General

Malware Config

Signatures

Files

• 2024-05-22_c6b188967694ff9a0c9d92238d0bdc2a_floxif_icedid

  .exe windows:5 windows x86 arch:x86

  8b8a8c2a0d5f040196330b39437fed89

  
  

  Code Sign

  16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b

  Certificate

  Issuer

  CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

  Not Before

  31-12-2015 00:00

  Not After

  09-07-2019 18:40

  Subject

  CN=COMODO SHA-1 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  6f:32:5f:60:78:1a:93:fd:23:e4:1a:95:96:ab:8c:0d

  Certificate

  Issuer

  CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Not Before

  26-10-2018 00:00

  Not After

  25-10-2020 23:59

  Subject

  CN=Sollae Systems Co.\, Ltd.,O=Sollae Systems Co.\, Ltd.,POSTALCODE=22134,STREET=869 Gyeongwon-daero,L=Nam-gu,ST=Incheon,C=KR

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d

  Certificate

  Issuer

  CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Not Before

  19-01-2010 00:00

  Not After

  18-01-2038 23:59

  Subject

  CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af

  Certificate

  Issuer

  CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Not Before

  09-05-2013 00:00

  Not After

  08-05-2028 23:59

  Subject

  CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  ed:b6:26:89:69:01:62:c5:e7:39:a1:8e:01:21:ba:6a:c8:cd:b6:e2

  Signer

  Actual PE Digest

  ed:b6:26:89:69:01:62:c5:e7:39:a1:8e:01:21:ba:6a:c8:cd:b6:e2

  Digest Algorithm

  sha1

  PE Digest Matches

  false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  ws2_32

  shutdown

  htons

  recvfrom

  __WSAFDIsSet

  connect

  ioctlsocket

  getsockopt

  WSAIoctl

  WSACloseEvent

  WSACreateEvent

  WSAGetOverlappedResult

  WSARecvFrom

  WSAResetEvent

  freeaddrinfo

  getnameinfo

  ntohl

  getaddrinfo

  WSASocketW

  select

  WSAJoinLeaf

  WSAGetLastError

  gethostname

  gethostbyname

  socket

  setsockopt

  inet_ntoa

  ntohs

  listen

  closesocket

  bind

  htonl

  inet_addr

  sendto

  iphlpapi

  GetIpAddrTable

  GetIpNetTable

  DeleteIpNetEntry

  GetAdaptersInfo

  kernel32

  VerifyVersionInfoW

  GetCurrentDirectoryW

  FindResourceExW

  GetWindowsDirectoryW

  GetTempFileNameW

  GetTempPathW

  GetProfileIntW

  SearchPathW

  GetCommandLineW

  RtlUnwind

  CreateThread

  ExitThread

  IsDebuggerPresent

  IsProcessorFeaturePresent

  GetSystemTimeAsFileTime

  RaiseException

  HeapReAlloc

  GetSystemInfo

  VirtualAlloc

  VirtualQuery

  ExitProcess

  GetModuleHandleExW

  AreFileApisANSI

  HeapSize

  HeapQueryInformation

  SetStdHandle

  GetFileType

  GetStdHandle

  GetStartupInfoW

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  lstrcpyW

  IsValidCodePage

  GetACP

  GetOEMCP

  GetCPInfo

  GetTimeZoneInformation

  GetConsoleMode

  ReadConsoleW

  FindFirstFileExW

  GetDriveTypeW

  SetConsoleCtrlHandler

  GetConsoleCP

  SetFilePointerEx

  LCMapStringW

  GetFileInformationByHandle

  PeekNamedPipe

  WriteConsoleW

  SetEnvironmentVariableA

  SetConsoleMode

  ReadConsoleInputA

  FlushConsoleInputBuffer

  GetVersionExA

  GlobalMemoryStatus

  VerSetConditionMask

  SetErrorMode

  GetUserDefaultUILanguage

  GetSystemDefaultUILanguage

  GetLocaleInfoW

  TerminateProcess

  CompareStringW

  LockResource

  LoadResource

  SizeofResource

  FindResourceW

  MultiByteToWideChar

  GlobalAlloc

  GlobalFree

  LocalFree

  GetLastError

  GlobalGetAtomNameW

  InterlockedIncrement

  LocalReAlloc

  LocalAlloc

  GlobalHandle

  GlobalReAlloc

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  InitializeCriticalSection

  GlobalFlags

  CompareStringA

  GetCurrentThread

  InterlockedExchange

  VirtualProtect

  ResumeThread

  SuspendThread

  SetThreadPriority

  lstrcmpA

  WritePrivateProfileStringW

  GetPrivateProfileStringW

  GetPrivateProfileIntW

  FileTimeToSystemTime

  FormatMessageW

  GetCurrentProcess

  OutputDebugStringW

  GetFileAttributesW

  FindFirstFileW

  FindNextFileW

  GetProcAddress

  GetOverlappedResult

  GetFileTime

  GetFileSizeEx

  GetFileAttributesExW

  FileTimeToLocalFileTime

  GetThreadLocale

  lstrcmpiW

  DuplicateHandle

  UnlockFile

  SetFilePointer

  SetEndOfFile

  LockFile

  GetVolumeInformationW

  GetFullPathNameW

  GetFileSize

  FlushFileBuffers

  FindClose

  DeleteFileW

  InterlockedDecrement

  GlobalFindAtomW

  GlobalAddAtomW

  LoadLibraryA

  lstrcmpW

  GlobalDeleteAtom

  LoadLibraryExW

  FreeLibrary

  GetCurrentThreadId

  DeleteCriticalSection

  LeaveCriticalSection

  EnterCriticalSection

  DecodePointer

  EncodePointer

  CopyFileW

  MulDiv

  GlobalSize

  GetModuleHandleA

  FreeResource

  GetVersion

  OutputDebugStringA

  lstrlenA

  InitializeCriticalSectionAndSpinCount

  GetTickCount

  GetCurrentProcessId

  GetProcessHeap

  HeapFree

  SetEvent

  HeapAlloc

  GlobalUnlock

  GlobalLock

  GetSystemDirectoryW

  GetModuleFileNameW

  OpenFileMappingW

  UnmapViewOfFile

  MapViewOfFile

  WinExec

  SetLastError

  GetSystemDefaultLangID

  SetThreadLocale

  GetVersionExW

  LoadLibraryW

  WideCharToMultiByte

  QueryPerformanceFrequency

  QueryPerformanceCounter

  GetLocalTime

  Sleep

  CreateFileW

  QueryDosDeviceW

  GetModuleHandleW

  OpenEventW

  CreateEventW

  WaitCommEvent

  SetCommTimeouts

  SetCommState

  SetCommMask

  PurgeComm

  GetCommProperties

  EscapeCommFunction

  SetupComm

  ClearCommError

  CloseHandle

  ReadFile

  WriteFile

  WaitForSingleObject

  GetStringTypeW

  user32

  HideCaret

  InvertRect

  SubtractRect

  CharUpperBuffW

  IsCharLowerW

  MapVirtualKeyExW

  DrawMenuBar

  DefFrameProcW

  DefMDIChildProcW

  TranslateMDISysAccel

  GetComboBoxInfo

  CreateMenu

  DestroyCursor

  GetWindowRgn

  BringWindowToTop

  SetCursorPos

  NotifyWinEvent

  TrackMouseEvent

  SetParent

  InvalidateRgn

  CopyAcceleratorTableW

  CharNextW

  DeleteMenu

  MonitorFromPoint

  UpdateLayeredWindow

  IsMenu

  UnionRect

  EmptyClipboard

  SetClipboardData

  EnumDisplayMonitors

  SetLayeredWindowAttributes

  UnregisterClassW

  SetRect

  IsClipboardFormatAvailable

  LoadCursorW

  RealChildWindowFromPoint

  IntersectRect

  GetMenuItemInfoW

  DestroyMenu

  SystemParametersInfoW

  IsZoomed

  GetSysColorBrush

  SetWindowRgn

  DrawStateW

  DrawFrameControl

  DrawEdge

  SetWindowContextHelpId

  PostQuitMessage

  ShowOwnedPopups

  MapDialogRect

  GetAsyncKeyState

  WaitMessage

  GetIconInfo

  DrawIconEx

  CopyImage

  LoadImageW

  DestroyIcon

  IsRectEmpty

  OffsetRect

  InflateRect

  SetRectEmpty

  DrawFocusRect

  WindowFromPoint

  GetCursorPos

  SetCursor

  ReleaseCapture

  SetCapture

  GetNextDlgGroupItem

  CharUpperW

  FillRect

  ClientToScreen

  EndPaint

  BeginPaint

  GetWindowDC

  TabbedTextOutW

  GrayStringW

  DrawTextExW

  DrawTextW

  MapVirtualKeyW

  GetKeyNameTextW

  IsDialogMessageW

  SetWindowTextW

  IsDlgButtonChecked

  CheckRadioButton

  CheckDlgButton

  GetDlgItemTextW

  GetUpdateRect

  MoveWindow

  ShowWindow

  GetMonitorInfoW

  MonitorFromWindow

  WinHelpW

  GetScrollInfo

  SetScrollInfo

  CallNextHookEx

  UnhookWindowsHookEx

  SetWindowsHookExW

  GetLastActivePopup

  GetClassNameW

  GetClassLongW

  EqualRect

  CopyRect

  MapWindowPoints

  ScreenToClient

  MessageBoxW

  AdjustWindowRectEx

  GetWindowTextLengthW

  RemovePropW

  GetPropW

  SetPropW

  GetScrollRange

  SetScrollRange

  GetScrollPos

  SetScrollPos

  ScrollWindow

  ValidateRect

  SetForegroundWindow

  GetForegroundWindow

  TrackPopupMenu

  SetMenu

  GetMenu

  GetCapture

  SetFocus

  GetDlgCtrlID

  EndDeferWindowPos

  DeferWindowPos

  BeginDeferWindowPos

  SetWindowPlacement

  GetWindowPlacement

  SetWindowPos

  IsChild

  CreateWindowExW

  GetClassInfoExW

  GetClassInfoW

  RegisterClassW

  CallWindowProcW

  DefWindowProcW

  GetMessageTime

  GetMessagePos

  PeekMessageW

  RegisterWindowMessageW

  LoadBitmapW

  SetMenuItemInfoW

  GetMenuCheckMarkDimensions

  SetMenuItemBitmaps

  SendDlgItemMessageA

  InsertMenuW

  GetMenuState

  GetMenuStringW

  SetActiveWindow

  IsWindowEnabled

  GetActiveWindow

  GetNextDlgTabItem

  GetDlgItem

  EndDialog

  CreateDialogIndirectParamW

  DestroyWindow

  GetWindowThreadProcessId

  IsWindow

  RedrawWindow

  GetWindow

  MessageBeep

  GetClipboardData

  CloseClipboard

  OpenClipboard

  DispatchMessageW

  TranslateMessage

  FrameRect

  GetSysColor

  EnumWindows

  GetDesktopWindow

  GetWindowTextW

  DrawIcon

  RemoveMenu

  ModifyMenuW

  AppendMenuW

  GetMenuItemCount

  GetMenuItemID

  GetSubMenu

  EnableMenuItem

  RegisterClipboardFormatW

  EnumChildWindows

  CreateAcceleratorTableW

  GetKeyboardState

  GetKeyboardLayout

  ToUnicodeEx

  PostThreadMessageW

  ReuseDDElParam

  UnpackDDElParam

  InsertMenuItemW

  TranslateAcceleratorW

  LoadAcceleratorsW

  SetClassLongW

  CheckMenuItem

  GetSystemMenu

  DestroyAcceleratorTable

  SetMenuDefaultItem

  GetMenuDefaultItem

  CopyIcon

  GetDoubleClickTime

  LockWindowUpdate

  CreatePopupMenu

  LoadMenuW

  GetSystemMetrics

  IsIconic

  GetKeyState

  SetWindowLongW

  UpdateWindow

  wvsprintfW

  EnableScrollBar

  ShowScrollBar

  KillTimer

  SetTimer

  PostMessageW

  GetMessageW

  GetWindowLongW

  PtInRect

  GetClientRect

  GetFocus

  GetWindowRect

  InvalidateRect

  IsWindowVisible

  LoadIconW

  ReleaseDC

  GetDC

  GetParent

  MessageBoxExW

  EnableWindow

  SendMessageW

  GetUserObjectInformationW

  GetProcessWindowStation

  MessageBoxA

  GetTopWindow

  gdi32

  Escape

  ExcludeClipRect

  GetClipBox

  GetObjectType

  GetPixel

  GetStockObject

  GetViewportExtEx

  GetWindowExtEx

  IntersectClipRect

  LineTo

  PtVisible

  RectVisible

  RestoreDC

  SaveDC

  SelectClipRgn

  ExtSelectClipRgn

  SelectObject

  SelectPalette

  SetBkMode

  SetMapMode

  SetLayout

  GetLayout

  SetPolyFillMode

  SetROP2

  SetTextAlign

  MoveToEx

  TextOutW

  ExtTextOutW

  SetViewportExtEx

  SetViewportOrgEx

  SetWindowExtEx

  SetWindowOrgEx

  OffsetViewportOrgEx

  OffsetWindowOrgEx

  CreateRectRgn

  DeleteDC

  CombineRgn

  CreateEllipticRgn

  Ellipse

  CreatePolygonRgn

  Polygon

  Polyline

  GetMapMode

  SetRectRgn

  DPtoLP

  CreateCompatibleBitmap

  CreateDIBitmap

  EnumFontFamiliesW

  GetTextCharsetInfo

  GetDIBits

  RealizePalette

  SetPixel

  StretchBlt

  CreateDIBSection

  SetDIBColorTable

  Rectangle

  EnumFontFamiliesExW

  GetRgnBox

  CreateRoundRectRgn

  OffsetRgn

  RoundRect

  CreatePalette

  GetPaletteEntries

  GetNearestPaletteIndex

  GetSystemPaletteEntries

  ExtFloodFill

  SetPaletteEntries

  FillRgn

  FrameRgn

  GetBoundsRect

  PtInRegion

  GetViewportOrgEx

  LPtoDP

  GetWindowOrgEx

  SetPixelV

  GetTextFaceW

  ScaleWindowExtEx

  CreateSolidBrush

  CreatePatternBrush

  CreatePen

  CreateHatchBrush

  CreateCompatibleDC

  BitBlt

  PatBlt

  GetObjectW

  SetTextColor

  SetBkColor

  CreateBitmap

  GetDeviceCaps

  CreateDCW

  CopyMetaFileW

  CreateRectRgnIndirect

  GetTextMetricsW

  GetTextColor

  GetBkColor

  CreateFontW

  DeleteObject

  CreateFontIndirectW

  ScaleViewportExtEx

  GetTextExtentPoint32W

  msimg32

  TransparentBlt

  AlphaBlend

  comdlg32

  GetOpenFileNameW

  winspool.drv

  OpenPrinterW

  DocumentPropertiesW

  ClosePrinter

  advapi32

  RegisterEventSourceA

  ReportEventA

  DeregisterEventSource

  RegEnumKeyExW

  RegEnumValueW

  RegQueryValueW

  RegEnumKeyW

  RegSetValueExW

  RegDeleteValueW

  RegDeleteKeyW

  RegCreateKeyExW

  RegQueryValueExW

  RegOpenKeyExW

  RegCloseKey

  shell32

  SHGetMalloc

  SHGetPathFromIDListW

  SHBrowseForFolderW

  ShellExecuteW

  ShellExecuteExW

  SHGetFileInfoW

  SHGetDesktopFolder

  SHGetSpecialFolderLocation

  DragQueryFileW

  DragFinish

  SHAppBarMessage

  comctl32

  ord17

  shlwapi

  PathStripToRootW

  PathFindExtensionW

  PathFindFileNameW

  PathRemoveFileSpecW

  PathIsUNCW

  StrFormatKBSizeW

  uxtheme

  DrawThemeText

  GetWindowTheme

  GetThemeSysColor

  IsThemeBackgroundPartiallyTransparent

  GetThemePartSize

  IsAppThemed

  DrawThemeParentBackground

  GetCurrentThemeName

  GetThemeColor

  DrawThemeBackground

  CloseThemeData

  OpenThemeData

  ole32

  CoRevokeClassObject

  IsAccelerator

  OleTranslateAccelerator

  OleDestroyMenuDescriptor

  CLSIDFromProgID

  CoCreateGuid

  CoTaskMemAlloc

  CoTaskMemFree

  OleDuplicateData

  ReleaseStgMedium

  CoCreateInstance

  CoInitialize

  CoUninitialize

  CoInitializeEx

  CoRegisterMessageFilter

  OleCreateMenuDescriptor

  OleLockRunning

  RevokeDragDrop

  RegisterDragDrop

  CoLockObjectExternal

  OleGetClipboard

  DoDragDrop

  OleIsCurrentClipboard

  OleFlushClipboard

  OleUninitialize

  OleInitialize

  CoFreeUnusedLibraries

  CreateILockBytesOnHGlobal

  StgOpenStorageOnILockBytes

  StgCreateDocfileOnILockBytes

  CoGetClassObject

  CreateStreamOnHGlobal

  CLSIDFromString

  oleaut32

  SafeArrayDestroy

  VarBstrFromDate

  OleCreateFontIndirect

  VariantCopy

  VariantTimeToSystemTime

  SystemTimeToVariantTime

  SysStringLen

  SysAllocString

  VariantChangeType

  VariantClear

  VariantInit

  SysAllocStringLen

  SysFreeString

  wsock32

  WSACleanup

  accept

  getpeername

  recv

  send

  WSASetLastError

  WSAAsyncSelect

  WSAStartup

  oledlg

  OleUIBusyW

  gdiplus

  GdipCreateBitmapFromStream

  GdipGetImagePaletteSize

  GdipGetImagePalette

  GdipGetImagePixelFormat

  GdipCreateBitmapFromScan0

  GdipGetImageWidth

  GdipGetImageGraphicsContext

  GdipDisposeImage

  GdipCloneImage

  GdiplusShutdown

  GdiplusStartup

  GdipFree

  GdipAlloc

  GdipBitmapLockBits

  GdipBitmapUnlockBits

  GdipDeleteGraphics

  GdipDrawImageI

  GdipCreateBitmapFromHBITMAP

  GdipCreateFromHDC

  GdipSetInterpolationMode

  GdipDrawImageRectI

  GdipGetImageHeight

  oleacc

  CreateStdAccessibleObject

  AccessibleObjectFromWindow

  LresultFromObject

  imm32

  ImmGetOpenStatus

  ImmReleaseContext

  ImmGetContext

  winmm

  PlaySoundW

  Sections

  .text

  Size: 2.4MB - Virtual size: 2.4MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 749KB - Virtual size: 749KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 88KB - Virtual size: 2.9MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 159KB - Virtual size: 159KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ