2025-01-01_79f29c022a356b35f79b52994506a3aa_floxif_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2025-01-01_79f29c022a356b35f79b52994506a3aa_floxif_mafia
Size

3.5MB
MD5

79f29c022a356b35f79b52994506a3aa
SHA1

22ecc4ffa4a51edf9bede9cfd3d1790a8f815a7f
SHA256

6e7dd38a86f37891b28fbed068a30eb3b531768ba0de568a2839dae833d82e04
SHA512

f9b54781668a2a6a78bb4bdd851b33bc9c482588a7685dd9fd1c838322cbbff5d8da577261465ff0cb371f2833d8a11158ded2705b2e333d0d4919e53d6183bd
SSDEEP

98304:etgQmjw86xG1wiO225Xvp+gc5mZGgdSBYYigx1wGMv3BE9yM:0gQip5adUI22Hv3BE9r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-01-01_79f29c022a356b35f79b52994506a3aa_floxif_mafia

Files

2025-01-01_79f29c022a356b35f79b52994506a3aa_floxif_mafia
.exe windows:5 windows x86 arch:x86

e60bd0f19df755ecd098f18b871a7b1e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\TSUDA\manual\ManualServer.pdb

Imports

kernel32

CreateFileA
WriteConsoleW
IsValidLocale
SetEnvironmentVariableA
EnumSystemLocalesA
GetLocaleInfoA
FatalAppExitA
GetStringTypeW
IsValidCodePage
GetOEMCP
GetACP
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapDestroy
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
HeapSize
HeapQueryInformation
CreateThread
GetComputerNameW
ExitThread
ExitProcess
VirtualQuery
GetSystemInfo
VirtualAlloc
GetFileType
SetStdHandle
HeapReAlloc
RaiseException
HeapAlloc
SetConsoleCtrlHandler
GetTimeFormatW
GetSystemTimeAsFileTime
GetCPInfo
DecodePointer
EncodePointer
HeapFree
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineW
LocalLock
LocalUnlock
FindResourceExW
VirtualProtect
SearchPathW
Sleep
InitializeCriticalSectionAndSpinCount
GetTickCount
GetTempPathW
GetNumberFormatW
GetWindowsDirectoryW
GetCurrentDirectoryW
SetErrorMode
GetDiskFreeSpaceW
GetTempFileNameW
ReplaceFileW
GetUserDefaultLCID
lstrcpyW
GetFileTime
GetFileSizeEx
GetFileAttributesW
SetFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SetFileAttributesW
GetFileAttributesExW
SystemTimeToFileTime
FileTimeToSystemTime
GetAtomNameW
GetConsoleMode
GetConsoleCP
GetDateFormatW
GetTimeZoneInformation
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
DeleteCriticalSection
InitializeCriticalSection
WritePrivateProfileStringW
GetPrivateProfileIntW
CreateEventW
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
MoveFileW
CreateFileW
lstrcmpiW
GetThreadLocale
GetStringTypeExW
lstrlenA
lstrcmpA
GlobalGetAtomNameW
GetProfileIntW
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcessId
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
CopyFileW
GlobalSize
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetModuleHandleW
FreeLibrary
GetProcAddress
CompareStringW
LoadLibraryW
ActivateActCtx
DeactivateActCtx
SetLastError
lstrcmpW
ReleaseMutex
CloseHandle
CreateMutexW
GetLastError
WideCharToMultiByte
DeleteFileW
MulDiv
LoadResource
LockResource
SizeofResource
FindResourceW
MultiByteToWideChar
GetPrivateProfileStringW
GetPrivateProfileStringA
lstrlenW
GlobalAlloc
LCMapStringW
GlobalFree
GetVersionExW
GetProcessHeap

user32

MonitorFromPoint
UpdateLayeredWindow
MapVirtualKeyExW
IsCharLowerW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
RegisterClipboardFormatW
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFrameControl
DrawEdge
DrawStateW
SetClassLongW
DestroyAcceleratorTable
IsZoomed
DrawIconEx
CopyImage
GetIconInfo
NotifyWinEvent
EnableScrollBar
HideCaret
InvertRect
GetAsyncKeyState
GetMenuDefaultItem
RedrawWindow
GetDialogBaseUnits
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
CharNextW
UnionRect
SetParent
DeleteMenu
SetLayeredWindowAttributes
EnumDisplayMonitors
UnregisterClassW
GetSysColorBrush
RealChildWindowFromPoint
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
ValidateRect
PostQuitMessage
WaitMessage
GetMenuItemInfoW
CharUpperW
UnpackDDElParam
ReuseDDElParam
DestroyMenu
GetMenuBarInfo
LoadImageW
GetActiveWindow
LoadAcceleratorsW
InsertMenuItemW
CreatePopupMenu
IntersectRect
BringWindowToTop
GetDesktopWindow
TranslateAcceleratorW
GetMessageW
GetDCEx
SetRectEmpty
ReleaseCapture
SetCursor
LoadCursorW
SetCapture
SetWindowRgn
SystemParametersInfoW
IsRectEmpty
WindowFromPoint
GetWindowThreadProcessId
EndPaint
BeginPaint
IsMenu
ClientToScreen
GrayStringW
DrawTextExW
TabbedTextOutW
MapVirtualKeyW
GetKeyNameTextW
ReleaseDC
GetDC
GetMenuStringW
InsertMenuW
RemoveMenu
ScrollWindowEx
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
IsWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
GetMenuItemID
GetMenuItemCount
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
PostThreadMessageW
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
InSendMessage
CreateMenu
SetMenuDefaultItem
IsClipboardFormatAvailable
SendNotifyMessageW
GetTabbedTextExtentW
GetWindowRgn
WindowFromDC
DestroyCursor
EnumChildWindows
RegisterClassW
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
SubtractRect
GetDoubleClickTime
CharUpperBuffW
CopyIcon
GetUpdateRect
GetWindowDC
FrameRect
CallWindowProcW
GetMenu
GetWindowLongW
SetWindowLongW
SetWindowPos
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
IsIconic
GetSystemMenu
AppendMenuW
DrawIcon
GetWindowRect
LoadIconW
LoadMenuW
GetSubMenu
RegisterWindowMessageW
GetCursorPos
GetParent
GetFocus
PostMessageW
DrawTextW
SendMessageW
KillTimer
SetTimer
InvalidateRect
GetClientRect
OffsetRect
SetRect
PtInRect
PeekMessageW
TranslateMessage
DispatchMessageW
GetSystemMetrics
DrawFocusRect
FillRect
InflateRect
CopyRect
GetSysColor
EnableWindow
DestroyIcon

gdi32

EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateHatchBrush
CreateEllipticRgn
DPtoLP
LPtoDP
CreateDIBSection
UnrealizeObject
SetRectRgn
CombineRgn
GetMapMode
CreateDIBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
GetCharWidthW
CreateFontW
StretchDIBits
GetBkColor
GetTextColor
GetRgnBox
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
GetCurrentObject
CreateRoundRectRgn
CreatePolygonRgn
Polyline
Polygon
GetObjectType
GetDIBits
SetPixel
OffsetRgn
EnumFontFamiliesExW
RoundRect
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceW
CreateMetaFileW
CloseMetaFile
DeleteMetaFile
GetViewportExtEx
SelectClipPath
CreateRectRgn
SelectPalette
PlayMetaFileRecord
GetClipRgn
GetStockObject
CreatePatternBrush
CreateDIBPatternBrushPt
GetWindowExtEx
DeleteDC
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
StartDocW
SetDIBColorTable
GetObjectW
SelectClipRgn
DeleteObject
SetColorAdjustment
SetArcDirection
SetLayout
GetLayout
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
PatBlt
CreateRectRgnIndirect
CreateDCW
CopyMetaFileW
SetBkColor
CreateBitmap
SetViewportOrgEx
SetBkMode
SetTextColor
GetTextExtentPoint32W
StretchBlt
Rectangle
Ellipse
GetDeviceCaps
CreateCompatibleBitmap
CreateFontIndirectW
CreateSolidBrush
BitBlt
CreateCompatibleDC
GetPixel

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
GetJobW
OpenPrinterW
DocumentPropertiesW

advapi32

GetFileSecurityW
RegCloseKey
RegSetValueW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegEnumKeyExW
RegEnumValueW
GetUserNameW
SetFileSecurityW
RegQueryValueW

shell32

ShellExecuteW
Shell_NotifyIconW
DragFinish
DragQueryFileW
SHGetFileInfoW
SHAddToRecentDocs
ShellExecuteExW
SHAppBarMessage
SHBrowseForFolderW
SHGetMalloc
SHFileOperationW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetDesktopFolder
ExtractIconW

comctl32

ord17
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Create
ImageList_GetImageCount
ImageList_Destroy
ImageList_AddMasked
ImageList_Remove
ImageList_DrawEx

shlwapi

PathIsUNCW
PathFindExtensionW
PathRemoveExtensionW
PathFindFileNameW
PathStripToRootW
PathRemoveFileSpecW

ole32

CoCreateInstance
StringFromGUID2
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTreatAsClass
CoUninitialize
OleCreateFromData
ReleaseStgMedium
CreateBindCtx
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
OleSaveToStream
WriteClassStm
CoInitialize
PropVariantCopy
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
CoInitializeEx
OleRun
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
StgCreateDocfile
CreateFileMoniker
StgOpenStorage
StgIsStorageFile
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleSetMenuDescriptor
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
CreateDataAdviseHolder
CreateOleAdviseHolder
CoGetMalloc
GetRunningObjectTable
OleIsRunning
OleQueryLinkFromData
OleQueryCreateFromData
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleRegGetMiscStatus
OleRegEnumVerbs
CreateGenericComposite
CreateItemMoniker
OleGetIconOfClass
OleCreateLinkToFile
OleCreateFromFile
OleSetContainedObject
GetHGlobalFromILockBytes
OleLoad
OleCreate
OleCreateStaticFromData
StringFromCLSID
OleCreateLinkFromData
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
OleSave
CoRegisterMessageFilter
CoRevokeClassObject
CoTaskMemAlloc
CoRegisterClassObject

oleaut32

SysAllocStringLen
OleCreateFontIndirect
VarBstrFromDate
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
VarDateFromStr
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
SysAllocString
SysStringByteLen
SysAllocStringByteLen
SysFreeString
VariantInit
VariantChangeType
VariantClear
SafeArrayGetElement

oledlg

OleUIBusyW

ws2_32

inet_ntoa
gethostbyname
gethostname
WSAStartup
WSAGetLastError
listen
recv
send
WSAAsyncSelect
recvfrom
sendto
connect
WSASetLastError
getpeername
getsockname
bind
select
socket
accept
inet_addr
htons
htonl
closesocket
ntohs
WSACleanup

gdiplus

GdiplusShutdown
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 583KB - Virtual size: 583KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 190KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e60bd0f19df755ecd098f18b871a7b1e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

ws2_32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 583KB - Virtual size: 583KB

.data Size: 42KB - Virtual size: 77KB

.idata Size: 24KB - Virtual size: 23KB

.rsrc Size: 76KB - Virtual size: 76KB

.reloc Size: 190KB - Virtual size: 189KB

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 583KB - Virtual size: 583KB

.data
Size: 42KB - Virtual size: 77KB

.idata
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 76KB - Virtual size: 76KB

.reloc
Size: 190KB - Virtual size: 189KB