2024-05-12_29ae5584a09e5c93447942648f988f63_floxif_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-12_29ae5584a09e5c93447942648f988f63_floxif_mafia
Size

3.3MB
MD5

29ae5584a09e5c93447942648f988f63
SHA1

a465c2589ff07b4a4404658f1b571815c02c6d82
SHA256

8837dcff2a27f0136086108944d571a3012afcd14aece08c8e21aa3a9ace32e9
SHA512

fd9a7efefac8b9b469fef797d40ae21a992ef3b7d3b9873ba2411e2df55adbc1ea5ed56a97945d94e6bb44ef4408533064e61fb57279758125ad82663cae9fb5
SSDEEP

98304:l1wdRCLtoVS6eJR34RJSe7ux2gggRsJ3oBtgWqzrgcKhkKlrMIUXeFeKXDPX7Z:l1wdRCLtoVyjDRntoocKeaaeFeKXDPXd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-12_29ae5584a09e5c93447942648f988f63_floxif_mafia

Files

2024-05-12_29ae5584a09e5c93447942648f988f63_floxif_mafia
.exe windows:5 windows x86 arch:x86

223d6dc855196b24a4aa6884eb8efff0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Projects\Camtasia Enterprise\Development\Sprint\Client\Release_with_Installer\UploaderService.pdb

Imports

crypt32

CertGetNameStringW
CertFreeCertificateChain

wininet

HttpOpenRequestW
InternetCreateUrlW
HttpSendRequestW
InternetQueryOptionW
InternetCloseHandle
InternetConnectW
InternetOpenW
InternetSetStatusCallbackW
InternetSetOptionW
HttpAddRequestHeadersW
HttpQueryInfoW
HttpSendRequestExW
InternetWriteFile
HttpEndRequestW
InternetReadFile
InternetCrackUrlW

kernel32

GetStringTypeW
FatalAppExitA
SetConsoleCtrlHandler
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
SetEnvironmentVariableA
CompareFileTime
lstrcatW
MoveFileExW
GetDiskFreeSpaceA
RemoveDirectoryW
GetExitCodeThread
SetFilePointerEx
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualQuery
GetSystemInfo
VirtualAlloc
ExitThread
HeapDestroy
HeapQueryInformation
GetFileType
SetStdHandle
HeapReAlloc
HeapAlloc
GetStartupInfoW
HeapSetInformation
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
RaiseException
RtlUnwind
LocalLock
GetTickCount
LocalUnlock
GetDiskFreeSpaceW
ReplaceFileW
GetUserDefaultLCID
VirtualProtect
SearchPathW
SetCurrentDirectoryW
GetProfileIntW
GetTempPathW
GetTempFileNameW
GetNumberFormatW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetCurrentDirectoryW
lstrcpyW
GetSystemDirectoryW
FreeResource
GlobalFindAtomW
GlobalDeleteAtom
GetCurrentThread
HeapCreate
IsProcessorFeaturePresent
GetStdHandle
HeapSize
SizeofResource
LockResource
LoadResource
FindResourceW
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
ExitProcess
GetWindowsDirectoryW
lstrlenW
DeleteFileW
GetLocalTime
InitializeCriticalSection
GetVersionExW
FindResourceExW
MultiByteToWideChar
Sleep
lstrlenA
LocalFree
FormatMessageW
GetModuleHandleW
GetComputerNameExW
CreateEventW
CloseHandle
WaitForSingleObjectEx
SetEvent
GetProcAddress
WideCharToMultiByte
WaitForSingleObject
ReleaseMutex
CreateFileW
DeleteFileA
InterlockedCompareExchange
CreateFileA
GetDriveTypeW
GetFullPathNameA
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
CompareStringA
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
SuspendThread
GetCurrentThreadId
ResumeThread
SetThreadPriority
GlobalAddAtomW
GlobalFlags
lstrcmpW
SetErrorMode
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
SetFilePointer
LoadLibraryW
lstrcmpiW
GetStringTypeExW
GetThreadLocale
GetAtomNameW
GlobalGetAtomNameW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetCurrentProcessId
CompareStringW
FreeLibrary
ActivateActCtx
ReleaseActCtx
CreateActCtxW
DeactivateActCtx
InterlockedDecrement
InterlockedIncrement
GetFileTime
GetFileSizeEx
GetFileAttributesW
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
SetFileAttributesW
GetFileAttributesExW
lstrcmpA
WaitForMultipleObjects
ReleaseSemaphore
CreateSemaphoreW
SetLastError
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
GetCurrentProcess
SetPriorityClass
GetCommandLineW
GetProcessHeap
HeapFree
AddVectoredExceptionHandler
GetModuleFileNameW
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
CreateNamedPipeW
ConnectNamedPipe
CreateThread
CreateMutexW
FlushFileBuffers
DisconnectNamedPipe
ResetEvent
FindFirstFileW
FindNextFileW
FindClose
GetFileSize
ReadFile
WriteFile
MoveFileW
CreateDirectoryW
LCMapStringW

user32

InsertMenuItemW
TranslateAcceleratorW
IsMenu
MonitorFromPoint
UpdateLayeredWindow
UnionRect
MapVirtualKeyExW
IsCharLowerW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetKeyNameTextW
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CopyAcceleratorTableW
DrawFrameControl
DrawEdge
DrawStateW
GetSystemMenu
LoadMenuW
SetClassLongW
WindowFromPoint
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
GetDialogBaseUnits
DrawIconEx
GetNextDlgGroupItem
LoadImageW
GetIconInfo
MessageBeep
NotifyWinEvent
EnableScrollBar
HideCaret
DrawFocusRect
InvertRect
ReleaseCapture
GetAsyncKeyState
SetCapture
MapVirtualKeyW
IsRectEmpty
CreatePopupMenu
GetMenuDefaultItem
CopyImage
DestroyMenu
GetMenuItemInfoW
KillTimer
SetTimer
InvalidateRect
DeleteMenu
ShowOwnedPopups
SetCursor
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoW
SetRectEmpty
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
SetActiveWindow
ReuseDDElParam
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
ShowScrollBar
RedrawWindow
UpdateWindow
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcW
CallWindowProcW
GetMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
PostQuitMessage
SetForegroundWindow
IsIconic
PostMessageW
IntersectRect
InflateRect
CopyRect
SetWindowPos
ScrollWindowEx
ShowWindow
MoveWindow
SetWindowLongW
IsWindow
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
SendDlgItemMessageW
GetDlgItemTextW
GetDlgItemInt
GetDlgItem
CheckRadioButton
CheckDlgButton
GetScrollPos
SetScrollPos
SetFocus
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
UnpackDDElParam
PostThreadMessageW
WaitMessage
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
InSendMessage
CreateMenu
SetMenuDefaultItem
IsClipboardFormatAvailable
SendNotifyMessageW
FrameRect
GetUpdateRect
RegisterClipboardFormatW
CopyIcon
CharUpperBuffW
GetDoubleClickTime
SubtractRect
DestroyIcon
UnregisterClassW
GetFocus
GetDesktopWindow
RealChildWindowFromPoint
GetWindow
EnumChildWindows
MapDialogRect
DrawIcon
DestroyCursor
WindowFromDC
GetWindowRgn
GetDCEx
wsprintfW
BeginDeferWindowPos
GetTabbedTextExtentW
GetDlgCtrlID
GetWindowRect
GetClassNameW
PtInRect
SetWindowTextW
CharUpperW
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
SendMessageW
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
LoadCursorW
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
MsgWaitForMultipleObjectsEx
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
MessageBoxW
GetActiveWindow
MessageBoxA
OffsetRect
GetMenuBarInfo

gdi32

GetDeviceCaps
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
CreateBitmap
CreateCompatibleDC
GetStockObject
OffsetViewportOrgEx
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectW
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
CreateDIBitmap
CreateCompatibleBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
GetTextExtentPoint32W
GetBkColor
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
GetCharWidthW
CreateFontW
StretchDIBits
GetCurrentObject
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
GetDIBits
StretchBlt
SetPixel
Rectangle
OffsetRgn
GetRgnBox
EnumFontFamiliesExW
RoundRect
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceW
CreateMetaFileW
CloseMetaFile
DeleteMetaFile
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
StartDocW
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectW
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
DeleteObject
SetColorAdjustment
SetArcDirection
SetLayout
GetLayout
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateDCW
CopyMetaFileW
SetViewportExtEx

winspool.drv

GetJobW
OpenPrinterW
ClosePrinter
DocumentPropertiesW

comdlg32

GetFileTitleW

advapi32

CryptReleaseContext
CloseEventLog
ReadEventLogW
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextW
OpenEventLogW
DeregisterEventSource
ReportEventW
RegisterEventSourceW
RegQueryValueExW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
SetServiceStatus
RegisterServiceCtrlHandlerExW
RegQueryInfoKeyW
GetFileSecurityW
SetFileSecurityW
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegEnumKeyW
RegQueryValueW
RegDeleteKeyW
RegSetValueW
StartServiceCtrlDispatcherW
CreateServiceW
DeleteService
OpenSCManagerW
OpenServiceW
CloseServiceHandle
ChangeServiceConfigW
ChangeServiceConfig2W
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExW

shell32

SHChangeNotify
SHGetFileInfoW
ExtractIconW
SHAddToRecentDocs
SHGetDesktopFolder
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteW
SHGetMalloc
SHBrowseForFolderW
SHGetFolderPathW
ord171
SHFileOperationW
CommandLineToArgvW
ShellExecuteExW
SHAppBarMessage
DragQueryFileW
DragFinish

ole32

StgCreateDocfile
CreateStreamOnHGlobal
CoInitializeEx
CoUninitialize
CoInitialize
CLSIDFromString
OleRegGetMiscStatus
OleRun
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
CoCreateInstance
StgOpenStorageOnILockBytes
OleDuplicateData
CoTreatAsClass
OleSetContainedObject
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
CoRegisterClassObject
CoGetClassObject
OleInitialize
CoFreeUnusedLibraries
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CreateILockBytesOnHGlobal
CreateFileMoniker
StgOpenStorage
StgIsStorageFile
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleSetMenuDescriptor
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
PropVariantCopy
StgCreateDocfileOnILockBytes
OleSave
WriteClassStm
OleSaveToStream
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreate
OleLoad
CoDisconnectObject
GetHGlobalFromILockBytes
CoCreateGuid
StringFromGUID2
OleUninitialize
CreateDataAdviseHolder
OleCreateFromFile
OleCreateLinkToFile
OleQueryLinkFromData
OleIsRunning
OleGetIconOfClass
CreateItemMoniker
CreateGenericComposite
StringFromCLSID
OleRegEnumVerbs
CreateOleAdviseHolder
CoGetMalloc
GetRunningObjectTable
OleQueryCreateFromData

oleaut32

SysFreeString
VariantInit
SysAllocString
VarBstrFromDate
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
SysReAllocStringLen
VarDateFromStr
SysAllocStringLen
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
VariantChangeType
SafeArrayRedim
VariantClear
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
SysStringByteLen
SysAllocStringByteLen
VarCyFromStr

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Create
ImageList_GetImageCount
ImageList_Destroy
ImageList_AddMasked
ImageList_Remove
ImageList_DrawEx

shlwapi

PathCombineA
PathFindFileNameA
PathFileExistsA
PathRemoveFileSpecW
PathRemoveExtensionW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathFileExistsW
PathStripToRootW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

oledlg

OleUIBusyW

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 611KB - Virtual size: 611KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 194KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

223d6dc855196b24a4aa6884eb8efff0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

crypt32

wininet

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

msimg32

comctl32

shlwapi

version

oleacc

gdiplus

imm32

winmm

oledlg

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 611KB - Virtual size: 611KB

.data Size: 39KB - Virtual size: 69KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 194KB - Virtual size: 194KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 611KB - Virtual size: 611KB

.data
Size: 39KB - Virtual size: 69KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 194KB - Virtual size: 194KB