2024-12-24_35e233a289c290ee5ee457d64efe7cec_floxif_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-12-24_35e233a289c290ee5ee457d64efe7cec_floxif_icedid
Size

1.1MB
MD5

35e233a289c290ee5ee457d64efe7cec
SHA1

0efca0f40931f848f02ef77b69b9b1425ec38548
SHA256

f8a0151f1ad3586afe8977411d13e99e10c29f2582292a9a6391e55a2974162a
SHA512

af1ccb92c594dbe95e40d89529d396367cc681d47df7bbd34888701e322aa76fb14c223cde11be69b22ffb581bd752cc39abdfe5ee5f8444ba4eb6efb38544c3
SSDEEP

24576:ocuN8UML/cD26ZmU4YTtv+uWsHDCrEH7y:Vui/2pZQYTw1sQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-12-24_35e233a289c290ee5ee457d64efe7cec_floxif_icedid

Files

2024-12-24_35e233a289c290ee5ee457d64efe7cec_floxif_icedid
.exe windows:5 windows x86 arch:x86

2008eb42823ad2cb08adb29e48505bca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Work\Win\pacon\Win32\Release\paConsole.pdb

Imports

comctl32

_TrackMouseEvent
ord8
ord17

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

rpcrt4

RpcStringFreeW
UuidCreate
UuidToStringW

ws2_32

bind
gethostbyname
gethostname
inet_addr
closesocket
WSACloseEvent
WSACleanup
WSAAccept
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
WSAEventSelect
WSACreateEvent
listen
WSAGetLastError
WSASocketW
WSAStartup
WSARecv
WSASend
htons

gdiplus

GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromScan0
GdipSaveImageToFile
GdipFree
GdipAlloc
GdipCreateFromHDC
GdipSetPageUnit
GdipDrawImageRectI
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipDisposeImage
GdipCloneImage
GdipDeleteGraphics
GdiplusShutdown
GdiplusStartup
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipGetImageGraphicsContext
GdipGetImagePixelFormat
GdipDrawImageI

kernel32

GlobalFindAtomW
GlobalAddAtomW
SetThreadPriority
ResumeThread
SuspendThread
GetModuleHandleA
VirtualProtect
GetCurrentProcessId
InterlockedExchange
CompareStringA
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
GetTickCount
GetThreadLocale
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetVolumeInformationW
GetFullPathNameW
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
FindResourceExW
WritePrivateProfileStringW
GetFileAttributesW
GetFileSizeEx
GetFileTime
SetErrorMode
GetStartupInfoW
RtlUnwind
GetSystemTimeAsFileTime
RaiseException
HeapFree
HeapAlloc
GlobalDeleteAtom
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
HeapReAlloc
ExitProcess
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
SetStdHandle
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
LCMapStringW
GetConsoleCP
GetConsoleMode
GetProcessHeap
LCMapStringA
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
CreateEventW
CloseHandle
SetEvent
ResetEvent
WaitForSingleObject
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
FreeResource
lstrlenA
lstrcmpA
ReleaseMutex
GlobalFree
GlobalAlloc
GlobalLock
RemoveDirectoryW
FindClose
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
GetTempPathW
GetTempFileNameW
GetCurrentThreadId
TerminateThread
Sleep
DeleteCriticalSection
InitializeCriticalSection
OutputDebugStringW
OutputDebugStringA
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
GetVersionExW
LoadLibraryW
SetLastError
lstrlenW
GetLocaleInfoW
GetModuleHandleW
GetProcAddress
GetCurrentProcess
FindNextFileW
CreateThread
CreateDirectoryW
WideCharToMultiByte
CreateFileW
GetFileSize
WriteFile
ReadFile
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
WaitForMultipleObjects
CreateMutexW
GetLastError
GetModuleFileNameW
MoveFileW
FindResourceW
SizeofResource
LoadResource
LockResource
FindFirstFileW
DeleteFileW
GetFileType

user32

SetDlgItemTextW
IsDlgButtonChecked
IsDialogMessageW
SetWindowTextW
MoveWindow
ShowWindow
ValidateRect
TranslateMessage
GetMessageW
TabbedTextOutW
DrawTextW
GrayStringW
GetWindowDC
BeginPaint
EndPaint
GetAsyncKeyState
MapDialogRect
GetWindowThreadProcessId
PostQuitMessage
SetWindowContextHelpId
RegisterClipboardFormatW
KillTimer
SetTimer
CharUpperW
GetSysColorBrush
UnregisterClassW
ReleaseCapture
CharNextW
CopyAcceleratorTableW
IsRectEmpty
InvalidateRgn
SetCapture
GetNextDlgGroupItem
MessageBeep
PostThreadMessageW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetTopWindow
GetMessageTime
PeekMessageW
TrackPopupMenu
GetKeyState
SetMenu
IsWindowVisible
UpdateWindow
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
SetRectEmpty
IsZoomed
UnhookWindowsHookEx
GetMessagePos
MapWindowPoints
WindowFromPoint
ClientToScreen
CreatePopupMenu
DrawFrameControl
DrawEdge
FrameRect
FillRect
OffsetRect
PtInRect
DrawFocusRect
IsWindow
LoadImageW
wsprintfW
IsMenu
GetMenuItemID
GetMenuStringW
GetMenuState
ModifyMenuW
SetRect
CopyRect
LoadBitmapW
GetParent
ReleaseDC
GetDC
RegisterWindowMessageW
EnableWindow
SetForegroundWindow
GetFocus
InvalidateRect
GetClientRect
GetWindowRect
IsIconic
PostMessageW
SendMessageW
RemoveMenu
GetMenuItemCount
SetMenuDefaultItem
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SendDlgItemMessageW
SendDlgItemMessageA
EnableMenuItem
CheckMenuItem
AppendMenuW
DeleteMenu
DrawIcon
LoadCursorW
SetCursor
GetCursorPos
DrawTextExW
InflateRect
GetSystemMetrics
GetSysColor
LoadIconW
LoadMenuW
GetSubMenu
DestroyMenu
DestroyIcon
GetDesktopWindow
WinHelpW
RegisterClassW
IsChild
CopyImage

gdi32

SetTextColor
SetBkMode
CreateSolidBrush
CreateFontIndirectW
GetTextExtentPoint32W
DeleteObject
LineTo
MoveToEx
GetTextExtentPointW
CreatePen
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
GetObjectW
GetCurrentObject
GetStockObject
PatBlt
CreateRectRgnIndirect
GetTextMetricsW
GetClipBox
CreateBitmap
ExtTextOutW
SaveDC
RestoreDC
SetMapMode
ExcludeClipRect
IntersectClipRect
GetTextExtentExPointW
SetBkColor
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
GetMapMode
GetBkColor
EnumFontFamiliesExW
GetTextColor
GetRgnBox
SelectObject
StartPage
GetEnhMetaFileW
EnumEnhMetaFile
EndPage
PlayEnhMetaFileRecord
SetEnhMetaFileBits
PlayEnhMetaFile
DeleteEnhMetaFile
GetDeviceCaps
EndDoc
DeleteDC
CreateDCW
StartDocW

msimg32

TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DeviceCapabilitiesW
EnumPrintersW
GetPrinterW
DocumentPropertiesW

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegCloseKey

shell32

SHGetFolderPathW
ShellExecuteExW
Shell_NotifyIconW
ShellExecuteW

shlwapi

PathFileExistsW
StrToIntW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoGetClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CoInitializeEx
StgOpenStorageOnILockBytes

oleaut32

SysAllocString
OleCreateFontIndirect
SysFreeString
SysStringLen
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime

wsock32

WSASetLastError

wininet

InternetQueryOptionW
HttpOpenRequestW
InternetConnectW
HttpSendRequestW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
HttpQueryInfoW
InternetQueryDataAvailable

Sections

.text
Size: 606KB - Virtual size: 605KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 244KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 221KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2008eb42823ad2cb08adb29e48505bca

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

version

rpcrt4

ws2_32

gdiplus

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

wsock32

wininet

Sections

.text Size: 606KB - Virtual size: 605KB

.rdata Size: 244KB - Virtual size: 243KB

.data Size: 27KB - Virtual size: 43KB

.rsrc Size: 221KB - Virtual size: 221KB

.text
Size: 606KB - Virtual size: 605KB

.rdata
Size: 244KB - Virtual size: 243KB

.data
Size: 27KB - Virtual size: 43KB

.rsrc
Size: 221KB - Virtual size: 221KB