2023-08-25_d60fcbd8d4c490d8a707eb2543074183_mafia_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-25_d60fcbd8d4c490d8a707eb2543074183_mafia_JC.exe
Size

3.2MB
MD5

d60fcbd8d4c490d8a707eb2543074183
SHA1

ae0a078d6355b96aec0df24d0f47504ba2852e7e
SHA256

22a4d9ed2cca0a6ba91be3e0a58c52747165fc3474e41f0895290f4e60917d63
SHA512

4832d0a8958eb35f4a21f31e0343cd1f45057009b68c0258aeac817dccca275b3cef1600413432b0460857180d5a784162e245da14683af83e428377d27b2df0
SSDEEP

98304:cZSNRYcsoTLjAspe/D3aj55z9vG9wuZX2CEpmXK5r0uf:6SXYP4jA7oE9JGRmXK5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-25_d60fcbd8d4c490d8a707eb2543074183_mafia_JC.exe

Files

2023-08-25_d60fcbd8d4c490d8a707eb2543074183_mafia_JC.exe
.exe windows:5 windows x86

e790af225f204cca42ded7a373111b4d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imagehlp

SymCleanup
SymGetModuleBase
StackWalk
SymGetSymFromAddr
SymGetModuleInfo
SymFunctionTableAccess
SymInitialize
MakeSureDirectoryPathExists

kernel32

SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
IsProcessorFeaturePresent
IsValidCodePage
GetLocaleInfoW
EnumSystemLocalesA
IsValidLocale
HeapCreate
GetConsoleCP
GetConsoleMode
RtlUnwind
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetDriveTypeW
CompareStringW
WriteConsoleW
GetCurrentDirectoryW
CreateFileW
GetProcessHeap
SetEnvironmentVariableA
GetLocalTime
Process32First
OpenProcess
CreateProcessA
Process32Next
CreateToolhelp32Snapshot
FlushInstructionCache
VirtualFreeEx
ReadProcessMemory
VirtualAllocEx
WriteProcessMemory
IsDBCSLeadByte
GetStartupInfoW
InterlockedPopEntrySList
HeapSetInformation
VirtualQuery
GetSystemInfo
HeapSize
HeapAlloc
HeapReAlloc
ExitProcess
GetSystemTimeAsFileTime
HeapFree
DecodePointer
EncodePointer
GetNumberFormatA
SetErrorMode
GetFileSizeEx
LocalFileTimeToFileTime
GetFileAttributesExA
FindResourceExW
GetShortPathNameA
DuplicateHandle
UnlockFile
LockFile
ReadFile
MoveFileA
GetStringTypeExA
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetThreadLocale
GetACP
GlobalFlags
GetTempPathA
GetProfileIntA
SearchPathA
GetDiskFreeSpaceA
GetFileTime
SetFileTime
ReplaceFileA
SystemTimeToFileTime
VirtualProtect
CreateEventA
SetThreadPriority
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetTickCount
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
InterlockedExchange
lstrcmpA
GetModuleHandleW
HeapQueryInformation
ReleaseActCtx
CreateActCtxW
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
LoadLibraryW
lstrcmpW
GlobalSize
lstrlenW
FreeResource
CreateThread
lstrcmpiA
GetWindowsDirectoryA
WinExec
lstrlenA
lstrcatA
lstrcpyA
FindNextChangeNotification
WaitForMultipleObjects
FindCloseChangeNotification
FindFirstChangeNotificationA
ResumeThread
SuspendThread
InitializeCriticalSectionAndSpinCount
ResetEvent
SetEvent
ActivateActCtx
DeactivateActCtx
SetLastError
LCMapStringW
GetStringTypeW
LCMapStringA
GetUserDefaultLCID
GetStringTypeA
DeleteCriticalSection
InitializeCriticalSection
GetFileSize
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
FileTimeToSystemTime
FileTimeToLocalFileTime
GetThreadContext
GetCurrentThread
GetCurrentProcess
GetCurrentProcessId
FlushFileBuffers
UnmapViewOfFile
FlushViewOfFile
MapViewOfFile
CreateFileMappingA
SetEndOfFile
SetFilePointer
lstrcpynA
GetLogicalDriveStringsA
GetVolumeInformationA
WriteFile
LoadLibraryA
FreeLibrary
LocalFree
FormatMessageA
LoadLibraryExA
CreateDirectoryA
GetModuleFileNameA
FindClose
FindNextFileA
FindFirstFileA
GetDateFormatA
GetTimeFormatA
GlobalFree
GetEnvironmentVariableA
GlobalUnlock
GlobalAlloc
GlobalLock
MulDiv
GetLocaleInfoA
InterlockedDecrement
InterlockedIncrement
GetFileInformationByHandle
CreateFileA
CopyFileA
DeleteFileA
GetTempFileNameA
VirtualAlloc
SetFileAttributesA
GetFileAttributesA
VirtualFree
GetLastError
GetProcAddress
GetModuleHandleA
GetVersionExA
QueryPerformanceCounter
QueryPerformanceFrequency
GetFullPathNameA
WaitForSingleObject
FindResourceW
SizeofResource
WideCharToMultiByte
CreateMutexA
CloseHandle
ReleaseMutex
Sleep
GetCommandLineA
LockResource
LoadResource
FindResourceA
ExitThread
GetModuleFileNameW
RaiseException
InterlockedCompareExchange
InterlockedPushEntrySList
GetTimeZoneInformation

user32

GetNextDlgGroupItem
InvalidateRgn
CharNextA
UnregisterClassA
UnionRect
SetLayeredWindowAttributes
EnumDisplayMonitors
DrawIcon
MonitorFromPoint
RealChildWindowFromPoint
GetAsyncKeyState
MapVirtualKeyA
GetKeyNameTextA
GetMessageA
TranslateMessage
ValidateRect
ShowOwnedPopups
RegisterClipboardFormatA
SetWindowContextHelpId
MapDialogRect
LoadAcceleratorsW
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
IsZoomed
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
GetWindowThreadProcessId
LoadAcceleratorsA
LoadCursorW
SetCursorPos
TranslateAcceleratorA
TranslateMDISysAccel
BringWindowToTop
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
MoveWindow
IsDialogMessageA
SetDlgItemTextA
GetDlgItemTextA
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
SendDlgItemMessageA
WinHelpA
SetWindowsHookExA
CallNextHookEx
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
ShowScrollBar
CreateWindowExA
GetClassInfoExA
AdjustWindowRectEx
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetMenu
GetScrollPos
SetScrollPos
GetMenuStringA
InsertMenuA
RemoveMenu
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetNextDlgTabItem
GetMenuItemID
IsWindowEnabled
ChildWindowFromPoint
WindowFromPoint
SetWindowRgn
DefWindowProcA
GetClassNameA
DestroyCursor
CopyIcon
CreateIconIndirect
SetRectEmpty
GetMessagePos
GetCapture
FrameRect
SetRect
DrawFrameControl
DrawEdge
ShowWindow
GetDC
GetIconInfo
SetParent
GetSystemMenu
ReleaseDC
GetDCEx
RedrawWindow
GetClassLongA
IsRectEmpty
IsChild
PostThreadMessageA
LoadStringA
CharUpperA
SetWindowLongA
CallWindowProcA
GetDlgCtrlID
CheckMenuItem
SetMenuItemInfoA
CopyAcceleratorTableA
CreateAcceleratorTableA
ModifyMenuA
SetMenuDefaultItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
DestroyIcon
LockWindowUpdate
LoadImageA
wsprintfA
GetWindowTextA
GetWindowTextLengthA
InsertMenuItemA
GetMenuState
DeleteMenu
GetMenuItemInfoA
GetMenuItemCount
MessageBoxA
GetSysColorBrush
GetSysColor
InflateRect
DrawFocusRect
SetCaretPos
GrayStringA
DrawTextExA
TabbedTextOutA
GetFocus
FillRect
DrawTextA
EnableMenuItem
PtInRect
IsClipboardFormatAvailable
CloseClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
OpenClipboard
ScreenToClient
GetCursorPos
ReleaseCapture
SetCapture
CreateMenu
FindWindowExA
RegisterClassExA
AttachThreadInput
GetShellWindow
GetWindowRgn
SubtractRect
CharUpperBuffA
GetUpdateRect
GetDoubleClickTime
MapVirtualKeyExA
IsCharLowerA
LoadImageW
WaitMessage
GetKeyboardState
SetCursor
GetKeyState
DestroyCaret
HideCaret
ShowCaret
CreateCaret
GetWindowLongA
LoadCursorA
IsWindowVisible
InvalidateRect
LoadIconA
SetWindowTextA
PeekMessageA
GetKeyboardLayout
ToAsciiEx
SetClassLongA
IsMenu
UpdateLayeredWindow
DrawStateA
DrawIconEx
CopyImage
NotifyWinEvent
EnableScrollBar
InvertRect
GetMenuDefaultItem
EndDialog
GetTabbedTextExtentW
TrackPopupMenuEx
GetSubMenu
LoadMenuW
SetWindowPos
EqualRect
GetClientRect
IsDlgButtonChecked
GetDlgItem
SetFocus
GetDesktopWindow
CopyRect
ClientToScreen
IntersectRect
OffsetRect
SystemParametersInfoA
GetWindowPlacement
GetSystemMetrics
IsWindow
MessageBeep
SetTimer
GetWindowRect
AppendMenuA
CreatePopupMenu
KillTimer
SetForegroundWindow
SendMessageTimeoutA
FindWindowA
DestroyAcceleratorTable
UpdateWindow
SendMessageA
OpenIcon
IsIconic
LoadIconW
GetClassInfoA
RegisterWindowMessageA
PostMessageA
GetParent
GetWindow
EnableWindow
RegisterClassA

gdi32

ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
CreateHatchBrush
CreateRectRgnIndirect
SetRectRgn
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetViewportOrgEx
CreateEllipticRgn
Ellipse
SetViewportExtEx
GetTextCharsetInfo
SetViewportOrgEx
EnumFontFamiliesExA
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextFaceA
GetTextExtentPointA
GetTextExtentPoint32W
GetWindowOrgEx
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
Polyline
SetDIBColorTable
SetPixel
ExtFloodFill
SetPaletteEntries
PtInRegion
GetBoundsRect
SetPixelV
SetBkColor
SetBkMode
LineTo
CreateDIBitmap
OffsetViewportOrgEx
MoveToEx
SetTextColor
StretchBlt
CreateBitmap
StartDocA
SetTextJustification
SetLayout
GetLayout
SetTextCharacterExtra
SetTextAlign
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
StretchDIBits
GetCharWidthA
CreateDCA
CopyMetaFileA
CreatePolygonRgn
CreateRoundRectRgn
OffsetRgn
CombineRgn
CreateRectRgn
GetTextExtentPoint32A
SelectClipRgn
FillRgn
GetRgnBox
GetClipBox
CreateDIBSection
DeleteDC
RealizePalette
CreatePalette
Polygon
GetPixel
DeleteObject
PatBlt
GetTextColor
CreateFontIndirectA
GetObjectA
EnumFontFamiliesA
EnumFontsA
CreateFontA
ExtCreatePen
CreatePen
CreateSolidBrush
GetTextAlign
Rectangle
GetTextMetricsA
SelectObject
Escape
ExtTextOutA
RectVisible
PtVisible
TextOutA
GetStockObject
RoundRect
BitBlt
GetBkColor
DPtoLP
GetViewportExtEx
GetWindowExtEx
GetMapMode
CreateCompatibleBitmap
LPtoDP
CreateCompatibleDC
GetDeviceCaps
FrameRgn

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

GetJobA
ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegQueryValueA
RegSetValueA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
SetFileSecurityA
GetFileSecurityA
RegQueryInfoKeyW
RegQueryValueExA
RegOpenKeyA
RegEnumKeyExA
RegOpenKeyExW
RegEnumValueA

shell32

ShellExecuteA
SHGetSpecialFolderPathA
SHGetPathFromIDListA
SHGetMalloc
SHBrowseForFolderA
SHGetFileInfoA
SHGetSpecialFolderLocation
SHFileOperationA
SHGetDesktopFolder
DragFinish
DragQueryFileA
Shell_NotifyIconA
CommandLineToArgvW
DragAcceptFiles
SHAppBarMessage
SHAddToRecentDocs
ExtractIconA

comctl32

ord17
_TrackMouseEvent
ImageList_GetImageCount
ImageList_GetIcon
ImageList_GetIconSize
InitCommonControlsEx

shlwapi

PathFindExtensionA
PathRemoveFileSpecA
PathFindFileNameA
PathRemoveExtensionA
PathFileExistsA
PathAppendA
PathBuildRootA
PathGetDriveNumberA
PathCombineA
PathRemoveFileSpecW
PathStripToRootA
PathIsUNCA
StrStrIA

ole32

StringFromCLSID
ReleaseStgMedium
CoTaskMemFree
CoTaskMemAlloc
OleDuplicateData
CoCreateGuid
CLSIDFromProgID
CLSIDFromString
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoUninitialize
CoCreateInstance
CoInitializeEx
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
OleGetClipboard
StringFromGUID2
CoInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject
CoTaskMemRealloc
OleCreate
OleLockRunning
StgCreateDocfile
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CreateStreamOnHGlobal
CoRegisterMessageFilter

oleaut32

VarUI4FromStr
SysAllocString
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
VarBstrFromDate
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantCopy
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringByteLen
SafeArrayDestroy
SysFreeString

oledlg

ord8

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

gdiplus

GdipCreatePen1
GdipDrawLineI
GdipFillRectangleI
GdipImageGetFrameDimensionsCount
GdipGetPropertyItemSize
GdipCreateSolidFill
GdipGetPropertyItem
GdipImageSelectActiveFrame
GdipGraphicsClear
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipDeletePen
GdipDeleteBrush
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusShutdown

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

netapi32

Netbios

wininet

HttpSendRequestA
HttpOpenRequestA
InternetCrackUrlA
InternetReadFileExA
InternetConnectA
InternetOpenA
HttpQueryInfoA
InternetCloseHandle

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 493KB - Virtual size: 492KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 370KB - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 244KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e790af225f204cca42ded7a373111b4d

Headers

DLL Characteristics

File Characteristics

Imports

imagehlp

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

version

gdiplus

imm32

winmm

netapi32

wininet

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 493KB - Virtual size: 492KB

.data Size: 81KB - Virtual size: 122KB

.tls Size: 8KB - Virtual size: 8KB

.rsrc Size: 370KB - Virtual size: 369KB

.reloc Size: 244KB - Virtual size: 243KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 493KB - Virtual size: 492KB

.data
Size: 81KB - Virtual size: 122KB

.tls
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 370KB - Virtual size: 369KB

.reloc
Size: 244KB - Virtual size: 243KB