2024-06-11_9a4f8be72d02ee9b5b26561ff2072250_icedid_nymaim

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-11_9a4f8be72d02ee9b5b26561ff2072250_icedid_nymaim
Size

776KB
MD5

9a4f8be72d02ee9b5b26561ff2072250
SHA1

87c7f56ee8293adde051bc625804e860bec616b9
SHA256

9ed29c205349c007c0ca9c61540547ec5971f0e6d408ad4244bb1e6066b2d41b
SHA512

b394f843e8b89114cfc7a88b9c27afaa3841a4dbe5f320263786943d5fb079691bbb6ba276f87c20e4f77f2fe85718302b7ee4ca102135c33825d08b8cfd722e
SSDEEP

12288:1rbsLzB6op883NNU8xNM0B1Q1nmscUMXpShs1iV45j5wgpwuVmhVfPQbUhM6IMhR:1r8V3QBtRMZSS1iyHnwomh5Po/I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-11_9a4f8be72d02ee9b5b26561ff2072250_icedid_nymaim

Files

2024-06-11_9a4f8be72d02ee9b5b26561ff2072250_icedid_nymaim
.exe windows:4 windows x86 arch:x86

8f24986f4fa54f57a25447c22de02964

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutGetNumDevs

version

VerLanguageNameA
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

GetCPInfo
GetOEMCP
RtlUnwind
RaiseException
HeapFree
HeapAlloc
ExitProcess
GlobalFlags
GetCommandLineA
GetTimeZoneInformation
GetSystemTime
GetACP
HeapReAlloc
HeapSize
GetStartupInfoA
GetLocalTime
HeapCreate
VirtualFree
VirtualAlloc
LocalReAlloc
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateProcessA
GetPrivateProfileSectionNamesA
EnterCriticalSection
SetErrorMode
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
GetCurrentThread
GetCurrentProcess
GetWindowsDirectoryA
GetSystemDirectoryA
GetDriveTypeA
MulDiv
InterlockedIncrement
FindNextFileA
FindFirstFileA
FindClose
RemoveDirectoryA
SetCurrentDirectoryA
CreateDirectoryA
GetFileAttributesA
SetFileAttributesA
WriteFile
ReadFile
CreateFileA
GetFileSize
SetFilePointer
SetEndOfFile
DeleteFileA
GetTempPathA
GetTempFileNameA
lstrcpyA
lstrlenA
lstrcpynA
ExpandEnvironmentStringsA
GetProcessVersion
GetModuleFileNameA
OpenProcess
CloseHandle
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCurrentProcessId
FreeLibrary
GetVersionExA
GetLastError
SetLastError
InitializeCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetVersion
GlobalAddAtomA
GetCurrentThreadId
GlobalGetAtomNameA
LockResource
GlobalFindAtomA
GlobalDeleteAtom
SystemTimeToFileTime
FindResourceA
LoadResource
FileTimeToSystemTime
GetFileTime
WideCharToMultiByte
InterlockedDecrement
MoveFileA
GetFullPathNameA
FlushFileBuffers
UnlockFile
LockFile
LocalFileTimeToFileTime
DuplicateHandle
DosDateTimeToFileTime
IsBadStringPtrA
SetFileTime
GetTickCount
lstrcmpiA
FileTimeToLocalFileTime
FileTimeToDosDateTime
LocalUnlock
LocalAlloc
LocalLock
lstrcatA
GlobalReAlloc
IsDBCSLeadByte
TlsFree
TlsGetValue
IsBadReadPtr
TlsSetValue
TlsAlloc
GetPrivateProfileIntA
MultiByteToWideChar
GlobalMemoryStatus
GetSystemDefaultLangID
GetComputerNameA
GetVolumeInformationA
GetPrivateProfileStringA
MoveFileExA
WritePrivateProfileStringA
GetDiskFreeSpaceA
TerminateProcess
Sleep
GetLogicalDriveStringsA
lstrcmpA
GetCurrentDirectoryA
FormatMessageA
GetShortPathNameA
CopyFileA
GetPrivateProfileSectionA
LocalFree
GlobalAlloc
SetUnhandledExceptionFilter
HeapDestroy
IsBadWritePtr

user32

CheckMenuItem
EnableMenuItem
MapWindowPoints
GetSysColor
GetFocus
SetMenuItemBitmaps
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
GetTopWindow
GetCapture
WinHelpA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetKeyState
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
SystemParametersInfoA
GetWindowPlacement
SetActiveWindow
CreateDialogIndirectParamA
GetParent
SetFocus
IsWindowEnabled
ShowWindow
SetWindowPos
MoveWindow
GetMenuState
IsDialogMessageA
LoadBitmapA
ModifyMenuA
ReleaseCapture
GetDlgItem
DrawFocusRect
FillRect
PtInRect
GetCursorPos
ValidateRect
GetMessageA
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
UnhookWindowsHookEx
GetWindowTextLengthA
LoadStringA
WaitForInputIdle
SetDlgItemTextA
SetWindowTextA
SetForegroundWindow
EndDialog
DialogBoxParamA
GetActiveWindow
GetClassNameA
CharUpperA
OemToCharA
CharNextA
CharPrevA
CharUpperBuffA
SetCursor
IsIconic
DrawIcon
DestroyIcon
ExitWindowsEx
LoadCursorA
UpdateWindow
RedrawWindow
GetDesktopWindow
GetWindowTextA
EnumWindows
GetWindowThreadProcessId
PostMessageA
MessageBoxA
MsgWaitForMultipleObjects
GetSystemMetrics
EnableWindow
InvalidateRect
GetClientRect
GetDC
ReleaseDC
GetWindowRect
LoadIconA
TranslateMessage
DispatchMessageA
PeekMessageA
PostQuitMessage
IsWindow
BeginPaint
GetMenuCheckMarkDimensions
ClientToScreen
DrawTextA
EndPaint
TabbedTextOutA
GrayStringA
DestroyMenu
GetDlgCtrlID
GetWindowLongA
DefWindowProcA
SetWindowLongA
GetClassInfoA
RegisterClassA
CreateWindowExA
SendMessageA
DestroyWindow
wsprintfA
RegisterWindowMessageA
GetSysColorBrush
ShowOwnedPopups
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
LoadMenuA
SendDlgItemMessageA
GetNextDlgTabItem
UnregisterClassA

gdi32

DeleteObject
CreateFontIndirectA
GetObjectA
CreateSolidBrush
StretchDIBits
RealizePalette
CreatePalette
DeleteDC
CreateICA
GetTextMetricsA
SetBkMode
SetBkColor
GetStockObject
GetClipBox
GetBkColor
CreateBitmap
SetTextColor
RestoreDC
SelectObject
SaveDC
SetViewportOrgEx
OffsetViewportOrgEx
SetMapMode
ScaleViewportExtEx
SetViewportExtEx
SetWindowExtEx
Rectangle
ScaleWindowExtEx
SelectPalette
PtVisible
RectVisible
ExtTextOutA
Escape
TextOutA
CreateCompatibleDC
BitBlt
GetDeviceCaps
RemoveFontResourceA
AddFontResourceA

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

OpenServiceA
LookupPrivilegeValueA
AdjustTokenPrivileges
EnumServicesStatusA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegEnumValueA
RegConnectRegistryA
RegCloseKey
LookupAccountSidA
CreateServiceA
CloseServiceHandle
DeleteService
StartServiceA
ControlService
QueryServiceStatus
GetServiceDisplayNameA
OpenSCManagerA
UnlockServiceDatabase
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
GetUserNameA

shell32

SHChangeNotify
DragFinish
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
DragQueryFileA

comctl32

ord17

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

LoadTypeLi
RegisterTypeLi

wsock32

WSAStartup
WSACleanup
getsockname
select
socket
gethostbyname
recv
bind
send
setsockopt
recvfrom
sendto
accept
inet_addr
listen
closesocket
shutdown
htonl
ntohs
inet_ntoa
ioctlsocket
connect
WSAGetLastError
htons

netapi32

Netbios

Sections

.text
Size: 524KB - Virtual size: 520KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8f24986f4fa54f57a25447c22de02964

Headers

File Characteristics

Imports

winmm

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

wsock32

netapi32

Sections

.text Size: 524KB - Virtual size: 520KB

.rdata Size: 100KB - Virtual size: 97KB

.data Size: 48KB - Virtual size: 62KB

.rsrc Size: 96KB - Virtual size: 96KB

.text
Size: 524KB - Virtual size: 520KB

.rdata
Size: 100KB - Virtual size: 97KB

.data
Size: 48KB - Virtual size: 62KB

.rsrc
Size: 96KB - Virtual size: 96KB