c403264558dfe9ad8a0b454ba5a00bf3_mafia_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

c403264558dfe9ad8a0b454ba5a00bf3_mafia_JC.exe
Size

4.4MB
MD5

c403264558dfe9ad8a0b454ba5a00bf3
SHA1

af688cb35f9dd9132daaa966829320c3498d0f8a
SHA256

7ad1f1564e9a09625b40bddc60a2c3a243bbde291506a57ed5e6924c09c5d518
SHA512

5f16aaae47f1f057dd4b843567429f134da49e7b13d2d9d85235e80fe7368bf6d86a8e486195e66a2418a959898fd4effa2041b7b1695f6b2267364e15affa2d
SSDEEP

98304:X9a6GeL+LxWJS5owTStD4dcmijmsUlmO8QNFUueSUo7+Sx/AKboj9ghi1RebMIgG:NaRnoeSldPobR7+Sx/FojDIg9Cbk/V8q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c403264558dfe9ad8a0b454ba5a00bf3_mafia_JC.exe

Files

c403264558dfe9ad8a0b454ba5a00bf3_mafia_JC.exe
.exe windows x86

afe10e60c7d36a02dcb055c0900cf8e1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
CreateThread
RtlUnwind
RaiseException
SetStdHandle
GetFileType
HeapQueryInformation
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetCPInfo
GetACP
GetOEMCP
VirtualQuery
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
SetEnvironmentVariableA
VirtualAlloc
MoveFileA
DecodePointer
EncodePointer
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
SizeofResource
GetUserDefaultLCID
GetNumberFormatW
VirtualProtect
SearchPathW
SetErrorMode
GetFileTime
GetFileSizeEx
ExitProcess
GetVolumeInformationW
DuplicateHandle
GetTempFileNameW
lstrcmpiW
InitializeCriticalSectionAndSpinCount
GlobalFlags
GetCurrentDirectoryW
GetThreadLocale
GlobalGetAtomNameW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
TlsGetValue
LocalAlloc
InterlockedIncrement
lstrlenA
GetProfileIntW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindFirstFileW
FindClose
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GlobalFindAtomW
CompareStringW
GlobalAddAtomW
ResumeThread
SetThreadPriority
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcpyW
FreeResource
lstrcmpA
GlobalDeleteAtom
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetModuleFileNameW
GetDateFormatW
GetTimeFormatW
GetLocaleInfoW
lstrcmpW
GlobalFree
CopyFileW
GlobalAlloc
GetWindowsDirectoryW
DeleteFileA
AreFileApisANSI
GetSystemTime
LocalFree
GetTempPathA
GetCurrentProcessId
CloseHandle
GetVersionExA
OutputDebugStringA
GetCurrentThreadId
DeleteCriticalSection
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingW
CreateFileMappingA
LoadLibraryA
GetDiskFreeSpaceW
LockFileEx
HeapSize
GetTempPathW
FlushFileBuffers
CreateFileW
ReadFile
GetFileAttributesW
HeapValidate
HeapCreate
GetFileAttributesA
HeapDestroy
FormatMessageW
Sleep
InitializeCriticalSection
WriteFile
FormatMessageA
GetSystemTimeAsFileTime
GetProcessHeap
UnlockFileEx
OutputDebugStringW
WaitForSingleObjectEx
LockFile
FlushViewOfFile
UnlockFile
InterlockedCompareExchange
WaitForSingleObject
HeapFree
QueryPerformanceCounter
SystemTimeToFileTime
HeapAlloc
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
TryEnterCriticalSection
SetFilePointer
HeapCompact
CreateMutexW
GetFileSize
CreateFileA
HeapReAlloc
GetFullPathNameA
GetFullPathNameW
GetStdHandle
GetCurrentProcess
FreeLibrary
GetTickCount
MulDiv
GlobalUnlock
GlobalLock
GlobalSize
GlobalReAlloc
ActivateActCtx
GetProcAddress
GetModuleHandleW
LoadLibraryW
DeactivateActCtx
SetLastError
GetVersionExW
InterlockedExchange
EnterCriticalSection
LeaveCriticalSection
DeleteFileW
GetLastError
WideCharToMultiByte
lstrlenW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
IsValidCodePage

user32

InsertMenuItemW
TranslateAcceleratorW
PostThreadMessageW
UnregisterClassW
UpdateLayeredWindow
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
GetUpdateRect
DestroyAcceleratorTable
SetClassLongW
EnableScrollBar
GetIconInfo
SetCursorPos
GetMenuDefaultItem
SetMenuDefaultItem
DestroyIcon
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
CopyImage
OpenClipboard
UnionRect
IsMenu
MonitorFromPoint
SetParent
LockWindowUpdate
BringWindowToTop
CreatePopupMenu
CharUpperW
IsZoomed
GetAsyncKeyState
NotifyWinEvent
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
CharNextW
RealChildWindowFromPoint
DeleteMenu
WaitMessage
RegisterClipboardFormatW
DestroyMenu
GetMenuItemInfoW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetClassLongW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
MonitorFromWindow
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
SetForegroundWindow
ShowScrollBar
CreateWindowExW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
CallWindowProcW
GetMenu
SetWindowLongW
GetClassNameW
ShowOwnedPopups
GetMessageW
PeekMessageW
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
EndPaint
BeginPaint
GetWindowDC
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxW
MapVirtualKeyW
GetKeyNameTextW
LoadMenuW
SetLayeredWindowAttributes
EnumDisplayMonitors
GetMonitorInfoW
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
DrawIconEx
GetSysColorBrush
RedrawWindow
MapWindowPoints
SetWindowRgn
DrawFocusRect
DrawStateW
RegisterWindowMessageW
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
PostQuitMessage
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
CopyIcon
DispatchMessageW
TranslateMessage
DrawFrameControl
WindowFromPoint
ClientToScreen
IsWindowVisible
ReuseDDElParam
UnpackDDElParam
CharUpperBuffW
SubtractRect
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
GetWindowRgn
DestroyCursor
CreateMenu
GetDoubleClickTime
GrayStringW
DrawTextExW
TabbedTextOutW
GetCapture
SetTimer
ClipCursor
InvertRect
PostMessageW
GetFocus
GetMessagePos
HideCaret
MapVirtualKeyExW
IsCharLowerW
GetClassInfoExW
TranslateMDISysAccel
IsClipboardFormatAvailable
ScreenToClient
GetCursorPos
KillTimer
GetKeyState
IntersectRect
GetParent
IsWindow
DrawTextW
FrameRect
GetDC
SystemParametersInfoW
SetScrollPos
GetScrollRange
GetScrollPos
SetRectEmpty
IsRectEmpty
CopyRect
ReleaseDC
ReleaseCapture
SetCapture
LoadCursorW
ChildWindowFromPoint
UpdateWindow
DrawEdge
RegisterClassW
DefWindowProcW
GetClassInfoW
SetCursor
GetSysColor
InvalidateRect
SetRect
InflateRect
FillRect
OffsetRect
PtInRect
GetWindowRect
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
SendMessageW
AppendMenuW
GetSystemMenu
LoadIconW
EnableWindow

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
SetBkMode
ScaleWindowExtEx
ExtSelectClipRgn
CreateBitmap
SelectPalette
GetObjectType
SetRectRgn
GetMapMode
DPtoLP
GetRgnBox
OffsetRgn
CreateRoundRectRgn
SetPixel
SetDIBColorTable
RealizePalette
GetPixel
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
ExtFloodFill
SetPaletteEntries
GetViewportOrgEx
LPtoDP
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
EnumFontFamiliesExW
GetWindowOrgEx
SetPixelV
GetTextFaceW
SetBkColor
RestoreDC
SaveDC
GetTextCharsetInfo
GetViewportExtEx
GetWindowExtEx
EnumFontFamiliesW
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
StretchBlt
GetTextExtentPoint32W
CreatePatternBrush
CreateDIBitmap
GetTextColor
CombineRgn
CreatePolygonRgn
CreateEllipticRgn
CreateRectRgnIndirect
CreateRectRgn
CreateDCW
CopyMetaFileW
PatBlt
GetTextMetricsW
Escape
TextOutW
RectVisible
PtVisible
GetBkColor
GetCurrentObject
CreateFontIndirectW
CreateHatchBrush
Polygon
Ellipse
Polyline
PolyBezier
ExtCreatePen
DeleteDC
SelectObject
CreateDIBSection
GetObjectW
CreateFontW
AbortDoc
EndDoc
EndPage
StartPage
GetDeviceCaps
StartDocW
CreateCompatibleBitmap
CreateCompatibleDC
GetStockObject
BitBlt
Rectangle
CreateSolidBrush
CreatePen
DeleteObject
ExtTextOutW
SetPolyFillMode

msimg32

GradientFill
AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegOpenKeyExW
RegEnumKeyExW
RegEnumValueW

shell32

SHGetFileInfoW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
DragQueryFileW
DragFinish
ShellExecuteW
SHAppBarMessage

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW

ole32

CoRegisterMessageFilter
CoRevokeClassObject
CoInitializeEx
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
DoDragDrop
OleGetClipboard
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
OleLockRunning
CoFreeUnusedLibraries
OleUninitialize
CoInitialize
CoCreateInstance
CoUninitialize
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
IsAccelerator
CoTaskMemFree
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleInitialize

oleaut32

VariantTimeToSystemTime
OleCreateFontIndirect
VarBstrFromDate
SafeArrayDestroy
VariantCopy
VariantInit
VariantChangeType
SysStringLen
SysAllocStringLen
SysAllocString
SysFreeString
VarUdateFromDate
SystemTimeToVariantTime
VariantClear

oledlg

OleUIBusyW

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteGraphics
GdiplusStartup
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage
GdiplusShutdown
GdipDrawImageRectI

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 373KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 203KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

afe10e60c7d36a02dcb055c0900cf8e1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 373KB - Virtual size: 372KB

.data Size: 36KB - Virtual size: 68KB

.rsrc Size: 1.9MB - Virtual size: 1.9MB

.reloc Size: 203KB - Virtual size: 202KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 373KB - Virtual size: 372KB

.data
Size: 36KB - Virtual size: 68KB

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

.reloc
Size: 203KB - Virtual size: 202KB