2024-01-06_c6a976fa1de422891dc0ba339058a778_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-06_c6a976fa1de422891dc0ba339058a778_mafia
Size

1.8MB
MD5

c6a976fa1de422891dc0ba339058a778
SHA1

f669982d4a5e64b49aa1f09d0053129d96edfe7a
SHA256

e8a03a17c5e6a95bc16c615b03aba3bf3f1e772bab0d7228fb38cc7b65f0f388
SHA512

6f92668c906838a38dc2e8821e2f7b0ec90f05dc9952ce5a3aba29420abaa6ad51ae421a93a8f626b00c59d5a2aa314d68c5bc9bd54774981d71d567d2b9b051
SSDEEP

49152:Mz+ohTNnuICvxI+LVLrU07DKARr/h8CiyByUIV7ifj/cvXNi/R014kQ:Mz7TNniJI+LV00PKA9/h8CiyBy5VWAvH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-06_c6a976fa1de422891dc0ba339058a778_mafia

Files

2024-01-06_c6a976fa1de422891dc0ba339058a778_mafia
.exe windows:5 windows x86 arch:x86

fdd3f76513ad3eeae557c4e0c57e7b25

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

netapi32

NetUserModalsGet
NetGetDCName
NetServerEnum
NetQueryDisplayInformation
NetShareGetInfo
NetShareAdd
NetWkstaTransportEnum
NetServerGetInfo
NetApiBufferFree

advapi32

RegEnumKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
CloseServiceHandle
QueryServiceConfigA
OpenServiceA
OpenSCManagerA
DeleteService
QueryServiceStatus
StartServiceA
LsaFreeMemory
LsaLookupSids
ControlService
EnumDependentServicesA
DeregisterEventSource
ReportEventA
LsaClose
LsaAddAccountRights
GetSidSubAuthority
InitializeSid
GetSidIdentifierAuthority
GetSidSubAuthorityCount
LsaLookupNames
LsaOpenPolicy
SetServiceStatus
CreateServiceA
LsaEnumerateAccountsWithUserRight
RegOpenKeyA
RegEnumKeyA
RegCloseKey
RegConnectRegistryA
ChangeServiceConfigA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
RegOpenKeyExA
RegisterEventSourceA

activeds

ord9

kernel32

ReadFile
LoadLibraryA
lstrcmpiA
GetCurrentThreadId
ResumeThread
lstrcmpA
GlobalGetAtomNameA
InterlockedIncrement
GetModuleHandleW
CompareStringA
GetModuleHandleA
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
FlushFileBuffers
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
ActivateActCtx
DeactivateActCtx
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
SetLastError
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
GlobalAddAtomA
GlobalFlags
lstrcmpW
LoadLibraryW
InitializeCriticalSectionAndSpinCount
GetVersionExA
GlobalDeleteAtom
DuplicateHandle
UnlockFile
InitializeCriticalSection
SetEndOfFile
GlobalFindAtomA
FreeResource
SizeofResource
LockResource
LoadResource
FindResourceA
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileAttributesA
GetFileSizeEx
InterlockedExchange
GetLocaleInfoA
GetUserDefaultUILanguage
GetACP
GetCPInfo
GetOEMCP
GetSystemDirectoryW
lstrcpyA
GetWindowsDirectoryA
GetNumberFormatA
GetTempFileNameA
GetTempPathA
GetProfileIntA
SearchPathA
VirtualProtect
GetUserDefaultLCID
FindResourceExW
RaiseException
RtlUnwind
GetSystemTimeAsFileTime
ExitThread
ExitProcess
DecodePointer
EncodePointer
GetCommandLineA
HeapSetInformation
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetTimeZoneInformation
HeapCreate
IsValidCodePage
FindResourceW
LCMapStringW
GetStdHandle
SetHandleCount
GetStartupInfoW
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeW
CompareStringW
WriteConsoleW
EnumSystemLocalesA
IsValidLocale
CreateFileW
SetEnvironmentVariableA
GetCurrentProcessId
SetConsoleCtrlHandler
CreateEventA
CreateThread
SetThreadPriority
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
GetCurrentDirectoryA
TerminateThread
CreateDirectoryA
CopyFileA
GetLocalTime
ExpandEnvironmentStringsA
lstrcatA
GetProcAddress
GetFileSize
SetFilePointer
GetComputerNameA
WriteFile
GetModuleFileNameA
SetEvent
FreeLibrary
lstrlenA
LocalFree
GetProcessHeap
HeapAlloc
HeapFree
CreateFileA
GetFileTime
FileTimeToSystemTime
CloseHandle
lstrlenW
GetTickCount
Sleep
GetLastError
WideCharToMultiByte
lstrcpynA
MultiByteToWideChar
FormatMessageA
OpenFile
FindFirstFileA
RemoveDirectoryA
DeleteFileA
FindNextFileA
FindClose
LockFile

ole32

OleDuplicateData
CoInitializeEx
CoTaskMemFree
ReleaseStgMedium
CoTaskMemAlloc
CoCreateInstance
CoInitialize
CoUninitialize
CreateStreamOnHGlobal
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
DoDragDrop
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop

user32

SetWindowRgn
IsZoomed
DrawIconEx
GetNextDlgGroupItem
LoadImageA
GetIconInfo
OffsetRect
MessageBeep
DrawEdge
EnableScrollBar
HideCaret
wsprintfA
LoadStringA
RemoveMenu
SetParent
GetMenuItemCount
GetWindowRgn
DrawFrameControl
CopyAcceleratorTableA
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetRect
SetCursorPos
BringWindowToTop
LockWindowUpdate
GetKeyNameTextA
DestroyAcceleratorTable
WindowFromPoint
SetClassLongA
LoadMenuW
GetSystemMenu
DrawStateA
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
IsCharLowerA
MapVirtualKeyExA
UnionRect
UpdateLayeredWindow
MonitorFromPoint
IsMenu
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
PostThreadMessageA
WaitMessage
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
RegisterClipboardFormatA
CopyIcon
CharUpperBuffA
GetDoubleClickTime
SubtractRect
MapDialogRect
DrawIcon
DestroyCursor
NotifyWinEvent
InsertMenuA
GetMenuItemID
AppendMenuA
GetMenuStringA
GetMenuState
MessageBoxA
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
GetParent
SendMessageA
GetWindowThreadProcessId
UnhookWindowsHookEx
GetSubMenu
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
GetSystemMetrics
LoadCursorA
GetWindowTextA
GetWindowTextLengthA
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
SetWindowsHookExA
DestroyIcon
CharUpperA
SetWindowTextA
PtInRect
GetClassNameA
GetWindowRect
DrawFocusRect
InvertRect
ReleaseCapture
GetAsyncKeyState
GetDlgCtrlID
GetWindow
ClientToScreen
RealChildWindowFromPoint
SetCapture
MapVirtualKeyA
IsRectEmpty
CreatePopupMenu
GetMenuDefaultItem
IntersectRect
KillTimer
SetTimer
InvalidateRect
DeleteMenu
ShowOwnedPopups
SetCursor
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
CopyImage
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
InflateRect
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
PostQuitMessage
IsIconic
RegisterWindowMessageA
LoadIconW
LoadIconA
WinHelpA
IsChild
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
RedrawWindow
UpdateWindow
GetClientRect
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
CopyRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
SetWindowPos
ShowWindow
MoveWindow
SetWindowLongA
IsWindow
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
CheckDlgButton
GetScrollPos
SetScrollPos
SetFocus
GetFocus
GetDesktopWindow

gdi32

SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetObjectA
SetBkColor
SetTextColor
CreateBitmap
DeleteObject
CreateDCA
CopyMetaFileA
GetDeviceCaps
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectA
GetTextExtentPoint32A
SetViewportOrgEx
CreateCompatibleBitmap
CreateRectRgnIndirect
EnumFontFamiliesA
GetTextCharsetInfo
SetRectRgn
CombineRgn
PatBlt
DPtoLP
GetBkColor
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
OffsetRgn
GetRgnBox
EnumFontFamiliesExA
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceA
CreateDIBitmap
OffsetViewportOrgEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
GetTextMetricsA

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

shell32

SHAppBarMessage
DragQueryFileA
DragFinish
SHBrowseForFolderA
ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetFileInfoA

shlwapi

PathFindExtensionA
PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathRemoveFileSpecW

oleaut32

VariantInit
VarBstrFromDate
VariantClear
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantChangeType
SysAllocString
SysAllocStringLen
SysFreeString

ws2_32

WSACleanup
sendto
htons
inet_addr
socket
WSAStartup
recvfrom
gethostbyname
setsockopt
WSASocketA
WSAGetLastError
closesocket

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipGetImageGraphicsContext
GdiplusStartup
GdipDrawImageRectI
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipCreateBitmapFromHBITMAP
GdipBitmapUnlockBits
GdipDrawImageI
GdiplusShutdown

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

comctl32

ImageList_GetIconSize

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 283KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fdd3f76513ad3eeae557c4e0c57e7b25

Headers

DLL Characteristics

File Characteristics

Imports

netapi32

advapi32

activeds

kernel32

ole32

user32

gdi32

msimg32

comdlg32

winspool.drv

shell32

shlwapi

oleaut32

ws2_32

oleacc

gdiplus

imm32

winmm

comctl32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 283KB - Virtual size: 282KB

.data Size: 23KB - Virtual size: 55KB

.rsrc Size: 33KB - Virtual size: 33KB

.reloc Size: 174KB - Virtual size: 174KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 283KB - Virtual size: 282KB

.data
Size: 23KB - Virtual size: 55KB

.rsrc
Size: 33KB - Virtual size: 33KB

.reloc
Size: 174KB - Virtual size: 174KB