2024-09-01_fb94faf886d57eb0af8f2d19419c702c_floxif_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-09-01_fb94faf886d57eb0af8f2d19419c702c_floxif_mafia
Size

2.2MB
MD5

fb94faf886d57eb0af8f2d19419c702c
SHA1

6c3db098945706d0e84dad3de94e25f7dcb8e4c7
SHA256

1730c37d2e0128b9589d72cf93869cebe8f79e33ec015a3e6499556a2e490d0e
SHA512

e9d1f60c673d1438fe762a899e89a874a7b3770c470b9451122dcee09bbeade7a148876a8fa5e9ae9a73b2f0c9381f48f339187f13bfbef0c4c586bdc6adf153
SSDEEP

49152:xdyvXBUe02297HGjkAGVlDdC06wDFjmd9XpmB00dVii1POmHVAtMmXLr:mvX102297HG9GVC06wDFjSdF0ai1POmO

Score

1^/10

Malware Config

Signatures

Files

2024-09-01_fb94faf886d57eb0af8f2d19419c702c_floxif_mafia
.exe windows:5 windows x86 arch:x86

92d93e488d8c8cefe8f89320349c5a37

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

15:e5:ac:0a:48:70:63:71:8e:39:da:52:30:1a:04:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

15-12-2010 00:00

Not After

14-12-2012 23:59

Subject

CN=Adobe Systems Incorporated,OU=Information Systems+OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

21:42:50:ca:bb:6d:de:f0:78:1e:c8:62:d0:d0:60:42:93:93:a8:9b
Signer

Actual PE Digest

21:42:50:ca:bb:6d:de:f0:78:1e:c8:62:d0:d0:60:42:93:93:a8:9b

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\oobe\3.0\c3p0\dev\target\win\Release\Bootstrapper.pdb

Imports

comctl32

ImageList_GetIconSize
_TrackMouseEvent
InitCommonControlsEx
ord17

kernel32

GetEnvironmentStringsW
SetHandleCount
HeapCreate
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetStringTypeW
LCMapStringW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
CreateMutexW
WaitForSingleObject
IsDBCSLeadByteEx
FreeEnvironmentStringsW
SetUnhandledExceptionFilter
VirtualQuery
LoadLibraryW
ReleaseSemaphore
GetLastError
CreateSemaphoreW
LocalAlloc
GetSystemInfo
VirtualAlloc
OpenSemaphoreW
ReleaseMutex
CloseHandle
HeapSize
HeapQueryInformation
ExitThread
ExitProcess
RaiseException
RtlUnwind
HeapReAlloc
GetSystemTimeAsFileTime
HeapFree
GetFileType
SetStdHandle
HeapAlloc
EncodePointer
DecodePointer
GetStartupInfoW
HeapSetInformation
FindResourceExW
VirtualProtect
SearchPathW
GetProfileIntW
GetFileTime
GetFileSizeEx
GetFileAttributesW
GetFileAttributesExW
SetErrorMode
GetTempFileNameW
GetNumberFormatW
GetWindowsDirectoryW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
lstrcmpiW
GetCurrentDirectoryW
lstrcpyW
GetSystemDirectoryW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GetThreadLocale
lstrlenA
GlobalGetAtomNameW
GlobalFlags
InitializeCriticalSection
ReleaseActCtx
CreateActCtxW
GetTickCount
ResumeThread
SetThreadPriority
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetCurrentThread
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
lstrcmpW
GlobalSize
GlobalAlloc
FormatMessageW
lstrlenW
MulDiv
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
ActivateActCtx
DeactivateActCtx
SetLastError
FindNextFileW
FindClose
FlushFileBuffers
ReadFile
FindFirstFileW
GetFileSize
GetLocalTime
CreateFileW
GetTimeFormatW
WriteFile
CreateDirectoryW
SetFilePointer
GetDateFormatW
GetUserDefaultUILanguage
GetTempPathW
GetExitCodeProcess
GetVersionExW
GetUserDefaultLCID
CreateProcessW
GetDriveTypeW
GetSystemDefaultLangID
LockResource
SizeofResource
LoadResource
FindResourceW
CreateThread
SetFileAttributesW
DeleteFileW
RemoveDirectoryW
SetCurrentDirectoryW
CreateEventW
ResetEvent
GetProcAddress
GetStdHandle
GetModuleFileNameW
FreeConsole
CopyFileW
GetCurrentProcessId
LocalFree
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
FreeLibrary
SetEvent
GetModuleHandleW
Sleep

user32

GetKeyNameTextW
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
wsprintfW
EnableWindow
SendMessageW
GetWindow
GetSystemMetrics
SetWindowLongW
EnableMenuItem
GetWindowLongW
LoadIconW
GetClientRect
DrawIcon
KillTimer
PostMessageW
LoadImageW
IsIconic
GetWindowRect
SetTimer
GetSystemMenu
GetDesktopWindow
DestroyIcon
IsWindowVisible
IsWindow
ReleaseDC
InvalidateRect
GetDC
GetIconInfo
LoadCursorW
GetParent
GetFocus
DrawIconEx
FillRect
SetCursor
CheckMenuItem
GetMenuState
ModifyMenuW
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
MessageBoxW
IsWindowEnabled
GetLastActivePopup
GetWindowThreadProcessId
EndDialog
GetNextDlgTabItem
GetDlgItem
DestroyWindow
CreateDialogIndirectParamW
SetActiveWindow
GetActiveWindow
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
ScreenToClient
ClientToScreen
GetWindowDC
OpenClipboard
EndPaint
GetSysColor
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuW
GetMenuItemID
AppendMenuW
GetMenuStringW
PtInRect
CopyRect
SetWindowPos
GetMenu
CallWindowProcW
DefWindowProcW
GetDlgCtrlID
GetWindowPlacement
SetWindowPlacement
SetScrollInfo
GetScrollInfo
SetClipboardData
CloseClipboard
EmptyClipboard
IsCharLowerW
MapVirtualKeyExW
UnionRect
UpdateLayeredWindow
MonitorFromPoint
IsMenu
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
GetWindowRgn
LockWindowUpdate
BringWindowToTop
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFrameControl
DrawEdge
DrawStateW
SetClassLongW
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
NotifyWinEvent
EnableScrollBar
HideCaret
DrawFocusRect
InvertRect
GetAsyncKeyState
MapVirtualKeyW
CreatePopupMenu
GetMenuDefaultItem
UnregisterClassW
PostThreadMessageW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableW
OffsetRect
CharNextW
CharUpperW
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
DeleteMenu
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
DestroyCursor
SubtractRect
GetDoubleClickTime
CharUpperBuffW
CopyIcon
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
CreateMenu
BeginPaint
CopyImage
IntersectRect
GetSysColorBrush
RealChildWindowFromPoint
LoadMenuW
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
RegisterClipboardFormatW
GetMessageW
TranslateMessage
GetCursorPos
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
ValidateRect
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
SetCursorPos

advapi32

InitializeSecurityDescriptor
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
SetSecurityDescriptorDacl
AllocateAndInitializeSid
SetEntriesInAclW
FreeSid
RegQueryValueExW
RegOpenKeyExW

ole32

OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
IsAccelerator
OleInitialize
OleUninitialize
CLSIDFromString
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
OleLockRunning
DoDragDrop
CoCreateInstance
OleRun
CoTaskMemFree
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoCreateGuid
StringFromGUID2
CoInitializeEx
CLSIDFromProgID
CoFreeUnusedLibraries
CoUninitialize

shell32

SHAppBarMessage
ord680
CommandLineToArgvW
SHGetFileInfoW
SHGetDesktopFolder
SHGetPathFromIDListW
SHGetSpecialFolderLocation
DragFinish
DragQueryFileW
ShellExecuteW
SHBrowseForFolderW

oleaut32

VariantChangeType
SysAllocStringLen
VariantInit
VariantCopy
VariantClear
SysStringLen
SysAllocString
VarBstrFromDate
OleCreateFontIndirect
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString
GetErrorInfo

shlwapi

PathRemoveFileSpecW
StrRChrW
PathFileExistsW
PathRemoveBackslashW
PathGetDriveNumberW
PathIsRootW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW

gdi32

GetObjectW
CreateSolidBrush
CreateRoundRectRgn
Rectangle
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
DeleteObject
CreateBitmap
CreateFontIndirectW
DeleteDC
GetTextExtentPoint32W
SaveDC
RestoreDC
SetBkColor
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetStockObject
CreatePatternBrush
SelectPalette
GetObjectType
GetDeviceCaps
CreatePen
CreateHatchBrush
CopyMetaFileW
CreateDCW
GetTextMetricsW
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetBkColor
GetTextColor
GetRgnBox
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreateDIBSection
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
StretchBlt
SetPixel
OffsetRgn
EnumFontFamiliesExW
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
ExtSelectClipRgn
GetTextFaceW

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

oledlg

OleUIBusyW

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCreateBitmapFromScan0
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipCloneImage
GdipDrawImageI

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 323KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 310KB - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92d93e488d8c8cefe8f89320349c5a37

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

15:e5:ac:0a:48:70:63:71:8e:39:da:52:30:1a:04:88Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

21:42:50:ca:bb:6d:de:f0:78:1e:c8:62:d0:d0:60:42:93:93:a8:9bSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

advapi32

ole32

shell32

oleaut32

shlwapi

gdi32

msimg32

comdlg32

winspool.drv

oledlg

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 323KB - Virtual size: 323KB

.data Size: 27KB - Virtual size: 57KB

.rsrc Size: 310KB - Virtual size: 309KB

.reloc Size: 176KB - Virtual size: 176KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

15:e5:ac:0a:48:70:63:71:8e:39:da:52:30:1a:04:88
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

21:42:50:ca:bb:6d:de:f0:78:1e:c8:62:d0:d0:60:42:93:93:a8:9b
Signer

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 323KB - Virtual size: 323KB

.data
Size: 27KB - Virtual size: 57KB

.rsrc
Size: 310KB - Virtual size: 309KB

.reloc
Size: 176KB - Virtual size: 176KB