2024-06-06_269e68a90657f9c3ac55f9e8d0c1419e_icedid_ramnit

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-06_269e68a90657f9c3ac55f9e8d0c1419e_icedid_ramnit
Size

300KB
MD5

269e68a90657f9c3ac55f9e8d0c1419e
SHA1

d12063cac1ed53e3656ba0e7ea263fad9789330c
SHA256

59019e496ff137ad79045b1d13c91581339343e6b19d4981d072b8c287f54c85
SHA512

b7c70b1cfe91f6bdfd04adb76c9dbb9fa2dc102fbd2ca1e6792ddfedc1170e57b168bb5b4be7916a97492a4cf3bf94571077cd3a92da8ba3bc0a5053a5846249
SSDEEP

6144:4WcyRAkMgRqEG9DdrPYBufeMqiQ0Pd4Jtfy8Buxg1DK62L0rxdi:xRANgRqEG9gFi/4JFy8BuxgPrxdi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-06_269e68a90657f9c3ac55f9e8d0c1419e_icedid_ramnit

Files

2024-06-06_269e68a90657f9c3ac55f9e8d0c1419e_icedid_ramnit
.exe windows:4 windows x86 arch:x86

0ec65106b34123b730d5d83e4ecac45d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Source\NEXT\NSISPromotion\GomEncDnInstaller\GomEncDnInstaller\Release\GomEncDnInstaller.pdb

Imports

kernel32

HeapAlloc
HeapReAlloc
GetSystemTimeAsFileTime
ExitThread
CreateThread
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
SetStdHandle
GetFileType
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
GetCurrentProcessId
LCMapStringA
LCMapStringW
IsBadWritePtr
SetUnhandledExceptionFilter
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
ExitProcess
RtlUnwind
GetStartupInfoW
SetErrorMode
FlushFileBuffers
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalReAlloc
GlobalFlags
lstrcmpiW
LocalAlloc
RaiseException
InterlockedDecrement
MulDiv
FormatMessageW
LocalFree
ResumeThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcpyW
GetLocaleInfoW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
GetModuleHandleA
LoadLibraryA
lstrcatW
lstrcmpW
GetModuleHandleW
GetVersionExA
FreeResource
SetThreadPriority
WriteFile
Sleep
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WritePrivateProfileStringW
GetCommandLineW
GetModuleFileNameW
GetTickCount
GetTempPathW
CreateDirectoryW
SetLastError
GetVersion
GetCurrentThread
GetCurrentProcess
LoadLibraryW
GetProcAddress
FreeLibrary
lstrcpynW
MultiByteToWideChar
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
lstrlenW
GetFileAttributesW
GetLastError
GetFileSize
CreateFileW
SetFilePointer
ReadFile
CloseHandle
WideCharToMultiByte
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
WaitForSingleObject
TerminateProcess
DeleteFileW
FindResourceW
LoadResource
LockResource
QueryPerformanceCounter
SizeofResource

user32

wsprintfW
LoadCursorW
GetSysColorBrush
EndPaint
BeginPaint
ReleaseDC
GetDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
DestroyMenu
GetMessageW
ValidateRect
SetCursor
PostQuitMessage
SetMenuItemBitmaps
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
ShowWindow
SetWindowTextW
IsDialogMessageW
WinHelpW
GetCapture
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxW
TrackPopupMenu
GetKeyState
IsWindowVisible
UpdateWindow
GetMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
GetClassInfoW
RegisterClassW
UnregisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SystemParametersInfoA
PtInRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
PostMessageW
RegisterWindowMessageW
GetWindowTextW
GetForegroundWindow
SetWindowLongW
ClientToScreen
GetWindowPlacement
GetWindowLongW
SetWindowPos
SendDlgItemMessageW
GetWindowRect
DestroyIcon
CopyRect
PeekMessageW
TranslateMessage
DispatchMessageW
GetCursorPos
GetSystemMetrics
LoadIconW
SetForegroundWindow
GetClientRect
IsIconic
SendMessageW
LoadMenuW
GetSubMenu
DrawIcon
EnableWindow
SendDlgItemMessageA

gdi32

SetMapMode
RestoreDC
SaveDC
GetStockObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutW
RectVisible
PtVisible
GetDeviceCaps
CreateBitmap
GetObjectW
SetTextColor
GetClipBox
SelectObject
DeleteObject
SetBkColor
ExtTextOutW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegOpenKeyW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegQueryValueW
RegCloseKey
RegEnumKeyW
RegDeleteKeyW

shell32

Shell_NotifyIconW
ShellExecuteExW

comctl32

ord17

shlwapi

PathFindFileNameW
PathFindExtensionW

oleaut32

VariantInit
VariantClear
VariantChangeType

wininet

InternetCrackUrlW
InternetCloseHandle
InternetReadFile
InternetQueryDataAvailable
HttpQueryInfoW
InternetOpenUrlW
InternetSetOptionW
InternetOpenW
InternetCanonicalizeUrlW

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0ec65106b34123b730d5d83e4ecac45d

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

wininet

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 8KB - Virtual size: 21KB

.rsrc Size: 64KB - Virtual size: 62KB

.text Size: 88KB - Virtual size: 88KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 8KB - Virtual size: 21KB

.rsrc
Size: 64KB - Virtual size: 62KB

.text
Size: 88KB - Virtual size: 88KB