f3997ccae1e43ec2a7aca4701b35dcaf_mafia_magniber_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

f3997ccae1e43ec2a7aca4701b35dcaf_mafia_magniber_JC.exe
Size

10.1MB
MD5

f3997ccae1e43ec2a7aca4701b35dcaf
SHA1

9aa2c95d6492e594c7ae5448df66bad39a4590a1
SHA256

925aec33d39ed2c94cce34129ce107491c69e52ebd4a6ece8181e33e93ce4d54
SHA512

95330f5948210ee1ea82bbb2d409aa04fbad2727800a49ccf91e3e3e37c895acef312f96f028f8e2b1ae5098b30101f9bad9ffaf34692cd382d3656d91439f40
SSDEEP

98304:UyrE9AJuK8uYa1Ds05toJyG6aXhlq6uwA1BsRaN+H+KtLmj3C75lqrmPpYjs9o3Y:UMruKgQ/6XbH+dNsJLmj345lqIn/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3997ccae1e43ec2a7aca4701b35dcaf_mafia_magniber_JC.exe

Files

f3997ccae1e43ec2a7aca4701b35dcaf_mafia_magniber_JC.exe
.exe windows x86

f4ccaf1f3c0d9f7c26512a2bb4114002

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

netapi32

NetApiBufferFree
NetServerDiskEnum

wininet

InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetAttemptConnect
InternetReadFile
InternetGetLastResponseInfoA
HttpQueryInfoA

msi

ord168
ord15
ord112
ord204
ord141
ord87

kernel32

GetCurrentDirectoryA
GetComputerNameA
GetSystemDirectoryA
GetDiskFreeSpaceExA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetFileAttributesA
GetFileAttributesA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
SetEndOfFile
GetFileTime
TerminateThread
DeleteCriticalSection
VirtualFree
VirtualAlloc
GetCurrentProcessId
GetCurrentThreadId
GlobalUnlock
GlobalLock
InterlockedIncrement
FormatMessageA
RemoveDirectoryA
HeapCreate
HeapDestroy
GetTimeZoneInformation
OpenProcess
TerminateProcess
FlushFileBuffers
SetLastError
RaiseException
InitializeCriticalSectionAndSpinCount
lstrlenW
lstrcmpiA
IsDBCSLeadByte
FlushInstructionCache
lstrcmpA
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetWindowsDirectoryA
DeviceIoControl
GetLocaleInfoA
GetTimeFormatA
GetDateFormatA
SetCurrentDirectoryA
LockResource
GetFullPathNameA
GetComputerNameW
GetShortPathNameA
VirtualQuery
GetExitCodeProcess
GetSystemInfo
InterlockedExchange
GetSystemTimeAsFileTime
RtlUnwind
EncodePointer
DecodePointer
ExitThread
CreateThread
FindFirstFileExA
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapSetInformation
GetStartupInfoW
IsProcessorFeaturePresent
GetCPInfo
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LCMapStringW
HeapSize
ExitProcess
GetStringTypeW
GetStdHandle
GetModuleFileNameW
PeekNamedPipe
GetFileType
GetCurrentDirectoryW
GetLocaleInfoW
HeapReAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
LoadLibraryW
GetDriveTypeW
SetStdHandle
CompareStringW
SetEnvironmentVariableA
WriteConsoleW
CreateFileW
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedCompareExchange
GetDriveTypeA
GetVersionExA
GetTempFileNameA
VirtualProtect
GetSystemTime
SystemTimeToFileTime
SetFileTime
OpenSemaphoreA
CreateSemaphoreA
GetModuleHandleA
ReleaseSemaphore
CreateProcessA
GetVersion
MoveFileA
FindFirstFileA
FindNextFileA
FindClose
CreateDirectoryA
GetModuleFileNameA
CopyFileA
FreeLibrary
LoadLibraryA
GetProcAddress
LocalReAlloc
LocalFree
LocalAlloc
lstrlenA
GetCurrentProcess
HeapFree
GetProcessHeap
HeapAlloc
OutputDebugStringA
InterlockedDecrement
DeleteFileA
MulDiv
WideCharToMultiByte
GetTempPathA
GetACP
GetFileInformationByHandle
GlobalAlloc
OpenFileMappingA
CreateMutexA
GlobalFree
FlushViewOfFile
ReleaseMutex
WaitForSingleObject
GetLastError
MultiByteToWideChar
CreateFileMappingA
MapViewOfFile
GetFileSize
UnmapViewOfFile
WriteFile
CreateFileA
Sleep
ReadFile
SetFilePointer
CloseHandle
GetTickCount
SystemTimeToTzSpecificLocalTime

user32

GetClassLongA
GetKeyNameTextA
EnumDisplaySettingsA
GetKeyboardLayout
ExitWindowsEx
MapVirtualKeyExA
GetSysColor
CharNextA
AdjustWindowRectEx
GetWindow
wsprintfW
GetWindowTextLengthA
GetSystemMenu
EnableMenuItem
ClientToScreen
CloseWindow
PeekMessageA
SetWindowTextW
SetForegroundWindow
GetSystemMetrics
LoadStringA
SetDlgItemTextW
GetDlgItemTextW
GetWindowTextA
GetClipboardData
MessageBeep
CallWindowProcA
CreatePopupMenu
AppendMenuA
TrackPopupMenu
OpenClipboard
EmptyClipboard
SetClipboardData
RegisterClipboardFormatA
RegisterWindowMessageA
DestroyMenu
SetCursor
SetFocus
GetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
CheckDlgButton
SetDlgItemTextA
SendMessageA
GetDlgItem
EnableWindow
IsDlgButtonChecked
CheckRadioButton
GetWindowThreadProcessId
MapVirtualKeyA
GetCursorPos
DrawTextA
OffsetRect
GetForegroundWindow
MessageBoxA
PostMessageA
PostQuitMessage
LoadBitmapA
UpdateWindow
wsprintfA
SetWindowTextA
SetWindowLongA
GetWindowLongA
DefWindowProcA
GetParent
ScreenToClient
BeginPaint
EndPaint
SetWindowPos
GetClassNameA
GetClientRect
GetDC
InvalidateRect
ReleaseDC
MoveWindow
GetWindowRect
CreateWindowExA
LoadIconA
LoadCursorA
RegisterClassA
CreateDialogParamA
ShowWindow
DialogBoxParamA
GetPropA
RemovePropA
SetPropA
EndDialog
GetMessageA
IsWindow
CreateAcceleratorTableA
RegisterClassExA
GetClassInfoExA
GetDesktopWindow
GetFocus
DestroyAcceleratorTable
FillRect
ReleaseCapture
IsDialogMessageA
TranslateMessage
DispatchMessageA
IsChild
SetCapture
RedrawWindow
CloseClipboard
InvalidateRgn
DestroyWindow
UnregisterClassA

gdi32

GetStockObject
CreateCompatibleBitmap
CreateFontIndirectA
SetBkColor
SetBkMode
SetTextColor
CreateSolidBrush
CreateCompatibleDC
SelectObject
GetObjectA
BitBlt
DeleteDC
DeleteObject
GetDeviceCaps
TranslateCharsetInfo

comdlg32

GetSaveFileNameA

advapi32

SetSecurityDescriptorDacl
RegConnectRegistryA
LookupPrivilegeValueA
AdjustTokenPrivileges
InitiateSystemShutdownA
RegQueryInfoKeyW
ChangeServiceConfig2A
LockServiceDatabase
ChangeServiceConfigA
UnlockServiceDatabase
RegDeleteKeyA
LookupAccountSidW
QueryServiceStatus
ControlService
StartServiceA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
GetUserNameA
RegSetValueExA
RegCreateKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegDeleteValueA
RegCloseKey
LsaClose
OpenProcessToken
GetTokenInformation
LookupAccountSidA
LookupAccountNameA
LsaOpenPolicy
LsaAddAccountRights
LsaRemoveAccountRights
AllocateAndInitializeSid
SetEntriesInAclA
FreeSid
InitializeSecurityDescriptor

shell32

SHChangeNotify
SHGetDesktopFolder
ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc

ole32

CreateStreamOnHGlobal
CoGetClassObject
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoCreateGuid
OleUninitialize
OleInitialize
CLSIDFromString
CoInitialize
CLSIDFromProgID
OleLockRunning
StringFromGUID2
CoTaskMemRealloc
CoCreateInstance

oleaut32

VariantInit
SysFreeString
SysStringLen
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VarUI4FromStr
SysAllocStringLen
VariantClear
SysAllocString

shlwapi

StrTrimA

Sections

.text
Size: 675KB - Virtual size: 675KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 455KB - Virtual size: 454KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8.9MB - Virtual size: 8.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4ccaf1f3c0d9f7c26512a2bb4114002

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

netapi32

wininet

msi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 675KB - Virtual size: 675KB

.rdata Size: 455KB - Virtual size: 454KB

.data Size: 19KB - Virtual size: 90KB

.rsrc Size: 8.9MB - Virtual size: 8.9MB

.reloc Size: 103KB - Virtual size: 102KB

.text
Size: 675KB - Virtual size: 675KB

.rdata
Size: 455KB - Virtual size: 454KB

.data
Size: 19KB - Virtual size: 90KB

.rsrc
Size: 8.9MB - Virtual size: 8.9MB

.reloc
Size: 103KB - Virtual size: 102KB