General

Malware Config

Signatures

Files

• 2024-02-10_79d31027c986b4a882f3fa3175104312_mafia

  .exe windows:5 windows x86 arch:x86

  004549afd39c2a4ae14c54a6a72d4d61

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetFileType

  FlushFileBuffers

  CreateFileW

  GetProfileStringA

  lstrcpyA

  MapUserPhysicalPages

  WaitForSingleObject

  Sleep

  ResumeThread

  SetThreadPriority

  SetCommTimeouts

  GetCommTimeouts

  SetCommState

  SetupComm

  GetCurrentThread

  FindResourceA

  VirtualLock

  VirtualAlloc

  DeleteTimerQueueTimer

  CreateTimerQueueTimer

  GetModuleHandleW

  GetCurrentThreadId

  SetStdHandle

  IsValidLocale

  EnumSystemLocalesA

  GetLocaleInfoA

  GetUserDefaultLCID

  GetStringTypeW

  GetSystemTimeAsFileTime

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  IsValidCodePage

  GetOEMCP

  GetACP

  HeapSize

  SetFilePointer

  GetConsoleCP

  SetHandleCount

  HeapCreate

  GetLocaleInfoW

  FormatMessageA

  InitializeCriticalSectionAndSpinCount

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  TerminateProcess

  IsProcessorFeaturePresent

  CreateThread

  ExitThread

  GetCPInfo

  LCMapStringW

  GetStartupInfoW

  HeapSetInformation

  GetCommandLineA

  GetConsoleMode

  RtlUnwind

  HeapReAlloc

  RaiseException

  GetModuleFileNameW

  GetStdHandle

  WriteConsoleW

  ExitProcess

  InterlockedExchangeAdd

  TlsSetValue

  OpenEventA

  GetCurrentProcessId

  CreateWaitableTimerA

  ResetEvent

  GetProcAddress

  SetWaitableTimer

  TlsGetValue

  TlsFree

  TlsAlloc

  DecodePointer

  EncodePointer

  LeaveCriticalSection

  EnterCriticalSection

  DeleteCriticalSection

  InitializeCriticalSection

  InterlockedExchange

  LocalFree

  GetTickCount

  GetModuleFileNameA

  MultiByteToWideChar

  WideCharToMultiByte

  FindResourceW

  CloseHandle

  SetLastError

  _lopen

  GetUserDefaultLangID

  FindResourceExW

  LoadResource

  FindResourceExA

  GetLastError

  SetEvent

  GetCurrentProcess

  DuplicateHandle

  WaitForMultipleObjectsEx

  HeapAlloc

  InterlockedCompareExchange

  InterlockedDecrement

  InterlockedIncrement

  WaitForSingleObjectEx

  GetProcessHeap

  HeapFree

  QueryPerformanceFrequency

  QueryPerformanceCounter

  ReleaseSemaphore

  CreateEventA

  CreateSemaphoreA

  GetModuleHandleA

  WriteFile

  CreateFileA

  GetFileSize

  GlobalAlloc

  ReadFile

  GlobalFree

  LoadLibraryW

  user32

  SendMessageA

  SendDlgItemMessageA

  PostMessageA

  GetDlgItem

  DefWindowProcA

  SetWindowPos

  CreateWindowExA

  DispatchMessageA

  TranslateMessage

  PostQuitMessage

  GetWindowRect

  GetClientRect

  SetDlgItemTextA

  GetMessageA

  UpdateWindow

  ShowWindow

  RegisterClassExA

  LoadCursorA

  LoadIconA

  IsWindow

  EndPaint

  DrawTextA

  BeginPaint

  GetWindowTextLengthA

  GetWindowTextA

  SetWindowTextA

  DestroyWindow

  GetClassInfoExW

  GetDC

  BeginDeferWindowPos

  PostThreadMessageW

  GetMessageW

  CreateWindowExW

  CloseWindow

  SetRect

  FillRect

  IsDlgButtonChecked

  SystemParametersInfoA

  LoadImageA

  CheckMenuItem

  LookupIconIdFromDirectory

  ClientToScreen

  GetCursorPos

  DialogBoxParamA

  EndDialog

  GetWindowLongA

  SetActiveWindow

  CharNextA

  wsprintfA

  GetParent

  GetWindow

  LoadAcceleratorsA

  ReleaseDC

  GetDesktopWindow

  MessageBoxA

  ShowCursor

  AttachThreadInput

  FindWindowExW

  DrawFrameControl

  gdi32

  CreateCompatibleDC

  CreateDIBSection

  TextOutW

  DeleteObject

  Ellipse

  MoveToEx

  GetObjectA

  CreateCompatibleBitmap

  SetPixelV

  StretchBlt

  RestoreDC

  GetTextCharsetInfo

  SetDCPenColor

  ExcludeClipRect

  Pie

  CreateSolidBrush

  SelectObject

  SetTextJustification

  SetTextColor

  GetStockObject

  DeleteDC

  winspool.drv

  DeviceCapabilitiesA

  SetPrinterDataExA

  comdlg32

  FindTextA

  ChooseColorA

  GetSaveFileNameA

  GetOpenFileNameA

  advapi32

  OpenThreadToken

  OpenProcessToken

  PrivilegeCheck

  shell32

  ExtractAssociatedIconA

  DragQueryFileA

  Shell_NotifyIconA

  ole32

  StgCreateDocfile

  odbc32

  ord66

  ord65

  ord41

  comctl32

  InitCommonControlsEx

  ord17

  ws2_32

  WSAStartup

  setupapi

  SetupDiClassGuidsFromNameA

  urlmon

  GetClassURL

  netapi32

  NetWkstaUserGetInfo

  NetShareGetInfo

  wininet

  InternetConnectA

  InternetOpenA

  InternetGetLastResponseInfoA

  InternetCloseHandle

  InternetWriteFile

  FtpOpenFileA

  avifil32

  AVIStreamGetFrameClose

  AVISaveOptions

  Sections

  .text

  Size: 174KB - Virtual size: 174KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 71KB - Virtual size: 70KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 9KB - Virtual size: 20KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .tls

  Size: 512B - Virtual size: 2B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 181KB - Virtual size: 180KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 24KB - Virtual size: 23KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ