L:\VSTOUR\addons\fe_modo2\feserver2.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-02-03_701dd08aba2e8915101c8f5253888ca2_mafia.exe
Resource
win7-20231129-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
2024-02-03_701dd08aba2e8915101c8f5253888ca2_mafia.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
2024-02-03_701dd08aba2e8915101c8f5253888ca2_mafia
-
Size
3.9MB
-
MD5
701dd08aba2e8915101c8f5253888ca2
-
SHA1
31c0c84aa5a186221a1da4615053e93e626ebd98
-
SHA256
246bb4b3372c6010356e30f92c800dd8f95b05006d582f13b7ead90646062faa
-
SHA512
d96c324d8b752af2fd13e6a92341fe7522509c8cbaca416918489c8be78222230dc22e7d0f61663cecadc21a285d085399c9a6e0d9da477ea7202b4c12be27bf
-
SSDEEP
49152:REsshuS94vyz+GCmQitHzplYatH7sEDQPhpw0ZI4K+4gEjTiMUSW:RKubLNoplRsE871S
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-02-03_701dd08aba2e8915101c8f5253888ca2_mafia
Files
-
2024-02-03_701dd08aba2e8915101c8f5253888ca2_mafia.exe windows:5 windows x86 arch:x86
7daad0690ee6be709272e382cc355ec5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
qhtm
ord12
ord11
ord4
ord7
ord10
ord3
ord20
ord14
ord9
ord19
ord16
ord15
ord13
ord1
htmlayout
HTMLayoutGetAttributeByName
HTMLayoutSetAttributeByName
HTMLayoutGetStyleAttribute
HTMLayoutSetStyleAttribute
HTMLayoutGetRootElement
HTMLayoutVisitElements
HTMLayoutSelectElements
HTMLayoutUpdateElement
HTMLayoutUpdateElementEx
HTMLayoutGetScrollInfo
HTMLayoutSetScrollPos
HTMLayoutGetElementType
HTMLayoutGetElementHwnd
HTMLayoutGetElementUID
HTMLayoutGetElementByUID
HTMLayoutSetElementInnerText16
HTMLayoutDeleteElement
HTMLayoutGetElementState
HTMLayoutSetElementState
HTMLayoutIsElementEnabled
HTMLayoutIsElementVisible
HTMLayoutCreateElement
HTMLayoutCloneElement
HTMLayoutInsertElement
HTMLayoutDetachElement
HTMLayoutMoveElement
HTMLayoutMoveElementEx
HTMLayoutTrackPopupAt
HTMLayoutShowPopupAt
HTMLayoutHidePopup
HTMLayoutCallBehaviorMethod
HTMLayoutControlGetType
HTMLiteGetTag
HTMLiteSetCallback
HTMLiteSetMediaType
HTMLiteSetTag
HTMLiteCreateInstance
HTMLiteDestroyInstance
HTMLiteLoadHtmlFromMemory
HTMLiteMeasure
HTMLiteRender
HTMLayoutGetElementLocation
HTMLayoutProcND
HTMLayoutLoadHtml
HTMLayoutLoadFile
ValueStringDataSet
ValueInt64DataSet
ValueFloatDataSet
HTMLayoutControlSetValue
ValueType
HTMLayoutControlGetValue
HTMPrintSetCallback
HTMPrintDestroyInstance
HTMPrintLoadHtmlFromMemory
HTMPrintMeasure
ValueClear
ValueIntDataSet
ValueInit
HTMLayoutAttachEventHandlerEx
HTMLayoutWindowAttachEventHandler
HTMLayout_UseElement
HTMLayout_UnuseElement
HTMLayoutGetChildrenCount
HTMLayoutGetNthChild
HTMLayoutGetParentElement
HTMPrintSetMediaType
HTMPrintRender
HTMPrintGetDocumentHeight
HTMPrintGetDocumentMinWidth
HTMPrintSetDataReady
HTMLayoutDataReady
HTMLayoutSetElementHtml
ValueInt64Data
ValueStringData
ValueFloatData
HTMLayoutSetCallback
HTMPrintCreateInstance
HTMPrintSetTag
HTMPrintSetHyperlinkAreaCallback
HTMPrintSetNextPageCallback
HTMLayoutGetElementInnerTextCB
HTMLayoutGetElementHtmlCB
HTMLiteSetDataReady
ValueIntData
HTMLayoutGetElementIndex
libxl
xlSheetHeaderMarginA
xlSheetSetHeaderA
xlSheetHeaderA
xlSheetSetPaperA
xlSheetPaperA
xlSheetLandscapeA
xlSheetSetPrintZoomA
xlSheetPrintZoomA
xlSheetSetZoomA
xlSheetZoomA
xlSheetSetPrintGridlinesA
xlSheetPrintGridlinesA
xlFormatFontA
xlFontStrikeOutA
xlFontSetStrikeOutA
xlFormatSetFontA
xlFontSetColorA
xlFontBoldA
xlFontSetBoldA
xlFontScriptA
xlFontSetScriptA
xlFontUnderlineA
xlFontSetUnderlineA
xlFontNameA
xlFontSetNameA
xlBookSetKeyA
xlCreateBookCA
xlCreateXMLBookCA
xlBookLoadA
xlBookSaveA
xlBookReleaseA
xlFontSetItalicA
xlSheetSetDisplayGridlinesA
xlSheetDisplayGridlinesA
xlSheetLastColA
xlSheetFirstColA
xlSheetLastRowA
xlSheetFirstRowA
xlSheetCopyCellA
xlSheetRemoveRowA
xlSheetRemoveColA
xlSheetInsertRowA
xlSheetInsertColA
xlSheetClearA
xlSheetSetGroupSummaryRightA
xlSheetGroupSummaryRightA
xlSheetSetGroupSummaryBelowA
xlSheetGroupSummaryBelowA
xlFormatNumFormatA
xlFontSetSizeA
xlFormatSetNumFormatA
xlFormatAlignHA
xlFormatSetAlignHA
xlFormatAlignVA
xlFormatSetAlignVA
xlFormatWrapA
xlFormatSetWrapA
xlFormatRotationA
xlFormatSetRotationA
xlFormatIndentA
xlFormatSetIndentA
xlFormatShrinkToFitA
xlFormatSetShrinkToFitA
xlFormatSetBorderA
xlFormatSetBorderColorA
xlFormatBorderLeftA
xlFormatSetBorderLeftA
xlFormatBorderRightA
xlFormatSetBorderRightA
xlFormatBorderTopA
xlFormatSetBorderTopA
xlFormatBorderBottomA
xlFormatSetBorderBottomA
xlFormatBorderLeftColorA
xlFormatSetBorderLeftColorA
xlFormatBorderRightColorA
xlFontItalicA
xlFormatBorderTopColorA
xlFormatSetBorderTopColorA
xlFormatBorderBottomColorA
xlFormatSetBorderBottomColorA
xlFormatBorderDiagonalA
xlFormatSetBorderDiagonalA
xlFormatBorderDiagonalStyleA
xlFormatSetBorderDiagonalStyleA
xlFormatBorderDiagonalColorA
xlFormatSetBorderDiagonalColorA
xlFormatFillPatternA
xlFormatSetFillPatternA
xlFormatPatternForegroundColorA
xlFormatSetPatternForegroundColorA
xlFormatPatternBackgroundColorA
xlFormatSetPatternBackgroundColorA
xlFormatLockedA
xlFormatSetLockedA
xlFormatHiddenA
xlFormatSetHiddenA
xlFontSizeA
xlFontColorA
xlSheetGroupColsA
xlSheetGroupRowsA
xlSheetSplitA
xlSheetSetVerPageBreakA
xlSheetSetHorPageBreakA
xlSheetSetPicture2A
xlSheetSetPictureA
xlSheetDelMergeA
xlSheetSetMergeA
xlSheetGetMergeA
xlSheetSetRowA
xlSheetSetColA
xlSheetRowHeightA
xlSheetColWidthA
xlSheetReadErrorA
xlSheetIsDateA
xlSheetWriteCommentA
xlSheetReadCommentA
xlSheetWriteFormulaA
xlSheetReadFormulaA
xlSheetWriteBlankA
xlSheetReadBlankA
xlSheetWriteBoolA
xlSheetReadBoolA
xlSheetWriteNumA
xlSheetReadNumA
xlSheetWriteStrA
xlSheetReadStrA
xlSheetSetCellFormatA
xlSheetCellFormatA
xlSheetIsFormulaA
xlSheetCellTypeA
xlBookErrorMessageA
xlBookSetLocaleA
xlBookSetRgbModeA
xlBookRgbModeA
xlBookSetDefaultFontA
xlBookDefaultFontA
xlBookAddPicture2A
xlBookAddPictureA
xlBookSetActiveSheetA
xlBookActiveSheetA
xlBookColorUnpackA
xlBookColorPackA
xlBookDateUnpackA
xlBookDatePackA
xlBookFontSizeA
xlBookFontA
xlBookFormatSizeA
xlBookFormatA
xlBookCustomNumFormatA
xlBookAddCustomNumFormatA
xlBookAddFontA
xlBookAddFormatA
xlSheetSetNameA
xlSheetNameA
xlBookSheetCountA
xlBookDelSheetA
xlBookGetSheetA
xlBookAddSheetA
xlFormatSetBorderRightColorA
kernel32
SetEnvironmentVariableA
CompareStringW
WriteConsoleW
GetEnvironmentVariableA
Beep
GetTimeZoneInformation
LocalUnlock
LocalLock
GetCommandLineA
HeapSetInformation
GetStartupInfoW
DecodePointer
EncodePointer
RtlUnwind
HeapAlloc
HeapFree
RaiseException
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCurrentDirectoryW
SetCurrentDirectoryW
FindFirstFileExA
GetModuleHandleW
ExitProcess
ExitThread
CreateThread
DuplicateHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThread
HeapCreate
HeapDestroy
GetTickCount
IsProcessorFeaturePresent
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoW
HeapSize
LCMapStringW
FatalAppExitA
SetStdHandle
GetFileInformationByHandle
GetConsoleCP
GetConsoleMode
SetConsoleCtrlHandler
LoadLibraryW
GetStringTypeW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
HeapReAlloc
GetDriveTypeW
CreateFileW
_lclose
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
_lopen
CopyFileA
MoveFileA
LocalFree
FormatMessageA
GetLastError
SizeofResource
LoadResource
GlobalAlloc
FindResourceA
MultiByteToWideChar
WideCharToMultiByte
LockResource
FindResourceW
InterlockedCompareExchange
InterlockedIncrement
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
InterlockedExchangeAdd
FileTimeToSystemTime
OutputDebugStringA
GlobalUnlock
GlobalSize
GlobalLock
_hread
GlobalFree
_lread
_llseek
lstrlenA
GetProfileStringA
FreeLibrary
GetProcAddress
LoadLibraryA
SetLastError
GetVersionExA
CloseHandle
CreateMutexA
OpenMutexA
ReleaseMutex
WaitForSingleObject
WaitForMultipleObjects
CreateEventA
SetEvent
ResetEvent
CreateSemaphoreA
ReleaseSemaphore
FreeResource
EnumResourceLanguagesA
EnumResourceNamesA
EnumResourceTypesA
GetTempPathA
DebugBreak
GetExitCodeProcess
CreateProcessA
GetCurrentProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCurrentDirectoryA
LocalAlloc
GetModuleHandleA
WinExec
GetWindowsDirectoryA
GetSystemDirectoryA
GetModuleFileNameA
GetVersion
GlobalCompact
GlobalUnfix
GlobalReAlloc
GlobalMemoryStatus
GetDriveTypeA
QueryPerformanceCounter
QueryPerformanceFrequency
SetCurrentDirectoryA
LoadModule
AllocConsole
SetConsoleTitleA
lstrcpyA
VirtualAlloc
GlobalAddAtomA
GlobalGetAtomNameA
GlobalDeleteAtom
lstrcatA
GlobalFindAtomA
lstrcmpA
_hwrite
_lcreat
GetProfileIntA
GetPrivateProfileIntA
GetPrivateProfileStringA
WriteProfileStringA
WritePrivateProfileStringA
GlobalFlags
FileTimeToLocalFileTime
GetUserDefaultLCID
GetProcessTimes
SetErrorMode
SetUnhandledExceptionFilter
GetLongPathNameA
GetFullPathNameA
GetDiskFreeSpaceA
GetStdHandle
SearchPathA
CreatePipe
TerminateProcess
CreateFileA
ReadFile
SetEndOfFile
WriteFile
FlushFileBuffers
UnlockFile
UnlockFileEx
LockFile
LockFileEx
SetFilePointer
DeleteFileA
CreateDirectoryA
RemoveDirectoryA
FindFirstFileA
GetFileAttributesA
FindClose
FindNextFileA
CompareFileTime
GetVolumeInformationA
GetTempFileNameA
WaitNamedPipeA
SetNamedPipeHandleState
CreateNamedPipeA
ConnectNamedPipe
DisconnectNamedPipe
PeekNamedPipe
GetComputerNameA
InterlockedDecrement
GetCurrentThreadId
SetCriticalSectionSpinCount
TlsGetValue
TerminateThread
ResumeThread
Sleep
GetSystemTime
GetProcessHeap
user32
CreateDialogParamA
CreateDialogIndirectParamA
SetPropA
GetPropA
ShowWindow
SetFocus
GetFocus
SetForegroundWindow
ExitWindowsEx
CreateCursor
DestroyCursor
GetCursorPos
SetCursorPos
ShowCursor
CallWindowProcA
IsChild
IsIconic
IsZoomed
CloseWindow
SetWindowWord
FindWindowA
GetClassInfoA
IsWindowVisible
WindowFromPoint
IsWindowEnabled
FillRect
GetWindowRect
ScreenToClient
GetParent
InvertRect
MapDialogRect
InvalidateRect
DrawFocusRect
FrameRect
IsDialogMessageA
GetSysColor
CreateWindowExA
MessageBoxA
UpdateWindow
GetClassNameA
MoveWindow
GetDesktopWindow
SetActiveWindow
GetKeyState
GetAsyncKeyState
SetKeyboardState
GetKeyboardState
keybd_event
GetWindowDC
GetWindowThreadProcessId
GetWindowWord
ChildWindowFromPoint
GetNextDlgTabItem
GetDlgCtrlID
GetWindowTextA
GetWindowTextLengthA
GetCaretPos
CreateCaret
DestroyCaret
ShowCaret
SetCaretPos
HideCaret
CreateMenu
CreatePopupMenu
EnableMenuItem
CheckMenuItem
GetMenuItemCount
GetMenuItemID
GetSystemMenu
DestroyMenu
GetSubMenu
GetMenuStringA
GetMenuState
DrawMenuBar
HiliteMenuItem
LoadMenuA
AppendMenuA
SetMenu
ModifyMenuA
InsertMenuA
EndDialog
DrawTextA
LoadBitmapA
GetSystemMetrics
IsMenu
ClientToScreen
CreateAcceleratorTableA
DestroyAcceleratorTable
LoadAcceleratorsA
DefWindowProcA
BeginPaint
EndPaint
WinHelpA
SetWindowsHookExA
CallNextHookEx
SetClassLongA
GetClassLongA
DestroyWindow
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
BringWindowToTop
LoadIconA
DrawIcon
DestroyIcon
SetWindowPos
DrawTextExA
WaitMessage
RegisterClassA
SetClassWord
SetParent
SetCapture
GetCapture
ReleaseCapture
DefFrameProcA
DefMDIChildProcA
SystemParametersInfoA
PtInRect
GetDialogBaseUnits
MapWindowPoints
SetScrollInfo
SetScrollRange
SetScrollPos
GetScrollRange
GetScrollPos
GetClipboardData
IsClipboardFormatAvailable
SetRect
LoadStringA
RedrawWindow
KillTimer
SetTimer
CheckDlgButton
GetLastActivePopup
SetWindowLongA
SetWindowTextA
GetProcessWindowStation
GetUserObjectInformationA
WaitForInputIdle
wsprintfA
IsRectEmpty
SubtractRect
UnionRect
IntersectRect
MsgWaitForMultipleObjects
MapVirtualKeyA
PostMessageA
IsWindow
TrackPopupMenu
GetWindowLongA
GetWindow
ValidateRgn
InvalidateRgn
GetDCEx
GetDC
ReleaseDC
SendMessageA
GetActiveWindow
MessageBeep
RegisterWindowMessageA
LoadCursorA
SetCursor
DialogBoxIndirectParamA
DialogBoxParamA
PeekMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
PostQuitMessage
CharToOemA
OemToCharA
GetDlgItem
RemoveMenu
EnableWindow
GetClientRect
gdi32
ResetDCA
EnumFontFamiliesA
SelectObject
CreateCompatibleBitmap
DeleteObject
BitBlt
UnrealizeObject
CreatePatternBrush
CreateBitmap
RoundRect
GetObjectType
StretchBlt
CreateBitmapIndirect
GetObjectA
SetTextColor
SetBkColor
GetPixel
SetPixel
CreateDIBitmap
CreateHatchBrush
RealizePalette
SelectPalette
PatBlt
GetMapMode
CreateSolidBrush
CreatePalette
SetStretchBltMode
TextOutA
SetBkMode
GetTextExtentPoint32A
SetWindowOrgEx
GetWindowOrgEx
GetViewportOrgEx
SetWindowExtEx
SetViewportExtEx
CreateDCA
GetTextColor
GetBkColor
MoveToEx
CreateBrushIndirect
CreateFontA
AddFontResourceA
RemoveFontResourceA
GetTextFaceA
GetTextMetricsA
EnumFontsA
Rectangle
LineTo
CreatePen
GetStockObject
Arc
Chord
Ellipse
FloodFill
ExtFloodFill
PolyPolygon
SetPolyFillMode
Pie
SetTextAlign
ExtTextOutA
GetTextAlign
SetTextJustification
GetTextExtentPointA
StretchDIBits
SetDIBitsToDevice
GetDIBits
FrameRgn
SetROP2
CreateRectRgn
CreateFontIndirectA
Escape
EndDoc
StartDocA
SetMetaFileBitsEx
PlayMetaFile
GetMetaFileA
DeleteMetaFile
CloseMetaFile
CreateMetaFileA
LPtoDP
SaveDC
SetMapMode
DPtoLP
RestoreDC
GetDeviceCaps
StartPage
EndPage
CreateCompatibleDC
SetViewportOrgEx
DeleteDC
winspool.drv
StartDocPrinterA
StartPagePrinter
WritePrinter
EndPagePrinter
EndDocPrinter
OpenPrinterA
GetPrinterA
ClosePrinter
EnumPrintersA
comdlg32
GetSaveFileNameA
PrintDlgA
CommDlgExtendedError
ChooseFontA
ChooseColorA
GetOpenFileNameA
FindTextA
advapi32
RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueA
RegCreateKeyA
RegSetValueA
RegDeleteKeyA
RegQueryValueExA
RegCloseKey
ReportEventA
DeregisterEventSource
RegisterEventSourceA
GetUserNameA
OpenProcessToken
GetTokenInformation
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
shell32
SHFileOperationA
ShellExecuteExA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetMalloc
SHBrowseForFolderA
SHGetSpecialFolderLocation
ShellAboutA
ExtractIconA
DragAcceptFiles
DragQueryFileA
DragQueryPoint
SHGetSpecialFolderPathA
ole32
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleUninitialize
oleaut32
VariantClear
VariantInit
SysAllocStringLen
SysStringLen
SafeArrayPutElement
SafeArrayCreate
SafeArrayGetDim
VarR8FromDec
VarR8FromCy
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
GetActiveObject
VariantCopy
SysFreeString
wsock32
inet_addr
getpeername
connect
send
closesocket
accept
listen
htonl
bind
socket
htons
getservbyname
gethostbyname
ioctlsocket
gethostbyaddr
gethostname
WSACleanup
WSAAsyncSelect
WSAStartup
inet_ntoa
recv
select
ntohs
getsockname
__WSAFDIsSet
WSASetLastError
shutdown
sendto
recvfrom
setsockopt
WSAGetLastError
winmm
sndPlaySoundA
version
VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA
winhttp
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpReadData
WinHttpQueryDataAvailable
WinHttpOpenRequest
WinHttpSetOption
WinHttpCloseHandle
WinHttpSetStatusCallback
WinHttpOpen
WinHttpConnect
WinHttpCrackUrl
WinHttpQueryHeaders
Exports
Exports
?HB_FUN_HB_LIBDO@@YAXXZ
?HB_FUN_HB_LIBERROR@@YAXXZ
?HB_FUN_LIBFREE@@YAXXZ
?HB_FUN_LIBLOAD@@YAXXZ
hb_vmExecuteDll
hb_vmProcessDllSymbols
Sections
.text Size: 1.8MB - Virtual size: 1.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.5MB - Virtual size: 1.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 339KB - Virtual size: 408KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 187KB - Virtual size: 187KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 151KB - Virtual size: 151KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ