2025-01-21_9e8efb29d94674532f94277ec4babdd2_icedid_ramnit

Sharing

Copy URL

Twitter E-mail

General

Target

2025-01-21_9e8efb29d94674532f94277ec4babdd2_icedid_ramnit
Size

916KB
MD5

9e8efb29d94674532f94277ec4babdd2
SHA1

66d66dcec4610399111ffd89bdc2f1b4533b71bf
SHA256

0ad1a7314a29fd29e936ffb136d14849e1d7892507eeff2f03d5b9d76259142a
SHA512

9034593ed9e51c56c291acc7d978209d62905d0abfd89af871532b495b3a35e75f9f41ea794ed6ecee501787a95f88a130e54a4475b266b12fd38a6d48bfac49
SSDEEP

24576:Q7hS4HUTHTbhT8CN5fUGnyOa8Kpg/v6T1XP:QkT/N1UtQKpg/o1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-01-21_9e8efb29d94674532f94277ec4babdd2_icedid_ramnit

Files

2025-01-21_9e8efb29d94674532f94277ec4babdd2_icedid_ramnit
.exe windows:4 windows x86 arch:x86

d20541fb0ad206ef8c80aa7bde708303

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shfolder

SHGetFolderPathW

kernel32

VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetStringTypeA
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
WideCharToMultiByte
SizeofResource
VirtualProtect
HeapSize
GetFileType
SetStdHandle
LockResource
LoadResource
FindResourceW
MultiByteToWideChar
IsBadReadPtr
lstrlenW
Sleep
GetPrivateProfileIntW
WritePrivateProfileStringW
CopyFileW
GetModuleFileNameW
GetCommandLineW
InterlockedDecrement
FreeLibrary
GetProcAddress
ExitProcess
LoadLibraryW
GetVersionExW
GetPrivateProfileStringW
InterlockedIncrement
MulDiv
GetStringTypeW
GlobalFree
GlobalAlloc
IsBadWritePtr
lstrcpyW
SetLastError
GetLastError
LocalFree
FormatMessageW
GlobalUnlock
GlobalLock
GetModuleHandleW
GetVersionExA
lstrcmpW
LoadLibraryA
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GetCurrentThreadId
FreeResource
GetThreadLocale
FileTimeToSystemTime
SystemTimeToFileTime
GetModuleHandleA
CreateDirectoryW
HeapReAlloc
RtlUnwind
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
GetProcessHeap
HeapAlloc
HeapFree
GetTickCount
SetErrorMode
LocalFileTimeToFileTime
FileTimeToLocalFileTime
GetCurrentDirectoryW
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
CreateFileW
GetShortPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiW
GetStringTypeExW
DeleteFileW
MoveFileW
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
SetFileTime
GetFileAttributesW
lstrlenA
CloseHandle
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetVersion
GetCurrentProcessId
GlobalGetAtomNameW

user32

RegisterClipboardFormatW
CopyAcceleratorTableW
DestroyIcon
LockWindowUpdate
GetDCEx
CharNextW
UnregisterClassW
GetSysColorBrush
WindowFromPoint
CharUpperW
DestroyCursor
SetRect
KillTimer
SetWindowRgn
DrawIcon
FindWindowW
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
GetMessageW
TranslateMessage
ValidateRect
SetParent
DeleteMenu
IsZoomed
UnpackDDElParam
ReuseDDElParam
GetWindowThreadProcessId
LoadAcceleratorsW
InsertMenuItemW
SetRectEmpty
BringWindowToTop
SetMenu
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
DestroyMenu
GetMenuItemInfoW
InflateRect
IsWindowEnabled
ShowWindow
MoveWindow
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
GetTabbedTextExtentA
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetForegroundWindow
ShowScrollBar
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetWindowLongW
SetWindowLongW
SetWindowPos
OffsetRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
SetMenuItemBitmaps
SendMessageW
GetClientRect
UnregisterClassA
InvalidateRect
GetParent
EnableWindow
IsWindow
SetFocus
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
UnhookWindowsHookEx
GetMenuStringW
GetMenuItemID
RemoveMenu
ReleaseCapture
SetCapture
IsRectEmpty
PostQuitMessage
TrackPopupMenuEx
GetSysColor
GetDesktopWindow
ReleaseDC
GetDC
AppendMenuW
CreatePopupMenu
DrawFrameControl
FillRect
PostThreadMessageW
CreateMenu
GetNextDlgGroupItem
CallNextHookEx
InvalidateRgn
wsprintfW
PostMessageW
GetWindowRect
UpdateWindow
GetWindow
CheckMenuItem
GetMenuState
GetMenu
IsWindowVisible
RedrawWindow
SetTimer
GetActiveWindow
SetActiveWindow
MessageBoxW
SetWindowTextW
GetWindowTextW
GetAsyncKeyState
EnableMenuItem
GetMenuItemCount
GetSubMenu
InsertMenuW
LoadMenuW
GetSystemMenu
ClientToScreen
ScreenToClient
LoadCursorW
SetCursor
keybd_event
IntersectRect
PtInRect
GetCursorPos
MessageBeep
EnumChildWindows
SystemParametersInfoW
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
LoadIconW
GetSystemMetrics
CopyRect
TranslateAcceleratorW

gdi32

SetBkColor
CreateRectRgnIndirect
PatBlt
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
DeleteObject
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocW
PtVisible
RectVisible
TextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
SetTextColor
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
GetStockObject
CreatePen
GetTextMetricsW
GetCharWidthW
CreateFontW
StretchDIBits
CreateEllipticRgn
DPtoLP
LPtoDP
Ellipse
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetViewportOrgEx
Rectangle
SetRectRgn
CombineRgn
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceW
GetTextExtentPoint32A
GetWindowOrgEx
GetClipBox
CreateBitmap
CreateDCW
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
ExtTextOutW
GetObjectW
GetTextExtentPoint32W
GetDeviceCaps
CreateFontIndirectW

comdlg32

GetFileTitleW
GetSaveFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter
GetJobW

advapi32

RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
GetFileSecurityW
SetFileSecurityW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyW
RegSetValueW
RegCloseKey
RegCreateKeyW

shell32

ExtractIconW
SHGetFileInfoW
DragQueryFileW
DragFinish
ShellExecuteW

shlwapi

PathStripToRootW
PathFindFileNameW
PathFindExtensionW
StrTrimW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
OleInitialize
CoFreeUnusedLibraries
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CoTaskMemAlloc
CoTaskMemFree
OleUninitialize

oleaut32

GetErrorInfo
OleCreateFontIndirect
VariantClear
VariantCopy
VariantInit
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysFreeString
VariantChangeType
SysStringLen
SysAllocStringLen
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext
ImmAssociateContext

Sections

.text
Size: 572KB - Virtual size: 568KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 180KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d20541fb0ad206ef8c80aa7bde708303

Headers

File Characteristics

Imports

shfolder

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

version

imm32

Sections

.text Size: 572KB - Virtual size: 568KB

.rdata Size: 180KB - Virtual size: 178KB

.data Size: 56KB - Virtual size: 76KB

.rsrc Size: 44KB - Virtual size: 41KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 572KB - Virtual size: 568KB

.rdata
Size: 180KB - Virtual size: 178KB

.data
Size: 56KB - Virtual size: 76KB

.rsrc
Size: 44KB - Virtual size: 41KB

.rmnet
Size: 60KB - Virtual size: 60KB