2024-01-27_c4b3f8fb4a9012568631670d38a01da3_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-27_c4b3f8fb4a9012568631670d38a01da3_mafia
Size

2.4MB
MD5

c4b3f8fb4a9012568631670d38a01da3
SHA1

470da227d11d347708787458ce8b15199a501fb0
SHA256

131489a1a8e2ab4b2b79ffb04d8191d76cd1f90bf1a73bbdb6817eb214967d05
SHA512

cc97b0b451dc9a641ab29542f07f22698637e6848babe8e1eeb3e3fba67f81d0369d08f2033bc468f639bbac32f2291b7729e6bc4460583d7ef435bc7b11d1b0
SSDEEP

49152:oCA9r3i7p3mW/nN7WLd5k7PDwvKEY9/x2hOwiDNGl1QfnCCl0BBGrZKd2il6qOCe:oPAgW/nNod5k7PDwSEYL2hOwiDYMtl03

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-27_c4b3f8fb4a9012568631670d38a01da3_mafia

Files

2024-01-27_c4b3f8fb4a9012568631670d38a01da3_mafia
.exe windows:5 windows x86 arch:x86

3101b3630f62fb80daa2e8ad7483238d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\depot\bas\720_EXT_REL\fes_730_REL\src\opt\NTintel\FrontOptEdit.pdb

Imports

sapfewut

InitTraceDir
InitTmpDir
InitBuffer

sappctxt

SapPcTxtUnLoad
SapPcTxtRead
SapPcTxtLoad
SapPcTxtGetDefaultLanguage

kernel32

GetStdHandle
IsValidCodePage
SetHandleCount
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
IsProcessorFeaturePresent
HeapCreate
GetStringTypeW
CompareStringW
LCMapStringW
GetTimeZoneInformation
WriteConsoleW
GetProcessHeap
CreateFileW
SetEnvironmentVariableA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleFileNameA
CreateProcessA
TerminateProcess
WaitForSingleObject
CloseHandle
FindFirstFileA
FindNextFileA
FindClose
LocalAlloc
LocalFree
LocalHandle
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceW
GetDateFormatA
GetTimeFormatA
ExpandEnvironmentStringsA
GetProcAddress
LoadLibraryA
VirtualProtect
GlobalFree
GlobalUnlock
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
HeapSize
HeapQueryInformation
CreateThread
ExitThread
ExitProcess
VirtualQuery
GetSystemInfo
VirtualAlloc
RaiseException
HeapReAlloc
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineA
DecodePointer
EncodePointer
HeapAlloc
RemoveDirectoryA
HeapFree
GlobalLock
GetModuleHandleA
SetLastError
DeactivateActCtx
GetLastError
ActivateActCtx
GlobalAlloc
Sleep
GetProfileIntA
SearchPathA
FindResourceA
lstrlenA
lstrcmpW
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GetFileAttributesExA
SetErrorMode
GetNumberFormatA
GetWindowsDirectoryA
GetTempPathA
GetTempFileNameA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
CreateFileA
GetFileSize
GetFileAttributesA
DeleteFileA
GetCurrentDirectoryA
FileTimeToSystemTime
GetThreadLocale
GetACP
lstrcpyA
GetSystemDirectoryW
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
FindResourceExW
ResumeThread
SetThreadPriority
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetTickCount
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
lstrcmpA
GetModuleHandleW
InterlockedExchange
GetCurrentProcessId
FreeLibrary
CopyFileA
GlobalSize
FormatMessageA
lstrlenW
MulDiv
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
CompareStringA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
MultiByteToWideChar

user32

GetIconInfo
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
SetCursorPos
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
InvalidateRgn
SetRect
CharNextA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
DrawStateA
EnumChildWindows
LockWindowUpdate
IsRectEmpty
IsMenu
GetSystemMenu
MonitorFromPoint
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadImageA
DestroyIcon
LoadAcceleratorsA
IsIconic
InsertMenuItemA
IntersectRect
BringWindowToTop
TranslateAcceleratorA
SetClassLongA
SetParent
CreatePopupMenu
NotifyWinEvent
SetWindowRgn
CreateAcceleratorTableA
LoadAcceleratorsW
DestroyAcceleratorTable
CharUpperA
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyA
ToAsciiEx
CopyAcceleratorTableA
PostThreadMessageA
LoadMenuW
KillTimer
SetTimer
InvalidateRect
DeleteMenu
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
UnregisterClassA
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
LoadCursorA
GetSysColorBrush
CopyImage
RealChildWindowFromPoint
GetSystemMetrics
DestroyMenu
InflateRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
ShowOwnedPopups
SetCursor
GetMessageA
TranslateMessage
GetCursorPos
RegisterClipboardFormatA
SystemParametersInfoA
OffsetRect
MessageBeep
IsZoomed
PostQuitMessage
GetWindowThreadProcessId
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
IsCharLowerA
GetMenuState
EnableMenuItem
CheckMenuItem
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
RegisterWindowMessageA
LoadIconA
WinHelpA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
IsWindowVisible
ValidateRect
UpdateWindow
GetClientRect
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
CopyRect
PtInRect
DestroyCursor
GetWindowRgn
DrawIcon
GetDoubleClickTime
CreateMenu
SubtractRect
CopyIcon
CharUpperBuffA
GetUpdateRect
FrameRect
TranslateMDISysAccel
GetWindowTextLengthA
GetWindowTextA
MoveWindow
SetWindowLongA
GetDlgCtrlID
IsWindow
SetWindowTextA
IsDialogMessageA
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
IsClipboardFormatAvailable
MapVirtualKeyExA
SetWindowContextHelpId
GetKeyNameTextA
SendDlgItemMessageA
CheckDlgButton
SetPropA
GetCapture
GetActiveWindow
SetActiveWindow
MapDialogRect
SetWindowPos
ShowWindow
GetPropA
RemovePropA
GetAsyncKeyState
GetFocus
SetFocus
GetWindowRect
GetWindowLongA
PostMessageA
GetDlgItem
IsWindowEnabled
MessageBoxA
GetWindow
LoadIconW
EnableWindow
SendMessageA
GetParent
SetMenuDefaultItem
UpdateLayeredWindow
ModifyMenuA
UnionRect
GetMenuItemInfoA
GetNextDlgGroupItem

gdi32

DeleteObject
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
GetTextExtentPoint32A
GetTextMetricsA
CreateFontIndirectA
EnumFontFamiliesExA
CreateDIBitmap
CreateCompatibleBitmap
CreateRectRgnIndirect
EnumFontFamiliesA
GetTextCharsetInfo
OffsetRgn
GetRgnBox
GetTextColor
SetDIBColorTable
PatBlt
GetDIBits
RealizePalette
CombineRgn
StretchBlt
SetPixel
CreateDIBSection
GetBkColor
SetRectRgn
GetMapMode
DPtoLP
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
Rectangle
GetWindowOrgEx
LPtoDP
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
ExtFloodFill
SetPaletteEntries
GetTextFaceA
SetPixelV
GetLayout
SetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateDCA
CopyMetaFileA
GetDeviceCaps
CreateBitmap
GetObjectA
CreateRoundRectRgn
SetTextColor
SetBkColor

msimg32

AlphaBlend
TransparentBlt

comdlg32

ChooseFontA
GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter
DeviceCapabilitiesA
EnumPrintersA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegEnumKeyExA
RegEnumValueA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
DragFinish
SHGetFileInfoA
ShellExecuteA
SHAppBarMessage
DragQueryFileA

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

SHDeleteKeyA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
SHGetValueA
PathRemoveFileSpecW

ole32

OleLockRunning
CoInitializeEx
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoGetClassObject
CreateStreamOnHGlobal
CoInitialize
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleGetClipboard
DoDragDrop
CoUninitialize

oleaut32

OleCreateFontIndirect
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocString
SafeArrayDestroy
VariantCopy
SysStringLen
SysAllocStringByteLen
SysFreeString
VariantInit
SysAllocStringLen
VariantChangeType
VariantClear

oledlg

ord8

gdiplus

GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdiplusShutdown
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipGetImageGraphicsContext
GdipDrawImageI
GdipCloneImage
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipGetImagePalette
GdipDrawImageRectI
GdipSetInterpolationMode

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 292KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 740KB - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3101b3630f62fb80daa2e8ad7483238d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

sapfewut

sappctxt

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 292KB - Virtual size: 292KB

.data Size: 25KB - Virtual size: 54KB

.rsrc Size: 58KB - Virtual size: 57KB

.reloc Size: 740KB - Virtual size: 744KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 292KB - Virtual size: 292KB

.data
Size: 25KB - Virtual size: 54KB

.rsrc
Size: 58KB - Virtual size: 57KB

.reloc
Size: 740KB - Virtual size: 744KB