2024-01-24_075f803ae986d8d8146a2272ab4e352d_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-24_075f803ae986d8d8146a2272ab4e352d_mafia
Size

1.7MB
MD5

075f803ae986d8d8146a2272ab4e352d
SHA1

86af7b2fe19a761ddc7896729346317003f18dc0
SHA256

302a9d38cf4e01d0a2082bde9db4f0a1d0fc2121a9906a580b48aebbc36c5f6d
SHA512

31e035a9dbb9db1e2a33143360f6cee61d2ae6692bd65e506adf43593a427fc32e508ee9ae3628ac72b4f273298d1c7cb32fbb64ed7219eb4ecf0918d0fb09fc
SSDEEP

49152:dRBmYvWV4qIlUiZckydgh1xl2RMUCEJxSdmicEo3hS3jZ2sK70VgFTNeyh1:/b+rIlUiZckRh1zqMFEJxSdmicEVjpKO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-24_075f803ae986d8d8146a2272ab4e352d_mafia

Files

2024-01-24_075f803ae986d8d8146a2272ab4e352d_mafia
.exe windows:5 windows x86 arch:x86

f6f7adab8228d2620aae0a9b7d071065

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

shlwapi

PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW

shell32

SHGetDesktopFolder
SHAppBarMessage
SHBrowseForFolderW
DragQueryFileW
SHGetSpecialFolderPathW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteW
DragFinish

kernel32

VirtualAlloc
GetSystemInfo
VirtualQuery
SetStdHandle
SetUnhandledExceptionFilter
ExitThread
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetConsoleCP
GetConsoleMode
GetProcessHeap
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
IsProcessorFeaturePresent
GetDriveTypeW
LCMapStringW
GetStringTypeW
GetTimeZoneInformation
WriteConsoleW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetEnvironmentVariableA
ExitProcess
RaiseException
HeapReAlloc
RtlUnwind
SetCurrentDirectoryW
SetEnvironmentVariableW
DecodePointer
EncodePointer
HeapAlloc
HeapFree
GetFileType
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathW
Sleep
GetProfileIntW
GetTickCount
GetTempPathW
GetTempFileNameW
GetNumberFormatW
GetWindowsDirectoryW
SetErrorMode
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiW
GetCurrentDirectoryW
lstrcpyW
GetSystemTimeAsFileTime
GetSystemDirectoryW
TlsFree
LocalReAlloc
HeapSize
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedIncrement
lstrlenA
GlobalGetAtomNameW
GlobalFlags
GetFileTime
GetFileSizeEx
GetFileAttributesW
GetFileAttributesExW
CreateFileW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindFirstFileW
FindNextFileW
FindClose
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
GetCurrentProcessId
GetPrivateProfileIntW
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
GetProcAddress
CompareStringW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
lstrcmpW
InterlockedDecrement
ActivateActCtx
ReleaseActCtx
CreateActCtxW
DeactivateActCtx
SetLastError
CopyFileW
GlobalSize
GlobalAlloc
FormatMessageW
LocalFree
lstrlenW
MulDiv
WideCharToMultiByte
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
WritePrivateProfileStringW
GetLastError
MultiByteToWideChar
GetPrivateProfileStringW
GetComputerNameW
CreateDirectoryW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteFileW
FreeLibrary
LoadLibraryW
GetModuleHandleW
GetModuleFileNameW
HeapQueryInformation
TlsSetValue
CreateThread
GetStdHandle

user32

FrameRect
GetUpdateRect
RegisterClipboardFormatW
CopyIcon
CharUpperBuffW
GetDoubleClickTime
SubtractRect
MapDialogRect
DestroyCursor
GetWindowRgn
InsertMenuItemW
TranslateAcceleratorW
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CopyAcceleratorTableW
DrawFrameControl
DrawEdge
DrawStateW
SetClassLongW
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
DrawIconEx
GetNextDlgGroupItem
LoadImageW
GetIconInfo
OffsetRect
MessageBeep
NotifyWinEvent
EnableScrollBar
HideCaret
DrawFocusRect
InvertRect
GetAsyncKeyState
IsRectEmpty
CreatePopupMenu
GetMenuDefaultItem
IntersectRect
CharUpperW
DestroyIcon
KillTimer
SetTimer
InvalidateRect
DeleteMenu
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
CopyImage
UnregisterClassW
LoadCursorW
RealChildWindowFromPoint
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
MapVirtualKeyW
GetKeyNameTextW
LoadMenuW
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
ShowOwnedPopups
GetMessageW
TranslateMessage
GetCursorPos
GetWindowThreadProcessId
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
IsClipboardFormatAvailable
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
IsWindowVisible
ValidateRect
UpdateWindow
PostMessageW
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcW
CallWindowProcW
GetMenu
CopyRect
PtInRect
UnhookWindowsHookEx
GetWindowTextLengthW
GetWindowTextW
SetFocus
SetWindowPos
ShowWindow
MoveWindow
SetWindowLongW
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
CheckDlgButton
GetWindow
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
GetFocus
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
GetWindowRect
SendMessageW
AppendMenuW
GetSystemMenu
GetSysColorBrush
LoadIconW
EnableWindow
SetMenuDefaultItem
CreateMenu
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
PostThreadMessageW
IsMenu
MonitorFromPoint
UpdateLayeredWindow
UnionRect
MapVirtualKeyExW
IsCharLowerW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
UnpackDDElParam
ReuseDDElParam
SetWindowsHookExW
SetCursor

gdi32

ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
CreatePen
OffsetViewportOrgEx
CreateSolidBrush
CreateHatchBrush
CreateRectRgnIndirect
PatBlt
CreateFontIndirectW
GetTextExtentPoint32W
GetTextMetricsW
CreateDIBitmap
CreateCompatibleBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetRectRgn
CombineRgn
DPtoLP
GetBkColor
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
SetWindowExtEx
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateEllipticRgn
Polyline
Polygon
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
OffsetRgn
GetRgnBox
EnumFontFamiliesExW
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceW
SetViewportOrgEx
SelectObject
Escape
CreateDIBSection
LineTo
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
CopyMetaFileW
DeleteDC
GetDeviceCaps
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
Ellipse
CreateDCW
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
SetViewportExtEx

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

EnumPrintersW
DocumentPropertiesW
EndDocPrinter
EndPagePrinter
WritePrinter
StartPagePrinter
StartDocPrinterW
ClosePrinter
GetPrinterDataW
GetPrinterDriverW
OpenPrinterW

advapi32

RegEnumKeyExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyExW
RegEnumValueW
RegQueryValueW

comctl32

ImageList_GetIconSize

ole32

OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateStreamOnHGlobal
CoInitialize
CoCreateInstance
CoUninitialize
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
DoDragDrop
CoInitializeEx

oleaut32

VarBstrFromDate
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocString
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipGetImagePixelFormat
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdiplusShutdown

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 299KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6f7adab8228d2620aae0a9b7d071065

Headers

DLL Characteristics

File Characteristics

Imports

version

shlwapi

shell32

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

comctl32

ole32

oleaut32

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 299KB - Virtual size: 298KB

.data Size: 24KB - Virtual size: 54KB

.rsrc Size: 21KB - Virtual size: 20KB

.reloc Size: 167KB - Virtual size: 166KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 299KB - Virtual size: 298KB

.data
Size: 24KB - Virtual size: 54KB

.rsrc
Size: 21KB - Virtual size: 20KB

.reloc
Size: 167KB - Virtual size: 166KB