2023-08-26_35bdfd1c94a8e45febede589ebccca1f_mafia_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-26_35bdfd1c94a8e45febede589ebccca1f_mafia_JC.exe
Size

373KB
MD5

35bdfd1c94a8e45febede589ebccca1f
SHA1

9c7e8471d9a43f2ecfcb2596f3b2456e0ad9e84d
SHA256

ab650c68114591fed5088db379f6aaf8d1e828766f60651436f9dd6e789e0d2b
SHA512

c7d9c3375b094913d25f0d5a1ae022e9c5dbf447b2b058290e78a6ef709b936df4ea951abbeac7e3bdef4a6c22d77d256cfbba7b6acc24e8db5391158025424d
SSDEEP

6144:2q7QGY4zfhFKayXR3zK0HLbD+uXP9ByLmsI5xxTBROTAfrgNuAU:18GY4zfhFPyXVl+gP9By6sI5xxTfOTzU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-26_35bdfd1c94a8e45febede589ebccca1f_mafia_JC.exe

Files

2023-08-26_35bdfd1c94a8e45febede589ebccca1f_mafia_JC.exe
.exe windows x86

7315f9f3d3a5dcb1d5eee72c6dfc37e0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

lz32

LZRead
LZClose
LZInit

kernel32

GetFileAttributesW
SetFileAttributesW
FindNextFileW
GetDriveTypeW
GetVolumeInformationW
Sleep
GetEnvironmentVariableW
lstrcmpiW
GetVersionExW
GetCommandLineW
GetModuleFileNameW
lstrlenW
lstrcpyW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetCurrentThreadId
GetShortPathNameW
GetDateFormatW
GetUserDefaultLCID
SystemTimeToFileTime
FileTimeToSystemTime
GetTickCount
GetLocalTime
WideCharToMultiByte
SetFilePointer
GetFullPathNameW
CreateFileW
MultiByteToWideChar
LoadResource
LockResource
SizeofResource
IsBadWritePtr
FindResourceW
GetModuleHandleW
CreateDirectoryW
RemoveDirectoryW
SetLastError
GetCurrentProcess
CreateProcessW
WaitForSingleObject
GetExitCodeProcess
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetDiskFreeSpaceExW
SetVolumeLabelW
MoveFileW
QueryPerformanceFrequency
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcAddress
GetLocaleInfoW
IsProcessorFeaturePresent
RaiseException
GetStdHandle
ExitProcess
HeapCreate
GetStringTypeW
LCMapStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
SetStdHandle
FlushFileBuffers
GetFileType
GetProcessHeap
SetEndOfFile
WriteConsoleW
GetConsoleMode
GetConsoleCP
HeapReAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
HeapAlloc
HeapFree
HeapSize
InterlockedExchange
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
DeleteFileW
GetTempPathW
GetTempFileNameW
LoadLibraryW
FreeLibrary
CompareFileTime
GetFileTime
FindClose
FindFirstFileW
GetLastError
CloseHandle
SetFileTime
WriteFile
ReadFile
DeleteCriticalSection
GetCurrentProcessId
CompareStringW
GetTimeZoneInformation
RtlUnwind
SetEnvironmentVariableA
InterlockedCompareExchange
GetModuleFileNameA
InitializeCriticalSection

user32

DialogBoxIndirectParamW
EnableWindow
MessageBoxW
IsWindowVisible
LoadStringW
MapWindowPoints
GetClientRect
GetSystemMetrics
SystemParametersInfoW
GetWindowRect
EnumThreadWindows
GetWindow
GetParent
SetWindowPos
GetWindowLongW
SetWindowLongW
ShowWindow
MessageBeep
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
DdeUninitialize
DdeInitializeW
FindWindowW
SendMessageW
CreateWindowExW
RegisterClassW
DefWindowProcW
EndDialog
PostMessageW
CheckDlgButton
SetWindowTextW
GetWindowTextW
GetDlgItem
SetFocus
SetForegroundWindow
GetDlgItemTextW
IsDlgButtonChecked
DestroyWindow
CreateDialogParamW
IsWindowEnabled
BringWindowToTop
SetDlgItemTextW
DispatchMessageW
TranslateMessage
PeekMessageW
IsDialogMessageW
SetCursor
LoadCursorW
LoadIconW

gdi32

GetStockObject

comdlg32

GetSaveFileNameW

advapi32

RegSetValueA
RegQueryValueExA
RegQueryValueA
RegSetValueW
RegQueryValueW
RegOpenKeyW
RegCreateKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegEnumKeyExW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegSetValueExA

shell32

SHGetSpecialFolderLocation
ShellExecuteW
SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc

ole32

CoCreateInstance
OleInitialize
CoUninitialize
OleCreate
OleUninitialize
CoInitialize

oleaut32

SysFreeString

Sections

.text
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7315f9f3d3a5dcb1d5eee72c6dfc37e0

Headers

DLL Characteristics

File Characteristics

Imports

version

lz32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 272KB - Virtual size: 271KB

.rdata Size: 50KB - Virtual size: 49KB

.data Size: 12KB - Virtual size: 42KB

.rsrc Size: 21KB - Virtual size: 21KB

.reloc Size: 16KB - Virtual size: 16KB

.text
Size: 272KB - Virtual size: 271KB

.rdata
Size: 50KB - Virtual size: 49KB

.data
Size: 12KB - Virtual size: 42KB

.rsrc
Size: 21KB - Virtual size: 21KB

.reloc
Size: 16KB - Virtual size: 16KB