2023-08-22_c932802584550b8d7acc40d96f189f76_mafia_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-22_c932802584550b8d7acc40d96f189f76_mafia_JC.exe
Size

148KB
MD5

c932802584550b8d7acc40d96f189f76
SHA1

29e896222594d04a75b8d3c44fcc98a58b9b6dd9
SHA256

303202dbe111110d15e480e586a2a0108099df04f33932d8cf49e1ffd8b8e79f
SHA512

4f505ae301efbb6a22f0dbfff62ca5e400a8eba6876c62e5b87f991e001dede7ae363a9fa645a743aa197b35ee3c516fec20f1f7356d7746b1deec3bd93e7abc
SSDEEP

3072:0m4Y2ilPTbqcbTCFZQPaWMHGh1LQRC9tmUnioMMjZ/NOjLj:+ilPqcHCFnW8Gh1oCyTMjDOj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-22_c932802584550b8d7acc40d96f189f76_mafia_JC.exe

Files

2023-08-22_c932802584550b8d7acc40d96f189f76_mafia_JC.exe
.exe windows x86

eb113534c95f088f707336dac016ddfc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyW
AddAccessAllowedAceEx
RegQueryValueExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetFileSecurityW
InitializeAcl
AllocateAndInitializeSid
FreeSid
RegSetKeySecurity
RegOpenKeyExW
GetLengthSid
CheckTokenMembership
RegCloseKey
RegSetValueExW
RegOpenKeyW

psapi

GetModuleFileNameExW
EnumProcessModules
EnumProcesses

kernel32

SetStdHandle
RtlUnwind
GetCommandLineW
GetFileSize
FindFirstFileW
FindResourceExW
FindResourceW
LoadResource
CreateDirectoryW
WaitForSingleObject
GetModuleHandleW
GetTickCount
OpenProcess
Sleep
SizeofResource
GetFileAttributesW
TerminateProcess
ReadFile
CreateFileW
MultiByteToWideChar
lstrlenW
GetLastError
GetProcAddress
MoveFileW
FindClose
LockResource
RemoveDirectoryW
FindNextFileW
CloseHandle
DeleteFileW
SetFileAttributesW
CreateThread
WideCharToMultiByte
WaitNamedPipeW
WriteFile
DisconnectNamedPipe
FlushFileBuffers
LoadLibraryW
GetModuleFileNameW
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
HeapCreate
LCMapStringW
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
EncodePointer
DecodePointer
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
IsProcessorFeaturePresent
ExitProcess
GetUserDefaultLCID
GetLocaleInfoW
GetLocaleInfoA
WriteConsoleW

user32

SendNotifyMessageW

ole32

CoUninitialize
CoInitialize
CoCreateInstance

shell32

SHChangeNotify
CommandLineToArgvW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetMalloc

shlwapi

SHDeleteKeyW

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb113534c95f088f707336dac016ddfc

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

psapi

kernel32

user32

ole32

shell32

shlwapi

Sections

.text Size: 111KB - Virtual size: 110KB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 4KB - Virtual size: 16KB

.rsrc Size: 1024B - Virtual size: 608B

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 111KB - Virtual size: 110KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 4KB - Virtual size: 16KB

.rsrc
Size: 1024B - Virtual size: 608B

.reloc
Size: 9KB - Virtual size: 8KB