2024-02-03_b4b7efa94031be68590a689044684bfb_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-03_b4b7efa94031be68590a689044684bfb_mafia
Size

1.9MB
MD5

b4b7efa94031be68590a689044684bfb
SHA1

0a54ede52c5d66d1ff652c2aeaa0f98221fd2642
SHA256

21c02b48f6aac9aba3972e68d3e58b270476b6225b776d86b3b3cf9a55d142e8
SHA512

f246a182b0c6eb0aa395da8cb6a1697f0b1721bb2937e578f4c4ff351141a4b8c877a8e1655cdfd51d658d84f1249852444e8fa99afb2ce95821ebb84213b50b
SSDEEP

49152:CwOKs6B9+Rkgb/DbWyvHKZ3/Qm4v+HEPYpejSrlQnXIRa0xpaTFgAgSoT7ZOo:8u9vgb/DbWyiZvQV+HEPYpejSra4cbTk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-03_b4b7efa94031be68590a689044684bfb_mafia

Files

2024-02-03_b4b7efa94031be68590a689044684bfb_mafia
.exe windows:5 windows x86 arch:x86

06b088ec0e2430f383be8f04aae6b409

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\MyPacs_V2\SRC\CDLoader_AutoInstall\Release\CDLoader.pdb

Imports

kernel32

GetConsoleCP
GetConsoleMode
LCMapStringW
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
CreateDirectoryA
SetVolumeLabelA
GetDriveTypeA
GetDiskFreeSpaceExA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CompareStringW
GetStringTypeW
IsProcessorFeaturePresent
GetLocaleInfoW
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
HeapCreate
GetTimeZoneInformation
IsValidCodePage
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSize
HeapQueryInformation
GetFileType
SetStdHandle
ExitThread
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapReAlloc
ExitProcess
RaiseException
RtlUnwind
HeapAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapFree
GetDateFormatA
GetTimeFormatA
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SetErrorMode
SearchPathA
GetProfileIntA
GetNumberFormatA
GetWindowsDirectoryA
GetFileTime
GetFileSizeEx
SetFileTime
FileTimeToLocalFileTime
SetFileAttributesA
GetFileAttributesExA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WriteFile
ReadFile
MoveFileA
lstrcmpiA
FileTimeToSystemTime
GetCurrentDirectoryA
GetTempFileNameA
CreateFileA
SetFilePointer
GetACP
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GetCurrentProcessId
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GlobalFree
CopyFileA
GlobalSize
FormatMessageA
LocalFree
lstrlenW
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
lstrcmpA
GlobalAlloc
GetModuleHandleW
InterlockedExchange
lstrcpyA
GetSystemDirectoryW
GlobalLock
GlobalUnlock
MulDiv
CreateEventA
FindResourceA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
GetModuleHandleA
GetProcAddress
CompareStringA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
LoadLibraryA
ActivateActCtx
DeactivateActCtx
SetLastError
FreeLibrary
lstrcmpW
GetLastError
MultiByteToWideChar
lstrlenA
GetTickCount
GetFileAttributesA
GetTempPathA
CloseHandle
CreateProcessA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
DeleteFileA
GetModuleFileNameA
SetEvent
ResumeThread
SetThreadPriority
CreateThread
ResetEvent
Sleep
GetProcessHeap
WaitForSingleObject
InterlockedCompareExchange

user32

LoadMenuW
DeleteMenu
GetAsyncKeyState
NotifyWinEvent
CreatePopupMenu
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
IsRectEmpty
CopyImage
RealChildWindowFromPoint
DestroyMenu
GetMenuItemInfoA
WindowFromPoint
GetWindowThreadProcessId
ShowOwnedPopups
GetMessageA
GetCursorPos
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
PostQuitMessage
IntersectRect
InflateRect
GetSysColorBrush
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoA
SetRectEmpty
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassNameA
SetPropA
GetSystemMenu
RemovePropA
GetFocus
UnregisterClassA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
IsWindowVisible
ValidateRect
UpdateWindow
PostMessageA
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
SetTimer
EnableWindow
InvalidateRect
GetClientRect
CopyRect
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
GetWindowLongA
SetWindowLongA
SetWindowPos
KillTimer
SetCapture
ReleaseCapture
MessageBeep
CharUpperA
DrawEdge
DrawFrameControl
CopyAcceleratorTableA
ToAsciiEx
MapVirtualKeyA
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
PtInRect
GetWindow
MapWindowPoints
OffsetRect
DrawFocusRect
DrawStateA
GetIconInfo
DestroyIcon
TranslateMessage
DispatchMessageA
PeekMessageA
SetClassLongA
SetRect
SetCursorPos
BringWindowToTop
LockWindowUpdate
WaitMessage
GetPropA
LoadIconW
SendMessageA
IsIconic
GetSystemMetrics
DrawIcon
GetWindowRect
GetParent
DrawIconEx
SetCursor
LoadCursorA
GetClassLongA
GetWindowRgn
DestroyCursor
MapDialogRect
SubtractRect
MapVirtualKeyExA
GetKeyNameTextA
IsCharLowerA
GetDoubleClickTime
CharUpperBuffA
CopyIcon
RegisterClipboardFormatA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetUpdateRect
FrameRect
GetMenuDefaultItem
IsClipboardFormatAvailable
SetMenuDefaultItem
PostThreadMessageA
CreateMenu
IsMenu
UpdateLayeredWindow
UnionRect
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
GetNextDlgGroupItem
LoadImageA
EnableScrollBar
HideCaret
IsWindow
InvertRect

gdi32

IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
SelectPalette
GetObjectType
GetDeviceCaps
CreateHatchBrush
CreateDIBitmap
CreateFontIndirectA
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
SetRectRgn
ExcludeClipRect
PatBlt
DPtoLP
CopyMetaFileA
CreateDCA
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetBkColor
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
GetRgnBox
SetDIBColorTable
StretchBlt
SetPixel
EnumFontFamiliesExA
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceA
SetPixelV
SetMapMode
GetClipBox
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
CreateRectRgnIndirect
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
Polygon
DeleteObject
GetTextExtentPoint32A
SelectObject
Rectangle
GetStockObject
CreatePen
CreateSolidBrush
CreateFontA
CombineRgn
CreateBrushIndirect
RoundRect

msimg32

GradientFill
TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegCloseKey
RegEnumKeyExA

shell32

SHAppBarMessage
ShellExecuteA
SHGetFileInfoA
SHGetDesktopFolder
SHBrowseForFolderA
DragQueryFileA
DragFinish
SHGetSpecialFolderLocation
SHGetPathFromIDListA

comctl32

InitCommonControlsEx
_TrackMouseEvent
ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

ole32

CoInitializeEx
DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleCreateMenuDescriptor
OleDuplicateData
CoTaskMemAlloc
OleDestroyMenuDescriptor
ReleaseStgMedium
RevokeDragDrop
CoTaskMemFree
CoCreateGuid
CoUninitialize
CoInitialize
CoCreateInstance
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard

oleaut32

SysFreeString
VarBstrFromDate
SysAllocString
SysStringLen
SysAllocStringLen
VariantChangeType
VariantInit
VariantClear
VarUdateFromDate
VariantTimeToSystemTime
SystemTimeToVariantTime

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromFile
GdipFree
GdipAlloc
GdipDrawImageRectI
GdipGetImageHeight
GdipGetImageWidth
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipDrawImageI

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 297KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06b088ec0e2430f383be8f04aae6b409

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 297KB - Virtual size: 297KB

.data Size: 26KB - Virtual size: 56KB

.rsrc Size: 88KB - Virtual size: 88KB

.reloc Size: 175KB - Virtual size: 175KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 297KB - Virtual size: 297KB

.data
Size: 26KB - Virtual size: 56KB

.rsrc
Size: 88KB - Virtual size: 88KB

.reloc
Size: 175KB - Virtual size: 175KB