2024-01-11_b82f92a920949d4e4e861416854dbaba_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-11_b82f92a920949d4e4e861416854dbaba_mafia
Size

896KB
MD5

b82f92a920949d4e4e861416854dbaba
SHA1

3adc96801bcd5198562bffb472620b71ed48799b
SHA256

aa1026e7f2da46ac5147b79e47b049d243d7bc5343114bd93bdba34bdbd9f6f5
SHA512

187ff5a3fdf18a44b6a4e8d299e15129512fedee17fd19f77fec674a4c19df40596ea4c2dd2e4466e4bb725344e4d94bee3049c2bf213334b51dde608ade444f
SSDEEP

12288:2KfEDrUrNiZ7kOK9LUuheUZqMOJQWQCCeOEljR9iho4cHKRXS+jVg9BtbmcnzSqu:t/rNcKFDqME3CKF7HKAb1zSqrDy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-11_b82f92a920949d4e4e861416854dbaba_mafia

Files

2024-01-11_b82f92a920949d4e4e861416854dbaba_mafia
.exe windows:5 windows x86 arch:x86

f49c677fd4b351b63976e14e7709a063

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_EndDrag
ord17
ImageList_ReplaceIcon
ImageList_Create
ImageList_AddMasked
ImageList_Add
ImageList_LoadImageA
ImageList_DrawEx
ImageList_GetImageCount
ImageList_Draw
ImageList_Destroy

msvfw32

MCIWndRegisterClass
MCIWndCreateA

kernel32

GetDateFormatA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetSystemDefaultLangID
Beep
GetCurrentProcess
RaiseException
GetThreadContext
GetCurrentThread
VirtualQueryEx
IsBadReadPtr
DeleteFileA
CreateDirectoryA
GetFileAttributesA
CreateProcessA
SetThreadPriority
LocalAlloc
WaitForMultipleObjects
LoadLibraryExA
GlobalGetAtomNameA
WriteConsoleW
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
LoadLibraryW
LocalFree
SetConsoleCtrlHandler
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetFileType
SetHandleCount
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetLocaleInfoW
GetUserDefaultLCID
FatalAppExitA
GetTimeZoneInformation
HeapSize
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
GetStdHandle
HeapDestroy
HeapCreate
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
LCMapStringW
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetTimeFormatA
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
HeapReAlloc
RtlUnwind
GetProfileStringA
FormatMessageA
PulseEvent
CreateThread
GetProcessHeap
HeapAlloc
HeapFree
WriteFile
GlobalReAlloc
GetFileSize
ReadFile
CreateFileA
WideCharToMultiByte
FindResourceExA
OutputDebugStringA
GetModuleFileNameA
GetTempPathA
GetLocalTime
GetModuleHandleA
GetCurrentProcessId
OpenProcess
SetLastError
ExitProcess
MultiByteToWideChar
GetVersionExA
GetProcAddress
FreeLibrary
LoadLibraryA
GetVersion
SizeofResource
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
CreateEventA
ResetEvent
SetEvent
WaitForSingleObject
CloseHandle
GetCurrentThreadId
FindResourceA
LoadResource
LockResource
Sleep
CompareStringA
IsDBCSLeadByte
InterlockedDecrement
InterlockedIncrement
GetTickCount
GetLastError
GlobalDeleteAtom
GlobalAddAtomA
ExpandEnvironmentStringsA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetEndOfFile
CreateFileW
CompareStringW
InterlockedExchange
SetEnvironmentVariableA

user32

DeleteMenu
GetWindowTextA
LoadStringW
wsprintfW
PostThreadMessageA
MoveWindow
IsDlgButtonChecked
LoadIconA
SetWindowTextA
SetFocus
EndDialog
GetWindowTextLengthA
IsDialogMessageA
IsIconic
SetForegroundWindow
DialogBoxIndirectParamA
DialogBoxParamA
CreateDialogIndirectParamA
GetMessageA
TranslateMessage
MessageBoxA
GetSystemMetrics
GetIconInfo
SetCursor
DrawIcon
WinHelpA
GetMenu
UnhookWindowsHookEx
CallNextHookEx
SetWindowsHookExA
GetMenuItemID
DispatchMessageA
MessageBoxIndirectA
PeekMessageA
PostQuitMessage
GetLastActivePopup
IntersectRect
DestroyCursor
SetDlgItemTextA
FillRect
SystemParametersInfoA
CreatePopupMenu
AppendMenuA
SetMenuItemInfoA
CopyIcon
DestroyIcon
ReleaseDC
GetDC
LoadBitmapA
GetParent
LoadMenuA
IsWindowVisible
UpdateWindow
ReleaseCapture
KillTimer
GetQueueStatus
SetTimer
GetCapture
IsChild
DestroyMenu
TrackPopupMenuEx
SetMenu
IsMenu
EnableMenuItem
GetDlgItemTextA
GetDesktopWindow
InflateRect
GetMenuState
CheckMenuItem
wsprintfA
LoadStringA
GetSysColor
LoadAcceleratorsA
CreateDialogParamA
TranslateAcceleratorA
SendMessageA
SendDlgItemMessageA
PostMessageA
ShowWindow
DefWindowProcA
CallWindowProcA
IsWindow
DestroyWindow
GetDlgItem
CreateWindowExA
RegisterClassA
LoadCursorA
GetWindowRect
SetRectEmpty
MapWindowPoints
SetWindowPos
GetClientRect
SetRect
InvalidateRect
wvsprintfA
EnableWindow
GetWindowLongA
GetClassNameA
GetWindow
ShowCursor
GetTopWindow
EndDeferWindowPos
CopyRect
BeginDeferWindowPos
EqualRect
DeferWindowPos
ValidateRect
GetSubMenu
RemovePropA
GetPropA
SetPropA
SetWindowLongA
EndPaint
BeginPaint
GetUpdateRect
DrawTextA
WindowFromPoint
ClientToScreen
IsZoomed
GetActiveWindow
OffsetRect
IsWindowEnabled
GetDlgCtrlID
PtInRect
SetCapture
AdjustWindowRect
FindWindowA
RegisterClassExA
GetClassInfoExA
GetMenuItemInfoA
InsertMenuItemA
GetKeyState
MessageBeep
GetMenuStringA
GetCursorPos
GetMenuItemCount

gdi32

SetBrushOrgEx
CreateBitmap
TextOutA
CreatePalette
GetSystemPaletteEntries
SetBkColor
RealizePalette
SelectPalette
GetDIBits
ExtTextOutA
StretchBlt
GetTextExtentPoint32A
CreateDIBitmap
CreateFontIndirectA
GetTextMetricsA
CreateDCA
GetDeviceCaps
GetTextExtentPointA
CreateSolidBrush
PatBlt
SetPixel
CreatePen
MoveToEx
LineTo
RectVisible
SetTextColor
SetBkMode
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteObject
DeleteDC
GetStockObject
CreatePatternBrush
GetObjectA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegCloseKey
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExA
RegDeleteKeyA
RegEnumValueA
RegDeleteValueA
RegQueryInfoKeyA
GetTokenInformation
OpenProcessToken
RegQueryValueExA
CloseServiceHandle
QueryServiceStatus
OpenServiceA
OpenSCManagerA
FreeSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
AllocateAndInitializeSid
RegCreateKeyExA

shell32

DragFinish
ExtractIconExA
SHGetFolderPathA
ShellExecuteA
DragQueryFileA

ole32

OleInitialize
OleUninitialize
PropVariantClear
CreateStreamOnHGlobal
CoCreateInstance

oleaut32

SysFreeString
SysAllocStringLen

gdiplus

GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePixelFormat
GdipDrawCachedBitmap
GdipCreateBitmapFromHBITMAP
GdipCreateCachedBitmap
GdipAddPathCurveI
GdipAddPathArcI
GdipAddPathLineI
GdipClonePath
GdipGetGenericFontFamilySansSerif
GdipGetPathGradientPointCount
GdipSetPathGradientSurroundColorsWithCount
GdipCreatePathGradientFromPath
GdipSetPathGradientCenterColor
GdipGetTextRenderingHint
GdipSetTextRenderingHint
GdipDeleteCachedBitmap
GdipCreateBitmapFromHICON
GdipCreatePath
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipDrawLineI
GdipMeasureString
GdipDrawRectangleI
GdipFillPath
GdipDeletePath
GdipResetClip
GdipSetClipPath
GdipDrawImageRectI
GdipDrawPath
GdipSetSmoothingMode
GdipGetSmoothingMode
GdipDeletePen
GdipCreatePen1
GdipCreateLineBrushFromRectI
GdipCreateHICONFromBitmap
GdipCloneImage
GdipDisposeImage
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipGetFontHeightGivenDPI
GdipFillRectangleI
GdipDeleteGraphics
GdipReleaseDC
GdipGetDC
GdipDrawString
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipImageRotateFlip
GdipDrawImageRectRectI
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipGetImageHeight
GdipGetImageWidth
GdipCreateFont
GdipCreateFontFamilyFromName
GdipAlloc
GdiplusStartup
GdipDeleteFont
GdipDeleteFontFamily
GdipFree
GdipCreateFromHDC

mf

MFGetService
MFCreateTopologyNode
MFCreateVideoRendererActivate
MFCreateMediaSession
MFCreateTopology
MFCreateAudioRendererActivate

mfplat

MFShutdown
CreatePropertyStore
MFStartup

winmm

mciSendCommandA
timeBeginPeriod
timeEndPeriod
PlaySoundA
timeGetTime

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 580KB - Virtual size: 579KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f49c677fd4b351b63976e14e7709a063

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

msvfw32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

gdiplus

mf

mfplat

winmm

version

Sections

.text Size: 580KB - Virtual size: 579KB

.rdata Size: 120KB - Virtual size: 120KB

.data Size: 9KB - Virtual size: 20KB

.rsrc Size: 160KB - Virtual size: 159KB

.reloc Size: 25KB - Virtual size: 25KB

.text
Size: 580KB - Virtual size: 579KB

.rdata
Size: 120KB - Virtual size: 120KB

.data
Size: 9KB - Virtual size: 20KB

.rsrc
Size: 160KB - Virtual size: 159KB

.reloc
Size: 25KB - Virtual size: 25KB