2024-08-25_52afb5505f77da0abaad5034c486125f_floxif_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-08-25_52afb5505f77da0abaad5034c486125f_floxif_icedid
Size

1.0MB
MD5

52afb5505f77da0abaad5034c486125f
SHA1

f06bf0deeaea3d196e863a4517c1219d75d07ee8
SHA256

8d88663809a6cd92f4c66c92553c2a95482cd6ac9f46f213f0c7560533af4570
SHA512

b1390a8b425c2ba47379903017ccd0d8b577dcd75178e972e182d6a869818c86fb20d64234150710cb3381267f52ccea9ec661bcba4b8960a345fe38148835ad
SSDEEP

24576:RPJu36P//hT3Ovpt5Aw+9n4xdrRPZf6s146uhEPrEH76:RBw6X/FepAeFR3ihEP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-25_52afb5505f77da0abaad5034c486125f_floxif_icedid

Files

2024-08-25_52afb5505f77da0abaad5034c486125f_floxif_icedid
.exe windows:4 windows x86 arch:x86

0a0ffc68a3ef36370fb685df12d5a225

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\MoorhuhnJnR3\exe\pc\MHJnR.pdb

Imports

winmm

timeKillEvent
timeSetEvent
timeBeginPeriod
timeGetTime
timeEndPeriod

dinput8

DirectInput8Create

ddraw

DirectDrawCreate

dsound

ord1

kernel32

GetTimeFormatA
GetDateFormatA
IsBadReadPtr
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
TerminateProcess
HeapReAlloc
GetStartupInfoA
GetCommandLineA
HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetHandleCount
GetFileType
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
RtlUnwind
ExitProcess
GetCurrentProcess
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetOEMCP
GetCPInfo
GlobalFlags
lstrcmpA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
InterlockedDecrement
GetModuleFileNameA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetModuleHandleA
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
GetProcAddress
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
lstrcatA
WinExec
lstrcpyA
FindFirstFileA
FindNextFileA
FindClose
SetCurrentDirectoryA
CreateFileA
GetFileTime
CloseHandle
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
MultiByteToWideChar
Sleep
MoveFileA
WideCharToMultiByte
QueryPerformanceCounter
QueryPerformanceFrequency
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetTickCount

user32

ValidateRect
GetSysColorBrush
WindowFromPoint
DestroyMenu
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
IsWindowEnabled
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
ScrollWindow
MessageBoxA
SetScrollRange
SetScrollPos
IsWindowVisible
PostMessageA
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
CallWindowProcA
GetWindowLongA
SetWindowLongA
SystemParametersInfoA
GetWindowPlacement
CopyRect
GetWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetWindowPos
SetActiveWindow
SetForegroundWindow
GetKeyboardState
ToAscii
IntersectRect
KillTimer
SetTimer
ScreenToClient
LoadImageA
CopyIcon
MessageBeep
ReleaseCapture
GetParent
SetCapture
ReleaseDC
GetDC
InflateRect
PtInRect
GetSysColor
LoadAcceleratorsA
PeekMessageA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
GetCursorPos
ClientToScreen
SetCursorPos
LoadIconA
RegisterClassExA
BeginPaint
EndPaint
PostQuitMessage
ShowCursor
LoadCursorA
SetCursor
DefWindowProcA
InvalidateRect
GetSystemMetrics
LoadMenuA
CreateWindowExA
TrackPopupMenu
ShowWindow
UpdateWindow
AppendMenuA
CreatePopupMenu
GetAsyncKeyState
GetKeyState
MapWindowPoints
GetClientRect
GetWindowRect
EnableWindow
IsWindow
SetFocus
GetDesktopWindow
IsIconic
SendMessageA
GetMenu

gdi32

SetWindowExtEx
SetMapMode
RestoreDC
SaveDC
DPtoLP
CreateBitmap
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
RectVisible
PtVisible
SetBkMode
ScaleWindowExtEx
DeleteObject
MoveToEx
LineTo
CreateRectRgn
CreateSolidBrush
FillRgn
ExtTextOutA
SetBkColor
SetTextColor
GetClipBox
CreateICA
GetDeviceCaps
DeleteDC
GetTextExtentPoint32A
GetObjectA
CreateFontIndirectA
GetStockObject
SelectObject
CreatePen
TextOutA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
ChooseColorA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegQueryValueA

shell32

ShellExecuteA

comctl32

ImageList_EndDrag
ImageList_DragMove
ImageList_SetOverlayImage
ImageList_AddMasked
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_DragLeave
ord17
ImageList_Destroy
ImageList_Create
ImageList_BeginDrag

ole32

CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

VariantInit
VariantChangeType
VariantClear

Sections

.text
Size: 768KB - Virtual size: 764KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a0ffc68a3ef36370fb685df12d5a225

Headers

File Characteristics

PDB Paths

Imports

winmm

dinput8

ddraw

dsound

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

Sections

.text Size: 768KB - Virtual size: 764KB

.rdata Size: 148KB - Virtual size: 144KB

.data Size: 44KB - Virtual size: 180KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 768KB - Virtual size: 764KB

.rdata
Size: 148KB - Virtual size: 144KB

.data
Size: 44KB - Virtual size: 180KB

.rsrc
Size: 28KB - Virtual size: 28KB