4b659e8cc727516f09487a37f4295844_mafia_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

4b659e8cc727516f09487a37f4295844_mafia_JC.exe
Size

1.6MB
MD5

4b659e8cc727516f09487a37f4295844
SHA1

63f04df8c8ee7fc44987c8c7d037497f5558873c
SHA256

d0f3863036337a04313e72fcdb515f84c9d80598334a58f90b194fc6862532f6
SHA512

927f31dbb72adf77490880325a804ed0333e2403129c4b6c8bd183444263b5fb77046aec921fea5831ce36504d072210b10e6d98f957c6f840940645a1821a8f
SSDEEP

49152:d/5hJgpmksuPNpiOex/iMn3Xdn+tfUFe40I0bGpCaPIcUEocU1ZzI4:RJg9su1piOex/iMn3FIUFeHoCaVUEoc4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b659e8cc727516f09487a37f4295844_mafia_JC.exe

Files

4b659e8cc727516f09487a37f4295844_mafia_JC.exe
.exe windows x86

5aa473e9f8f2a7f4add4ac08b58e30d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
GetVolumeInformationW
GetFullPathNameW
InitializeCriticalSectionAndSpinCount
GlobalFindAtomW
FreeResource
GetTempFileNameW
GetTempPathW
GetFileAttributesExW
FileTimeToLocalFileTime
GetFileAttributesW
GetFileSizeEx
GetFileTime
GetTickCount
GetProfileIntW
SearchPathW
GetWindowsDirectoryW
GetNumberFormatW
VirtualProtect
GetUserDefaultLCID
FindResourceExW
HeapFree
GetSystemTimeAsFileTime
HeapAlloc
RaiseException
EncodePointer
DecodePointer
RtlUnwind
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapReAlloc
ExitThread
CreateThread
HeapQueryInformation
HeapSize
VirtualAlloc
GetSystemInfo
VirtualQuery
SetStdHandle
GetFileType
HeapCreate
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetStdHandle
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetPrivateProfileStringW
GetStringTypeW
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
SetEnvironmentVariableA
WritePrivateProfileStringW
GetPrivateProfileIntW
DeleteFileW
GlobalFlags
GetVersionExW
lstrcpyW
GetSystemDirectoryW
WaitForSingleObject
ResumeThread
SetThreadPriority
FileTimeToSystemTime
GlobalGetAtomNameW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentProcessId
CompareStringW
ReleaseActCtx
CreateActCtxW
InterlockedDecrement
InterlockedIncrement
lstrcmpA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
ActivateActCtx
LoadLibraryW
DeactivateActCtx
lstrcmpW
GetProcAddress
FreeLibrary
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
SetErrorMode
GetModuleFileNameW
CopyFileW
GlobalSize
GlobalLock
GlobalUnlock
MulDiv
lstrcmpiW
GlobalAddAtomW
ExitProcess
GetFileSize
ReadFile
Sleep
GetCommandLineW
FindResourceW
LoadResource
LockResource
SizeofResource
GlobalFree
GlobalAlloc
CreateFileW
SetFilePointer
WriteFile
FlushFileBuffers
CloseHandle
WideCharToMultiByte
FindFirstFileW
FindClose
GetCurrentDirectoryW
MultiByteToWideChar
lstrlenA
SetLastError
GetModuleHandleW
GetLastError
FormatMessageW
LocalFree
lstrlenW

user32

DrawEdge
DrawFrameControl
DrawFocusRect
CopyAcceleratorTableW
ToUnicodeEx
MapVirtualKeyW
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableW
SetRect
SetCursorPos
BringWindowToTop
LockWindowUpdate
CopyImage
TranslateAcceleratorW
InsertMenuItemW
LoadImageW
ReuseDDElParam
UnpackDDElParam
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
UnionRect
EnableScrollBar
UpdateLayeredWindow
IsMenu
CreateMenu
PostThreadMessageW
WaitMessage
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
GetMenuDefaultItem
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
RegisterClipboardFormatW
CopyIcon
CharUpperBuffW
GetDoubleClickTime
GetIconInfo
IsCharLowerW
GetKeyNameTextW
MapVirtualKeyExW
SubtractRect
InvertRect
HideCaret
GetNextDlgGroupItem
MapDialogRect
DrawIcon
DestroyCursor
GetWindowRgn
LoadIconW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessagePos
MonitorFromWindow
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
RedrawWindow
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
CallWindowProcW
GetMenu
SetClassLongW
DrawIconEx
SetWindowPos
ShowWindow
MoveWindow
SetWindowLongW
IsWindow
IsDialogMessageW
SendDlgItemMessageW
GetDlgItem
CheckDlgButton
GetScrollPos
SetScrollPos
SetFocus
CharUpperW
DestroyIcon
KillTimer
SetTimer
InvalidateRect
UpdateWindow
GetDesktopWindow
RealChildWindowFromPoint
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
PtInRect
SetWindowTextW
GetClassInfoW
DefWindowProcW
MapWindowPoints
GetClientRect
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoW
GetMonitorInfoW
SetRectEmpty
CopyRect
DeleteMenu
ShowOwnedPopups
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
SendMessageW
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
UnhookWindowsHookEx
LoadCursorW
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
PostMessageW
PostQuitMessage
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
LoadStringW
CharLowerBuffW
GetAsyncKeyState
NotifyWinEvent
RemoveMenu
DrawStateW
MessageBeep
ReleaseCapture
SetCapture
GetSystemMenu
InflateRect
LoadMenuW
WindowFromPoint
CreatePopupMenu
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
IsIconic
OffsetRect
IsRectEmpty
DestroyMenu
GetMenuItemInfoW
IntersectRect
RegisterWindowMessageW
GetMessageTime

advapi32

RegFlushKey
RegQueryValueW
RegEnumKeyW
RegEnumValueW
RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
IsTextUnicode
RegSetValueExW

shell32

SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetDesktopFolder
SHAppBarMessage
DragQueryFileW
DragFinish
ShellExecuteW
SHGetFileInfoW
CommandLineToArgvW

ole32

DoDragDrop
OleGetClipboard
CoLockObjectExternal
RevokeDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitialize
CoCreateGuid
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
ReleaseStgMedium
CoInitializeEx
CoCreateInstance
CoUninitialize
RegisterDragDrop

oleaut32

VariantClear
VariantChangeType
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantInit
SysAllocString
SysFreeString
SysStringLen
SysAllocStringLen
VarBstrFromDate

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

gdi32

SaveDC
CreateDCW
CopyMetaFileW
CreateCompatibleBitmap
CreateFontIndirectW
CreateDIBitmap
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType
RestoreDC
SetBkColor
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
SetMapMode
SelectPalette
GetStockObject
CreateCompatibleDC
CreateBitmap
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
DeleteObject
SelectClipRgn
CreateRectRgn
GetObjectW
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
CreateRectRgnIndirect
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
SetWindowOrgEx
GetClipBox
SetRectRgn
CombineRgn
PatBlt
DPtoLP
GetTextExtentPoint32W
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetBkColor
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
OffsetRgn
GetRgnBox
SetDIBColorTable
RealizePalette
StretchBlt
SetPixel
Rectangle
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
GetDeviceCaps
ScaleViewportExtEx

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

comdlg32

GetFileTitleW

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 279KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5aa473e9f8f2a7f4add4ac08b58e30d7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

msimg32

comctl32

shlwapi

gdiplus

oleacc

imm32

winmm

gdi32

winspool.drv

comdlg32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 279KB - Virtual size: 278KB

.data Size: 24KB - Virtual size: 54KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 166KB - Virtual size: 165KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 279KB - Virtual size: 278KB

.data
Size: 24KB - Virtual size: 54KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 166KB - Virtual size: 165KB