2024-01-06_2970a5d6450d2da3c74cd967fc21c3f1_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-01-06_2970a5d6450d2da3c74cd967fc21c3f1_mafia
Size

1.6MB
MD5

2970a5d6450d2da3c74cd967fc21c3f1
SHA1

4f18385aaafce1acdf7c0776c21c533939877db1
SHA256

9ccb6088fcd6c0d0dcf92c53380d2487a5e01b9600a6d8df858fdb75b8f29fa2
SHA512

00dbf4891bdc5edf27a560b154395df8b5ccc4665fc056fd02a22fe8f4b050e15f402257de9e614478e9fcb123ea2fc5e893e075524c6942f25b162f0f2b0f20
SSDEEP

49152:6JB0ji8EdtHYcheuC8U23vpJYlkn0Y2Bl3J/lLOalIVeUwcvtqzOyeVfK:6JBtdGcheuC8U23vpWlk05l3J/mVPwcO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-06_2970a5d6450d2da3c74cd967fc21c3f1_mafia

Files

2024-01-06_2970a5d6450d2da3c74cd967fc21c3f1_mafia
.exe windows:5 windows x86 arch:x86

04f3cfbd6c5fbd4181ae4234a4e1a4b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
WriteConsoleW
CompareStringW
GetConsoleMode
GetConsoleCP
IsProcessorFeaturePresent
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetTimeZoneInformation
GetStdHandle
WideCharToMultiByte
GetStringTypeW
IsValidCodePage
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSize
HeapQueryInformation
CreateThread
ExitThread
GetFileType
SetStdHandle
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
RaiseException
RtlUnwind
HeapFree
HeapAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetSystemTimeAsFileTime
ExitProcess
DecodePointer
EncodePointer
FindResourceExW
VirtualProtect
GetNumberFormatA
GetWindowsDirectoryA
SearchPathA
Sleep
GetProfileIntA
GetOEMCP
GetCPInfo
GetACP
GetTickCount
GetTempPathA
GetTempFileNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
lstrcpyA
GlobalFlags
GetCurrentDirectoryA
GetFileTime
GetFileSizeEx
GetFileAttributesA
GetFileAttributesExA
SetErrorMode
GlobalGetAtomNameA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
ReleaseActCtx
CreateActCtxW
InterlockedIncrement
GetModuleFileNameW
GlobalAddAtomA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentProcessId
FindResourceA
FreeResource
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
CompareStringA
InterlockedExchange
lstrcmpA
GetModuleHandleW
LocalAlloc
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
CloseHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
ActivateActCtx
LoadLibraryA
DeactivateActCtx
DeleteFileA
GetModuleHandleA
GetProcAddress
CreateFileA
lstrcmpiA
GetThreadLocale
GetLastError
SetLastError
CopyFileA
GlobalSize
FormatMessageA
LocalFree
lstrlenW
MultiByteToWideChar
MulDiv
lstrlenA
GlobalUnlock
GlobalLock
GlobalAlloc
InterlockedDecrement
GetModuleFileNameA
GlobalFree
SetFileAttributesA
FindResourceW
LoadResource
LockResource
SizeofResource
SetEnvironmentVariableA

user32

OpenClipboard
GetMenuDefaultItem
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
PostThreadMessageA
CreateMenu
IsMenu
UpdateLayeredWindow
EnableScrollBar
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
UnionRect
GetKeyNameTextA
RegisterClipboardFormatA
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyA
ToAsciiEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateA
GetSystemMenu
LoadMenuW
SetClassLongA
GetAsyncKeyState
NotifyWinEvent
DestroyAcceleratorTable
SetParent
RedrawWindow
SetWindowRgn
IsZoomed
GetMenuItemInfoA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
LoadImageA
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorA
UnregisterClassA
DestroyIcon
IsIconic
RegisterWindowMessageA
LoadIconW
LoadIconA
WinHelpA
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetMessageTime
GetMessagePos
MonitorFromWindow
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
CreateWindowExA
GetClassInfoExA
CopyImage
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
CallWindowProcA
GetMenu
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
EndDialog
MessageBeep
IsChild
GetTopWindow
GetNextDlgTabItem
GetNextDlgGroupItem
InvalidateRgn
EqualRect
IntersectRect
IsRectEmpty
CopyAcceleratorTableA
OffsetRect
CharNextA
SetFocus
ShowWindow
MoveWindow
SetWindowLongA
IsWindow
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
CheckDlgButton
GetClassInfoA
DefWindowProcA
MapWindowPoints
GetClientRect
SetRect
InflateRect
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuA
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoA
GetMonitorInfoA
SetRectEmpty
CopyRect
KillTimer
SetTimer
InvalidateRect
RealChildWindowFromPoint
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
SetWindowTextA
DeleteMenu
WaitMessage
ReleaseCapture
LoadCursorW
GetCapture
WindowFromPoint
SetCapture
GetWindowTextLengthA
GetWindowTextA
UnhookWindowsHookEx
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
CopyIcon
CharUpperBuffA
GetDoubleClickTime
GetIconInfo
IsCharLowerA
MapVirtualKeyExA
SubtractRect
InvertRect
HideCaret
LoadCursorA
GetSysColorBrush
ShowOwnedPopups
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
DrawIcon
DestroyCursor
RegisterClassA
GetMenuItemID
AppendMenuA
GetMenuStringA
GetMenuState
GetSystemMetrics
CharUpperA
GetDesktopWindow
PostMessageA
PostQuitMessage
SetWindowPos
MapDialogRect
GetParent
SetWindowContextHelpId
GetWindow
MessageBoxA
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
SendMessageA
GetWindowThreadProcessId
UpdateWindow
PeekMessageA
FillRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ScreenToClient
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
GetSysColor
CheckMenuItem
EnableMenuItem
ModifyMenuA
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
GetKeyState
IsWindowVisible
GetWindowRgn

gdi32

GetTextColor
GetRgnBox
SetRectRgn
CombineRgn
GetMapMode
PatBlt
GetTextExtentPoint32A
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
OffsetRgn
SetDIBColorTable
RealizePalette
StretchBlt
SetPixel
Rectangle
CreatePalette
GetPaletteEntries
GetBkColor
GetSystemPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExA
GetTextFaceA
SetPixelV
Escape
ExtTextOutA
TextOutA
EnumFontFamiliesA
GetTextCharsetInfo
GetTextMetricsA
CreateRectRgnIndirect
CreateCompatibleBitmap
CreateFontIndirectA
CreateDIBitmap
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreateBitmap
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetNearestPaletteIndex
StartDocA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectA
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
DeleteDC
CreateDCA
CopyMetaFileA
EndDoc
EndPage
StartPage
DPtoLP
GetDeviceCaps
SelectObject

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
GetPrinterA
OpenPrinterA

advapi32

RegDeleteValueA
CryptCreateHash
CryptReleaseContext
CryptHashData
CryptDeriveKey
CryptEncrypt
CryptDestroyKey
CryptDestroyHash
CryptDecrypt
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
CryptAcquireContextA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

DragFinish
DragQueryFileA
SHAppBarMessage
ShellExecuteA
SHBrowseForFolderA
SHGetFileInfoA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder

comctl32

ImageList_GetIconSize

shlwapi

PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA

ole32

IsAccelerator
OleLockRunning
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
CoRevokeClassObject
RevokeDragDrop
OleInitialize
OleGetClipboard
CoTaskMemFree
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoCreateGuid
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoInitializeEx
OleUninitialize
CoLockObjectExternal
CoFreeUnusedLibraries
OleRun
CoCreateInstance
CoUninitialize
CoInitialize
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
RegisterDragDrop
OleTranslateAccelerator
CoRegisterMessageFilter

oleaut32

SysAllocStringByteLen
SysAllocStringLen
SysStringLen
VariantClear
VariantChangeType
SysFreeString
SafeArrayDestroy
OleCreateFontIndirect
SysAllocString
VariantInit
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantCopy
CreateErrorInfo

oledlg

ord8

wininet

HttpOpenRequestA
InternetConnectA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
HttpQueryInfoA
HttpAddRequestHeadersA
InternetQueryDataAvailable
InternetSetOptionExA

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04f3cfbd6c5fbd4181ae4234a4e1a4b1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

wininet

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 272KB - Virtual size: 271KB

.data Size: 25KB - Virtual size: 54KB

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 165KB - Virtual size: 164KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 272KB - Virtual size: 271KB

.data
Size: 25KB - Virtual size: 54KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 165KB - Virtual size: 164KB