2025-01-25_e425f5f9194656a6cc1e20bfa4976ae9_floxif_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2025-01-25_e425f5f9194656a6cc1e20bfa4976ae9_floxif_icedid
Size

662KB
MD5

e425f5f9194656a6cc1e20bfa4976ae9
SHA1

3940898ac9c5bea99590b1b6e28258a7943c92d8
SHA256

016ed2d11813c1afcb5e1df70eb06b179e7493fc19a520133ca7e267031db187
SHA512

e88fa94d0492a307578db53387fd32e86f5a813e09de3e272adec4603d7ab0fac2991bdfb3abe0d8d5f1b8cc012a85a8b875caac4b14bd4ace8922b8eacc5cc2
SSDEEP

12288:52jW6lBPryeITKzvEwUqm/VkRPwDaBjvrEH7XYVa:QjFBP0TKYfqEkBwQrEH7XYVa

Score

1^/10

Malware Config

Signatures

Files

2025-01-25_e425f5f9194656a6cc1e20bfa4976ae9_floxif_icedid
.exe windows:4 windows x86 arch:x86

bba6b6f25862440f04aa229c886c5e4c

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

41:03:3e:f6:19:8f:3c:99:5a:5c:4f:36:9f:30:5e:d0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17-10-2012 00:00

Not After

03-06-2015 23:59

Subject

CN=HANCOM. INC\,,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=HANCOM. INC\,,L=Seongnam-si,ST=Gyeonggi-do,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

60:1c:39:ca:48:fd:59:c4:bc:b4:09:d2:84:59:87:56:ea:f0:06:44
Signer

Actual PE Digest

60:1c:39:ca:48:fd:59:c4:bc:b4:09:d2:84:59:87:56:ea:f0:06:44

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Pdf\Release\TestPDF.pdb

Imports

user32

CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SetParent
GetSystemMenu
AppendMenuA
DeleteMenu
IsRectEmpty
IsZoomed
LoadMenuA
DestroyMenu
GetActiveWindow
UnpackDDElParam
ReuseDDElParam
ReleaseCapture
LoadAcceleratorsA
InvalidateRect
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
ShowOwnedPopups
GetDesktopWindow
TranslateAcceleratorA
ValidateRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatA
InflateRect
GetMenuItemInfoA
GetSysColorBrush
SetRect
SetTimer
KillTimer
WindowFromPoint
GetDCEx
LockWindowUpdate
SetCapture
CharNextA
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
PostThreadMessageA
GetCursorPos
PostQuitMessage
GetMessageA
TranslateMessage
SetMenu
CharUpperA
SetCursor
wsprintfA
MessageBoxA
EnableWindow
LoadCursorA
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
GetWindow
PtInRect
CopyRect
GetSystemMetrics
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
SetWindowLongA
GetWindowLongA
CallWindowProcA
DefWindowProcA
SendMessageA
GetDlgCtrlID
UnregisterClassA
RegisterClassA
GetClassInfoA
DeferWindowPos
EqualRect
ScreenToClient
GetParent
AdjustWindowRectEx
GetSysColor
GetMenuItemCount
GetMenuItemID
GetSubMenu
PostMessageA
GetMenu
GetClientRect
UpdateWindow
IsWindowVisible
SetForegroundWindow
GetKeyState
TrackPopupMenu
MapWindowPoints
PeekMessageA
LoadIconA
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
DestroyWindow
GetTopWindow
GetDlgItem
EndDeferWindowPos
BeginDeferWindowPos
DispatchMessageA
SetActiveWindow
GetLastActivePopup
GetForegroundWindow
GetWindowTextA
GetWindowTextLengthA
IsChild
SetFocus
IsWindow
GetFocus
SendDlgItemMessageA
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassInfoExA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetCapture
WinHelpA
RegisterWindowMessageA
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
IsWindowEnabled
LoadBitmapA
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
FillRect
TabbedTextOutA

psapi

GetModuleFileNameExA
EnumProcesses
EnumProcessModules
GetModuleBaseNameA

kernel32

GetFileAttributesA
GetFileTime
ExitProcess
RtlUnwind
HeapFree
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
TerminateProcess
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetUnhandledExceptionFilter
GetStringTypeW
GetTimeZoneInformation
SetStdHandle
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
FileTimeToLocalFileTime
SetErrorMode
FileTimeToSystemTime
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
InterlockedDecrement
TlsFree
LocalReAlloc
GetSystemTime
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
GetTickCount
WritePrivateProfileStringA
GlobalFree
SizeofResource
GetCurrentThread
GlobalAlloc
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GlobalLock
GlobalUnlock
MulDiv
SetLastError
FindResourceA
LoadResource
LockResource
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
lstrcpynA
GetModuleHandleA
CompareStringW
CompareStringA
OpenProcess
CloseHandle
lstrlenA
lstrcmpiA
GetVersion
WideCharToMultiByte
MultiByteToWideChar
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetTempPathA
LocalFree
FormatMessageA
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
GetSystemDefaultLCID
GetVersionExA
GetModuleFileNameA
Sleep
GetLastError
CopyFileA
lstrcatA
lstrcmpA
LocalAlloc
GetCurrentDirectoryA
GetStringTypeA

gdi32

GetRgnBox
GetTextColor
GetBkColor
PatBlt
GetMapMode
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateFontIndirectA
GetTextExtentPoint32A
GetTextMetricsA
CreateFontA
GetCharWidthA
StretchDIBits
CreateCompatibleBitmap
CreateSolidBrush
GetDeviceCaps
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
IntersectClipRect
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetViewportExtEx

comdlg32

GetFileTitleA

winspool.drv

AddMonitorA
EnumMonitorsA
ClosePrinter
SetPrinterA
GetPrinterA
OpenPrinterA
AddPrinterDriverExA
GetPrinterDriverDirectoryA
XcvDataW
DeleteMonitorA
DeletePrinterDriverExA
DeletePrinter
AddPrinterA
DocumentPropertiesA

advapi32

RegDeleteKeyA
StartServiceA
ControlService
CloseServiceHandle
OpenServiceA
OpenSCManagerA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegQueryValueExA
RegOpenKeyA
RegDeleteValueA
QueryServiceStatus

shell32

DragFinish
DragQueryFileA

comctl32

ImageList_Destroy
ord17
ImageList_Draw
ImageList_GetImageInfo

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA

oledlg

ord8

ole32

OleUninitialize
CoTaskMemFree
CoFreeUnusedLibraries
OleInitialize
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemAlloc
CLSIDFromProgID
CoGetClassObject
CLSIDFromString

oleaut32

SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
VariantCopy
OleCreateFontIndirect

Sections

.text
Size: 204KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 304KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bba6b6f25862440f04aa229c886c5e4c

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

41:03:3e:f6:19:8f:3c:99:5a:5c:4f:36:9f:30:5e:d0Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

60:1c:39:ca:48:fd:59:c4:bc:b4:09:d2:84:59:87:56:ea:f0:06:44Signer

Headers

File Characteristics

PDB Paths

Imports

user32

psapi

kernel32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 204KB - Virtual size: 202KB

.rdata Size: 56KB - Virtual size: 53KB

.data Size: 12KB - Virtual size: 22KB

.rsrc Size: 304KB - Virtual size: 301KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

41:03:3e:f6:19:8f:3c:99:5a:5c:4f:36:9f:30:5e:d0
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

60:1c:39:ca:48:fd:59:c4:bc:b4:09:d2:84:59:87:56:ea:f0:06:44
Signer

.text
Size: 204KB - Virtual size: 202KB

.rdata
Size: 56KB - Virtual size: 53KB

.data
Size: 12KB - Virtual size: 22KB

.rsrc
Size: 304KB - Virtual size: 301KB