2024-01-11_4d731ffe816dc6d5961c429ed7eb8db4_floxif_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-11_4d731ffe816dc6d5961c429ed7eb8db4_floxif_icedid
Size

1.5MB
MD5

4d731ffe816dc6d5961c429ed7eb8db4
SHA1

f38d555b70817d6019375dd25192ce2e145619a8
SHA256

4a895d4085abf4b8914d272dc02c890d3d2dc6a7e9f8f518033f77d37c50e074
SHA512

64199a905737fc47683e4a5a61ca112cc6ab631b5c58267d7194a7fa2e7fedc8edb5b10ad0bb70a2263f38deb18eb4ea335429f91498687813f60bc2a002da45
SSDEEP

24576:jVudAQ6BO6Ri+GKEAmCyHaJJA9YzRsbehfgzvqyxnJ4VKiCF+pe2xrEH7j:jVKAXOJ+GKjyHaJAKfgOyxJXiCFie2c

Score

1^/10

Malware Config

Signatures

Files

2024-01-11_4d731ffe816dc6d5961c429ed7eb8db4_floxif_icedid
.exe windows:5 windows x86 arch:x86

0fca1861e48856f3f54b6f53847cd4c4

Code Sign

3c:91:31:cb:1f:f6:d0:1b:0e:9a:b8:d0:44:bf:12:be
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

29/01/1996, 00:00

Not After

02/08/2028, 23:59

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

76:d4:61:71:12:e4:4b:20:5d:c3:d0:91:cc:1d:87:c9
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

20/08/2010, 00:00

Not After

19/10/2011, 23:59

Subject

CN=Daum Communications Corp.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Daum Communications Corp.,L=Yongsan-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetACP
GetOEMCP
LCMapStringA
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetStringTypeA
WriteConsoleA
GetConsoleOutputCP
CreateFileA
SetEnvironmentVariableA
GetFileType
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
GetSystemTimeAsFileTime
HeapSize
CreateThread
ExitThread
HeapReAlloc
RaiseException
RtlUnwind
HeapFree
HeapAlloc
VirtualProtect
Sleep
GetTickCount
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GetStdHandle
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFlags
FreeResource
GlobalDeleteAtom
GetVersionExA
FileTimeToSystemTime
lstrlenA
lstrcmpA
InterlockedIncrement
WaitForSingleObject
GetCurrentThreadId
ResumeThread
SetThreadPriority
CloseHandle
GlobalSize
MulDiv
GetCurrentProcessId
LoadResource
LockResource
SizeofResource
InterlockedDecrement
TlsFree
GlobalFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalAlloc
GlobalHandle
GlobalUnlock
GlobalReAlloc
GlobalLock
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalFree
LocalAlloc
GetLastError
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError
GetModuleHandleA
InterlockedExchange
CompareStringA
LoadLibraryA
GetCurrentProcess
TerminateProcess
ExitProcess
FreeLibrary

ole32

OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoUninitialize
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
CoTaskMemFree
CoInitialize
CoCreateInstance

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW

gdiplus

GdipFree
GdipDeleteGraphics
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdiplusShutdown
GdipGetImageGraphicsContext
GdipDrawImageI
GdipCloneImage
GdipAlloc

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

advapi32

RegCloseKey

user32

DestroyCursor
DrawIcon
GetWindowRgn
GetNextDlgGroupItem
SetMenuDefaultItem
WaitMessage
CreateMenu
IsMenu
UpdateLayeredWindow
EnableScrollBar
TranslateMDISysAccel
DrawMenuBar
SetCursorPos
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
MessageBeep
GetAsyncKeyState
NotifyWinEvent
RedrawWindow
SetWindowRgn
IsZoomed
SetCapture
LockWindowUpdate
UnionRect
SetParent
GetSystemMenu
IsRectEmpty
WindowFromPoint
KillTimer
SetTimer
SetRect
UnpackDDElParam
ReuseDDElParam
ReleaseCapture
CreatePopupMenu
BringWindowToTop
GetNextDlgTabItem
EndDialog
DeleteMenu
ShowOwnedPopups
SetCursor
InvalidateRect
SetRectEmpty
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
FillRect
DestroyMenu
InflateRect
DestroyIcon
GetDesktopWindow
ClientToScreen
ShowWindow
MapDialogRect
CheckDlgButton
SendDlgItemMessageA
IsChild
GetCapture
IsWindow
SetFocus
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetClientRect
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
CopyRect
PtInRect
GetMenu
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
EnableMenuItem
CheckMenuItem
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
CallNextHookEx
TranslateMessage
GetActiveWindow
SubtractRect
GetIconInfo
GetDoubleClickTime
CopyIcon
EmptyClipboard
CloseClipboard
SetClipboardData
CopyImage
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
OpenClipboard
GetMenuDefaultItem
GetUpdateRect
MoveWindow
FrameRect
UnhookWindowsHookEx
IsWindowEnabled
GetLastActivePopup
GetParent
GetWindowThreadProcessId
RemoveMenu
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
DestroyAcceleratorTable

gdi32

SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateBitmap
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
DeleteObject
CreateCompatibleDC
BitBlt
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateCompatibleBitmap
CreateRectRgnIndirect
SetRectRgn
CombineRgn
DPtoLP
GetBkColor
CreateDIBitmap
GetTextCharsetInfo
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateDIBSection
CreateEllipticRgn
Polyline
Ellipse
Polygon
OffsetRgn
GetRgnBox
SetDIBColorTable
RealizePalette
StretchBlt
SetPixel
RoundRect
Rectangle
CreatePalette
GetPaletteEntries
GetWindowOrgEx
GetViewportOrgEx
LPtoDP
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
SetPixelV
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
RectVisible
PtVisible
GetPixel
GetWindowExtEx
PatBlt
GetDeviceCaps

shell32

SHAppBarMessage
DragFinish

winspool.drv

ClosePrinter

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

oleaut32

VariantClear
VariantChangeType
SysAllocStringLen
SysStringLen
SysFreeString
VariantInit
SysAllocString

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 255KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0fca1861e48856f3f54b6f53847cd4c4

Code Sign

3c:91:31:cb:1f:f6:d0:1b:0e:9a:b8:d0:44:bf:12:beCertificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

76:d4:61:71:12:e4:4b:20:5d:c3:d0:91:cc:1d:87:c9Certificate

Extended Key Usages

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

msimg32

comctl32

shlwapi

gdiplus

imm32

advapi32

user32

gdi32

shell32

winspool.drv

oleacc

oleaut32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 255KB - Virtual size: 255KB

.data Size: 22KB - Virtual size: 50KB

.rsrc Size: 32KB - Virtual size: 32KB

3c:91:31:cb:1f:f6:d0:1b:0e:9a:b8:d0:44:bf:12:be
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

76:d4:61:71:12:e4:4b:20:5d:c3:d0:91:cc:1d:87:c9
Certificate

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 255KB - Virtual size: 255KB

.data
Size: 22KB - Virtual size: 50KB

.rsrc
Size: 32KB - Virtual size: 32KB