2024-06-16_b968aae42a9874d47788a02efc2ebcea_floxif_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-06-16_b968aae42a9874d47788a02efc2ebcea_floxif_mafia
Size

1.3MB
MD5

b968aae42a9874d47788a02efc2ebcea
SHA1

e68c661ba3d633916dace1535caedf388aa4628a
SHA256

b82c7c6b10b8eb5c378405398532803b87cc762af8ee11d673f8260fe54780c6
SHA512

ff075b200eec75028f2f69eeecbbd71d73693518044c0d6e26942ca33c59db755bbc5852957bd85b42579251a6ef20abef6ac1c62e08f2c61ece0bb19455ec0e
SSDEEP

24576:znb06bgKQRg81aW4EKIMX69A99Jf4uUqv15l/u1FxUIHXdM+rEH7x:7o6hQRn1aW4nIpejJwVSu1FxRHY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-16_b968aae42a9874d47788a02efc2ebcea_floxif_mafia

Files

2024-06-16_b968aae42a9874d47788a02efc2ebcea_floxif_mafia
.exe windows:5 windows x86 arch:x86

12bb8ea6dba31827edbbe32fed31b45b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\temp\tm2jdjaw.qjy\TempMain\MSI\RST\Release\Setup.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

GetVersion
EnumResourceLanguagesW
FreeLibrary
GetLocaleInfoW
GetUserDefaultLangID
GetUserDefaultUILanguage
GetTempPathW
GetTempFileNameW
LoadLibraryExW
GetNativeSystemInfo
VerSetConditionMask
VerifyVersionInfoW
FindFirstFileW
FindNextFileW
FindClose
CreateDirectoryW
MoveFileW
MoveFileExW
ExpandEnvironmentStringsW
GetFileSize
ReadFile
SizeofResource
GetFileAttributesW
IsWow64Process
GetCurrentProcess
MultiByteToWideChar
CreateProcessW
GetExitCodeProcess
GetCurrentDirectoryW
GetDriveTypeW
GetProcAddress
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
MulDiv
GetConsoleMode
GetConsoleCP
HeapReAlloc
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
HeapSize
GetSystemTimeAsFileTime
LoadLibraryW
QueryPerformanceCounter
HeapCreate
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
IsProcessorFeaturePresent
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
LCMapStringW
GetCPInfo
RtlUnwind
RaiseException
HeapAlloc
CreateThread
GetCurrentThreadId
ExitThread
HeapFree
GetStartupInfoW
HeapSetInformation
DecodePointer
EncodePointer
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
DeleteFileW
RemoveDirectoryW
CopyFileW
SetFileAttributesW
GetModuleFileNameW
LocalAlloc
lstrlenW
InterlockedDecrement
ReleaseMutex
WaitForSingleObject
GetLastError
CreateMutexW
LocalFree
FormatMessageW
LoadLibraryA
CloseHandle
WriteFile
GetLocalTime
SetFilePointer
CreateFileW
GetTickCount
GetVersionExW
GetCommandLineW
ExitProcess
LockResource
LoadResource
GetModuleHandleW
FindResourceW
Sleep
GetStringTypeW
WideCharToMultiByte
InterlockedExchange
InterlockedCompareExchange
InterlockedIncrement
SetStdHandle
WriteConsoleW
FlushFileBuffers
GetCurrentProcessId

user32

InflateRect
MapDialogRect
OffsetRect
CallWindowProcW
ShowWindow
SetRectEmpty
ExitWindowsEx
LoadCursorW
SetCursor
SetFocus
PostMessageW
CopyRect
MapWindowPoints
GetSystemMetrics
GetClassNameW
ReleaseDC
DrawTextW
GetDC
GetWindowTextLengthW
LoadStringW
MessageBoxW
MoveWindow
wsprintfW
MessageBoxIndirectW
FillRect
SetRect
GetWindowLongW
EnableWindow
LoadImageW
SetDlgItemTextW
InvalidateRect
GetParent
CreateWindowExW
EndDialog
SetWindowTextW
GetWindowTextW
GetWindow
GetDlgItem
GetClientRect
SetWindowPos
GetWindowRect
MonitorFromWindow
GetMonitorInfoW
DestroyWindow
DispatchMessageW
TranslateMessage
IsDialogMessageW
GetMessageW
SetWindowLongW
CreateDialogIndirectParamW
SendMessageW
AdjustWindowRectEx

gdi32

GetTextMetricsW
GetDeviceCaps
CreateFontIndirectW
DeleteObject
DeleteDC
StretchBlt
BitBlt
SelectObject
CreateCompatibleDC
SetBkMode
SetTextColor
GetObjectW
CreateFontW
GetStockObject

advapi32

OpenProcessToken
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegOpenKeyExW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
RegSetValueExW

shell32

ShellExecuteW
SHGetPathFromIDListW
SHGetFolderLocation
SHFileOperationW
CommandLineToArgvW
SHGetFolderPathW
SHCreateDirectoryExW
SHBrowseForFolderW

ole32

OleRun
CoCreateInstance
CoInitialize

oleaut32

GetErrorInfo
SysFreeString
SysStringLen
VariantInit
VariantCopy
VariantClear
SysAllocString

shlwapi

PathGetCharTypeW
PathSkipRootW
PathIsUNCW
PathCombineW
PathIsRelativeW
PathMatchSpecW
PathFileExistsW
PathRemoveArgsW
PathGetArgsW
PathQuoteSpacesW
PathFindFileNameW
PathRemoveExtensionW
PathFindExtensionW
PathRemoveFileSpecW
PathAppendW
PathStripToRootW

setupapi

SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupCloseInfFile
SetupOpenInfFileW
SetupFindFirstLineW
SetupDiDestroyDeviceInfoList
SetupFindNextLine
SetupGetStringFieldW
SetupGetLineTextW

cabinet

ord23
ord22
ord20

Sections

.text
Size: 271KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 852KB - Virtual size: 851KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12bb8ea6dba31827edbbe32fed31b45b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

setupapi

cabinet

Sections

.text Size: 271KB - Virtual size: 270KB

.rdata Size: 59KB - Virtual size: 59KB

.data Size: 7KB - Virtual size: 17KB

.rsrc Size: 852KB - Virtual size: 851KB

.reloc Size: 21KB - Virtual size: 20KB

.text
Size: 271KB - Virtual size: 270KB

.rdata
Size: 59KB - Virtual size: 59KB

.data
Size: 7KB - Virtual size: 17KB

.rsrc
Size: 852KB - Virtual size: 851KB

.reloc
Size: 21KB - Virtual size: 20KB