72012409e934909b18b42e5e8383ec22_mafia_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

72012409e934909b18b42e5e8383ec22_mafia_JC.exe
Size

2.9MB
MD5

72012409e934909b18b42e5e8383ec22
SHA1

6474c2460f2933c0fc7bf155e9c10b4188289a76
SHA256

c0ba3c995a3072bd30d00f709c2ab73fc31656458e6e07af70c49f21213e27e6
SHA512

7ca8070519eb671f2900e8f1e9a516b1a49aca10b3a976832f0b2531084d88847852b8dcb6d577e90e738921f2afe8effd6257da3747d3fd003c2405035921d7
SSDEEP

49152:AOKMUAKuR8ldXUbHS+hPllhMv9mzmL+Jy75rzL3zLjCg5r/FycPDfgRUAgWtD0ef:AOKM+uRuXU++hPlsv9mzmL+Jy75vbOgc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72012409e934909b18b42e5e8383ec22_mafia_JC.exe

Files

72012409e934909b18b42e5e8383ec22_mafia_JC.exe
.exe windows x86

565e412a0f3ba66a04caf3a0aff05768

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

RpcStringFreeW
UuidToStringW
UuidCreate

kernel32

SetConsoleCtrlHandler
GetStringTypeW
GetTimeZoneInformation
WriteConsoleW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetEnvironmentVariableA
SetConsoleMode
GetCPInfo
CreateFileA
LCMapStringW
FindFirstFileExA
GetDriveTypeA
FlushConsoleInputBuffer
GetVersionExA
GlobalMemoryStatus
GetVersion
GetModuleHandleA
ExpandEnvironmentStringsA
LoadLibraryA
WaitForMultipleObjects
PeekNamedPipe
FormatMessageA
SleepEx
IsValidCodePage
GetOEMCP
GetACP
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetFileType
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
GetSystemTimeAsFileTime
ExitProcess
HeapQueryInformation
HeapSize
CreateThread
ExitThread
HeapReAlloc
RaiseException
RtlUnwind
DecodePointer
EncodePointer
HeapAlloc
HeapFree
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathW
GetProfileIntW
GetNumberFormatW
GetWindowsDirectoryW
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GetFileAttributesExW
lstrcpyW
GetSystemDirectoryW
GetUserDefaultUILanguage
InterlockedExchange
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
lstrcmpiW
GlobalFlags
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
InitializeCriticalSectionAndSpinCount
LoadLibraryW
lstrcmpW
lstrlenA
lstrcmpA
GlobalGetAtomNameW
CompareStringW
InterlockedIncrement
GetModuleHandleW
GetProcAddress
GetCurrentThreadId
ResumeThread
SetThreadPriority
CopyFileW
GlobalSize
FormatMessageW
MulDiv
lstrlenW
GetCurrentProcessId
FreeLibrary
FindResourceW
LoadResource
LockResource
SizeofResource
InterlockedDecrement
ActivateActCtx
ReleaseActCtx
DeactivateActCtx
TlsFree
GlobalFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalAlloc
GlobalHandle
GlobalUnlock
GlobalReAlloc
GlobalLock
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalFree
LocalAlloc
SetLastError
GetLocaleInfoW
GetSystemDefaultLCID
GetTempPathW
GetVersionExW
GetCurrentProcess
GetTempFileNameW
GetFileInformationByHandle
FileTimeToSystemTime
GetTickCount
UnmapViewOfFile
GetFileSize
LocalFileTimeToFileTime
CloseHandle
GetCurrentDirectoryW
MultiByteToWideChar
CreateFileW
ReadFile
GetFileAttributesW
WideCharToMultiByte
WriteFile
SetFileTime
SystemTimeToFileTime
SetFilePointer
FindNextFileW
SetCurrentDirectoryW
FindClose
CreateDirectoryW
FindFirstFileW
Sleep
CreateEventW
GetLastError
GetModuleFileNameW
SetEvent
WaitForSingleObject
GetFullPathNameA
GetProcessHeap
GetDriveTypeW
ReadConsoleInputA

user32

GetAsyncKeyState
NotifyWinEvent
WindowFromPoint
CreatePopupMenu
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
OffsetRect
IsRectEmpty
KillTimer
SetTimer
DeleteMenu
ShowOwnedPopups
SetCursor
IntersectRect
InvalidateRect
IsIconic
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
CopyImage
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
CharUpperW
DestroyIcon
RealChildWindowFromPoint
ClientToScreen
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
IsWindow
SetFocus
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
SetClassLongW
TrackPopupMenu
SetMenu
GetIconInfo
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
UpdateWindow
GetClientRect
PostMessageW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetMenuStringW
AppendMenuW
GetMenuItemID
LoadImageW
GetNextDlgGroupItem
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
CopyRect
PtInRect
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetWindowTextLengthW
LoadCursorW
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
SetWindowsHookExW
CallNextHookEx
LoadMenuW
GetSystemMenu
SetCapture
ReleaseCapture
MessageBeep
DrawStateW
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
CopyAcceleratorTableW
ToUnicodeEx
MapVirtualKeyW
GetKeyboardLayout
GetKeyboardState
EndDialog
CreateDialogIndirectParamW
LoadAcceleratorsW
CreateAcceleratorTableW
SetRect
SetCursorPos
BringWindowToTop
MessageBoxA
GetProcessWindowStation
GetUserObjectInformationW
LockWindowUpdate
GetMenuDefaultItem
InvertRect
wsprintfW
GetDesktopWindow
GetSystemMetrics
GetWindowTextW
HideCaret
GetWindowRect
UnhookWindowsHookEx
MessageBoxW
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetWindowLongW
GetParent
SendMessageW
GetWindowThreadProcessId
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuW
EnableScrollBar
GetNextDlgTabItem
ValidateRect
GetCursorPos
PeekMessageW
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageW
TranslateMessage
GetMessageW
TranslateAcceleratorW
InsertMenuItemW
ReuseDDElParam
UnpackDDElParam
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
GetWindowRgn
DestroyCursor
DrawIcon
MapDialogRect
SubtractRect
MapVirtualKeyExW
GetKeyNameTextW
IsCharLowerW
GetDoubleClickTime
CharUpperBuffW
CopyIcon
RegisterClipboardFormatW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
WaitMessage
PostThreadMessageW
CreateMenu
IsMenu
UpdateLayeredWindow
SetScrollRange
UnionRect
GetMenuState

gdi32

SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateDIBitmap
CreateCompatibleBitmap
CreateRectRgnIndirect
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
SetRectRgn
GetLayout
PatBlt
DPtoLP
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetBkColor
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
GetRgnBox
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExW
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceW
SetPixelV
SetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetTextExtentPoint32W
ExtTextOutW
BitBlt
CreateCompatibleDC
CreateFontIndirectW
DeleteObject
SetBkColor
SetTextColor
CreateBitmap
CreateDCW
CopyMetaFileW
CombineRgn
GetObjectW
GetDeviceCaps

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

comdlg32

GetFileTitleW

advapi32

RegDeleteValueW
RegisterEventSourceW
RegisterEventSourceA
ReportEventA
CloseServiceHandle
OpenSCManagerW
StartServiceCtrlDispatcherW
DeregisterEventSource
SetServiceStatus
RegQueryValueExW
RegEnumKeyExW
RegSetValueExW
CreateServiceW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
ReportEventW
RegisterServiceCtrlHandlerW

shell32

ShellExecuteW
SHBrowseForFolderW
SHGetFileInfoW
SHGetDesktopFolder
SHGetPathFromIDListW
SHGetFolderPathW
SHAppBarMessage
DragQueryFileW
DragFinish
SHGetSpecialFolderLocation

ole32

CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
CoUninitialize
CoInitialize
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium

oleaut32

SysFreeString
VariantChangeType
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocStringLen
VarBstrFromDate
VariantInit
SysAllocString
VariantClear

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathRemoveFileSpecW
PathFindExtensionW
PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathAppendW

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipAlloc
GdipDeleteGraphics
GdipFree

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

ws2_32

gethostname
ioctlsocket
select
__WSAFDIsSet
listen
accept
recvfrom
sendto
getaddrinfo
freeaddrinfo
WSASetLastError
connect
setsockopt
getpeername
getsockopt
closesocket
htons
bind
socket
recv
shutdown
send
ntohs
getsockname
WSAGetLastError
WSAStartup
WSACleanup

winmm

PlaySoundW

wldap32

ord211
ord143
ord60
ord22
ord26
ord32
ord35
ord79
ord200
ord33
ord301
ord27
ord41
ord30
ord50
ord46

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 541KB - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 220KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

565e412a0f3ba66a04caf3a0aff05768

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

msimg32

comctl32

shlwapi

oleacc

gdiplus

imm32

ws2_32

winmm

wldap32

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 541KB - Virtual size: 540KB

.data Size: 56KB - Virtual size: 95KB

.rsrc Size: 48KB - Virtual size: 48KB

.reloc Size: 220KB - Virtual size: 220KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 541KB - Virtual size: 540KB

.data
Size: 56KB - Virtual size: 95KB

.rsrc
Size: 48KB - Virtual size: 48KB

.reloc
Size: 220KB - Virtual size: 220KB