2024-02-20_ac6320a537f6f01aa46b242cad7e75d3_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-20_ac6320a537f6f01aa46b242cad7e75d3_mafia
Size

638KB
MD5

ac6320a537f6f01aa46b242cad7e75d3
SHA1

94690eb6ac41dd426c65c7c7e8b833642dc9fde4
SHA256

6a5af5da3e0d72973a416ad2eb425d8d748c4ddf90668b239f432272b67f8d6e
SHA512

5d1c5e1418d2987cd9c90cd504aaaf3c7fbb0bc781d7dd4e15a5fde1326b97ff2ed0fc30c9be85c195bea71694f808c697208a88b0aafbde647886057ecfab53
SSDEEP

12288:YpT6TqjJ0mnnpVQTEtgpDut+qg+7GarOSB8AVYhlZyVcjs:yT6TqjJspDut+qearO7AazyVc4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-20_ac6320a537f6f01aa46b242cad7e75d3_mafia

Files

2024-02-20_ac6320a537f6f01aa46b242cad7e75d3_mafia
.exe windows:5 windows x86 arch:x86

749bf5d4f93eb6e0a47fb6c09ff9b2c3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryW
SetEndOfFile
InitializeCriticalSection
LocalFree
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
InterlockedPushEntrySList
InterlockedCompareExchange
GetProcessHeap
SetEnvironmentVariableA
CompareStringW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
CreateFileW
SetStdHandle
WriteConsoleW
InterlockedExchange
LCMapStringW
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
CloseHandle
ReadFile
FlushFileBuffers
GetConsoleMode
GetConsoleCP
Sleep
GetFileType
SetHandleCount
GetTimeZoneInformation
ExitProcess
GetStringTypeW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetLocaleInfoW
GetStdHandle
WriteFile
IsProcessorFeaturePresent
HeapSize
HeapReAlloc
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapDestroy
HeapCreate
GetStartupInfoW
HeapSetInformation
GetCommandLineW
GetSystemTimeAsFileTime
HeapAlloc
RtlUnwind
EncodePointer
DecodePointer
HeapFree
GetModuleHandleA
AreFileApisANSI
FormatMessageA
CreateFileA
GetTimeFormatA
LockResource
GetCurrentProcessId
LoadLibraryW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
FreeLibrary
lstrcmpiW
GetModuleHandleW
GetProcAddress
Beep
MultiByteToWideChar
GetVersionExW
GlobalAlloc
GlobalLock
GlobalUnlock
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
MulDiv
lstrcmpW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
RaiseException
SetLastError
GetCurrentThreadId
lstrlenW
WideCharToMultiByte
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
GetLastError
SetFilePointer
GetDateFormatA

user32

SendMessageW
GetSystemMetrics
SetRectEmpty
InflateRect
UnhookWindowsHookEx
UnregisterClassA
DestroyWindow
SetWindowLongW
GetWindowLongW
CreateWindowExW
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
SetWindowPos
CharLowerW
CallNextHookEx
SetWindowsHookExW
GetMenu
SetMenu
SetMenuDefaultItem
LoadBitmapW
DefFrameProcW
CheckMenuRadioItem
TranslateMDISysAccel
BringWindowToTop
EndDialog
GetSysColorBrush
IsMenu
GetWindowDC
TrackPopupMenu
GetMessagePos
WindowFromPoint
GetSystemMenu
GetCapture
FrameRect
ModifyMenuW
DrawFrameControl
GetClassLongW
GetMenuDefaultItem
SetMenuItemInfoW
GetMenuItemID
DrawIconEx
GetWindowThreadProcessId
IsWindowEnabled
UpdateWindow
PostMessageW
GetMessageW
TranslateMessage
DispatchMessageW
GetKeyState
DrawMenuBar
GetMenuStringW
GetSubMenu
TrackPopupMenuEx
PeekMessageW
PtInRect
MessageBeep
AdjustWindowRectEx
RemoveMenu
AppendMenuW
MonitorFromPoint
CreatePopupMenu
GetMenuItemInfoW
GetMenuItemCount
DestroyMenu
LoadStringA
PostQuitMessage
TranslateAcceleratorW
IsDialogMessageW
LoadStringW
LoadAcceleratorsW
GetActiveWindow
LoadMenuW
DefMDIChildProcW
IsWindowVisible
OffsetRect
SystemParametersInfoW
DrawEdge
DrawTextW
DialogBoxParamW
LoadImageW
RegisterWindowMessageW
CreateAcceleratorTableW
IsWindow
SetFocus
GetFocus
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
CallWindowProcW
FillRect
ReleaseCapture
GetClassNameW
IsChild
SetCapture
RedrawWindow
InvalidateRgn
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
MoveWindow
CharNextW
GetSysColor
CreateDialogParamW
RegisterClassExW
SetRect
DefWindowProcW
LoadCursorW
GetClassInfoExW
GetWindow
GetWindowRect
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
MessageBoxW
GetDlgItem
GetParent
ShowWindow
InvalidateRect
GetClientRect

gdi32

CreateBitmap
CreatePatternBrush
PatBlt
GetCurrentObject
SetBkColor
GetObjectW
DeleteObject
GetStockObject
SelectObject
DeleteDC
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
CreateSolidBrush
SetBkMode
SetTextColor
CreatePen
MoveToEx
LineTo
CreateFontIndirectW
SetViewportOrgEx
GetViewportOrgEx
CreateDIBSection
GetDeviceCaps
SetBrushOrgEx

advapi32

RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegCreateKeyExW

ole32

CoInitialize
CoUninitialize
CoTaskMemFree
CoTaskMemRealloc
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoTaskMemAlloc
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2

oleaut32

VarUI4FromStr
DispCallFunc
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VariantClear
VariantInit
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
GetErrorInfo

comctl32

ImageList_Destroy
ImageList_GetImageCount
ImageList_Draw
ImageList_DrawIndirect
CreateStatusWindowW
ord8
ImageList_Create
ImageList_LoadImageW
InitCommonControlsEx
ImageList_AddMasked

Sections

.text
Size: 473KB - Virtual size: 473KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

749bf5d4f93eb6e0a47fb6c09ff9b2c3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

Sections

.text Size: 473KB - Virtual size: 473KB

.rdata Size: 86KB - Virtual size: 85KB

.data Size: 21KB - Virtual size: 30KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 37KB - Virtual size: 37KB

.text
Size: 473KB - Virtual size: 473KB

.rdata
Size: 86KB - Virtual size: 85KB

.data
Size: 21KB - Virtual size: 30KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 37KB - Virtual size: 37KB