2024-01-26_5614cb3d699ff9542663f90914a3971b_floxif_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-26_5614cb3d699ff9542663f90914a3971b_floxif_icedid
Size

2.6MB
MD5

5614cb3d699ff9542663f90914a3971b
SHA1

3ab0ad86063360c5d288eef9b74dad0301d6b202
SHA256

a6b35a8e8583f3ce697b3a435424abbcca0e78df425ccacb1011febf296606ec
SHA512

5954df8b9a6cac4541d618d138ae180a8c6d33ee854df3d3c4c9f54ad772dddb216ba545e171e6036000d6b9cdf986a48112cae3fb061d70a286a3ea977d13e1
SSDEEP

49152:lhRYRSJ+6zGbgUpu1KnKLPd7SH8yc1QCVxt+I:laczGbgUUN7SH9UQaT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-26_5614cb3d699ff9542663f90914a3971b_floxif_icedid

Files

2024-01-26_5614cb3d699ff9542663f90914a3971b_floxif_icedid
.exe windows:4 windows x86 arch:x86

c08728caf900fd24410738a9416a777b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiSetClassInstallParamsA
SetupDiCallClassInstaller
CM_Remove_SubTree
CM_Locate_DevNodeA
CM_Get_DevNode_Registry_PropertyA
CM_Get_Child
CM_Get_Sibling
CM_Get_Parent
CM_Request_Device_EjectW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList

newdev

UpdateDriverForPlugAndPlayDevicesA

dbghelp

MakeSureDirectoryPathExists

kernel32

LoadResource
FindResourceA
DuplicateHandle
SetFilePointer
LockFile
UnlockFile
SetEndOfFile
GetFullPathNameA
GetThreadLocale
lstrcmpA
GlobalReAlloc
SuspendThread
lstrlenW
GetCurrentThread
GetFileTime
TlsAlloc
DeleteCriticalSection
GlobalHandle
TlsFree
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
SizeofResource
SetErrorMode
RtlUnwind
HeapFree
HeapAlloc
GetFileType
GetTimeZoneInformation
GetSystemTime
ExitProcess
TerminateProcess
ExitThread
GetStartupInfoA
RaiseException
GetACP
HeapSize
HeapReAlloc
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetStdHandle
SetHandleCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
LockResource
SetEnvironmentVariableA
LocalUnlock
GetProfileStringA
MoveFileExA
LocalLock
OutputDebugStringA
GetProcAddress
GetModuleHandleA
Sleep
MulDiv
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcpyA
CloseHandle
SetCommState
GetCommState
SetCommTimeouts
GetCommTimeouts
CreateFileA
ReadFile
WriteFile
SetThreadPriority
CreateThread
CreateEventA
SetPriorityClass
GetCurrentProcess
WaitForSingleObject
SetEvent
ResetEvent
CopyFileA
GetFileSize
GetTickCount
CreateDirectoryA
GetFileAttributesA
GetVersionExA
FreeLibrary
LoadLibraryA
GetExitCodeProcess
WritePrivateProfileSectionA
GetPrivateProfileSectionA
SetLastError
lstrlenA
LocalAlloc
LocalFree
GetLastError
GetWindowsDirectoryA
DeleteFileA
SetFileAttributesA
FindClose
FindNextFileA
lstrcatA
FindFirstFileA
GetSystemDirectoryA
GetUserDefaultUILanguage
GlobalUnlock
GlobalLock
GlobalAlloc
CompareStringW
GlobalSize
GetLocalTime
PeekNamedPipe
CreateProcessA
CreatePipe
GetStdHandle
InitializeCriticalSection
GetModuleFileNameA
GetVolumeInformationA
MapViewOfFile
CreateFileMappingA
DeviceIoControl
MoveFileA
GetCommandLineA
GetComputerNameA
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
InterlockedDecrement
InterlockedIncrement
lstrcpynA
GetPrivateProfileSectionNamesA
WritePrivateProfileStructA
ResumeThread
CreateMutexA
ReleaseMutex
GlobalFree
GetLogicalDrives
EnterCriticalSection
LeaveCriticalSection
RemoveDirectoryA
FormatMessageA
FileTimeToLocalFileTime
FileTimeToSystemTime
MultiByteToWideChar
GetDriveTypeW
GetVolumeInformationW
WideCharToMultiByte
SetVolumeLabelW
FlushFileBuffers
UnmapViewOfFile
TerminateThread
GetDriveTypeA
QueryDosDeviceA

user32

GetSysColorBrush
DestroyMenu
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
IsClipboardFormatAvailable
GetMessageA
ValidateRect
GetDesktopWindow
LoadStringA
EndPaint
BeginPaint
GetWindowDC
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetNextDlgTabItem
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
GetDlgItemInt
CheckDlgButton
SendDlgItemMessageA
MapWindowPoints
SetFocus
AdjustWindowRectEx
ScrollWindow
GetScrollInfo
GetScrollPos
GetTopWindow
CharNextA
WinHelpA
GetClassInfoA
GetDlgItem
GetWindowTextLengthA
GetDlgCtrlID
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
SendMessageTimeoutA
FindWindowExA
UnregisterClassA
HideCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
SendMessageA
GetParent
EnableWindow
ReleaseCapture
EnumWindows
SetWindowPos
LoadCursorA
RegisterClassA
CreateWindowExA
DestroyWindow
DefWindowProcA
ModifyMenuA
GetMenuItemID
GetMenuItemCount
ScreenToClient
GetMenuState
IsIconic
DrawIcon
GetSystemMetrics
GetSystemMenu
CopyAcceleratorTableA
PostThreadMessageA
IsChild
SetMenu
GetMenu
LoadMenuA
RemoveMenu
GetSubMenu
EnableMenuItem
CheckMenuItem
AppendMenuA
MessageBoxA
GetMessagePos
LockWindowUpdate
PostMessageA
GetKeyState
GetSysColor
SetRect
DrawFocusRect
OffsetRect
WindowFromPoint
SetActiveWindow
GetCursorPos
GetCapture
ClientToScreen
GetNextDlgGroupItem
DispatchMessageA
TranslateMessage
PeekMessageA
RedrawWindow
SetWindowLongA
GetWindowLongA
GetKeyNameTextA
LoadImageA
IsWindow
InflateRect
LoadBitmapA
ReleaseDC
GetDC
GetClientRect
UpdateWindow
ShowWindow
FindWindowA
FillRect
DrawEdge
TabbedTextOutA
DrawTextA
GrayStringA
SetWindowRgn
GetWindowRect
CopyRect
LoadIconA
GetClassNameA
GetClipboardData
SetCursor
ShowCaret
SetCaretPos
CreateCaret
PtInRect
RegisterClipboardFormatA
SetScrollInfo
EnableScrollBar
DragDetect
SetScrollPos
DestroyCaret
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
EnumChildWindows
GetWindowTextA
IsWindowVisible
IsWindowEnabled
CharUpperA
WaitForInputIdle
GetWindow
MessageBeep
CallWindowProcA
wsprintfA
GetFocus
SetCapture
KillTimer
SetTimer
InvalidateRect

gdi32

Rectangle
RoundRect
StretchBlt
GetPixel
TextOutA
ExtTextOutA
GetTextExtentPoint32A
GetTextMetricsA
Escape
CreateFontA
GetCharWidthA
SetBoundsRect
Polygon
GetClipBox
SetTextColor
SetBkColor
PatBlt
SaveDC
RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
RectVisible
ScaleWindowExtEx
IntersectClipRect
MoveToEx
LineTo
CreateHatchBrush
CopyMetaFileA
GetTextColor
PtVisible
LPtoDP
DPtoLP
GetWindowExtEx
GetViewportExtEx
GetMapMode
GetBkColor
CreatePen
SelectPalette
GetTextExtentPointA
RealizePalette
CreateCompatibleDC
BitBlt
DeleteDC
GetDeviceCaps
CreateCompatibleBitmap
CreateFontIndirectA
CreateBitmap
CreateSolidBrush
SelectObject
CreateRectRgn
CombineRgn
SelectClipRgn
GetObjectA
GetStockObject
SetWindowExtEx
CreateDIBitmap
DeleteObject

comdlg32

ChooseColorA
GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
SetNamedSecurityInfoA
RegEnumKeyExA
RegQueryInfoKeyA
RegCloseKey

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteExA
ShellExecuteA

comctl32

_TrackMouseEvent
ord17
ImageList_Destroy
ImageList_LoadImageA

oledlg

ord8

ole32

OleDuplicateData
CoTaskMemAlloc
CoDisconnectObject
CLSIDFromString
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoTaskMemFree
ReleaseStgMedium
CreateILockBytesOnHGlobal
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CreateStreamOnHGlobal
CoGetClassObject
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
CLSIDFromProgID
StgCreateDocfileOnILockBytes
CoRevokeClassObject
OleGetClipboard

olepro32

ord253

oleaut32

SysStringLen
LoadTypeLi
VariantTimeToSystemTime
VarBstrFromDate
VarDateFromStr
SysAllocStringByteLen
SysAllocString
SysFreeString
SysAllocStringLen
VariantChangeType
VariantClear
VariantCopy
OleLoadPicturePath

wsock32

gethostbyname
gethostname
WSACleanup
closesocket
connect
htons
ioctlsocket
socket
WSAStartup
recv
send
listen
htonl
ntohs
getservbyname
ntohl
accept
shutdown
getsockname
getpeername
bind
setsockopt
recvfrom
select
__WSAFDIsSet
sendto
WSASetLastError
WSAGetLastError
WSAAsyncSelect
inet_ntoa

odbc32

ord18
ord48
ord49
ord20
ord17
ord59
ord8
ord44
ord19
ord46
ord12
ord68
ord43
ord41
ord2
ord1
ord50
ord45
ord51
ord15
ord9
ord14
ord3
ord11
ord13
ord61
ord16
ord5
ord10

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 400KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c08728caf900fd24410738a9416a777b

Headers

File Characteristics

Imports

setupapi

newdev

dbghelp

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

odbc32

iphlpapi

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 124KB - Virtual size: 122KB

.data Size: 400KB - Virtual size: 1.3MB

.rsrc Size: 296KB - Virtual size: 295KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 124KB - Virtual size: 122KB

.data
Size: 400KB - Virtual size: 1.3MB

.rsrc
Size: 296KB - Virtual size: 295KB