2025-04-12_ceaa4a1d07705cb75dab7a339826843c_elex_icedid_ramnit

Sharing

Copy URL

Twitter E-mail

General

Target

2025-04-12_ceaa4a1d07705cb75dab7a339826843c_elex_icedid_ramnit
Size

388KB
MD5

ceaa4a1d07705cb75dab7a339826843c
SHA1

94485ae559b9612fad5c83fd9988048a4962ced3
SHA256

243078a4fa89cf55e44595fc28e351171e18ed6cbea16ecdb6240e3bac2bf4e7
SHA512

00f829f8c75f5f60c59395d6bd0a1f51309c8cfff8d9f28ee215f7615dfe6b76aa29f190f5772134e3b6160d0d80df55a9b35ea4c1338c28726b89fb46bea627
SSDEEP

6144:ImLPQIrCQw0OJPqRrFK3QuyTUi5xePRn9aVwc0/4h9Dv6s:xL4IrCJ9PqRk3UUi5xePR9VQzj6s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-04-12_ceaa4a1d07705cb75dab7a339826843c_elex_icedid_ramnit

Files

2025-04-12_ceaa4a1d07705cb75dab7a339826843c_elex_icedid_ramnit
.exe windows:4 windows x86 arch:x86

c67866235909719c5be8f7c46331990b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA

kernel32

MulDiv
lstrcpynA
lstrcmpW
lstrcatA
FreeLibrary
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
FreeResource
LocalFree
FormatMessageA
InterlockedIncrement
SetLastError
CloseHandle
WaitForSingleObject
lstrcpyA
EnumResourceLanguagesA
ConvertDefaultLocale
GetModuleFileNameA
lstrcmpA
GetCurrentThread
GetTickCount
GetPrivateProfileIntA
WritePrivateProfileStringA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
VirtualProtect
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GlobalFlags
LocalAlloc
LeaveCriticalSection
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
SetErrorMode
RtlUnwind
ExitProcess
TerminateProcess
HeapAlloc
HeapFree
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapSize
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
GetExitCodeProcess
CompareStringW
CompareStringA
lstrlenA
lstrlenW
lstrcmpiA
GetVersion
MultiByteToWideChar
CreateFileA
GetLastError
CreateEventA
GetShortPathNameA
DeleteFileA
DeviceIoControl
GetModuleHandleA
GetProcAddress
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalReAlloc
GlobalFree
InterlockedDecrement
CreateProcessA

user32

CheckMenuItem
EnableMenuItem
ModifyMenuA
SetMenuItemBitmaps
ValidateRect
GetCursorPos
GetActiveWindow
TranslateMessage
GetMessageA
PostQuitMessage
SetCursor
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
GetDesktopWindow
RegisterClipboardFormatA
wsprintfA
MapDialogRect
SetWindowContextHelpId
DestroyMenu
GetSysColorBrush
LoadCursorA
DestroyIcon
PostThreadMessageA
CharNextA
IsRectEmpty
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
GetMenuState
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
GetMenuCheckMarkDimensions
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
MessageBoxA
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
GetParent
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
GetSysColor
SetRect
GetClientRect
InvalidateRect
EnableWindow
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetWindowRect
SetTimer
KillTimer
GetDC
SystemParametersInfoA
GetWindowPlacement
PtInRect
GetWindow
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
ClientToScreen
LoadBitmapA
IsWindowEnabled
ShowWindow
MoveWindow
CopyRect
SendMessageA
RedrawWindow
LoadImageA
DrawIcon
IsIconic
LoadIconA
GetSystemMetrics
MessageBeep
PostMessageA
EqualRect
SetCapture
IsWindow
ReleaseCapture
CharUpperA
SetWindowTextA
IsDialogMessageA
SetActiveWindow

gdi32

GetRgnBox
GetTextColor
GetStockObject
SetTextColor
SetMapMode
GetClipBox
LineTo
MoveToEx
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
CreatePen
DeleteDC
DeleteObject
BitBlt
SelectObject
GetObjectA
CreateCompatibleDC
CreateSolidBrush
CreateCompatibleBitmap
GetBkColor
GetMapMode
DPtoLP
LPtoDP
BeginPath
EndPath
StrokeAndFillPath
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateRectRgn
CreateRectRgnIndirect
GetDeviceCaps
SetBkMode
SetBkColor
RestoreDC
SaveDC
PolyBezierTo
ExtSelectClipRgn
CreateBitmap

advapi32

RegCreateKeyExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegDeleteValueA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueA

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetFileTitleA

shell32

ExtractIconA

ole32

CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoRevokeClassObject
CoRegisterClassObject
StgCreateDocfileOnILockBytes
StringFromCLSID
CoTaskMemFree
CoGetClassObject
CreateILockBytesOnHGlobal
OleIsCurrentClipboard
CoTaskMemAlloc
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard

oleaut32

VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocStringByteLen
SysStringByteLen
VariantCopy
SysAllocString
SafeArrayDestroy
SystemTimeToVariantTime
LoadTypeLi
OleCreateFontIndirect

Sections

.text
Size: 192KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c67866235909719c5be8f7c46331990b

Headers

File Characteristics

Imports

setupapi

kernel32

user32

gdi32

advapi32

comctl32

shlwapi

oledlg

winspool.drv

comdlg32

shell32

ole32

oleaut32

Sections

.text Size: 192KB - Virtual size: 189KB

.rdata Size: 52KB - Virtual size: 51KB

.data Size: 12KB - Virtual size: 24KB

.rsrc Size: 68KB - Virtual size: 66KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 192KB - Virtual size: 189KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 12KB - Virtual size: 24KB

.rsrc
Size: 68KB - Virtual size: 66KB

.rmnet
Size: 60KB - Virtual size: 60KB