2024-02-02_1e2c6306cbd69e1eecaae4a563ceb468_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-02_1e2c6306cbd69e1eecaae4a563ceb468_mafia
Size

8.0MB
MD5

1e2c6306cbd69e1eecaae4a563ceb468
SHA1

74253d4b37b2db1be80546be9b49de1fa7650831
SHA256

aafdbd93703a51783af58b41e269981f4f7336473d61db00d4be9eaaba46d23a
SHA512

dc64ecc3e0dec18cf497d915aa1f51d9331ea81d98d0092109b227167570af1845e7139093dc2d66b5cd0974dc5ba9ad22355fbc5b5bfc3d0115ed3114851328
SSDEEP

98304:3MRijaqyqex45jAX9m9/zi2EJ0JkaDY3uJsv6tWKFdu9CIZrC1:3+saqzemv/e2EJKfJsv6tWKFdu9C91

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-02_1e2c6306cbd69e1eecaae4a563ceb468_mafia

Files

2024-02-02_1e2c6306cbd69e1eecaae4a563ceb468_mafia
.exe windows:5 windows x86 arch:x86

30b34b545408696acb0237c9b88d66f5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
InterlockedDecrement
InterlockedIncrement
GetProcessHeap
GetProcAddress
GetModuleHandleW
GetStartupInfoW
SetErrorMode
GetLastError
GetLocaleInfoW
GetUserDefaultLangID
GlobalUnlock
GlobalLock
GlobalAlloc
IsValidLocale
IsValidLanguageGroup
lstrcmpW
GlobalSize
ExpandEnvironmentStringsW
CloseHandle
CreateProcessW
ExitProcess
lstrlenA
GetLongPathNameW
GetVolumeInformationW
GetDriveTypeW
CompareStringW
GetUserDefaultLCID
GetCurrentProcessId
LocalFree
FormatMessageW
GetVersionExW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
FreeLibrary
GetSystemDirectoryW
LoadLibraryW
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreW
GetLocalTime
QueryPerformanceFrequency
GetTickCount
QueryPerformanceCounter
GetFileType
SetFilePointerEx
ReadFile
WriteFile
SetFilePointer
CreateFileW
SetEndOfFile
GetLogicalDrives
MapViewOfFile
GetSystemInfo
CreateFileMappingW
UnmapViewOfFile
CreateEventW
SetEvent
GetThreadPriority
GetCurrentThread
ResetEvent
TlsFree
SwitchToThread
Sleep
TlsAlloc
TerminateThread
SetThreadPriority
TlsSetValue
ResumeThread
TlsGetValue
WaitForMultipleObjects
CreateThread
DuplicateHandle
GetCurrentProcess
GetDateFormatW
GetTimeFormatW
GetCurrencyFormatW
GetUserDefaultUILanguage
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
FindClose
FindFirstFileW
GetFileInformationByHandle
CreateDirectoryW
RemoveDirectoryW
GetFileAttributesW
CopyFileW
MoveFileW
DeleteFileW
DeviceIoControl
GetFullPathNameW
GetCurrentDirectoryW
GetFileAttributesExW
FindNextFileW
FindFirstFileExW
CreateFileMappingA
CreateFileA
OpenFileMappingA
GetModuleFileNameA
CreateMutexA
ReleaseMutex
CreateEventA
GetModuleHandleA
GetExitCodeProcess
FormatMessageA
LoadLibraryA
GetStringTypeW
InterlockedCompareExchange
InterlockedExchange
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
HeapFree
RaiseException
RtlUnwind
GetTimeFormatA
GetDateFormatA
GetCommandLineA
HeapSetInformation
HeapAlloc
HeapReAlloc
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetStdHandle
InitializeCriticalSectionAndSpinCount
ExitThread
SetFileAttributesW
WriteConsoleW
GetStdHandle
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileExA
LCMapStringW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
IsProcessorFeaturePresent
HeapCreate
SetLastError
SetHandleCount
FlushFileBuffers
GetACP
GetOEMCP
IsValidCodePage
HeapSize
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetEnvironmentVariableW
SetEnvironmentVariableA
GetFullPathNameA
PeekNamedPipe
GetLocaleInfoA
EnumSystemLocalesA
GetFileAttributesA

user32

CreateWindowExA
WaitForInputIdle
SendInput
GetQueueStatus
KillTimer
SetTimer
GetClipboardFormatNameW
LoadIconW
SetClipboardViewer
ChangeClipboardChain
GetMenu
GetKeyboardState
SetMenuItemInfoW
TrackPopupMenuEx
MapVirtualKeyW
ToAscii
ToUnicode
GetKeyboardLayout
DestroyCaret
SetCaretPos
CreateCaret
HideCaret
TranslateMessage
GetKeyboardLayoutList
RegisterWindowMessageW
GetAsyncKeyState
RegisterClipboardFormatW
GetIconInfo
DrawIconEx
CreateCursor
CreateIconIndirect
SetCursorPos
DestroyCursor
GetClassInfoW
LoadImageW
GetSysColorBrush
RegisterClassExW
GetCursorPos
DefWindowProcW
GetWindowRgn
PeekMessageA
ClipCursor
GetUpdateRect
InvalidateRgn
BeginPaint
EndPaint
GetSysColor
WindowFromPoint
GetParent
GetDoubleClickTime
SetDoubleClickTime
SetCaretBlinkTime
PeekMessageW
PostMessageW
GetKeyState
GetCaretBlinkTime
FlashWindowEx
MessageBeep
SystemParametersInfoW
GetDesktopWindow
CreateWindowExW
GetSystemMenu
EnableMenuItem
SetParent
ValidateRgn
GetClientRect
GetWindowPlacement
SetWindowPlacement
GetWindowRect
IsWindowVisible
IsIconic
IsZoomed
MoveWindow
InvalidateRect
ShowWindow
MessageBoxA
IsChild
SetFocus
GetFocus
GetActiveWindow
RegisterClassW
CharNextExA
MsgWaitForMultipleObjectsEx
DispatchMessageW
UnregisterClassW
SetWindowLongW
GetWindowLongW
GetDC
ReleaseDC
CallNextHookEx
DestroyIcon
UnhookWindowsHookEx
ReleaseCapture
SetForegroundWindow
SetWindowPos
UpdateWindow
ScrollWindowEx
AdjustWindowRectEx
SetWindowTextW
SendMessageW
GetSystemMetrics
SetCapture
SetWindowsHookExW
SetCursor
ScreenToClient
ClientToScreen
DestroyWindow
SetWindowRgn

imm32

ImmNotifyIME
ImmGetContext
ImmReleaseContext
ImmSetCompositionFontW
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmAssociateContext
ImmGetCompositionStringW
ImmGetDefaultIMEWnd

winmm

mmioDescend
mmioGetInfo
mmioAdvance
PlaySoundW
mmioOpenA
mmioClose
mmioRead
mmioAscend
mmioSetBuffer

ws2_32

setsockopt
gethostname
htons
gethostbyname
inet_addr
select
__WSAFDIsSet
accept
listen
getsockname
WSACleanup
htonl
inet_ntoa
bind
WSAStartup
ntohs
getsockopt
closesocket
recv
send
socket
connect
WSAAsyncSelect

opengl32

glDisable
glEnable
glPushMatrix
glMatrixMode
glPushAttrib
glBlendFunc
glVertexPointer
glTexCoordPointer
glEnableClientState
glDrawArrays
glDisableClientState
glGetIntegerv
glTexImage2D
glGetTexLevelParameteriv
glLoadIdentity
glPushClientAttrib
glPopClientAttrib
glPopAttrib
glPopMatrix
glBindTexture
glColor4f
glClearColor
glFlush
glDrawBuffer
glGetString
glGetError
glGetBooleanv
glTexParameterf
glGenTextures
glPixelStorei
glScissor
glOrtho
glViewport
glGetDoublev
glTexParameteri
glHint
glDeleteTextures
wglDescribeLayerPlane
wglGetProcAddress
wglShareLists
wglCreateLayerContext
wglMakeCurrent
wglGetCurrentContext
wglGetCurrentDC
wglCreateContext
wglDeleteContext
wglRealizeLayerPalette
wglSwapLayerBuffers
glClear
glClearStencil
glStencilMask
glStencilFunc
glStencilOp
glClearDepth
glDepthFunc
glDepthMask
glColorMask
glLoadMatrixf
glDrawElements
glLoadMatrixd
glVertex2d
glTexCoord4f
glPointSize
glLineWidth
glTexCoord2f
glCopyTexSubImage2D
glEnd
glBegin
glTexSubImage2D
glTexImage1D
glTexGenfv
glTexGeni
glVertex2f
glCullFace
glPixelTransferi
glTexEnvf
glPolygonMode
glRotatef

gdi32

SetTextAlign
ExtTextOutW
GetOutlineTextMetricsW
DeleteDC
CreateCompatibleDC
PtInRegion
SelectPalette
RealizePalette
GetStockObject
GetObjectW
OffsetRgn
CombineRgn
CreateEllipticRgn
CreateRectRgn
GetRegionData
DeleteObject
SetBkMode
SwapBuffers
ChoosePixelFormat
SetPixelFormat
SetPaletteEntries
DescribePixelFormat
SetStretchBltMode
GetDeviceCaps
StretchBlt
SelectClipRgn
GdiFlush
CreatePalette
GetPaletteEntries
CreateCompatibleBitmap
BitBlt
CreateBitmap
CreateDIBSection
GetDIBits
EnumFontFamiliesExW
GetTextFaceW
GetFontData
GetCharABCWidthsW
GetCharABCWidthsI
GetCharABCWidthsFloatW
GetTextExtentPoint32W
CreateFontIndirectW
GetTextMetricsW
SetGraphicsMode
SetWorldTransform
SelectObject
GetGlyphOutlineW
SetTextColor

shell32

ShellExecuteExA
ShellExecuteW

ole32

CoTaskMemFree
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
OleGetClipboard
DoDragDrop
ReleaseStgMedium
OleUninitialize
OleInitialize
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
StringFromGUID2
CoCreateGuid
CoGetMalloc
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysStringLen
SysFreeString
SysAllocStringLen
VariantInit
SysAllocString

advapi32

RegCloseKey
RegOpenKeyExW
FreeSid
CopySid
GetLengthSid
GetTokenInformation
OpenProcessToken
RegCreateKeyExW
RegFlushKey
RegSetValueExW
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegQueryValueExW

Sections

.text
Size: 5.4MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ignored
Size: 337KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 327KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30b34b545408696acb0237c9b88d66f5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

imm32

winmm

ws2_32

opengl32

gdi32

shell32

ole32

oleaut32

advapi32

Sections

.text Size: 5.4MB - Virtual size: 5.4MB

.rdata Size: 1.8MB - Virtual size: 1.8MB

.data Size: 61KB - Virtual size: 86KB

.ignored Size: 337KB - Virtual size: 336KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 327KB - Virtual size: 326KB

.text
Size: 5.4MB - Virtual size: 5.4MB

.rdata
Size: 1.8MB - Virtual size: 1.8MB

.data
Size: 61KB - Virtual size: 86KB

.ignored
Size: 337KB - Virtual size: 336KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 327KB - Virtual size: 326KB