastError
GetEnvironmentStringsW
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringW
SetEnvironmentVariableA
GetTickCount
GetFileTime
GetFileSize
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
FindClose
GetVolumeInformationA
FindFirstFileA
UnlockFile
SetEndOfFile
SetFilePointer
LockFile
FlushFileBuffers
CreateFileA
WriteFile
ReadFile
SetErrorMode
GetCurrentProcess
DuplicateHandle
GetThreadLocale
GetOEMCP
GetCPInfo
GetStdHandle
GetFileType
SizeofResource
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GetWindowsDirectoryA
GetModuleHandleA
GetModuleFileNameA
SetFileAttributesA
DeleteFileA
CopyFileA
GetFileAttributesA
CreateDirectoryA
GetProcessVersion
LCMapStringA
WritePrivateProfileStringA
GetProfileStringA
GlobalFlags
lstrcpynA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
MulDiv
SetLastError
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedIncrement
InterlockedDecrement
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
GetProcAddress
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
CloseHandle
LCMapStringW
GetStringTypeA
HeapDestroy
CompareStringA
GetVersionExA

user32

SetRect
MessageBeep
InvalidateRect
CharUpperA
InflateRect
RegisterClipboardFormatA
PostThreadMessageA
PtInRect
GetClassNameA
GetDesktopWindow
LoadCursorA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
DestroyMenu
LoadStringA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
CopyAcceleratorTableA
GetNextDlgGroupItem
CopyRect
GetTopWindow
IsChild
wsprintfA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
GetSysColorBrush
CharNextA
AdjustWindowRectEx
ScreenToClient
GetClassInfoA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
SetCursor
PostQuitMessage
PostMessageA
EnableWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
SendMessageA
LoadIconA
WinHelpA
GetCapture
DrawFocusRect
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode

gdi32

DeleteObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
CreateDIBitmap
CreateCompatibleDC
BitBlt
GetTextExtentPointA
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetViewportExtEx
SetMapMode
SetBkMode
SelectObject
RestoreDC
GetStockObject
DeleteDC
SaveDC
SetBkColor
SetTextColor
GetObjectA
GetClipBox
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegDeleteKeyA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

comctl32

ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemAlloc

olepro32

ord253

oleaut32

SysStringLen
SysFreeString
SysAllocStringByteLen
VariantChangeType
SysAllocString
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen

Sections

.text
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

tekuvlp
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 116KB - Virtual size: 116KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

95aed137474d924b19ef6dd11a729068

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 136KB - Virtual size: 132KB

.rdata Size: 36KB - Virtual size: 33KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 16KB - Virtual size: 12KB

tekuvlp Size: 8KB - Virtual size: 4KB

Size: 116KB - Virtual size: 116KB

.text
Size: 136KB - Virtual size: 132KB

.rdata
Size: 36KB - Virtual size: 33KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 16KB - Virtual size: 12KB

tekuvlp
Size: 8KB - Virtual size: 4KB