2024-01-08_2b259c5a2998697b820f1a2bc917988b_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-08_2b259c5a2998697b820f1a2bc917988b_mafia
Size

7.2MB
MD5

2b259c5a2998697b820f1a2bc917988b
SHA1

62396ea8dc3ae630de3e2dbf52c5b0378ae22914
SHA256

061abd9981c151d5cf7514cad2143860e0a54252a06c8c1f364a7f5bb236f0c9
SHA512

e3e0b63550b0fb978131e5adc45c9c1377066c654f9b1cfe83a53c4c1c4f67be50d4acb5080bcecafe5048c9a006c711428d90a0705c2a0ceec90c04613752d6
SSDEEP

196608:doLbvwdhNmQcPSa2AFqGnch3i2u2udnKQvm0PGA1yF:1dhwrEGch3in2gXvhT1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-08_2b259c5a2998697b820f1a2bc917988b_mafia

Files

2024-01-08_2b259c5a2998697b820f1a2bc917988b_mafia
.exe windows:5 windows x86 arch:x86

30021f3653de798b7b3c6a158815b995

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleFileNameExA

kernel32

GetDriveTypeW
GetConsoleCP
GetConsoleMode
GetStringTypeW
LCMapStringW
CompareStringW
GetCurrentDirectoryW
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceA
WinExec
FindResourceW
WideCharToMultiByte
WritePrivateProfileStringA
GetPrivateProfileStringA
GetLocalTime
Sleep
GetLastError
CreateEventA
GetEnvironmentStringsW
OpenProcess
GetEnvironmentVariableA
CloseHandle
GlobalFree
GlobalUnlock
WriteFile
CreateFileA
GlobalLock
GlobalAlloc
MultiByteToWideChar
lstrlenA
OpenFileMappingA
GetTimeZoneInformation
UnmapViewOfFile
FreeResource
lstrcmpW
FreeLibrary
SetLastError
DeactivateActCtx
ActivateActCtx
LoadLibraryA
LoadLibraryW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
CompareStringA
GetProcAddress
GetModuleHandleA
GetVersionExA
GlobalDeleteAtom
GlobalFindAtomA
FreeEnvironmentStringsW
IsValidCodePage
IsProcessorFeaturePresent
HeapCreate
GetStdHandle
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSize
HeapQueryInformation
ExitProcess
GetFileType
SetStdHandle
HeapReAlloc
CreateThread
ExitThread
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
VirtualQuery
GetSystemInfo
VirtualAlloc
GlobalAddAtomA
QueryPerformanceCounter
MapViewOfFile
SetHandleCount
HeapFree
HeapAlloc
GlobalGetAtomNameA
GetCurrentThreadId
MulDiv
RtlUnwind
FindResourceExW
VirtualProtect
SearchPathA
GetProfileIntA
GetTickCount
SetErrorMode
GetTempPathA
GetTempFileNameA
GetNumberFormatA
GetWindowsDirectoryA
GetCurrentDirectoryA
GetFileTime
GetFileSizeEx
GetFileAttributesA
GetFileAttributesExA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
DeleteFileA
lstrcmpiA
GetThreadLocale
lstrcpyA
GetSystemDirectoryW
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetACP
GlobalFlags
RaiseException
GetPrivateProfileIntA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
lstrcmpA
GetModuleHandleW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindFirstFileA
FindNextFileA
FindClose
GetCurrentProcessId
GetModuleFileNameA
WaitForSingleObject
ResumeThread
SetThreadPriority
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
CopyFileA
GlobalSize
FormatMessageA
LocalFree
lstrlenW

user32

PostThreadMessageA
CharUpperBuffA
CopyIcon
FrameRect
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
RegisterClipboardFormatA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
DrawFrameControl
SetClassLongA
DestroyAcceleratorTable
SetParent
DrawIconEx
LoadImageA
GetIconInfo
HideCaret
DrawFocusRect
InvertRect
GetMenuDefaultItem
SetMenuDefaultItem
CreatePopupMenu
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
IsZoomed
GetAsyncKeyState
NotifyWinEvent
SetWindowRgn
GetSystemMenu
LoadMenuW
MessageBeep
GetNextDlgGroupItem
CharNextA
InvalidateRgn
OffsetRect
SetRect
IsRectEmpty
CopyAcceleratorTableA
DestroyIcon
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
KillTimer
DeleteMenu
CharUpperA
UnregisterClassA
LoadCursorW
EnumDisplayMonitors
SetRectEmpty
LoadCursorA
GetSysColorBrush
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
RealChildWindowFromPoint
InvalidateRect
DrawStateA
IntersectRect
InflateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
IsCharLowerA
TabbedTextOutA
FillRect
SetWindowContextHelpId
MapDialogRect
MapVirtualKeyA
GetKeyNameTextA
ShowOwnedPopups
SetCursor
PostQuitMessage
GetMessageA
TranslateMessage
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
IsWindowVisible
MapVirtualKeyExA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
GetWindowRgn
DestroyCursor
SubtractRect
ValidateRect
UpdateWindow
PostMessageA
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetDoubleClickTime
GetUpdateRect
IsClipboardFormatAvailable
CreateMenu
DrawTextA
GetSysColor
AdjustWindowRectEx
GetWindowRect
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowPos
CopyRect
PtInRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
GetDC
ReleaseDC
FindWindowA
GetWindowThreadProcessId
GetWindowTextA
GetWindowLongA
SetWindowLongA
SetLayeredWindowAttributes
GetSystemMetrics
LoadIconW
SetTimer
GetClientRect
IsIconic
DrawEdge
DrawIcon
GetCursorPos
SendMessageA
EnableWindow
ScreenToClient
CopyImage

gdi32

IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
GetObjectType
SelectObject
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectA
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
ExcludeClipRect
GetTextMetricsA
CreateDIBitmap
CreateCompatibleBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetRgnBox
GetBkColor
GetTextColor
CreateRoundRectRgn
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
OffsetRgn
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExA
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
SetPixelV
GetTextFaceA
SetMapMode
GetClipBox
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
PatBlt
CreateRectRgnIndirect
CopyMetaFileA
CreateBitmap
SetBkColor
SetTextColor
CreateDCA
GetDeviceCaps
SelectPalette
RealizePalette
GetDIBits
GetStockObject
CreateDIBSection
DeleteObject
GetObjectA
DeleteDC
GetTextExtentPoint32A
CreateCompatibleDC
SetDIBColorTable

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCloseKey
RegEnumValueA

shell32

DragFinish
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHAppBarMessage
DragQueryFileA
ShellExecuteA
SHGetFileInfoA

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

ole32

OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoInitializeEx
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoUninitialize
CoInitialize
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoRevokeClassObject
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
CoTaskMemFree
CreateStreamOnHGlobal
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoGetClassObject
OleGetClipboard

oleaut32

OleCreateFontIndirect
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SafeArrayCreate
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnaccessData
SysStringLen
LoadRegTypeLi
SysAllocString
DispCallFunc
VariantCopy
SysAllocStringByteLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysFreeString

oledlg

ord8

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromFile
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageRectI

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 317KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 938KB - Virtual size: 967KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30021f3653de798b7b3c6a158815b995

Headers

DLL Characteristics

File Characteristics

Imports

psapi

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 317KB - Virtual size: 317KB

.data Size: 938KB - Virtual size: 967KB

.rsrc Size: 4.4MB - Virtual size: 4.4MB

.reloc Size: 196KB - Virtual size: 195KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 317KB - Virtual size: 317KB

.data
Size: 938KB - Virtual size: 967KB

.rsrc
Size: 4.4MB - Virtual size: 4.4MB

.reloc
Size: 196KB - Virtual size: 195KB