2023-08-26_6a4f39860d637dd0da14f0af56e0b2eb_mafia_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-26_6a4f39860d637dd0da14f0af56e0b2eb_mafia_JC.exe
Size

785KB
MD5

6a4f39860d637dd0da14f0af56e0b2eb
SHA1

60b531d27349ac7abbb625866b007dadd792692e
SHA256

5286fe2390fc36c505f3fd438b0ea8f9b3e1c7430c481e94a9ac40510ba3fe49
SHA512

907701ca006ecf53c4642cbadbc735ef9f9c5d40a44d608aeed057b80f84b4ff8435b24e9f4d17ef430ac3b7a679028809f192cd66bf439c613136ba14606d3f
SSDEEP

12288:bqlirJ11yl4Tec94oRjLncWMPjt+3aPR63OOxWKUGhXhSzEllix:2Wc4yc/RXcWMPwKPUeLpwVll

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-26_6a4f39860d637dd0da14f0af56e0b2eb_mafia_JC.exe

Files

2023-08-26_6a4f39860d637dd0da14f0af56e0b2eb_mafia_JC.exe
.exe windows:5 windows x86

e93b26ab5f62ff55707aee454b608a54

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionW
PathFindFileNameW
PathFileExistsW

libcef

cef_post_task
cef_register_scheme_handler_factory
cef_build_revision
cef_initialize
cef_register_custom_scheme
cef_run_message_loop
cef_shutdown
cef_string_utf16_clear
cef_string_utf8_to_utf16
cef_string_list_copy
cef_string_multimap_alloc
cef_string_multimap_free
cef_string_multimap_size
cef_string_multimap_key
cef_string_multimap_value
cef_string_map_size
cef_string_map_key
cef_string_map_value
cef_string_list_size
cef_string_list_value
cef_string_multimap_append
cef_string_map_append
cef_xml_reader_create
cef_zip_reader_create
cef_string_map_alloc
cef_string_map_free
cef_command_line_create
cef_stream_reader_create_for_file
cef_browser_create
cef_stream_reader_create_for_handler
cef_string_list_alloc
cef_string_userfree_utf16_alloc
cef_string_ascii_to_utf16
cef_string_list_append
cef_string_utf16_set
cef_string_list_free
cef_string_utf16_cmp
cef_string_utf16_to_utf8
cef_string_utf8_clear
cef_string_userfree_utf16_free

kernel32

InterlockedCompareExchange
InterlockedExchange
SetEndOfFile
CreateFileW
CreateFileA
SetStdHandle
WriteConsoleW
LoadLibraryW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
HeapReAlloc
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
CreateDirectoryA
GetLongPathNameA
GetModuleFileNameA
EnterCriticalSection
LeaveCriticalSection
GetFileAttributesA
ReleaseMutex
CreateMutexW
OpenMutexW
GetCommandLineW
LockResource
SizeofResource
LoadResource
FindResourceW
HeapSize
GetStringTypeW
GetCurrentDirectoryW
IsValidCodePage
GetOEMCP
GetACP
GetLocaleInfoW
CloseHandle
SetFilePointer
ReadFile
FlushFileBuffers
GetConsoleMode
GetConsoleCP
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
GetStdHandle
WriteFile
GetProcessHeap
MultiByteToWideChar
Sleep
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleW
HeapSetInformation
GetStartupInfoW
GetProcAddress
HeapAlloc
RtlUnwind
LCMapStringW
GetCPInfo
GetFullPathNameA
GetDriveTypeW
RaiseException
HeapFree
GetLastError
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WideCharToMultiByte

user32

UpdateWindow
CreateWindowExW
DefWindowProcW
SetFocus
DestroyWindow
MessageBoxW
EndPaint
BeginPaint
PostQuitMessage
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
PostMessageW
GetDlgItem
LoadImageW
GetClientRect
CallWindowProcW
SendMessageW
RegisterClassExW
LoadCursorW
LoadIconW
SetForegroundWindow
FindWindowW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
IsDialogMessageW
GetMessageW
RegisterWindowMessageW
LoadAcceleratorsW
LoadStringW
GetWindowLongW
EnableWindow
SetWindowTextW
GetParent
ShowWindow

comdlg32

FindTextW

shell32

SHGetFolderPathW
SHGetFolderPathA
ShellExecuteA

Sections

.text
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 432KB - Virtual size: 431KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e93b26ab5f62ff55707aee454b608a54

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

libcef

kernel32

user32

comdlg32

shell32

Sections

.text Size: 273KB - Virtual size: 273KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 11KB - Virtual size: 37KB

.rsrc Size: 432KB - Virtual size: 431KB

.reloc Size: 27KB - Virtual size: 26KB

.text
Size: 273KB - Virtual size: 273KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 11KB - Virtual size: 37KB

.rsrc
Size: 432KB - Virtual size: 431KB

.reloc
Size: 27KB - Virtual size: 26KB