2024-02-22_8b6195de6e318ff0f501165b7f2e83a1_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-02-22_8b6195de6e318ff0f501165b7f2e83a1_mafia
Size

1024KB
MD5

8b6195de6e318ff0f501165b7f2e83a1
SHA1

eec82c22edc367a0a89485595654e6d47a098c97
SHA256

7285b8ed169e534b547bd71a73abb697aea51b89359881692d5ebc8a33777650
SHA512

4c4674d21c04cfea1b5309c4d42cdd44c66d37b25fa85c79f8c89d8887eea371af214dca54ba417603305a99045a133a15cdb8907bc1b50894ad08b8ee7de5c1
SSDEEP

24576:Dg1El7RZFbmD9A0Y4qgOAWICqL9V5j4OPMmB+iO9aAT07dhfgtdxA:DgmlNXCD9A0Y4qgOAWICqL9V5j4OPMxa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-22_8b6195de6e318ff0f501165b7f2e83a1_mafia

Files

2024-02-22_8b6195de6e318ff0f501165b7f2e83a1_mafia
.exe windows:5 windows x86 arch:x86

5a40c6e61e2f19772e08301582df5f0f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipAlloc
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromGdiDib
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCloneImage
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToFile
GdiplusStartup
GdiplusShutdown
GdipCloneBrush
GdipDrawImageRectI
GdipFillRectangleI
GdipGetImageGraphicsContext
GdipCreateSolidFill
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImagePixelFormat
GdipGetImageRawFormat
GdipDeleteGraphics
GdipDeleteBrush
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipFree

kernel32

SystemTimeToFileTime
TzSpecificLocalTimeToSystemTime
GetTimeZoneInformation
MultiByteToWideChar
FindNextFileW
FindClose
SetLastError
FindFirstFileW
lstrlenA
DebugBreak
OutputDebugStringW
GetVersionExW
GetFileAttributesW
QueryPerformanceCounter
GetTickCount
QueryPerformanceFrequency
GetFileSizeEx
GetTimeFormatW
GetDateFormatW
GetLastError
GetShortPathNameW
ReadFile
GetFileSize
GlobalFree
lstrcpynW
MulDiv
MoveFileW
DeleteFileW
WriteFile
RaiseException
InitializeCriticalSectionAndSpinCount
FlushInstructionCache
GetCurrentProcess
GetCurrentThreadId
GetProcAddress
GetModuleHandleW
lstrcmpiW
FreeLibrary
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
CreateMutexW
GetLocaleInfoW
SetFileTime
LocalFree
FormatMessageW
CopyFileW
SetFilePointer
CreateDirectoryW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetCommandLineW
CreateProcessW
VirtualFree
VirtualAlloc
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
MoveFileExW
Sleep
LoadLibraryW
GetSystemTime
DecodePointer
CreateThread
ResumeThread
ExitThread
RtlUnwind
InterlockedPopEntrySList
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedPushEntrySList
InterlockedCompareExchange
LoadLibraryA
InterlockedExchange
LocalAlloc
GetStartupInfoW
ExitProcess
TerminateProcess
lstrcpyW
GetFullPathNameW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InitializeCriticalSection
CreateEventW
EnterCriticalSection
FindFirstChangeNotificationW
LeaveCriticalSection
WaitForMultipleObjects
ResetEvent
FindNextChangeNotification
FindCloseChangeNotification
HeapSetInformation
DeleteCriticalSection
TerminateThread
SetEvent
WaitForSingleObject
CreateFileW
GetFileTime
CloseHandle
WideCharToMultiByte
InterlockedIncrement
lstrlenW
InterlockedDecrement
GlobalAlloc
GlobalLock
GlobalUnlock
SetHandleCount
GetStdHandle
GetFileType
HeapCreate
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetCurrentProcessId
CreateFileA
GetStringTypeW
CompareStringW
LCMapStringW
HeapReAlloc
HeapSize
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
SetStdHandle
FlushFileBuffers
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
SetEndOfFile
SetEnvironmentVariableA
EncodePointer
GetThreadLocale
SetEnvironmentVariableW

user32

DestroyMenu
UpdateWindow
ClientToScreen
SetCursorPos
SetTimer
GetCursorPos
ScreenToClient
KillTimer
MonitorFromPoint
GetSysColor
GetSysColorBrush
FrameRect
SetPropW
GetPropW
CallWindowProcW
RemovePropW
EndPaint
BeginPaint
ShowWindow
CreateWindowExW
LoadCursorW
SetCursor
EnumDisplayMonitors
CopyRect
SetFocus
EnableWindow
DefWindowProcW
EnumWindows
SendMessageTimeoutW
CheckMenuItem
IsClipboardFormatAvailable
DialogBoxParamW
DestroyWindow
GetWindowTextW
EqualRect
PtInRect
InvalidateRect
GetDC
ReleaseDC
GetMenuItemCount
GetMenuStringW
GetMenuItemID
SetMenuItemInfoW
DeleteMenu
AppendMenuW
OffsetRect
DrawTextW
FillRect
InflateRect
CharLowerW
GetSystemMetrics
LoadImageW
LoadMenuW
MoveWindow
IsZoomed
TrackPopupMenu
GetWindowPlacement
SetWindowPlacement
IsWindowEnabled
CharNextW
CharUpperW
GetKeyState
SetWindowLongW
GetWindow
GetWindowRect
MonitorFromWindow
GetMonitorInfoW
SetClassLongW
PeekMessageW
ReleaseCapture
GetActiveWindow
EnableMenuItem
GetClientRect
MapWindowPoints
ShowCursor
SetCapture
SetWindowPos
MessageBoxW
GetDlgItem
GetParent
SetWindowTextW
GetWindowLongW
wvsprintfW
SendMessageW
EndDialog
PostMessageW
LoadStringW
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
IntersectRect
IsRectEmpty
UnregisterClassA
GetSubMenu

gdi32

SetROP2
BitBlt
SelectClipRgn
ExtTextOutW
CreateRectRgn
ExcludeClipRect
SetBkColor
ExtSelectClipRgn
Ellipse
Arc
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
SetBkMode
TextOutW
GetTextExtentPoint32W
DeleteDC
CreatePen
Rectangle
LineTo
MoveToEx
DPtoLP
DeleteObject
GetStockObject
SelectObject
GetDeviceCaps
CreateFontW
GetTextFaceW
GetTextMetricsW
CreateFontIndirectW
ExtCreatePen
SetTextColor
SetDIBitsToDevice

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

AllocateAndInitializeSid
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegQueryValueExW
RegGetKeySecurity
GetSecurityDescriptorDacl
GetAclInformation
RegCloseKey
InitializeAcl
AddAccessAllowedAce
GetAce
AddAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetKeySecurity
FreeSid
RegOpenKeyExW
RegSetValueExW

shell32

DragFinish
DragQueryFileW
SHGetFolderPathW
DragAcceptFiles
SHCreateDirectoryExW
ShellExecuteW
SHGetSpecialFolderPathW

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitialize
CreateStreamOnHGlobal

oleaut32

VarUI4FromStr

shlwapi

StrCmpLogicalW

comctl32

InitCommonControlsEx

msimg32

AlphaBlend

ws2_32

htonl
ntohs

Sections

.text
Size: 797KB - Virtual size: 796KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a40c6e61e2f19772e08301582df5f0f

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

ws2_32

Sections

.text Size: 797KB - Virtual size: 796KB

.rdata Size: 151KB - Virtual size: 150KB

.data Size: 9KB - Virtual size: 109KB

.rsrc Size: 21KB - Virtual size: 20KB

.reloc Size: 45KB - Virtual size: 44KB

.text
Size: 797KB - Virtual size: 796KB

.rdata
Size: 151KB - Virtual size: 150KB

.data
Size: 9KB - Virtual size: 109KB

.rsrc
Size: 21KB - Virtual size: 20KB

.reloc
Size: 45KB - Virtual size: 44KB