2023-08-26_06c6980a581339a19f15a3119fb10db7_mafia_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-26_06c6980a581339a19f15a3119fb10db7_mafia_JC.exe
Size

3.8MB
MD5

06c6980a581339a19f15a3119fb10db7
SHA1

7c416573eff79af3c361a4d462180c9878f39d00
SHA256

8ed4e70e75f01ec1383d876f2b6977cb2f4dd111d158a83c8cc9fdc2ad33baec
SHA512

e9a8055805efa49c2b1b9145801b5f597420e3d2dc3465ca9695986808d663ecfa0bfe4689a0512dbf9100d64eb20557d527e0a9e7d6479fcb7ef0b2e584c846
SSDEEP

98304:frU+EATVSCSDYMpMdK2Auo9Igd9uiVD1jy1:fzMLpjuo9Td9uiE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-26_06c6980a581339a19f15a3119fb10db7_mafia_JC.exe

Files

2023-08-26_06c6980a581339a19f15a3119fb10db7_mafia_JC.exe
.exe windows:5 windows x86

83b5fbadc7540f72313e5234b011fe40

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalUnlock
Process32NextW
Process32FirstW
SuspendThread
WaitForSingleObject
CreateMutexW
InterlockedDecrement
FlushInstructionCache
SetLastError
CreateProcessW
GetStartupInfoW
MoveFileExW
MoveFileW
GetTickCount
DeleteFileW
SetFileAttributesW
GetFileAttributesW
GetFileSizeEx
CreateFileA
lstrcmpW
ExpandEnvironmentStringsW
CreateDirectoryW
GetExitCodeThread
CreateThread
IsBadCodePtr
IsBadReadPtr
UnmapViewOfFile
CreateEventW
MapViewOfFile
CreateFileMappingW
SetEvent
GetLocalTime
FindFirstFileW
OutputDebugStringW
OpenFileMappingW
FileTimeToDosDateTime
GetLongPathNameW
CreatePipe
GetCurrentDirectoryW
SetCurrentDirectoryW
GetSystemDirectoryW
GetEnvironmentVariableW
lstrcmpiW
lstrcpyA
WinExec
GetDiskFreeSpaceExW
GetVolumeInformationW
GetWindowsDirectoryW
GetTempPathW
GetFullPathNameW
GetTempFileNameW
WaitNamedPipeW
DeleteFileA
MoveFileA
WritePrivateProfileStringW
CopyFileW
GetComputerNameW
GetCommandLineW
GetCurrentProcessId
SetUnhandledExceptionFilter
GetSystemInfo
GetExitCodeProcess
SetProcessWorkingSetSize
OpenMutexW
GetFileSize
HeapFree
HeapAlloc
GetLogicalDrives
GetDriveTypeW
GlobalLock
OpenProcess
TerminateProcess
SizeofResource
Sleep
DeleteCriticalSection
ReadFile
VirtualProtect
WriteProcessMemory
GetFileTime
CreateToolhelp32Snapshot
Module32FirstW
Module32NextW
GetVersionExW
GlobalMemoryStatusEx
OpenEventW
lstrcpynW
lstrcpyW
lstrcmpA
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetCurrentThreadId
LoadLibraryW
WriteFile
FreeResource
FindClose
FindNextFileW
LocalFree
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenA
SetEnvironmentVariableA
CompareStringW
SetEndOfFile
GetFullPathNameA
WriteConsoleW
FlushFileBuffers
SetStdHandle
SetConsoleCtrlHandler
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
FatalAppExitA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
SetFilePointer
GetFileType
SetHandleCount
GetLocaleInfoW
GetStdHandle
ExitProcess
HeapCreate
GetStringTypeW
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
GetModuleHandleW
GetProcAddress
GetCurrentProcess
RaiseException
LoadLibraryExW
LoadLibraryExA
FreeLibrary
BeginUpdateResourceW
BeginUpdateResourceA
EndUpdateResourceW
UpdateResourceW
WideCharToMultiByte
lstrlenW
lstrcatW
GetPrivateProfileIntW
HeapSetInformation
GetCommandLineA
GetDateFormatW
GetTimeFormatW
ResumeThread
ExitThread
GetSystemTimeAsFileTime
RtlUnwind
GetUserDefaultUILanguage
MulDiv
IsBadStringPtrW
TerminateThread
DecodePointer
EncodePointer
InterlockedIncrement
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedCompareExchange
InitializeCriticalSectionAndSpinCount
HeapSize
HeapReAlloc
HeapDestroy
LoadLibraryA
InterlockedExchange
FindResourceExW
FindResourceW
LoadResource
LockResource
GetModuleFileNameW
MultiByteToWideChar
GetPrivateProfileStringW
GetLastError
CreateFileW
DeviceIoControl
CloseHandle
GetProcessHeap

user32

SetCaretPos
GetSysColor
DestroyMenu
TrackPopupMenu
ShowCaret
HideCaret
CreateCaret
GetMessageW
CharPrevW
DrawTextW
DrawIconEx
FillRect
GetUpdateRect
BeginPaint
EnableMenuItem
UpdateLayeredWindow
MapWindowPoints
AppendMenuW
CreatePopupMenu
DefWindowProcW
OpenClipboard
EmptyClipboard
SetClipboardData
SetWindowRgn
ReleaseCapture
CloseClipboard
MonitorFromWindow
GetMonitorInfoW
LoadCursorW
SetCursor
GetCursorPos
ScreenToClient
PostMessageW
SetCapture
ReleaseDC
GetKeyState
PtInRect
IntersectRect
ShowWindow
InvalidateRect
SetTimer
RegisterClassW
EnumChildWindows
GetMenu
AdjustWindowRectEx
SetPropW
GetPropW
GetWindowRect
KillTimer
GetTopWindow
GetWindow
DestroyWindow
LoadImageW
UnionRect
InflateRect
DrawFocusRect
IsRectEmpty
UnregisterClassA
IsWindowVisible
GetWindowPlacement
SetWindowLongW
SetWindowTextW
FindWindowW
MessageBoxW
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
GetWindowLongW
SetWindowPos
SetForegroundWindow
IsWindow
SendMessageW
wsprintfW
EndPaint
DestroyIcon
GetDesktopWindow
GetActiveWindow
SetSysColors
ExitWindowsEx
IsIconic
GetParent
GetDC
MoveWindow
SetRect
CopyRect
EnumWindows
GetClassNameW
GetSystemMetrics
SystemParametersInfoW
PeekMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
FindWindowExW
LoadStringW
GetClientRect
GetIconInfo
IsZoomed
ClientToScreen
OffsetRect
CreateWindowExW
CharNextW
RegisterClassExW
CallWindowProcW
SetFocus
GetFocus
GetClassInfoExW
EnableWindow
GetWindowTextLengthW
GetWindowTextW

gdi32

SetBkColor
GetDeviceCaps
GetCharABCWidthsW
GetTextExtentPoint32W
TextOutW
CreateSolidBrush
BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GetDIBits
DeleteDC
GetObjectW
DeleteObject
SetBkMode
SetTextColor
PtInRegion
OffsetRgn
GetTextMetricsW
CreateFontIndirectW
CreateRoundRectRgn
SetWindowOrgEx
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
CombineRgn
StretchBlt
SetStretchBltMode
CreateRectRgn
GetBitmapBits
CreateDIBSection
LineTo
MoveToEx
CreatePen
Rectangle
GetStockObject
RoundRect
GdiFlush
SetBitmapBits

comdlg32

GetSaveFileNameW
GetOpenFileNameW

shell32

ShellExecuteW
SHGetFileInfoW
SHGetMalloc
CommandLineToArgvW
SHGetFolderPathW
SHChangeNotify
SHBrowseForFolderW
ord727
SHGetPathFromIDListW
SHFileOperationW
SHAppBarMessage
ShellExecuteExW

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleSetContainedObject
OleCreateStaticFromData
OleDuplicateData
ReleaseStgMedium
OleUninitialize
OleInitialize
PropVariantClear
CoSetProxyBlanket
CoInitializeEx
CreateStreamOnHGlobal
CoInitialize
CoTaskMemFree
CoUninitialize
CoInitializeSecurity
CoCreateInstance
StgCreateDocfile

oleaut32

CreateErrorInfo
GetErrorInfo
VariantInit
SysAllocString
SafeArrayGetUBound
VariantChangeType
SetErrorInfo
SafeArrayGetLBound
VariantClear
SafeArrayGetElement
SysFreeString

shlwapi

PathRemoveExtensionW
PathFileExistsW
SHDeleteKeyW
PathFindExtensionW
PathAppendW
PathFindFileNameW
wvnsprintfW
PathFileExistsA
SHStrDupW

gdiplus

GdipAddPathArcI
GdipDrawRectangleI
GdipDrawPath
GdiplusStartup
GdiplusShutdown
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipSetTextRenderingHint
GdipSetPenDashStyle
GdipDrawLinesI
GdipCloneBrush
GdipDrawImageI
GdipDrawImageRect
GdipDrawLineI
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipSetPenWidth
GdipCreateSolidFill
GdipCreateBitmapFromHBITMAP
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipDeletePen
GdipCreatePen1
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipSaveImageToStream
GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipDeleteBrush
GdipDrawImageRectRectI
GdipGetImageGraphicsContext
GdipCreateHICONFromBitmap
GdipGetImageHeight
GdipGetImageWidth
GdipCreateHBITMAPFromBitmap
GdipCloneImage
GdipDrawImageRectI
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipAddPathLineI
GdipSetImageAttributesWrapMode
GdipSetImageAttributesColorKeys
GdipSetImageAttributesColorMatrix
GdipDeletePath
GdipCreatePath
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipReleaseDC
GdipCreateFromHDC
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipGetPropertyItem

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

powrprof

IsPwrHibernateAllowed
GetPwrCapabilities

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlW
InternetSetOptionW
InternetOpenW
HttpQueryInfoW
InternetGetLastResponseInfoW
InternetConnectW
HttpOpenRequestW
HttpEndRequestW
InternetWriteFile
HttpSendRequestExW

crypt32

CryptDecodeObject
CryptQueryObject
CertFindCertificateInStore
CryptMsgGetParam
CertGetNameStringW

wintrust

WinVerifyTrust

netapi32

NetUserGetInfo
NetUserSetInfo
NetApiBufferFree

psapi

EnumProcesses
EnumProcessModules
GetModuleFileNameExW

ws2_32

inet_addr
ntohs

iphlpapi

GetExtendedUdpTable
GetIfEntry
GetExtendedTcpTable
GetAdaptersInfo

dbghelp

MiniDumpWriteDump

winmm

timeKillEvent
timeSetEvent
timeEndPeriod

comctl32

_TrackMouseEvent
ord17

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 613KB - Virtual size: 613KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83b5fbadc7540f72313e5234b011fe40

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

ole32

oleaut32

shlwapi

gdiplus

version

powrprof

wininet

crypt32

wintrust

netapi32

psapi

ws2_32

iphlpapi

dbghelp

winmm

comctl32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 613KB - Virtual size: 613KB

.data Size: 17KB - Virtual size: 59KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 135KB - Virtual size: 134KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 613KB - Virtual size: 613KB

.data
Size: 17KB - Virtual size: 59KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 135KB - Virtual size: 134KB