2024-02-12_38d64f873c7d61f335a1f5892c37bf11_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-02-12_38d64f873c7d61f335a1f5892c37bf11_mafia
Size

3.5MB
MD5

38d64f873c7d61f335a1f5892c37bf11
SHA1

5f2af9c7855257a8910f32c877d5eae92156570a
SHA256

b535d269204459ba48c86377d8ecf575737c8871489077b72ade432894682924
SHA512

43da51e2ed1e3c7d7a49c385456ef645f24387eb17d3b5d03954c7a4757b1ebdd6896864aaee48a919797ceb595914e473c2f0a83166e8af1d81d1081a692bc7
SSDEEP

98304:uOBCNveKCfEjbMApEmZAsO4J6s+yzwUz0QhO8wKVKoj9ghi1RebMIg9Cbk/V8:uzDf3AX44YrO8wKVKojDIg9Cbk/V8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-12_38d64f873c7d61f335a1f5892c37bf11_mafia

Files

2024-02-12_38d64f873c7d61f335a1f5892c37bf11_mafia
.exe windows:5 windows x86 arch:x86

293eae86c518498c2a254e1064f38930

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Program\Solutech_Site_2015\케이비원경복\Program\BIN_SoluCVT\SoluCVT.pdb

Imports

kernel32

GetProcAddress
GlobalAlloc
GlobalFree
GetLastError
GetCurrentThread
SetEnvironmentVariableA
WriteConsoleW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetDriveTypeW
GetConsoleMode
GetConsoleCP
GetStringTypeW
IsProcessorFeaturePresent
LCMapStringW
GetTimeZoneInformation
IsValidCodePage
FreeLibrary
CloseHandle
GetPrivateProfileStringW
GetPrivateProfileIntW
WritePrivateProfileStringW
SizeofResource
LockResource
LoadResource
FindResourceW
Sleep
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
WideCharToMultiByte
CreateToolhelp32Snapshot
Process32FirstW
OpenProcess
GetPriorityClass
TerminateProcess
GetExitCodeProcess
Process32NextW
CreateEventW
GetCurrentDirectoryW
GlobalLock
GlobalCompact
GlobalUnlock
GetExitCodeThread
TerminateThread
CreateThread
WaitForSingleObject
SetEvent
SetLastError
DeactivateActCtx
ActivateActCtx
GetModuleFileNameW
GetCurrentProcessId
lstrcmpW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CompareStringW
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
HeapSize
HeapQueryInformation
GetFileType
SetStdHandle
ExitThread
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapReAlloc
RaiseException
RtlUnwind
HeapFree
ExitProcess
DecodePointer
EncodePointer
GetSystemTimeAsFileTime
HeapAlloc
GetModuleHandleW
GetVersionExW
GlobalDeleteAtom
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
VirtualProtect
SetErrorMode
SearchPathW
GetProfileIntW
GetNumberFormatW
GetWindowsDirectoryW
GetFileSizeEx
LocalFileTimeToFileTime
GetFileAttributesExW
GetTempPathW
GetTickCount
GetShortPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
MoveFileW
DeleteFileW
lstrcmpiW
GetStringTypeExW
GetSystemDirectoryW
lstrlenA
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
TlsGetValue
LocalAlloc
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
SetFileTime
ReplaceFileW
GetUserDefaultLCID
SuspendThread
ResumeThread
SetThreadPriority
lstrcpyW
lstrcmpA
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
CompareStringA
GetLocaleInfoW
LoadLibraryExW
SystemTimeToFileTime
GetThreadLocale
GlobalGetAtomNameW
ReleaseActCtx
CreateActCtxW
CreateFileW
GetFileSize
GetFileAttributesW
GlobalReAlloc
InterlockedExchange
FileTimeToLocalFileTime
FileTimeToSystemTime
FindFirstFileW
FindNextFileW
FindClose
CopyFileW
GlobalSize
FormatMessageW
LocalFree
MulDiv
lstrlenW
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
LoadLibraryW

user32

GetUpdateRect
CopyIcon
SetCursorPos
UnregisterClassW
RegisterClipboardFormatW
EnumChildWindows
GetMenuDefaultItem
GetKeyNameTextW
SetClassLongW
GetIconInfo
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyW
ToUnicodeEx
GetDoubleClickTime
UpdateLayeredWindow
EnableScrollBar
UnionRect
CopyAcceleratorTableW
CharUpperW
SetLayeredWindowAttributes
EnumDisplayMonitors
RealChildWindowFromPoint
DrawIcon
ShowOwnedPopups
GetMessageW
TranslateMessage
WaitMessage
PostThreadMessageW
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
MonitorFromPoint
WindowFromPoint
SetCapture
UnpackDDElParam
ReuseDDElParam
GetActiveWindow
ReleaseCapture
LoadAcceleratorsW
InsertMenuItemW
GetDesktopWindow
TranslateAcceleratorW
SetParent
LockWindowUpdate
BringWindowToTop
IsIconic
SetRect
GetSysColorBrush
DrawFrameControl
DrawEdge
SystemParametersInfoW
MessageBeep
DestroyMenu
DrawIconEx
DestroyIcon
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
CopyImage
OpenClipboard
DrawStateW
IsClipboardFormatAvailable
GetAsyncKeyState
IsMenu
GetMenuItemInfoW
GetCursorPos
FrameRect
LoadCursorW
KillTimer
SetTimer
InvalidateRect
IsZoomed
GetSystemMenu
SetMenuDefaultItem
DeleteMenu
CreatePopupMenu
IntersectRect
OffsetRect
InflateRect
SetRectEmpty
DestroyAcceleratorTable
NotifyWinEvent
SetWindowRgn
GetMenuStringW
AppendMenuW
InsertMenuW
RemoveMenu
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
ShowWindow
MoveWindow
SetWindowTextW
EnableWindow
FillRect
GetSysColor
DrawFocusRect
CopyRect
GetSystemMetrics
IsDialogMessageW
CheckDlgButton
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SubtractRect
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
CharUpperBuffW
CharNextW
InvalidateRgn
GetNextDlgGroupItem
InvertRect
HideCaret
CreateMenu
GetWindowRgn
DestroyCursor
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
IsWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
SetActiveWindow
IsCharLowerW
MapVirtualKeyExW
SetCursor
SendMessageW
RedrawWindow
wsprintfW
IsRectEmpty
FindWindowW
UpdateWindow
RegisterWindowMessageW
ClientToScreen
MessageBoxW
IsWindowEnabled
GetLastActivePopup
GetWindowLongW
GetParent
GetWindowThreadProcessId
GetSubMenu
LoadMenuW
GetWindowRect
GetWindow
PtInRect
SetWindowPos
SetWindowLongW
GetMenu
CallWindowProcW
DefWindowProcW
GetDlgCtrlID
GetWindowPlacement
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
GetMenuItemCount
GetMenuItemID
PostMessageW
GetClientRect
ValidateRect
IsWindowVisible
ShowScrollBar
SetForegroundWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
SetMenu
GetKeyState
TrackPopupMenu
ScrollWindow
MapWindowPoints
GetMonitorInfoW
MonitorFromWindow
PeekMessageW
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
DestroyWindow
GetTopWindow
GetDlgItem
EndDeferWindowPos
BeginDeferWindowPos
DispatchMessageW
DefFrameProcW

gdi32

SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
GetDeviceCaps
CreatePen
CreateSolidBrush
CreateHatchBrush
CopyMetaFileW
CreateDCW
CreateRectRgnIndirect
GetTextMetricsW
GetTextExtentPoint32W
SetDIBColorTable
PatBlt
GetDIBits
RealizePalette
CreateCompatibleBitmap
CombineRgn
StretchBlt
SetPixel
CreateDIBSection
CreateEllipticRgn
CreatePolygonRgn
GetBkColor
GetTextColor
Polyline
Ellipse
Polygon
Rectangle
OffsetWindowOrgEx
CreateRoundRectRgn
CreateFontIndirectW
DPtoLP
LPtoDP
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
ScaleViewportExtEx
GetMapMode
OffsetRgn
GetRgnBox
GetPixel
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
SetLayout
SetWindowOrgEx
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
SetRectRgn
SetROP2
SetBkColor
GetObjectW
CreateBitmap
SaveDC
RestoreDC
SetBkMode
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
SetPolyFillMode
RoundRect

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

SetFileSecurityW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
RegEnumValueW
RegEnumKeyExW
GetFileSecurityW
RegOpenKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegSetValueW

shell32

SHBrowseForFolderW
DragFinish
DragQueryFileW
SHAppBarMessage
SHGetFileInfoW
SHGetDesktopFolder
ExtractIconW
SHAddToRecentDocs
ShellExecuteW
SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation

comctl32

ImageList_GetIconSize
InitCommonControlsEx

shlwapi

PathFindFileNameW
PathStripToRootW
PathRemoveFileSpecW
PathIsUNCW
PathFindExtensionW

ole32

DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
StgCreateDocfileOnILockBytes
CoGetClassObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
OleLockRunning
CoCreateGuid
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CLSIDFromString
CreateStreamOnHGlobal
OleDuplicateData
StringFromCLSID
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoRegisterMessageFilter
CLSIDFromProgID
OleRun
CoCreateInstance
CoUninitialize
CoInitialize
CoRevokeClassObject
CoInitializeEx

oleaut32

SysStringByteLen
SysAllocStringByteLen
VariantChangeType
SysStringLen
SysAllocStringLen
VariantClear
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
OleCreateFontIndirect
GetErrorInfo
SysFreeString
SysAllocString
VariantInit

oledlg

OleUIBusyW

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree

biautoprint

BIAPGetErrorStringW
BIAPGetLastError
BIAPEndPrinting
BIAPUnInitialize
BIAPInitialize
BIAPStartPrintingW

blicectr

ord5
ord3

bipdf

?SaveDIBAsColorPDFPageW@CCreatePDF@@QAEHPAXPB_WKH@Z
?GetLastPDFErrorText@CCreatePDF@@QAEHPAD@Z
??1CCreatePDF@@QAE@XZ
?PDF_GetLastError@CCreatePDF@@QAEKXZ
?FinishPDF@CCreatePDF@@QAEHXZ
?CreatePDFW@CCreatePDF@@QAEHPB_W@Z
??0CCreatePDF@@QAE@XZ

bitiff

ord296
ord286

bijpeg

ord29

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 376KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

293eae86c518498c2a254e1064f38930

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

biautoprint

blicectr

bipdf

bitiff

bijpeg

oleacc

imm32

winmm

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 376KB - Virtual size: 376KB

.data Size: 30KB - Virtual size: 60KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 177KB - Virtual size: 177KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 376KB - Virtual size: 376KB

.data
Size: 30KB - Virtual size: 60KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 177KB - Virtual size: 177KB