2023-08-26_113021fb7d4aae00452e4884f7618084_mafia_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-26_113021fb7d4aae00452e4884f7618084_mafia_JC.exe
Size

2.2MB
MD5

113021fb7d4aae00452e4884f7618084
SHA1

cfd272f6e9914fbbcaa3362a9548da2f9b83ce18
SHA256

9f969015dbf2103d9ff82909ee3dd5fb8aa4c3d9290b3cd5c99b12e23278bd22
SHA512

1ab76120a3b4eb29a1ce83f0dfa642805278c700cb2f8ccb69a5dac4b68d21c95f44b2be7f0a2665d0a7d5a7fa02a5e6d07da78fdbfe0d79a400a692f5db265f
SSDEEP

49152:AiS+7k28rdK3vXDwJ71Dbvo7awwscYbsXjJ7mpXWmmCkt1s0hoA7fjNzCZ:1SO8rdKfXM71DbvozcssXN7EXWmmBRhq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-26_113021fb7d4aae00452e4884f7618084_mafia_JC.exe

Files

2023-08-26_113021fb7d4aae00452e4884f7618084_mafia_JC.exe
.exe windows x86

fd58b3083e4ebe4d5ccfd4764ddeb01f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
MulDiv
GlobalAlloc
ActivateActCtx
DeactivateActCtx
SetLastError
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetTempFileNameA
MoveFileA
GlobalLock
GlobalUnlock
WriteFile
SetFileTime
GetCurrentDirectoryA
GetFileAttributesA
GetCurrentDirectoryW
LocalFileTimeToFileTime
lstrcpyA
lstrlenA
lstrcatA
SystemTimeToFileTime
ReadFile
SetFilePointer
GetCurrentThreadId
GetSystemInfo
DeleteFileA
CreateFileA
UnmapViewOfFile
CloseHandle
FindFirstFileA
FindClose
GetLastError
FindFirstFileExA
GetDriveTypeA
CreateDirectoryA
GetFileInformationByHandle
GetTempPathA
GetTickCount
MultiByteToWideChar
lstrlenW
LocalFree
FormatMessageA
GlobalSize
CopyFileA
GlobalFree
ReplaceFileA
GetFileTime
GetFullPathNameA
GetDiskFreeSpaceA
GetStringTypeExA
GetThreadLocale
lstrcmpiA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetModuleFileNameA
GetShortPathNameA
lstrcmpW
LoadLibraryW
CompareStringA
FreeLibrary
GetVersionExA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
FreeResource
FindResourceA
ReleaseActCtx
GetModuleFileNameW
GetCurrentProcessId
GetModuleHandleW
lstrcmpA
InterlockedExchange
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
SetThreadPriority
ResumeThread
WaitForSingleObject
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetProfileIntA
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesExA
GetFileSizeEx
GlobalFlags
GetCPInfo
GetOEMCP
GetACP
GetWindowsDirectoryA
GetNumberFormatA
InitializeCriticalSectionAndSpinCount
Sleep
VirtualProtect
SearchPathA
FindResourceExW
RtlUnwind
EncodePointer
DecodePointer
ExitProcess
RaiseException
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetCommandLineA
HeapSetInformation
VirtualAlloc
VirtualQuery
HeapReAlloc
ExitThread
CreateThread
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetStdHandle
IsValidCodePage
LCMapStringW
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStartupInfoW
HeapCreate
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeW
GetTimeZoneInformation
CompareStringW
WriteConsoleW
CreateFileW
GetProcessHeap
SetEnvironmentVariableA
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
GetDriveTypeW

user32

WinHelpA
LoadIconA
LoadIconW
RegisterWindowMessageA
GetMenuItemInfoA
DestroyMenu
DestroyCursor
LoadCursorW
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
GetActiveWindow
BringWindowToTop
TranslateMDISysAccel
RedrawWindow
GetDesktopWindow
IntersectRect
CreatePopupMenu
InsertMenuItemA
GetWindowThreadProcessId
DestroyIcon
LoadImageA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetWindowDC
BeginPaint
EndPaint
PostQuitMessage
ValidateRect
TranslateMessage
GetMessageA
ShowOwnedPopups
LoadAcceleratorsW
MapDialogRect
SetWindowContextHelpId
IsZoomed
GetKeyNameTextA
MapVirtualKeyA
IsRectEmpty
DeleteMenu
GetSystemMenu
SetParent
WindowFromPoint
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
SetCursorPos
GetSysColorBrush
RealChildWindowFromPoint
DrawIcon
SetWindowRgn
CopyAcceleratorTableA
CreateMenu
PostThreadMessageA
GetTabbedTextExtentW
EnumDisplayMonitors
SetLayeredWindowAttributes
UnionRect
EndDeferWindowPos
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
GetDCEx
LockWindowUpdate
GetMenuDefaultItem
InvertRect
NotifyWinEvent
GetIconInfo
CopyImage
DrawIconEx
WaitMessage
DrawEdge
DrawFrameControl
MonitorFromPoint
UpdateLayeredWindow
IsMenu
SetClassLongA
DestroyAcceleratorTable
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableA
RegisterClipboardFormatA
LoadImageW
IsCharLowerA
MapVirtualKeyExA
GetCapture
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
GetUpdateRect
CharUpperBuffA
SubtractRect
FrameRect
GetWindowRgn
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
GetSubMenu
LoadMenuW
ClientToScreen
GetParent
EnableWindow
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
GetFocus
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
PtInRect
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
GetMenu
IsIconic
AdjustWindowRectEx
CharUpperA
GetWindowTextLengthA
SetFocus
SetWindowPos
IsWindowEnabled
ShowWindow
MoveWindow
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
PostMessageA
CheckDlgButton
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
UpdateWindow
wsprintfA
GetSystemMetrics
SystemParametersInfoA
ReleaseDC
GetDC
InflateRect
OffsetRect
IsWindowVisible
GetWindowRect
RemovePropA
SetWindowLongA
GetPropA
UnhookWindowsHookEx
CallWindowProcA
CallNextHookEx
GetClassLongA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
CheckMenuItem
DestroyWindow
IsChild
CharNextA
SetRectEmpty
GetClipboardData
EmptyClipboard
SetClipboardData
CloseClipboard
GetKeyState
OpenClipboard
SetCapture
SetTimer
IsClipboardFormatAvailable
ReleaseCapture
GetCursorPos
LoadCursorA
SetCursor
IsWindow
EnableScrollBar
KillTimer
ScreenToClient
TranslateAcceleratorA
LoadAcceleratorsA
GetDlgItem
CreateCaret
GetAsyncKeyState
ShowCaret
HideCaret
SetCaretPos
DrawFocusRect
GetWindowTextA
SetPropA
GetWindowLongA
GetClassNameA
SetWindowsHookExA
GetSysColor
InvalidateRect
FillRect
SetRect
CopyRect
DrawStateA
SendMessageA
GetClientRect

gdi32

CopyMetaFileA
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
SetTextAlign
MoveToEx
SetLayout
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetStockObject
PatBlt
Rectangle
GetViewportOrgEx
EndDoc
AbortDoc
LineTo
GetLayout
SetPixelV
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
SetPaletteEntries
ExtFloodFill
EnumFontFamiliesExA
OffsetRgn
StretchBlt
SetDIBColorTable
CreateRoundRectRgn
Polygon
Polyline
CreatePolygonRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
GetRgnBox
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
DeleteDC
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetPixel
SetPixel
CreatePen
CreateSolidBrush
RoundRect
GetTextExtentPoint32A
CreateFontIndirectA
GetObjectA
GetDeviceCaps
GetWindowOrgEx
GetTextExtentPoint32W
GetTextExtentPointA
GetTextFaceA
SetAbortProc
EndPage
StartPage
StartDocA
DPtoLP
ExtTextOutA
SetBkColor
SetTextColor
CreateBitmap
CreateDCA
DeleteObject
GetTextAlign
GetTextColor
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetNearestColor
CreateDIBSection
Ellipse
LPtoDP
CreateEllipticRgn
GetBkColor
GetMapMode
CombineRgn
SetRectRgn
CreateRectRgnIndirect
StretchDIBits
CreateFontA
GetCharWidthA
GetTextMetricsA
CreateHatchBrush
GetObjectType
SelectPalette
CreatePatternBrush
ExtSelectClipRgn
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape

shell32

SHBrowseForFolderA
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
ExtractIconA
SHAddToRecentDocs
DragQueryFileA
DragFinish
SHGetFileInfoA
ShellExecuteA

msimg32

AlphaBlend
TransparentBlt

comctl32

_TrackMouseEvent
ImageList_GetIconSize

shlwapi

PathStripToRootA
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathIsUNCA

oledlg

ord8

wldap32

ord46
ord41
ord27
ord301
ord33
ord79
ord35
ord32
ord200
ord30
ord26
ord50
ord60
ord143
ord211
ord22

ws2_32

WSACleanup
WSAStartup
WSASetLastError
__WSAFDIsSet
WSAGetLastError
select
recv
WSAIoctl
setsockopt
ntohl
htonl
gethostname
ioctlsocket
listen
accept
recvfrom
sendto
getaddrinfo
freeaddrinfo
connect
socket
closesocket
getpeername
getsockopt
htons
bind
ntohs
getsockname
send

crypt32

CertFreeCertificateContext

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusShutdown
GdipDrawImageI

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

winspool.drv

OpenPrinterA
GetJobA
ClosePrinter
DocumentPropertiesA

comdlg32

GetFileTitleA

advapi32

RegSetValueExA
CryptImportKey
CryptEncrypt
CryptDestroyKey
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegCloseKey
RegSetValueA
SetFileSecurityA
GetFileSecurityA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyExA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA

ole32

OleGetClipboard
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
StringFromCLSID
CoTaskMemFree
OleLockRunning
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoInitializeEx
CoUninitialize
CreateStreamOnHGlobal
CoCreateInstance
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SysFreeString
SysAllocStringByteLen
VarBstrFromDate
VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
VariantCopy
OleCreateFontIndirect
SysAllocString
VariantClear
SafeArrayDestroy

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 361KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 186KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd58b3083e4ebe4d5ccfd4764ddeb01f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

msimg32

comctl32

shlwapi

oledlg

wldap32

ws2_32

crypt32

oleacc

gdiplus

imm32

winmm

winspool.drv

comdlg32

advapi32

ole32

oleaut32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 361KB - Virtual size: 360KB

.data Size: 27KB - Virtual size: 66KB

.reloc Size: 186KB - Virtual size: 185KB

.rsrc Size: 69KB - Virtual size: 72KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 361KB - Virtual size: 360KB

.data
Size: 27KB - Virtual size: 66KB

.reloc
Size: 186KB - Virtual size: 185KB

.rsrc
Size: 69KB - Virtual size: 72KB