2024-02-12_c8454da3e8849a34fe7b023d67749e23_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-12_c8454da3e8849a34fe7b023d67749e23_mafia
Size

9.1MB
MD5

c8454da3e8849a34fe7b023d67749e23
SHA1

54e131e317f253c5b8573b455ec4d9440f91f355
SHA256

35a3d895117bc58356c487629d250df1c3fdcb7fe97219682fcf47107e9fe15f
SHA512

d5cb08ea95aa1f5c7c7b598f140526256373353866e6f72c3af57c898f29462ce7a631727e86b5ddbde16572660084e907e9022c66e2d3502ff2272e9910cda2
SSDEEP

196608:BXdJX6wJl2zn+sIwdBXxCCujmsfG+XUlocTuepOI7JK:727dxCCujmse+2/q+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-12_c8454da3e8849a34fe7b023d67749e23_mafia

Files

2024-02-12_c8454da3e8849a34fe7b023d67749e23_mafia
.exe windows:5 windows x86 arch:x86

05d8f5bb5f47c25d7fc0ee46e34e3f81

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\data\Software.MFC\AutoprintFaxes\Ver32\AutoprintFaxes.pdb

Imports

fontsub

CreateFontPackage

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
IsProcessorFeaturePresent
WriteConsoleW
GetLocaleInfoW
IsValidCodePage
LCMapStringW
CompareStringW
GetStringTypeW
EnumSystemLocalesA
IsValidLocale
CopyFileA
GetModuleFileNameA
FindResourceW
SizeofResource
LockResource
LoadResource
WideCharToMultiByte
CloseHandle
WriteFile
SetFilePointer
CreateFileW
GetCurrentProcessId
GetCurrentThreadId
CreateFileA
InterlockedIncrement
InterlockedDecrement
lstrlenA
HeapQueryInformation
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryA
IsBadWritePtr
IsBadReadPtr
SetEndOfFile
LocalFree
FormatMessageA
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetFileAttributesW
SetFileAttributesW
GetTempPathW
FindClose
FindFirstFileA
FindFirstFileW
FileTimeToSystemTime
SetFileTime
Sleep
SetEnvironmentVariableA
GetTimeFormatA
CreateThread
ExitThread
HeapReAlloc
GetConsoleMode
GetConsoleCP
HeapAlloc
HeapFree
GetFileType
PeekNamedPipe
GetFileInformationByHandle
GetStartupInfoW
HeapSetInformation
DecodePointer
EncodePointer
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathA
GetProfileIntA
GetNumberFormatA
GetOEMCP
LocalReAlloc
GlobalFlags
lstrcpyA
GetSystemDirectoryW
GetFileAttributesExA
ReleaseActCtx
CreateActCtxW
GlobalFindAtomA
InitializeCriticalSectionAndSpinCount
lstrcmpW
lstrlenW
GetPrivateProfileIntA
ResumeThread
SetThreadPriority
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
DeleteFileW
CreateDirectoryW
RemoveDirectoryW
GetTickCount
SetUnhandledExceptionFilter
SetStdHandle
GetFileTime
HeapSize
GetSystemDefaultUILanguage
lstrcmpA
QueryPerformanceFrequency
QueryPerformanceCounter
CreateMutexA
InterlockedExchange
DuplicateHandle
GetFileSize
UnlockFile
LockFile
FlushFileBuffers
ActivateActCtx
DeactivateActCtx
SetLastError
lstrcmpiA
GetFileAttributesA
GetTempPathA
GetTempFileNameA
GetCurrentDirectoryA
GlobalSize
CompareStringA
CreateEventA
DeleteFileA
DisableThreadLibraryCalls
EnumCalendarInfoA
FileTimeToDosDateTime
GetACP
GetCPInfo
GetDateFormatA
GetDiskFreeSpaceA
GetFullPathNameA
GetFullPathNameW
GetProfileStringA
GetStringTypeExA
GlobalHandle
GlobalReAlloc
LoadLibraryW
LocalFileTimeToFileTime
ResetEvent
SetErrorMode
SetEvent
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetStdHandle
RaiseException
ReleaseMutex
RtlUnwind
UnhandledExceptionFilter
ExitProcess
GetCommandLineA
GetLocaleInfoA
GetStartupInfoA
GetThreadLocale
LoadLibraryExA
lstrcpynA
VirtualQuery
GetVersion
LocalAlloc
VirtualAlloc
VirtualFree
DeleteCriticalSection
GetVolumeInformationA
GetFileSizeEx
ReadFile
MulDiv
IsDebuggerPresent
DebugBreak
GetLocalTime
GlobalGetAtomNameA
GlobalDeleteAtom
GlobalAddAtomA
WritePrivateProfileStringA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
MoveFileA
FindResourceA
FreeResource
GetCurrentProcess
GetWindowsDirectoryA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetPrivateProfileStringA
GetSystemInfo
GetSystemTimeAsFileTime
GetVersionExA
ReleaseSemaphore
GetProcessHeap
GetTimeZoneInformation
SystemTimeToFileTime
FindNextFileW
FileTimeToLocalFileTime
TerminateProcess
WaitForSingleObject

user32

GetNextDlgGroupItem
HideCaret
InvertRect
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadImageA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
SetCursorPos
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CopyAcceleratorTableA
DrawFocusRect
DrawFrameControl
DrawEdge
SetClassLongA
DestroyAcceleratorTable
SetParent
UnregisterClassA
CopyImage
GetMenuDefaultItem
SetMenuDefaultItem
GetMenuItemInfoA
CreatePopupMenu
IsMenu
DestroyMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
IsRectEmpty
NotifyWinEvent
MessageBeep
SetWindowRgn
GetSystemMenu
LoadMenuW
IntersectRect
OffsetRect
InflateRect
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
RealChildWindowFromPoint
GetSysColorBrush
LoadCursorW
SetLayeredWindowAttributes
SystemParametersInfoA
SetRectEmpty
DeleteMenu
MapVirtualKeyA
GetKeyNameTextA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetPropA
RemovePropA
SetFocus
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
RedrawWindow
CreateWindowExA
GetClassInfoExA
LoadImageW
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
DrawStateA
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
UnhookWindowsHookEx
ScreenToClient
ClientToScreen
PtInRect
RegisterWindowMessageA
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
ShowOwnedPopups
SetCursor
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
IsWindowVisible
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
PostMessageA
PostQuitMessage
CharUpperBuffA
CharLowerBuffA
CharUpperBuffW
CreateIcon
DestroyIcon
DrawIconEx
GetIconInfo
wvsprintfA
CharNextA
LoadStringA
GetKeyboardType
GetParent
GetWindow
LockWindowUpdate
GetWindowRect
IsZoomed
MonitorFromWindow
EnumDisplayMonitors
UnionRect
CopyRect
GetMonitorInfoA
ShowScrollBar
RegisterClipboardFormatA
FrameRect
CopyIcon
PostThreadMessageA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
IsClipboardFormatAvailable
GetUpdateRect
GetDoubleClickTime
IsCharLowerA
MapVirtualKeyExA
SubtractRect
SendMessageW
GetWindowTextLengthA
GetSysColor
InvalidateRect
UpdateWindow
MapDialogRect
SetRect
GetKeyState
DestroyCursor
GetWindowRgn
GetClassInfoA
MessageBoxA
GetWindowTextA
GetClassNameA
GetWindowLongA
GetClipboardData
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetForegroundWindow
KillTimer
BringWindowToTop
FillRect
LoadIconA
LoadCursorA
GetDesktopWindow
GetDC
ReleaseDC
SetTimer
GetMessageA
GetAsyncKeyState
GetFocus
GetDlgCtrlID
SetWindowTextW
CharLowerA
CharUpperA
MsgWaitForMultipleObjects
PeekMessageA
TranslateMessage
DispatchMessageA
CharToOemA
LoadIconW
EnableWindow
GetClientRect
IsIconic
SendMessageA
DrawIcon
GetSystemMetrics
SetPropA

gdi32

GetGlyphOutlineW
GetGlyphIndicesW
GetGlyphIndicesA
GetFontLanguageInfo
GetFontData
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileDescriptionA
GetEnhMetaFileBits
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetCurrentPositionEx
GetCharWidthW
GetCharWidth32W
GetBrushOrgEx
GetBitmapBits
GdiFlush
FillPath
ExtTextOutA
ExtEscape
EnumFontsA
EnumFontFamiliesExA
EnumEnhMetaFile
EndPath
EndPage
EndDoc
DeleteEnhMetaFile
DeleteDC
CreateScalableFontResourceW
CreatePenIndirect
CreatePalette
CreateICA
CreateEnhMetaFileA
CreateDIBitmap
CreateDIBSection
CreateDCA
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileA
CombineTransform
CloseFigure
CloseEnhMetaFile
BitBlt
BeginPath
AddFontResourceW
CreatePen
CombineRgn
SaveDC
RestoreDC
SetPolyFillMode
SetMapMode
GetClipBox
ExcludeClipRect
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetKerningPairs
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
GetObjectType
CreateHatchBrush
CopyMetaFileA
CreateRectRgnIndirect
EnumFontFamiliesA
GetTextCharsetInfo
CreateRoundRectRgn
SetRectRgn
DPtoLP
CreatePolygonRgn
GetBkColor
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
GetNearestPaletteIndex
OffsetRgn
GetRgnBox
Rectangle
ExtFloodFill
LPtoDP
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
SetPixelV
GetOutlineTextMetricsW
GetOutlineTextMetricsA
GetPaletteEntries
GetPixel
GetStockObject
GetSystemPaletteEntries
GetTextFaceA
GetWinMetaFileBits
GetWindowOrgEx
IntersectClipRect
GetTextMetricsA
GetTextExtentPoint32A
SelectObject
CreateFontIndirectA
CreateSolidBrush
GetObjectA
DeleteObject
GetTextExtentPointW
CreateCompatibleBitmap
CreateHalftonePalette
CreateCompatibleDC
UnrealizeObject
StrokePath
StrokeAndFillPath
StretchDIBits
StretchBlt
StartPage
StartDocW
StartDocA
SetWinMetaFileBits
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
SetPaletteEntries
SetICMMode
SetEnhMetaFileBits
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SetAbortProc
SelectPalette
RemoveFontResourceW
RealizePalette
PolyBezierTo
PlayEnhMetaFile
PatBlt
MoveToEx
LineTo
MaskBlt

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

GetJobA
OpenPrinterA
EnumPrintersA
DocumentPropertiesA
DeviceCapabilitiesA
ClosePrinter
ord203
SetJobA
EnumPrintersW

advapi32

ReportEventA
RegisterEventSourceA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegEnumKeyExA
RegEnumValueA
DeregisterEventSource
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHGetFileInfoA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHAppBarMessage
ShellExecuteA
DragQueryFileA
DragFinish
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc

comctl32

ImageList_GetIconSize

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW

ole32

IsAccelerator
RevokeDragDrop
CoCreateGuid
CoInitialize
CoUninitialize
CoInitializeEx
CoCreateInstance
CLSIDFromProgID
CoTaskMemFree
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CreateStreamOnHGlobal
DoDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
CoLockObjectExternal
OleLockRunning
OleGetClipboard
RegisterDragDrop

oleaut32

SysAllocString
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringLen
GetErrorInfo
VariantCopy
VariantCopyInd
VariantChangeType
SafeArrayCreate
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex
SysAllocStringLen
SysReAllocStringLen
VariantClear
VariantInit
SysFreeString

gdiplus

GdipDrawImageI
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipDisposeImage
GdipGetImageHeight
GdipGetImageWidth
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipAlloc
GdiplusStartup
GdiplusShutdown
GdipFree

ws2_32

recv
send
WSAStartup
socket
WSAGetLastError
htons
gethostbyname
connect
gethostname
closesocket

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CODE
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 372KB - Virtual size: 455KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 381KB - Virtual size: 381KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05d8f5bb5f47c25d7fc0ee46e34e3f81

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

fontsub

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

CODE Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 372KB - Virtual size: 455KB

DATA Size: 134KB - Virtual size: 134KB

BSS Size: 12KB - Virtual size: 12KB

.rsrc Size: 2.4MB - Virtual size: 2.4MB

.reloc Size: 381KB - Virtual size: 381KB

.text
Size: 2.3MB - Virtual size: 2.3MB

CODE
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 372KB - Virtual size: 455KB

DATA
Size: 134KB - Virtual size: 134KB

BSS
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

.reloc
Size: 381KB - Virtual size: 381KB