2024-05-11_e02338cf0588055f243250febfd8d47d_floxif_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-11_e02338cf0588055f243250febfd8d47d_floxif_icedid
Size

4.4MB
MD5

e02338cf0588055f243250febfd8d47d
SHA1

af0348f85efffe8918def5fcf36fe163a229d59f
SHA256

ed28ed6e489d8131b23d131881fc5da42f8240ab4c1c716bb6e60b8cd18b199d
SHA512

e6b86dbad3f56acaff1032b60d00b5d0ae7d43c2aba4b8fd46896d5cb0255fc71c5018feba9927ff55f8dcae224e85fc30c7ef40f2e6f408f4331d4a7701712f
SSDEEP

49152:qSyEBF8hHQ5n/ymbymdaLZLci+wc98hzlSb9kSy6wPwQmdVVLhTM295qXf5Y2Mhw:v6h//nSXQmdVEi567oT95MYGd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-11_e02338cf0588055f243250febfd8d47d_floxif_icedid

Files

2024-05-11_e02338cf0588055f243250febfd8d47d_floxif_icedid
.exe windows:5 windows x86 arch:x86

a2b4fe918ab4a108a372c8f61340db75

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
GetCPInfo
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringW
GetTimeZoneInformation
SetStdHandle
PeekNamedPipe
GetCurrentDirectoryA
LCMapStringA
GetStringTypeA
GetStringTypeW
HeapCreate
GetLocaleInfoA
GetTimeFormatA
GetDateFormatA
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetDriveTypeA
SetEnvironmentVariableA
GetStartupInfoA
SetHandleCount
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
HeapSize
ExitProcess
ExitThread
VirtualQuery
GetSystemInfo
GetDriveTypeW
GetFileType
GetSystemTimeAsFileTime
HeapReAlloc
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
EnumResourceNamesW
EnumResourceTypesW
lstrcpynW
GetVersion
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
GetStartupInfoW
SetErrorMode
GetFileSizeEx
GetFileAttributesExW
FindResourceExW
GlobalFlags
GetVolumeInformationW
DuplicateHandle
UnlockFile
LockFile
GetStringTypeExW
MoveFileW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
WritePrivateProfileStringW
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
CompareStringA
GlobalGetAtomNameW
lstrlenA
GetProfileIntW
CreateEventW
SetEvent
SetThreadPriority
GetModuleHandleA
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
GetVersionExA
GlobalFree
UnmapViewOfFile
GetFileInformationByHandle
SetFileTime
GetCurrentDirectoryW
LocalFileTimeToFileTime
SystemTimeToFileTime
lstrcmpW
lstrcmpiW
FindNextFileW
GetComputerNameExW
GetSystemDirectoryW
FormatMessageW
GetShortPathNameW
GetLongPathNameW
GetLocaleInfoW
GetThreadLocale
GetVersionExW
GlobalAlloc
FindFirstFileW
FindClose
GetFileAttributesW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentThread
GetCurrentProcess
LocalAlloc
LocalFree
HeapAlloc
GetProcessHeap
HeapFree
lstrcmpiA
IsBadReadPtr
VirtualFree
VirtualProtect
VirtualAlloc
GlobalSize
GlobalLock
GlobalUnlock
GetWindowsDirectoryW
SetCurrentDirectoryW
CreateThread
GetExitCodeThread
TerminateThread
InterlockedExchange
GetExitCodeProcess
SuspendThread
GetPrivateProfileStringW
GetCommandLineW
CreateDirectoryW
GetPrivateProfileIntW
lstrlenW
Sleep
GetCurrentProcessId
CreateMutexW
DeleteFileW
CopyFileW
MulDiv
FreeLibrary
GetACP
FreeResource
MultiByteToWideChar
CreateProcessW
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ResumeThread
CreateFileW
GetFileTime
GetFileSize
FlushFileBuffers
SetEndOfFile
SetFilePointer
WriteFile
ReadFile
CloseHandle
GetLastError
SetLastError
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetTempPathW
EnumDateFormatsW
EnumTimeFormatsW
GetTimeFormatW
GetDateFormatW
GetLocalTime
GetUserDefaultLCID
WideCharToMultiByte
GetTickCount
GetModuleFileNameW
ExpandEnvironmentStringsW
GetEnvironmentStringsW
FindResourceW
LoadResource
LockResource
SizeofResource
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
InterlockedIncrement

user32

GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
AppendMenuW
GetMenuItemID
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
wsprintfW
ShowWindow
GetWindowTextW
SetWindowTextW
GetMenuStringW
DrawStateW
DestroyCursor
SetCursor
GetIconInfo
GetSysColorBrush
PeekMessageW
DispatchMessageW
TranslateMessage
GrayStringW
DrawTextExW
TabbedTextOutW
IsRectEmpty
LoadBitmapW
SetScrollInfo
GetScrollInfo
WindowFromPoint
EnumChildWindows
PtInRect
InflateRect
DrawTextW
DrawFocusRect
LoadStringW
GetClassNameW
GetClassLongW
SetClassLongW
LoadImageW
LoadAcceleratorsW
ReuseDDElParam
UnpackDDElParam
SendMessageW
GetClipboardData
EmptyClipboard
SetClipboardData
ChangeClipboardChain
SetClipboardViewer
LoadIconW
OffsetRect
RemoveMenu
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuState
DrawIconEx
OpenClipboard
EnumClipboardFormats
CloseClipboard
GetFocus
ClientToScreen
GetDC
ReleaseDC
IsClipboardFormatAvailable
SetActiveWindow
IsWindowVisible
EqualRect
MessageBeep
LoadCursorW
FindWindowW
GetWindowLongW
SetForegroundWindow
PostQuitMessage
DestroyIcon
GetActiveWindow
GetWindowThreadProcessId
UpdateWindow
MessageBoxW
GetWindow
GetClassInfoExW
CreateWindowExW
ShowScrollBar
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
SetMenu
TrackPopupMenu
ScrollWindow
MapWindowPoints
GetMessageTime
UnhookWindowsHookEx
GetTopWindow
GetSystemMetrics
GetDesktopWindow
GetWindowRect
BringWindowToTop
GetKeyState
EndDeferWindowPos
BeginDeferWindowPos
GetLastActivePopup
GetWindowTextLengthW
SetFocus
RemovePropW
GetPropW
SetPropW
CallNextHookEx
SetWindowsHookExW
GetCapture
IsChild
WinHelpW
SendDlgItemMessageA
SendDlgItemMessageW
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
SetDlgItemTextW
IsDialogMessageW
MoveWindow
GetKeyNameTextW
MapVirtualKeyW
EnableWindow
CopyRect
GetClientRect
IsWindow
ScreenToClient
InvalidateRect
GetParent
GetSysColor
GetCursorPos
DeleteMenu
GetMenuItemCount
GetSubMenu
InsertMenuW
LoadMenuW
PostMessageW
RegisterWindowMessageW
GetDoubleClickTime
GetClipboardFormatNameW
DrawEdge
SetCursorPos
GetCursor
LookupIconIdFromDirectoryEx
DrawFrameControl
IsZoomed
CreateAcceleratorTableW
ToUnicodeEx
GetKeyboardState
GetKeyboardLayoutList
IsCharLowerW
GetKeyboardLayout
MapVirtualKeyExW
DestroyAcceleratorTable
InsertMenuItemW
GetWindowRgn
ShowCaret
HideCaret
IsMenu
GetMenuDefaultItem
InvertRect
CreateIconIndirect
CopyIcon
CreateIconFromResourceEx
GetForegroundWindow
SetTimer
KillTimer
RegisterClipboardFormatW
GetMessagePos
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
RedrawWindow
CountClipboardFormats
InSendMessage
SendNotifyMessageW
CopyAcceleratorTableW
GetAsyncKeyState
MapDialogRect
ShowOwnedPopups
SetWindowContextHelpId
SetParent
InvalidateRgn
CharNextW
CharUpperW
UnregisterClassW
GetSystemMenu
UnionRect
CreateMenu
GetNextDlgGroupItem
PostThreadMessageW
GetTabbedTextExtentA
GetDCEx
LockWindowUpdate
CreatePopupMenu
SetRectEmpty
TranslateAcceleratorW
SetWindowRgn
DrawIcon
ReleaseCapture
SetCapture
SetRect
FillRect
GetWindowDC
BeginPaint
EndPaint
ValidateRect
GetMessageW
DestroyMenu
SystemParametersInfoW

gdi32

LineTo
MoveToEx
SetTextAlign
GetViewportExtEx
GetWindowExtEx
StartDocW
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
CreatePatternBrush
IntersectClipRect
CreateSolidBrush
SetRectRgn
SetMapMode
DPtoLP
CreateEllipticRgn
LPtoDP
Ellipse
GetWindowOrgEx
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetViewportOrgEx
GetRgnBox
GetTextMetricsW
GetCharWidthW
StretchDIBits
EnumFontFamiliesExW
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceW
GetTextExtentPoint32A
ExcludeClipRect
SetStretchBltMode
SetPolyFillMode
SetBkMode
PatBlt
CreateRectRgnIndirect
CreateBitmap
SetTextColor
GetClipBox
CreateDCW
CopyMetaFileW
CreateFontW
GetPixel
Escape
TextOutW
RectVisible
PtVisible
BitBlt
GetMapMode
CreateCompatibleBitmap
SetBkColor
ExtTextOutW
GetTextColor
GetBkColor
GetTextCharacterExtra
CreatePen
CreateDIBSection
DeleteObject
DeleteDC
CreateCompatibleDC
SaveDC
SetROP2
SelectObject
SelectClipRgn
Rectangle
RestoreDC
CreateRectRgn
StretchBlt
GetDIBits
SetPixel
SetDIBits
Polygon
PtInRegion
EnumFontFamiliesW
GetBitmapBits
CreatePolygonRgn
RoundRect
ExtFloodFill
GetTextExtentPoint32W
GetDeviceCaps
CreateFontIndirectW
CombineRgn
GetStockObject
GetObjectW

comdlg32

GetFileTitleW

winspool.drv

GetJobW
OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW
GetUserNameW
FreeSid
RevertToSelf
AccessCheck
IsValidSecurityDescriptor
SetSecurityDescriptorOwner
GetFileSecurityW
SetFileSecurityW
RegCreateKeyW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegSetValueW
RegQueryInfoKeyW
RegEnumKeyExW
IsTextUnicode
RegCloseKey
RegCreateKeyExW
RegSetValueExW
ImpersonateSelf
OpenThreadToken
OpenProcessToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup

shell32

DragFinish
SHGetFileInfoW
DragAcceptFiles
ShellExecuteW
SHFileOperationW
ExtractIconW
Shell_NotifyIconW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetMalloc
SHGetFolderPathW
SHBrowseForFolderW
SHGetSpecialFolderPathW
DragQueryFileW

comctl32

InitCommonControlsEx
ImageList_GetIcon
ImageList_GetIconSize
ImageList_Destroy
ImageList_GetImageCount
ImageList_DrawEx
PropertySheetW
_TrackMouseEvent

shlwapi

PathCombineW
StrRStrIW
StrCpyW
StrChrW
UrlIsW
StrCmpNIW
PathFindExtensionW
StrFormatByteSizeW
StrStrIW
StrCmpIW
PathUnExpandEnvStringsW
PathAddBackslashW
PathFileExistsW
PathCreateFromUrlW
UrlUnescapeA
UrlCanonicalizeA
UrlUnescapeW
UrlCanonicalizeW
PathRemoveFileSpecW
PathRemoveExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
StrStrIA

oledlg

OleUIPasteSpecialW
OleUIInsertObjectW
OleUIObjectPropertiesW
OleUIBusyW
OleUIAddVerbMenuW

ole32

StgCreateDocfile
CreateGenericComposite
CreateItemMoniker
OleGetIconOfClass
OleCreateLinkToFile
OleCreateFromFile
OleSetContainedObject
GetHGlobalFromILockBytes
StgOpenStorageOnILockBytes
OleLoad
OleCreate
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleRegEnumVerbs
OleRegGetMiscStatus
CoGetClassObject
CoRegisterMessageFilter
CreateFileMoniker
StgOpenStorage
StgIsStorageFile
OleRun
OleIsRunning
OleSetMenuDescriptor
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
OleLockRunning
OleSaveToStream
WriteClassStm
OleSave
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoRevokeClassObject
CoRegisterClassObject
CoDisconnectObject
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
RevokeDragDrop
RegisterDragDrop
CoInitializeEx
CoUninitialize
OleDuplicateData
CoTreatAsClass
StringFromCLSID
CreateBindCtx
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
ReleaseStgMedium
OleGetClipboard
CLSIDFromProgID
CoCreateGuid
StringFromGUID2
CoTaskMemFree
CLSIDFromString
CoInitialize
CoTaskMemAlloc
CreateStreamOnHGlobal
CoCreateInstance
OleDestroyMenuDescriptor
GetRunningObjectTable
CoLockObjectExternal

oleaut32

OleLoadPicturePath
VariantChangeTypeEx
VarUdateFromDate
OleCreateFontIndirect
VarBstrFromDate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnaccessData
VarDateFromStr
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
VariantCopy
SafeArrayCreate
VariantCopyInd
SafeArrayCopy
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayGetVartype
VarBstrCmp
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElement
VariantChangeType
SysStringByteLen
SysAllocStringByteLen
VariantInit
VariantClear
SysStringLen
SysAllocString
SysAllocStringLen
SysFreeString

urlmon

URLDownloadToFileW
URLDownloadToCacheFileW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

gdiplus

GdipCreateBitmapFromScan0
GdipCloneImage
GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipDisposeImage
GdipAlloc
GdipFree
GdiplusShutdown

wininet

GetUrlCacheEntryInfoW

winmm

PlaySoundW

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 556KB - Virtual size: 555KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a2b4fe918ab4a108a372c8f61340db75

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

version

gdiplus

wininet

winmm

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 556KB - Virtual size: 555KB

.data Size: 68KB - Virtual size: 91KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 556KB - Virtual size: 555KB

.data
Size: 68KB - Virtual size: 91KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB