2024-02-22_456796c6956dd2f66934c2f4d0ddcb88_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-22_456796c6956dd2f66934c2f4d0ddcb88_mafia
Size

4.0MB
MD5

456796c6956dd2f66934c2f4d0ddcb88
SHA1

00e17eee2ac14c76eefa2f94fcd9fb8c340307a8
SHA256

c450b0c3357b98b7bfe24d8bae83e214f4d67d35ceab5cfcc5b38d9bcfa5f369
SHA512

9a7e3dc1a247227d2b374ce0106397e191ab603e23cad41d77e33108089c33597b20ce58db001af6c991a0a726b2d10d1ff1c0d79c8c55022f57ab276100b320
SSDEEP

98304:9uev8jERjtMg0FFg9k76JM+TAlqostXrmu+NCsSONRyfyaZ:TMg057ITAUtCxCpONRyL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-22_456796c6956dd2f66934c2f4d0ddcb88_mafia

Files

2024-02-22_456796c6956dd2f66934c2f4d0ddcb88_mafia
.exe windows:5 windows x86 arch:x86

0a1a243dcacd875a2ce25368680e8ce8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\data\software\tools_client\miPrnDrv\miprnexe\Rel32\miprnexe.pdb

Imports

kernel32

FindFirstFileExA
SetCurrentDirectoryA
GetProcessHeap
ReleaseSemaphore
QueryPerformanceFrequency
FindNextFileA
RemoveDirectoryA
CreateDirectoryA
CreateFileW
WriteConsoleW
IsValidLocale
EnumSystemLocalesA
SetEnvironmentVariableA
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
CompareStringW
LCMapStringW
GetStringTypeW
GetLocaleInfoW
IsProcessorFeaturePresent
IsValidCodePage
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
HeapSize
HeapQueryInformation
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
CreateThread
ExitThread
RaiseException
HeapFree
HeapAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
DecodePointer
EncodePointer
RtlUnwind
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathA
Sleep
GetProfileIntA
GetTickCount
InitializeCriticalSectionAndSpinCount
GetFileTime
GetFileSizeEx
GetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SetFileAttributesA
GetFileAttributesExA
SetErrorMode
GetTempPathA
GetTempFileNameA
GetNumberFormatA
GetWindowsDirectoryA
SystemTimeToFileTime
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
MoveFileA
CreateFileA
lstrcmpiA
GetCurrentDirectoryA
lstrcpyA
GetACP
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFree
CopyFileA
GlobalSize
FormatMessageA
LocalFree
lstrlenW
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GlobalAlloc
GetModuleHandleW
GetCurrentProcessId
GlobalLock
GlobalUnlock
MulDiv
lstrlenA
FindResourceA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
FreeLibrary
GetProcAddress
CompareStringA
LoadLibraryW
LoadLibraryA
ActivateActCtx
GetLastError
DeactivateActCtx
SetLastError
MultiByteToWideChar
lstrcmpW
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceW
ExitProcess
DeleteFileA
GetModuleHandleA
GetFileInformationByHandle
GetModuleFileNameA
PeekNamedPipe

user32

GetMenuDefaultItem
RedrawWindow
UnregisterClassA
CharUpperA
WindowFromPoint
KillTimer
SetTimer
SetRect
UnionRect
SetParent
GetSystemMenu
DeleteMenu
IsRectEmpty
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
MapVirtualKeyA
GetKeyNameTextA
GetSysColorBrush
RealChildWindowFromPoint
SystemParametersInfoA
GetMenuItemInfoA
InflateRect
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
ShowOwnedPopups
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
IsZoomed
GetSystemMetrics
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
LoadImageA
DestroyIcon
GetWindowThreadProcessId
GetActiveWindow
SetCursor
ReleaseCapture
LoadAcceleratorsA
InvalidateRect
IsIconic
InsertMenuItemA
CreatePopupMenu
IntersectRect
OffsetRect
SetRectEmpty
BringWindowToTop
GetDesktopWindow
TranslateAcceleratorA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
SetCapture
GetMenuCheckMarkDimensions
LoadBitmapW
ToAsciiEx
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
LoadIconW
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
IsWindow
SetFocus
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
GetWindowTextLengthA
GetWindowTextA
LoadCursorA
EnableWindow
UpdateWindow
CreateAcceleratorTableA
SetCursorPos
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
GetClientRect
PostMessageA
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetAsyncKeyState
InvertRect
DrawFocusRect
HideCaret
EnableScrollBar
NotifyWinEvent
MessageBeep
GetNextDlgTabItem
GetIconInfo
CopyImage
GetNextDlgGroupItem
DrawIconEx
SetWindowRgn
DestroyAcceleratorTable
GetSysColor
AdjustWindowRectEx
GetParent
GetWindowRect
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
SetClassLongA
LoadMenuW
DrawStateA
DrawEdge
DrawFrameControl
SetMenuItemBitmaps
CopyAcceleratorTableA
LockWindowUpdate
GetWindow
SetWindowPos
SetWindowLongA
GetWindowLongA
GetMenu
CallWindowProcA
DefWindowProcA
SendMessageA
GetDlgCtrlID
GetWindowPlacement
SetWindowPlacement
PtInRect
EndDialog
CreateDialogIndirectParamA
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
IsCharLowerA
MapVirtualKeyExA
OemToCharA
CharLowerA
GetWindowRgn
DestroyCursor
DrawIcon
MapDialogRect
SubtractRect
UpdateLayeredWindow
CharUpperBuffA
CopyIcon
RegisterClipboardFormatA
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
CreateMenu
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
WaitMessage
PostThreadMessageA
IsMenu
ModifyMenuA
MonitorFromPoint
GetDoubleClickTime

gdi32

ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
GetDeviceCaps
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateCompatibleBitmap
GetTextMetricsA
GetTextExtentPoint32A
CopyMetaFileA
CreateDCA
CreateFontIndirectA
CreateRectRgnIndirect
SetRectRgn
CombineRgn
PatBlt
DPtoLP
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetBkColor
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
SetWindowExtEx
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
OffsetRgn
GetRgnBox
EnumFontFamiliesExA
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceA
SetWindowOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
GetObjectA
GetSystemPaletteEntries
SetTextColor
SetBkColor

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCloseKey
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegEnumKeyExA
RegEnumValueA

shell32

DragQueryFileA
SHGetFileInfoA
SHGetDesktopFolder
SHAppBarMessage
SHBrowseForFolderA
DragFinish
ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

comctl32

ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

ole32

CreateStreamOnHGlobal
CoInitializeEx
CoInitialize
CoLockObjectExternal
RevokeDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
DoDragDrop
OleGetClipboard
StringFromIID
CoCreateInstance
CoUninitialize
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoCreateGuid
CoGetMalloc
RegisterDragDrop

oleaut32

SysStringLen
SysAllocStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
SysAllocString
SysFreeString
VariantInit
VariantClear
VariantChangeType

gdiplus

GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToFile
GdipLoadImageFromFile
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

ws2_32

ntohl
htonl
ntohs
htons

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 243KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a1a243dcacd875a2ce25368680e8ce8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

version

ws2_32

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 85KB - Virtual size: 117KB

.rsrc Size: 46KB - Virtual size: 46KB

.reloc Size: 243KB - Virtual size: 242KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 85KB - Virtual size: 117KB

.rsrc
Size: 46KB - Virtual size: 46KB

.reloc
Size: 243KB - Virtual size: 242KB