2024-02-24_5bbd46fd18f68b22480ebc94d6624935_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-24_5bbd46fd18f68b22480ebc94d6624935_mafia
Size

2.3MB
MD5

5bbd46fd18f68b22480ebc94d6624935
SHA1

b49ee2d6b7ae84b10f8c2f7cb37e05e89d51fb02
SHA256

42a7f078975d76de5aff6e1a63fdb44cbf2aeff00a04ba31c4095cf02759eb06
SHA512

4fa348df835caf7374fe6974974298611d7e9ec2c42960299406d8146da9b8bd6258d14aa8b6d1f181189962e6bf4e635716622a2747026a8dc39d004ef94f32
SSDEEP

49152:5Y1UdlkEeeY8doCepMeUGeqckHZ01EnAcW8b/d1334qdTqvsrV:O1UdlKeNdoCepMlqJHe0BWAdd34Guv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-24_5bbd46fd18f68b22480ebc94d6624935_mafia

Files

2024-02-24_5bbd46fd18f68b22480ebc94d6624935_mafia
.exe windows:5 windows x86 arch:x86

092be4c568f637ccff74bd3f1de854e9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx
ImageList_LoadImageW
ImageList_Destroy

ole32

RegisterDragDrop
OleSetClipboard
OleGetClipboard
ReleaseStgMedium
DoDragDrop
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
RevokeDragDrop

shell32

DragAcceptFiles
SHFileOperationW
DragFinish
ShellExecuteExW
DragQueryFileW
SHQueryRecycleBinW

shlwapi

StrStrIW
PathIsRelativeW

mpr

WNetGetUniversalNameW

kernel32

ResumeThread
CreateProcessW
GetModuleFileNameW
SetCurrentDirectoryW
SetEvent
FindFirstChangeNotificationW
FindCloseChangeNotification
FindNextChangeNotification
WaitForMultipleObjects
WaitForSingleObject
CreateEventW
InterlockedIncrement
InterlockedDecrement
GlobalFree
GlobalUnlock
GlobalLock
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
GetFileAttributesW
GetVolumeInformationW
GetVolumePathNameW
FindClose
FindNextFileW
FindFirstFileW
GetFullPathNameW
SearchPathW
GetTempFileNameW
GetTempPathW
GetLongPathNameW
SetFilePointer
CreateFileW
SetLastError
GetTickCount
CreateMutexW
ReleaseMutex
Sleep
GetCurrentDirectoryW
CreateDirectoryW
FormatMessageW
GlobalAlloc
GetShortPathNameW
GetExitCodeProcess
TerminateProcess
CompareFileTime
GetDiskFreeSpaceExW
GetDriveTypeW
GetFileAttributesExW
GetLogicalDriveStringsW
GetTimeFormatW
GetDateFormatW
GetVersionExW
SetFileAttributesW
GetFileInformationByHandleEx
MoveFileExW
DeleteFileW
RemoveDirectoryW
CopyFileExW
MoveFileWithProgressW
GetLocaleInfoW
FindResourceW
GetModuleHandleW
SetEndOfFile
CopyFileW
QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentProcessId
WriteFile
SetNamedPipeHandleState
WaitNamedPipeW
SetEnvironmentVariableW
CompareStringW
FlushFileBuffers
ReadFile
GetConsoleMode
GetConsoleCP
SetHandleCount
RaiseException
LoadLibraryW
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
DeleteCriticalSection
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStdHandle
HeapCreate
GetCurrentProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetFileType
PeekNamedPipe
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
GetTimeZoneInformation
GetDateFormatA
GetTimeFormatA
RtlUnwind
CloseHandle
SetConsoleCtrlHandler
EncodePointer
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineW
HeapSize
DecodePointer
ExitProcess
GetProcAddress
CreateThread
ExitThread
GetSystemTimeAsFileTime
GetStringTypeW
HeapAlloc
HeapFree
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
SetFileInformationByHandle
GetFinalPathNameByHandleW
DeviceIoControl
CreateSymbolicLinkW
SystemTimeToTzSpecificLocalTime
GetLastError
GetCurrentThreadId

user32

GetClassNameW
InsertMenuItemW
CreatePopupMenu
DestroyMenu
GetMenuItemInfoW
GetMenuItemCount
IntersectRect
MoveWindow
SystemParametersInfoW
EnableMenuItem
GetSystemMenu
OpenClipboard
GetClipboardData
FillRect
GetDC
WaitForInputIdle
CreateMenu
MapDialogRect
DrawTextExW
ReleaseDC
InvalidateRect
EmptyClipboard
SetClipboardData
SetMenuItemInfoW
IsClipboardFormatAvailable
CloseClipboard
RegisterClipboardFormatW
GetSysColor
GetKeyboardState
ToUnicodeEx
GetWindowThreadProcessId
GetKeyboardLayout
MapVirtualKeyExW
KillTimer
SetTimer
EnumChildWindows
GetGUIThreadInfo
AttachThreadInput
SetForegroundWindow
SetWindowLongW
GetComboBoxInfo
DestroyAcceleratorTable
CreateAcceleratorTableW
GetMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
TranslateAcceleratorW
RegisterClassExW
PostQuitMessage
DefWindowProcW
SetFocus
GetClientRect
CreateWindowExW
GetCursorPos
ShowCursor
GetAncestor
DestroyWindow
GetWindowLongW
IsChild
GetMessagePos
LoadCursorW
SetCursor
ReleaseCapture
PtInRect
SetCapture
SetActiveWindow
GetSystemMetrics
ScreenToClient
SetMenu
UpdateWindow
GetKeyState
IsWindow
RedrawWindow
GetFocus
CreateDialogParamW
SetWindowPos
IsWindowVisible
CallWindowProcW
TrackPopupMenu
EnableWindow
SetWindowsHookExW
GetForegroundWindow
ClientToScreen
CallNextHookEx
UnhookWindowsHookEx
PostMessageW
GetWindowRect
GetWindowTextW
DialogBoxParamW
EndDialog
GetWindowPlacement
GetParent
SendMessageW
GetDlgItem
SetWindowTextW
SetWindowPlacement
ShowWindow
LoadImageW
IsWindowEnabled

gdi32

DeleteDC
CreateCompatibleBitmap
SaveDC
SetBkColor
RestoreDC
GetTextMetricsW
CreateFontIndirectW
BitBlt
CreatePen
MoveToEx
LineTo
ExtFloodFill
GetCharABCWidthsFloatW
SelectObject
DeleteObject
CreateSolidBrush
GetObjectW
SetTextColor
SetBkMode
CreateCompatibleDC

advapi32

GetUserNameW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

092be4c568f637ccff74bd3f1de854e9

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

ole32

shell32

shlwapi

mpr

kernel32

user32

gdi32

advapi32

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 300KB - Virtual size: 299KB

.data Size: 27KB - Virtual size: 1.2MB

.rsrc Size: 42KB - Virtual size: 41KB

.reloc Size: 133KB - Virtual size: 132KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 300KB - Virtual size: 299KB

.data
Size: 27KB - Virtual size: 1.2MB

.rsrc
Size: 42KB - Virtual size: 41KB

.reloc
Size: 133KB - Virtual size: 132KB