2024-02-22_c9aba2a4bf6b11e15f59089b6c933828_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-22_c9aba2a4bf6b11e15f59089b6c933828_mafia
Size

2.6MB
MD5

c9aba2a4bf6b11e15f59089b6c933828
SHA1

845bcca113f5febf111781e8b6f22ed5f22e183f
SHA256

52927a1c650976a91ece00d64b3c5ffa7797eaf2a671b5c55f657e1eba34f1a0
SHA512

f475ed53da25c55a3fae15345aeda6b66b467968ee4d7e0cbe6a1e4b1351b0638b9fa667f9982f56debc26fca515e727c611221e7f0eb0b79fa9bba020fc51c6
SSDEEP

49152:0zinDVGwsAWO/m5QdGp4LYNxO2r5b+wrPI62epUQkDfYJk7LAmxr9FVtGMDmg27z:43CWO/m59p4LuO2r5b+sIgUQk0Jk7LAV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-22_c9aba2a4bf6b11e15f59089b6c933828_mafia

Files

2024-02-22_c9aba2a4bf6b11e15f59089b6c933828_mafia
.exe windows:5 windows x86 arch:x86

4211a4efab7a15518b67ff9e111a3f97

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

none

Imports

adbeape

APETerminate
APEInitialize
APEPlayerCallExternalInterface
APEPlayerFromStageHWND
APEPlayerLoadComponent
APEPlayerChangeAttributes

user32

DefWindowProcW
CallWindowProcW
IsWindowVisible
GetSystemMetrics
wsprintfW
GetDesktopWindow
DestroyWindow
PostQuitMessage
DialogBoxParamW
MessageBeep
RegisterClassExW
LoadIconW
GetDlgItem
EndDialog
EnumChildWindows
MessageBoxW
SendMessageW
GetSystemMenu
GetClientRect
EnableMenuItem
SetWindowTextW
CreateWindowExW
GetActiveWindow
ShowWindow
SetWindowPos
SetWindowLongW
SetClassLongW
MoveWindow
GetMessageW
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuW
GetMenuItemID
AppendMenuW
GetMenuStringW
GetMenuState
GetWindowTextLengthW
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetWindowThreadProcessId
UnhookWindowsHookEx
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
PtInRect
GetClassNameW
GetDlgCtrlID
GetWindow
RealChildWindowFromPoint
GetFocus
SetScrollPos
GetScrollPos
CheckDlgButton
SendDlgItemMessageW
IsDialogMessageW
IsWindow
ValidateRect
GetCursorPos
PeekMessageW
GetKeyState
CallNextHookEx
SetWindowsHookExW
DestroyIcon
CharUpperW
FillRect
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
ScreenToClient
GetWindowDC
BeginPaint
EndPaint
CopyRect
GetMenu
GetWindowPlacement
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
AdjustWindowRectEx
RegisterClassW
GetClassInfoW
GetClassInfoExW
UpdateWindow
RedrawWindow
ShowScrollBar
GetScrollRange
SetScrollRange
SetMenu
TrackPopupMenu
ScrollWindow
MapWindowPoints
GetMonitorInfoW
MonitorFromWindow
GetMessagePos
GetMessageTime
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
SetActiveWindow
GetForegroundWindow
RemovePropW
GetPropW
SetPropW
GetClassLongW
GetCapture
IsChild
WinHelpW
SendDlgItemMessageA
CheckMenuItem
ModifyMenuW
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
InflateRect
IntersectRect
GetMenuItemInfoW
DestroyMenu
CopyImage
SetRectEmpty
EnumDisplayMonitors
SetLayeredWindowAttributes
GetMenuDefaultItem
CreatePopupMenu
IsRectEmpty
MapVirtualKeyW
InvalidateRect
SetCapture
GetAsyncKeyState
ReleaseCapture
InvertRect
DrawFocusRect
HideCaret
EnableScrollBar
NotifyWinEvent
GetNextDlgTabItem
OffsetRect
GetIconInfo
LoadImageW
SetTimer
KillTimer
GetNextDlgGroupItem
DrawIconEx
CreateDialogIndirectParamW
ShowOwnedPopups
DeleteMenu
SetWindowRgn
SetParent
DestroyAcceleratorTable
WindowFromPoint
LoadMenuW
DrawStateW
DrawEdge
DrawFrameControl
CopyAcceleratorTableW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableW
SetRect
SetCursorPos
BringWindowToTop
LockWindowUpdate
GetKeyNameTextW
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
IsCharLowerW
MapVirtualKeyExW
UnionRect
UpdateLayeredWindow
MonitorFromPoint
IsMenu
TranslateAcceleratorW
InsertMenuItemW
ReuseDDElParam
UnpackDDElParam
WaitMessage
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
CreateMenu
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
RegisterClipboardFormatW
CopyIcon
CharUpperBuffW
GetDoubleClickTime
SubtractRect
MapDialogRect
DrawIcon
DestroyCursor
GetWindowRgn
TranslateMessage
PostThreadMessageW
DispatchMessageW
ClientToScreen
SetCursor
GetWindowRect
RegisterWindowMessageW
IsIconic
PostMessageW
IsZoomed
GetPropA
SetForegroundWindow
GetParent
LoadCursorW
SetFocus
SetPropA
GetWindowLongW
GetAncestor
GetWindowTextW
SystemParametersInfoW

gdi32

DeleteObject
CreateDCW
CopyMetaFileW
GetDeviceCaps
BitBlt
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetStockObject
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateBitmap
CreateCompatibleDC
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectW
CreateRectRgnIndirect
SetRectRgn
CombineRgn
PatBlt
DPtoLP
GetTextExtentPoint32W
CreateDIBitmap
CreateCompatibleBitmap
SaveDC
EnumFontFamiliesW
GetTextCharsetInfo
GetBkColor
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
OffsetRgn
GetRgnBox
EnumFontFamiliesExW
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
GetWindowExtEx
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceW
RestoreDC
SetBkColor
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetObjectW
GetViewportExtEx
GetTextMetricsW
PtInRegion

wininet

InternetCheckConnectionW
InternetGetConnectedState

kernel32

GlobalFindAtomW
FreeResource
InterlockedExchange
GetLocaleInfoW
GetFileAttributesExW
GetFileAttributesW
GetFileSizeEx
GetFileTime
GetSystemDirectoryW
lstrcpyW
GetWindowsDirectoryW
GetNumberFormatW
GetCurrentDirectoryW
GetTempFileNameW
GetTickCount
GetProfileIntW
SearchPathW
VirtualProtect
GetUserDefaultLCID
FindResourceExW
HeapSetInformation
GetStartupInfoW
EncodePointer
DecodePointer
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetTimeZoneInformation
HeapReAlloc
GlobalDeleteAtom
RaiseException
HeapQueryInformation
HeapSize
ExitThread
VirtualAlloc
GetSystemInfo
VirtualQuery
SetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
LCMapStringW
WriteConsoleW
GetDriveTypeW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetProcessHeap
SetEnvironmentVariableA
CloseHandle
CreateThread
GetProcAddress
GetFullPathNameW
GetVolumeInformationW
GetVersionExW
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetModuleFileNameW
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
lstrcmpiW
GlobalAddAtomW
SetThreadPriority
GlobalFlags
lstrcmpW
CompareStringW
ReleaseActCtx
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
SetEvent
Sleep
LocalAlloc
CreateEventW
LocalFree
GetCommandLineW
ConnectNamedPipe
CreateNamedPipeW
WaitNamedPipeW
WriteFile
WideCharToMultiByte
GlobalReAlloc
TlsGetValue
ActivateActCtx
DeactivateActCtx
lstrcmpA
GlobalGetAtomNameW
FileTimeToLocalFileTime
ReadFile
CreateFileW
DisconnectNamedPipe
GetLastError
RemoveDirectoryW
DeleteFileW
SetFileAttributesW
ExitProcess
GetThreadContext
SetThreadContext
CreateProcessW
GetCurrentProcess
FlushInstructionCache
VirtualProtectEx
SetCurrentDirectoryW
DuplicateHandle
WriteProcessMemory
ResumeThread
IsDBCSLeadByteEx
FileTimeToSystemTime
GetModuleHandleW
FindFirstFileW
FindNextFileW
FindClose
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
FindResourceW
LoadResource
LockResource
SizeofResource
lstrlenW
MulDiv
SetLastError
GetLocalTime
GetTempPathW
GetTimeFormatW
CreateDirectoryW
SetFilePointer
GetDateFormatW
GetCurrentProcessId
ReleaseMutex
OpenSemaphoreW
CreateSemaphoreW
ReleaseSemaphore
CreateMutexW
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
lstrlenA
GetUserDefaultUILanguage
LoadLibraryW
GetUserDefaultLangID
FreeLibrary
WaitForSingleObject

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumKeyExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
AllocateAndInitializeSid
SetEntriesInAclW
FreeSid
GetUserNameW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegQueryValueExW

shell32

SHGetSpecialFolderPathW
CommandLineToArgvW
SHGetFileInfoW
SHGetDesktopFolder
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
DragFinish
DragQueryFileW
SHAppBarMessage
ShellExecuteW

comctl32

ImageList_GetIconSize

shlwapi

PathSearchAndQualifyW
PathFileExistsW
PathRemoveBackslashW
StrRChrW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW

ole32

CoUninitialize
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
DoDragDrop
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateStreamOnHGlobal
CoInitializeEx
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
OleRun
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleInitialize
CoInitialize

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringLen
VarBstrFromDate
GetErrorInfo
VariantChangeType
SysAllocString
SysStringLen
VariantClear
VariantCopy
VariantInit
SysFreeString

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

gdiplus

GdipGetImagePixelFormat
GdipAlloc
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipFree
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 311KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 740KB - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4211a4efab7a15518b67ff9e111a3f97

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

adbeape

user32

gdi32

wininet

kernel32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 311KB - Virtual size: 311KB

.data Size: 24KB - Virtual size: 55KB

.rsrc Size: 292KB - Virtual size: 291KB

.reloc Size: 740KB - Virtual size: 744KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 311KB - Virtual size: 311KB

.data
Size: 24KB - Virtual size: 55KB

.rsrc
Size: 292KB - Virtual size: 291KB

.reloc
Size: 740KB - Virtual size: 744KB