2025-02-27_2d5e92d6c90ef3ec07d26b04c5a3a1fd_icedid_ramnit

Sharing

Copy URL

Twitter E-mail

General

Target

2025-02-27_2d5e92d6c90ef3ec07d26b04c5a3a1fd_icedid_ramnit
Size

867KB
MD5

2d5e92d6c90ef3ec07d26b04c5a3a1fd
SHA1

30c554d183c709b2701cc91b4527775abb33ab74
SHA256

d27cb7a2bf0aa4d7d49c68555084595f433897992b39a8b61f59b9056b74287b
SHA512

0953e2a402ea8b71708de4bd3df365de135bb7bcebcb5e53919acff4c88cd881b898a057eddac156f057560158057a65c4d051db955a0b1e915565d3a4588fa2
SSDEEP

12288:MASJCsqQtu95V4WUA+6dH1G0p+MU7bo24wmLsG/RgRQrUrF2ClG+pG/YR:MACeQO5V4WUA+6dHN+l9ZL5rF2igYR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-02-27_2d5e92d6c90ef3ec07d26b04c5a3a1fd_icedid_ramnit

Files

2025-02-27_2d5e92d6c90ef3ec07d26b04c5a3a1fd_icedid_ramnit
.exe windows:5 windows x86 arch:x86

7fa881ebc3a30b56fd64fc4a67d68a42

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\writemeet\LaughEast\BreadWall\shinegovern\Boughtpoem\PicturePointfill.pdb

Imports

kernel32

CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
OpenEventA
GetConsoleOutputCP
WriteConsoleA
GetProcessHeap
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
SetStdHandle
CreateFileA
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
HeapReAlloc
HeapSize
HeapAlloc
HeapFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
SetHandleCount
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetSystemInfo
OutputDebugStringW
GetFileType
WriteConsoleW
OutputDebugStringA
GetStdHandle
DebugBreak
ExitProcess
GetModuleFileNameA
RaiseException
RtlUnwind
IsBadReadPtr
HeapValidate
GetStartupInfoA
GetCommandLineA
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
InterlockedIncrement
InterlockedExchange
GetCurrentThread
GlobalFlags
lstrlenA
lstrcmpA
FormatMessageW
GetModuleHandleA
SetEvent
CloseHandle
CompareStringW
LoadLibraryA
LoadLibraryW
lstrcmpW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExA
WideCharToMultiByte
GetCurrentProcessId
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
GlobalUnlock
TlsAlloc
LocalAlloc
LocalFree
LoadResource
LockResource
SizeofResource
FindResourceW
FreeLibrary
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
lstrlenW
GetModuleHandleW
GetProcAddress
GetAtomNameW
GlobalGetAtomNameW
GetLastError
SetLastError
CreateDirectoryW
GlobalLock
VirtualFree
GlobalAlloc
GetSystemDirectoryW
GetLocaleInfoW
Sleep
CopyFileW
GetModuleFileNameW
VirtualAlloc
GlobalFree
ResetEvent
CreatePipe
VirtualProtect
SetUnhandledExceptionFilter

gdi32

IntersectClipRect
SetBkMode
LineTo
DeleteObject
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
RestoreDC
SaveDC
DeleteDC
Escape
GetTextExtentPoint32W
TextOutW
GetPixel
BitBlt
RectVisible
PtVisible
SelectObject
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
CreateFontIndirectW
CreatePatternBrush
CreateSolidBrush
ExtTextOutW
GetClipBox
SetTextColor
SetBkColor
GetObjectW
GetStockObject
GetObjectType

user32

ScreenToClient
AdjustWindowRectEx
SetFocus
SetActiveWindow
GetFocus
DispatchMessageW
GetSysColor
GetClientRect
LoadIconW
RegisterClassW
RemoveMenu
GetClassInfoExW
CreateWindowExW
RegisterWindowMessageW
GetSysColorBrush
LoadBitmapW
FillRect
DrawTextExW
GrayStringW
CreatePopupMenu
IsMenu
CheckMenuItem
EnableMenuItem
GetMenuItemCount
GetMenuItemID
GetMenuState
GetSubMenu
InsertMenuItemW
ModifyMenuW
SetMenuItemBitmaps
LoadMenuW
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
GetActiveWindow
GetDesktopWindow
GetMenuCheckMarkDimensions
BringWindowToTop
UpdateWindow
IsWindowVisible
ShowOwnedPopups
EqualRect
SetForegroundWindow
GetForegroundWindow
LoadCursorW
SetWindowTextW
ShowWindow
SetRectEmpty
SetCursor
ReleaseCapture
LoadAcceleratorsW
TranslateAcceleratorW
ReuseDDElParam
UnpackDDElParam
GetClipboardFormatNameA
GetClipboardFormatNameW
SystemParametersInfoW
PtInRect
InflateRect
GetWindow
GetCapture
WinHelpW
MapWindowPoints
DestroyMenu
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
TrackPopupMenu
GetSystemMenu
PostMessageW
DrawTextW
KillTimer
GetMenuItemInfoW
BeginPaint
LockWindowUpdate
CreateDialogIndirectParamW
InvalidateRect
GetMessageTime
ValidateRect
GetTopWindow
GetDlgItem
GetWindowTextW
GetKeyState
DestroyWindow
GetDlgCtrlID
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
SetMenu
GetMenu
GetMessagePos
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
MessageBoxW
GetWindowLongW
GetParent
GetLastActivePopup
IsWindowEnabled
EnableWindow
GetWindowThreadProcessId
TabbedTextOutW
SendMessageW
IsWindow
UnhookWindowsHookEx
PeekMessageW
PostQuitMessage
GetSystemMetrics
OpenClipboard
GetClassInfoW

ole32

StringFromCLSID
OleInitialize
OleCreate
CoTaskMemFree

oleaut32

VariantInit
VariantChangeType
VariantClear

oleacc

CreateStdAccessibleObject
LresultFromObject

shell32

DragFinish
DragQueryFileW

advapi32

OpenThreadToken
RevertToSelf
SetThreadToken
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

Sections

.text
Size: 448KB - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7fa881ebc3a30b56fd64fc4a67d68a42

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

gdi32

user32

ole32

oleaut32

oleacc

shell32

advapi32

Sections

.text Size: 448KB - Virtual size: 448KB

.rdata Size: 154KB - Virtual size: 153KB

.data Size: 36KB - Virtual size: 142KB

.rsrc Size: 119KB - Virtual size: 118KB

.text Size: 108KB - Virtual size: 108KB

.text
Size: 448KB - Virtual size: 448KB

.rdata
Size: 154KB - Virtual size: 153KB

.data
Size: 36KB - Virtual size: 142KB

.rsrc
Size: 119KB - Virtual size: 118KB

.text
Size: 108KB - Virtual size: 108KB