9a23be9b9d79e38f8a3620109e45626e_floxif_mafia_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

9a23be9b9d79e38f8a3620109e45626e_floxif_mafia_JC.exe
Size

1.9MB
MD5

9a23be9b9d79e38f8a3620109e45626e
SHA1

ded217ef8c42e8a9665ea249d2d1376b60a59318
SHA256

3952bb391d824f1f6704504d1c937f223a724cf06bc72a4752589920e7a49cc8
SHA512

e3cc6bca8376a48c46d6f09564cf98bbedf125c8b08b23a3f51c79bf6ca1e12e3a9cb01795bdd07d978e398f19c492e4b41fba0a54f9fdaaff6c490f299e09ad
SSDEEP

49152:OeLjveDKVx+KJtOw8RG48p85qCzcs7dGyayEFD5DLD9RJ4KvJFBVAX69FPfd:rLeKOKTOw898O5nzcs7dGyayEbLD9Hvj

Score

1^/10

Malware Config

Signatures

Files

9a23be9b9d79e38f8a3620109e45626e_floxif_mafia_JC.exe
.exe windows x86

87c39ce6574d6e8432e5f6a0bb4f0f6e

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

66:55:75:5b:33:a6:0b:7f:bf:90:c6:93:58:ca:1f:ef
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

17-08-2009 00:00

Not After

04-10-2012 23:59

Subject

CN=Autodesk\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Subscription,O=Autodesk\, Inc.,L=San Rafael,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

de:c8:13:1b:0e:1f:9e:cb:a1:d7:51:84:8a:96:0f:88:4b:59:dd:7f
Signer

Actual PE Digest

de:c8:13:1b:0e:1f:9e:cb:a1:d7:51:84:8a:96:0f:88:4b:59:dd:7f

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCanonicalizeUrlW
InternetErrorDlg
InternetOpenW
InternetConnectW
HttpOpenRequestW
HttpAddRequestHeadersW
HttpSendRequestExW
InternetWriteFile
HttpEndRequestW
InternetReadFile
InternetCloseHandle
InternetCrackUrlW
HttpQueryInfoW

opengl32

wglCreateContext
glGetString
glGetError
wglDeleteContext
wglMakeCurrent

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

GetSystemInfo
VirtualQuery
ExitProcess
SetStdHandle
GetFileType
HeapQueryInformation
HeapSize
DecodePointer
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
IsProcessorFeaturePresent
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
SetEnvironmentVariableA
EncodePointer
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
ExitThread
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
VirtualProtect
SearchPathW
Sleep
GetProfileIntW
GetTempFileNameW
GetNumberFormatW
GetWindowsDirectoryW
GetTickCount
GetCurrentDirectoryW
SetErrorMode
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
GlobalGetAtomNameW
GetFileTime
GetFileSizeEx
GetFileAttributesW
GetFileAttributesExW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
SuspendThread
SetThreadPriority
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
CompareStringA
VirtualAlloc
GetCurrentProcessId
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
FileTimeToLocalFileTime
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
ActivateActCtx
DeactivateActCtx
lstrcmpW
SetLastError
CopyFileW
GlobalSize
FormatMessageW
LocalFree
GetThreadLocale
InterlockedIncrement
UnmapViewOfFile
WriteFile
lstrcmpiW
GetFileInformationByHandle
SetFilePointer
SystemTimeToFileTime
FileTimeToSystemTime
CreateThread
OpenProcess
LoadLibraryExW
GetEnvironmentVariableW
lstrcpyW
GetModuleFileNameW
IsDBCSLeadByte
GetNativeSystemInfo
FreeLibrary
GetTempPathW
GetProcAddress
LoadLibraryW
GetModuleHandleW
GetDateFormatW
GetLocalTime
GetComputerNameW
GetLocaleInfoW
GetVersionExW
GetUserDefaultLangID
GetSystemDirectoryW
DeleteFileW
GetUserDefaultLCID
lstrlenA
ReadFile
WideCharToMultiByte
lstrlenW
GetFileSize
CreateFileW
GetLastError
ResetEvent
SetEvent
WaitForSingleObject
LockResource
FreeResource
SizeofResource
LoadResource
FindResourceW
GlobalAlloc
ResumeThread
GlobalFree
MulDiv
GlobalUnlock
GlobalLock
CloseHandle
CreateEventW
MultiByteToWideChar
HeapReAlloc
RaiseException
InterlockedExchange
RtlUnwind
SetUnhandledExceptionFilter
InterlockedCompareExchange

user32

GetWindowRgn
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFrameControl
DrawEdge
DrawStateW
SetClassLongW
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
DrawIconEx
CopyImage
GetIconInfo
NotifyWinEvent
EnableScrollBar
HideCaret
DrawFocusRect
InvertRect
GetAsyncKeyState
MapVirtualKeyW
CreatePopupMenu
GetMenuDefaultItem
RegisterClipboardFormatW
DestroyIcon
MessageBeep
GetNextDlgGroupItem
WaitMessage
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
DeleteMenu
UnregisterClassW
RealChildWindowFromPoint
GetSysColorBrush
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableW
IntersectRect
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
GetMessageW
TranslateMessage
ValidateRect
GetCursorPos
GetWindowThreadProcessId
CharUpperW
GetWindowDC
GrayStringW
DrawTextExW
TabbedTextOutW
LoadMenuW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
ScrollWindow
TrackPopupMenu
GetKeyState
EmptyClipboard
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
GetClassInfoExW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
CallWindowProcW
GetMenu
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
GetWindowTextLengthW
GetWindowTextW
SetFocus
SetWindowPos
IsWindowEnabled
MoveWindow
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
CheckDlgButton
GetDlgItem
GetWindowLongW
GetDlgCtrlID
GetWindow
CharNextW
DrawIcon
GetSystemMetrics
IsIconic
EnableMenuItem
GetSystemMenu
LoadImageW
SetForegroundWindow
MessageBoxW
EnumDisplayDevicesW
ShowWindow
DestroyWindow
CreateWindowExW
RegisterClassW
LoadIconW
PostQuitMessage
EndPaint
BeginPaint
MapWindowPoints
PostMessageW
ScreenToClient
DestroyCursor
SubtractRect
GetDoubleClickTime
CharUpperBuffW
CopyIcon
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
CreateMenu
TranslateMDISysAccel
WindowFromPoint
ClientToScreen
GetFocus
IsWindowVisible
DefWindowProcW
GetClassInfoW
UpdateWindow
SetTimer
KillTimer
LoadCursorW
InflateRect
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
IsMenu
MonitorFromPoint
UpdateLayeredWindow
UnionRect
MapVirtualKeyExW
GetTopWindow
IsCharLowerW
GetParent
GetWindowRect
IsWindow
SetWindowLongW
SetCursor
SetCapture
RedrawWindow
ReleaseCapture
PtInRect
GetDesktopWindow
CopyRect
FillRect
ReleaseDC
GetDC
SetRect
DrawTextW
GetSysColor
SendMessageW
OffsetRect
GetClientRect
InvalidateRect
EnableWindow
CloseClipboard
SetClipboardData
OpenClipboard
GetKeyNameTextW
SetMenu
PostThreadMessageW
IsChild

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
CreatePen
CreateHatchBrush
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetRgnBox
GetTextMetricsW
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
Escape
CreateDIBSection
RectVisible
CreatePolygonRgn
CreateEllipticRgn
Polyline
Polygon
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
OffsetRgn
EnumFontFamiliesExW
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceW
CreateRectRgn
SelectClipRgn
ExtTextOutW
TextOutW
SetLayout
GetLayout
CreateDCW
CopyMetaFileW
GetTextColor
GetBkColor
CreateFontW
DescribePixelFormat
SetPixelFormat
ChoosePixelFormat
Ellipse
GetTextExtentPoint32W
CreateFontIndirectW
GetObjectW
GetStockObject
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
CreateSolidBrush
DeleteObject
DeleteDC
GetDeviceCaps
PtVisible
GetPixel
GetWindowExtEx
CreateRoundRectRgn
SelectObject
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetViewportExtEx

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetOpenFileNameW
GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegEnumKeyW
RegQueryValueW
RegOpenKeyExW
RegEnumKeyExW
RegEnumValueW

shell32

SHAppBarMessage
SHGetFileInfoW
SHGetDesktopFolder
SHGetPathFromIDListW
SHGetSpecialFolderLocation
DragFinish
DragQueryFileW
ShellExecuteW
SHBrowseForFolderW

comctl32

ord17
ImageList_GetIconSize

shlwapi

PathAppendW
SHRegGetValueW
PathStripToRootW
PathIsUNCW
UrlUnescapeW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW

ole32

CreateILockBytesOnHGlobal
OleUninitialize
CreateStreamOnHGlobal
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleInitialize
CoInitialize
CoCreateInstance
CoUninitialize
CoInitializeEx
CoCreateGuid
StringFromGUID2
CoTaskMemFree
StgCreateDocfileOnILockBytes
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CLSIDFromProgID
CLSIDFromString
CoDisconnectObject
CoGetClassObject
StgOpenStorageOnILockBytes
DoDragDrop
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoFreeUnusedLibraries

oleaut32

SafeArrayDestroy
SystemTimeToVariantTime
SysAllocString
VariantCopy
VariantChangeType
SysFreeString
OleCreateFontIndirect
SysAllocStringLen
SysStringLen
VariantClear
VariantInit
VarBstrFromDate
LoadTypeLi
VariantTimeToSystemTime
OleLoadPicture

oledlg

OleUIBusyW

gdiplus

GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 320KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87c39ce6574d6e8432e5f6a0bb4f0f6e

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

66:55:75:5b:33:a6:0b:7f:bf:90:c6:93:58:ca:1f:efCertificate

Extended Key Usages

Key Usages

de:c8:13:1b:0e:1f:9e:cb:a1:d7:51:84:8a:96:0f:88:4b:59:dd:7fSigner

Headers

DLL Characteristics

File Characteristics

Imports

wininet

opengl32

version

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 320KB - Virtual size: 319KB

.data Size: 27KB - Virtual size: 57KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 175KB - Virtual size: 175KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

66:55:75:5b:33:a6:0b:7f:bf:90:c6:93:58:ca:1f:ef
Certificate

de:c8:13:1b:0e:1f:9e:cb:a1:d7:51:84:8a:96:0f:88:4b:59:dd:7f
Signer

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 320KB - Virtual size: 319KB

.data
Size: 27KB - Virtual size: 57KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 175KB - Virtual size: 175KB