2023-08-26_c297631ab40d872611ef803cb516b6c8_mafia_virut_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-26_c297631ab40d872611ef803cb516b6c8_mafia_virut_JC.exe
Size

2.5MB
MD5

c297631ab40d872611ef803cb516b6c8
SHA1

f62c71d3258a185277a684567135c9868b4f073d
SHA256

dcaeddaa48d43685be9e2e50106726e8b3d21938b63a5f07146d89c20242b09f
SHA512

a24c1525ff5ff3cd3f75f444d5c9691d8f742898f42265c561691ea9a645c5b17db5944be52101c0bc36efa5148443b609c1b4cc6f6fdbcca052b69604b7b88e
SSDEEP

49152:tWzueo3LNZKo4sePxFXkD3sydA1tcI4sS2Qw+Y0shJxiK3g3kwdwEzzyFpOTMLc:yueo3LNZf45Fc3sydA1tcI4sS2Qw/xL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-26_c297631ab40d872611ef803cb516b6c8_mafia_virut_JC.exe

Files

2023-08-26_c297631ab40d872611ef803cb516b6c8_mafia_virut_JC.exe
.exe windows:5 windows x86

b463e1cdf596cfc0bb4f2caa312049cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
LCMapStringW
GetConsoleCP
GetConsoleMode
IsProcessorFeaturePresent
GetStringTypeW
TerminateProcess
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
SetStdHandle
GetSystemInfo
VirtualAlloc
GetSystemTimeAsFileTime
HeapSize
HeapQueryInformation
ExitThread
HeapReAlloc
OpenMutexW
RaiseException
ExitProcess
RtlUnwind
HeapAlloc
HeapFree
DecodePointer
EncodePointer
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
GetOEMCP
GetUserDefaultLCID
VirtualProtect
SearchPathW
GetProfileIntW
GetNumberFormatW
GetTickCount
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
GetFileAttributesExW
GetTempPathW
GetTempFileNameW
SetErrorMode
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
GlobalGetAtomNameW
lstrlenA
GetThreadLocale
DeleteFileW
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GetCPInfo
UnhandledExceptionFilter
IsDebuggerPresent
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
GetSystemDirectoryW
GetCurrentDirectoryW
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GlobalFindAtomW
CompareStringW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GlobalAddAtomW
WritePrivateProfileStringW
ResumeThread
SetThreadPriority
CopyFileW
GlobalSize
MulDiv
GlobalUnlock
FreeResource
GlobalFree
lstrcmpA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
ActivateActCtx
LoadLibraryW
DeactivateActCtx
SetLastError
MultiByteToWideChar
WideCharToMultiByte
GlobalLock
GlobalAlloc
GetModuleHandleW
GetProcAddress
FreeLibrary
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
lstrcatW
Wow64RevertWow64FsRedirection
Wow64DisableWow64FsRedirection
GetSystemWindowsDirectoryW
Sleep
GetVersionExW
FileTimeToSystemTime
lstrcmpiW
FindClose
FindFirstFileW
GetWindowsDirectoryW
lstrcmpW
LocalFree
FormatMessageW
GetCurrentProcessId
GetLocalTime
OutputDebugStringW
GetExitCodeThread
lstrcpynW
GetCurrentProcess
IsWow64Process
CreateThread
GetModuleFileNameW
GetACP
GetPrivateProfileStringW
lstrlenW
GetPrivateProfileSectionW
GetPrivateProfileIntW
lstrcpyW
GetLastError
GetExitCodeProcess
CreateProcessW
CreateFileMappingW
WaitForMultipleObjects
CreateEventW
VirtualQuery
MapViewOfFile
FindResourceW
LoadResource
LockResource
SizeofResource
SetEvent
CloseHandle
UnmapViewOfFile
ReleaseMutex
WaitForSingleObject
CreateMutexW
GetTimeZoneInformation

user32

HideCaret
InvertRect
RegisterClipboardFormatW
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
SetClassLongW
DestroyAcceleratorTable
SetParent
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
UnregisterClassW
CopyImage
DestroyIcon
GetMenuDefaultItem
SetMenuDefaultItem
CreatePopupMenu
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
CharUpperW
IsZoomed
GetAsyncKeyState
NotifyWinEvent
SetWindowRgn
GetSystemMenu
DestroyMenu
GetMenuItemInfoW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
SetRect
CopyAcceleratorTableW
OffsetRect
CharNextW
KillTimer
SetTimer
RealChildWindowFromPoint
GetSysColorBrush
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoW
SetRectEmpty
WaitMessage
ReleaseCapture
LoadCursorW
WindowFromPoint
SetCapture
MapVirtualKeyW
GetKeyNameTextW
IntersectRect
InflateRect
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetClassLongW
GetIconInfo
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
CopyRect
GetClassNameW
InvalidateRect
UpdateWindow
DrawStateW
ShowOwnedPopups
SetCursor
GetMessageW
DestroyCursor
SubtractRect
MapVirtualKeyExW
TranslateMessage
DispatchMessageW
IsWindowVisible
GetKeyState
PeekMessageW
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
SetWindowsHookExW
UnhookWindowsHookEx
GetCursorPos
CallNextHookEx
GetFocus
PtInRect
GetSysColor
EndPaint
BeginPaint
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
FrameRect
CopyIcon
CharUpperBuffW
PostThreadMessageW
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
CreateMenu
GetWindowDC
ReleaseDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
GetMenuState
GetMenuStringW
AppendMenuW
IsClipboardFormatAvailable
GetUpdateRect
GetDoubleClickTime
SetPropW
GetWindowRgn
GetCapture
IsCharLowerW
GetMenuItemID
InsertMenuW
GetMenuItemCount
RemoveMenu
GetWindowThreadProcessId
GetLastActivePopup
LoadMenuW
GetSubMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetWindow
SetWindowContextHelpId
GetParent
MapDialogRect
PostQuitMessage
WaitForInputIdle
DrawIcon
GetSystemMetrics
IsIconic
GetClientRect
ScreenToClient
GetWindowRect
IsRectEmpty
ShowWindow
SetWindowPos
LoadImageW
GetDC
wsprintfW
MessageBoxW
SendMessageW
LoadIconW
EnableWindow
PostMessageW
DeleteMenu

gdi32

CreateCompatibleBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
GetBkColor
GetTextColor
GetRgnBox
GetTextExtentPoint32W
CreateRoundRectRgn
CreateDIBSection
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
CreateDIBitmap
EnumFontFamiliesExW
PatBlt
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetTextFaceW
SetPixelV
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
DPtoLP
SelectObject
Escape
ExtTextOutW
TextOutW
GetMapMode
CombineRgn
SetRectRgn
ScaleViewportExtEx
CreateRectRgnIndirect
CreateFontIndirectW
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreateBitmap
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
ExtFloodFill
GetDeviceCaps
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectW
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateDCW
CopyMetaFileW
SetWindowOrgEx

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

GetPrinterDriverW
ClosePrinter
UploadPrinterDriverPackageW
InstallPrinterDriverFromPackageW
AddPrinterW
OpenPrinterW
XcvDataW
DocumentPropertiesW
EnumPrintersW
ord204
EnumPortsW

advapi32

RegQueryValueW
RegQueryValueExW
RegCloseKey
OpenSCManagerW
OpenServiceW
ControlService
QueryServiceStatus
StartServiceW
CloseServiceHandle
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW

shell32

SHGetFileInfoW
DragFinish
DragQueryFileW
SHGetDesktopFolder
SHBrowseForFolderW
ShellExecuteW
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetPathFromIDListW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFileExistsW
PathRemoveFileSpecW

ole32

CoInitializeEx
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CLSIDFromProgID
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
CoCreateGuid
CLSIDFromString
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoRegisterMessageFilter
CoRevokeClassObject
CoUninitialize

oleaut32

SysFreeString
VarBstrFromDate
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysAllocString

oledlg

OleUIBusyW

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

setupapi

SetupOpenInfFileW
SetupGetStringFieldW
SetupDiGetClassDescriptionExW
SetupGetInfDriverStoreLocationW
SetupCloseInfFile
SetupFindFirstLineW

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 300KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 683KB - Virtual size: 683KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b463e1cdf596cfc0bb4f2caa312049cb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

setupapi

oleacc

imm32

winmm

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 300KB - Virtual size: 300KB

.data Size: 25KB - Virtual size: 69KB

.rsrc Size: 296KB - Virtual size: 296KB

Size: 683KB - Virtual size: 683KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 300KB - Virtual size: 300KB

.data
Size: 25KB - Virtual size: 69KB

.rsrc
Size: 296KB - Virtual size: 296KB