2023-08-25_463e1ebf42d022e947d92ecc450be2d4_mafia_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-25_463e1ebf42d022e947d92ecc450be2d4_mafia_JC.exe
Size

2.4MB
MD5

463e1ebf42d022e947d92ecc450be2d4
SHA1

316b88a243bf19b3d4451ef8027639ef61be1f27
SHA256

c353e58978064afe55462b7065f4ec678a2185abedece972eab743874f0a47cd
SHA512

9184eec37ea9dfc0323a758fc8be92abc87e40060fe4175ab85d15068bc8a2cf07f9dba0e826ed936769a5416fd0560e721c18fa4b0c8b848ce450bf56e7a89b
SSDEEP

49152:BwktaO6nhAh82xUxQOVZw8wKkTQI06Y3sGn4Swp85X7y+8LJbD6Urewi6m6gjyRM:B16nhAhhUxQd84TQIVY3sGn4Swz+8LJb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-25_463e1ebf42d022e947d92ecc450be2d4_mafia_JC.exe

Files

2023-08-25_463e1ebf42d022e947d92ecc450be2d4_mafia_JC.exe
.exe windows:5 windows x86

fe962d6e6d5b938927ff9c4ad77d411c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
SetFileTime
GetCurrentDirectoryA
GetFileAttributesA
CreateDirectoryA
LocalFileTimeToFileTime
SystemTimeToFileTime
ReadFile
SetFilePointer
MulDiv
InterlockedDecrement
InterlockedIncrement
GetTempPathA
GetCurrentDirectoryW
FreeLibrary
K32EnumProcesses
OpenProcess
K32EnumProcessModules
K32GetModuleFileNameExA
DeleteFileA
GetModuleFileNameA
ActivateActCtx
DeactivateActCtx
SetLastError
GetProcAddress
GetModuleHandleA
LoadLibraryA
lstrcpyA
lstrcatA
FindFirstFileExA
GetDriveTypeA
SearchPathA
GetFileInformationByHandle
GlobalMemoryStatusEx
GetSystemInfo
MultiByteToWideChar
lstrlenW
LocalFree
FormatMessageA
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
CopyFileA
GlobalFree
GlobalReAlloc
lstrcmpA
lstrcmpW
lstrcpyW
GetThreadLocale
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentProcessId
LoadLibraryW
CompareStringA
GetVersionExA
GlobalDeleteAtom
GlobalFindAtomA
GetCurrentThreadId
FreeResource
FindResourceA
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
SetThreadPriority
ResumeThread
SetEvent
SuspendThread
CreateEventA
VirtualProtect
GetModuleHandleW
InterlockedExchange
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrcmpiA
ReplaceFileA
GetFileTime
GetTempFileNameA
GetFullPathNameA
GetDiskFreeSpaceA
GetStringTypeExA
MoveFileA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetShortPathNameA
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
FileTimeToSystemTime
GlobalFlags
GetCPInfo
GetOEMCP
GetACP
FindResourceExW
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileSizeEx
SetErrorMode
GetWindowsDirectoryA
GetNumberFormatA
GetProfileIntA
InitializeCriticalSectionAndSpinCount
Sleep
RtlUnwind
RaiseException
DecodePointer
EncodePointer
ExitProcess
HeapFree
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
VirtualAlloc
VirtualQuery
HeapReAlloc
ExitThread
CreateThread
SetStdHandle
GetFileType
HeapQueryInformation
HeapSize
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
IsValidCodePage
LCMapStringW
IsProcessorFeaturePresent
GetConsoleCP
GetConsoleMode
GetStdHandle
GetStringTypeW
HeapCreate
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetTimeZoneInformation
CompareStringW
WriteConsoleW
CreateFileW
GetProcessHeap
SetEnvironmentVariableA
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
CreateFileA
CreateFileMappingA
MapViewOfFile
FlushViewOfFile
UnmapViewOfFile
CloseHandle
FindFirstFileA
FindClose
GetLastError
lstrlenA
WaitForSingleObject
GetTickCount
lstrcpynA
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
GetDriveTypeW

user32

SystemParametersInfoA
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
GetAsyncKeyState
MapDialogRect
SetRect
WindowFromPoint
GetKeyNameTextA
MapVirtualKeyA
PostQuitMessage
ShowOwnedPopups
LoadAcceleratorsW
SetWindowContextHelpId
RegisterClipboardFormatA
IsClipboardFormatAvailable
CountClipboardFormats
InSendMessage
SetParent
IsRectEmpty
CharUpperA
GetSysColorBrush
RealChildWindowFromPoint
SetWindowRgn
CopyAcceleratorTableA
InvalidateRgn
EnumDisplayMonitors
SetLayeredWindowAttributes
DeleteMenu
GetSystemMenu
UnionRect
DrawIcon
UnregisterClassA
GetNextDlgGroupItem
SendNotifyMessageA
WaitMessage
CreateMenu
DrawStateA
DrawEdge
DrawFrameControl
DrawIconEx
MonitorFromPoint
EnableScrollBar
UpdateLayeredWindow
IsMenu
NotifyWinEvent
SetClassLongA
DestroyAcceleratorTable
ToAsciiEx
GetKeyboardLayout
DrawTextA
CreateAcceleratorTableA
GetMenuDefaultItem
InvertRect
HideCaret
GetIconInfo
CopyImage
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
GetUpdateRect
CharUpperBuffA
SubtractRect
FrameRect
IsCharLowerA
MapVirtualKeyExA
GetWindowRgn
SetWindowPos
SetWindowLongA
TranslateAcceleratorA
TranslateMDISysAccel
BringWindowToTop
GetActiveWindow
DrawMenuBar
CreateWindowExA
DefMDIChildProcA
GetMenu
DefFrameProcA
GetDesktopWindow
GetMenuState
GetMenuStringA
GetSystemMetrics
InsertMenuA
GetMenuItemCount
RemoveMenu
IsWindow
CreatePopupMenu
TabbedTextOutA
GetMessageA
TranslateMessage
ValidateRect
AppendMenuA
SendMessageA
IsIconic
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
CheckMenuItem
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
RedrawWindow
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
MessageBoxA
GetClassInfoExA
RegisterClassA
DeferWindowPos
GetMessageTime
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
LoadCursorA
DestroyCursor
BeginDeferWindowPos
EndDeferWindowPos
SetScrollPos
GetScrollPos
IsChild
SetCapture
ScreenToClient
SetCursorPos
InflateRect
GetClassNameA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
WinHelpA
LoadImageA
DestroyIcon
SetFocus
GetWindowThreadProcessId
IsWindowEnabled
EqualRect
GetKeyState
LoadIconW
GetMenuItemInfoA
EndPaint
BeginPaint
GetWindowDC
GrayStringA
GetMenuItemID
DrawTextExA
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
SetActiveWindow
InsertMenuItemA
GetClassInfoA
IntersectRect
SetRectEmpty
GetLastActivePopup
SetMenu
ShowWindow
GetDlgItem
OffsetRect
GetDlgCtrlID
LoadCursorW
GetDC
ReleaseDC
MessageBeep
CharNextA
GetKeyboardState
AdjustWindowRectEx
GetWindowRect
GetClientRect
GetCursorPos
LoadMenuW
GetSubMenu
EnableMenuItem
wsprintfA
GetWindow
IsZoomed
LoadBitmapW
GetWindowLongA
GetSysColor
LockWindowUpdate
DrawFocusRect
FillRect
PtInRect
CopyRect
GetParent
PostMessageA
PostThreadMessageA
EnableWindow
GetFocus
KillTimer
SetTimer
IsWindowVisible
InvalidateRect
UpdateWindow
ClientToScreen

gdi32

GetWindowExtEx
GetPixel
CopyMetaFileA
PtVisible
GetViewportExtEx
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
RectVisible
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SelectClipRgn
DeleteObject
CreateRectRgn
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
SetLayout
SetPixelV
GetTextFaceA
CreateFontIndirectA
GetTextExtentPoint32A
GetObjectA
CreateCompatibleDC
BitBlt
GetStockObject
GetDeviceCaps
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
SetPaletteEntries
ExtFloodFill
GetViewportOrgEx
StretchBlt
SetDIBColorTable
SetPixel
CreateBitmap
SetBkColor
SetTextColor
SelectObject
PatBlt
CreateCompatibleBitmap
GetTextColor
GetBkColor
CreateDCA
StartDocA
Rectangle
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
CreateRoundRectRgn
Polygon
Polyline
CreatePolygonRgn
GetWindowOrgEx
EnumFontFamiliesExA
Ellipse
LPtoDP
CreateEllipticRgn
GetMapMode
CombineRgn
SetRectRgn
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
GetRgnBox
CreateDIBSection
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
DPtoLP
CreateRectRgnIndirect
GetTextMetricsA
StretchDIBits
CreateFontA
GetCharWidthA
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType
SelectPalette
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx

shell32

SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
SHAppBarMessage
ExtractIconA
SHAddToRecentDocs
DragAcceptFiles
ShellExecuteA
SHGetFileInfoA
DragFinish
DragQueryFileA

odbc32

ord68
ord72
ord47
ord44
ord45
ord50
ord43
ord8
ord18
ord67
ord54
ord51
ord40
ord4
ord17
ord41
ord10
ord61
ord3
ord16
ord2
ord1
ord15
ord9
ord14
ord20
ord48
ord49
ord11
ord19
ord12
ord46
ord13
ord59
ord5

msimg32

AlphaBlend
TransparentBlt

comctl32

ImageList_DrawEx
ImageList_GetIconSize

shlwapi

PathRemoveFileSpecW
PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA

oledlg

ord4
ord8
ord11
ord3

wldap32

ord41
ord27
ord301
ord33
ord79
ord35
ord32
ord200
ord30
ord26
ord50
ord60
ord143
ord211
ord22
ord46

ws2_32

bind
ntohs
htons
setsockopt
WSAIoctl
send
recv
WSAGetLastError
__WSAFDIsSet
WSASetLastError
WSAStartup
WSACleanup
getsockopt
getpeername
closesocket
socket
connect
freeaddrinfo
getaddrinfo
sendto
recvfrom
accept
listen
ioctlsocket
gethostname
htonl
ntohl
getsockname
select

crypt32

CertFreeCertificateContext

gdiplus

GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA
GetJobA

comdlg32

GetFileTitleA

advapi32

CryptHashData
CryptImportKey
CryptEncrypt
CryptDestroyKey
CryptGetHashParam
CryptDestroyHash
CryptCreateHash
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegCloseKey
RegSetValueA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA
RegOpenKeyExW
RegEnumValueA
RegEnumKeyExA

ole32

OleGetClipboard
OleSetClipboard
OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
DoDragDrop
RegisterDragDrop
RevokeDragDrop
OleSetMenuDescriptor
StgIsStorageFile
StgOpenStorage
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfile
CreateItemMoniker
CreateFileMoniker
CoLockObjectExternal
GetRunningObjectTable
OleIsRunning
OleRegGetMiscStatus
OleRegEnumVerbs
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoCreateGuid
CoInitializeEx
CoInitialize
CoGetClassObject
CoUninitialize
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleRun
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CreateGenericComposite
OleGetIconOfClass
OleCreateLinkToFile
OleCreateFromFile
OleSetContainedObject
GetHGlobalFromILockBytes
OleLoad
OleCreate
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleLockRunning
CreateStreamOnHGlobal
OleSaveToStream
WriteClassStm
OleSave
CoRegisterMessageFilter
CoRevokeClassObject
StgCreateDocfileOnILockBytes
OleFlushClipboard
CoDisconnectObject
OleIsCurrentClipboard

oleaut32

VariantCopy
SafeArrayDestroy
VarBstrFromDate
SysAllocString
SysStringLen
VariantInit
VariantChangeType
VariantClear
OleCreateFontIndirect
SysAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringByteLen
SysFreeString

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 410KB - Virtual size: 410KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 198KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe962d6e6d5b938927ff9c4ad77d411c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

odbc32

msimg32

comctl32

shlwapi

oledlg

wldap32

ws2_32

crypt32

gdiplus

oleacc

imm32

winmm

winspool.drv

comdlg32

advapi32

ole32

oleaut32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 410KB - Virtual size: 410KB

.data Size: 30KB - Virtual size: 61KB

.rsrc Size: 161KB - Virtual size: 160KB

.reloc Size: 198KB - Virtual size: 197KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 410KB - Virtual size: 410KB

.data
Size: 30KB - Virtual size: 61KB

.rsrc
Size: 161KB - Virtual size: 160KB

.reloc
Size: 198KB - Virtual size: 197KB