2025-01-05_1ecc5b88c0fa8b87e13bac52e26c61a9_floxif_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2025-01-05_1ecc5b88c0fa8b87e13bac52e26c61a9_floxif_mafia
Size

4.7MB
MD5

1ecc5b88c0fa8b87e13bac52e26c61a9
SHA1

10280c138b1b30c8ffe65e2517cc0f78e369fe53
SHA256

11eb0d951ee88b07c29f61d806193f425a34d916e575cdf23d3a7c14acdefd67
SHA512

584fb6c86422f6f5236a73fff74ce3e711bba64386c58cbc7ef91688c9ae595f5623454008ba34981dc231e2c4bdc3e8a32bd0df7e7254d0c220267ad9703eb5
SSDEEP

98304:0tATYk64fZjHwWUBU4f53k1zZ/jtGE2JWBSC:Z3pZdCU4fOYJo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-01-05_1ecc5b88c0fa8b87e13bac52e26c61a9_floxif_mafia

Files

2025-01-05_1ecc5b88c0fa8b87e13bac52e26c61a9_floxif_mafia
.exe windows:5 windows x86 arch:x86

b7651f1c4ecb92aeef7e1a77258b4d63

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\kkowalczyk\src\sumatrapdf-1.8\obj-rel\SumatraPDF.pdb

Imports

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetKeySecurity
SetFileSecurityA
SetFileSecurityW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegQueryValueExA
RegOpenKeyExA

kernel32

DeleteCriticalSection
lstrcpyW
FindResourceW
LoadResource
SizeofResource
LockResource
GetDateFormatW
GetTimeFormatW
GetCommandLineW
CopyFileExW
SetErrorMode
GetPrivateProfileStringW
FormatMessageW
GetFileAttributesW
MulDiv
GetPrivateProfileIntW
GetLastError
LocalFree
SetFileAttributesW
GetUserDefaultUILanguage
ReadDirectoryChangesW
GetOverlappedResult
ResetEvent
WaitForMultipleObjects
GetTickCount
Sleep
SetThreadExecutionState
GetSystemTime
GetLogicalDrives
GetTempFileNameW
GetExitCodeProcess
GetTempPathW
GetShortPathNameW
GlobalLock
GetProfileStringW
GlobalUnlock
GlobalFree
GlobalDeleteAtom
GlobalAddAtomW
GetDriveTypeW
CreateDirectoryW
WriteFile
ReadFile
GetFileSizeEx
GetLongPathNameW
GetFileTime
GetFileAttributesExW
GetFileInformationByHandle
AllocConsole
CreateProcessW
SetConsoleScreenBufferSize
GlobalAlloc
GetSystemDirectoryW
LoadLibraryW
GetStdHandle
GetConsoleScreenBufferInfo
GetVersion
CreateFileA
SetFilePointer
SetFileTime
MoveFileW
FlushFileBuffers
EnterCriticalSection
GetFileType
CreateDirectoryA
GetModuleHandleW
GetFileAttributesA
SetFileAttributesA
DeviceIoControl
FindNextFileA
FindFirstFileA
GetFullPathNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
IsDBCSLeadByte
GetCPInfo
InterlockedExchange
CreateEventA
InterlockedCompareExchange
DeleteFileA
CreateProcessA
CompareStringW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetCurrentDirectoryW
PeekNamedPipe
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
IsValidCodePage
GetOEMCP
GetACP
HeapSize
GetProcessHeap
GetConsoleMode
GetConsoleCP
SetHandleCount
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
HeapCreate
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
HeapSetInformation
GetCommandLineA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
DuplicateHandle
WriteConsoleW
MoveFileA
RaiseException
InitializeCriticalSectionAndSpinCount
SetStdHandle
FindFirstFileExW
EncodePointer
DecodePointer
ExitProcess
HeapReAlloc
RtlUnwind
HeapFree
HeapAlloc
LeaveCriticalSection
InitializeCriticalSection
CreateThread
ResumeThread
SuspendThread
GetCurrentProcessId
Module32NextW
GetCurrentThreadId
CreateToolhelp32Snapshot
GetModuleHandleA
GetModuleFileNameA
GetSystemInfo
Module32FirstW
CreateEventW
OpenThread
GetProcAddress
Thread32Next
TerminateProcess
GetVersionExW
Thread32First
FormatMessageA
GetCurrentThread
SetEvent
WaitForSingleObject
GetCurrentProcess
SetUnhandledExceptionFilter
VirtualQuery
GetLocaleInfoA
GetThreadContext
GetEnvironmentVariableW
GetLocaleInfoW
SystemTimeToFileTime
GetWindowsDirectoryW
CloseHandle
FindNextFileW
FindClose
lstrlenW
CreateFileW
GetModuleFileNameW
lstrcpynW
WideCharToMultiByte
FindFirstFileW
GetFullPathNameW
DeleteFileW
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
GlobalMemoryStatusEx
GetSystemTimeAsFileTime
QueryPerformanceFrequency
QueryPerformanceCounter
SetEndOfFile
GetTimeZoneInformation

user32

CharUpperW
CharToOemA
CharLowerA
CharUpperA
DrawFrameControl
HideCaret
CopyImage
ShowCaret
SetClassLongW
TrackPopupMenu
SetForegroundWindow
CreateMenu
AppendMenuW
EnableMenuItem
RedrawWindow
CreatePopupMenu
RemoveMenu
SetMenuItemInfoW
GetMessagePos
LoadImageW
DdeInitializeW
DdeCreateStringHandleW
DdeFreeStringHandle
DdeUninitialize
DdeCreateDataHandle
DdeClientTransaction
DdeConnect
DdeDisconnect
GetMonitorInfoW
DdeFreeDataHandle
MonitorFromRect
FindWindowW
TranslateAcceleratorW
SetTimer
GetMessageW
PostQuitMessage
IsIconic
SetCapture
KillTimer
IsZoomed
GetKeyState
GetFocus
TrackMouseEvent
LoadCursorW
SetParent
IsCharUpperW
GetCapture
TranslateMessage
GetPropW
UnpackDDElParam
MonitorFromWindow
GetDesktopWindow
CloseClipboard
EmptyClipboard
OpenClipboard
SetClipboardData
GetMenuItemID
OemToCharA
CheckMenuRadioItem
InsertMenuW
CheckMenuItem
ShowWindowAsync
ReuseDDElParam
FindWindowExW
PostMessageW
GetSystemMetrics
MessageBoxW
wsprintfA
ReleaseDC
GetDC
FillRect
IsCharAlphaNumericW
CharLowerW
MoveWindow
DefWindowProcW
SendMessageW
CreateWindowExW
ShowWindow
GetCursorPos
BeginPaint
GetClientRect
DrawTextW
SetActiveWindow
GetWindowRect
ScreenToClient
SetCursor
DestroyWindow
EndPaint
CallWindowProcW
EnableWindow
MapWindowPoints
SetDlgItemTextW
CheckRadioButton
IsDlgButtonChecked
CheckDlgButton
SendDlgItemMessageW
EndDialog
SetWindowLongW
GetDlgItem
GetWindowLongW
SetFocus
GetParent
DialogBoxParamW
DialogBoxIndirectParamW
DispatchMessageW
GetScrollPos
SetScrollInfo
DestroyMenu
UpdateWindow
IsWindowVisible
ReleaseCapture
GetCursor
ShowScrollBar
IsWindow
LoadBitmapW
SetMenu
SetWindowPos
CharToOemBuffW
OemToCharBuffA
RemovePropW
SetPropW
GetWindowDC
DeferWindowPos
BeginDeferWindowPos
ModifyMenuW
EndDeferWindowPos
MessageBeep
IsWindowUnicode
GetSysColor
SystemParametersInfoW
InvalidateRect
GetScrollInfo
LoadIconW
RegisterClassExW
GetForegroundWindow
LoadAcceleratorsW

gdi32

Rectangle
SelectClipRgn
SetBkMode
GetDIBits
TextOutW
SetTextColor
GetTextExtentPoint32W
CreateFontIndirectW
BitBlt
GetDeviceCaps
GetObjectW
AbortDoc
SetDIBits
StartDocW
SetMapMode
CreateDCW
StartPage
EndPage
SetBkColor
SetWorldTransform
LineTo
SetGraphicsMode
MoveToEx
CreateRectRgn
SetStretchBltMode
CreateRoundRectRgn
CreatePen
EndDoc
RoundRect
GetStockObject
DeleteDC
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateDIBitmap
CreateSolidBrush
StretchBlt
DeleteObject

comdlg32

PrintDlgExW
GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError

shell32

SHBindToParent
ShellExecuteExW
SHGetDesktopFolder
SHGetSpecialFolderPathW
DragFinish
DragQueryFileW
DragAcceptFiles
SHAddToRecentDocs
SHChangeNotify
SHGetFileInfoW

gdiplus

GdipGetImageHorizontalResolution
GdipScaleMatrix
GdipCreateBitmapFromStream
GdipGetImageVerticalResolution
GdipDrawImageI
GdipTranslateMatrix
GdipGetImageEncodersSize
GdipRotateMatrix
GdipGetImageEncoders
GdipCreateHBITMAPFromBitmap
GdipTransformMatrixPoints
GdipFillEllipseI
GdipInvertMatrix
GdipFillPath
GdipSetPenTransform
GdipCreateFromHDC
GdipCreateFontFamilyFromName
GdipCreateRegion
GdipStringFormatGetGenericTypographic
GdipFillRectangle
GdipTranslateWorldTransform
GdipSetCompositingMode
GdipGetWorldTransform
GdipCreatePen1
GdipDrawLineI
GdipFillRectangleI
GdiplusStartup
GdipSetCompositingQuality
GdipSetPenDashOffset
GdipSetPenLineJoin
GdipSetPixelOffsetMode
GdipGetImageWidth
GdipCreatePath
GdipCloneFontFamily
GdipCloneImage
GdipRestoreGraphics
GdipSaveImageToFile
GdipBitmapLockBits
GdiplusShutdown
GdipDeleteBrush
GdipFree
GdipSetClipRegion
GdipGetFontCollectionFamilyList
GdipDeletePen
GdipCloneBrush
GdipCloneBitmapAreaI
GdipNewPrivateFontCollection
GdipDrawString
GdipCreateImageAttributes
GdipGetGenericFontFamilySansSerif
GdipDeleteRegion
GdipTransformPath
GdipGetClipBoundsI
GdipDeletePath
GdipSetInterpolationMode
GdipGetCellAscent
GdipDeletePrivateFontCollection
GdipDeleteMatrix
GdipSetPageUnit
GdipCreateRegionPath
GdipCreateFont
GdipDisposeImage
GdipCreateMatrix2
GdipAlloc
GdipSaveGraphics
GdipDisposeImageAttributes
GdipCreateSolidFill
GdipBitmapUnlockBits
GdipIsStyleAvailable
GdipSetPenMiterLimit
GdipDeleteFontFamily
GdipCreatePen2
GdipWidenPath
GdipSetSmoothingMode
GdipSetPenLineCap197819
GdipGetRegionBounds
GdipCreateRegionRectI
GdipSetWorldTransform
GdipTransformRegion
GdipGetMatrixElements
GdipGetFontCollectionFamilyCount
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipSetClipRectI
GdipSetPenDashArray
GdipGetDpiY
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipDeleteFont
GdipGetClip
GdipDrawPath
GdipCreateMatrix
GdipSetPageScale
GdipSetTextRenderingHint
GdipDrawImagePointsRect
GdipGetFamilyName
GdipPrivateAddFontFile
GdipFillPolygon
GdipAddPathPath
GdipGetEmHeight
GdipDrawImageRectRectI
GdipGetImageHeight
GdipSetImageAttributesColorMatrix
GdipCreatePath2
GdipClonePath

comctl32

ImageList_Create
ImageList_AddMasked
InitCommonControlsEx
ImageList_Destroy
CreatePropertySheetPageW
ImageList_GetIconSize
ImageList_Draw

msimg32

AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter
ord203

wininet

HttpSendRequestA
HttpOpenRequestW
HttpQueryInfoW
InternetSetOptionW
InternetConnectW
InternetReadFile
InternetOpenUrlW
InternetOpenW
InternetCloseHandle

ole32

CoTaskMemFree
CoInitialize
CreateStreamOnHGlobal
CoUninitialize
OleUninitialize
OleInitialize
CoCreateInstance

shlwapi

StrStrW
StrStrIW
PathIsRelativeW
SHDeleteKeyW
PathAppendW
SHSetValueW
StrRStrIW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 328KB - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7651f1c4ecb92aeef7e1a77258b4d63

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

user32

gdi32

comdlg32

shell32

gdiplus

comctl32

msimg32

winspool.drv

wininet

ole32

shlwapi

version

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 2.0MB - Virtual size: 2.0MB

.data Size: 328KB - Virtual size: 403KB

.rsrc Size: 137KB - Virtual size: 137KB

.reloc Size: 127KB - Virtual size: 126KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 2.0MB - Virtual size: 2.0MB

.data
Size: 328KB - Virtual size: 403KB

.rsrc
Size: 137KB - Virtual size: 137KB

.reloc
Size: 127KB - Virtual size: 126KB