2024-01-22_28521c5da094107e99ad6f6489489efa_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-22_28521c5da094107e99ad6f6489489efa_mafia
Size

771KB
MD5

28521c5da094107e99ad6f6489489efa
SHA1

7095fb944d9486bf292b2708aad5d84ce1614bb2
SHA256

bf42afc19edd8afe8e01e5f865c83825960f938b0177a96dee8b6424b85eecef
SHA512

f8c77f80ffb18125dc43e757dfc680ee43e14a39b99efd147a0b5211f7fd9a662e39dfbc2051408eb2b65f3fa100fdfbd1d1966661a8d7f83d658aa1660d38a0
SSDEEP

12288:UvMyN4Lf49apKFM+t6kWcQfT9ZsB0gaofy5d6F1mwDzp46B7MNk8ei8z4hi1lTso:DyVt6iao650bm2fB7RQ8z4I1lTIzgs8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-22_28521c5da094107e99ad6f6489489efa_mafia

Files

2024-01-22_28521c5da094107e99ad6f6489489efa_mafia
.exe windows:5 windows x86 arch:x86

3739935ac03da36c0b1af7ecef4e71fb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempFileNameW
SetEnvironmentVariableA
CompareStringW
WriteConsoleW
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
InterlockedExchange
FlushFileBuffers
CreateDirectoryW
CreateToolhelp32Snapshot
GetStringTypeW
GetLocaleInfoW
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
HeapSize
HeapCreate
GetStdHandle
Process32FirstW
Process32NextW
CloseHandle
LoadLibraryW
GetProcAddress
FreeLibrary
InterlockedDecrement
InterlockedIncrement
Sleep
lstrcpynW
lstrcatW
GetTickCount
MoveFileW
GetPrivateProfileIntW
DeleteFileW
WritePrivateProfileStringW
OpenProcess
CreateProcessW
OutputDebugStringW
TerminateProcess
GetPrivateProfileStringW
lstrcpyW
lstrlenW
GetModuleFileNameW
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
ExitProcess
HeapReAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineW
GetSystemTimeAsFileTime
DecodePointer
GetConsoleCP
GetModuleHandleW
EncodePointer
HeapFree
HeapAlloc
CreateThread
ResumeThread
ExitThread
RtlUnwind
RaiseException
GetConsoleMode
lstrcmpiW
GetLastError
LocalFree
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
CreateFileW
WideCharToMultiByte
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
ReadFile
GetFileSize
WriteFile
GetTempPathW
GetCurrentThreadId
InitializeCriticalSection
SetFilePointer
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileAttributesW
GetCurrentDirectoryW
SetFileTime
UnmapViewOfFile
InterlockedCompareExchange

user32

DefWindowProcW
BeginPaint
EndPaint
PostQuitMessage
ShowWindow
MessageBoxW
RegisterClassExW
EndMenu
SetRectEmpty
SetWindowPos
RegisterWindowMessageW
SendMessageTimeoutW
GetParent
FillRect
DrawTextW
GetMenuItemCount
GetMenuItemInfoW
SetMenuItemInfoW
GetDC
GetMenuStringW
ReleaseDC
LoadStringW
SetForegroundWindow
CloseWindow
GetWindowThreadProcessId
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
SetWindowTextW
LoadIconW
LoadCursorW
BringWindowToTop
ClientToScreen
GetDesktopWindow
wsprintfW
SetClassLongW
GetClassLongW
InvalidateRect
CopyRect
DestroyMenu
EnableMenuItem
CheckMenuItem
GetMenuItemID
AppendMenuW
IsMenu
GetMenuState
UpdateWindow
InsertMenuW
CreatePopupMenu
DrawIconEx
DestroyWindow
GetWindowTextW
CallWindowProcW
SetFocus
IsWindowEnabled
SetCursor
GetWindowDC
RemovePropW
GetPropW
EnableWindow
SetPropW
IsWindowVisible
GetCapture
ReleaseCapture
SystemParametersInfoW
IsZoomed
ScreenToClient
SetCapture
SetWindowRgn
DestroyIcon
LoadImageW
DestroyCursor
IsRectEmpty
PtInRect
SetRect
EqualRect
OffsetRect
IntersectRect
GetIconInfo
GetCursorPos
TrackPopupMenu
LoadMenuW
GetSubMenu
GetWindowPlacement
KillTimer
SetTimer
GetSystemMetrics
FindWindowW
GetWindowRect
SetWindowLongW
GetWindowLongW
SendMessageW
PostMessageW
EnumChildWindows
GetClassNameW
GetClientRect
IsWindow
CreateWindowExW
MoveWindow

gdi32

GetStockObject
CreateSolidBrush
DeleteObject
CreatePen
SelectObject
MoveToEx
LineTo
Rectangle
SetTextColor
SetBkMode
CreateCompatibleDC
DeleteDC
GetTextExtentPoint32W
BitBlt
CreatePatternBrush
CreateBitmap
PatBlt
GetClipBox
SetStretchBltMode
SetDIBitsToDevice
GetObjectW
RealizePalette
GetDIBits
CreateRoundRectRgn
CreateFontW
GdiFlush
CreateRectRgn
CombineRgn
SelectClipRgn
CreateCompatibleBitmap
CreateDIBSection

comdlg32

GetOpenFileNameW

advapi32

RegDeleteValueW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW

shell32

ShellExecuteW
DragQueryFileW
SHGetSpecialFolderPathW
DragFinish
ShellExecuteExW
Shell_NotifyIconW
SHGetFileInfoW
ord51

ole32

CoGetClassObject
OleUninitialize
OleInitialize
OleSetContainedObject
CoCreateInstance
CLSIDFromProgID
RegisterDragDrop
ReleaseStgMedium
CoInitialize

oleaut32

VariantClear
SysFreeString
VariantInit
SysAllocString

urlmon

URLDownloadToFileW

msimg32

TransparentBlt

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

comctl32

_TrackMouseEvent

oleacc

ObjectFromLresult

Exports

Exports

CheckUpdate
CreateSkinObject

Sections

.text
Size: 502KB - Virtual size: 501KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3739935ac03da36c0b1af7ecef4e71fb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

urlmon

msimg32

version

comctl32

oleacc

Exports

Exports

Sections

.text Size: 502KB - Virtual size: 501KB

.rdata Size: 136KB - Virtual size: 135KB

.data Size: 23KB - Virtual size: 33KB

.rsrc Size: 71KB - Virtual size: 70KB

.reloc Size: 38KB - Virtual size: 38KB

.text
Size: 502KB - Virtual size: 501KB

.rdata
Size: 136KB - Virtual size: 135KB

.data
Size: 23KB - Virtual size: 33KB

.rsrc
Size: 71KB - Virtual size: 70KB

.reloc
Size: 38KB - Virtual size: 38KB