2024-02-20_7de3389841da4cfe96c3da58331cc5ac_floxif_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-20_7de3389841da4cfe96c3da58331cc5ac_floxif_icedid
Size

829KB
MD5

7de3389841da4cfe96c3da58331cc5ac
SHA1

ac0d7be1c767fc1257f414d85978d07df9065f8b
SHA256

7d360041fd64b7e63753d4ceda513dc71668447caeb44021c55b1e948e132595
SHA512

bde0cfee714ed6449ba35bfcfd677396a81b8ef12b2e24d6b0ef79ce6e08c03446179efa0703e3f9ff63a52a9592e1c7a631f8af08158cf6c63ccce5ae20c9f3
SSDEEP

24576:te2oLquuPbcDWhZrTudMlkXpJV2ULlj8ZmhyrEH7O:tAwjcDWzBlmN8Z4s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-20_7de3389841da4cfe96c3da58331cc5ac_floxif_icedid

Files

2024-02-20_7de3389841da4cfe96c3da58331cc5ac_floxif_icedid
.exe windows:5 windows x86 arch:x86

7d7b3d2860d0cc53aaf001a4b22068eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Git\New folder\[AVerTV]\ScheduleService\Release\AVerScheduleService.pdb

Imports

shell32

DragQueryFileW
DragFinish
SHGetFileInfoW
ExtractIconW
SHGetSpecialFolderPathW
SHGetFolderPathW

wtsapi32

WTSQueryUserToken
WTSLogoffSession

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

powrprof

SetSuspendState

kernel32

GetFileAttributesExW
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesW
GetFileAttributesW
GetFileSizeEx
GetFileTime
SetErrorMode
GetStartupInfoW
RtlUnwind
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetLocalTime
GetDriveTypeW
HeapReAlloc
ExitThread
CreateThread
HeapSize
FileTimeToLocalFileTime
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetCurrentDirectoryA
GetTimeFormatA
GetDateFormatA
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
LCMapStringA
GetStringTypeA
GetStringTypeW
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CreateFileA
GetDriveTypeA
GetFullPathNameA
SetEnvironmentVariableA
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
ReadFile
GetStringTypeExW
MoveFileW
GetPrivateProfileStringW
WritePrivateProfileStringW
FileTimeToSystemTime
GetThreadLocale
lstrlenA
GetAtomNameW
GlobalGetAtomNameW
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
CompareStringA
InterlockedExchange
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
SuspendThread
ResumeThread
SetThreadPriority
GetTickCount
GetCurrentProcessId
GetModuleHandleA
CopyFileW
GlobalSize
GlobalAlloc
MulDiv
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
SetLastError
lstrcmpW
GetVersionExA
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
WaitForMultipleObjectsEx
GetSystemTime
SystemTimeToFileTime
SetWaitableTimer
CompareFileTime
CancelWaitableTimer
CreateEventW
CreateWaitableTimerW
WaitForSingleObject
ResetEvent
SetEvent
GetWindowsDirectoryW
GetLocaleInfoW
GetUserDefaultLCID
CreateDirectoryW
GetDiskFreeSpaceExW
GetFileSize
CreateFileW
SetFilePointer
WideCharToMultiByte
WriteFile
DeleteFileW
GetCurrentDirectoryA
GetCurrentDirectoryW
GetPrivateProfileIntW
Sleep
GetVersionExW
FormatMessageW
LocalFree
IsSystemResumeAutomatic
SetThreadExecutionState
WTSGetActiveConsoleSessionId
LoadLibraryW
GetSystemPowerStatus
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetCommandLineW
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
LoadLibraryExW
MultiByteToWideChar
FreeLibrary
InterlockedIncrement
GetCurrentThread
GetCurrentProcess
lstrcmpiW
GetModuleHandleW
GetProcAddress
InterlockedDecrement
GetLastError
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenW
GetModuleFileNameW
FindResourceW
LoadResource
LockResource
SizeofResource
OpenProcess
SetPriorityClass
OutputDebugStringW
CloseHandle
ExitProcess
GetFileAttributesA

user32

GetKeyNameTextW
WindowFromPoint
UnpackDDElParam
ReuseDDElParam
LoadMenuW
GetMenuBarInfo
LoadAcceleratorsW
InsertMenuItemW
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorW
CharUpperW
DestroyIcon
DeleteMenu
ShowOwnedPopups
SetCursor
SetRectEmpty
MessageBeep
GetNextDlgGroupItem
ReleaseCapture
SetCapture
InvalidateRgn
InvalidateRect
CopyAcceleratorTableW
SetRect
IsRectEmpty
UnregisterClassW
GetSysColorBrush
PostQuitMessage
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
GetDialogBaseUnits
TranslateMessage
GetCursorPos
ValidateRect
RegisterClipboardFormatW
SetWindowContextHelpId
MapDialogRect
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
GetMenuStringW
AppendMenuW
InsertMenuW
RemoveMenu
ScrollWindowEx
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
MapVirtualKeyW
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
EnableWindow
CharNextW
MessageBoxW
LoadCursorW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
GetClientRect
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetSystemMenu
SetParent
UnionRect
LockWindowUpdate
GetMenuCheckMarkDimensions
GetDCEx
LoadStringW
PostThreadMessageW
DispatchMessageW
GetMessageW
DestroyWindow
GetClassInfoW
ExitWindowsEx
PostMessageW
SetTimer
KillTimer
wsprintfW
EndDialog
SendMessageW
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
GetWindowLongW
IsWindow
CreateDialogIndirectParamW
SetActiveWindow
GetActiveWindow
GetDesktopWindow
GetWindow
GetSystemMetrics
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
SetWindowLongW
GetMenu
PtInRect
CopyRect
SetMenuItemBitmaps

gdi32

GetTextColor
CreateCompatibleBitmap
CreateFontW
GetCharWidthW
GetRgnBox
GetBkColor
DPtoLP
PatBlt
GetMapMode
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateFontIndirectW
GetTextMetricsW
GetTextExtentPoint32W
CreateHatchBrush
CreateSolidBrush
GetCurrentPositionEx
ExtCreatePen
CreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
CreateCompatibleDC
CreatePatternBrush
CreateDIBPatternBrushPt
DeleteDC
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateDCW
CopyMetaFileW
GetDeviceCaps
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
StretchDIBits
GetStockObject
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
StartDocW
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
DeleteObject
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
ArcTo

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegQueryValueW
RegOpenKeyW
RegCreateKeyW
RegSetValueW
GetUserNameW
CreateProcessAsUserW
LookupPrivilegeValueW
AdjustTokenPrivileges
LookupAccountSidW
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerExW
OpenThreadToken
OpenProcessToken
RegEnumKeyExW
GetTokenInformation
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
InitializeSecurityDescriptor
IsValidSid
GetLengthSid
CopySid
RegQueryInfoKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
SetServiceStatus
RegisterEventSourceW
ReportEventW
DeregisterEventSource
ControlService
DeleteService
CreateServiceW
LockServiceDatabase
ChangeServiceConfig2W
UnlockServiceDatabase
OpenSCManagerW
OpenServiceW
CloseServiceHandle
RegEnumKeyW

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathRemoveExtensionW
PathFindExtensionW
PathRemoveFileSpecW

ole32

CoDisconnectObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
OleDuplicateData
CoTreatAsClass
StringFromCLSID
ReleaseStgMedium
CreateBindCtx
ReadClassStg
ReadFmtUserTypeStg
CoGetClassObject
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoInitializeSecurity
CoInitializeEx
CoUninitialize
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemRealloc
CoTaskMemAlloc
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
OleRun
OleRegGetUserType
CreateStreamOnHGlobal

oleaut32

SysFreeString
VariantInit
VariantClear
GetRecordInfoFromGuids
SysStringLen
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
LoadRegTypeLi
SysAllocStringLen
VariantChangeType
SysAllocStringByteLen
SysStringByteLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
VarDateFromStr
SysReAllocStringLen
VarCyFromStr
OleCreateFontIndirect
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarBstrFromDate

oledlg

OleUIBusyW

Sections

.text
Size: 567KB - Virtual size: 566KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d7b3d2860d0cc53aaf001a4b22068eb

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shell32

wtsapi32

userenv

powrprof

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shlwapi

ole32

oleaut32

oledlg

Sections

.text Size: 567KB - Virtual size: 566KB

.rdata Size: 153KB - Virtual size: 153KB

.data Size: 16KB - Virtual size: 32KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 567KB - Virtual size: 566KB

.rdata
Size: 153KB - Virtual size: 153KB

.data
Size: 16KB - Virtual size: 32KB

.rsrc
Size: 15KB - Virtual size: 14KB