2024-04-26_f6d44924266a205a9c6c2f0bd4dc111e_floxif_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-26_f6d44924266a205a9c6c2f0bd4dc111e_floxif_icedid
Size

470KB
MD5

f6d44924266a205a9c6c2f0bd4dc111e
SHA1

e64af3127d10c699be22298cf788066e25b7c994
SHA256

db3aa7951c92669a07ed8a40dd8445f8d206dd8917a55ca0960ed4a0ab1d07d9
SHA512

126db292da32baae25199cda23d09374f3743cc860528ef10c3e7116ce467231792fd7a237feebc3ffe306dcffde3445ec09135b312205fd62145c633708ab68
SSDEEP

12288:hbDjynJguiTAhUK3bQPHnpaRvucDZ4yBjvrEH7B:lDj0JgpLK38sRvucDZHrEH7B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-26_f6d44924266a205a9c6c2f0bd4dc111e_floxif_icedid

Files

2024-04-26_f6d44924266a205a9c6c2f0bd4dc111e_floxif_icedid
.exe windows:5 windows x86 arch:x86

b9be1479d52747f03c39b5205516fafc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathW

wtsapi32

WTSQueryUserToken
WTSLogoffSession

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

powrprof

SetSuspendState

kernel32

GetFileAttributesW
GetFileSizeEx
GetFileTime
GetStartupInfoW
RtlUnwind
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetLocalTime
GetDriveTypeW
HeapReAlloc
ExitThread
CreateThread
HeapSize
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetFileInformationByHandle
PeekNamedPipe
GetTimeFormatA
GetDateFormatA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
LCMapStringA
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CreateFileA
GetDriveTypeA
SetEnvironmentVariableA
FileTimeToLocalFileTime
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
ReadFile
MoveFileW
FileTimeToSystemTime
GetThreadLocale
lstrlenA
lstrcmpA
CompareStringA
InterlockedExchange
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
SuspendThread
ResumeThread
SetThreadPriority
GetTickCount
GetCurrentProcessId
GetModuleHandleA
GlobalAlloc
FormatMessageW
LocalFree
MulDiv
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
SetLastError
lstrcmpW
GetVersionExA
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
WaitForMultipleObjectsEx
GetSystemTime
SystemTimeToFileTime
SetWaitableTimer
CompareFileTime
CancelWaitableTimer
CreateEventW
CreateWaitableTimerW
WaitForSingleObject
ResetEvent
SetEvent
CreateDirectoryW
GetFileSize
CreateFileW
SetFilePointer
WideCharToMultiByte
WriteFile
DeleteFileW
GetCurrentDirectoryA
GetCurrentDirectoryW
GetPrivateProfileIntW
Sleep
GetVersionExW
IsSystemResumeAutomatic
SetThreadExecutionState
WTSGetActiveConsoleSessionId
LoadLibraryW
GetSystemPowerStatus
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
OpenProcess
GetCommandLineW
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
OutputDebugStringW
LoadLibraryExW
MultiByteToWideChar
FreeLibrary
InterlockedIncrement
GetCurrentThread
GetCurrentProcess
CloseHandle
lstrcmpiW
GetModuleHandleW
GetProcAddress
InterlockedDecrement
GetLastError
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenW
GetModuleFileNameW
FindResourceW
LoadResource
LockResource
SizeofResource
GetStdHandle
GetFileAttributesA

user32

CharUpperW
MessageBeep
GetNextDlgGroupItem
ReleaseCapture
SetCapture
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
GetSysColorBrush
PostQuitMessage
DestroyMenu
TranslateMessage
GetCursorPos
ValidateRect
RegisterClipboardFormatW
SetWindowContextHelpId
MapDialogRect
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
EnableWindow
CharNextW
MessageBoxW
LoadCursorW
SetFocus
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetClientRect
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
RegisterClassW
GetSysColor
AdjustWindowRectEx
EqualRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenuCheckMarkDimensions
LoadStringW
PostThreadMessageW
DispatchMessageW
GetMessageW
DestroyWindow
GetClassInfoW
ExitWindowsEx
PostMessageW
SetTimer
KillTimer
wsprintfW
EndDialog
SendMessageW
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
GetWindowLongW
IsWindow
CreateDialogIndirectParamW
SetActiveWindow
GetActiveWindow
GetDesktopWindow
GetWindow
GetSystemMetrics
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
SetWindowLongW
GetMenu
PtInRect
CopyRect
SetMenuItemBitmaps

gdi32

GetTextColor
GetRgnBox
GetBkColor
GetMapMode
CreateRectRgnIndirect
DeleteDC
ExtSelectClipRgn
RestoreDC
SaveDC
GetDeviceCaps
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetStockObject
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

CreateProcessAsUserW
LookupPrivilegeValueW
AdjustTokenPrivileges
LookupAccountSidW
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerExW
OpenThreadToken
OpenProcessToken
RegEnumKeyExW
GetTokenInformation
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
InitializeSecurityDescriptor
IsValidSid
GetLengthSid
CopySid
RegQueryInfoKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
SetServiceStatus
RegisterEventSourceW
ReportEventW
DeregisterEventSource
ControlService
DeleteService
CreateServiceW
LockServiceDatabase
ChangeServiceConfig2W
UnlockServiceDatabase
OpenSCManagerW
OpenServiceW
CloseServiceHandle

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW

ole32

CoGetClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
StgOpenStorageOnILockBytes
CoInitializeSecurity
CoInitialize
CoUninitialize
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemRealloc
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysFreeString
VariantInit
VariantClear
GetRecordInfoFromGuids
SysStringLen
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
LoadRegTypeLi
SysAllocStringLen
VariantChangeType
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect

oledlg

OleUIBusyW

Sections

.text
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9be1479d52747f03c39b5205516fafc

Headers

DLL Characteristics

File Characteristics

Imports

shell32

wtsapi32

userenv

powrprof

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shlwapi

ole32

oleaut32

oledlg

Sections

.text Size: 284KB - Virtual size: 283KB

.rdata Size: 79KB - Virtual size: 79KB

.data Size: 14KB - Virtual size: 30KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 284KB - Virtual size: 283KB

.rdata
Size: 79KB - Virtual size: 79KB

.data
Size: 14KB - Virtual size: 30KB

.rsrc
Size: 15KB - Virtual size: 14KB