18904e4ce8ed66c3522dcedcc9307c29_mafia_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

18904e4ce8ed66c3522dcedcc9307c29_mafia_JC.exe
Size

248KB
MD5

18904e4ce8ed66c3522dcedcc9307c29
SHA1

461cdfc2e66bf00d7d23d0c189e6fe8e81cad0b9
SHA256

a18f79984dfc8bd1238e6777c3cbdffdba1cb7a7284b0918f05742efe219d7c0
SHA512

511ee81d023fba572dd70e73d01c98a6cd073d45a52e803e234fb7c5e1167a4e8026a8622eb39276e826e08210a8e47d908906d1530bd6992694796a217e009f
SSDEEP

3072:GYVcKA0cBAYYYs1xAgW5jT9rObNj+IAL+taINwI9ohDHapuPT1LmFYFth:GmA02A/N7gTlmNQ+tfXWapu71LmFYFt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18904e4ce8ed66c3522dcedcc9307c29_mafia_JC.exe

Files

18904e4ce8ed66c3522dcedcc9307c29_mafia_JC.exe
.exe windows x86

cc1baa94bfe4e1ea7b85ac2eb4d66dac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetDlgItemTextW
GetDC
SendDlgItemMessageW
GetDlgItemTextA
SendMessageW
EnableWindow
PostQuitMessage
EndDialog
DispatchMessageW
TranslateMessage
GetMessageW
GetWindowTextLengthW
CreateDialogParamW
GetWindowTextW
ReleaseDC
MessageBoxW
ShowWindow
SetTimer
GetDlgItem
SetWindowTextW

ole32

CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleRun
CoInitialize

oleaut32

SysFreeString
VariantClear
VariantCopy
SysAllocString
VariantChangeType
GetErrorInfo
VariantInit

ws2_32

WSAStartup
WSAGetLastError
WSACleanup
closesocket
socket
getaddrinfo
htons
connect
WSAEventSelect
send
WSAEnumNetworkEvents
recv

gdi32

GetTextExtentPoint32W

kernel32

SetEnvironmentVariableA
CompareStringW
CreateFileW
GetProcessHeap
SetEndOfFile
WriteConsoleW
HeapReAlloc
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
LCMapStringW
SetFilePointer
GetLocaleInfoW
LoadLibraryW
InterlockedExchange
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapSize
GetOEMCP
GetACP
GetCPInfo
GetTimeZoneInformation
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
IsValidCodePage
ExitProcess
GetModuleHandleW
WideCharToMultiByte
MultiByteToWideChar
AllocConsole
GetStdHandle
InterlockedDecrement
InterlockedIncrement
LocalFree
CloseHandle
CreateThread
Sleep
lstrlenW
PurgeComm
lstrlenA
GetLastError
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetupComm
SetCommTimeouts
GetCommState
BuildCommDCBW
SetCommState
CreateFileA
ClearCommError
ReadFile
WriteFile
CreateEventW
WaitForMultipleObjects
GetCommandLineW
HeapSetInformation
GetStartupInfoW
HeapFree
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
HeapAlloc
GetCurrentThreadId
RtlUnwind
RaiseException
SetUnhandledExceptionFilter
GetProcAddress

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc1baa94bfe4e1ea7b85ac2eb4d66dac

Headers

DLL Characteristics

File Characteristics

Imports

user32

ole32

oleaut32

ws2_32

gdi32

kernel32

Sections

.text Size: 147KB - Virtual size: 146KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 8KB - Virtual size: 34KB

.rsrc Size: 54KB - Virtual size: 53KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 147KB - Virtual size: 146KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 8KB - Virtual size: 34KB

.rsrc
Size: 54KB - Virtual size: 53KB

.reloc
Size: 12KB - Virtual size: 12KB