2024-02-01_f802591b16d6baf107f52e80621ddced_floxif_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-01_f802591b16d6baf107f52e80621ddced_floxif_mafia
Size

7.7MB
MD5

f802591b16d6baf107f52e80621ddced
SHA1

5433d3654af539b18949c09d7e70a6ee0fc544d6
SHA256

6fe2e846dccefe7142f009a85c6fd851daca14aeb82c20e57eff6c3ce30d246c
SHA512

b711186f738e75015c3688962cf8bca3953d36a10ce47fd94f858c2939d518b6d4da586203fd4f7e51b8ec6d3b080702740b84a75d9895f1175b837b052b0b8d
SSDEEP

196608:FaYpG9+C0z52npH9LD+z+5D8jO//PrCRS6WtiY2B3MIUa4s5Pqhpp35+bdo:nG9+Fz5ydD+zqD8jjRS6WtiY2B3MIUak

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-01_f802591b16d6baf107f52e80621ddced_floxif_mafia

Files

2024-02-01_f802591b16d6baf107f52e80621ddced_floxif_mafia
.exe windows:5 windows x86 arch:x86

6effe3c9d918b1226e460e8f12de2b90

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\iFunBox.Project\Project.Dev\Projects\Release\iFunBox.pdb

Imports

kernel32

UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetConsoleCP
GetConsoleMode
GetCPInfo
GetOEMCP
IsValidCodePage
GetStringTypeW
LCMapStringW
GetTimeZoneInformation
GetFileAttributesA
SetConsoleCtrlHandler
GetFullPathNameA
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetEnvironmentVariableA
FreeEnvironmentStringsW
HeapSize
HeapQueryInformation
ExitThread
HeapReAlloc
RtlUnwind
VirtualQuery
VirtualAlloc
HeapAlloc
GetProcessHeap
SetConsoleMode
ReadConsoleInputA
FlushConsoleInputBuffer
GetVersionExA
LoadLibraryA
GetVersion
FindNextFileA
FindFirstFileA
CreateFileA
lstrcpynW
InterlockedCompareExchange
HeapCreate
SetHandleCount
ExitProcess
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetFileType
SetStdHandle
HeapFree
DecodePointer
EncodePointer
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
VirtualProtect
SearchPathW
InitializeCriticalSectionAndSpinCount
SetErrorMode
GetFileSizeEx
SetFileAttributesW
GetNumberFormatW
GetWindowsDirectoryW
FileTimeToLocalFileTime
GetVolumeInformationW
UnlockFile
LockFile
lstrcmpiW
GetFullPathNameW
GetTempFileNameW
GetUserDefaultLCID
FileTimeToSystemTime
GetThreadLocale
lstrcpyW
GetSystemDirectoryW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
LoadLibraryExW
GetProfileIntW
RaiseException
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
ReleaseActCtx
CreateActCtxW
CopyFileW
LocalFree
MulDiv
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
GlobalGetAtomNameW
GlobalAddAtomW
ActivateActCtx
DeactivateActCtx
GetACP
ReleaseMutex
CreateMutexW
InterlockedExchange
GetTempPathW
SuspendThread
ResetEvent
SetEvent
CreateEventW
SetEnvironmentVariableW
IsWow64Process
GetDiskFreeSpaceExW
GetFileAttributesExW
MoveFileW
RemoveDirectoryW
DeleteFileW
InterlockedIncrement
InterlockedDecrement
ResumeThread
PeekNamedPipe
LeaveCriticalSection
EnterCriticalSection
GetProcessTimes
GetExitCodeProcess
SetPriorityClass
DuplicateHandle
CreatePipe
DeleteCriticalSection
InitializeCriticalSection
TerminateProcess
OpenProcess
CreateProcessW
GetModuleHandleW
FindNextFileW
FindClose
FindFirstFileW
SetCurrentDirectoryW
GetCurrentDirectoryW
GlobalSize
GlobalFree
FreeResource
GlobalUnlock
GlobalLock
GlobalAlloc
GetModuleFileNameW
GetTickCount
lstrlenA
lstrlenW
DosDateTimeToFileTime
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
FileTimeToDosDateTime
GetSystemInfo
WideCharToMultiByte
MultiByteToWideChar
TerminateThread
SetThreadPriority
WaitForSingleObject
MoveFileExW
GetExitCodeThread
CreateThread
Sleep
GetFileTime
SetFileTime
GetFileSize
FlushFileBuffers
WriteFile
ReadFile
SetEndOfFile
SetFilePointer
GetFileAttributesW
CreateDirectoryW
QueryPerformanceCounter
QueryPerformanceFrequency
SetLastError
GlobalMemoryStatus
GetLastError
DebugBreak
GetVersionExW
FormatMessageW
SetUnhandledExceptionFilter
CloseHandle
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
CreateFileW
WriteConsoleW
GetStdHandle
FindResourceW
LoadResource
LockResource
SizeofResource
FreeLibrary
GetProcAddress
LoadLibraryW
IsBadReadPtr
CreateProcessA

user32

CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
IsChild
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetClassNameW
UnpackDDElParam
ReuseDDElParam
DestroyMenu
WinHelpW
LoadImageW
GetActiveWindow
IsWindowEnabled
EqualRect
GetDlgCtrlID
GetKeyState
GetCapture
ReleaseCapture
LoadAcceleratorsW
SetActiveWindow
InvalidateRect
IsIconic
InsertMenuItemW
CreatePopupMenu
GetClassInfoW
IntersectRect
SetRectEmpty
CopyRect
GetLastActivePopup
GetDesktopWindow
TranslateAcceleratorW
SetCursor
IsWindowVisible
PtInRect
GetFocus
GetMenuItemID
GetMenuState
DestroyIcon
UpdateWindow
RegisterClipboardFormatW
EnumThreadWindows
FindWindowW
RemoveMenu
GetMenuStringW
LoadStringW
GetSubMenu
ShowOwnedPopups
CopyAcceleratorTableW
InvalidateRgn
RealChildWindowFromPoint
GetAsyncKeyState
GetWindowThreadProcessId
WindowFromPoint
GetCursorPos
EnumDisplayMonitors
DeleteMenu
MapVirtualKeyW
SetCursorPos
KillTimer
SetTimer
DispatchMessageW
TranslateMessage
PeekMessageW
PostThreadMessageW
SetLayeredWindowAttributes
UpdateLayeredWindow
LoadIconW
SetMenu
PostQuitMessage
EnableMenuItem
CheckMenuItem
GetMenu
ClientToScreen
PostMessageW
DestroyWindow
ScreenToClient
GetSystemMetrics
RedrawWindow
CreateWindowExW
UnregisterClassW
RegisterClassExW
DefWindowProcW
IsDialogMessageW
MoveWindow
AppendMenuW
InflateRect
GetMenuItemInfoW
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
GetWindowDC
GetParent
GetDlgItem
SetClipboardData
EmptyClipboard
IsClipboardFormatAvailable
CloseClipboard
OpenClipboard
SystemParametersInfoW
BeginPaint
EndPaint
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetWindow
CharNextW
CharUpperW
GetNextDlgGroupItem
MessageBeep
DestroyAcceleratorTable
MessageBoxW
wsprintfW
GetKeyNameTextW
GetSysColor
LoadCursorW
CreateMenu
InsertMenuW
LoadMenuW
GetMenuItemCount
IsZoomed
MessageBoxA
GetProcessWindowStation
GetUserObjectInformationW
GetClipboardFormatNameW
CreateIconFromResourceEx
CreateIconIndirect
CloseWindow
ShowCaret
IsWindow
NotifyWinEvent
GetDC
ReleaseDC
GetWindowRect
GetWindowLongW
CallWindowProcW
GetClientRect
SetFocus
SendMessageW
OffsetRect
SetWindowPos
FillRect
GetSysColorBrush
ShowWindow
SetWindowLongW
SetParent
GetWindowTextW
EnableWindow
SetClassLongW
DrawStateW
GetSystemMenu
ModifyMenuW
SetWindowTextW
BringWindowToTop
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
EndDialog
GetNextDlgTabItem
IsRectEmpty
CreateDialogIndirectParamW
DrawIcon
SetWindowRgn
SetCapture
SetRect
MapDialogRect
UnionRect
SetWindowContextHelpId
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableW
GetWindowRgn
DestroyCursor
SubtractRect
MapVirtualKeyExW
IsCharLowerW
GetDoubleClickTime
CharUpperBuffW
CopyIcon
GetUpdateRect
FrameRect
SetMenuDefaultItem
WaitMessage
IsMenu
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
CopyImage
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
GetDCEx
LockWindowUpdate
GetMessageW

gdi32

GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
Escape
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
CreateBitmap
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateRectRgnIndirect
PatBlt
CreateEllipticRgn
DPtoLP
LPtoDP
Ellipse
GetRgnBox
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetRectRgn
CombineRgn
CreateRectRgn
GetCharWidthW
StretchDIBits
GetBkColor
GetTextColor
CreateRoundRectRgn
CreatePolygonRgn
Polyline
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
GetDIBits
StretchBlt
SetPixel
RoundRect
Rectangle
EnumFontFamiliesExW
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceW
SetPixelV
SelectClipRgn
GetMapMode
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetTextMetricsW
ExtTextOutW
BitBlt
CreateFontIndirectW
CreateDCW
CopyMetaFileW
GetDeviceCaps
SetBkColor
SetTextColor
CreateCompatibleBitmap
GetDIBColorTable
GetObjectW
SetDIBColorTable
DeleteObject
DeleteDC
SelectObject
SetDIBits
SetViewportOrgEx
CreateCompatibleDC
CreateDIBSection
CreateFontW
SetROP2
GetTextExtentPoint32W

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetSaveFileNameW
GetOpenFileNameW
GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueW
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegCloseKey
RegSetValueExW
OpenSCManagerW
OpenServiceW
RegEnumKeyExW
RegEnumValueW
RegQueryValueExW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegDeleteValueW
ChangeServiceConfigW
RegOpenKeyExW

shell32

DragQueryFileW
ShellExecuteW
SHGetFileInfoW
SHGetSpecialFolderLocation
DragFinish
SHBrowseForFolderW
SHAppBarMessage
SHGetPathFromIDListW
SHGetDesktopFolder

comctl32

InitCommonControlsEx
ImageList_GetIconSize
_TrackMouseEvent
PropertySheetW

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindExtensionW

ole32

CreateStreamOnHGlobal
CoCreateInstance
CoInitialize
CoCreateGuid
CoUninitialize
CoTaskMemFree
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
CoRegisterMessageFilter
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleGetClipboard
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
DoDragDrop
CoDisconnectObject
OleFlushClipboard
OleIsCurrentClipboard
OleDraw
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium

oleaut32

LoadRegTypeLi
DispCallFunc
VariantCopy
VariantChangeType
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
VariantClear
VariantInit
SafeArrayDestroy
SafeArrayUnaccessData
SysFreeString
VariantTimeToSystemTime
SafeArrayAccessData
SafeArrayCreateVector
SafeArrayGetDim
SafeArrayCreate
SafeArrayGetUBound
SystemTimeToVariantTime
SysAllocString
LoadTypeLi
OleLoadPicturePath
VarBstrFromDate
OleCreateFontIndirect
SafeArrayGetLBound
SafeArrayGetElemsize

oledlg

OleUIBusyW
OleUIAddVerbMenuW

gdiplus

GdipDeleteBrush
GdipCloneBrush
GdipSetSolidFillColor
GdipSetPenColor
GdipFillRectangleI
GdipDrawRectangleI
GdipCreateFromHDC
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipGraphicsClear
GdipSetSmoothingMode
GdipDrawLine
GdipDrawImage
GdipGetImageHeight
GdipGetImageWidth
GdipSetInterpolationMode
GdipDrawImageRectI
GdipSaveImageToStream
GdipCreateSolidFill
GdipCreateBitmapFromStreamICM
GdipSaveImageToFile
GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipCreateHICONFromBitmap
GdipGetDC
GdipReleaseDC
GdipDrawImageRect
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipBitmapGetPixel
GdipFillPolygon
GdipFillEllipseI
GdipFillRectangle
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromStream
GdipDeletePen
GdipCreatePen1
GdipDeleteFont
GdiplusShutdown
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdiplusStartup
GdipDisposeImage
GdipCloneImage
GdipAlloc
GdipCreateBitmapFromScan0
GdipFree

dbghelp

MiniDumpWriteDump

ws2_32

WSASend
select
accept
inet_ntoa
listen
__WSAFDIsSet
ioctlsocket
recv
send
ntohl
connect
getpeername
closesocket
shutdown
getsockopt
bind
setsockopt
socket
WSAGetLastError
inet_addr
gethostbyname
gethostname
htons
WSACleanup
WSAStartup

psapi

GetModuleBaseNameW
EnumProcessModules
GetProcessImageFileNameW
GetModuleFileNameExW
EnumProcesses

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Exports

Exports

libssh2_banner_set
libssh2_base64_decode
libssh2_channel_close
libssh2_channel_direct_tcpip_ex
libssh2_channel_eof
libssh2_channel_flush_ex
libssh2_channel_forward_accept
libssh2_channel_forward_cancel
libssh2_channel_forward_listen_ex
libssh2_channel_free
libssh2_channel_get_exit_signal
libssh2_channel_get_exit_status
libssh2_channel_handle_extended_data
libssh2_channel_handle_extended_data2
libssh2_channel_open_ex
libssh2_channel_process_startup
libssh2_channel_read_ex
libssh2_channel_receive_window_adjust
libssh2_channel_receive_window_adjust2
libssh2_channel_request_pty_ex
libssh2_channel_request_pty_size_ex
libssh2_channel_send_eof
libssh2_channel_set_blocking
libssh2_channel_setenv_ex
libssh2_channel_wait_closed
libssh2_channel_wait_eof
libssh2_channel_window_read_ex
libssh2_channel_window_write_ex
libssh2_channel_write_ex
libssh2_channel_x11_req_ex
libssh2_exit
libssh2_free
libssh2_hostkey_hash
libssh2_init
libssh2_keepalive_config
libssh2_keepalive_send
libssh2_poll
libssh2_poll_channel_read
libssh2_session_abstract
libssh2_session_block_directions
libssh2_session_callback_set
libssh2_session_disconnect_ex
libssh2_session_flag
libssh2_session_free
libssh2_session_get_blocking
libssh2_session_get_timeout
libssh2_session_handshake
libssh2_session_hostkey
libssh2_session_init_ex
libssh2_session_last_errno
libssh2_session_last_error
libssh2_session_method_pref
libssh2_session_methods
libssh2_session_set_blocking
libssh2_session_set_timeout
libssh2_session_startup
libssh2_trace
libssh2_trace_sethandler
libssh2_userauth_authenticated
libssh2_userauth_hostbased_fromfile_ex
libssh2_userauth_keyboard_interactive_ex
libssh2_userauth_list
libssh2_userauth_password_ex
libssh2_userauth_publickey
libssh2_userauth_publickey_fromfile_ex

Sections

.text
Size: 5.2MB - Virtual size: 5.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 98KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 829KB - Virtual size: 828KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 419KB - Virtual size: 418KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6effe3c9d918b1226e460e8f12de2b90

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

dbghelp

ws2_32

psapi

oleacc

imm32

winmm

Exports

Exports

Sections

.text Size: 5.2MB - Virtual size: 5.2MB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 98KB - Virtual size: 146KB

.rsrc Size: 829KB - Virtual size: 828KB

.reloc Size: 419KB - Virtual size: 418KB

.text
Size: 5.2MB - Virtual size: 5.2MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 98KB - Virtual size: 146KB

.rsrc
Size: 829KB - Virtual size: 828KB

.reloc
Size: 419KB - Virtual size: 418KB