2024-04-25_bffd273b4953106cfb527cc87587c7b9_floxif_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-25_bffd273b4953106cfb527cc87587c7b9_floxif_icedid
Size

2.2MB
MD5

bffd273b4953106cfb527cc87587c7b9
SHA1

4450f8fb0d6093cd92d2d844f6d6c546fdd5b6e1
SHA256

e18c58e52d28d0eabcbd45fff507fc6cf37b4bdada459963dab85b9a9e079b5c
SHA512

162d2221e6359f1850e5620ac481c82e1a4f09b6cc536621db7927bf239770ed3156754c24d51fa78cb5a3668f704e16e1f92c93244f7bd0012cb93505dd30ab
SSDEEP

49152:gi9dopi/RZL08d8cdPyifH/HnWsTYu84OIicXM:gibopi/nL08d8cdPyi2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-25_bffd273b4953106cfb527cc87587c7b9_floxif_icedid

Files

2024-04-25_bffd273b4953106cfb527cc87587c7b9_floxif_icedid
.exe windows:4 windows x86 arch:x86

1370a97d853850fbe2693764d76eb324

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

z:\v1.9.8-8\src\pctools\GXDownloader_boot\Release\GXDownloader_boot.pdb

Imports

kernel32

SetStdHandle
GetFileType
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
SetHandleCount
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetDriveTypeA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
HeapReAlloc
GetCommandLineA
GetStartupInfoA
GetCurrentDirectoryA
VirtualQuery
GetSystemInfo
VirtualProtect
HeapAlloc
HeapFree
ExitProcess
RtlUnwind
GetTickCount
SetErrorMode
GetOEMCP
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
FindNextFileA
GetFileTime
GetFileSize
SetFileAttributesA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
InterlockedDecrement
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GlobalAddAtomA
SetLastError
MulDiv
lstrcpynA
LocalFree
WritePrivateProfileStringA
GetCurrentThread
GetCurrentThreadId
GlobalDeleteAtom
lstrcmpA
GetModuleHandleA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
LoadLibraryA
FreeLibrary
lstrcatA
lstrcpyA
FreeResource
GetCPInfo
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
MultiByteToWideChar
CreatePipe
CreateProcessA
PeekNamedPipe
ReadFile
WaitForSingleObject
GetExitCodeProcess
TerminateProcess
GetLastError
FormatMessageA
GetVersion
GetFileAttributesA
CreateDirectoryA
CreateFileA
WriteFile
CloseHandle
VirtualAlloc
VirtualFree
GetModuleFileNameA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetPrivateProfileIntA
GetPrivateProfileStringA
Sleep
DeleteFileA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetEnvironmentStringsW

user32

PostThreadMessageA
InvalidateRgn
CopyAcceleratorTableA
IsRectEmpty
CharNextA
DestroyMenu
EndPaint
BeginPaint
GetWindowDC
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
RegisterWindowMessageA
WinHelpA
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextLengthA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
SetForegroundWindow
GetMenu
AdjustWindowRectEx
EqualRect
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
IntersectRect
GetWindowPlacement
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
CallNextHookEx
GetMessageA
IsWindowVisible
GetCursorPos
ValidateRect
MessageBoxA
GetLastActivePopup
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
EndDialog
PostQuitMessage
GetWindowTextA
ReleaseCapture
SetCapture
GetCapture
UpdateWindow
TranslateMessage
DispatchMessageA
SetWindowLongA
LoadCursorA
IsWindow
GetMessagePos
GetFocus
PtInRect
MessageBeep
PostMessageA
SetCursor
GetWindowLongA
GetParent
GetNextDlgTabItem
GetActiveWindow
InvalidateRect
ClientToScreen
DrawFocusRect
OffsetRect
InflateRect
DrawStateA
RegisterClipboardFormatA
SystemParametersInfoA
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetDesktopWindow
ReleaseDC
GetDC
ModifyMenuA
GetSubMenu
GetMenuState
GetMenuItemID
GetMenuItemCount
SetWindowsHookExA
GetNextDlgGroupItem
LoadBitmapA
GetSysColorBrush
FillRect
GetSysColor
CopyRect
SetRect
CharUpperA
PeekMessageA
wsprintfA
GetKeyState
GetSystemMetrics
LoadIconA
EnableWindow
GetClientRect
GetWindowRect
IsIconic
GetSystemMenu
SendMessageA
AppendMenuA
DrawIcon
SetMenuItemBitmaps

gdi32

CreateRectRgnIndirect
GetBkColor
GetMapMode
GetTextColor
GetRgnBox
SetBkMode
RestoreDC
SaveDC
GetClipBox
RoundRect
CreateBitmap
SetBkColor
SetTextColor
GetStockObject
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
MoveToEx
LineTo
CreateSolidBrush
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetTextExtentPoint32A
GetDeviceCaps
GetObjectA
CreatePen
SelectObject
DeleteObject
DeleteDC
SetMapMode

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA
RegQueryValueExA

comctl32

ord17
_TrackMouseEvent
ImageList_Destroy

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoTaskMemFree
CLSIDFromString
OleUninitialize
CoFreeUnusedLibraries
CoTaskMemAlloc
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CLSIDFromProgID
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize

oleaut32

SysFreeString
VariantCopy
SysAllocString
SafeArrayDestroy
SystemTimeToVariantTime
OleCreateFontIndirect
VariantInit
VariantChangeType
VariantClear
SysAllocStringByteLen
SysStringLen
SysAllocStringLen

netapi32

Netbios

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

ws2_32

htonl
inet_addr
inet_ntoa

Sections

.text
Size: 200KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1370a97d853850fbe2693764d76eb324

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

netapi32

version

ws2_32

Sections

.text Size: 200KB - Virtual size: 197KB

.rdata Size: 52KB - Virtual size: 51KB

.data Size: 12KB - Virtual size: 22KB

.rsrc Size: 1.9MB - Virtual size: 1.9MB

.text
Size: 200KB - Virtual size: 197KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 12KB - Virtual size: 22KB

.rsrc
Size: 1.9MB - Virtual size: 1.9MB