2024-10-09_2e2a784edfd2300e4e8e9f11d31ae98a_bugat_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-09_2e2a784edfd2300e4e8e9f11d31ae98a_bugat_icedid
Size

1.9MB
MD5

2e2a784edfd2300e4e8e9f11d31ae98a
SHA1

2cb0fedccdc577f2452a09fb78ff62a4dc6100f6
SHA256

532df47242b203af6e125b1b9e0a95776096fe7b3475d4022a16390558ef907d
SHA512

689471279780f575499a9251d5d03d07cfdb3629d3aaf728ec96f939cd2244a68f0cfa80522c6c0f3ceccbc8fa42a5c81a95fd33d4f9092616b2fa14802f3dbb
SSDEEP

24576:79MXXXkP+IKJGalTxF9AbO/krTa6hNLWXT8mBekFE6rwYUKsZ1HrPe6DTaX/:HmI0dF9AyuTa6hOT8mV70DxrPe6DTaX/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-10-09_2e2a784edfd2300e4e8e9f11d31ae98a_bugat_icedid

Files

2024-10-09_2e2a784edfd2300e4e8e9f11d31ae98a_bugat_icedid
.exe windows:4 windows x86 arch:x86

233108c2cb1a5338f6861b590673e5f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mixerGetLineControlsA
mixerSetControlDetails
mixerGetControlDetailsA
mixerGetDevCapsA
mmioOpenA
mmioDescend
mmioAscend
mmioSeek
mixerGetLineInfoA
mixerOpen
mixerClose
mmioClose
mmioRead
mixerGetNumDevs

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

gdiplus

GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDrawImageRect
GdipSetInterpolationMode
GdipCreateSolidFill
GdipSetImageAttributesColorMatrix
GdipDeleteFont
GdipDeleteBrush
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipCreateHBITMAPFromBitmap
GdiplusStartup
GdiplusShutdown
GdipDrawImageI
GdipCreateFromHDC
GdipDrawLineI
GdipDrawImage
GdipDrawEllipseI
GdipFillEllipseI
GdipDrawArcI
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdipDeleteFontFamily
GdipFillPieI
GdipBitmapSetPixel
GdipBitmapGetPixel
GdipDrawImageRectRect
GdipFree
GdipAlloc
GdipCreatePen1
GdipDeletePen
GdipCloneBrush
GdipCreateStringFormat
GdipDeleteStringFormat
GdipDeleteGraphics
GdipCreateFontFamilyFromName
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromScan0
GdipSetStringFormatAlign
GdipFillRectangleI
GdipGetImageGraphicsContext
GdipSetTextRenderingHint
GdipCreateBitmapFromFile
GdipCloneImage
GdipDrawImageRectRectI
GdipDrawImageRectI
GdipMeasureString
GdipDrawString

dbghelp

MakeSureDirectoryPathExists

kernel32

SetThreadPriority
CreateThread
CreateEventA
OpenFile
GetSystemDefaultLCID
DeleteFileA
RemoveDirectoryA
LoadLibraryA
GetModuleFileNameA
OpenProcess
GetTempPathA
GetPrivateProfileSectionA
SetFileAttributesA
GetFileAttributesA
CopyFileA
CreateMutexA
GetTickCount
WriteFile
SetFilePointer
CreateFileA
lstrcpyA
MulDiv
GetWindowsDirectoryA
FreeLibrary
GetCurrentProcess
GetProcAddress
GetSystemDirectoryA
TerminateProcess
CreateProcessA
SetLastError
HeapFree
SetEvent
InterlockedIncrement
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
WaitForMultipleObjects
InitializeCriticalSection
DeleteCriticalSection
GlobalReAlloc
GetFullPathNameA
GetCurrentThreadId
DeviceIoControl
SystemTimeToFileTime
GetSystemTime
LocalFree
LocalAlloc
FormatMessageA
GetModuleHandleA
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
FreeResource
FindClose
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
GetModuleFileNameW
GetCurrentProcessId
lstrcmpA
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
ResumeThread
SuspendThread
GetThreadLocale
ReadFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetVolumeInformationA
TlsGetValue
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
SetErrorMode
GetFileTime
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
GetTimeZoneInformation
GetSystemTimeAsFileTime
ExitProcess
RaiseException
GetDriveTypeA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetProcessHeap
GetStartupInfoA
ExitThread
HeapSize
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
GetACP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetLocaleInfoW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
SetEnvironmentVariableA
WaitForSingleObject
TerminateThread
CloseHandle
GetPrivateProfileIntA
WinExec
WritePrivateProfileStringA
Sleep
GetPrivateProfileStringA
GetVersionExA
FindResourceA
SizeofResource
LoadResource
LockResource
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetEnvironmentVariableA
lstrlenA
CompareStringW
CompareStringA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
HeapAlloc

user32

GetMenuState
GetWindowPlacement
SystemParametersInfoA
CallWindowProcA
GetDlgCtrlID
EqualRect
AdjustWindowRectEx
RegisterClassA
GetClassInfoA
GetClassInfoExA
GetMenu
GetKeyState
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
GetDlgItem
SetActiveWindow
GetLastActivePopup
GetWindowTextA
GetWindowTextLengthA
SetFocus
GetFocus
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
IsChild
WinHelpA
SendDlgItemMessageA
EndDialog
GetNextDlgTabItem
IsWindowEnabled
CreateDialogIndirectParamA
GetActiveWindow
GetDesktopWindow
CheckMenuItem
EnableMenuItem
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
IsDialogMessageA
SetWindowTextA
MoveWindow
BeginPaint
EndPaint
PostQuitMessage
ValidateRect
GetMessageA
MapDialogRect
SetWindowContextHelpId
DestroyMenu
GetSysColorBrush
UnregisterClassA
CharNextA
CopyAcceleratorTableA
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
IsWindowVisible
ScreenToClient
MapWindowPoints
GetClientRect
BringWindowToTop
IsIconic
AppendMenuA
CreatePopupMenu
DrawIcon
CopyRect
InflateRect
RegisterWindowMessageA
SetForegroundWindow
SetWindowPos
GetWindowThreadProcessId
MessageBoxA
FindWindowA
CharLowerBuffA
PostMessageA
wsprintfA
ReleaseDC
SetWindowRgn
OffsetRect
CharUpperA
EnableWindow
LoadCursorA
GetParent
InvalidateRect
GetWindowRect
SendMessageA
GetMenuItemCount
ShowWindow
DefWindowProcA
RegisterClassExA
CreateWindowExA
DestroyWindow
GetNextDlgGroupItem
GetCapture
WindowFromPoint
GetTopWindow
IntersectRect
GetWindow
IsRectEmpty
SetCursor
GetWindowLongA
SetWindowLongA
SetMenuDefaultItem
LoadMenuA
ModifyMenuA
GetSubMenu
GetMenuItemID
RedrawWindow
GetForegroundWindow
GrayStringA
DrawTextExA
TabbedTextOutA
IsWindow
SetCapture
SetRectEmpty
SetRect
EnumWindows
DrawTextA
ReleaseCapture
InvalidateRgn
UpdateWindow
ClientToScreen
FrameRect
FillRect
SendMessageTimeoutA
LoadBitmapA
RegisterDeviceNotificationA
UnregisterDeviceNotification
GetSysColor
LoadImageA
DestroyCursor
GetCursor
SetClassLongA
PtInRect
GetSystemMetrics
GetCursorPos
TrackPopupMenu
TranslateAcceleratorA
FindWindowExA
PeekMessageA
TranslateMessage
DispatchMessageA
LoadIconA
KillTimer
GetWindowDC
SetTimer
GetDC

gdi32

ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
LineTo
SetMapMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
GetClipBox
CreatePen
CreateDIBSection
ExtCreateRegion
ExtSelectClipRgn
DPtoLP
MoveToEx
GetTextColor
GetBkColor
CreateRectRgn
CreateRectRgnIndirect
CombineRgn
OffsetRgn
GetRgnBox
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateSolidBrush
Polygon
GetStockObject
GetObjectA
DeleteObject
SelectObject
CreateFontIndirectA
GetTextExtentPoint32A
PtInRegion
SetTextColor
SetBkMode
TextOutA
GetMapMode
DeleteDC
PtVisible
RectVisible
ExtTextOutA
Escape
CreateCompatibleBitmap

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegEnumValueA
RegQueryInfoKeyA
RegDeleteValueA
RegQueryValueA
RegQueryValueExA

shell32

SHGetSpecialFolderPathA
Shell_NotifyIconA
ShellExecuteA

comctl32

_TrackMouseEvent

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoRegisterMessageFilter
OleFlushClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize
CLSIDFromString
StringFromCLSID
OleIsCurrentClipboard

oleaut32

SysFreeString
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantClear
VariantChangeType
SysAllocString
OleCreateFontIndirect
SafeArrayDestroy
SysAllocStringLen
VariantCopy
SysAllocStringByteLen
SysStringLen
VariantInit

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInstanceIdA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA

Sections

.text
Size: 944KB - Virtual size: 941KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 712KB - Virtual size: 710KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

233108c2cb1a5338f6861b590673e5f1

Headers

File Characteristics

Imports

winmm

version

gdiplus

dbghelp

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

setupapi

Sections

.text Size: 944KB - Virtual size: 941KB

.rdata Size: 240KB - Virtual size: 239KB

.data Size: 60KB - Virtual size: 87KB

.rsrc Size: 712KB - Virtual size: 710KB

.text
Size: 944KB - Virtual size: 941KB

.rdata
Size: 240KB - Virtual size: 239KB

.data
Size: 60KB - Virtual size: 87KB

.rsrc
Size: 712KB - Virtual size: 710KB