2024-09-03_96a957236175953b68faffd3f2f384ca_floxif_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-03_96a957236175953b68faffd3f2f384ca_floxif_mafia
Size

1.6MB
MD5

96a957236175953b68faffd3f2f384ca
SHA1

b8eda8cf3fa2a581ca30202f41554b28cbd02a26
SHA256

54fa866d5c22f91fee45eaedff17bbc46319b4f75bf97cc7d6deea3bd001f497
SHA512

ffbf4e93dc5644c3cfc2ac71d0ef981c787aea549f4000c436500d31bdccf5c43d2d309964e84d1dde1b511765ab40703598521666f9c19035f4187351705cb0
SSDEEP

24576:wKozKgs7ec7vlnoiBlqWSsRFBRVOljofeIrEH7C:w7zVs7j7FoiBlqWSsRFDVOPK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-03_96a957236175953b68faffd3f2f384ca_floxif_mafia

Files

2024-09-03_96a957236175953b68faffd3f2f384ca_floxif_mafia
.exe windows:5 windows x86 arch:x86

f0bb8abf7bd780692bdf92edce85764d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\David\Documents\Visual Studio 2010\Projects\Explorer++ 1.3.5 (Tag - DON'T UPDATE)\Explorer++\Explorer++\Release\Explorer++.pdb

Imports

shell32

SHBindToParent
ord152
SHBrowseForFolderW
ShellExecuteExW
ord23
ord2
SHGetFolderLocation
ord16
ord17
SHGetDesktopFolder
ord727
SHGetFolderPathW
SHFreeNameMappings
SHGetPathFromIDListW
SHFileOperationW
SHGetSpecialFolderPathW
ord25
SHGetFileInfoW
ord71
DragQueryFileW
ord18
ShellExecuteW

gdiplus

GdipCreatePath
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImageHorizontalResolution
GdipGetImageVerticalResolution
GdipDisposeImage
GdipDeletePath
GdipFillRectangleI
GdipDeleteGraphics
GdipCreateFromHDC
GdipCloneBrush
GdipSetPathGradientSurroundColorsWithCount
GdipCreateSolidFill
GdipCreateHBITMAPFromBitmap
GdipGetImageWidth
GdipAddPathRectangleI
GdipCreatePathGradientFromPath
GdipSetPathGradientCenterColor
GdipSetPathGradientCenterPointI
GdipCloneImage
GdipLoadImageFromFile
GdipFree
GdipAlloc
GdiplusShutdown
GdipGetAllPropertyItems
GdipGetPropertySize
GdiplusStartup
GdipGetPathGradientPointCount
GdipCreatePen1
GdipDeletePen
GdipCreateBitmapFromScan0
GdipDeleteBrush
GdipDrawLineI

shlwapi

PathIsSameRootW
StrCmpIW
PathRemoveBlanksW
SHDeleteKeyW
PathIsRootW
StrCmpW
PathIsUNCW
PathCombineW
StrCmpLogicalW
PathRemoveFileSpecW
PathFindExtensionW
PathAppendW
StrChrW
PathStripToRootW
PathRemoveBackslashW
StrRetToBufW
PathIsDirectoryW
PathRemoveExtensionW
PathStripPathW
StrCatW
SHAutoComplete
PathRenameExtensionW
SHStrDupW
PathIsRelativeW
PathIsURLW
PathCanonicalizeW

psapi

GetModuleFileNameExW

mpr

WNetGetUniversalNameW

uxtheme

SetWindowTheme

winmm

PlaySoundW

kernel32

GlobalFree
GetModuleHandleW
SetLastError
GetModuleHandleA
GetProcAddress
GetVersion
GetFileAttributesW
GetLastError
LoadLibraryA
LoadLibraryW
GetModuleFileNameW
OutputDebugStringA
lstrlenW
GlobalLock
GlobalUnlock
lstrcmpiW
GetFileAttributesExW
GetLogicalDriveStringsW
lstrcmpW
InitializeCriticalSection
GetVersionExW
FreeLibrary
InterlockedIncrement
InterlockedDecrement
CreateThread
SetThreadPriority
CloseHandle
DeleteCriticalSection
CreateFileW
GetFileSizeEx
GetUserDefaultLangID
WriteFile
EnterCriticalSection
LeaveCriticalSection
GetDriveTypeW
GetCurrentDirectoryW
GetComputerNameW
MultiByteToWideChar
GlobalMemoryStatusEx
GetDiskFreeSpaceExW
GetVolumeInformationW
SleepEx
QueueUserAPC
GetUserDefaultUILanguage
FindFirstFileW
FindNextFileW
FindClose
SetCurrentDirectoryW
GetLocaleInfoW
SetFileAttributesW
SetFileTime
WideCharToMultiByte
GlobalAlloc
CreateMutexW
GetLocalTime
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCommandLineW
SetUnhandledExceptionFilter
OpenProcess
ReadFile
GetUserDefaultLCID
lstrcpyW
GetSystemTime
CreateFileA
SetFilePointer
GetDiskFreeSpaceW
SetFilePointerEx
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDateFormatW
GetTimeFormatW
GetFileSize
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
LocalFree
FormatMessageA
GetFullPathNameW
GetCurrentDirectoryA
GetProcessHeap
GetSystemInfo
SetEnvironmentVariableA
WriteConsoleW
SetStdHandle
GetConsoleMode
GetConsoleCP
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
SetEndOfFile
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsProcessorFeaturePresent
HeapSize
HeapCreate
GetStdHandle
ExitProcess
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetCPInfo
RtlUnwind
RaiseException
GetDateFormatA
GetTimeFormatA
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapReAlloc
HeapFree
HeapAlloc
DecodePointer
EncodePointer
Sleep
InterlockedExchange
InterlockedCompareExchange
GetStringTypeW
CompareFileTime
ResetEvent
GetCurrentThread
CancelIo
ReadDirectoryChangesW
SetEvent
SetErrorMode
WaitForSingleObject
CreateEventW
ExitThread
GlobalSize
DeleteFileW
CreateHardLinkW
LocalFileTimeToFileTime
CreateDirectoryW
CompareStringW
LCMapStringW
FlushFileBuffers
SetFileValidData
GetFileInformationByHandle

user32

GetWindowTextW
AppendMenuW
MessageBoxW
ScreenToClient
RegisterDeviceNotificationW
UnregisterDeviceNotification
GetSysColorBrush
SetRect
DrawIconEx
RedrawWindow
EndPaint
InflateRect
InsertMenuItemW
GetUpdateRect
RegisterClassW
DrawTextW
DrawEdge
GetMenuState
MapWindowPoints
OffsetRect
GetWindowRect
DialogBoxParamW
IsDlgButtonChecked
FrameRect
GetSysColor
GetTabbedTextExtentW
GetMenuStringW
SystemParametersInfoW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EnableMenuItem
CreateDialogParamW
GetWindowTextLengthW
SetWindowPos
SetFocus
SetWindowTextW
DestroyIcon
GetDlgItem
EndDialog
GetParent
SetDlgItemTextW
GetDlgItemTextW
LoadStringW
SendDlgItemMessageW
LoadBitmapW
SendMessageW
LoadImageW
BeginPaint
MoveWindow
GetMenuItemInfoW
wsprintfW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
IsDialogMessageW
GetMessageW
LoadAcceleratorsW
SetWindowPlacement
GetSystemMetrics
FindWindowW
RegisterClipboardFormatW
CopyIcon
FindWindowExW
WindowFromPoint
GetCapture
SetCapture
ReleaseCapture
UnregisterClassW
GetClassLongW
GetMenuBarInfo
PrintWindow
IsWindowVisible
IsIconic
RegisterClassExW
CreateWindowExW
KillTimer
SetTimer
ShowWindow
GetWindowPlacement
EnableWindow
GetCursorPos
DestroyWindow
ChangeClipboardChain
DeleteMenu
SetClipboardViewer
SetMenu
RegisterWindowMessageW
IsClipboardFormatAvailable
PostMessageW
ClientToScreen
IntersectRect
UpdateWindow
SetMenuInfo
CreatePopupMenu
GetMenuItemID
DefWindowProcW
SetWindowLongW
PostQuitMessage
LoadCursorW
SetCursor
TrackPopupMenu
LoadMenuW
DestroyMenu
SetForegroundWindow
GetKeyState
CallWindowProcW
PtInRect
ReleaseDC
GetDC
GetIconInfo
CheckMenuItem
CheckMenuRadioItem
GetWindowLongW
GetFocus
GetDlgItemInt
SetDlgItemInt
LoadIconW
SetClassLongW
FillRect
GetClientRect
InvalidateRect
InsertMenuW
CreateMenu
GetMenuItemCount
GetMessagePos
SetMenuItemInfoW
GetSubMenu
GetMenu
CheckDlgButton

gdi32

TextOutW
CreateCompatibleBitmap
BitBlt
DeleteDC
StretchBlt
SetBrushOrgEx
SetStretchBltMode
SelectObject
CreateCompatibleDC
GetBitmapDimensionEx
SetBitmapDimensionEx
GetTextExtentPoint32W
CreateFontIndirectW
GetObjectW
CreateFontW
GetStockObject
SetBkMode
SetTextColor
CreateSolidBrush
DeleteObject

advapi32

RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegOpenKeyA
RegQueryValueExA
CryptGenRandom
CryptAcquireContextW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
GetTokenInformation
ConvertSidToStringSidW
LookupAccountSidW
GetSecurityInfo
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW

ole32

RegisterDragDrop
OleUninitialize
CLSIDFromString
OleSetClipboard
OleDuplicateData
StgCreateStorageEx
OleInitialize
CreateStreamOnHGlobal
CoTaskMemAlloc
RevokeDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CoUninitialize
CoInitializeEx
OleGetClipboard
DoDragDrop
CoCreateInstance
ReleaseStgMedium
CoTaskMemFree

oleaut32

VariantInit
VariantClear
SysAllocString
SysFreeString

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

iphlpapi

GetAdaptersAddresses

userenv

ExpandEnvironmentStringsForUserW

comctl32

ord410
ord412
ord413
ImageList_Draw

winspool.drv

GetPrinterW
OpenPrinterW
ClosePrinter

comdlg32

GetSaveFileNameW

Sections

.text
Size: 821KB - Virtual size: 821KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 448KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0bb8abf7bd780692bdf92edce85764d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shell32

gdiplus

shlwapi

psapi

mpr

uxtheme

winmm

kernel32

user32

gdi32

advapi32

ole32

oleaut32

version

iphlpapi

userenv

comctl32

winspool.drv

comdlg32

Sections

.text Size: 821KB - Virtual size: 821KB

.rdata Size: 139KB - Virtual size: 138KB

.data Size: 65KB - Virtual size: 88KB

.rsrc Size: 448KB - Virtual size: 448KB

.reloc Size: 51KB - Virtual size: 51KB

.text
Size: 821KB - Virtual size: 821KB

.rdata
Size: 139KB - Virtual size: 138KB

.data
Size: 65KB - Virtual size: 88KB

.rsrc
Size: 448KB - Virtual size: 448KB

.reloc
Size: 51KB - Virtual size: 51KB