2025-02-27_1754da651c93a95229d9a0d1eb630d2e_icedid_ramnit

Sharing

Copy URL

Twitter E-mail

General

Target

2025-02-27_1754da651c93a95229d9a0d1eb630d2e_icedid_ramnit
Size

983KB
MD5

1754da651c93a95229d9a0d1eb630d2e
SHA1

327cad13da8d5aee3039a0752ecfdd8b0e71f49e
SHA256

c43c5a8737c374e992fe42d48e47afebc332808ae67c3cb518a6bd423e01de0c
SHA512

c84029e04ebf3a6ae7a9e3aa4276b422f9e5eef46580ab35ed0ad484de9e72ec4b5493237832a01401c45aba8553d729247b49c7d0b19f01e930183183f5b565
SSDEEP

24576:QXpbIepQsZap5bUT5DOUY0xSZyqjTJRP/nsweyBVoxGqv/53rpGO5+MiG8juEgYr:QX+4QsZapWTNOcUyqUEgW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-02-27_1754da651c93a95229d9a0d1eb630d2e_icedid_ramnit

Files

2025-02-27_1754da651c93a95229d9a0d1eb630d2e_icedid_ramnit
.exe windows:5 windows x86 arch:x86

6ece51c3f7d0bd3bb6cec2cae83cb53f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\User\Desktop\2008\22.4.20\LogControl_src\Release\Log.pdb

Imports

kernel32

GetACP
IsValidCodePage
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
FatalAppExitA
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetStdHandle
GetConsoleMode
GetTimeZoneInformation
GetLocaleInfoW
LCMapStringA
LCMapStringW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSize
SizeofResource
GetFileType
SetStdHandle
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
CreateThread
ExitThread
ExitProcess
Sleep
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
GetProfileIntA
GetTickCount
SetErrorMode
GetFileSizeEx
SetFileAttributesA
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SystemTimeToFileTime
FileTimeToSystemTime
GetModuleHandleW
CreateFileA
GetShortPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
GetThreadLocale
GetStringTypeExA
DeleteFileA
MoveFileA
GetCurrentDirectoryA
GetAtomNameA
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
InterlockedDecrement
GetModuleFileNameW
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
CopyFileA
GlobalSize
lstrlenW
MulDiv
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
FreeResource
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
CompareStringA
lstrcmpW
GetVersionExA
GetCurrentProcessId
GetModuleHandleA
LoadLibraryA
GlobalGetAtomNameA
GlobalAddAtomA
MultiByteToWideChar
SetLastError
FormatMessageA
LocalFree
lstrlenA
GetLastError
GlobalAlloc
GlobalLock
lstrcpyA
GlobalUnlock
GlobalFree
GetCurrentProcess
GetCurrentThreadId
WideCharToMultiByte
LoadLibraryW
GetProcAddress
FindResourceA
LoadResource
LockResource
GetConsoleCP

user32

GetTabbedTextExtentA
WindowFromPoint
GetDCEx
LockWindowUpdate
UnregisterClassA
RegisterClipboardFormatA
IsClipboardFormatAvailable
WaitMessage
SendNotifyMessageA
UnionRect
GetSysColorBrush
MapVirtualKeyA
GetKeyNameTextA
GetMenuItemInfoA
InflateRect
SetParent
GetSystemMenu
DeleteMenu
IsZoomed
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetCapture
KillTimer
SetTimer
ClientToScreen
SetWindowRgn
DrawIcon
IsRectEmpty
GetDC
LoadCursorA
DestroyCursor
SetRect
SetWindowContextHelpId
MapDialogRect
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
ShowOwnedPopups
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
ScrollWindowEx
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
IsChild
PostThreadMessageA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
MessageBoxA
GetClassInfoExA
RegisterClassA
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
PtInRect
SetWindowPlacement
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
GetSystemMetrics
GetClassNameA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
GetMenuBarInfo
WinHelpA
SetFocus
GetWindowThreadProcessId
IsWindowEnabled
EqualRect
IsWindow
IsIconic
UpdateWindow
GetParent
EnableWindow
GetDlgItem
GetDlgCtrlID
GetKeyState
LoadIconA
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
SetActiveWindow
IsWindowVisible
InvalidateRect
InsertMenuItemA
CreatePopupMenu
GetClassInfoA
IntersectRect
OffsetRect
CreateMenu
WindowFromDC
InSendMessage
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
CharNextA
GetDialogBaseUnits
CharUpperA
SetWindowsHookExA
DestroyIcon
SendMessageA
ShowWindow
GetClientRect
GetWindow
GetWindowRect
RegisterWindowMessageA
FillRect
DrawFocusRect
PostMessageA
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
GetFocus
GetSysColor
DefFrameProcA
GetMenu
DefMDIChildProcA
GetMenuItemID
GetSubMenu
GetMenuItemCount
CreateWindowExA
DrawMenuBar
GetActiveWindow
BringWindowToTop
TranslateMDISysAccel
TranslateAcceleratorA
SetWindowLongA
GetWindowLongA
SetWindowPos
RedrawWindow
AdjustWindowRectEx
GetDesktopWindow
SetMenu
GetLastActivePopup
CopyRect
SetRectEmpty
ReleaseDC

gdi32

RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateDIBPatternBrushPt
CreatePatternBrush
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
PtVisible
CreateSolidBrush
CreateHatchBrush
GetCharWidthA
CreateFontA
StretchDIBits
CreateFontIndirectA
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetTextExtentPointA
GetWindowOrgEx
CreateMetaFileA
CloseMetaFile
DeleteMetaFile
BitBlt
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
DeleteObject
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
ExtCreatePen
GetStockObject
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
Ellipse
LPtoDP
CreateEllipticRgn
PatBlt
Rectangle
GetViewportOrgEx
CreatePen
AbortDoc
SetAbortProc
DPtoLP
CreateDCA
CopyMetaFileA
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
GetTextExtentPoint32A
EndDoc
EndPage
StartPage
StartDocA
GetTextMetricsA
SelectObject
GetDeviceCaps
OffsetClipRgn

comdlg32

GetFileTitleA

winspool.drv

GetJobA
DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegSetValueA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
CryptAcquireContextW
CryptEncrypt
RegCreateKeyA

shell32

DragFinish
ExtractIconA
SHGetFileInfoA
DragQueryFileA

shlwapi

PathFindFileNameA
PathRemoveFileSpecW
PathStripToRootA
PathFindExtensionA
PathRemoveExtensionA
PathIsUNCA

oledlg

ord8

ole32

OleCreateStaticFromData
OleCreate
OleLoad
GetHGlobalFromILockBytes
OleSetContainedObject
OleCreateFromFile
OleCreateLinkToFile
OleGetIconOfClass
CreateItemMoniker
CreateGenericComposite
OleIsRunning
GetRunningObjectTable
CoLockObjectExternal
CreateFileMoniker
CoGetMalloc
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
CreateOleAdviseHolder
CreateDataAdviseHolder
OleGetClipboard
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
OleSetMenuDescriptor
OleQueryCreateFromData
OleQueryLinkFromData
DoDragDrop
OleSave
OleCreateLinkFromData
CoFreeUnusedLibraries
OleUninitialize
OleRun
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
StringFromGUID2
CoDisconnectObject
CoInitializeEx
CoCreateInstance
CoUninitialize
CLSIDFromString
CLSIDFromProgID
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
OleCreateFromData
OleLockRunning
CreateStreamOnHGlobal
OleSaveToStream
OleInitialize
WriteClassStm

oleaut32

VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen
VarDateFromStr
VarBstrFromCy
VarDecFromStr
VarCyFromStr
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
VarBstrFromDec

Sections

.text
Size: 625KB - Virtual size: 624KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6ece51c3f7d0bd3bb6cec2cae83cb53f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 625KB - Virtual size: 624KB

.rdata Size: 161KB - Virtual size: 161KB

.data Size: 16KB - Virtual size: 31KB

.rsrc Size: 72KB - Virtual size: 71KB

.text Size: 108KB - Virtual size: 108KB

.text
Size: 625KB - Virtual size: 624KB

.rdata
Size: 161KB - Virtual size: 161KB

.data
Size: 16KB - Virtual size: 31KB

.rsrc
Size: 72KB - Virtual size: 71KB

.text
Size: 108KB - Virtual size: 108KB