2024-02-01_6d8cc4f6e5e33f723d44a47363fed49d_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-01_6d8cc4f6e5e33f723d44a47363fed49d_mafia
Size

2.0MB
MD5

6d8cc4f6e5e33f723d44a47363fed49d
SHA1

fef74788777d2f7f80eb47e9dfcfc1456cd8dd01
SHA256

e921e9b2d027db5f0e92a076c61ee16f891b7b27aabf5de1c1b7e47b1cbc2817
SHA512

45b4124ce3127d294d49e886caf322781b894685ab1d9249f8d22d4c958e960fa5a2644cb5473a2fd49988658caa1f39f2aa14406e200df8954e896ad1c44ec9
SSDEEP

49152:F1wXdGqTdNajYn/d1w1IGaXPU6Bi/s6tVkvglUf2QUHvz1DEmGQK:FEdGqTdyYn/d17GSPU6Bi/s6tVcH+QUd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-01_6d8cc4f6e5e33f723d44a47363fed49d_mafia

Files

2024-02-01_6d8cc4f6e5e33f723d44a47363fed49d_mafia
.exe windows:5 windows x86 arch:x86

da63977e921d121f1d0740ee58949f54

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\CallRecorder_VS2010\Release\CallRecorder.pdb

Imports

winmm

waveInStart
PlaySoundA
mmioWrite
mmioRead
waveInGetErrorTextA
mmioClose
mmioSeek
mmioDescend
mmioOpenA
waveOutPause
mmioCreateChunk
mmioAscend
timeGetTime
waveInOpen
mixerGetID
waveOutGetNumDevs
waveInGetNumDevs
mixerSetControlDetails
mixerGetControlDetailsA
mixerGetLineControlsA
mixerGetLineInfoA
mixerOpen
waveOutGetDevCapsA
waveInGetDevCapsA
mixerGetDevCapsA
mixerGetNumDevs
mixerClose
waveOutClose
waveOutOpen
waveOutWrite
waveOutPrepareHeader
waveInClose
waveInReset
waveInStop
waveInAddBuffer
waveInPrepareHeader
waveInUnprepareHeader

ws2_32

bind
listen
accept
setsockopt
WSACleanup
WSAStartup
gethostname
closesocket
recv
send
socket
gethostbyname
htons

dbghelp

MiniDumpWriteDump

cm_hid

CloseDevice
HandleUsbDeviceChange
StartDeviceDetectionProc

kernel32

GlobalFlags
GetACP
InterlockedIncrement
TlsGetValue
GlobalReAlloc
InitializeCriticalSection
TlsSetValue
LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
GetSystemDirectoryW
FindResourceExW
GetNumberFormatA
GetTempFileNameA
GetTempPathA
GetTickCount
GetProfileIntA
SearchPathA
RtlUnwind
EncodePointer
DecodePointer
HeapFree
HeapAlloc
HeapReAlloc
GetTimeFormatA
GetDateFormatA
WriteConsoleW
GetFileType
GetStdHandle
ExitProcess
GetCommandLineA
HeapSetInformation
GetStartupInfoW
VirtualAlloc
ExitThread
HeapQueryInformation
HeapSize
SetStdHandle
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
CompareStringW
GetStringTypeW
HeapCreate
GetTimeZoneInformation
SetHandleCount
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetDriveTypeW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
SetEnvironmentVariableA
GetProcessHeap
CreateFileW
GetFileAttributesExA
FileTimeToSystemTime
GetFullPathNameA
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
lstrcmpiA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
SuspendThread
SetThreadPriority
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
ReleaseSemaphore
GetModuleHandleW
InterlockedExchange
VirtualProtect
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
CompareStringA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
ActivateActCtx
DeactivateActCtx
lstrcmpW
SetLastError
GlobalSize
FormatMessageA
lstrlenW
MulDiv
GetWindowsDirectoryA
GetVolumeInformationA
IsDebuggerPresent
lstrcatA
GetSystemTimeAsFileTime
GlobalMemoryStatus
GetSystemInfo
VirtualQuery
GetModuleFileNameA
GetFileTime
FileTimeToLocalFileTime
OutputDebugStringA
RaiseException
GetCurrentProcessId
WriteFile
GetCurrentDirectoryA
MultiByteToWideChar
CreateEventA
SetFilePointer
ReadFile
CreateMutexA
ReleaseMutex
GetCurrentThreadId
SetEvent
FindResourceA
FreeResource
GetLastError
CopyFileA
GetLocalTime
DeleteFileA
MoveFileA
SetFileAttributesA
lstrcpynA
Sleep
ResumeThread
GetCurrentProcess
CreateDirectoryA
FindFirstFileA
FindNextFileA
FindClose
WaitForSingleObject
GetVersionExA
GetStartupInfoA
CreateProcessA
SetCurrentDirectoryA
SetErrorMode
LoadLibraryA
GetProcAddress
FreeLibrary
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
CreateFileA
GetFileSize
GetFileInformationByHandle
FileTimeToDosDateTime
CreateThread
CloseHandle
lstrlenA
lstrcpyA
LocalFree
lstrcmpA
LocalAlloc
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
CreateSemaphoreA
GetFileSizeEx
LoadLibraryExA
GetFileAttributesA
TlsAlloc

user32

BringWindowToTop
LockWindowUpdate
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
IsCharLowerA
MapVirtualKeyExA
UnionRect
UpdateLayeredWindow
MonitorFromPoint
IsMenu
WaitMessage
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
RegisterClipboardFormatA
CopyIcon
CharUpperBuffA
GetDoubleClickTime
SubtractRect
DestroyCursor
GetWindowRgn
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
RedrawWindow
IsWindowVisible
ValidateRect
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetCursorPos
CopyAcceleratorTableA
DefWindowProcA
GetMenu
CopyRect
PtInRect
SetWindowPos
ShowWindow
MoveWindow
SetWindowTextA
CheckDlgButton
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetNextDlgTabItem
GetFocus
IsWindowEnabled
SetFocus
wvsprintfA
CallWindowProcA
FindWindowExA
LoadIconA
PostQuitMessage
InvalidateRect
FillRect
LoadCursorA
SetCursor
GetDlgCtrlID
IsWindow
GetWindow
GetWindowRect
EqualRect
IntersectRect
GetCursorPos
RegisterHotKey
UnregisterHotKey
GetSystemMetrics
LoadIconW
GetParent
KillTimer
SetTimer
GetClientRect
IsIconic
GetSystemMenu
LoadMenuW
ModifyMenuA
GetSubMenu
EnableMenuItem
CheckMenuItem
AppendMenuA
DeleteMenu
DrawIcon
MessageBoxA
GetActiveWindow
EnumWindows
GetWindowTextLengthA
GetWindowTextA
PostThreadMessageA
EnableWindow
SetForegroundWindow
PostMessageA
PeekMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
GetWindowLongA
EndDialog
SendDlgItemMessageA
SetWindowLongA
GetDlgItem
SendMessageA
wsprintfA
SetDlgItemTextA
SetRect
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
DrawTextExA
ToAsciiEx
DrawFrameControl
DrawEdge
DrawStateA
SetClassLongA
WindowFromPoint
DestroyAcceleratorTable
SetParent
SetWindowRgn
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
IsZoomed
DrawIconEx
GetNextDlgGroupItem
LoadImageA
GetIconInfo
OffsetRect
MessageBeep
NotifyWinEvent
EnableScrollBar
HideCaret
DrawFocusRect
InvertRect
ReleaseCapture
SetCapture
IsRectEmpty
CreatePopupMenu
GetMenuDefaultItem
DestroyIcon
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
CopyImage
GetSysColorBrush
RealChildWindowFromPoint
UnregisterClassA
CharUpperA
ShowOwnedPopups
GetMessageA
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
InflateRect
MapVirtualKeyA
GetKeyNameTextA
MapDialogRect
GetAsyncKeyState
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GetWindowPlacement
GrayStringA
WinHelpA
IsChild
SetWindowPlacement
GetCapture
AdjustWindowRectEx

gdi32

CreateRectRgnIndirect
GetTextFaceA
GetTextExtentPoint32A
GetObjectA
CreateFontIndirectA
GetDeviceCaps
CopyMetaFileA
CreateDCA
SetTextColor
SetBkColor
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
DeleteObject
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateBitmap
CreateCompatibleDC
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
PatBlt
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
GetTextMetricsA
CreateDIBitmap
CreateCompatibleBitmap
EnumFontFamiliesA
GetTextCharsetInfo
EnumFontFamiliesExA
GetBkColor
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
OffsetRgn
GetRgnBox
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetStockObject

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

InitializeSecurityDescriptor
GetUserNameA
FreeSid
SetFileSecurityA
SetSecurityDescriptorDacl
RegCloseKey
SetEntriesInAclA
AllocateAndInitializeSid
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

shell32

Shell_NotifyIconA
ShellExecuteA
SHGetFileInfoA
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetSpecialFolderLocation
DragFinish
DragQueryFileA
SHBrowseForFolderA
SHAppBarMessage
SHGetFolderPathA

comctl32

_TrackMouseEvent
ImageList_GetIconSize

shlwapi

PathStripToRootA
PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW
PathIsUNCA

ole32

DoDragDrop
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoInitializeEx
CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CreateStreamOnHGlobal

oleaut32

SysFreeString
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
SysAllocString
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
OleLoadPicture

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageGraphicsContext
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipGetImageWidth
GdipDrawImageI

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 255KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da63977e921d121f1d0740ee58949f54

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winmm

ws2_32

dbghelp

cm_hid

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

version

oleacc

gdiplus

imm32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 308KB - Virtual size: 308KB

.data Size: 25KB - Virtual size: 259KB

.rsrc Size: 255KB - Virtual size: 255KB

.reloc Size: 180KB - Virtual size: 180KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 308KB - Virtual size: 308KB

.data
Size: 25KB - Virtual size: 259KB

.rsrc
Size: 255KB - Virtual size: 255KB

.reloc
Size: 180KB - Virtual size: 180KB