2023-08-22_90cb65fd8159b0d522e44d02b263150b_mafia_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-22_90cb65fd8159b0d522e44d02b263150b_mafia_JC.exe
Size

1.0MB
MD5

90cb65fd8159b0d522e44d02b263150b
SHA1

6026a8b48681be096e77c07c53182f08958628a9
SHA256

788fb53a40748e27b3d497334da25a0dea191fcadae92b31ec1d3b5707fc29bf
SHA512

de88f8de847b52b1175538dae9561bb9836703558330b1eb6ee6fd8985b5fd3d08c9c422b4ef63f4a6286c4698642430b3f108404b014937bc6e19a534f7a01c
SSDEEP

24576:7hRg8F5MMCS15ENa8ZxajqWbuMB5QY/TaLmMlxhV:NmpCjqWb9BmiuiQzV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-22_90cb65fd8159b0d522e44d02b263150b_mafia_JC.exe

Files

2023-08-22_90cb65fd8159b0d522e44d02b263150b_mafia_JC.exe
.exe windows x86

95c62c9fdf3332722dcbfe16459d485e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetFileType
DuplicateHandle
SetEnvironmentVariableA
SetEndOfFile
SetStdHandle
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetTimeZoneInformation
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetLocaleInfoW
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
FlushFileBuffers
SystemTimeToFileTime
GetConsoleCP
HeapCreate
IsProcessorFeaturePresent
SetHandleCount
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
CompareStringW
GetCPInfo
LCMapStringW
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineW
GetSystemTimeAsFileTime
GetStdHandle
WriteConsoleW
LocalFree
InitializeCriticalSection
DecodePointer
EncodePointer
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
DosDateTimeToFileTime
ExitProcess
GetACP
ReadFile
GetCurrentDirectoryW
GetTickCount
MulDiv
OutputDebugStringW
SetFileAttributesW
FindNextFileW
RemoveDirectoryW
FindClose
CreateFileW
GetFileAttributesW
WriteFile
GetPrivateProfileStringW
SetFilePointer
FindFirstFileW
GetFileSize
CreateThread
DeleteCriticalSection
lstrcmpiW
EnterCriticalSection
RaiseException
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryExW
GetProcAddress
LoadLibraryW
GetModuleHandleW
InterlockedIncrement
FreeLibrary
FreeResource
GetCurrentProcessId
DeleteFileW
CloseHandle
LockResource
GetLastError
GetTempPathW
lstrlenW
MultiByteToWideChar
GetModuleFileNameW
SizeofResource
CopyFileW
Sleep
WideCharToMultiByte
OpenProcess
WaitForSingleObject
CreateDirectoryW
CreateProcessW
LoadResource
FindResourceW
FindResourceExW
GetTempFileNameW
lstrcmpW
InterlockedDecrement
GetConsoleMode

user32

SetPropW
TranslateMessage
RegisterClassExW
GetPropW
DispatchMessageW
HideCaret
ShowCaret
GetSysColor
GetMessageW
DestroyIcon
DrawIconEx
GetUpdateRect
KillTimer
SetTimer
ShowWindow
GetClassInfoExW
wsprintfW
GetWindow
DefWindowProcW
RegisterClassW
MessageBoxW
CreateWindowExW
IsWindow
SetWindowPos
GetDesktopWindow
SetRect
CharPrevW
DrawTextW
LoadIconW
OffsetRect
InflateRect
wvsprintfW
PostMessageW
LoadImageW
SetWindowLongW
SystemParametersInfoW
GetWindowLongW
GetDC
LoadCursorW
GetParent
PostQuitMessage
CreateCaret
SetCaretPos
IsRectEmpty
GetFocus
GetWindowTextLengthW
GetWindowRect
MoveWindow
CharNextW
CallWindowProcW
GetMonitorInfoW
GetSystemMetrics
GetCursorPos
MonitorFromWindow
GetClassNameW
GetWindowPlacement
GetClientRect
IsZoomed
IsIconic
ScreenToClient
SetWindowRgn
SetWindowPlacement
ClientToScreen
MapWindowPoints
SendMessageW
IntersectRect
SetForegroundWindow
ReleaseCapture
ReleaseDC
InvalidateRect
BeginPaint
CreateAcceleratorTableW
InvalidateRgn
SetCapture
FillRect
DestroyWindow
EndPaint
PtInRect
SetCursor
SetWindowTextW
EnableWindow
GetWindowTextW
SetFocus
GetKeyState

gdi32

GetStockObject
CreateSolidBrush
GetTextExtentPoint32W
GetDeviceCaps
CreateRoundRectRgn
DeleteDC
CreateDIBSection
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
SetWindowOrgEx
TextOutW
SetBkMode
RoundRect
GetClipBox
SetStretchBltMode
GetCharABCWidthsW
ExtTextOutW
CreateRectRgnIndirect
CreatePenIndirect
SelectClipRgn
SetBkColor
StretchBlt
LineTo
MoveToEx
SetTextColor
GetObjectA
GetObjectW
CreateFontIndirectW
GetPixel
CreateRectRgn
CombineRgn
PtInRegion
RestoreDC
CreatePen
SaveDC
Rectangle
ExtSelectClipRgn
BitBlt
GetTextMetricsW

advapi32

RegDeleteValueW
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
RegQueryValueExW
RegDeleteKeyW
RegQueryInfoKeyW

shell32

Shell_NotifyIconW
ShellExecuteW
SHGetFolderPathW

ole32

CLSIDFromString
CLSIDFromProgID
OleLockRunning
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
OleUninitialize
OleInitialize
CoTaskMemRealloc
CoUninitialize
CoCreateInstance
CreateStreamOnHGlobal

oleaut32

VariantChangeType
VariantCopy
VariantClear
SysFreeString
SysAllocString
VarUI4FromStr
SysAllocStringLen
VariantInit

shlwapi

PathFileExistsW

winmm

timeSetEvent
timeEndPeriod
timeKillEvent
timeBeginPeriod
timeGetDevCaps
timeGetTime

comctl32

ord17
_TrackMouseEvent

gdiplus

GdipDeleteFont
GdipSetTextRenderingHint
GdipSetStringFormatLineAlign
GdipCreateFontFromLogfontA
GdipCloneBrush
GdipDeleteBrush
GdipImageGetFrameCount
GdipSetStringFormatAlign
GdipDrawImageI
GdipGetPropertyItem
GdipImageSelectActiveFrame
GdipImageGetFrameDimensionsList
GdiplusStartup
GdipReleaseDC
GdipGetImageWidth
GdipCloneImage
GdipCreateFromHDC
GdipDisposeImage
GdipAlloc
GdipSetSmoothingMode
GdipLoadImageFromFile
GdipDrawImageRectI
GdipDeleteGraphics
GdipGetImageHeight
GdipFree
GdipLoadImageFromStream
GdiplusShutdown
GdipDrawString
GdipCreateLineBrushI
GdipCreateStringFormat
GdipDeleteStringFormat
GdipCreateFontFromDC
GdipImageGetFrameDimensionsCount
GdipGetPropertyItemSize

wininet

HttpSendRequestW
InternetCloseHandle
InternetConnectW
InternetReadFile
HttpOpenRequestW
HttpAddRequestHeadersW
InternetCrackUrlW
InternetOpenW
InternetCheckConnectionW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 586KB - Virtual size: 586KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 270KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95c62c9fdf3332722dcbfe16459d485e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

winmm

comctl32

gdiplus

wininet

version

Sections

.text Size: 586KB - Virtual size: 586KB

.rdata Size: 117KB - Virtual size: 117KB

.data Size: 13KB - Virtual size: 36KB

.rsrc Size: 270KB - Virtual size: 269KB

.reloc Size: 43KB - Virtual size: 43KB

.text
Size: 586KB - Virtual size: 586KB

.rdata
Size: 117KB - Virtual size: 117KB

.data
Size: 13KB - Virtual size: 36KB

.rsrc
Size: 270KB - Virtual size: 269KB

.reloc
Size: 43KB - Virtual size: 43KB