2024-10-13_3d2f7780799c4290570af88d7523550c_icedid_nymaim

Sharing

Copy URL

Twitter E-mail

General

Target

2024-10-13_3d2f7780799c4290570af88d7523550c_icedid_nymaim
Size

3.8MB
MD5

3d2f7780799c4290570af88d7523550c
SHA1

b5076d850727533c5c53ae58b7741de1769364e9
SHA256

500c4d1bbb3b9702653b2545d820cd35bdc0df446e733fc8f6bfd5d54f0685cc
SHA512

470e9d886a25a61b0fa3163bc9cbd9774184ddb65e631c085a4fa71f5eb27fbd1a7990fc7f031bc524c21060b7d60a6604bf0ea35e41325ab43e094d0257dce8
SSDEEP

49152:ZjZlZgg355c3lh/LaLE/f3GuxyJZ//dvcx4:hZNJ5c3CAXxw//dvy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-10-13_3d2f7780799c4290570af88d7523550c_icedid_nymaim

Files

2024-10-13_3d2f7780799c4290570af88d7523550c_icedid_nymaim
.exe windows:4 windows x86 arch:x86

86be51171433853ba565b909cd607cb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

fmxvirt

VirtualOpen
VirtualClose
VirtualWrite
VirtualUnload
VirtualRead
VirtualFree32
VirtualDelete
VirtualLoad
VirtualTransfer
VirtualCreate

psom

ord103
ord101
ord100
ord102
ord104

kernel32

IsBadCodePtr
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetACP
GetStdHandle
CompareStringW
VirtualAlloc
SetUnhandledExceptionFilter
IsBadWritePtr
HeapCreate
InterlockedExchange
VirtualFree
HeapSize
HeapDestroy
SetStdHandle
CreateFileA
SetFilePointer
GlobalSize
GlobalReAlloc
GetWindowsDirectoryA
ReadFile
GetFileTime
CompareStringA
MultiByteToWideChar
CopyFileA
DeleteFileA
CreateDirectoryA
GetCurrentThreadId
FindFirstFileA
FindNextFileA
FindClose
FormatMessageA
LocalFree
GetFullPathNameA
FindResourceA
LoadResource
LockResource
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
GlobalAlloc
GlobalFree
lstrlenW
GlobalLock
lstrcmpA
GlobalUnlock
lstrcpynA
GetFileAttributesA
OpenFile
LoadLibraryA
GetTempPathA
GetTempFileNameA
GetProcAddress
FreeLibrary
CreateSemaphoreA
GetLastError
MulDiv
GetProfileStringA
GetCommandLineA
WriteProfileStringA
lstrcatA
SetHandleCount
GetModuleFileNameA
lstrcmpiA
GetTickCount
Sleep
lstrlenA
lstrcpyA
CloseHandle
GetVersionExA
GetStartupInfoA
IsBadReadPtr
HeapReAlloc
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetFileType
PeekNamedPipe
GetFileInformationByHandle
RaiseException
GetDriveTypeA
SetCurrentDirectoryA
SetEnvironmentVariableA
TerminateProcess
ExitProcess
HeapAlloc
HeapFree
RtlUnwind
lstrcpyW
SizeofResource
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDiskFreeSpaceA
GetProcessVersion
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GlobalFlags
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
TlsAlloc
LocalAlloc
SetLastError
WaitForSingleObject
GetCurrentThread
WideCharToMultiByte
InterlockedIncrement
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
OutputDebugStringA
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalHandle
WriteFile
GetPrivateProfileIntA
CreateProcessA
InterlockedDecrement
GetShortPathNameA
WinExec
SearchPathA
GetProfileIntA
GetUserDefaultLCID
RemoveDirectoryA
GetFileSize
GetVersion
SetErrorMode
CompareFileTime

user32

GetTabbedTextExtentA
GetSysColorBrush
UnpackDDElParam
ReuseDDElParam
SetMenu
wvsprintfA
GetClassNameA
GetAsyncKeyState
CopyAcceleratorTableA
DefMDIChildProcA
TranslateAcceleratorA
TranslateMDISysAccel
DefFrameProcA
SetWindowContextHelpId
GetNextDlgGroupItem
EndDialog
CreateDialogIndirectParamA
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
GetMessageA
ShowOwnedPopups
CheckMenuItem
GetNextDlgTabItem
IsDialogMessageA
GetDlgItemInt
CheckRadioButton
AdjustWindowRectEx
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
GetScrollPos
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
DestroyWindow
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetWindowPlacement
GetForegroundWindow
GetUpdateRect
SubtractRect
RedrawWindow
MapWindowPoints
IsWindowEnabled
LoadStringA
MoveWindow
SetParent
FrameRect
PostQuitMessage
CheckMenuRadioItem
ShowCursor
WindowFromPoint
GetCaretPos
GetDlgCtrlID
GetTopWindow
CreatePopupMenu
AppendMenuA
SetMenuItemBitmaps
LoadImageA
IsChild
SetActiveWindow
IsCharAlphaA
CharLowerA
CharLowerBuffA
CharUpperBuffA
HideCaret
InvertRect
SetCursorPos
IntersectRect
GetActiveWindow
GetWindowTextA
InSendMessage
RemoveMenu
EmptyClipboard
SetClipboardData
CallWindowProcA
SetFocus
DefWindowProcA
SetScrollRange
SetScrollPos
MapDialogRect
ShowWindow
SetCursor
LockWindowUpdate
DispatchMessageA
ClientToScreen
UnhookWindowsHookEx
ValidateRect
SetWindowsHookExA
CallNextHookEx
GetDlgItemTextA
SendDlgItemMessageA
SetWindowTextA
SetDlgItemTextA
DrawIcon
CreateWindowExA
SetWindowPos
GetWindowLongA
KillTimer
SetTimer
DrawTextA
CharUpperA
SystemParametersInfoA
FillRect
PtInRect
CopyRect
DrawFocusRect
InflateRect
SetRectEmpty
GetDCEx
CharNextA
ClipCursor
GetSystemMenu
DestroyCursor
PostThreadMessageA
CreateMenu
GetWindowThreadProcessId
GetDialogBaseUnits
DestroyCaret
mouse_event
TranslateMessage
IsRectEmpty
UnionRect
EqualRect
SetRect
GetCursorPos
GetMenuStringA
DrawMenuBar
OpenClipboard
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
WaitMessage
WinHelpA
SetMenuDefaultItem
DestroyIcon
IsZoomed
GetKeyState
GetFocus
GetDlgItem
GetWindowRect
CheckDlgButton
ScreenToClient
IsDlgButtonChecked
SetWindowLongA
GetCapture
GetMenu
GetMenuItemID
GetSubMenu
ReleaseCapture
GetDesktopWindow
BringWindowToTop
GetMenuState
GetMenuItemCount
DeleteMenu
InsertMenuA
EnableMenuItem
GetWindow
ModifyMenuA
GetMenuCheckMarkDimensions
SetCapture
LoadBitmapA
LoadAcceleratorsA
LoadMenuA
LoadCursorA
FindWindowA
GetLastActivePopup
IsIconic
SetForegroundWindow
RegisterClipboardFormatA
RegisterWindowMessageA
GetClassInfoA
LoadIconA
RegisterClassA
DestroyMenu
PeekMessageA
IsWindowVisible
wsprintfA
UpdateWindow
GetSysColor
IsWindow
ReleaseDC
GetDC
EnableWindow
GetParent
GetSystemMetrics
CreateCaret
ShowCaret
SetCaretPos
InvalidateRect
MessageBoxA
GetClientRect
SendMessageA
OffsetRect
MessageBeep
PostMessageA
ShowScrollBar
GetMenuDefaultItem
UnregisterClassA
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
DrawIconEx
DrawEdge
IsMenu
GetMenuItemInfoA
SetMenuItemInfoA
DrawFrameControl

gdi32

Rectangle
CreatePalette
CreateEllipticRgn
TextOutA
StretchDIBits
SetDIBits
CreateDCA
CreateDIBPatternBrushPt
GetDIBColorTable
SetBitmapBits
GetBitmapBits
IntersectClipRect
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
PtVisible
RectVisible
DeleteDC
AbortDoc
EndDoc
EndPage
Escape
StartPage
ResetDCA
StartDocA
SetAbortProc
GetCurrentObject
FillRgn
CreateRectRgnIndirect
GetClipBox
SetBkColor
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
Ellipse
GetViewportExtEx
GetWindowExtEx
ExtTextOutA
CopyMetaFileA
GetWindowOrgEx
GetMapMode
SetRectRgn
GetNearestColor
GetTextColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
GetTextFaceA
DeleteMetaFile
CloseMetaFile
CreateMetaFileA
GetOutlineTextMetricsA
FrameRgn
CombineRgn
SelectObject
PtInRegion
GetTextMetricsA
StretchBlt
CreateFontA
GetRgnBox
GetDeviceCaps
GetCharWidthA
CreateFontIndirectA
CreateBitmap
GetCharABCWidthsA
CreateDIBitmap
GetViewportOrgEx
CreateRoundRectRgn
CreatePolygonRgn
RoundRect
CreateCompatibleBitmap
SetPixel
CreateHatchBrush
UnrealizeObject
SetBrushOrgEx
GetBkColor
CreateRectRgn
PatBlt
LPtoDP
CreateCompatibleDC
BitBlt
Polygon
CreateSolidBrush
DPtoLP
GetStockObject
GetObjectA
SelectPalette
GetDIBits
CreateHalftonePalette
RealizePalette
CreatePen
SetTextColor
RectInRegion
GetTextExtentPointA
GetTextExtentPoint32A
CreatePatternBrush
EnumFontFamiliesA
DeleteObject

comdlg32

ChooseColorA
GetOpenFileNameA
ChooseFontA
PrintDlgA
GetSaveFileNameA
GetFileTitleA
CommDlgExtendedError

winspool.drv

ClosePrinter
DocumentPropertiesA
GetPrinterDriverA
OpenPrinterA

advapi32

RegDeleteValueA
RegSetValueExA
RegCreateKeyA
GetFileSecurityA
SetFileSecurityA
RegEnumKeyA
RegQueryValueA
RegOpenKeyA
CryptAcquireContextA
CryptReleaseContext
RegDeleteKeyA
RegCreateKeyExA
RegEnumValueA
RegOpenKeyExA
RegSetValueA
RegCloseKey
RegQueryValueExA
RegEnumKeyExA

shell32

DragFinish
ExtractIconA
DragAcceptFiles
DragQueryFileA
SHGetSpecialFolderLocation
ShellExecuteExA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetFileInfoA
ShellExecuteA

comctl32

ord8
ImageList_AddMasked
ImageList_GetIcon
ImageList_GetImageCount
ImageList_SetBkColor
ImageList_DrawIndirect
ImageList_Merge
ImageList_DragEnter
ImageList_Read
ImageList_LoadImageA
ImageList_Write
ImageList_Destroy
ImageList_Create
CreatePropertySheetPageA
ImageList_ReplaceIcon
PropertySheetA
ImageList_Draw
ImageList_Add
ImageList_Remove
ImageList_GetImageInfo
DestroyPropertySheetPage
ImageList_BeginDrag
ImageList_DragMove
ImageList_DragLeave
ImageList_EndDrag
ord17

oledlg

ord8
ord3
ord7
ord5
ord1

ole32

CoCreateInstance
CoCreateGuid
StringFromGUID2
WriteClassStg
ReleaseStgMedium
StgCreateDocfile
CoDisconnectObject
CoLockObjectExternal
CoGetMalloc
StgIsStorageFile
StringFromCLSID
SetConvertStg
WriteFmtUserTypeStg
CoRegisterClassObject
OleRun
CLSIDFromProgID
CLSIDFromString
OleInitialize
OleUninitialize
OleIsRunning
CoFreeUnusedLibraries
CoGetClassObject
StgOpenStorageOnILockBytes
CoTreatAsClass
CoRevokeClassObject
RegisterDragDrop
RevokeDragDrop
CreateFileMoniker
ReadFmtUserTypeStg
OleCreateFromFile
CoTaskMemFree
OleCreateLinkFromData
OleCreateStaticFromData
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoRegisterMessageFilter
OleGetClipboard
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleRegGetMiscStatus
StgOpenStorage
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoTaskMemAlloc
CreateGenericComposite
CreateItemMoniker
OleSaveToStream
WriteClassStm
OleGetIconOfClass
GetHGlobalFromILockBytes
OleSave
OleLoad
OleCreate
OleCreateLinkToFile
CreateStreamOnHGlobal
OleDuplicateData
OleRegGetUserType
CreateBindCtx
OleCreateFromData
OleLockRunning
ReadClassStg
OleSetContainedObject
OleRegEnumVerbs
OleSetMenuDescriptor

olepro32

ord253

oleaut32

SafeArrayGetElemsize
GetErrorInfo
LoadTypeLi
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringByteLen
SysStringLen
VariantTimeToSystemTime
SysAllocStringLen
SysStringByteLen
SysFreeString
SysAllocString
VariantClear
VariantInit
VariantChangeType
VariantCopy
RevokeActiveObject
RegisterActiveObject

wininet

InternetGetLastResponseInfoA

Exports

Exports

?interfaceMap@CCustomControlSite@@1UAFX_INTERFACEMAP@@B
LoadPNGFile
LoadRealPNGFile
SavePNGFile
SaveRealPNGFile

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 408KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 248KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86be51171433853ba565b909cd607cb5

Headers

File Characteristics

Imports

fmxvirt

psom

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

Exports

Exports

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 408KB - Virtual size: 405KB

.data Size: 248KB - Virtual size: 306KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 408KB - Virtual size: 405KB

.data
Size: 248KB - Virtual size: 306KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB