2024-01-08_2b53637c8baad92b5280c03e898c8461_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-08_2b53637c8baad92b5280c03e898c8461_mafia
Size

1.8MB
MD5

2b53637c8baad92b5280c03e898c8461
SHA1

03dc5983e064482656257d56d551d675080a5959
SHA256

d164c05591b1a9eac0a84fb77f47bda960e53d5daecf43ca0fb2ccc71766017a
SHA512

e6ed6125fb5b84f56b81705f0ec1ffaccb9a159ae3afee7d6edd3aa34d4fe3276569f36c78b1350de8101f48ca2598559e04e06327d9fbb9704a61bba910df78
SSDEEP

49152:hD1fhkD/z5b+Y1DOaDWZzYq0olkre3chzZhsom+RT8+u4wdZ2H95NdXZuBNvSonX:hDkD/l+Y/DWZzn0oCre3chk+p83dZQNI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-08_2b53637c8baad92b5280c03e898c8461_mafia

Files

2024-01-08_2b53637c8baad92b5280c03e898c8461_mafia
.exe windows:5 windows x86 arch:x86

ea01017553dcb03e79727c1df065b83d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetStringTypeW
WriteConsoleW
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
GetFileType
SetStdHandle
HeapSize
HeapQueryInformation
CreateThread
ExitThread
RtlUnwind
VirtualQuery
VirtualAlloc
GetSystemTimeAsFileTime
HeapReAlloc
GetLocalTime
HeapAlloc
EncodePointer
DecodePointer
ExitProcess
HeapFree
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathW
Sleep
GetProfileIntW
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
GetFileAttributesExW
SetErrorMode
GetNumberFormatW
GetWindowsDirectoryW
GetFullPathNameW
GetVolumeInformationW
UnlockFile
LockFile
FlushFileBuffers
GetCurrentDirectoryW
lstrcpyW
GetSystemDirectoryW
GlobalGetAtomNameW
FileTimeToSystemTime
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentProcessId
GetTickCount
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
CompareStringA
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrcmpW
ActivateActCtx
ReleaseActCtx
CreateActCtxW
DeactivateActCtx
CompareStringW
SetLastError
CopyFileW
GlobalFree
GetVersionExW
IsProcessorFeaturePresent
GetSystemInfo
GetLocaleInfoW
GetFileTime
SetEndOfFile
SetFilePointer
GetCurrentProcess
DuplicateHandle
GetFileSize
CreateFileW
WriteFile
ReadFile
LocalAlloc
LocalFree
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalSize
GetPrivateProfileStringW
FindNextFileW
FindFirstFileW
FindClose
lstrlenA
WideCharToMultiByte
LoadLibraryW
MulDiv
DeleteFileW
GetTempFileNameW
GetTempPathW
LockResource
CloseHandle
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
EnterCriticalSection
RaiseException
LeaveCriticalSection
lstrcmpiW
FreeLibrary
SetUnhandledExceptionFilter
GetModuleFileNameW
GetLastError
CreateFileMappingW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetThreadLocale
GetModuleHandleW
GetProcAddress
InterlockedExchange
lstrlenW
FormatMessageW
MultiByteToWideChar
GetProcessHeap

user32

CheckDlgButton
IsDialogMessageW
MessageBeep
GetNextDlgGroupItem
ReleaseCapture
SetCapture
InvalidateRgn
InvalidateRect
IntersectRect
OffsetRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
ShowOwnedPopups
SetCursor
GetMessageW
TranslateMessage
GetCursorPos
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SetWindowContextHelpId
MapDialogRect
GetWindowThreadProcessId
RegisterClipboardFormatW
PostQuitMessage
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
IsWindowVisible
WindowFromPoint
UpdateWindow
PostMessageW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
GetWindowLongW
SetWindowLongW
SetWindowPos
PtInRect
UnhookWindowsHookEx
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
WaitMessage
DeleteMenu
SetTimer
EnableMenuItem
CheckMenuItem
MessageBoxW
GetActiveWindow
GetPropW
SendMessageW
EnumWindows
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
FillRect
CopyRect
CharUpperBuffW
wsprintfW
GetWindow
GetTopWindow
GetDC
ReleaseDC
GetClassNameW
DrawIcon
GetSystemMetrics
KillTimer
PostThreadMessageW
CharUpperW
SetClassLongW
IsZoomed
SetWindowRgn
SetParent
DestroyAcceleratorTable
CreatePopupMenu
NotifyWinEvent
GetAsyncKeyState
IsIconic
GetClientRect
GetWindowRect
GetParent
SetPropW
LoadIconW
RegisterWindowMessageW
CharNextW
EnableWindow
IsWindowEnabled
SetWindowTextW
MoveWindow
ShowWindow
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
GetSysColorBrush
LoadCursorW
RealChildWindowFromPoint
UnregisterClassW
DestroyIcon
InflateRect
GetMenuItemInfoW
DestroyMenu
SystemParametersInfoW
CopyImage
SetRectEmpty
EnumDisplayMonitors
AdjustWindowRectEx
SetLayeredWindowAttributes
IsWindow
DestroyCursor
SubtractRect
MapVirtualKeyExW
GetKeyNameTextW
IsCharLowerW
GetDoubleClickTime
CopyIcon
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
CreateMenu
IsMenu
UpdateLayeredWindow
UnionRect
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadImageW
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyW
ToUnicodeEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateW
GetSystemMenu
LoadMenuW
ValidateRect
GetWindowRgn

gdi32

MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectW
GetTextExtentPoint32W
CreateDIBitmap
GetTextMetricsW
EnumFontFamiliesW
LineTo
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExW
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceW
SetPixelV
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetTextColor
GetBkColor
GetRgnBox
CreateRectRgnIndirect
GetObjectW
SetBkColor
SetTextColor
CreateBitmap
CreateDCW
CopyMetaFileW
GetStockObject
CreateCompatibleBitmap
DeleteObject
SelectObject
DeleteDC
CreateDIBSection
GetTextCharsetInfo
GetDeviceCaps
CreateCompatibleDC

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegSetValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegQueryValueW
RegEnumKeyW
RegCloseKey
FreeSid
RegEnumValueW

shell32

SHAppBarMessage
DragQueryFileW
DragFinish
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetFileInfoW
SHGetDesktopFolder
SHGetSpecialFolderPathW
ShellExecuteW
SHBrowseForFolderW
ExtractIconW

comctl32

ImageList_GetIconSize

shlwapi

PathStripToRootW
StrRetToStrW
SHCreateStreamOnFileW
PathRemoveBackslashW
PathAddExtensionW
PathAppendW
UrlGetPartW
PathStripPathW
PathRemoveExtensionW
PathIsLFNFileSpecW
PathFindFileNameW
PathAddBackslashW
PathFindExtensionW
PathIsContentTypeW
UrlIsW
PathIsURLW
PathIsDirectoryW
PathCombineW
PathIsRelativeW
PathRemoveFileSpecW
PathMatchSpecW
PathRenameExtensionW
PathFileExistsW
PathIsUNCW

ole32

OleFlushClipboard
OleIsCurrentClipboard
CoUninitialize
CoInitialize
CoDisconnectObject
CoGetClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleDuplicateData
StringFromCLSID
ReleaseStgMedium
GetHGlobalFromILockBytes
GetHGlobalFromStream
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
ReadClassStg
OleSave
StgOpenStorageEx
StgCreateDocfile
CreateClassMoniker
GetRunningObjectTable
CoGetTreatAsClass
CoCreateGuid
CreateStreamOnHGlobal
CLSIDFromProgID
StringFromGUID2
CLSIDFromString
WriteClassStg
CoRevokeClassObject
DoDragDrop
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoRegisterClassObject
CoInitializeEx
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoCreateInstance
StgCreateDocfileOnILockBytes
StgIsStorageFile
OleLockRunning

oleaut32

LoadTypeLi
VarUI4FromStr
VariantClear
VariantInit
VariantCopy
VariantChangeType
LoadRegTypeLi
SafeArrayCreateVector
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
SysStringByteLen
SafeArrayDestroy
RegisterTypeLi
OleCreateFontIndirect
SysAllocStringLen
SysStringLen
SysFreeString
SysAllocString

oledlg

OleUIBusyW

urlmon

CreateURLMoniker
URLOpenBlockingStreamW

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea01017553dcb03e79727c1df065b83d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

urlmon

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 308KB - Virtual size: 308KB

.data Size: 31KB - Virtual size: 63KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 176KB - Virtual size: 176KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 308KB - Virtual size: 308KB

.data
Size: 31KB - Virtual size: 63KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 176KB - Virtual size: 176KB