2023-08-23_6331d58bad1108a323daaff1d03977bd_mafia_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-23_6331d58bad1108a323daaff1d03977bd_mafia_JC.exe
Size

1.2MB
MD5

6331d58bad1108a323daaff1d03977bd
SHA1

9e70142ab5499ca15c3bb2db45563353911e2c8c
SHA256

41e26a2427f26b1b1b3f0693ec315f992be422c880ab74e15e597df746d102ce
SHA512

b4e09433b9a9c6edb33d161fa70fcacadb658991aafcaa64c8adc00c9f499f15333a8010526d9adc2d3997d2b3b201226ab33591070bfa521c4b01e5ee9c6f2a
SSDEEP

24576:cudEjOpKhWQo8OkfahCU0WKrPv8IZE8sTFUPxJgcIc:dtQVOkfTLdE8sTmJJgcIc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-23_6331d58bad1108a323daaff1d03977bd_mafia_JC.exe

Files

2023-08-23_6331d58bad1108a323daaff1d03977bd_mafia_JC.exe
.exe windows x86

da69a5308975fdee3bc761ee034e911e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CreateMutexA
WaitForSingleObject
ReleaseMutex
ReleaseSemaphore
UnmapViewOfFile
Process32Next
Process32First
CreateToolhelp32Snapshot
OpenSemaphoreA
CreateSemaphoreA
OpenFileMappingA
MapViewOfFile
CreateFileMappingA
CreateProcessA
GetSystemPowerStatus
GetCurrentDirectoryA
GetModuleFileNameA
CreateDirectoryA
GetTickCount
CompareStringW
lstrlenA
DeviceIoControl
OpenProcess
SetEndOfFile
WriteConsoleW
CreateFileA
LoadLibraryW
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetACP
CreateFileW
CloseHandle
SetFilePointer
SetStdHandle
ReadFile
GetConsoleCP
HeapReAlloc
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetLastError
TlsFree
TerminateProcess
ResumeThread
OpenThread
SuspendThread
GetCurrentThreadId
GetCurrentProcessId
WideCharToMultiByte
MultiByteToWideChar
SetThreadPriority
GetProcessHeap
GetCurrentThread
TlsSetValue
TlsGetValue
TlsAlloc
GetFileType
SetHandleCount
HeapCreate
GetLocaleInfoW
GetModuleFileNameW
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleW
SetEnvironmentVariableA
GetProcAddress
HeapSize
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetCPInfo
LCMapStringW
HeapAlloc
CreateThread
ExitThread
GetConsoleMode
RaiseException
AllocConsole
GetLastError
Sleep
FlushFileBuffers
CreateMutexW
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
InterlockedExchange
HeapFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RtlUnwind

user32

PostQuitMessage
DispatchMessageW
DefWindowProcW
CreateWindowExW
PeekMessageW
RegisterClassExW
TrackPopupMenu
LoadCursorW
SystemParametersInfoW
DrawIconEx
GetSysColorBrush
SetMenuItemBitmaps
SetForegroundWindow
LoadIconW
AppendMenuW
GetCursorPos
CreatePopupMenu
TranslateMessage
MessageBoxW
EnumDisplayDevicesA
GetDesktopWindow
GetWindowDC

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteDC

shell32

Shell_NotifyIconW
SHGetSpecialFolderPathA

setupapi

SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyA

Exports

Exports

EmulateHID

Sections

.text
Size: 688KB - Virtual size: 687KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 743KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 397KB - Virtual size: 397KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da69a5308975fdee3bc761ee034e911e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

setupapi

advapi32

Exports

Exports

Sections

.text Size: 688KB - Virtual size: 687KB

.rdata Size: 114KB - Virtual size: 114KB

.data Size: 21KB - Virtual size: 743KB

.rsrc Size: 397KB - Virtual size: 397KB

.reloc Size: 43KB - Virtual size: 42KB

.text
Size: 688KB - Virtual size: 687KB

.rdata
Size: 114KB - Virtual size: 114KB

.data
Size: 21KB - Virtual size: 743KB

.rsrc
Size: 397KB - Virtual size: 397KB

.reloc
Size: 43KB - Virtual size: 42KB