2024-02-23_b70d96f321095e148ce1da46d838c3f6_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-02-23_b70d96f321095e148ce1da46d838c3f6_mafia
Size

3.9MB
MD5

b70d96f321095e148ce1da46d838c3f6
SHA1

ab4f0532abf70c11acbd0eda84ef7eac9f895c91
SHA256

84e2399265cf11ff0f495a844762c5b6530869084f0bc23df32bd152355d538d
SHA512

b6a7c5a7dcf61b351299e33808798972f3352f44c9e0c36b7257c1dc8737aafff2635090eac9af6ff69d32d2ad38e7e4566da113d8d900c34d0e5584fb9e03ad
SSDEEP

98304:7pSbilaS48FpKjHwxunJP1kBHFEVK/abYhNgF0zmwtAwuvNqWeRyS:50HsBuKCOU0zmwXuvNqrR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-23_b70d96f321095e148ce1da46d838c3f6_mafia

Files

2024-02-23_b70d96f321095e148ce1da46d838c3f6_mafia
.exe windows:5 windows x86 arch:x86

e2d0307d655894d257acec5593ae188a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

AcroTray.pdb

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

FindFirstFileW
FindNextFileW
FindClose
GlobalAlloc
HeapReAlloc
GetProcessHeap
HeapFree
WideCharToMultiByte
CreateProcessW
GetVersionExW
GetFileAttributesW
HeapAlloc
GetFileAttributesA
GetShortPathNameW
GlobalFree
DeleteCriticalSection
MulDiv
LocalFree
FormatMessageW
GlobalUnlock
GlobalLock
GlobalSize
CopyFileW
GetStringTypeExW
GetThreadLocale
lstrcmpiW
DeleteFileW
MoveFileW
DeactivateActCtx
ActivateActCtx
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetFullPathNameW
GetCurrentProcessId
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
CreateActCtxW
ReleaseActCtx
InterlockedDecrement
InterlockedIncrement
CompareStringW
GlobalGetAtomNameW
GetAtomNameW
lstrcmpA
FileTimeToSystemTime
SystemTimeToFileTime
SetErrorMode
GetFileAttributesExW
SetFileAttributesW
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetFileTime
GetFileSizeEx
GetFileTime
SetThreadPriority
ResumeThread
GetCurrentThreadId
SetEvent
SuspendThread
lstrcmpW
GlobalFlags
GlobalAddAtomW
InitializeCriticalSectionAndSpinCount
GlobalDeleteAtom
GlobalFindAtomW
FreeResource
InterlockedExchange
LoadLibraryExW
GetLocaleInfoW
CompareStringA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
GetSystemDirectoryW
lstrcpyW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetWindowsDirectoryW
GetNumberFormatW
GetTempFileNameW
GetTempPathW
GetProfileIntW
SearchPathW
VirtualProtect
ReplaceFileW
GetDiskFreeSpaceW
FindResourceExW
LocalUnlock
LocalLock
RtlUnwind
RaiseException
EncodePointer
DecodePointer
GetDriveTypeW
FindFirstFileExW
ExitThread
CreateThread
GetCommandLineW
HeapSetInformation
GetStartupInfoW
HeapQueryInformation
HeapSize
ExitProcess
GetSystemTimeAsFileTime
VirtualAlloc
VirtualQuery
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
HeapCreate
HeapDestroy
GetFileInformationByHandle
PeekNamedPipe
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetTimeZoneInformation
FatalAppExitA
SetConsoleCtrlHandler
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
GetFullPathNameA
SetEnvironmentVariableA
InitializeCriticalSection
GetUserDefaultLCID
ResetEvent
CreateEventW
SetLastError
WaitForSingleObject
FindResourceW
LoadResource
LockResource
SizeofResource
LoadLibraryA
GetModuleFileNameW
GetSystemInfo
lstrcpyA
lstrlenA
LoadLibraryW
GetProcAddress
FreeLibrary
GetModuleHandleW
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
GetCurrentDirectoryW
MultiByteToWideChar
SetCurrentDirectoryW
GetTickCount
GetVolumeInformationW
lstrlenW
CreateFileW
SetNamedPipeHandleState
WriteFile
ReadFile
Sleep
OpenMutexW
CloseHandle
GetLastError

user32

SetCursor
ShowOwnedPopups
DeleteMenu
InvalidateRect
GetMenuDefaultItem
CreatePopupMenu
IsRectEmpty
MapVirtualKeyW
SetCapture
GetAsyncKeyState
ReleaseCapture
InvertRect
DrawFocusRect
HideCaret
EnableScrollBar
NotifyWinEvent
MessageBeep
OffsetRect
GetIconInfo
GetNextDlgGroupItem
DrawIconEx
IsZoomed
SetWindowRgn
SetParent
DestroyAcceleratorTable
WindowFromPoint
GetSystemMenu
DrawStateW
DrawEdge
DrawFrameControl
CopyAcceleratorTableW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableW
SetRect
SetCursorPos
BringWindowToTop
LockWindowUpdate
GetDialogBaseUnits
GetKeyNameTextW
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
IsCharLowerW
MapVirtualKeyExW
UnionRect
UpdateLayeredWindow
MonitorFromPoint
IsMenu
TranslateAcceleratorW
InsertMenuItemW
GetMenuBarInfo
ReuseDDElParam
UnpackDDElParam
PostThreadMessageW
WaitMessage
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
InSendMessage
CreateMenu
SetMenuDefaultItem
IsClipboardFormatAvailable
SendNotifyMessageW
FrameRect
GetUpdateRect
RegisterClipboardFormatW
CopyIcon
CharUpperBuffW
GetDoubleClickTime
SubtractRect
EnumChildWindows
MapDialogRect
DrawIcon
DestroyCursor
WindowFromDC
GetWindowRgn
GetDCEx
GetTabbedTextExtentW
CreateDialogIndirectParamW
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
SetMenu
SetScrollRange
GetScrollRange
ShowScrollBar
RedrawWindow
UpdateWindow
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetMenuItemInfoW
CallWindowProcW
GetMenu
CopyRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
GetWindowDC
GrayStringW
DrawTextExW
TabbedTextOutW
FillRect
ScrollWindowEx
SetWindowLongW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
GetDlgItem
CheckRadioButton
CheckDlgButton
GetScrollPos
SetScrollPos
SetFocus
DestroyIcon
GetFocus
GetDesktopWindow
RealChildWindowFromPoint
GetWindow
GetDlgCtrlID
PtInRect
SetWindowTextW
UnregisterClassW
SetWindowsHookExW
CallNextHookEx
GetKeyState
PeekMessageW
ValidateRect
GetWindowTextLengthW
GetWindowTextW
LoadCursorW
GetDC
ReleaseDC
GetSysColorBrush
UnhookWindowsHookEx
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
RemoveMenu
GetNextDlgTabItem
EndDialog
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
EndDeferWindowPos
CopyImage
IntersectRect
InflateRect
IsIconic
RegisterWindowMessageW
CreateWindowExW
SystemParametersInfoW
MoveWindow
FindWindowExW
GetMessageW
DispatchMessageW
TranslateMessage
WaitForInputIdle
EnumThreadWindows
PostQuitMessage
GetActiveWindow
RegisterClassExW
GetWindowRect
GetParent
ScreenToClient
CreateDialogParamW
ShowWindow
SetClassLongW
SendDlgItemMessageW
SetDlgItemTextW
DefWindowProcW
ClientToScreen
SetWindowPos
KillTimer
GetSystemMetrics
BeginPaint
GetSysColor
GetClientRect
DrawTextW
EndPaint
IsWindowVisible
DestroyWindow
FindWindowW
LoadStringW
LoadImageW
IsWindow
SendMessageW
GetClassNameW
GetForegroundWindow
SetTimer
LoadMenuW
GetCursorPos
GetSubMenu
SetForegroundWindow
TrackPopupMenu
DestroyMenu
LoadIconW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
SetActiveWindow
GetWindowPlacement
BeginDeferWindowPos
PostMessageW
CheckMenuItem
CharUpperW

gdi32

EnumFontFamiliesW
GetTextCharsetInfo
GetBkColor
CreatePalette
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutW
RectVisible
GetTextMetricsW
StartDocW
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectW
SelectClipPath
SaveDC
RestoreDC
CreateDIBitmap
SetWindowExtEx
GetTextExtentPoint32W
DPtoLP
PatBlt
PtVisible
CreateCompatibleBitmap
SetBkMode
DeleteMetaFile
CloseMetaFile
CreateMetaFileW
GetTextFaceW
GetTextAlign
GetStretchBltMode
GetROP2
GetPolyFillMode
GetMapMode
GetNearestColor
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
SetPixelV
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
RoundRect
EnumFontFamiliesExW
GetRgnBox
OffsetRgn
Rectangle
SetPixel
StretchBlt
GetDIBits
SetDIBColorTable
Polygon
Ellipse
Polyline
CreateEllipticRgn
GetTextColor
CreatePolygonRgn
ExtTextOutW
SetTextColor
SetBkColor
SelectObject
GetStockObject
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateFontIndirectW
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
CreateCompatibleDC
CreateBitmap
CreatePatternBrush
CreateDIBPatternBrushPt
DeleteDC
ExtSelectClipRgn
CreateRoundRectRgn
CreateDIBSection
GetCurrentObject
SetWorldTransform
ModifyWorldTransform
SetMapMode
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
DeleteObject
CreateDCW
CopyMetaFileW
GetBkMode
GetDeviceCaps
StretchDIBits
CreateFontW
GetCharWidthW
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
GetClipBox
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetLayout
SetLayout
SetArcDirection
SetColorAdjustment
SelectClipRgn
GetClipRgn
CreateRectRgn
ScaleWindowExtEx

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW
GetJobW

advapi32

RegCreateKeyA
SetFileSecurityW
RegEnumKeyExW
RegEnumKeyW
RegSetValueW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegQueryValueExA
RegDeleteKeyA
RegSetValueExA
RegDeleteKeyW
RegEnumValueW
RegCreateKeyW
RegOpenKeyA
RegQueryValueW
GetFileSecurityW
RegNotifyChangeKeyValue
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyW
RegOpenKeyExA

shell32

ShellExecuteExW
DragQueryFileW
DragFinish
SHBrowseForFolderW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetDesktopFolder
SHAddToRecentDocs
ExtractIconW
SHGetFileInfoW
ShellExecuteW
Shell_NotifyIconW
SHAppBarMessage

msimg32

AlphaBlend
TransparentBlt

comctl32

ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Create
ImageList_DrawEx
ImageList_GetImageCount
ImageList_Destroy
ImageList_AddMasked
ImageList_Remove

shlwapi

PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathRemoveExtensionW
PathRemoveFileSpecW
PathIsUNCW

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

gdiplus

GdipFree
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipAlloc

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

oledlg

OleUIBusyW

comdlg32

GetFileTitleW

ole32

OleSave
WriteClassStm
OleSaveToStream
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreate
OleLoad
GetHGlobalFromILockBytes
OleSetContainedObject
OleCreateFromFile
OleCreateLinkToFile
OleGetIconOfClass
CreateItemMoniker
CreateGenericComposite
OleRegEnumVerbs
OleRegGetMiscStatus
OleRun
OleGetClipboard
RegisterDragDrop
ReadClassStg
CoDisconnectObject
StgCreateDocfileOnILockBytes
OleQueryLinkFromData
OleIsRunning
GetRunningObjectTable
CoGetMalloc
CreateOleAdviseHolder
CreateDataAdviseHolder
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoGetClassObject
CoRegisterClassObject
CoRevokeClassObject
CoRegisterMessageFilter
CLSIDFromProgID
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
OleDuplicateData
ReadFmtUserTypeStg
OleRegGetUserType
CoTreatAsClass
StringFromCLSID
PropVariantCopy
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
OleSetMenuDescriptor
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
StgIsStorageFile
StgOpenStorage
CreateFileMoniker
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfile
CreateStreamOnHGlobal
CoInitializeEx
CoUninitialize
CoInitialize
CoCreateGuid
CLSIDFromString
CoCreateInstance
OleQueryCreateFromData
StringFromGUID2
CoTaskMemAlloc
ReleaseStgMedium
RevokeDragDrop
CreateBindCtx
CoLockObjectExternal
WriteClassStg

oleaut32

SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantClear
SafeArrayRedim
VariantChangeType
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocStringLen
VarDateFromStr
SysReAllocStringLen
SafeArrayGetUBound
SafeArrayAccessData
LoadRegTypeLi
SafeArrayUnaccessData
LoadTypeLi
SafeArrayPtrOfIndex
SysFreeString
VarCyFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
RegisterTypeLi
SysStringByteLen
SysAllocStringByteLen
VarBstrFromDate
VariantInit
SysAllocString

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 580KB - Virtual size: 580KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 752KB - Virtual size: 756KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e2d0307d655894d257acec5593ae188a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

msimg32

comctl32

shlwapi

oleacc

gdiplus

imm32

winmm

oledlg

comdlg32

ole32

oleaut32

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 580KB - Virtual size: 580KB

.data Size: 40KB - Virtual size: 73KB

.idata Size: 24KB - Virtual size: 23KB

.rsrc Size: 11KB - Virtual size: 11KB

.reloc Size: 752KB - Virtual size: 756KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 580KB - Virtual size: 580KB

.data
Size: 40KB - Virtual size: 73KB

.idata
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 11KB - Virtual size: 11KB

.reloc
Size: 752KB - Virtual size: 756KB