2025-04-04_d01e4a73abf2cfcef61d89354364b583_floxif_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2025-04-04_d01e4a73abf2cfcef61d89354364b583_floxif_icedid
Size

3.4MB
MD5

d01e4a73abf2cfcef61d89354364b583
SHA1

a3972e8587c6530a0321cab43163d1c5b05a355f
SHA256

07a492282ec5124856a49d4df4b82b2d716cee380c6f9eb4f6868d7c029170a8
SHA512

fde2a0ff2149c46710810699efbc642c8791cbd06799c81720ffd48f9f4fb9d6997fb17e56b463651a33d220afe47364ab84cf5559b401f7f6d8c0f6142870a8
SSDEEP

98304:f7HVWjyibTlunApytQrz2qvJJP7lD8Ou7:fDsj0wjO

Score

1^/10

Malware Config

Signatures

Files

2025-04-04_d01e4a73abf2cfcef61d89354364b583_floxif_icedid
.exe windows:4 windows x86 arch:x86

462150e99381e299a9a79669afd7ac5e

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

46:60:fc:32:bd:52:1d:77:f2:11:c1:33:6a:a9:8b:9e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/06/2010, 00:00

Not After

01/06/2013, 23:59

Subject

CN=Tonec Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Secure Application Development,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

closesocket
socket
send
recv
inet_ntoa
select
getsockopt
ntohl
listen
bind
htonl
accept
getsockname
ntohs
WSASetLastError
WSAStartup
WSACleanup
connect
gethostbyname
__WSAFDIsSet
htons
WSAGetLastError
ioctlsocket

kernel32

GetCPInfo
GetOEMCP
GetFileTime
SetErrorMode
WritePrivateProfileStringA
FindResourceExA
RtlUnwind
GetTimeZoneInformation
GetLocalTime
GetSystemTimeAsFileTime
RaiseException
HeapReAlloc
RemoveDirectoryW
SetEnvironmentVariableW
GetCurrentDirectoryW
SetCurrentDirectoryW
RemoveDirectoryA
SetEnvironmentVariableA
SetCurrentDirectoryA
GetFileInformationByHandle
PeekNamedPipe
GetFileType
GetStartupInfoA
GetCommandLineA
ExitThread
GetACP
HeapSize
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
GetProcessVersion
SetUnhandledExceptionFilter
SetStdHandle
SetHandleCount
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
GetProfileStringA
MulDiv
MultiByteToWideChar
LocalFree
FormatMessageA
GetLastError
GetFileAttributesW
WideCharToMultiByte
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
SizeofResource
GlobalFlags
VirtualProtect
lstrlenW
FileTimeToLocalFileTime
GetCurrentThread
GetTickCount
GetProfileIntA
GetThreadLocale
GetFullPathNameA
FindFirstFileA
UnlockFile
LockFile
DuplicateHandle
lstrcmpA
SuspendThread
SetThreadPriority
ResumeThread
InterlockedDecrement
InterlockedIncrement
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
LockResource
FindResourceA
LoadResource
CreateProcessA
FileTimeToSystemTime
FlushFileBuffers
GetDiskFreeSpaceW
GetDiskFreeSpaceA
GetComputerNameA
GetCurrentDirectoryA
CreateThread
SleepEx
GetVolumeInformationA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
lstrcpynA
ReadFile
CreateDirectoryA
CopyFileW
MoveFileA
LocalAlloc
SetLastError
LoadLibraryW
CreateDirectoryW
GetCurrentThreadId
TerminateProcess
GetCurrentProcessId
GlobalUnlock
GlobalLock
GlobalSize
Sleep
FreeLibrary
GetProcAddress
LoadLibraryA
CopyFileA
GetFileAttributesA
GetUserDefaultLangID
SetEvent
lstrlenA
SetFileAttributesA
DeleteFileA
GetWindowsDirectoryW
lstrcmpiA
GetLocaleInfoA
GetVersion
FindFirstFileW
FindNextFileW
FindClose
MoveFileW
GetSystemTime
GetModuleFileNameA
SystemTimeToFileTime
SetFileTime
MoveFileExW
GlobalAlloc
GlobalFree
GetModuleHandleA
CreateFileW
WriteFile
GetProcessHeap
HeapFree
HeapAlloc
OpenProcess
GetWindowsDirectoryA
lstrcatA
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
SetFilePointer
SetEndOfFile
GetSystemDirectoryW
DeleteFileW
GetVersionExA
GetExitCodeProcess
CreateFileA
GetCurrentProcess
ExitProcess
CreateProcessW
GetModuleFileNameW
CreateEventA
WaitForMultipleObjects
ResetEvent
CreateMutexA
OpenMutexA
WaitForSingleObject
ReleaseMutex
CloseHandle
GetSystemDirectoryA
LCMapStringW

user32

CopyAcceleratorTableA
GetNextDlgGroupItem
GetDCEx
LockWindowUpdate
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
IsDialogMessageA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
SendDlgItemMessageA
MapWindowPoints
GetFocus
AdjustWindowRectEx
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
IsChild
WinHelpA
GetClassInfoA
GetKeyState
SetWindowsHookExA
CallNextHookEx
GetClassLongA
UnhookWindowsHookEx
CallWindowProcA
GetMessageTime
GetLastActivePopup
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
GetParent
IsWindowEnabled
GetActiveWindow
DrawTextW
DrawFrameControl
SetRect
SystemParametersInfoW
DrawStateA
ModifyMenuW
DeleteMenu
AppendMenuW
DrawIconEx
IntersectRect
GetSysColorBrush
FillRect
CharNextA
PeekMessageA
UnionRect
ClientToScreen
WindowFromPoint
SetDlgItemTextA
GetClassNameA
GetWindowTextLengthW
GetWindowTextLengthA
CopyIcon
SetFocus
PostQuitMessage
GetMessageA
TranslateMessage
DispatchMessageA
DestroyIcon
SetCursorPos
CreateDialogParamW
CreateDialogParamA
SetPropA
GetPropA
RemovePropA
DefWindowProcW
DefWindowProcA
CreateWindowExA
SetWindowLongA
RegisterClassA
DefDlgProcA
DestroyWindow
GetWindowLongA
GetWindowDC
BeginPaint
EndPaint
SetDlgItemTextW
RegisterWindowMessageA
RegisterClipboardFormatA
RemoveMenu
DrawFocusRect
GetMessagePos
ScreenToClient
LoadCursorA
SetCursor
EqualRect
GetCapture
ReleaseCapture
SetCapture
CreatePopupMenu
ModifyMenuA
TrackPopupMenu
IsIconic
GetSystemMetrics
DrawIcon
OffsetRect
EnableMenuItem
SetClipboardViewer
CheckMenuItem
LoadImageW
LoadImageA
DestroyMenu
ChangeClipboardChain
GetMenu
EnumWindows
SetForegroundWindow
IsWindowVisible
wsprintfW
ShowWindow
SendMessageW
LoadBitmapA
IsWindow
GetMenuItemCount
GetMenuItemID
GetSubMenu
AppendMenuA
CheckMenuRadioItem
FindWindowA
GetCursorPos
PtInRect
PostThreadMessageA
GetAsyncKeyState
SetRectEmpty
MapDialogRect
SetWindowContextHelpId
IsRectEmpty
InflateRect
CharUpperA
IsClipboardFormatAvailable
ValidateRect
GrayStringA
DrawTextA
TabbedTextOutA
FrameRect
InvalidateRect
GetClientRect
ReleaseDC
CopyRect
MsgWaitForMultipleObjects
MoveWindow
SetParent
KillTimer
SetTimer
wsprintfA
PostMessageA
GetForegroundWindow
ExitWindowsEx
GetDesktopWindow
MessageBoxA
MessageBeep
GetWindowTextA
MessageBoxW
GetWindowTextW
GetWindowRect
CreateWindowExW
SetWindowPos
SetWindowTextW
SetWindowTextA
GetDlgItem
GetSysColor
GetDlgCtrlID
LoadStringA
SendMessageA
GetWindow
GetDC
EnableWindow
LoadIconA
IsWindowUnicode
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
UpdateWindow

gdi32

GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
PatBlt
GetMapMode
SetRectRgn
CombineRgn
DPtoLP
StretchDIBits
GetCharWidthA
GetTextMetricsA
CopyMetaFileA
GetTextColor
GetBkColor
LPtoDP
EnumFontFamiliesExA
CreateRectRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
RestoreDC
SaveDC
CreateBitmap
GetClipBox
SetBkMode
SetBkColor
SetTextColor
SetStretchBltMode
CreateFontIndirectW
CreateCompatibleBitmap
DeleteObject
SelectObject
StretchBlt
BitBlt
DeleteDC
GetStockObject
CreateCompatibleDC
GetDIBits
CreateDIBSection
CreateSolidBrush
GetObjectA
CreateFontIndirectA
GetDeviceCaps
GetTextExtentPointA
CreateRectRgnIndirect
CreateDIBitmap
CreateFontA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA
GetSaveFileNameW

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

OpenSCManagerA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyA
RegQueryInfoKeyA
RegDeleteKeyA
RegEnumKeyExA
RegQueryValueExW
RegSetValueExW
RegNotifyChangeKeyValue
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegDeleteValueW
RegFlushKey
RegCreateKeyExW
GetUserNameW
RegLoadKeyA
RegRestoreKeyA
GetUserNameA
RegSaveKeyA
RegCloseKey
OpenServiceA
CloseServiceHandle
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
RegEnumValueA

shell32

SHGetMalloc
SHGetDesktopFolder
Shell_NotifyIconA
SHFileOperationW
SHFileOperationA
ShellExecuteW
FindExecutableW
ShellExecuteExA
ShellExecuteExW
SHGetFileInfoW
SHGetFileInfoA
SHBrowseForFolderW
SHGetPathFromIDListW
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA

comctl32

ImageList_AddMasked
ImageList_Add
ImageList_Remove
ord17
ord8
ImageList_BeginDrag
ImageList_DragShowNolock
ImageList_DragMove
ImageList_EndDrag
ImageList_DragLeave
ImageList_Draw
ImageList_DragEnter
ImageList_GetIcon
ImageList_Destroy
ImageList_Create
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA

oledlg

ord8

ole32

CoRevokeClassObject
CoRegisterClassObject
OleInitialize
StringFromGUID2
ReleaseStgMedium
OleGetClipboard
OleUninitialize
CoUninitialize
CoInitialize
CoGetObject
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoRegisterMessageFilter
CoTaskMemAlloc
OleDuplicateData
CreateStreamOnHGlobal
CoDisconnectObject
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CLSIDFromString
CLSIDFromProgID
CoFreeUnusedLibraries
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CoCreateInstance

olepro32

ord253

oleaut32

SysAllocStringByteLen
VariantTimeToSystemTime
VariantChangeType
VariantClear
VariantCopy
LoadTypeLibEx
SafeArrayGetUBound
SafeArrayGetLBound
LoadTypeLi
SafeArrayGetElement
SysAllocString
SysStringLen
SysAllocStringLen
SysFreeString

wininet

InternetCrackUrlA
InternetCanonicalizeUrlA
GetUrlCacheEntryInfoW
InternetCombineUrlA
InternetSetCookieA
InternetGetCookieA
InternetCanonicalizeUrlW

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 556KB - Virtual size: 552KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 180KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 760KB - Virtual size: 758KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

462150e99381e299a9a79669afd7ac5e

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

46:60:fc:32:bd:52:1d:77:f2:11:c1:33:6a:a9:8b:9eCertificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

wsock32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 556KB - Virtual size: 552KB

.data Size: 180KB - Virtual size: 200KB

.rsrc Size: 760KB - Virtual size: 758KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

46:60:fc:32:bd:52:1d:77:f2:11:c1:33:6a:a9:8b:9e
Certificate

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 556KB - Virtual size: 552KB

.data
Size: 180KB - Virtual size: 200KB

.rsrc
Size: 760KB - Virtual size: 758KB