2024-01-27_1222e9bb5d27779860363de1e3096ae3_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-27_1222e9bb5d27779860363de1e3096ae3_mafia
Size

977KB
MD5

1222e9bb5d27779860363de1e3096ae3
SHA1

cfe540e7791af406d3a55653738b2c498c29e626
SHA256

7407ad985fe0dca6020a28280a1bb385ee8f96558c6f289b9238ce29a203673a
SHA512

5a55f1b85cb504597660a6580fc1ee8b197ebc1e1502d9fbc99df7b6ee817cf00675d34cb852bd56f6a2dcc8ba6ae029be601add79e958df4b7ffc265a1e8f6b
SSDEEP

24576:RFa3k9eXgcBAH326BwAhjtzWkVeuMWb8865:vagcBYwAhjtKkVeuMWb8865

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-27_1222e9bb5d27779860363de1e3096ae3_mafia

Files

2024-01-27_1222e9bb5d27779860363de1e3096ae3_mafia
.exe windows:5 windows x86 arch:x86

bd2b6ec6a08cefcb4b5d9a05a5ea1ae7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
CreatePipe
CreateSemaphoreW
FindResourceW
LoadResource
WriteFile
SizeofResource
CreateFileW
LockResource
WaitForSingleObject
SetEvent
CreateEventW
lstrcpyW
CreateFileA
SetFilePointer
SetEndOfFile
SetEnvironmentVariableA
WriteConsoleW
LoadLibraryW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
HeapSize
GetStdHandle
GetStartupInfoW
ReadFile
FreeConsole
CreateProcessW
AllocConsole
CreateThread
DeleteFileA
CloseHandle
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
CreateMutexW
lstrcmpiW
GetSystemInfo
GetProcAddress
GetVersionExW
Sleep
WideCharToMultiByte
GetLocaleInfoW
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetHandleCount
GetModuleFileNameW
ExitProcess
HeapCreate
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
CompareStringW
LCMapStringW
RtlUnwind
GetCPInfo
RaiseException
HeapSetInformation
GetCommandLineW
GetFileType
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetDateFormatA
GetTimeFormatA
GetSystemTimeAsFileTime
HeapReAlloc
HeapAlloc
HeapFree
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
DecodePointer
EncodePointer
GetStringTypeW
InterlockedExchange
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
GetCurrentProcess
GetLastError
MultiByteToWideChar
GetModuleFileNameA
GetProcessHeap

user32

SetTimer
KillTimer
SendMessageW
GetWindowRect
MoveWindow
MessageBoxA
GetSystemMetrics
GetDesktopWindow
IsWindow
MessageBoxW
GetPropW
GetWindow
SetForegroundWindow
SetPropW
LoadIconW
GetWindowLongW
SetWindowLongW
GetCursorPos
ShowWindow
UpdateWindow
SetWindowTextW
RegisterHotKey
wsprintfW

comdlg32

GetOpenFileNameW

advapi32

StartServiceA
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegCreateKeyW
RegOpenKeyW
RegDeleteValueW
OpenSCManagerA
QueryServiceStatus
ChangeServiceConfigA
OpenServiceA
RegSetValueExW

shell32

ShellExecuteExW
ShellExecuteExA
Shell_NotifyIconW

xcgui

XRunXCGUI
XInitXCGUI
XTree_EnableConnectLine
XEle_GetWidth
XTree_GetItemData
XAdapterTree_SetItemText
XEle_AdjustLayout
XImage_EnableAutoDestroy
XAdapterTree_AddColumn
XAdapterTree_Create
XTree_SetItemHeightDefault
XTree_SetItemHeight
XC_GetTextShowSize
XC_TemplateDestroy
XAdapterTree_InsertItemImage
XC_LoadTemplate
XAdapterTree_GetItemTextEx
XSView_ScrollBottom
XEle_GetFont
XTree_BindAdapter
XTree_SetItemData
XC_SetDefaultFont
XBkInfoM_AddFill
XList_GetItemIndexFromHXCGUI
XEle_SetLayoutHeight
XC_IsHXCGUI
XImage_SetTranColorEx
XList_GetTemplateObject
XComboBox_BindApapter
XEle_SetTextColor
XMenu_Popup
XEle_Enable
XEle_IsShow
XList_BindAdapterHeader
XBtn_SetText
XAdapterTable_DeleteItemAll
XSView_SetScrollBarSize
XList_BindAdapter
XAdapterTable_AddColumn
XRichEdit_EnableReadOnly
XC_EnableDebugFile
XList_GetHeaderHELE
XList_RefreshData
XBkInfoM_AddImage
XComboBox_EnableEdit
XEle_EnableBkTransparent
XRichEdit_DeleteAll
XComboBox_SetItemTemplateXML
XBtn_SetCheck
XSView_SetLineSize
XRichEdit_SetRowHeight
XImage_LoadFileAdaptive
XEle_EnableDrawFocus
XSBar_GetButtonSlider
XSView_SetBorderSize
XEle_SetToolTip
XList_SetHeaderHeight
XList_EnableVScrollBarTop
XAdapterMap_Create
XShapeText_GetText
XRichEdit_EnableEvent_XE_RICHEDIT_CHANGE
XAdapterTable_AddItemText
XRichEdit_EnablePassword
XMenu_Create
XDraw_SetBkMode
XList_AddColumn
XSView_ShowSBarH
XEle_EnableToolTip
XMenu_AddItem
XList_SetColumnWidth
XLayout_AdjustLayout
XEle_RegEventTest
XC_GetResIDValue
XC_GetObjectByID
XWnd_ShowWindow
XEle_RegEventEx
XWnd_AdjustLayout
XWnd_GetHWND
XC_LoadResource
XEle_ShowEle
XExitXCGUI
XAdapterTable_GetCount
XFont_Create2
XList_EnableMultiSel
XAdapterTable_DeleteItem
XList_SetItemTemplateXML
XAdapterTable_GetItemText
XEle_EnableFocus
XEle_GetBkInfoManager
XEle_SetLayoutWidth
XList_EnableItemBkFullRow
XSView_GetScrollBarV
XAdapterTable_Create
XEle_SetRectEx
XAdapterTable_SetItemText
XSBar_ShowButton
XDraw_ImageStretch
XEle_AddBkImage
XList_EnableDragChangeColumnWidth
XComboBox_EnableDrawButton
XEle_EnableDrawBorder
XAdapterMap_AddItemText
XTree_GetTemplateObject
XList_SetItemHeightDefault
XC_LoadLayout
XWnd_AdjustLayoutObject
XImage_LoadFile
XShapePic_Create
XEle_SetRect
XWnd_GetClientRect
XWnd_RegEventTest
XWnd_RegEventEx
XEle_GetRect
XRichEdit_SetText
XRichEdit_SetDefaultTextColor
XBtn_GetText
XRichEdit_EnableMultiLine
XRichEdit_SetLimitNum
XSView_ShowSBarV
XShapePic_SetImage
XRichEdit_SetDefaultText
XImage_LoadMemory
XBtn_IsCheck
XRichEdit_EnableAutoWrap
XWnd_SetFocusEle
XRichEdit_GetText
XRichEdit_EnableAutoSelAll
XShapeText_SetText
XEle_SendEvent
XModalWnd_DoModal
XEle_RedrawEle
XWnd_RedrawWnd
XWnd_CloseWindow

rasapi32

RasGetEntryPropertiesW
RasSetEntryPropertiesW
RasHangUpW
RasDeleteEntryW
RasDialW
RasConnectionNotificationW
RasEnumConnectionsW
RasGetErrorStringW

libcurl

curl_easy_strerror
curl_global_cleanup
curl_global_init
curl_slist_append
curl_easy_setopt
curl_easy_perform
curl_easy_cleanup
curl_easy_init

crypt32

CertCloseStore
CertAddCertificateContextToStore
CertFreeCertificateContext
CertOpenStore
CryptStringToBinaryA
CertCreateCertificateContext

wkebrowser

XWeb_LoadUrl
XWeb_JsBindFuction
XWeb_Create
XWeb_JsUndefined
XWeb_GetStringW
XWeb_JsToTempStringW
XWeb_OnCreateView
XWeb_Init
XWeb_UnInit
XWeb_JsArg

Sections

.text
Size: 655KB - Virtual size: 654KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd2b6ec6a08cefcb4b5d9a05a5ea1ae7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

xcgui

rasapi32

libcurl

crypt32

wkebrowser

Sections

.text Size: 655KB - Virtual size: 654KB

.rdata Size: 112KB - Virtual size: 111KB

.data Size: 12KB - Virtual size: 20KB

.rsrc Size: 139KB - Virtual size: 139KB

.reloc Size: 44KB - Virtual size: 43KB

.text
Size: 655KB - Virtual size: 654KB

.rdata
Size: 112KB - Virtual size: 111KB

.data
Size: 12KB - Virtual size: 20KB

.rsrc
Size: 139KB - Virtual size: 139KB

.reloc
Size: 44KB - Virtual size: 43KB