2024-06-20_3093b02f7066640d6ee118b40f8ac579_icedid_nymaim

Sharing

Copy URL

Twitter E-mail

General

Target

2024-06-20_3093b02f7066640d6ee118b40f8ac579_icedid_nymaim
Size

656KB
MD5

3093b02f7066640d6ee118b40f8ac579
SHA1

5a5691a5b7f369736ae93bcf67cd29efdd87201e
SHA256

ad94eef181c89feae2f568dbba9037005de1a031617159ab89d83427c9a9f8e7
SHA512

dec57520429c41d5a841b389c29ce12845f863b3ed9bd0f6f4e7c9671d9db3d59b6796cf09c3beca0ca997660ada0dc642bf00032ea110d84babb6b71260d748
SSDEEP

12288:vFJyYUTvklWEUsPzinm1kFWqdENgA147EZQn9csId:QMlAnRWqdM1XZscsId

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-20_3093b02f7066640d6ee118b40f8ac579_icedid_nymaim

Files

2024-06-20_3093b02f7066640d6ee118b40f8ac579_icedid_nymaim
.exe windows:4 windows x86 arch:x86

0dc6214543b4ed4e76a6cf42ada77393

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

kernel32

GetOEMCP
SetErrorMode
GetSystemTimeAsFileTime
RtlUnwind
FindNextFileA
GetTimeFormatA
GetDateFormatA
CreateDirectoryA
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
GetCurrentProcessId
ExitProcess
ExitThread
CreateThread
HeapReAlloc
SetStdHandle
GetFileType
TerminateProcess
HeapSize
GetTimeZoneInformation
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStringTypeA
GetStringTypeW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
QueryPerformanceCounter
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetLocaleInfoW
GetCPInfo
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
SizeofResource
LockResource
LoadResource
FindResourceA
Sleep
WideCharToMultiByte
FlushFileBuffers
CloseHandle
WriteFile
CreateFileA
GetFileAttributesA
SetVolumeLabelA
GetVolumeInformationA
OpenMutexA
WaitForSingleObject
CreateEventA
SetEvent
GetTickCount
ResetEvent
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
MultiByteToWideChar
GetLastError
GetVersion
lstrcmpiA
lstrlenA
CompareStringA
CompareStringW
GetSystemTime
GetDiskFreeSpaceExA
RemoveDirectoryA
GetExitCodeProcess
CreateProcessA
GetUserDefaultLangID
GetCurrentDirectoryA
SetFileAttributesA
LocalFileTimeToFileTime
FileTimeToLocalFileTime
GetShortPathNameA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
SetFilePointer
ReadFile
MoveFileA
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
InterlockedIncrement
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
SetThreadLocale
SearchPathA
OpenEventA
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
WritePrivateProfileSectionA
GetFileTime
SetFileTime
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetStringTypeExA
lstrcatA
lstrcmpW
GetCurrentThread
GlobalDeleteAtom
GetModuleHandleA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
GetCurrentThreadId
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
SetLastError
CopyFileA
MulDiv
GlobalLock
GlobalUnlock
lstrcpynA
DeleteFileA
FlushViewOfFile
GetTempPathA
ReleaseMutex
CreateMutexA
LocalAlloc
lstrcmpA
FormatMessageA
LocalFree
GetModuleFileNameA
OpenFile
GetFileSize
LoadLibraryA
GetProcAddress
FreeLibrary
GlobalFree
GlobalAlloc
GetDriveTypeA

user32

DestroyIcon
GetMenuItemInfoA
InflateRect
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
DeleteMenu
ClientToScreen
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
ReleaseCapture
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorA
InvalidateRect
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
ShowWindow
SetWindowTextA
IsDialogMessageA
ShowOwnedPopups
SetCursor
wsprintfA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
IsWindow
SetFocus
IsChild
GetWindowTextA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
WaitForInputIdle
TrackPopupMenu
UpdateWindow
GetClientRect
GetMenu
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
CopyRect
PtInRect
GetWindow
PostQuitMessage
GetClassInfoExA
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
SetMenuItemBitmaps
GetFocus
GetParent
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
UnhookWindowsHookEx
UnregisterClassA
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
LoadStringA
RegisterWindowMessageA
CharUpperA
SendMessageTimeoutA
MsgWaitForMultipleObjects
PeekMessageA
TranslateMessage
DispatchMessageA
GetClassNameA
SetActiveWindow
EnableWindow
LoadIconA
SendMessageA
FindWindowA
PostMessageA
MessageBoxA
GetForegroundWindow
SetForegroundWindow
GetWindowTextLengthA

gdi32

BitBlt
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
CreatePatternBrush
GetStockObject
CreateSolidBrush
CreateFontIndirectA
GetTextExtentPoint32A
SetMapMode
SetBkMode
RestoreDC
SaveDC
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
DeleteDC
CreateBitmap

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegEnumKeyExA
RegOpenKeyExA
GetUserNameA
RegQueryValueExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegOpenKeyA
RegSetValueA
RegCreateKeyExA
RegSetValueExA
RegCreateKeyA
GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA

shell32

DragQueryFileA
SHGetFileInfoA
ExtractIconA
DragFinish

comctl32

ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy
ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
VarUdateFromDate
VariantClear
VariantChangeType
VariantInit

wsock32

connect
gethostname
ord1109
bind
send
getsockname
getpeername
recv
closesocket
WSAGetLastError

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 400KB - Virtual size: 399KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0dc6214543b4ed4e76a6cf42ada77393

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

wsock32

version

Sections

.text Size: 400KB - Virtual size: 399KB

.rdata Size: 72KB - Virtual size: 70KB

.data Size: 16KB - Virtual size: 32KB

.rsrc Size: 164KB - Virtual size: 161KB

.text
Size: 400KB - Virtual size: 399KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 16KB - Virtual size: 32KB

.rsrc
Size: 164KB - Virtual size: 161KB