Static task
static1
Behavioral task
behavioral1
Sample
2024-02-25_890d7bdee4aa75e475284562233abcf9_mafia.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-02-25_890d7bdee4aa75e475284562233abcf9_mafia.exe
Resource
win10v2004-20240221-en
General
-
Target
2024-02-25_890d7bdee4aa75e475284562233abcf9_mafia
-
Size
2.5MB
-
MD5
890d7bdee4aa75e475284562233abcf9
-
SHA1
2fb5701d7792dbf0fa5c5bdda649ffb709f30065
-
SHA256
d3952bf21c0b3ebc0eb6b5c34654b75332c1035347156fd4f4431a26ac41b34a
-
SHA512
d062919a20db4db58d8218a23b183b0f8357a9047aa176d0f773e664c4ff331118160e32dd8631e99a844a4969ed986cd6e9e692da2b372bf6941790e0a0cfaa
-
SSDEEP
49152:rO1lb9EUKjRzsqAYB33sxxFw/8BKvKnwmByb3TmwobIeNzte:iHJEUKjRzsq9ViRwb6vp
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-02-25_890d7bdee4aa75e475284562233abcf9_mafia
Files
-
2024-02-25_890d7bdee4aa75e475284562233abcf9_mafia.exe windows:5 windows x86 arch:x86
ef25372eb67c5a1136d7e3d58aefdce1
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CreateFileW
WriteConsoleW
SetStdHandle
GetTimeZoneInformation
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
IsValidCodePage
GetACP
GetSystemTimeAsFileTime
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
LoadLibraryW
FlushFileBuffers
SetEnvironmentVariableA
SetEndOfFile
WritePrivateProfileStringA
GlobalFree
GlobalUnlock
GlobalAlloc
GlobalLock
GetModuleFileNameA
Sleep
GetConsoleMode
GetConsoleCP
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetModuleFileNameW
GetStdHandle
HeapSize
SetLastError
TlsFree
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
EncodePointer
DecodePointer
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLocaleInfoW
GetStringTypeW
GetModuleHandleA
HeapAlloc
HeapFree
GetProcessHeap
GetProcAddress
FreeLibrary
lstrlenA
LoadLibraryA
lstrcpyA
lstrcmpA
lstrcatA
SetEvent
GetCurrentThreadId
HeapReAlloc
GlobalSize
QueryPerformanceCounter
GetLocalTime
FileTimeToSystemTime
FileTimeToLocalFileTime
SetFilePointer
ResetEvent
WaitForSingleObject
ReadFile
SetCurrentDirectoryA
GetCurrentDirectoryA
FindFirstFileA
FindNextFileA
FindClose
ExitThread
CloseHandle
CreateFileA
DeleteFileA
CreateEventA
GetTempFileNameA
GetTempPathA
WriteFile
GetExitCodeThread
OutputDebugStringA
CreateThread
GetFileSize
lstrcatW
ExitProcess
GetVersionExA
GetOEMCP
QueryPerformanceFrequency
GlobalMemoryStatus
ResumeThread
SetThreadPriority
lstrcpyW
DeleteFileW
lstrlenW
WaitForMultipleObjects
GetThreadPriority
GetCurrentThread
GetTickCount
lstrcmpW
MulDiv
lstrcpynW
GetLastError
CreateSemaphoreA
ReleaseSemaphore
GetSystemInfo
VirtualAlloc
VirtualFree
GetModuleHandleW
VirtualProtect
VirtualQuery
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetCPInfo
RtlUnwind
RaiseException
LCMapStringW
GetTimeFormatA
GetDateFormatA
CompareStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapCreate
TlsAlloc
TlsGetValue
TlsSetValue
user32
OpenClipboard
SetClipboardData
MessageBoxA
CloseClipboard
EmptyClipboard
MsgWaitForMultipleObjects
RegisterWindowMessageA
GetQueueStatus
PostThreadMessageA
GetDesktopWindow
GetKeyboardState
FindWindowA
GetWindowLongA
BringWindowToTop
EnumDisplaySettingsA
ChangeDisplaySettingsA
ReleaseDC
GetDC
SetRect
SetTimer
KillTimer
GetSystemMetrics
GetClientRect
GetWindowRect
SetWindowTextA
SetClassLongA
LoadIconA
UpdateWindow
ShowWindow
ClipCursor
GetClipboardData
IsClipboardFormatAvailable
SetWindowRgn
SendMessageA
GetMenuItemInfoA
GetMenuItemCount
PostMessageA
ShowCursor
GetCursorPos
SetWindowPos
SetForegroundWindow
SystemParametersInfoA
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
DrawMenuBar
BeginPaint
WINNLSEnableIME
SetMenu
SetActiveWindow
ClientToScreen
AdjustWindowRectEx
SetWindowLongA
MoveWindow
CreateWindowExA
DestroyMenu
TranslateMessage
DispatchMessageA
PeekMessageA
TranslateAcceleratorA
IsDialogMessageA
DefWindowProcA
DestroyWindow
UnregisterClassA
UnhookWindowsHookEx
RegisterClassExA
LoadCursorA
SetCursor
PostQuitMessage
EndPaint
FillRect
gdi32
SelectObject
CreateCompatibleDC
DeleteDC
GetTextMetricsA
GetGlyphOutlineA
SetDIBitsToDevice
GetClipBox
CreateSolidBrush
GetStockObject
CreateDIBSection
StretchDIBits
GetObjectA
CreateFontA
DeleteObject
GetDeviceCaps
shell32
DragQueryFileA
DragFinish
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
winmm
timeEndPeriod
timeBeginPeriod
timeGetTime
timeGetDevCaps
joyGetPosEx
joyGetDevCapsA
mciSendCommandA
timeSetEvent
timeKillEvent
wsock32
WSAGetLastError
closesocket
accept
WSACleanup
send
recv
WSAAsyncSelect
imm32
ImmNotifyIME
ImmSetCompositionStringA
ImmGetCompositionStringA
ImmGetCandidateListA
ImmGetOpenStatus
ImmGetContext
ImmSetOpenStatus
ImmReleaseContext
msacm32
acmStreamConvert
acmStreamOpen
acmStreamSize
acmStreamPrepareHeader
acmStreamClose
acmStreamUnprepareHeader
acmMetrics
acmFormatSuggest
imagehlp
MakeSureDirectoryPathExists
advapi32
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
ole32
CoInitialize
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree
CoFreeUnusedLibraries
CoCreateInstance
Sections
.text Size: 1.9MB - Virtual size: 1.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 280KB - Virtual size: 280KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 158KB - Virtual size: 3.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 87KB - Virtual size: 86KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 104KB - Virtual size: 104KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ