2024-06-28_0b58816cbdfe7eecc5cb85d3104ce663_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-28_0b58816cbdfe7eecc5cb85d3104ce663_mafia
Size

2.4MB
MD5

0b58816cbdfe7eecc5cb85d3104ce663
SHA1

59717dd20b3936a098190e5532bad8646c1556fb
SHA256

d9b905fc9441833f2419b9147a3b60c775938054da376bbe3e6252fe40d21778
SHA512

d4babc826a5a58a16424d4e1a1bdd014ef86b6c0a0fd925ba6a670357a02aa107095860cf90babd58c60c5a863e254b9a22bef6291db1eb7e349d51901c6c55f
SSDEEP

49152:OWrYpqhvUHNtMRZ3x8Q+M2A3qclnTkliMsCktXG/QuYogmMU3w5fi0mCmxI4QgZD:KAvUt+5x8Q+M2vqngiMsCko/QuYogmMc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-28_0b58816cbdfe7eecc5cb85d3104ce663_mafia

Files

2024-06-28_0b58816cbdfe7eecc5cb85d3104ce663_mafia
.exe windows:5 windows x86 arch:x86

71202955ceee7c0fe2a33cb9bc105bf9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\2016.08.30\新建文件夹\CaCode\CAClient\Release\CAAssist.pdb

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

fjcacommon

FJCAAPI_GetExtByOid

fjcasof_sm2_dll

setCaller
FJCA_GetLastSavedPassword
FJCA_OpenKey
FJCA_SignData
FJCA_ExportUserCertIgnoreTime
FJCA_GetDeviceType
FJCA_VerifySign
FJCA_EncryptDataByPublicKey
FJCA_DecryptDataByPrivateKeyOnUsbKey
FJCA_ExportUserCert
FJCA_CloseKey
FJCA_IsUsbKeyConnected

kernel32

GetConsoleCP
GetTimeZoneInformation
HeapCreate
FreeEnvironmentStringsW
GetEnvironmentStringsW
LCMapStringW
CreateFileW
GetStringTypeW
CompareStringW
WriteConsoleW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetStdHandle
HeapSize
HeapQueryInformation
CreateThread
ExitThread
RaiseException
RtlUnwind
GetConsoleMode
ReadConsoleInputA
ExitProcess
HeapReAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetSystemTimeAsFileTime
SetConsoleCtrlHandler
DecodePointer
EncodePointer
SetCurrentDirectoryA
SetEnvironmentVariableA
VirtualQuery
VirtualAlloc
FindResourceExW
VirtualProtect
GetFileTime
GetFileSizeEx
GetFileAttributesExA
SetErrorMode
SearchPathA
Sleep
GetProfileIntA
GetFileAttributesA
GetNumberFormatA
SetHandleCount
IsProcessorFeaturePresent
SetConsoleMode
GetTempFileNameA
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
lstrcmpiA
GetCurrentDirectoryA
GetThreadLocale
GetACP
GetOEMCP
GetCPInfo
GlobalFlags
LocalReAlloc
TlsSetValue
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetSystemDirectoryW
FileTimeToLocalFileTime
ReleaseSemaphore
WaitForSingleObjectEx
OpenEventA
FileTimeToSystemTime
FindFirstFileA
FindClose
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
WaitForSingleObject
ResumeThread
SetThreadPriority
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
lstrcmpA
GetModuleHandleW
CopyFileA
GlobalSize
GlobalAlloc
FormatMessageA
LocalFree
lstrlenW
MulDiv
GlobalLock
GlobalUnlock
GlobalFree
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
ActivateActCtx
DeactivateActCtx
SetLastError
lstrcmpW
FlushConsoleInputBuffer
GlobalMemoryStatus
GetCurrentProcessId
QueryPerformanceCounter
GetTickCount
GetStdHandle
GetFileType
GetVersion
GetCurrentThreadId
FreeResource
GetTempPathA
GetVersionExA
GetModuleHandleA
GetSystemInfo
GetProcAddress
FindResourceA
TerminateProcess
GetCurrentProcess
WinExec
lstrcatA
lstrcpyA
FreeLibrary
LoadLibraryA
GetWindowsDirectoryA
DeleteFileA
GetModuleFileNameA
HeapFree
GetProcessHeap
HeapAlloc
TlsFree
CreateMutexA
SetEvent
CreateEventA
CloseHandle
InterlockedDecrement
InterlockedIncrement
TlsAlloc
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
lstrlenA
MultiByteToWideChar
GetLastError
InterlockedExchange
EnterCriticalSection
LeaveCriticalSection
ResetEvent
IsValidCodePage

user32

FrameRect
RegisterClipboardFormatA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
LoadImageA
GetIconInfo
HideCaret
InvertRect
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
SetClassLongA
DestroyAcceleratorTable
SetParent
IsClipboardFormatAvailable
UnregisterClassA
DestroyIcon
GetNextDlgGroupItem
InvalidateRgn
SetRect
CopyAcceleratorTableA
CharNextA
WaitMessage
GetMenuDefaultItem
SetMenuDefaultItem
CreatePopupMenu
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
IsRectEmpty
CharUpperA
IsZoomed
GetAsyncKeyState
NotifyWinEvent
KillTimer
SetTimer
SetWindowRgn
LoadMenuW
DeleteMenu
OffsetRect
IntersectRect
CopyImage
RealChildWindowFromPoint
GetSysColorBrush
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
WindowFromPoint
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
GetMessageA
TranslateMessage
MapVirtualKeyA
GetKeyNameTextA
SetWindowContextHelpId
MapDialogRect
GetCursorPos
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TranslateAcceleratorA
GetMenuStringA
InsertMenuA
RemoveMenu
GetWindowRgn
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
GetDlgItemTextA
CheckDlgButton
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
ValidateRect
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
CharUpperBuffA
PostThreadMessageA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
GetUpdateRect
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetDoubleClickTime
IsCharLowerA
MapVirtualKeyExA
SubtractRect
DestroyCursor
TabbedTextOutA
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowThreadProcessId
GetMenu
GetWindowLongA
SetWindowPos
CopyRect
GetWindow
GetClassNameA
LoadBitmapW
UpdateWindow
FillRect
DrawStateA
MessageBoxA
GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW
CopyIcon
LoadCursorA
InflateRect
ReleaseDC
GetDC
GetParent
InvalidateRect
IsWindow
SetWindowLongA
SetCursor
SetCapture
RedrawWindow
ReleaseCapture
PtInRect
MessageBeep
GetSysColor
PostQuitMessage
PostMessageA
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
AppendMenuA
GetSystemMenu
LoadIconW
GetWindowRect
SendMessageA
EnableWindow
ShowOwnedPopups

gdi32

EnumFontFamiliesA
GetTextCharsetInfo
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
CreateRoundRectRgn
GetBkColor
GetTextColor
GetRgnBox
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
OffsetRgn
SetPixel
Rectangle
EnumFontFamiliesExA
ExtFloodFill
SetPaletteEntries
LPtoDP
ExtSelectClipRgn
GetTextMetricsA
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetTextFaceA
SetPixelV
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
CreateDIBitmap
PatBlt
CreateRectRgnIndirect
CreateHatchBrush
CreatePen
GetObjectType
SelectPalette
GetViewportOrgEx
GetWindowOrgEx
GetWindowExtEx
GetViewportExtEx
RealizePalette
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CopyMetaFileA
CreateBitmap
SetBkColor
SetTextColor
CreateSolidBrush
CreateDCA
GetDeviceCaps
CreateCompatibleBitmap
BitBlt
StretchBlt
SetBrushOrgEx
GetCurrentObject
GetTextExtentPoint32A
CreateFontIndirectA
GetStockObject
CreatePatternBrush
CreateDIBSection
GetObjectA
CreateCompatibleDC
SetDIBColorTable
SelectObject
DeleteDC
CreateRectRgn

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegEnumKeyA
RegOpenKeyA
RegEnumValueA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegEnumKeyExA
RegDeleteKeyA
RegDeleteValueA
RegisterEventSourceA
ReportEventA
DeregisterEventSource

shell32

SHAppBarMessage
ShellExecuteA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListA
DragQueryFileA
DragFinish
SHGetFolderPathA
SHGetFileInfoA
SHBrowseForFolderA

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathAppendA
PathRemoveFileSpecW

ole32

CoInitializeEx
CoFreeUnusedLibraries
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoUninitialize
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
CoGetClassObject
CoTaskMemFree
OleUninitialize
CoCreateInstance
OleInitialize
CLSIDFromString
CoInitialize

oleaut32

VariantClear
SysAllocString
OleCreateFontIndirect
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysStringLen
SysAllocStringByteLen
SysFreeString
SysAllocStringLen
VariantInit
VariantChangeType

oledlg

ord8

gdiplus

GdipCreateBitmapFromStream
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePaletteSize
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipDrawImageI
GdiplusShutdown

ws2_32

WSAStartup
WSACleanup

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 415KB - Virtual size: 415KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 31KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 239KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 201KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71202955ceee7c0fe2a33cb9bc105bf9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

fjcacommon

fjcasof_sm2_dll

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 415KB - Virtual size: 415KB

.data Size: 31KB - Virtual size: 68KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 239KB - Virtual size: 239KB

.reloc Size: 201KB - Virtual size: 201KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 415KB - Virtual size: 415KB

.data
Size: 31KB - Virtual size: 68KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 239KB - Virtual size: 239KB

.reloc
Size: 201KB - Virtual size: 201KB