2024-02-19_8572d157233c055a6df8abc96a27ebd4_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-02-19_8572d157233c055a6df8abc96a27ebd4_mafia
Size

1.3MB
MD5

8572d157233c055a6df8abc96a27ebd4
SHA1

63bc25d2f71957811c48775ece5877dfabb34401
SHA256

10962a5e69c0f4c3292bb3c64634142984804834690ec47365ef3b3c270eb0cb
SHA512

b60343cc221ccde1a349605dfdaa46f3ba843d72ea5f27bee80e4294099ebb4b67cc4919af97312b502457d749ec4a2efacf99ec6a048fa32b91172747121eaf
SSDEEP

24576:ZHFjcGXT8lpb9opCMxnlnZs1OT6HnrPxFqMLHVUVbYoZoJx7/VwGDgdXvTOqWW6:ZHFgGkpb9opCMxnlnZs1OT6HnrPx3LmY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-19_8572d157233c055a6df8abc96a27ebd4_mafia

Files

2024-02-19_8572d157233c055a6df8abc96a27ebd4_mafia
.exe windows:5 windows x86 arch:x86

f7331af68a8531b33df080b1a9246301

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipAlloc
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromGdiDib
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCloneImage
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipDeleteBrush
GdipDeleteGraphics
GdipGetImageRawFormat
GdipGetImagePixelFormat
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToFile
GdiplusStartup
GdiplusShutdown
GdipCloneBrush
GdipDrawImageRectI
GdipFillRectangleI
GdipGetImageGraphicsContext
GdipCreateSolidFill
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipFree

kernel32

TerminateThread
FindCloseChangeNotification
FindNextChangeNotification
ResetEvent
WaitForMultipleObjects
FindFirstChangeNotificationW
CreateEventW
InitializeCriticalSection
GetFullPathNameW
SetFileTime
SystemTimeToFileTime
TzSpecificLocalTimeToSystemTime
GetTimeZoneInformation
MultiByteToWideChar
FindNextFileW
FindClose
FindFirstFileW
lstrlenA
DebugBreak
OutputDebugStringW
GetVersionExW
GetFileAttributesW
QueryPerformanceCounter
GetTickCount
QueryPerformanceFrequency
GetFileSizeEx
GetTimeFormatW
GetDateFormatW
GetShortPathNameW
ReadFile
GetFileSize
GlobalFree
MoveFileW
DeleteFileW
WriteFile
lstrcmpiW
FreeLibrary
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
CreateMutexW
GetLocaleInfoW
GetThreadLocale
SetEvent
FormatMessageW
CopyFileW
SetFilePointer
CreateDirectoryW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetCommandLineW
CreateProcessW
VirtualFree
VirtualAlloc
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
MoveFileExW
Sleep
LoadLibraryW
GetSystemTime
GetProcessHeap
HeapFree
InterlockedPushEntrySList
InterlockedCompareExchange
LoadLibraryA
InterlockedExchange
LocalAlloc
InterlockedPopEntrySList
RtlUnwind
ExitThread
WaitForSingleObject
CreateFileW
ResumeThread
CreateThread
DecodePointer
EncodePointer
HeapSetInformation
GetStartupInfoW
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetFileTime
CloseHandle
WideCharToMultiByte
GlobalAlloc
GlobalLock
GlobalUnlock
SetLastError
GetCurrentThreadId
RaiseException
InterlockedDecrement
InterlockedIncrement
MulDiv
lstrcmpW
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
GetModuleFileNameW
lstrlenW
GetModuleHandleW
IsProcessorFeaturePresent
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
HeapCreate
HeapReAlloc
HeapSize
GetStdHandle
SetHandleCount
GetFileType
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetCurrentProcessId
CreateFileA
GetStringTypeW
CompareStringW
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
SetStdHandle
FlushFileBuffers
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
SetEndOfFile
SetEnvironmentVariableA
HeapAlloc
LocalFree
SetEnvironmentVariableW

user32

ShowWindow
SetCursor
EnumDisplayMonitors
CopyRect
EnableWindow
EnumWindows
SendMessageTimeoutW
GetActiveWindow
ShowCursor
DialogBoxParamW
EqualRect
PtInRect
GetMenuItemCount
GetMenuStringW
GetMenuItemID
SetMenuItemInfoW
GetSubMenu
DeleteMenu
AppendMenuW
OffsetRect
DrawTextW
InflateRect
CharLowerW
GetSystemMetrics
LoadImageW
CharUpperW
GetKeyState
GetWindowRect
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
MessageBoxW
PostMessageW
LoadStringW
SetClipboardData
RemovePropW
KillTimer
CloseClipboard
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
CreateAcceleratorTableW
RegisterClassExW
LoadCursorW
GetClassInfoExW
IsWindow
SetFocus
GetFocus
GetWindow
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
CallWindowProcW
GetPropW
SetPropW
FrameRect
GetSysColorBrush
IsWindowEnabled
SetClassLongW
PeekMessageW
DestroyWindow
FillRect
ReleaseCapture
GetClassNameW
GetParent
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
SetWindowPos
MoveWindow
EnableMenuItem
IsClipboardFormatAvailable
SetWindowPlacement
GetWindowPlacement
TrackPopupMenu
IsZoomed
LoadMenuW
CheckMenuItem
DestroyMenu
UpdateWindow
SetCursorPos
SetTimer
OpenClipboard
GetCursorPos
CharNextW
GetSysColor
GetClipboardData
MonitorFromPoint
DefWindowProcW
GetDlgItem
GetClientRect
SendMessageW
CreateWindowExW
GetWindowLongW
SetWindowLongW
EndDialog
IntersectRect
IsRectEmpty
UnregisterClassA
EmptyClipboard

gdi32

CreateRectRgn
SetBkColor
SetROP2
ExtSelectClipRgn
SelectClipRgn
ExtTextOutW
ExcludeClipRect
Arc
Ellipse
SetBkMode
TextOutW
GetTextExtentPoint32W
CreatePen
Rectangle
LineTo
MoveToEx
DPtoLP
CreateFontW
GetTextFaceW
GetTextMetricsW
CreateFontIndirectW
SetDIBitsToDevice
SetTextColor
GetStockObject
GetObjectW
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
ExtCreatePen
DeleteObject
SelectObject

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

AddAccessAllowedAce
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegGetKeySecurity
GetSecurityDescriptorDacl
GetAclInformation
AllocateAndInitializeSid
InitializeAcl
RegOpenKeyExW
GetAce
AddAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetKeySecurity
FreeSid
RegSetValueExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW

shell32

ShellExecuteW
DragQueryFileW
DragFinish
DragAcceptFiles
SHCreateDirectoryExW
SHGetSpecialFolderPathW
SHGetFolderPathW

ole32

OleLockRunning
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoTaskMemAlloc
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
ProgIDFromCLSID
CoTaskMemRealloc
CoTaskMemFree
CoUninitialize
CoInitialize
StringFromGUID2

oleaut32

VariantInit
VarUI4FromStr
OleCreateFontIndirect
LoadTypeLi
LoadRegTypeLi
DispCallFunc
SysAllocString
SysAllocStringLen
VariantClear
SysStringLen
SysFreeString

shlwapi

StrCmpLogicalW

comctl32

InitCommonControlsEx

msimg32

AlphaBlend

ws2_32

htonl
ntohs

Sections

.text
Size: 843KB - Virtual size: 843KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7331af68a8531b33df080b1a9246301

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

ws2_32

Sections

.text Size: 843KB - Virtual size: 843KB

.rdata Size: 164KB - Virtual size: 164KB

.data Size: 12KB - Virtual size: 113KB

.rsrc Size: 213KB - Virtual size: 213KB

.reloc Size: 51KB - Virtual size: 51KB

.text
Size: 843KB - Virtual size: 843KB

.rdata
Size: 164KB - Virtual size: 164KB

.data
Size: 12KB - Virtual size: 113KB

.rsrc
Size: 213KB - Virtual size: 213KB

.reloc
Size: 51KB - Virtual size: 51KB