2023-08-22_0046f01023c89b15fa521c752d1148dc_mafia_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-22_0046f01023c89b15fa521c752d1148dc_mafia_JC.exe
Size

2.1MB
MD5

0046f01023c89b15fa521c752d1148dc
SHA1

cb17a84c05adbdd877cf9e974ca86baaf10b0a6c
SHA256

da1a921c0ea957c2b98cec66ffd8ec59e51628b3cee75b20510b7b2207410788
SHA512

9a640fe1a5982905f49a8496cc767e5dcf85df104fbb1c9df88dfc71a91a8eb44679fb4b2b53ad6ddad808caa3fe88ccd17caecf9b75caa1b7d71c8620c45829
SSDEEP

49152:v7yYsHEadrN+woMB4Y+xNvplfly2OSf8XulvigAQRjTVN4O7gQyYMAFew:ladrN+wH4Y+xN3fly2OSf8XulvMKX4ON

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-22_0046f01023c89b15fa521c752d1148dc_mafia_JC.exe

Files

2023-08-22_0046f01023c89b15fa521c752d1148dc_mafia_JC.exe
.exe windows x86

c34664d8cde726242ce41e73a18f2314

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FindFirstUrlCacheEntryA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetQueryDataAvailable
HttpQueryInfoA
InternetCloseHandle
InternetGetLastResponseInfoA
InternetOpenA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
FindCloseUrlCache
InternetOpenUrlA
DeleteUrlCacheEntry
FindNextUrlCacheEntryA

kernel32

QueryPerformanceCounter
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
CompareStringW
GetEnvironmentStringsW
WriteConsoleW
GetProcessHeap
CreateFileW
SetEnvironmentVariableA
FreeEnvironmentStringsW
SetHandleCount
FreeLibrary
GetProcAddress
LoadLibraryA
LocalFree
FormatMessageA
MultiByteToWideChar
FindResourceW
SizeofResource
LockResource
LoadResource
WideCharToMultiByte
CreateFileA
CreateFileMappingA
MapViewOfFile
GetFileSize
GetModuleFileNameA
GetModuleHandleA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
InterlockedDecrement
CreateProcessA
GetLastError
lstrcmpW
GetCurrentDirectoryA
lstrlenA
FindNextFileA
FindFirstFileA
GlobalReAlloc
SetLastError
DeactivateActCtx
ActivateActCtx
SystemTimeToFileTime
GetLocalTime
FileTimeToSystemTime
DeleteFileA
GetTickCount
SetFilePointer
GetFileType
GetStringTypeW
LCMapStringW
IsValidCodePage
HeapCreate
IsProcessorFeaturePresent
GetStdHandle
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
HeapSize
HeapQueryInformation
SetStdHandle
CreateThread
ExitThread
HeapReAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
ExitProcess
HeapAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapFree
RaiseException
EncodePointer
DuplicateHandle
GetCurrentProcess
CloseHandle
DecodePointer
RtlUnwind
FindResourceExW
VirtualProtect
SearchPathA
Sleep
GetProfileIntA
SetErrorMode
GetTempPathA
GetTempFileNameA
GetNumberFormatA
GetWindowsDirectoryA
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFullPathNameA
GetVolumeInformationA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
MoveFileA
lstrcmpiA
lstrcpyA
GetSystemDirectoryW
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
TlsGetValue
GetACP
GlobalFlags
LocalAlloc
FileTimeToLocalFileTime
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
lstrcmpA
GetModuleHandleW
GetThreadLocale
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
CopyFileA
GlobalSize
lstrlenW
GetCurrentProcessId
MulDiv
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
CompareStringA
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
FindResourceA
FreeResource
GetFileAttributesA
SetFileAttributesA
WriteFile
SetFileTime
CreateDirectoryA
DosDateTimeToFileTime
ReadFile

user32

MonitorFromPoint
UpdateLayeredWindow
MapVirtualKeyExA
IsCharLowerA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
RegisterClipboardFormatA
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
DrawFrameControl
DrawStateA
LoadMenuW
SetClassLongA
DestroyAcceleratorTable
DrawIconEx
GetIconInfo
NotifyWinEvent
EnableScrollBar
HideCaret
InvertRect
GetAsyncKeyState
GetMenuDefaultItem
UnionRect
SetParent
GetSystemMenu
MessageBeep
CharUpperA
DeleteMenu
SetCapture
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableA
UnregisterClassA
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
GetSysColorBrush
CopyImage
RealChildWindowFromPoint
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadImageA
DestroyIcon
LoadAcceleratorsA
InsertMenuItemA
IntersectRect
BringWindowToTop
TranslateAcceleratorA
SetRectEmpty
IsZoomed
MapVirtualKeyA
GetKeyNameTextA
WaitMessage
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
GetMessageA
TranslateMessage
PostQuitMessage
CharNextA
DestroyMenu
GetMenuItemInfoA
InflateRect
GetMenuStringA
InsertMenuA
RemoveMenu
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
IsMenu
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
GetCapture
DrawEdge
ClientToScreen
ReleaseCapture
PostMessageA
ValidateRect
UpdateWindow
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
PostThreadMessageA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
SetMenuDefaultItem
GetWindowRgn
DestroyCursor
SubtractRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
PtInRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetDoubleClickTime
CharUpperBuffA
CopyIcon
GetUpdateRect
FrameRect
ShowWindow
IsClipboardFormatAvailable
GetNextDlgGroupItem
EndDialog
GetNextDlgTabItem
IsWindowEnabled
DrawFocusRect
GetSysColor
IsWindowVisible
EqualRect
KillTimer
IsWindow
SetTimer
ReleaseDC
SetWindowRgn
LoadBitmapW
SetRect
GetKeyState
FillRect
GetClientRect
IsIconic
DrawIcon
OffsetRect
LoadCursorA
SetCursor
InvalidateRect
CopyRect
GetSystemMetrics
AppendMenuA
CreatePopupMenu
GetCursorPos
LoadIconA
RedrawWindow
LoadIconW
MessageBoxA
GetWindowRect
GetDC
AdjustWindowRect
SystemParametersInfoA
SetWindowPos
GetWindowLongA
EnableWindow
SendMessageA
GetParent
SetWindowLongA
WindowFromPoint

gdi32

SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
CreatePen
CreateHatchBrush
CopyMetaFileA
CreateDCA
GetBkColor
SetBkMode
CreateRectRgnIndirect
PatBlt
GetTextMetricsA
SetRectRgn
GetMapMode
DPtoLP
EnumFontFamiliesA
GetTextCharsetInfo
GetRgnBox
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
Rectangle
OffsetRgn
EnumFontFamiliesExA
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceA
SaveDC
RestoreDC
CreateBitmap
SetBkColor
SetTextColor
GetTextExtentPoint32A
GetDeviceCaps
CreateDIBitmap
GetBitmapBits
SetPixel
CreateBitmapIndirect
SelectClipRgn
GetPixel
CreateRectRgn
ExtCreateRegion
CombineRgn
TextOutA
StretchBlt
CreateFontIndirectA
GetStockObject
BitBlt
GetObjectA
SetDIBColorTable
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
CreateDIBSection
DeleteObject
GetTextColor
DeleteDC
CreateSolidBrush

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegCloseKey
RegEnumKeyExA

shell32

SHGetSpecialFolderPathA
ShellExecuteA
DragFinish
DragQueryFileA
SHAppBarMessage
SHBrowseForFolderA
Shell_NotifyIconA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetFileInfoA

comctl32

ord17
_TrackMouseEvent
ImageList_GetIconSize

shlwapi

PathFindFileNameA
UrlUnescapeA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

ole32

CoRevokeClassObject
CoRegisterMessageFilter
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoInitialize
CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal
CoTaskMemFree

oleaut32

VariantInit
VariantClear
VariantCopy
VariantChangeType
OleCreateFontIndirect
SysStringLen
SysAllocStringLen
SafeArrayDestroy
SystemTimeToVariantTime
VarBstrFromDate
SysAllocString
SysFreeString
SysStringByteLen
SysAllocStringByteLen
VariantTimeToSystemTime

oledlg

ord8

wsock32

WSAStartup
WSACleanup
WSASetLastError
select
__WSAFDIsSet
closesocket
gethostbyname
socket
ioctlsocket
htons
inet_ntoa
connect

gdiplus

GdipGetImageHeight
GdipCreateFromHDC
GdipReleaseDC
GdipSetSmoothingMode
GdipDrawImageRectI
GdipDisposeImage
GdipCloneImage
GdipAlloc
GdipCreateBitmapFromStreamICM
GdipGetImageGraphicsContext
GdipDrawImageI
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdiplusShutdown
GdipDrawImagePointsI
GdipCreateBitmapFromHBITMAP
GdipSetInterpolationMode
GdipDeleteGraphics
GdipFree
GdipGetImageWidth
GdipCreateBitmapFromStream

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 302KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c34664d8cde726242ce41e73a18f2314

Headers

DLL Characteristics

File Characteristics

Imports

wininet

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

wsock32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 302KB - Virtual size: 301KB

.data Size: 31KB - Virtual size: 63KB

.rsrc Size: 92KB - Virtual size: 92KB

.reloc Size: 174KB - Virtual size: 174KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 302KB - Virtual size: 301KB

.data
Size: 31KB - Virtual size: 63KB

.rsrc
Size: 92KB - Virtual size: 92KB

.reloc
Size: 174KB - Virtual size: 174KB