2024-07-10_c9b893015f4b20bd7363fc8d63fe533d_floxif_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-07-10_c9b893015f4b20bd7363fc8d63fe533d_floxif_icedid
Size

2.7MB
MD5

c9b893015f4b20bd7363fc8d63fe533d
SHA1

0b17bdc3a417543bfd8faa9e491099d185ac8f74
SHA256

c515279f16ddf4378487471479dc233deb94a1d9e1aa3a102e73b26bccae49ee
SHA512

0d77c0b4eda62b2d9e82d2d45c334da216f59c507c42baa4510e82f3ac93f2435e26115e51a2f3a95ae0bd442335222bd893f9c37325609ab118d170320a0951
SSDEEP

49152:0FRU94Pym0YBHfEO4w/nsIyzZJpC4c4+sUZPt5:US4PyMMpw/nFyzPpCZ4+sUxP

Score

1^/10

Malware Config

Signatures

Files

2024-07-10_c9b893015f4b20bd7363fc8d63fe533d_floxif_icedid
.exe windows:5 windows x86 arch:x86

df15d138298a7658eef1ae8b73d31267

Code Sign

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-1 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

25:e6:c8:0a:d2:3d:70:08:a8:f6:ea:e4:39:c1:98:99
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12-03-2017 00:00

Not After

12-03-2019 23:59

Subject

CN=Esumsoft,O=Esumsoft,POSTALCODE=80537,STREET=418 Adams Ave,L=Loveland,ST=CO,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2c:57:70:4f:91:39:96:6c:fc:6d:bf:7b:c7:73:ce:21:03:3e:bc:b0
Signer

Actual PE Digest

2c:57:70:4f:91:39:96:6c:fc:6d:bf:7b:c7:73:ce:21:03:3e:bc:b0

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA
mmioOpenA
mmioDescend
mmioRead
mmioAscend
mmioClose
mciSendStringA

kernel32

TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
SetErrorMode
WritePrivateProfileStringA
FindResourceExA
LoadLibraryW
GetSystemDirectoryW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
GetCommandLineA
GetStartupInfoA
HeapReAlloc
RtlUnwind
RaiseException
VirtualAlloc
VirtualQuery
ExitThread
CreateThread
SetStdHandle
GetFileType
HeapSize
GetACP
IsValidCodePage
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetStdHandle
GetConsoleCP
GetConsoleMode
SetHandleCount
InitializeCriticalSectionAndSpinCount
HeapCreate
VirtualFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetDriveTypeA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
GetProcessHeap
TlsAlloc
GlobalHandle
WaitForMultipleObjects
FreeLibrary
GetVersionExA
ExpandEnvironmentStringsA
MulDiv
GetCurrentThreadId
ResumeThread
GetExitCodeThread
GetLocaleInfoA
CreateDirectoryA
FindFirstFileA
FindClose
GlobalAlloc
OutputDebugStringA
GetSystemTimeAsFileTime
ExitProcess
GetCurrentProcessId
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateMutexA
CloseHandle
WaitForSingleObject
ReleaseMutex
GetTempFileNameA
GetTempPathA
CreateEventA
SetEvent
GetVersion
GetDateFormatA
GetTimeFormatA
SystemTimeToFileTime
QueryPerformanceCounter
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceA
FormatMessageA
LocalFree
Sleep
GlobalFree
GetModuleFileNameA
GetTickCount
CopyFileA
GetLastError
DeleteFileA
IsBadWritePtr
InterlockedIncrement
InterlockedDecrement
RemoveDirectoryA
GetModuleHandleA
lstrcpynA
QueryPerformanceFrequency
GlobalLock
GlobalUnlock
GetCurrentThread
GetFileAttributesA
MultiByteToWideChar
SetLastError
LoadLibraryA
GlobalReAlloc
TlsGetValue
GetModuleHandleW
GetFileSizeEx
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
GetFileAttributesExA
LocalAlloc
VirtualProtect
ConvertDefaultLocale
EnumResourceLanguagesA
LoadLibraryExA
InterlockedExchange
lstrcmpA
GetModuleFileNameW
SuspendThread
SetThreadPriority
GetFullPathNameA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
GetProcAddress
FileTimeToLocalFileTime
FindNextFileA
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
lstrlenA
GetDiskFreeSpaceA
GetVolumeInformationA
DeviceIoControl
GetExitCodeProcess
FileTimeToSystemTime
GetTimeZoneInformation
ResetEvent
GetFileTime
CreateFileA
GetCurrentProcess
GetSystemInfo
GetNumberFormatA
GetCurrentDirectoryA
CreateProcessA
TerminateThread

user32

CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
RegisterClipboardFormatA
GetMessageA
TranslateMessage
ValidateRect
CharUpperA
CreateDialogIndirectParamA
IsWindowEnabled
EndDialog
SendDlgItemMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetLastActivePopup
SetActiveWindow
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
SetMenu
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
SetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
GetWindowLongA
IntersectRect
GetWindowPlacement
GetMenuStringA
DrawStateA
ShowWindow
GetSysColorBrush
CopyImage
BringWindowToTop
keybd_event
SetWindowTextA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
PostThreadMessageA
UnregisterHotKey
RegisterHotKey
WindowFromPoint
DispatchMessageA
PeekMessageA
DrawMenuBar
IsZoomed
GetDoubleClickTime
GetForegroundWindow
DrawIcon
IsIconic
PostQuitMessage
AllowSetForegroundWindow
GetWindowThreadProcessId
FindWindowA
GetActiveWindow
GetClassInfoA
EnumDisplaySettingsA
CopyIcon
GetMessagePos
GetDlgItem
EnumChildWindows
GetKeyNameTextA
MapVirtualKeyA
EnableMenuItem
GetMenuState
GetIconInfo
CreateIconIndirect
DrawTextA
FillRect
RegisterWindowMessageA
ModifyMenuA
CreateMenu
LoadBitmapA
LoadIconA
SetMenuDefaultItem
IsWindow
SetFocus
FindWindowExA
IsChild
IsDialogMessageA
DrawEdge
SetForegroundWindow
RemoveMenu
InflateRect
UpdateWindow
GetNextDlgTabItem
GetFocus
GetKeyState
GetDesktopWindow
OffsetRect
GetSubMenu
LoadMenuA
InsertMenuA
IsWindowVisible
GetWindow
SetWindowPos
GetDlgCtrlID
HideCaret
SetCursor
LoadCursorA
ReleaseDC
GetDC
MessageBeep
UnregisterClassA
SetWindowContextHelpId
CharNextA
SetRect
DestroyMenu
EndPaint
BeginPaint
GetWindowDC
GrayStringA
ScreenToClient
GetCursorPos
LoadImageA
ChildWindowFromPointEx
DrawTextExA
TabbedTextOutA
MapDialogRect
MoveWindow
DrawFocusRect
ChildWindowFromPoint
ReleaseCapture
SetCapture
GetSystemMetrics
GetMenuItemID
CheckMenuItem
DeleteMenu
AppendMenuA
ClientToScreen
PtInRect
IsRectEmpty
DrawFrameControl
CopyRect
CreatePopupMenu
SetRectEmpty
GetMenuItemCount
SystemParametersInfoA
GetClientRect
GetWindowRect
RedrawWindow
TranslateAcceleratorA
GetParent
DestroyAcceleratorTable
CreateAcceleratorTableA
EnableWindow
InvalidateRect
DestroyIcon
GetAsyncKeyState
PostMessageA
KillTimer
SetTimer
MessageBoxA
GetSysColor
SendMessageA
SetWindowLongA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions

gdi32

DeleteObject
GetObjectA
CreateFontIndirectA
SelectObject
SetBkMode
SetPixel
GetStockObject
CreateSolidBrush
CreatePen
Rectangle
Polygon
GetTextExtentPoint32A
GetDeviceCaps
CreateCompatibleDC
StretchBlt
CreateCompatibleBitmap
DeleteDC
CreateFontA
EnumFontFamiliesExA
GetTextMetricsA
GetTextCharset
CreateBitmap
RoundRect
SetTextColor
GetDIBits
GetBitmapBits
SetBitmapBits
GetTextColor
GetPixel
GetClipBox
SetBkColor
CreateRectRgnIndirect
SaveDC
RestoreDC
SetStretchBltMode
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
GetCharWidthA
StretchDIBits
GetBkColor
GetMapMode
DPtoLP
GetRgnBox

comdlg32

GetFileTitleA
FindTextA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

MapGenericMask
RegCreateKeyExA
RegDeleteKeyA
RegCloseKey
RegDeleteValueA
RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegQueryValueA
RegOpenKeyA
AccessCheck
RegEnumValueA
OpenThreadToken
ImpersonateSelf
GetFileSecurityA
RegOpenKeyExA

shell32

SHGetFolderPathA
SHFileOperationA
ExtractIconExA
SHChangeNotify
DragQueryFileA
Shell_NotifyIconA
SHGetSpecialFolderLocation
ShellExecuteA
SHBrowseForFolderA
ShellExecuteExA
SHGetMalloc
SHGetPathFromIDListA

comctl32

ord8
_TrackMouseEvent
ord17

shlwapi

PathIsUNCA
PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW
PathStripToRootA
UrlUnescapeA

oledlg

ord8

ole32

StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
CoInitializeEx
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
StgCreateDocfile
CoUninitialize
CoInitialize
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CreateILockBytesOnHGlobal

oleaut32

LoadTypeLi
SafeArrayDestroy
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocString
VariantCopy
VariantChangeType
VariantClear
SysAllocStringByteLen
SysStringLen
VariantInit
SysAllocStringLen
SysFreeString

wsock32

WSACleanup
WSAStartup
WSAGetLastError
gethostbyname
WSASetLastError
shutdown
select
htons
setsockopt
recv
send
closesocket
connect
socket

crypt32

CertFreeCertificateContext
CertEnumCertificatesInStore
CertOpenSystemStoreA
CertCloseStore

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

wintrust

WinVerifyTrust

iphlpapi

GetAdaptersInfo

wininet

InternetAutodialHangup
InternetGetConnectedState
InternetSetOptionA
InternetCloseHandle
InternetDial
InternetQueryOptionA
InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpQueryInfoA
InternetGetLastResponseInfoA
HttpSendRequestA
InternetReadFile
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetAutodial

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 409KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 587KB - Virtual size: 587KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df15d138298a7658eef1ae8b73d31267

Code Sign

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0bCertificate

Extended Key Usages

Key Usages

25:e6:c8:0a:d2:3d:70:08:a8:f6:ea:e4:39:c1:98:99Certificate

Extended Key Usages

Key Usages

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

2c:57:70:4f:91:39:96:6c:fc:6d:bf:7b:c7:73:ce:21:03:3e:bc:b0Signer

Headers

DLL Characteristics

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wsock32

crypt32

version

wintrust

iphlpapi

wininet

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 409KB - Virtual size: 408KB

.data Size: 24KB - Virtual size: 50KB

.rsrc Size: 587KB - Virtual size: 587KB

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

25:e6:c8:0a:d2:3d:70:08:a8:f6:ea:e4:39:c1:98:99
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

2c:57:70:4f:91:39:96:6c:fc:6d:bf:7b:c7:73:ce:21:03:3e:bc:b0
Signer

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 409KB - Virtual size: 408KB

.data
Size: 24KB - Virtual size: 50KB

.rsrc
Size: 587KB - Virtual size: 587KB