2024-01-01_a7f8f3f2b3e5b44ef685b8c3b7c32577_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-01_a7f8f3f2b3e5b44ef685b8c3b7c32577_mafia
Size

4.5MB
MD5

a7f8f3f2b3e5b44ef685b8c3b7c32577
SHA1

334540ae93ecdef04689ed31acb0bd197c4355de
SHA256

8428199d320bb34d195b3a763770df1a3c0ae519e33b21d28b9467699892aa55
SHA512

7568791312cd668be952f4444856fa51e31319b14497f10ea59e7ee975f134edb044c966b03de169afc54e0458504a514bfee0d38ac234c38dfa545f788f305b
SSDEEP

98304:BVqo5ywMWOUqv4NTYalEyT4mOgmfiua/NF1LGBft:TucT9dGgmfiuav1LG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-01_a7f8f3f2b3e5b44ef685b8c3b7c32577_mafia

Files

2024-01-01_a7f8f3f2b3e5b44ef685b8c3b7c32577_mafia
.exe windows:5 windows x86 arch:x86

de804a6b1094e679cc9f5be0f77c9864

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

netapi32

NetUserGetInfo
NetUserChangePassword

winmm

PlaySoundW
sndPlaySoundW

kernel32

GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetTimeZoneInformation
IsProcessorFeaturePresent
GetConsoleCP
GetConsoleMode
GetStringTypeW
HeapCreate
GetCPInfo
IsValidLocale
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
EnumSystemLocalesA
SetUnhandledExceptionFilter
GetFileType
SetStdHandle
HeapSize
HeapQueryInformation
CreateThread
ExitThread
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapReAlloc
RtlUnwind
ExitProcess
GetSystemTimeAsFileTime
HeapAlloc
DecodePointer
EncodePointer
HeapFree
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
GetUserDefaultLCID
VirtualProtect
GetFileTime
GetFileSizeEx
GetFileAttributesExW
SetErrorMode
SearchPathW
GetProfileIntW
GetFileAttributesW
GetTempFileNameW
GetNumberFormatW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiW
GetCurrentDirectoryW
GetThreadLocale
GetSystemDirectoryW
GlobalGetAtomNameW
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
FileTimeToLocalFileTime
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
FileTimeToSystemTime
InterlockedDecrement
SetLastError
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
CreateEventW
SuspendThread
SetEvent
SetThreadPriority
RaiseException
ReleaseActCtx
CreateActCtxW
GetCurrentProcessId
GetModuleFileNameW
CopyFileW
GlobalSize
GlobalAlloc
FormatMessageW
LocalFree
MulDiv
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
FreeLibrary
lstrcmpW
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
ResumeThread
GetDiskFreeSpaceExW
GetDriveTypeW
GetLogicalDriveStringsW
CreateFileW
lstrcpyW
lstrcatW
GetTempPathW
FindClose
FindNextFileW
SetFileAttributesW
DeleteFileW
RemoveDirectoryW
FindFirstFileW
GetSystemTime
WideCharToMultiByte
lstrlenW
WinExec
GetEnvironmentVariableW
ReleaseMutex
GetLocalTime
CreateMutexW
MultiByteToWideChar
lstrlenA
GetVersionExW
WaitForSingleObject
Sleep
GetTickCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
CloseHandle
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
FindResourceW
LoadResource
LockResource
SizeofResource
GetVolumePathNameW
GetWindowsDirectoryW
ActivateActCtx
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetLastError
DeactivateActCtx
GetLocaleInfoA

user32

TranslateAcceleratorW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
RegisterClipboardFormatW
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFrameControl
DrawEdge
SetClassLongW
DestroyAcceleratorTable
SetParent
DrawIconEx
LoadImageW
GetIconInfo
HideCaret
DrawFocusRect
InvertRect
GetNextDlgGroupItem
WaitMessage
GetMenuDefaultItem
SetMenuDefaultItem
CreatePopupMenu
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
CharUpperW
IsZoomed
GetAsyncKeyState
NotifyWinEvent
MessageBeep
WindowFromPoint
SetWindowRgn
GetSystemMenu
DeleteMenu
CharNextW
ReleaseCapture
SetCapture
InvalidateRgn
OffsetRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
UnregisterClassW
EnumDisplayMonitors
SetRectEmpty
LoadCursorW
GetSysColorBrush
CopyImage
IntersectRect
RealChildWindowFromPoint
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
ShowOwnedPopups
SetCursor
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
DrawStateW
GetMessageW
TranslateMessage
GetCursorPos
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
InsertMenuItemW
DrawTextW
TabbedTextOutW
FillRect
GetMenuStringW
AppendMenuW
InsertMenuW
RemoveMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
GetMenuState
CheckMenuItem
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
EnableWindow
SendMessageW
LoadIconW
GetParent
InvalidateRect
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
ReuseDDElParam
UnpackDDElParam
CopyIcon
CharUpperBuffW
PostThreadMessageW
IsCharLowerW
MapVirtualKeyExW
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
CreateMenu
IsClipboardFormatAvailable
GetUpdateRect
SubtractRect
IsWindowVisible
ValidateRect
PostMessageW
GetMenuItemID
GetMenuItemCount
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
GetDoubleClickTime
GetWindowRgn
DestroyCursor
DrawTextExW
UpdateWindow
KillTimer
SetTimer
wsprintfW
GetSystemMetrics
LoadBitmapW
GetDesktopWindow
GetWindowRect
IsIconic
GetClientRect
DrawIcon
FindWindowW
FlashWindow
PeekMessageW
DispatchMessageW
DestroyIcon
SetLayeredWindowAttributes
PtInRect
LoadMenuW
GetSubMenu
EnableMenuItem
EndDialog
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
GetWindowLongW
IsWindow
DestroyWindow
CreateDialogIndirectParamW
SetActiveWindow
GetActiveWindow
CopyRect
GetDC
ReleaseDC
GetKeyNameTextW
MapVirtualKeyW
GetWindow
SetWindowPos
SetWindowLongW
GetMenu
CallWindowProcW
DefWindowProcW
GetDlgCtrlID
GetWindowPlacement
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
FrameRect

gdi32

GetTextMetricsW
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
CreateDIBitmap
CreateCompatibleBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetRgnBox
GetBkColor
GetTextColor
CreateRoundRectRgn
CreateDIBSection
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
OffsetRgn
SetDIBColorTable
GetTextExtentPoint32W
SetPixel
Rectangle
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
SetPixelV
GetTextFaceW
CreateSolidBrush
CreateHatchBrush
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
CreateFontW
DeleteObject
OffsetViewportOrgEx
SetViewportOrgEx
StretchBlt
CreateFontIndirectW
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateDCW
CopyMetaFileW
GetDeviceCaps
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
PatBlt
CreateRectRgnIndirect
BitBlt
CreateCompatibleDC
SelectObject

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumValueW
RegQueryValueExW
RegCloseKey
RegOpenKeyW
RegCreateKeyW
RegSetValueExW
RegDeleteValueW
GetUserNameW
RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW

shell32

SHGetSpecialFolderPathW
SHQueryRecycleBinW
SHEmptyRecycleBinW
SHGetFileInfoW
SHGetDesktopFolder
SHGetMalloc
ShellExecuteExW
SHFileOperationW
SHBrowseForFolderW
DragQueryFileW
DragFinish
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathIsDirectoryW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFileExistsW

ole32

CoInitializeEx
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
CoRevokeClassObject
CoRegisterMessageFilter
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
CLSIDFromString
CoTaskMemFree
OleRun
CoCreateInstance
CoUninitialize
CoInitialize
CLSIDFromProgID
RevokeDragDrop

oleaut32

VariantCopy
VariantClear
SysAllocString
SysAllocStringLen
VariantChangeType
DispCallFunc
LoadRegTypeLi
SysStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayCreate
VariantInit
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
OleCreateFontIndirect
SysFreeString
GetErrorInfo

oledlg

OleUIBusyW

urlmon

URLDownloadToFileW

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

iphlpapi

GetAdaptersInfo

ws2_32

inet_ntoa
gethostbyname
gethostname
WSAStartup
WSACleanup

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 186KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de804a6b1094e679cc9f5be0f77c9864

Headers

DLL Characteristics

File Characteristics

Imports

netapi32

winmm

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

urlmon

gdiplus

iphlpapi

ws2_32

oleacc

imm32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 315KB - Virtual size: 314KB

.data Size: 45KB - Virtual size: 75KB

.rsrc Size: 2.7MB - Virtual size: 2.7MB

.reloc Size: 186KB - Virtual size: 185KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 315KB - Virtual size: 314KB

.data
Size: 45KB - Virtual size: 75KB

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

.reloc
Size: 186KB - Virtual size: 185KB