2024-02-24_88aebbf33dc0de852bb8c7639d8a0d9b_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-24_88aebbf33dc0de852bb8c7639d8a0d9b_mafia
Size

2.9MB
MD5

88aebbf33dc0de852bb8c7639d8a0d9b
SHA1

d70cfdccbf2beb688360182d6ec724bf77612d9c
SHA256

667ebec0d3aef9ee7fbf2a3a3b1256bc6c2e90a75e39f2d0154f6aab3203e719
SHA512

bb754ad9832f8e1753df67c8ad9c809598e84f7d7c0096e3687658d2c81aa4ddcbb5d06f69e1f5243fb1ab4a33c2d81bed9bcd451b4d27837a84567700f35d9d
SSDEEP

49152:/bL1WvnizAIwgY+Y+9vcecwh8HGrKEdC5DqWPiB+XRQcIGDf6Km6JEamETjpUoXZ:/NWvniGgY9+9fcdHGrKEdC5DqWPxicnL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-24_88aebbf33dc0de852bb8c7639d8a0d9b_mafia

Files

2024-02-24_88aebbf33dc0de852bb8c7639d8a0d9b_mafia
.exe windows:5 windows x86 arch:x86

b58126b54481e6034e4f332774a2c13d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

kernel32

FindFirstFileExA
EncodePointer
DecodePointer
RaiseException
ExitProcess
HeapFree
HeapAlloc
VirtualAlloc
GetSystemInfo
VirtualQuery
SetEnvironmentVariableA
SetCurrentDirectoryA
GetDriveTypeW
HeapSetInformation
GetStartupInfoW
ExitThread
GetConsoleMode
HeapReAlloc
SetStdHandle
HeapSize
HeapQueryInformation
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
IsProcessorFeaturePresent
IsValidCodePage
GetStringTypeW
GetTimeZoneInformation
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryW
SetHandleCount
LCMapStringW
HeapCreate
FreeEnvironmentStringsW
GetEnvironmentStringsW
CompareStringW
CreateFileW
GetConsoleCP
GetProcessHeap
GetDateFormatA
GetExitCodeProcess
CreateProcessA
GetModuleFileNameA
SizeofResource
LockResource
LoadResource
FindResourceW
WideCharToMultiByte
GetProcAddress
LoadLibraryA
FreeLibrary
ResumeThread
SetEvent
ResetEvent
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
Sleep
CreateThread
CloseHandle
WaitForSingleObject
CreateEventA
CreateFileA
WriteFile
ReadFile
GlobalUnlock
GlobalLock
GlobalAlloc
MultiByteToWideChar
lstrcpyA
GetTimeFormatA
GetSystemTimeAsFileTime
RtlUnwind
GetStdHandle
GetFileType
WriteConsoleW
SearchPathA
GetProfileIntA
GetNumberFormatA
FindResourceExW
GetCurrentDirectoryA
GetACP
GetOEMCP
GetCPInfo
GetSystemDirectoryW
GlobalFlags
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
LocalLock
lstrlenA
GetModuleHandleA
SetLastError
LocalUnlock
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
DeactivateActCtx
ActivateActCtx
VirtualProtect
FindNextFileA
GetTempFileNameA
ReplaceFileA
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
GetModuleHandleW
InterlockedExchange
FindResourceA
FreeResource
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
CompareStringA
LoadLibraryW
lstrcmpW
GetCurrentProcessId
GlobalGetAtomNameA
GlobalAddAtomA
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
lstrcmpA
SuspendThread
GetCurrentThreadId
WaitForMultipleObjects
ReleaseMutex
CreateMutexA
GetFileTime
GetFileSizeEx
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileAttributesExA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
UnmapViewOfFile
SetFilePointer
DeleteFileA
lstrcmpiA
GetThreadLocale
GetStringTypeExA
GlobalFree
GlobalSize
lstrlenW
MulDiv
GetCurrentThread
SetThreadPriority
GetCurrentProcess
InitializeCriticalSection
SetVolumeLabelA
GetDiskFreeSpaceA
GetDriveTypeA
GetFileAttributesA
SetFileAttributesA
FlushViewOfFile
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
GetTickCount
CopyFileA
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
OpenFileMappingA
PulseEvent
MoveFileA
QueryPerformanceCounter
FormatMessageA
LocalFree
CreateFileMappingA
MapViewOfFile

user32

IsCharLowerA
MapVirtualKeyExA
GetWindowRgn
MonitorFromPoint
DrawIconEx
DrawFrameControl
DrawEdge
DrawStateA
CreateMenu
PostThreadMessageA
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
CharNextA
DrawIcon
LockWindowUpdate
GetDCEx
WindowFromPoint
CopyImage
UnionRect
SetLayeredWindowAttributes
EnumDisplayMonitors
SetWindowRgn
RealChildWindowFromPoint
UnregisterClassA
GetSysColorBrush
GetTabbedTextExtentW
GetTabbedTextExtentA
SetWindowContextHelpId
LoadAcceleratorsW
ShowOwnedPopups
LoadCursorW
DestroyCursor
SetCursorPos
MapDialogRect
SetParent
GetSystemMenu
DeleteMenu
IsClipboardFormatAvailable
SystemParametersInfoA
GetMenuItemInfoA
InflateRect
CreateDialogIndirectParamA
EndDialog
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
PostQuitMessage
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
IsChild
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
SetScrollPos
GetScrollPos
MessageBoxA
GetClassInfoExA
RegisterClassA
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
CallWindowProcA
GetClassNameA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
WinHelpA
LoadImageA
DestroyIcon
SetFocus
GetWindowThreadProcessId
IsWindowEnabled
EqualRect
GetDlgItem
GetDlgCtrlID
LoadIconW
SetCursor
LoadAcceleratorsA
SetActiveWindow
InsertMenuItemA
SetRectEmpty
GetLastActivePopup
SetMenu
GetDesktopWindow
ShowWindow
AdjustWindowRectEx
RedrawWindow
SetWindowPos
SetWindowLongA
TranslateAcceleratorA
TranslateMDISysAccel
BringWindowToTop
DrawMenuBar
CreateWindowExA
DefMDIChildProcA
GetMenu
DefFrameProcA
MapVirtualKeyA
GetKeyNameTextA
CopyRect
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
GetMessageA
GetActiveWindow
IsWindowVisible
PeekMessageA
ValidateRect
MsgWaitForMultipleObjectsEx
GetMenuState
GetMenuStringA
GetMenuItemID
GetMenuItemCount
OemToCharBuffA
CharToOemBuffA
CharUpperA
InsertMenuA
RemoveMenu
IntersectRect
IsRectEmpty
wsprintfA
SetForegroundWindow
LoadBitmapA
IsZoomed
GetWindowLongA
DrawFocusRect
TranslateMessage
DispatchMessageA
RegisterClipboardFormatA
FrameRect
SubtractRect
CharUpperBuffA
GetUpdateRect
GetDoubleClickTime
CopyIcon
SetMenuDefaultItem
LoadImageW
WaitMessage
GetIconInfo
HideCaret
InvertRect
GetMenuDefaultItem
CreateAcceleratorTableA
GetKeyboardState
ReleaseCapture
GetSystemMetrics
GetClassInfoA
LoadCursorA
IsWindow
DefWindowProcA
GetKeyboardLayout
ToAsciiEx
DestroyAcceleratorTable
SetClassLongA
NotifyWinEvent
IsMenu
UpdateLayeredWindow
GetParent
ShowScrollBar
GetNextDlgTabItem
GetFocus
SetCapture
GetCapture
EnableScrollBar
ClientToScreen
CreatePopupMenu
OffsetRect
PtInRect
MessageBeep
PostMessageA
ReleaseDC
GetDC
GetClipboardData
GetWindow
InvalidateRect
UpdateWindow
GetClientRect
GetMessagePos
GetAsyncKeyState
GetSubMenu
EnableMenuItem
CheckMenuItem
AppendMenuA
EmptyClipboard
SetClipboardData
CloseClipboard
GetKeyState
GetCursorPos
OpenClipboard
KillTimer
SetTimer
ScreenToClient
GetWindowRect
IsIconic
SendMessageA
LoadMenuW
SetRect
EnableWindow
GetSysColor
FillRect
GetScrollRange

gdi32

CreateBitmap
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
DeleteObject
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
DeleteDC
CreateDCA
SetBkColor
GetObjectType
StretchDIBits
GetTextMetricsA
DPtoLP
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetViewportOrgEx
GetTextAlign
DeleteMetaFile
SetRectRgn
CombineRgn
GetMapMode
CreateDIBSection
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetBkColor
EnumFontFamiliesExA
CreateEllipticRgn
LPtoDP
GetTextColor
GetRgnBox
GetTextFaceA
GetWindowOrgEx
CreatePolygonRgn
CreateRoundRectRgn
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
ExtFloodFill
SetPaletteEntries
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
SetPixelV
SelectPalette
SetTextColor
CopyMetaFileA
GetDeviceCaps
CloseMetaFile
CreateMetaFileA
GetROP2
CreateHatchBrush
CreatePen
CreateFontA
PatBlt
GetCharWidthA
GetTextExtentPoint32A
BitBlt
Polygon
CreateRectRgnIndirect
GetObjectA
CreateFontIndirectA
GetStockObject
CreateCompatibleDC
CreateCompatibleBitmap
SetPixel
Rectangle
Ellipse
Polyline
CreatePalette
CreatePatternBrush
CreateSolidBrush

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
GetJobA
DocumentPropertiesA

advapi32

RegOpenKeyExW
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyA
RegEnumKeyExA
RegQueryValueA
GetFileSecurityA
SetFileSecurityA
RegCloseKey
RegSetValueA
RegDeleteValueA
RegEnumValueA

shell32

ExtractIconA
SHGetPathFromIDListA
SHBrowseForFolderA
DragAcceptFiles
ShellExecuteA
ShellExecuteExA
SHGetFileInfoA
SHGetSpecialFolderLocation
SHAppBarMessage
SHGetDesktopFolder
SHAddToRecentDocs
DragQueryFileA
DragFinish

comctl32

ImageList_GetIconSize

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW
SHDeleteKeyA
PathFindFileNameA

ole32

OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoRegisterMessageFilter
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CreateStreamOnHGlobal
CoInitialize
CoDisconnectObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoRevokeClassObject
RevokeDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleGetClipboard
CoInitializeEx
CoCreateInstance
CoUninitialize
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
StringFromCLSID
RegisterDragDrop
DoDragDrop
CoTaskMemFree
CoLockObjectExternal
OleLockRunning
OleDestroyMenuDescriptor
CoRegisterClassObject

oleaut32

OleCreateFontIndirect
SafeArrayDestroy
LoadTypeLi
SysAllocString
VariantCopy
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
VarDateFromStr
VarBstrFromDate
SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime

python27

PyString_FromString
PyOS_snprintf
PyErr_SetString
PyDict_GetItemString
_Py_NoneStruct
PyArg_ParseTuple
PyBool_FromLong
PySys_WriteStderr
Py_VerboseFlag
PyDict_SetItemString
Py_BuildValue
PyDict_New
PyExc_OverflowError
PyErr_Clear
PyObject_GetAttrString
PyImport_ImportModuleNoBlock
PyObject_CallFunction
PyExc_IOError
PyString_FromStringAndSize
PyCode_Type
PyMarshal_ReadObjectFromString
PyImport_GetMagicNumber
PyString_Size
PyMem_Free
PyExc_MemoryError
PyMem_Malloc
Py_CompileStringFlags
PyTuple_GetItem
PyTuple_Size
PyModule_AddObject
PyErr_NewException
PyExc_ImportError
Py_OptimizeFlag
PyObject_GC_UnTrack
PyArg_ParseTupleAndKeywords
PyImport_ExecCodeModuleEx
PyString_FromFormat
PyModule_GetDict
PyImport_AddModule
PyErr_SetFromErrnoWithFilename
PyObject_GC_Del
PyType_GenericNew
PyType_GenericAlloc
PyObject_GenericGetAttr
PyErr_Print
PyErr_Occurred
_Py_TrueStruct
PyBool_Type
PyObject_CallMethod
PyCObject_AsVoidPtr
PyExc_RuntimeError
PyCObject_Type
PyExc_AttributeError
PyImport_ImportModule
PyErr_GivenExceptionMatches
PyObject_CallObject
PyTuple_New
PyCallable_Check
PyTuple_SetItem
PyList_Append
PyList_New
PyDict_Next
PyLong_AsLong
PyExc_SystemError
PyImport_ExecCodeModule
PyRun_SimpleStringFlags
Py_InitModule4
PyType_Ready
PyEval_RestoreThread
Py_SetProgramName
Py_Initialize
PySys_SetArgv
PyEval_InitThreads
PyEval_SaveThread
PyGILState_Release
PyGILState_Ensure
PyUnicodeUCS2_AsLatin1String
PyExc_TypeError
PyErr_Format
PyInt_AsLong
PyFloat_Type
PyType_IsSubtype
PyFloat_AsDouble
PyList_Size
PyList_GetItem
PyString_AsString
Py_Finalize

oledlg

ord8

gdiplus

GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdiplusShutdown
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipAlloc
GdipDeleteGraphics
GdipFree

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 415KB - Virtual size: 414KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b58126b54481e6034e4f332774a2c13d

Headers

DLL Characteristics

File Characteristics

Imports

winmm

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

python27

oledlg

gdiplus

oleacc

imm32

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 415KB - Virtual size: 414KB

.data Size: 38KB - Virtual size: 120KB

.rsrc Size: 314KB - Virtual size: 313KB

.reloc Size: 232KB - Virtual size: 232KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 415KB - Virtual size: 414KB

.data
Size: 38KB - Virtual size: 120KB

.rsrc
Size: 314KB - Virtual size: 313KB

.reloc
Size: 232KB - Virtual size: 232KB