2024-03-07_cca293b8e5e47cff51fb7c2180e590dd_ironstealer_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-07_cca293b8e5e47cff51fb7c2180e590dd_ironstealer_mafia
Size

9.8MB
MD5

cca293b8e5e47cff51fb7c2180e590dd
SHA1

3a4886c7c10fabfe5a4860091d14a0fc35aec00e
SHA256

74c847e5830c3e99c32beb64ff280f64b25c56cb3b119f226cf304276fefb458
SHA512

94c80c63fc3a02c8699baea3b119189a1f60c047cec0dd52ac46476e8d24ef0d38c15f201c0a839c024a164359558669c6cb42c57d2586ee4c0a817920b2b4b1
SSDEEP

196608:DzCkXuE0UsjMUrGBcwx3TkwjV556GKby42+zkFfnRk9QRIM+8F7tp:DZ+TII63og76GKbSmkJRkSIkp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-07_cca293b8e5e47cff51fb7c2180e590dd_ironstealer_mafia

Files

2024-03-07_cca293b8e5e47cff51fb7c2180e590dd_ironstealer_mafia
.exe windows:5 windows x86 arch:x86

d92fdf5876bc2aa0e701b7e90b0c6eb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Destroy
ImageList_Create
ImageList_ReplaceIcon

shlwapi

PathFileExistsA
PathIsRootA
PathFindNextComponentA
PathIsDirectoryEmptyA
PathAddBackslashA
PathRemoveFileSpecA
PathIsDirectoryA
SHDeleteKeyA
PathIsUNCA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

LoadLibraryA
GetDriveTypeA
Process32Next
OpenProcess
Process32First
GetLastError
CreateToolhelp32Snapshot
ExpandEnvironmentStringsA
GlobalUnlock
GlobalLock
GetCurrentProcess
GetCurrentThread
Sleep
TerminateThread
SetPriorityClass
SetThreadPriority
CreateProcessA
CreateDirectoryA
lstrcpynA
GetExitCodeProcess
WaitForSingleObject
GetSystemDirectoryA
GetWindowsDirectoryA
GetProcessHeap
WriteConsoleW
HeapSize
HeapReAlloc
FlushFileBuffers
SetStdHandle
LCMapStringW
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameW
LoadLibraryW
HeapCreate
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetLocaleInfoW
GetUserDefaultLCID
RtlUnwind
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetHandleCount
LeaveCriticalSection
EnterCriticalSection
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsProcessorFeaturePresent
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
GetProcAddress
FreeLibrary
GetDiskFreeSpaceA
GetModuleFileNameA
GetTempPathA
GetCurrentDirectoryA
GetFileSize
ReadFile
SetFilePointer
SetEndOfFile
GetVersion
ResumeThread
SuspendThread
GetExitCodeThread
CreateThread
LocalReAlloc
CopyFileA
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
RemoveDirectoryA
lstrcmpiA
lstrcatA
SetFileAttributesA
CreateFileA
WriteFile
CloseHandle
lstrcmpA
lstrlenA
lstrcpyA
LocalAlloc
LocalFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
DecodePointer
ExitProcess
GetModuleHandleW
HeapFree
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
GetFileAttributesA
CreateFileW

user32

GetDlgItem
EnableWindow
SetCursor
ShowWindow
SetFocus
IsWindowEnabled
LoadIconA
SendDlgItemMessageA
CharToOemA
UpdateWindow
GetDC
ReleaseDC
InvalidateRect
DestroyWindow
CreateDialogParamA
SetClassLongA
BeginPaint
FillRect
SetDlgItemTextA
ScreenToClient
MessageBoxIndirectA
RegisterClipboardFormatA
LoadCursorA
EndPaint
GetWindowRect
SetWindowPos
GetClientRect
MapWindowPoints
CreateWindowExA
GetWindowLongA
SetWindowLongA
DialogBoxParamA
CallWindowProcA
EndDialog
LoadImageA
SetDlgItemInt
CheckDlgButton
SetWindowTextA
GetDesktopWindow
GetForegroundWindow
GetDlgCtrlID
GetDlgItemTextA
SetForegroundWindow
SendMessageA
IsDlgButtonChecked
CheckRadioButton
PostMessageA
wsprintfA

gdi32

CreateCompatibleDC
SelectObject
SelectPalette
RealizePalette
StretchBlt
DeleteDC
DeleteObject
GetStockObject
GetObjectA
CreateFontIndirectA
CreatePalette
SetBkMode

advapi32

AddAccessAllowedAce
RegQueryValueExA
RegOpenKeyExA
CloseServiceHandle
RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyExA
RegDeleteKeyA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
ImpersonateSelf
OpenThreadToken
OpenProcessToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
RegCloseKey
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
RevertToSelf
FreeSid
RegCreateKeyExA
RegCreateKeyA
RegSetValueExA
OpenSCManagerA
EnumServicesStatusA
OpenServiceA
QueryServiceConfigA

shell32

ShellExecuteA
SHGetSpecialFolderPathA
SHGetMalloc
ShellExecuteExA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA

ole32

CoCreateInstance
CoUninitialize
CoInitialize
ReleaseStgMedium

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d92fdf5876bc2aa0e701b7e90b0c6eb3

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

shlwapi

version

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 129KB - Virtual size: 129KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 5KB - Virtual size: 15KB

.rsrc Size: 15KB - Virtual size: 15KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 129KB - Virtual size: 129KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 5KB - Virtual size: 15KB

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 8KB - Virtual size: 8KB