2023-08-26_8cafa62b83baa9212ae40d5a8d17eb27_mafia_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

2023-08-26_8cafa62b83baa9212ae40d5a8d17eb27_mafia_JC.exe
Size

1.8MB
MD5

8cafa62b83baa9212ae40d5a8d17eb27
SHA1

150e10fb70391f6fb55dfa5afb6bba2537a9fa0a
SHA256

c140a22efe1bd008c3aa84dce4f1711b82cdf2caca46144ec1d49c5794daba2b
SHA512

11c5edc48d489449bd93fe85880729f20f5cc388af35a91e8d276eac02ab73203318921ed9d3095e30f05087522ea29094cf3f3c72d2996dda17e4d14c2f3345
SSDEEP

49152:lAl7W+/aXftgYZdLt/0YZL7m5hgPLT46181xKUpRHO4Ue0aGhAq9a8p7kP:lj+/aXGYZdLt5ZLS5ePLT461814ern0h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-26_8cafa62b83baa9212ae40d5a8d17eb27_mafia_JC.exe

Files

2023-08-26_8cafa62b83baa9212ae40d5a8d17eb27_mafia_JC.exe
.exe windows:5 windows x86

99e9397091c4ed695fdff6e0a98ff759

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

GetTimeZoneInformation
SetHandleCount
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetConsoleCP
GetConsoleMode
GetDriveTypeW
CompareStringW
WriteConsoleW
GetCurrentDirectoryW
GetProcessHeap
CreateFileW
SetEnvironmentVariableA
SizeofResource
LockResource
LoadResource
FindResourceW
WideCharToMultiByte
CloseHandle
ExitProcess
LocalFree
LocalAlloc
lstrlenA
FormatMessageA
CreateProcessA
IsProcessorFeaturePresent
CreatePipe
GetModuleFileNameA
ReadFile
GetFileAttributesA
LoadLibraryA
GetModuleHandleA
GetProcAddress
SetLastError
DeactivateActCtx
GetLastError
LCMapStringW
MultiByteToWideChar
CopyFileA
CreateDirectoryA
WriteFile
PurgeComm
SetCommTimeouts
SetCommState
SetupComm
BuildCommDCBAndTimeoutsA
CreateFileA
MulDiv
lstrlenW
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GlobalFree
GetStringTypeW
IsValidCodePage
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
HeapSize
HeapQueryInformation
CreateThread
ExitThread
GetFileType
SetStdHandle
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA
DecodePointer
EncodePointer
HeapAlloc
HeapFree
RtlUnwind
CreateActCtxW
GetStdHandle
ActivateActCtx
HeapCreate
ReleaseActCtx
GetModuleFileNameW
InterlockedDecrement
FindResourceExW
VirtualProtect
SearchPathA
Sleep
GetProfileIntA
GetTempPathA
GetTempFileNameA
GetNumberFormatA
GetWindowsDirectoryA
GetCurrentDirectoryA
SetErrorMode
lstrcpyA
GetSystemDirectoryW
GetOEMCP
GetCPInfo
GetACP
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
GetTickCount
WaitForSingleObject
ResumeThread
SetThreadPriority
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
GetModuleHandleW
InterlockedExchange
FindNextFileA
FileTimeToLocalFileTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
FreeLibrary
SetFilePointer
DeleteFileA
lstrcmpiA
FileTimeToSystemTime
GetThreadLocale
InterlockedIncrement
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
CompareStringA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
lstrcmpW
FindResourceA
FreeResource
GetCurrentProcessId
lstrcmpA

user32

IsMenu
MonitorFromPoint
UpdateLayeredWindow
UnionRect
MapVirtualKeyExA
IsCharLowerA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
DrawFrameControl
DrawEdge
DrawStateA
LoadMenuW
SetClassLongA
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
DrawIconEx
LoadImageA
GetIconInfo
NotifyWinEvent
EnableScrollBar
HideCaret
DrawFocusRect
InvertRect
GetAsyncKeyState
CreatePopupMenu
GetMenuDefaultItem
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableA
OffsetRect
CharNextA
PostThreadMessageA
ReleaseCapture
WindowFromPoint
SetCapture
InvalidateRect
DeleteMenu
DestroyIcon
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
CopyImage
IntersectRect
RealChildWindowFromPoint
UnregisterClassA
LoadCursorA
GetSysColorBrush
EndPaint
BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
InflateRect
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatA
ShowOwnedPopups
DefFrameProcA
GetMessageA
TranslateMessage
GetCursorPos
PostQuitMessage
CharUpperA
RegisterWindowMessageA
LoadIconA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
RedrawWindow
ValidateRect
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
PtInRect
GetWindowTextLengthA
GetWindowTextA
SetFocus
SetWindowPos
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
CheckDlgButton
GetWindow
MapVirtualKeyA
GetKeyNameTextA
ReleaseDC
DefMDIChildProcA
GetWindowRgn
DrawMenuBar
DestroyCursor
SubtractRect
GetDoubleClickTime
CharUpperBuffA
CopyIcon
GetUpdateRect
GetDC
CopyRect
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
CreateMenu
SetCursor
TranslateMDISysAccel
EndDialog
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
WaitMessage
PostMessageA
PeekMessageA
DispatchMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuA
EnableMenuItem
CheckMenuItem
UnhookWindowsHookEx
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
GetSysColor
GetWindowRect
IsIconic
GetSystemMenu
AppendMenuA
DrawIcon
GetSystemMetrics
KillTimer
SetTimer
GetClientRect
SetForegroundWindow
IsWindowVisible
LoadIconW
SendMessageA
EnableWindow
MessageBoxA
GetWindowDC

gdi32

MoveToEx
SetTextAlign
GetLayout
SetLayout
DeleteObject
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
GetTextMetricsA
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
CreateDIBitmap
LineTo
EnumFontFamiliesA
GetTextCharsetInfo
GetBkColor
GetTextColor
GetRgnBox
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
OffsetRgn
EnumFontFamiliesExA
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceA
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetTextExtentPoint32A
ExtTextOutA
BitBlt
CreateCompatibleDC
CreateFontIndirectA
GetObjectA
SetBkColor
SetTextColor
PatBlt
CreateRectRgnIndirect
CreateBitmap
CreateDCA
CreateCompatibleBitmap
GetDeviceCaps
CopyMetaFileA

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegEnumKeyExA
RegQueryValueExA
RegEnumValueA
RegOpenKeyExA
RegSetValueA
RegOpenKeyExW
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegCloseKey
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA

shell32

DragQueryFileA
SHBrowseForFolderA
SHGetMalloc
SHGetFileInfoA
ExtractIconA
SHGetDesktopFolder
SHAppBarMessage
SHGetPathFromIDListA
DragFinish
ShellExecuteA
SHGetSpecialFolderLocation

comctl32

ImageList_GetIconSize

shlwapi

PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA
PathFindFileNameA
PathStripToRootA

ole32

CoFreeUnusedLibraries
OleInitialize
OleIsCurrentClipboard
CoTaskMemFree
CoCreateInstance
OleFlushClipboard
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleUninitialize
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoCreateGuid
CoInitialize
CoGetClassObject
CoInitializeEx
CoUninitialize
CoRevokeClassObject
CoRegisterClassObject
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
StringFromCLSID
DoDragDrop

oleaut32

SysStringByteLen
OleCreateFontIndirect
LoadTypeLi
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysAllocString
SysStringLen
VariantInit
VariantChangeType
SysFreeString
VariantClear
RegisterActiveObject
SysAllocStringLen
SysAllocStringByteLen

oledlg

ord8

ws2_32

WSAStartup
WSACleanup
closesocket
accept
socket
select
gethostbyname
htonl
htons
inet_addr
bind
WSASetLastError
connect
sendto
recvfrom
WSAAsyncSelect
send
recv
WSAGetLastError
setsockopt

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

wininet

InternetOpenA
InternetGetLastResponseInfoA
InternetConnectA
FtpFindFirstFileA
FtpOpenFileA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetCloseHandle
InternetFindNextFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
InternetQueryDataAvailable

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 302KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99e9397091c4ed695fdff6e0a98ff759

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

ws2_32

oleacc

wininet

gdiplus

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 302KB - Virtual size: 301KB

.data Size: 27KB - Virtual size: 59KB

.rsrc Size: 21KB - Virtual size: 20KB

.reloc Size: 178KB - Virtual size: 178KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 302KB - Virtual size: 301KB

.data
Size: 27KB - Virtual size: 59KB

.rsrc
Size: 21KB - Virtual size: 20KB

.reloc
Size: 178KB - Virtual size: 178KB