2024-01-26_34d9617e5dfde57a58563dcf3aabb7c2_floxif_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-26_34d9617e5dfde57a58563dcf3aabb7c2_floxif_mafia
Size

3.9MB
MD5

34d9617e5dfde57a58563dcf3aabb7c2
SHA1

7e5ef799c3beda95246ee9ced7fe183b14f1f170
SHA256

ac0db1cbd9b9e89aa4add04de48c4bd5ff1eb0b06d268b2e90c9c8efcf1fcb74
SHA512

3e8b49e74b5471a59d813fc30d71de91fc131b94eadee3300cebee9c329722efc8b6e5b8f51acaa7b5e1f06f78f933945052b10f8baf4e015ca3aab3952663e2
SSDEEP

98304:khkTcMCGDJeUTlQvbNYILC4qyQDft/OszXS+SY9kB5kmZxryr9DYX:MEWRYa6tGX+dmfZxryrA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-26_34d9617e5dfde57a58563dcf3aabb7c2_floxif_mafia

Files

2024-01-26_34d9617e5dfde57a58563dcf3aabb7c2_floxif_mafia
.exe windows:5 windows x86 arch:x86

fbc771526e7cdfb757273b20d6e2f1e3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

MiniDumpWriteDump

kernel32

LCMapStringW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
CreateFileA
GetExitCodeProcess
CreateProcessW
SetCurrentDirectoryW
GetDriveTypeW
GetFullPathNameA
SetEnvironmentVariableA
SetEnvironmentVariableW
WideCharToMultiByte
lstrlenW
SizeofResource
LockResource
LoadResource
FindResourceW
InterlockedIncrement
InterlockedDecrement
Sleep
MultiByteToWideChar
GetCurrentThreadId
CreateFileW
lstrlenA
GetCurrentProcessId
GetCurrentProcess
GetLocalTime
LeaveCriticalSection
EnterCriticalSection
GetConsoleCP
SetUnhandledExceptionFilter
FreeLibrary
CloseHandle
OpenProcess
HeapFree
GetProcessHeap
HeapAlloc
GetProcAddress
LoadLibraryA
GetTimeZoneInformation
DeleteFileW
CopyFileW
TerminateProcess
InterlockedExchange
LoadLibraryW
GetModuleHandleW
SetLastError
DeactivateActCtx
GetLastError
ActivateActCtx
lstrcpyW
GetModuleFileNameW
MulDiv
InitializeCriticalSection
DeleteCriticalSection
GetOverlappedResult
ReadFile
GetStringTypeW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
QueryPerformanceCounter
HeapDestroy
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
HeapSize
HeapQueryInformation
ExitProcess
HeapReAlloc
CreateThread
ExitThread
VirtualQuery
GetSystemInfo
SetConsoleCtrlHandler
FatalAppExitA
GetVersionExW
GetConsoleMode
WriteFile
VirtualAlloc
GetFileAttributesA
LocalFree
FormatMessageW
GlobalUnlock
DecodePointer
EncodePointer
RaiseException
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineW
LocalLock
LocalUnlock
FindResourceExW
VirtualProtect
GetDiskFreeSpaceW
ReplaceFileW
GetUserDefaultLCID
SearchPathW
GetProfileIntW
GetTickCount
GetNumberFormatW
GetWindowsDirectoryW
GetTempPathW
GetTempFileNameW
GetFileTime
GetFileSizeEx
GetFileAttributesW
SetFileTime
LocalFileTimeToFileTime
SetFileAttributesW
GetFileAttributesExW
SetErrorMode
GetCurrentDirectoryW
SystemTimeToFileTime
GetAtomNameW
GlobalGetAtomNameW
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InitializeCriticalSectionAndSpinCount
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
MoveFileW
lstrcmpiW
GetStringTypeExW
ReleaseActCtx
CreateActCtxW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
CreateEventW
SuspendThread
SetEvent
GlobalLock
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringA
GetThreadLocale
lstrcmpA
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
GlobalFree
GlobalSize
GlobalAlloc

user32

EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
CopyImage
GetIconInfo
HideCaret
InvertRect
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFocusRect
DrawFrameControl
DrawEdge
SetClassLongW
DestroyAcceleratorTable
UnpackDDElParam
ReuseDDElParam
GetMenuBarInfo
LoadAcceleratorsW
InsertMenuItemW
TranslateAcceleratorW
UnregisterClassW
GetNextDlgGroupItem
WaitMessage
InvalidateRgn
CopyAcceleratorTableW
GetMenuDefaultItem
SetMenuDefaultItem
CreatePopupMenu
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
NotifyWinEvent
MessageBeep
DeleteMenu
GetDialogBaseUnits
RealChildWindowFromPoint
GetSysColorBrush
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
IntersectRect
CharUpperW
LoadCursorW
KillTimer
IsRectEmpty
SetWindowContextHelpId
MapDialogRect
WindowFromPoint
ShowOwnedPopups
SetCursor
GetMessageW
TranslateMessage
ValidateRect
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
CharNextW
GetKeyNameTextW
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
TabbedTextOutW
ScrollWindowEx
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
RegisterClipboardFormatW
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetFocus
IsWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
IsWindowVisible
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
GetParent
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowPos
GetWindow
GetMenuState
GetMenuStringW
GetMenuItemID
FrameRect
CopyIcon
CharUpperBuffW
PostThreadMessageW
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
GetTabbedTextExtentW
GetWindowRgn
WindowFromDC
GetDCEx
EnumChildWindows
DestroyCursor
SubtractRect
InsertMenuW
GetMenuItemCount
RemoveMenu
GetClassNameW
UpdateWindow
DrawStateW
DrawTextW
GetDC
ReleaseDC
LoadImageW
DestroyIcon
MapVirtualKeyExW
IsCharLowerW
GetDoubleClickTime
GetUpdateRect
SendNotifyMessageW
IsClipboardFormatAvailable
CreateMenu
SetDlgItemInt
InSendMessage
SetCapture
SetWindowRgn
IsZoomed
PtInRect
InflateRect
GetAsyncKeyState
TrackMouseEvent
ReleaseCapture
RedrawWindow
DrawIconEx
CopyRect
GetSystemMetrics
GetWindowLongW
LoadIconW
SetParent
ShowScrollBar
SetTimer
InvalidateRect
GetClientRect
IsIconic
GetSystemMenu
PostMessageW
LoadMenuW
AppendMenuW
DrawIcon
FillRect
LoadBitmapW
FlashWindowEx
OffsetRect
SetRect
ScreenToClient
EnableMenuItem
GetCursorPos
GetSubMenu
GetDesktopWindow
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
BringWindowToTop
SetForegroundWindow
PostQuitMessage
wsprintfW
SendMessageW
GetWindowRect
SetWindowLongW
EnableWindow
MapVirtualKeyW

gdi32

SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetLayout
SetLayout
SetArcDirection
SetColorAdjustment
SelectClipRgn
GetClipRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocW
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateDIBPatternBrushPt
CreatePatternBrush
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateHatchBrush
CreateRectRgnIndirect
SetROP2
GetBkColor
GetTextColor
DPtoLP
LPtoDP
Ellipse
SetRectRgn
GetMapMode
CreateDIBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
GetRgnBox
GetCharWidthW
CreateFontW
StretchDIBits
GetCurrentObject
CreatePolygonRgn
Polyline
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
GetDIBits
SetPixel
Rectangle
RoundRect
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceW
CreateMetaFileW
CloseMetaFile
DeleteMetaFile
SetPixelV
SetBkMode
SetPolyFillMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
CreateDCW
CopyMetaFileW
GetStockObject
GetDeviceCaps
BitBlt
CombineRgn
CreateEllipticRgn
CreateRectRgn
CreateCompatibleBitmap
GetTextExtentPoint32W
CreateDIBSection
StretchBlt
GetDIBColorTable
GetObjectW
SetDIBColorTable
SelectObject
DeleteDC
CreateCompatibleDC
CreateFontIndirectW
PatBlt
DeleteObject
CreateSolidBrush

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

GetJobW
OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

SetFileSecurityW
RegSetValueW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
GetFileSecurityW
RegCloseKey
RegEnumKeyExW
RegEnumValueW

shell32

ExtractIconW
ShellExecuteW
SHGetSpecialFolderPathW
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteExW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHAppBarMessage
DragQueryFileW
DragFinish
Shell_NotifyIconW
SHAddToRecentDocs
SHGetFileInfoW
SHGetMalloc

comctl32

InitCommonControlsEx
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Create
ImageList_GetImageCount
ImageList_Destroy
ImageList_AddMasked
ImageList_Remove
ImageList_DrawEx

shlwapi

PathFindExtensionW
PathRemoveExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
UrlUnescapeW
AssocQueryStringW
PathRemoveFileSpecW

ole32

StgOpenStorage
CoLockObjectExternal
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
CreateBindCtx
ReleaseStgMedium
CoTaskMemAlloc
StringFromCLSID
CoTreatAsClass
OleDuplicateData
CoCreateGuid
CLSIDFromProgID
CLSIDFromString
CoDisconnectObject
StringFromGUID2
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleRun
CreateStreamOnHGlobal
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoInitializeEx
PropVariantCopy
StgCreateDocfile
CreateFileMoniker
RegisterDragDrop
StgIsStorageFile
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleSetMenuDescriptor
OleGetClipboard
CreateDataAdviseHolder
CreateOleAdviseHolder
CoGetMalloc
GetRunningObjectTable
OleIsRunning
OleQueryLinkFromData
OleQueryCreateFromData
OleRegGetMiscStatus
OleRegEnumVerbs
CreateGenericComposite
CreateItemMoniker
OleGetIconOfClass
OleCreateLinkToFile
OleCreateFromFile
OleSetContainedObject
GetHGlobalFromILockBytes
OleLoad
OleCreate
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSaveToStream
WriteClassStm
OleSave
CoRegisterMessageFilter
CoRevokeClassObject
CoRegisterClassObject
RevokeDragDrop

oleaut32

GetErrorInfo
SysAllocString
VarBstrFromDate
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
VarDateFromStr
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
OleCreateFontIndirect
SysStringByteLen
VariantChangeType
VariantClear
SysAllocStringLen
VariantInit
SysAllocStringByteLen
SysFreeString
SysStringLen
SetErrorInfo
SafeArrayCreate
CreateErrorInfo

oledlg

OleUIBusyW

gdiplus

GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusStartup
GdiplusShutdown
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits

winmm

PlaySoundW

ws2_32

gethostname
shutdown
closesocket
WSAWaitForMultipleEvents
WSAGetLastError
WSASocketW
htons
WSAConnect
WSAResetEvent
inet_addr
gethostbyname
WSACloseEvent
WSACleanup
WSAStartup
WSACreateEvent

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

wininet

FtpRenameFileW
InternetCrackUrlW
InternetReadFile
InternetCloseHandle
HttpQueryInfoW
InternetOpenUrlW
InternetOpenW
HttpOpenRequestW
GopherOpenFileW
InternetConnectW
FtpFindFirstFileW
GopherCreateLocatorW
FtpCommandW
FtpOpenFileW
GopherGetAttributeW
HttpSendRequestExW
HttpEndRequestW
HttpSendRequestW
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
GopherFindFirstFileW
InternetFindNextFileW
HttpAddRequestHeadersW
InternetErrorDlg
FtpGetFileW
FtpPutFileW
FtpGetCurrentDirectoryW
FtpSetCurrentDirectoryW
FtpRemoveDirectoryW
FtpCreateDirectoryW
InternetCanonicalizeUrlW
FtpDeleteFileW
InternetQueryDataAvailable
InternetGetCookieW
InternetSetCookieW
InternetSetOptionExW
InternetQueryOptionW
InternetGetLastResponseInfoW

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 612KB - Virtual size: 611KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 338KB - Virtual size: 338KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fbc771526e7cdfb757273b20d6e2f1e3

Headers

DLL Characteristics

File Characteristics

Imports

dbghelp

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

winmm

ws2_32

oleacc

wininet

imm32

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

.rdata Size: 612KB - Virtual size: 611KB

.data Size: 42KB - Virtual size: 74KB

.idata Size: 25KB - Virtual size: 25KB

.rsrc Size: 338KB - Virtual size: 338KB

.reloc Size: 200KB - Virtual size: 200KB

.text
Size: 2.7MB - Virtual size: 2.7MB

.rdata
Size: 612KB - Virtual size: 611KB

.data
Size: 42KB - Virtual size: 74KB

.idata
Size: 25KB - Virtual size: 25KB

.rsrc
Size: 338KB - Virtual size: 338KB

.reloc
Size: 200KB - Virtual size: 200KB