fa8260f1a8f8e68159b450b49fb5925c_mafia_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

fa8260f1a8f8e68159b450b49fb5925c_mafia_JC.exe
Size

1.9MB
MD5

fa8260f1a8f8e68159b450b49fb5925c
SHA1

9fdcea155eb14f0ef6dbcda6329bce1389879811
SHA256

1b994f6650530e119a136ecf1100f54a57b449a9f4af1d06708b30e5ed249f98
SHA512

ea452f78ce3fd2f183240914dbae8aaca867ddf702976df95947e186e7dcaddacd53e9f764c3c12c422bdae5bf7b40c0a894dab3cb5905ddeb29b0f37e5f141c
SSDEEP

49152:eU3dRoJayclAR/6FsJEER1KF681n5ru4mkKqjE5vOtfB7/AvEOR+NelkII:eCcJaycl06FsdR1Kg81n564mkKqw5yYm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa8260f1a8f8e68159b450b49fb5925c_mafia_JC.exe

Files

fa8260f1a8f8e68159b450b49fb5925c_mafia_JC.exe
.exe windows x86

fd0085019f677d1e122c30d960ad386e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsDialogMessageA
GetNextDlgTabItem
CreateDialogIndirectParamA
GetActiveWindow
PostQuitMessage
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
InflateRect
GetMenuItemInfoA
DestroyMenu
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetWindowDC
BeginPaint
EndPaint
GetSysColorBrush
UnregisterClassA
RealChildWindowFromPoint
CopyImage
SetRectEmpty
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadCursorW
DeleteMenu
SetCapture
ReleaseCapture
WaitMessage
DestroyIcon
CharNextA
CopyAcceleratorTableA
IsRectEmpty
IntersectRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
SetWindowRgn
SetParent
DestroyAcceleratorTable
CreatePopupMenu
NotifyWinEvent
SetClassLongA
LoadMenuW
DrawStateA
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
ToAsciiEx
GetKeyboardLayout
LoadAcceleratorsW
CreateAcceleratorTableA
SetCursorPos
BringWindowToTop
LockWindowUpdate
GetMenuDefaultItem
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
LoadImageA
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
RegisterClipboardFormatA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
CheckDlgButton
MonitorFromPoint
UnionRect
UpdateLayeredWindow
IsMenu
CreateMenu
PostThreadMessageA
SetMenuDefaultItem
FrameRect
GetUpdateRect
LoadImageW
CopyIcon
CharUpperBuffA
GetDoubleClickTime
GetKeyNameTextA
MapVirtualKeyExA
SubtractRect
DestroyCursor
GetWindowRgn
SendDlgItemMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
ValidateRect
GetClassInfoExA
GetClassInfoA
RegisterClassA
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetWindowLongA
SetWindowLongA
CopyRect
PtInRect
GetWindow
UnhookWindowsHookEx
GetMenuState
AppendMenuA
InsertMenuA
RemoveMenu
GetSysColor
KillTimer
SetTimer
RedrawWindow
InvalidateRect
UpdateWindow
FillRect
OffsetRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
TranslateMDISysAccel
ExitWindowsEx
EnumThreadWindows
EndDialog
GetKeyboardState
SetKeyboardState
GetAsyncKeyState
GetKeyState
GetKeyboardLayoutNameA
VkKeyScanA
IsZoomed
GetMenu
GetMenuItemCount
GetMenuStringA
GetMenuItemID
GetSubMenu
IsWindowEnabled
MapVirtualKeyA
GetDlgCtrlID
ScreenToClient
SetActiveWindow
SetFocus
MoveWindow
GetFocus
EnumChildWindows
GetCaretPos
ClientToScreen
IsWindowVisible
IsCharUpperA
IsCharLowerA
IsCharAlphaNumericA
IsCharAlphaA
WaitForInputIdle
RegisterHotKey
WindowFromPoint
AttachThreadInput
GetCursor
SystemParametersInfoA
SetRect
AdjustWindowRectEx
CreateWindowExA
mouse_event
GetCursorPos
GetDC
ReleaseDC
EmptyClipboard
SetClipboardData
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
SendMessageTimeoutA
SetWindowTextA
CharUpperA
CharLowerA
PeekMessageA
TranslateMessage
DispatchMessageA
PostMessageA
GetMessageA
DestroyWindow
UnregisterHotKey
GetForegroundWindow
keybd_event
EnumWindows
GetWindowRect
GetClassNameA
FindWindowA
GetWindowTextA
GetParent
GetWindowThreadProcessId
IsWindow
ShowWindow
SetForegroundWindow
SetWindowPos
IsChild
MessageBoxA
SetCursor
LoadIconW
GetClientRect
IsIconic
GetSystemMenu
SendMessageA
DrawIcon
GetDesktopWindow
LoadCursorA
GetSystemMetrics
LoadIconA
EnableWindow

gdi32

FrameRgn
FillRgn
PtInRegion
GetWindowOrgEx
LPtoDP
EnumFontFamiliesExA
SetPixel
StretchBlt
SetDIBColorTable
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Ellipse
Polyline
CreateEllipticRgn
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
PatBlt
GetMapMode
CombineRgn
SetRectRgn
GetBoundsRect
GetBkColor
GetTextCharsetInfo
EnumFontFamiliesA
CreateRectRgnIndirect
CreateDIBitmap
CreateHatchBrush
CreatePen
GetObjectType
SelectPalette
CreatePatternBrush
GetPixel
CreateFontA
DeleteDC
GetDeviceCaps
GetTextFaceA
SelectObject
GetStockObject
CreateDCA
ExtSelectClipRgn
ExtFloodFill
SetPaletteEntries
GetTextColor
SetPixelV
GetTextMetricsA
GetTextExtentPoint32A
GetViewportOrgEx
SetViewportOrgEx
DPtoLP
DeleteObject
CreateSolidBrush
CopyMetaFileA
SetTextColor
SetBkColor
CreateBitmap
ExtTextOutA
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
BitBlt
Rectangle
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontIndirectA
GetRgnBox
GetObjectA
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
ScaleWindowExtEx
GetLayout
SetLayout
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
Escape
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn

winmm

timeSetEvent
timeKillEvent
timeEndPeriod
timeGetDevCaps
timeBeginPeriod
mciSendStringA
timeGetTime
PlaySoundA
waveOutSetVolume

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

advapi32

LookupPrivilegeValueA
RegQueryValueExA
RegOpenKeyExA
CloseServiceHandle
UnlockServiceDatabase
LockServiceDatabase
RegQueryValueA
RegEnumKeyA
OpenProcessToken
RegCloseKey
AdjustTokenPrivileges
RegEnumValueA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegConnectRegistryA
RegEnumKeyExA
RegDeleteKeyA
GetUserNameA
OpenSCManagerA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
SHGetMalloc
SHFileOperationA
Shell_NotifyIconA
ShellExecuteExA
SHAppBarMessage
SHGetFileInfoA
SHGetSpecialFolderLocation
DragFinish
DragQueryFileA
SHGetDesktopFolder

ole32

OleGetClipboard
CoFreeUnusedLibraries
CLSIDFromProgID
CoCreateGuid
OleUninitialize
CoInitializeEx
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
CoRevokeClassObject
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
RevokeDragDrop
OleInitialize
OleDuplicateData
CoTaskMemAlloc
StgOpenStorageOnILockBytes
CoGetClassObject
RegisterDragDrop
CLSIDFromString
ReleaseStgMedium
CreateStreamOnHGlobal
CoInitialize
CoCreateInstance
CoUninitialize
CoLockObjectExternal
CoTaskMemFree

oleaut32

VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SysAllocStringLen
SysStringLen
SystemTimeToVariantTime
SysFreeString
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
OleLoadPicture
SysAllocStringByteLen
VariantClear
VariantChangeType
VariantInit

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

wsock32

WSAStartup
gethostname
gethostbyname
WSACleanup
inet_addr

mpr

WNetUseConnectionA
WNetCancelConnection2A
WNetGetConnectionA

shlwapi

PathRemoveFileSpecW
PathStripToRootA
PathFindFileNameA
PathFindExtensionA
PathFileExistsA
PathAppendA
PathIsUNCA

kernel32

GetFullPathNameA
GetFileAttributesA
GetWindowsDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
FileTimeToSystemTime
FileTimeToLocalFileTime
Sleep
CreateFileA
FindNextFileA
FindFirstFileA
MultiByteToWideChar
GetDriveTypeA
SetErrorMode
GetDiskFreeSpaceA
GetModuleHandleA
GetVolumeInformationA
SetVolumeLabelA
GetShortPathNameA
LocalFileTimeToFileTime
SystemTimeToFileTime
GetEnvironmentVariableA
SetEnvironmentVariableA
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentThreadId
GlobalMemoryStatus
ReadFile
GetFileSize
QueryPerformanceCounter
QueryPerformanceFrequency
GetTempPathA
GetSystemDirectoryA
GetComputerNameA
TerminateProcess
CreateProcessA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
ReadProcessMemory
RemoveDirectoryA
SetFileTime
GetCurrentProcess
WaitForSingleObject
MoveFileA
GetTickCount
MulDiv
lstrlenA
lstrlenW
LocalFree
GlobalSize
GlobalFree
SetLastError
DeactivateActCtx
CreateActCtxW
ReleaseActCtx
ActivateActCtx
GetModuleFileNameW
InterlockedDecrement
lstrcmpW
LoadLibraryW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CompareStringA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
FreeResource
FindResourceA
GetCurrentProcessId
InterlockedExchange
GetModuleHandleW
LoadLibraryExA
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
SetThreadPriority
ResumeThread
GetPrivateProfileIntA
GetThreadLocale
lstrcmpiA
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetFileAttributesExA
GetFileSizeEx
InterlockedIncrement
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
GetSystemDirectoryW
lstrcpyA
GetACP
GetTempFileNameA
GetNumberFormatA
GetProfileIntA
SearchPathA
VirtualProtect
FindResourceExW
DecodePointer
EncodePointer
RtlUnwind
RaiseException
GetSystemTimeAsFileTime
HeapFree
ExitProcess
GetTimeZoneInformation
ExitThread
CreateThread
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapAlloc
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
SetStdHandle
GetFileType
HeapQueryInformation
HeapSize
GetStdHandle
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsValidCodePage
GetConsoleCP
GetConsoleMode
SetHandleCount
LCMapStringW
HeapCreate
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeW
CompareStringW
WriteConsoleW
CreateFileW
GetProcessHeap
GetExitCodeProcess
FindClose
FormatMessageA
lstrcmpA
OpenProcess
CloseHandle
LoadLibraryA
GetProcAddress
FreeLibrary
GetVersionExA
GetSystemTime
SystemTimeToTzSpecificLocalTime
CreateDirectoryA
GetLastError
SetFileAttributesA
DeleteFileA
CopyFileA
GetModuleFileNameA
GetCurrentDirectoryA
SetCurrentDirectoryA
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
GetFileTime

msimg32

TransparentBlt
AlphaBlend

oledlg

ord8

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

gdiplus

GdipFree
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipAlloc

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

comctl32

ImageList_GetIconSize

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 294KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd0085019f677d1e122c30d960ad386e

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

winmm

comdlg32

advapi32

shell32

ole32

oleaut32

version

wsock32

mpr

shlwapi

kernel32

msimg32

oledlg

oleacc

gdiplus

imm32

winspool.drv

comctl32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 294KB - Virtual size: 294KB

.data Size: 31KB - Virtual size: 121KB

.rsrc Size: 25KB - Virtual size: 24KB

.reloc Size: 180KB - Virtual size: 180KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 294KB - Virtual size: 294KB

.data
Size: 31KB - Virtual size: 121KB

.rsrc
Size: 25KB - Virtual size: 24KB

.reloc
Size: 180KB - Virtual size: 180KB