2024-02-14_5c2d194725732d3db82d480085910c45_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-02-14_5c2d194725732d3db82d480085910c45_mafia
Size

6.0MB
MD5

5c2d194725732d3db82d480085910c45
SHA1

ea17c75ec231c85c28e77f32a77d6c31518f4eb9
SHA256

eef798a9bfa5a27c67f35aa105fa0e013587e19f98da97b0d28118ca278c74bc
SHA512

d8aa07aebde547a9e6910462c6944219aa974071d0f47c65c88e4edf285ce09416ef15b85a83b22f7dfd81029cbb5a1350aeb03fb72411f9d8dbaf96d7e38d5f
SSDEEP

196608:j4UDFnOa+zG1umIoZDe4DtNOZsv/pYW1:UUDFnOa+zG1umIoZDe4DtNWE/pl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-14_5c2d194725732d3db82d480085910c45_mafia

Files

2024-02-14_5c2d194725732d3db82d480085910c45_mafia
.exe windows:5 windows x86 arch:x86

c1aa9e0559c3c857066e653832bfd060

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

freeaddrinfo
WSASetLastError
sendto
recvfrom
accept
listen
connect
socket
closesocket
getpeername
getsockopt
htons
bind
getsockname
setsockopt
ntohl
send
recv
WSAGetLastError
WSAStartup
WSACleanup
ntohs
getaddrinfo
shutdown
gethostname
ioctlsocket
select
__WSAFDIsSet

wldap32

ord33
ord200
ord79
ord32
ord30
ord26
ord301
ord60
ord143
ord211
ord22
ord46
ord27
ord41
ord50
ord35

comctl32

ImageList_SetDragCursorImage
ord16
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_Destroy
ImageList_Create
ImageList_Add
ImageList_EndDrag
ImageList_DragLeave
ImageList_DragEnter
ImageList_DragMove
ImageList_BeginDrag
ord17
ImageList_SetBkColor
ImageList_Draw
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon

rpcrt4

UuidToStringW
RpcStringFreeW

wsock32

gethostbyaddr
getservbyname
htonl
ioctlsocket
gethostbyname

kernel32

GetTempFileNameW
CreateMutexW
TlsSetValue
ExitProcess
SetThreadPriority
ResumeThread
TlsGetValue
GetCurrentProcess
TlsFree
TlsAlloc
LocalFree
FormatMessageW
GetACP
IsValidLocale
GetLocaleInfoW
SetThreadLocale
QueryPerformanceFrequency
GetEnvironmentVariableW
GetCPInfo
IsValidCodePage
GetComputerNameW
GetModuleHandleW
TerminateProcess
GetModuleFileNameW
WriteFile
SetEvent
CreatePipe
SetNamedPipeHandleState
GetExitCodeProcess
CreateEventW
CreateThread
CreateProcessW
DuplicateHandle
GetSystemTimeAsFileTime
OutputDebugStringW
GetCurrentThread
RaiseException
FindNextFileW
IsBadReadPtr
IsBadStringPtrA
SetFilePointer
CreateFileA
LocalAlloc
lstrlenA
GetFileTime
GetTempPathW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindFirstFileW
ExpandEnvironmentStringsW
SetCurrentDirectoryW
InterlockedExchange
EncodePointer
CopyFileW
GetFileAttributesW
CreateFileW
DebugBreak
WideCharToMultiByte
GetProcessHeap
HeapSize
GlobalSize
GlobalFree
GlobalAlloc
GlobalUnlock
GlobalLock
SetErrorMode
SetConsoleCursorPosition
FillConsoleOutputCharacterW
WriteConsoleW
WriteConsoleA
GetConsoleScreenBufferInfo
ReadConsoleOutputCharacterA
FreeConsole
GetVersionExW
GetCommandLineW
LoadLibraryW
MulDiv
InterlockedIncrement
DecodePointer
HeapFree
RtlUnwind
InterlockedDecrement
FindClose
Sleep
WaitForMultipleObjects
PeekNamedPipe
ReadFile
FormatMessageA
WaitForSingleObject
GetVersionExA
LoadLibraryA
FreeLibrary
CloseHandle
GlobalMemoryStatus
GetCurrentProcessId
QueryPerformanceCounter
GetTickCount
MultiByteToWideChar
SleepEx
SetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
FlushConsoleInputBuffer
GetStdHandle
GetFileType
GetVersion
GetModuleHandleA
GetProcAddress
GetLastError
GetCurrentThreadId
HeapAlloc
HeapReAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
SetConsoleCtrlHandler
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
ExitThread
GetFileInformationByHandle
GetDriveTypeA
FindFirstFileExA
GetTimeZoneInformation
GetTimeFormatW
GetDateFormatW
DeleteFileW
GetConsoleCP
FlushFileBuffers
SetStdHandle
InitializeCriticalSectionAndSpinCount
MoveFileW
GetFullPathNameW
LCMapStringW
IsProcessorFeaturePresent
HeapCreate
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetOEMCP
GetFullPathNameA
GetCurrentDirectoryW
SetEndOfFile
GetStringTypeW
GetDriveTypeW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
CompareStringW

user32

WaitForInputIdle
KillTimer
SetTimer
DdeFreeStringHandle
DdeUninitialize
DdeQueryStringW
DdeFreeDataHandle
DdeGetData
DdeCreateDataHandle
DdeGetLastError
DdeInitializeW
DdeDisconnect
DdeClientTransaction
DdeCreateStringHandleW
DdeNameService
DdeConnect
DdePostAdvise
SetRect
CheckMenuRadioItem
CheckMenuItem
GetSysColorBrush
ValidateRgn
ChildWindowFromPoint
CreateMenu
AppendMenuW
ModifyMenuW
RemoveMenu
InsertMenuItemW
InsertMenuW
CreatePopupMenu
SetMenuItemInfoW
GetSubMenu
DestroyMenu
GetMenuState
UnionRect
EndPaint
BeginPaint
GetWindowDC
PostThreadMessageW
ValidateRect
GetMessageW
DrawIconEx
DrawFrameControl
TranslateAcceleratorW
CreateAcceleratorTableW
DestroyAcceleratorTable
DestroyCursor
SetActiveWindow
GetWindowTextW
GetClassNameW
MessageBeep
FindWindowExW
LoadCursorW
MsgWaitForMultipleObjects
MessageBoxW
GetDoubleClickTime
keybd_event
GetWindowTextLengthW
HideCaret
CreateIconIndirect
PostMessageW
SetMenu
SetWindowRgn
RegisterClassW
UnregisterClassW
GetSystemMenu
EnableMenuItem
DrawMenuBar
GetWindowPlacement
GetDialogBaseUnits
FlashWindow
IsIconic
IsZoomed
SetForegroundWindow
BringWindowToTop
DrawFocusRect
EnumDisplaySettingsW
CopyRect
DrawTextW
GetDlgItem
CreateDialogParamW
InflateRect
PtInRect
UnregisterHotKey
RegisterHotKey
SetWindowsHookExW
GetMenuItemCount
GetMenuItemInfoW
SystemParametersInfoW
BeginDeferWindowPos
EndDeferWindowPos
MapWindowPoints
GetUpdateRgn
GetWindowRect
DeferWindowPos
MoveWindow
UpdateWindow
SetCursorPos
ReleaseCapture
SetFocus
DestroyWindow
GetClientRect
GetSysColor
SetWindowTextW
IsWindow
CallWindowProcW
DefWindowProcW
FillRect
InvalidateRect
SetCursor
IsDialogMessageW
TrackPopupMenu
GetCapture
CallNextHookEx
UnhookWindowsHookEx
ChildWindowFromPointEx
GetWindow
GetActiveWindow
GetMessageTime
IsWindowEnabled
IsWindowVisible
ClientToScreen
ScreenToClient
RedrawWindow
SetParent
WindowFromPoint
GetParent
ScrollWindow
EnableScrollBar
SetScrollInfo
GetScrollInfo
SetCapture
SetWindowPos
ShowWindow
GetFocus
EnableWindow
SetWindowLongW
GetWindowLongW
GetAsyncKeyState
VkKeyScanW
MapVirtualKeyW
GetDC
ReleaseDC
PeekMessageW
DispatchMessageW
TranslateMessage
PostQuitMessage
SendMessageW
AdjustWindowRectEx
ShowCursor
GetClipboardFormatNameW
IsClipboardFormatAvailable
CreateDialogIndirectParamW
RegisterClipboardFormatW
GetCursorPos
GetMessagePos
LoadImageW
DestroyIcon
GetSystemMetrics
GetIconInfo
LoadBitmapW
LoadIconW
GetKeyState
MessageBoxA
GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW
ChangeDisplaySettingsW
wsprintfW
DrawEdge
OffsetRect
DrawStateW
CreateWindowExW

gdi32

GetBkColor
SetMapMode
SetViewportExtEx
SetWindowExtEx
SetWindowOrgEx
PolyBezier
SetPixel
GetPixel
SetViewportOrgEx
SetROP2
Polyline
GetClipBox
PtInRegion
EqualRgn
GetRgnBox
CreateHatchBrush
ExtCreatePen
GetNearestPaletteIndex
GetPaletteEntries
DeleteObject
GetDIBColorTable
SelectObject
SetStretchBltMode
ExtSelectClipRgn
ExtFloodFill
GetCharABCWidthsW
GetTextExtentExPointW
Arc
Pie
Polygon
SetPolyFillMode
PolyPolygon
Rectangle
RoundRect
Ellipse
MaskBlt
ExtTextOutW
StretchDIBits
SetBrushOrgEx
StretchBlt
SaveDC
RestoreDC
CreateICW
GetSystemPaletteEntries
EnumFontFamiliesExW
SetAbortProc
StartDocW
EndDoc
StartPage
EndPage
CreateDCW
GetEnhMetaFileW
DeleteEnhMetaFile
GetEnhMetaFileHeader
CreateEnhMetaFileW
PlayEnhMetaFile
CloseEnhMetaFile
CreatePalette
CreateDIBitmap
GetDIBits
CreateDIBSection
MoveToEx
LineTo
GetStockObject
CreatePatternBrush
SetTextAlign
RectInRegion
CreateRectRgnIndirect
CombineRgn
SelectClipRgn
CreateBitmap
GetRegionData
ExtCreateRegion
OffsetRgn
CreatePen
CreateSolidBrush
SetBkMode
SetTextColor
SetBkColor
GetOutlineTextMetricsW
CreateFontIndirectW
BitBlt
DeleteDC
CreateRectRgn
GdiFlush
GetTextExtentPoint32W
SelectPalette
RealizePalette
GetTextMetricsW
GetObjectW
CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
ExcludeClipRect

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

comdlg32

CommDlgExtendedError
ChooseFontW
ChooseColorW
PrintDlgW
PageSetupDlgW
GetOpenFileNameW
GetSaveFileNameW

advapi32

RegDeleteKeyW
RegSetValueExW
RegQueryValueExW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
RegisterEventSourceA
ReportEventA
DeregisterEventSource
GetUserNameW

shell32

SHGetPathFromIDListW
SHGetMalloc
ShellExecuteExW
DragQueryFileW
DragQueryPoint
DragFinish
DragAcceptFiles
ExtractIconExW
ExtractIconW
SHGetSpecialFolderLocation

ole32

CoCreateInstance
CoTaskMemAlloc
RevokeDragDrop
OleUninitialize
OleInitialize
OleLockRunning
OleRun
OleSetContainedObject
RegisterDragDrop
CoLockObjectExternal
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
ReleaseStgMedium
OleGetClipboard

oleaut32

VariantTimeToSystemTime
SysStringLen
SystemTimeToVariantTime
SafeArrayUnlock
SafeArrayCreate
SafeArrayLock
SysReAllocString
SysFreeString
VariantClear
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
VariantInit
SysAllocString

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 327KB - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 334KB - Virtual size: 333KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1aa9e0559c3c857066e653832bfd060

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

wldap32

comctl32

rpcrt4

wsock32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 2.3MB - Virtual size: 2.3MB

.data Size: 78KB - Virtual size: 284KB

.tls Size: 512B - Virtual size: 13B

.rsrc Size: 327KB - Virtual size: 327KB

.reloc Size: 334KB - Virtual size: 333KB

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 2.3MB - Virtual size: 2.3MB

.data
Size: 78KB - Virtual size: 284KB

.tls
Size: 512B - Virtual size: 13B

.rsrc
Size: 327KB - Virtual size: 327KB

.reloc
Size: 334KB - Virtual size: 333KB