NEAS[.]2023-09-08_204a82adafa695ac4356a91dc0fe3786_mafia_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.2023-09-08_204a82adafa695ac4356a91dc0fe3786_mafia_JC.exe
Size

2.7MB
MD5

204a82adafa695ac4356a91dc0fe3786
SHA1

c111ed3282e454d40baf1296e23ae78da8865de7
SHA256

774322beb34cffdcff033760ed491846711f3f6b6bbcdc3b05ff2079c98fdb4c
SHA512

f8a2b06c9df7d993167a57bd01088713d2c3780194b25607a64242ca41400f829d60849bbbde4530a5298d5192976ef323690aa6ff7bd860e84c98318202968f
SSDEEP

49152:flIVkr009vYJNwMbCfbv1/xlMehQkXVpJ8PSzVKpXVjOZfqrH9xW3YoLNZYoLNY:V0evYJNwMbC71XMehQkFpJ8PSz8xEfqq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.2023-09-08_204a82adafa695ac4356a91dc0fe3786_mafia_JC.exe

Files

NEAS.2023-09-08_204a82adafa695ac4356a91dc0fe3786_mafia_JC.exe
.exe windows:5 windows x86

28321e1274d9e8362c195d9047cba5ec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetUpdateRect
IsClipboardFormatAvailable
CreateMenu
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
PostThreadMessageA
CharUpperBuffA
CopyIcon
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
FrameRect
RegisterClipboardFormatA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetIconInfo
HideCaret
InvertRect
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableA
LoadAcceleratorsW
GetDoubleClickTime
GetKeyboardLayout
MapVirtualKeyA
ToAsciiEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
SetClassLongA
DestroyAcceleratorTable
SetParent
DestroyIcon
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
CharNextA
WaitMessage
GetMenuDefaultItem
SetMenuDefaultItem
CreatePopupMenu
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
IsRectEmpty
IsZoomed
GetAsyncKeyState
NotifyWinEvent
MessageBeep
WindowFromPoint
SetWindowRgn
LoadMenuW
DeleteMenu
SetLayeredWindowAttributes
EnumDisplayMonitors
CopyImage
RealChildWindowFromPoint
IsCharLowerA
GetKeyNameTextA
MapVirtualKeyExA
SubtractRect
GetWindowDC
GetSystemMetrics
ReleaseDC
EnableWindow
GetSysColor
SendMessageA
InvalidateRect
GetWindowRect
InflateRect
LoadImageA
GetClientRect
GetParent
UpdateWindow
CopyRect
FillRect
DrawTextA
OffsetRect
SetActiveWindow
TabbedTextOutA
DrawTextExA
GrayStringA
GetDesktopWindow
SetRect
GetDC
LoadIconW
GetSystemMenu
AppendMenuA
DestroyCursor
GetWindowRgn
SetTimer
IsIconic
IsWindowVisible
GetWindowThreadProcessId
EnumWindows
KillTimer
WaitForInputIdle
PostMessageA
UnregisterClassA
LoadCursorA
GetSysColorBrush
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
DrawStateA
ReleaseCapture
SetCursor
LoadCursorW
SetCapture
GetDCEx
SetRectEmpty
IntersectRect
EndPaint
BeginPaint
ClientToScreen
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
IsHungAppWindow
IsWindow
GetWindowTextLengthA
GetClassNameA
GetWindowTextA
GetKeyboardState
DrawIcon
ShowWindow
MoveWindow
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuA
GetMenuItemID
GetMenuStringA
GetMenuState
CharUpperA
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
GetWindow
PtInRect
SetWindowPos
SetWindowLongA
GetWindowLongA
GetMenu
CallWindowProcA
DefWindowProcA
GetDlgCtrlID
GetWindowPlacement
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
MessageBoxA
RedrawWindow
ShowScrollBar
SetForegroundWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
SetMenu
TrackPopupMenu
ScrollWindow
MapWindowPoints
GetMonitorInfoA
MonitorFromWindow
GetMessagePos
GetMessageTime
DestroyWindow
GetTopWindow
GetDlgItem
EndDeferWindowPos
BeginDeferWindowPos
GetLastActivePopup
GetForegroundWindow
SetFocus
GetFocus
RemovePropA
GetPropA
SetPropA
GetClassLongA
GetCapture
IsChild
WinHelpA
SendDlgItemMessageA
LoadIconA
RegisterWindowMessageA
EndDialog
GetNextDlgTabItem
IsWindowEnabled
CreateDialogIndirectParamA
CheckDlgButton
IsDialogMessageA
SetWindowTextA

psapi

EnumProcessModules
GetModuleBaseNameA

shmdll

?WriteData@SHMManager@@QAEHJJPAXJ@Z
??1SHMManager@@QAE@XZ
??1CSharedMem@@QAE@XZ
??0SHMManager@@QAE@PAUST_SHMINFO@0@H@Z
?Create@SHMManager@@QAEXXZ
?Close@SHMManager@@QAEXXZ

kernel32

GetFileTime
GlobalFlags
GetCPInfo
GetOEMCP
GetSystemDirectoryW
lstrcpyA
GetACP
GetTempFileNameA
GetTempPathA
GetWindowsDirectoryA
GetNumberFormatA
GetTickCount
Sleep
SearchPathA
VirtualProtect
FindResourceExW
ExitProcess
DecodePointer
GetSystemTimeAsFileTime
ExitThread
CreateThread
EncodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapAlloc
HeapFree
HeapReAlloc
RtlUnwind
RaiseException
VirtualAlloc
GetSystemInfo
VirtualQuery
SetStdHandle
GetFileType
HeapSize
HeapQueryInformation
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
IsValidCodePage
GetTimeZoneInformation
IsProcessorFeaturePresent
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
QueryPerformanceCounter
GetConsoleCP
GetConsoleMode
GetDriveTypeW
GetStringTypeW
CompareStringW
WriteConsoleW
GetCurrentDirectoryW
CreateFileW
SetEnvironmentVariableA
GetFileAttributesExA
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
TlsGetValue
LocalAlloc
InterlockedIncrement
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
lstrcmpA
GetModuleHandleW
InterlockedExchange
GetFileSizeEx
GetCurrentProcessId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
lstrcmpW
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
SuspendThread
GetCurrentThreadId
SetThreadPriority
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
ActivateActCtx
DeactivateActCtx
DeleteFileA
lstrcmpiA
GetThreadLocale
SetLastError
CopyFileA
GlobalSize
FormatMessageA
LocalFree
lstrlenW
lstrlenA
MultiByteToWideChar
OutputDebugStringA
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
GetVersionExA
TerminateProcess
GetModuleHandleA
CreateProcessA
SetCurrentDirectoryA
GetExitCodeProcess
GetPrivateProfileIntA
GetCurrentDirectoryA
GetLastError
ResetEvent
FreeResource
FindResourceA
ResumeThread
MulDiv
FreeLibrary
GetProcAddress
LoadLibraryA
GlobalReAlloc
WriteFile
CreateFileA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetDiskFreeSpaceA
CreateDirectoryA
GetFileAttributesA
SetEvent
WaitForSingleObject
RemoveDirectoryA
GetLocalTime
GetModuleFileNameA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
CloseHandle
CreateEventA
GetProfileIntA

gdi32

SetPixelV
GetTextFaceA
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPaletteEntries
ExtFloodFill
EnumFontFamiliesExA
SetPixel
SetDIBColorTable
OffsetRgn
GetNearestPaletteIndex
GetPaletteEntries
Polygon
Ellipse
Polyline
CreateEllipticRgn
CreatePolygonRgn
GetRgnBox
GetTextColor
CreateDIBSection
CreateRoundRectRgn
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
Rectangle
PatBlt
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateHatchBrush
CreatePen
GetObjectType
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
SaveDC
CreateBitmap
SetBkColor
SetTextColor
CopyMetaFileA
CreateFontA
CreateSolidBrush
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
StretchBlt
GetTextMetricsA
GetTextExtentPoint32A
CreateFontIndirectA
GetStockObject
GetBkColor
DPtoLP
GetMapMode
LPtoDP
CreatePalette
GetSystemPaletteEntries
RealizePalette
SelectPalette
CreateDCA
GetObjectA
RestoreDC
GetDeviceCaps
GetDIBits
DeleteObject
DeleteDC
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA

shell32

SHBrowseForFolderA
ShellExecuteA
SHAppBarMessage
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetFileInfoA
DragFinish
DragQueryFileA
DragAcceptFiles
SHGetMalloc
SHGetSpecialFolderLocation

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindExtensionA
PathRemoveFileSpecW
PathFindFileNameA
PathStripToRootA
PathIsUNCA

ole32

CoRegisterMessageFilter
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoInitializeEx
CoCreateInstance
CoInitialize
CoGetClassObject
CoUninitialize
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CreateStreamOnHGlobal
CoRevokeClassObject

oleaut32

SysAllocStringLen
VariantInit
VariantChangeType
SysAllocStringByteLen
SysAllocString
OleCreateFontIndirect
SysFreeString
VariantClear
VarBstrFromDate
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
OleLoadPicture
VariantCopy

oledlg

ord8

gdiplus

GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCreateBitmapFromScan0
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipCloneImage
GdipDrawImageI

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winmm

PlaySoundA

Exports

Exports

??0CSharedMem@@QAE@ABV0@@Z
??0SHMManager@@QAE@ABV0@@Z
??4CSharedMem@@QAEAAV0@ABV0@@Z
??4SHMManager@@QAEAAV0@ABV0@@Z

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 993KB - Virtual size: 992KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28321e1274d9e8362c195d9047cba5ec

Headers

DLL Characteristics

File Characteristics

Imports

user32

psapi

shmdll

kernel32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 291KB - Virtual size: 290KB

.data Size: 58KB - Virtual size: 87KB

.rsrc Size: 993KB - Virtual size: 992KB

.reloc Size: 180KB - Virtual size: 180KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 291KB - Virtual size: 290KB

.data
Size: 58KB - Virtual size: 87KB

.rsrc
Size: 993KB - Virtual size: 992KB

.reloc
Size: 180KB - Virtual size: 180KB