2024-08-22_09764f36af3fc5d588bd31dedd9f5304_chir_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-22_09764f36af3fc5d588bd31dedd9f5304_chir_mafia
Size

3.3MB
MD5

09764f36af3fc5d588bd31dedd9f5304
SHA1

cb5f56fda1c867e7f72b542a05c89a2ec2f3be06
SHA256

cb3b871db5790d37073f3fd79bf5436d1cc5a23a2bda142069862f024fe70ad7
SHA512

e640626fa426e95f27b432c3ca563e40ae4bd5137dd6aaee9de0af3d787cd3c445c9cf534fd7f43cf8691b980703bcf4ecbd6b568b2d46dbf0852382c0c50b4e
SSDEEP

98304:wlvhIXPQiTUZDUPjJKQjrY6vOsKCRVsfDXWun9wkgHJZ:8NEkDisfbWun98HJZ

Score

1^/10

Malware Config

Signatures

Files

2024-08-22_09764f36af3fc5d588bd31dedd9f5304_chir_mafia
.exe windows:5 windows x86 arch:x86

684fae88e2b93978ae2807cac107e67e

Code Sign

07
Certificate

Issuer

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

03/05/2011, 07:00

Not After

03/05/2031, 07:00

Subject

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a0:78:5b:47:b1:ff:24:4e
Certificate

Issuer

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

13/08/2020, 00:16

Not After

25/08/2021, 17:00

Subject

CN=Foxit Software Incorporated,O=Foxit Software Incorporated,L=Fremont,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:c7:28:37:fc:3d:fb:bf:65:74:3a:6e:c2:e7:36:f3:69:a0:06:39
Signer

Actual PE Digest

7b:c7:28:37:fc:3d:fb:bf:65:74:3a:6e:c2:e7:36:f3:69:a0:06:39

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Jenkins\workspace\FoxitEditor11.x_Fnet_plugin\Starship\fxnet_release_v11\plugin_fxnet\FPM_Update\PH_Release\Update.pdb

Imports

kernel32

SetConsoleCtrlHandler
LCMapStringW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetDriveTypeW
GetFullPathNameA
SetEnvironmentVariableA
FindFirstFileExA
GetDriveTypeA
GetStdHandle
SetUnhandledExceptionFilter
WriteConsoleW
VirtualAlloc
SetStdHandle
HeapSize
HeapQueryInformation
SetConsoleMode
ReadConsoleInputA
FlushConsoleInputBuffer
GetVersionExA
GlobalMemoryStatus
LoadLibraryA
GetVersion
GetModuleHandleA
InterlockedCompareExchange
GetProcessHeap
GetStringTypeW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
VirtualQuery
FreeEnvironmentStringsW
RaiseException
RtlUnwind
ExitProcess
HeapReAlloc
CreateThread
ExitThread
GetConsoleMode
GetConsoleCP
CreateFileA
GetFileType
DecodePointer
EncodePointer
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathW
GetProfileIntW
GetNumberFormatW
GetWindowsDirectoryW
GetTempPathW
GetTempFileNameW
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetSystemDirectoryW
GlobalGetAtomNameW
lstrlenA
InterlockedIncrement
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
SetThreadPriority
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcpyW
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
lstrcmpiW
GetThreadLocale
LocalAlloc
FileTimeToLocalFileTime
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GlobalSize
FormatMessageW
LocalFree
GetCurrentProcessId
MulDiv
lstrlenW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
ActivateActCtx
DeactivateActCtx
SetLastError
FreeLibrary
lstrcmpW
GetFileInformationByHandle
FileTimeToSystemTime
UnmapViewOfFile
GetFileSize
LocalFileTimeToFileTime
GetCurrentDirectoryW
CreateFileW
ReadFile
GetFileAttributesW
WriteFile
SetFileTime
SystemTimeToFileTime
SetFilePointer
ResumeThread
CreateMutexW
GetCurrentProcess
WaitForSingleObject
GetTickCount
Process32NextW
CloseHandle
Process32FirstW
CreateToolhelp32Snapshot
GetSystemInfo
GetLocalTime
GlobalFree
GetProcAddress
GetTimeZoneInformation
GetVersionExW
GetModuleHandleW
GetModuleFileNameW
SetFileAttributesW
SizeofResource
CreateDirectoryW
FindClose
FindFirstFileW
GetPrivateProfileStringA
WideCharToMultiByte
MultiByteToWideChar
CopyFileW
GetLastError
WritePrivateProfileStringW
MoveFileW
DeleteFileW
Sleep
TerminateProcess
OpenProcess
FreeResource
GlobalUnlock
GlobalLock
GlobalAlloc
FindResourceW
LoadResource
LockResource
PeekNamedPipe

user32

SetWindowRgn
GetSystemMenu
DeleteMenu
UnregisterClassW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
LoadCursorW
GetSysColorBrush
CopyImage
RealChildWindowFromPoint
DestroyMenu
GetMenuItemInfoW
ShowOwnedPopups
GetMessageW
TranslateMessage
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
CharUpperW
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
IntersectRect
GetMenuStringW
AppendMenuW
InsertMenuW
RemoveMenu
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetCursorPos
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
IsWindowEnabled
ShowWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
SetTimer
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
IsWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
DestroyAcceleratorTable
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
SetClassLongW
DrawIconEx
DrawEdge
PeekMessageW
MonitorFromWindow
EnableWindow
DestroyCursor
GetWindowLongW
SendMessageW
CopyRect
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
IsWindowVisible
ValidateRect
UpdateWindow
PostMessageW
GetMenuItemID
GetMenuItemCount
CreateWindowExW
KillTimer
SetCapture
ReleaseCapture
MessageBeep
NotifyWinEvent
GetAsyncKeyState
IsZoomed
IsRectEmpty
UnionRect
EnableScrollBar
UpdateLayeredWindow
MonitorFromPoint
IsMenu
CreatePopupMenu
SetMenuDefaultItem
GetMenuDefaultItem
GetClassInfoExW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
WaitMessage
CharNextW
CopyAcceleratorTableW
SetRect
InvalidateRgn
GetNextDlgGroupItem
DestroyIcon
GetCapture
SetParent
InflateRect
DrawFocusRect
OffsetRect
FillRect
DrawStateW
MessageBoxA
GetProcessWindowStation
GetUserObjectInformationW
LoadImageW
InvalidateRect
ClientToScreen
WindowFromPoint
wsprintfW
SetCursor
LoadIconW
SetWindowPos
MoveWindow
GetForegroundWindow
GetClientRect
GetWindowRect
MessageBoxW
GetClassInfoW
SystemParametersInfoW
DrawFrameControl
ToUnicodeEx
UnpackDDElParam
MapVirtualKeyW
GetKeyboardLayout
IsIconic
GetSystemMetrics
DrawIcon
PtInRect
GetDesktopWindow
GetSubMenu
LoadMenuW
GetParent
GetWindow
SetWindowLongW
GetMenu
CallWindowProcW
DefWindowProcW
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableW
SetCursorPos
BringWindowToTop
LockWindowUpdate
InvertRect
HideCaret
GetIconInfo
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
RegisterClipboardFormatW
FrameRect
TranslateAcceleratorW
InsertMenuItemW
ReuseDDElParam
GetWindowRgn
SubtractRect
MapVirtualKeyExW
GetKeyNameTextW
IsCharLowerW
GetDoubleClickTime
GetUpdateRect
IsClipboardFormatAvailable
CreateMenu
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
PostThreadMessageW
CharUpperBuffW
CopyIcon
EndDeferWindowPos

gdi32

CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CopyMetaFileW
CreateDCW
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetTextExtentPoint32W
CreateDIBitmap
GetTextMetricsW
EnumFontFamiliesW
SelectClipRgn
CreateRoundRectRgn
GetClipBox
GetBkColor
GetTextColor
GetRgnBox
CreatePolygonRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
SetPixel
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetTextFaceW
SetPixelV
GetTextCharsetInfo
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetTextColor
Rectangle
GetDeviceCaps
CreateFontIndirectW
DeleteDC
StretchBlt
SetStretchBltMode
SetBkColor
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GetStockObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
CreateEllipticRgn
ExcludeClipRect
GetObjectW
CreateDIBSection
SetMapMode
DeleteObject

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegisterEventSourceA
DeregisterEventSource
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
ReportEventA

shell32

ShellExecuteW
ShellExecuteExW
SHGetFileInfoW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListW
DragQueryFileW
DragFinish
SHAppBarMessage
SHGetSpecialFolderPathW
SHBrowseForFolderW

comctl32

ImageList_GetIconSize
InitCommonControlsEx
_TrackMouseEvent

shlwapi

UrlUnescapeW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW
PathFileExistsW
PathRemoveFileSpecW

ole32

CoRegisterMessageFilter
CoRevokeClassObject
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleFlushClipboard
DoDragDrop
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoInitializeEx
OleIsCurrentClipboard
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoCreateGuid
CoUninitialize
CoInitialize
CoCreateInstance
CreateStreamOnHGlobal
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CreateILockBytesOnHGlobal

oleaut32

SysStringLen
VariantCopy
SysAllocString
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
OleCreateFontIndirect
SysAllocStringLen
VariantChangeType
VariantClear
VariantInit
SysFreeString

oledlg

OleUIBusyW

gdiplus

GdipAlloc
GdipFree
GdipCreateBitmapFromStream
GdipCreateHBITMAPFromBitmap
GdipCloneImage
GdipDisposeImage
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipDeleteGraphics
GdiplusShutdown

winmm

PlaySoundW

http

??1CHttpSocket@@UAE@XZ
?FormatRequestHeader@CHttpSocket@@QAEPBDPAD0AAJ00JJH@Z
?Socket@CHttpSocket@@QAEHXZ
?Connect@CHttpSocket@@QAEHPADH@Z
?SendRequest@CHttpSocket@@QAEHPBDJ@Z
?SetTimeout@CHttpSocket@@QAEHHH@Z
?GetField@CHttpSocket@@QAEHPBDPADH@Z
?GetServerState@CHttpSocket@@QAEHXZ
?Receive@CHttpSocket@@QAEJPADJ@Z
??0CHttpSocket@@QAE@XZ

iphlpapi

GetAdaptersInfo

wininet

InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetGetLastResponseInfoW
InternetQueryDataAvailable
InternetSetOptionExW
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetCloseHandle
HttpOpenRequestW
HttpAddRequestHeadersW
InternetSetStatusCallbackW
HttpSendRequestW
InternetConnectW
InternetOpenW

ws2_32

gethostbyname
closesocket
socket
recv
setsockopt
getsockopt
getservbyname
ntohs
htonl
WSASetLastError
ioctlsocket
connect
WSAStartup
WSAGetLastError
htons
shutdown
send

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Exports

Exports

??0CHttpSocket@@QAE@ABV0@@Z
??4CHttpSocket@@QAEAAV0@ABV0@@Z
??_7CHttpSocket@@6B@
OPENSSL_Applink

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 536KB - Virtual size: 536KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 514KB - Virtual size: 514KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 269KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

684fae88e2b93978ae2807cac107e67e

Code Sign

07Certificate

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

a0:78:5b:47:b1:ff:24:4eCertificate

Extended Key Usages

Key Usages

7b:c7:28:37:fc:3d:fb:bf:65:74:3a:6e:c2:e7:36:f3:69:a0:06:39Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

winmm

http

iphlpapi

wininet

ws2_32

oleacc

imm32

Exports

Exports

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 536KB - Virtual size: 536KB

.data Size: 61KB - Virtual size: 100KB

.rsrc Size: 514KB - Virtual size: 514KB

.reloc Size: 269KB - Virtual size: 269KB

07
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

a0:78:5b:47:b1:ff:24:4e
Certificate

7b:c7:28:37:fc:3d:fb:bf:65:74:3a:6e:c2:e7:36:f3:69:a0:06:39
Signer

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 536KB - Virtual size: 536KB

.data
Size: 61KB - Virtual size: 100KB

.rsrc
Size: 514KB - Virtual size: 514KB

.reloc
Size: 269KB - Virtual size: 269KB