2024-03-05_f48c80ddc683e72a1787db32eefe4dd4_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-05_f48c80ddc683e72a1787db32eefe4dd4_mafia
Size

3.1MB
MD5

f48c80ddc683e72a1787db32eefe4dd4
SHA1

84f60cae9b51a0207239b94dae6c67441563d802
SHA256

73463a108f00494873b52784df852cc9629a78fd0aa468d258a4c939dcc23464
SHA512

7047f0997fdfb21cef7148c56ea329b804c0c297b411140a3a09c88b92432f87d3e499a15e30109e0b54eba830433d0b4889d0b24b5bbd78693584e308abc24b
SSDEEP

98304:8ysXFkMursRCfriBm8Jmf6YHtnJUn6cSMngq3TEyNQauIG7P5drZYS:8ysXFkMursRCfriBm8Jmf6YHtnJUn6c4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-05_f48c80ddc683e72a1787db32eefe4dd4_mafia

Files

2024-03-05_f48c80ddc683e72a1787db32eefe4dd4_mafia
.exe windows:5 windows x86 arch:x86

47ed2c5353e4409fa222b7bbe3ce3ec1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dinput8

DirectInput8Create

winmm

timeGetTime

d3d9

Direct3DCreate9

dsound

ord1

netapi32

Netbios

snmpapi

SnmpUtilOidCpy
SnmpUtilOidNCmp
SnmpUtilVarBindFree

iphlpapi

GetAdaptersInfo

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetShortPathNameA
CreateFileA
LocalFileTimeToFileTime
SetFileAttributesA
FindNextFileA
SetErrorMode
RtlUnwind
VirtualProtect
VirtualAlloc
GetModuleHandleW
GetSystemInfo
VirtualQuery
HeapAlloc
HeapFree
EncodePointer
DecodePointer
CreateDirectoryA
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
FindFirstFileExA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapReAlloc
ExitProcess
ExitThread
CreateThread
HeapQueryInformation
HeapSize
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
HeapCreate
HeapDestroy
GetConsoleCP
GetConsoleMode
SetHandleCount
IsProcessorFeaturePresent
UnlockFile
GetTimeZoneInformation
GetACP
IsValidCodePage
LCMapStringW
FatalAppExitA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetLocaleInfoW
GetStringTypeW
LoadLibraryW
GetDriveTypeW
WriteConsoleW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetCurrentDirectoryW
SetCurrentDirectoryW
CreateFileW
GetProcessHeap
SetEnvironmentVariableA
GetEnvironmentVariableW
GetVersion
InterlockedExchange
MultiByteToWideChar
GetEnvironmentVariableA
CompareStringW
CompareStringA
lstrlenW
WideCharToMultiByte
GetStringTypeExW
GetStringTypeExA
lstrcmpiW
lstrcmpiA
lstrlenA
GetLastError
FindResourceA
SizeofResource
LockResource
LoadResource
GetVersionExA
GetVolumeInformationA
GetTickCount
GetModuleHandleA
CloseHandle
Process32Next
Process32First
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
MoveFileA
GetCurrentDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetAtomNameA
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
CreateToolhelp32Snapshot
Sleep
GetProcAddress
LoadLibraryA
FreeLibrary
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
InterlockedIncrement
GlobalFlags
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
LocalLock
LocalUnlock
InterlockedDecrement
GetModuleFileNameW
GetCurrentProcessId
GetModuleFileNameA
GetCurrentThreadId
GlobalGetAtomNameA
DeleteFileA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
CopyFileA
GlobalSize
GlobalAlloc
FormatMessageA
MulDiv
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
RaiseException
LocalFree
LocalAlloc
SetLastError
SetConsoleCtrlHandler

user32

TranslateAcceleratorA
SetMenu
BringWindowToTop
SetRectEmpty
CreatePopupMenu
InsertMenuItemA
LoadAcceleratorsA
DestroyMenu
ReuseDDElParam
UnpackDDElParam
GetMenuItemInfoA
FindWindowA
IsRectEmpty
SetWindowRgn
IsZoomed
DestroyCursor
GetDialogBaseUnits
GetSysColorBrush
UnregisterClassA
DeleteMenu
DestroyIcon
GetSystemMenu
SetParent
UnionRect
CopyAcceleratorTableA
InvalidateRgn
CharNextA
MapDialogRect
SetWindowContextHelpId
WindowFromPoint
GetDCEx
LockWindowUpdate
RegisterClipboardFormatA
GetNextDlgGroupItem
PostThreadMessageA
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
ScrollWindowEx
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
KillTimer
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
UpdateWindow
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
CallWindowProcA
SetWindowLongA
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
ScreenToClient
DrawTextA
FrameRect
GetSysColor
DrawIcon
GetFocus
LoadMenuA
PtInRect
EnableMenuItem
GetMenu
GetSubMenu
GetMenuState
CheckMenuItem
GetAsyncKeyState
DrawMenuBar
GetForegroundWindow
FlashWindow
SetCapture
GetClipCursor
GetCursorPos
GetCursor
MoveWindow
PostMessageA
GetCapture
ReleaseCapture
ClipCursor
SetCursor
ShowCursor
SetCursorPos
SetTimer
GetSystemMetrics
IsWindowVisible
GetDesktopWindow
ReleaseDC
GetDC
EnumDisplaySettingsA
ShowWindow
LoadIconA
RegisterClassExA
CreateWindowExA
IsWindow
PostQuitMessage
DefWindowProcA
IsIconic
LoadCursorA
WaitMessage
ShowOwnedPopups
GetMessageA
ValidateRect
GetTabbedTextExtentA
MessageBeep
IsClipboardFormatAvailable
MapVirtualKeyA
GetKeyNameTextA
GetWindowThreadProcessId
EndPaint
BeginPaint
SetScrollRange
GetWindowDC
PeekMessageA
TranslateMessage
DispatchMessageA
MessageBoxA
DrawFocusRect
DrawFrameControl
DrawStateA
InflateRect
CopyRect
GetParent
RedrawWindow
ShowScrollBar
InvalidateRect
TrackMouseEvent
GetClientRect
GetWindowRect
FillRect
LoadImageA
OffsetRect
SetRect
SendMessageA
EnableWindow
CharUpperA
CharUpperW
CharLowerA
CharLowerW
GetWindow

gdi32

CopyMetaFileA
CreateDCA
GetDCOrgEx
GetClipBox
SetTextColor
SetBkColor
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
SelectClipRgn
GetClipRgn
CreateRectRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
StartDocA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
GetDeviceCaps
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
CreateFontIndirectA
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
ExtCreatePen
CreateHatchBrush
CreateRectRgnIndirect
PatBlt
DPtoLP
GetTextMetricsA
GetCharWidthA
CreateEllipticRgn
LPtoDP
Ellipse
StretchDIBits
SetRectRgn
CombineRgn
GetMapMode
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetRgnBox
GetBkColor
GetTextColor
CreateFontA
GetTextExtentPoint32A
Rectangle
CreatePen
DeleteObject
GetObjectA
GetBitmapBits
SetBitmapBits
StretchBlt
GetPixel
BitBlt
GetCurrentPositionEx
GetStockObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
OffsetViewportOrgEx
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

GetJobA
OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegCreateKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
IsTextUnicode
GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegSetValueA
RegOpenKeyExA
RegCloseKey

shell32

DragAcceptFiles
DragFinish
DragQueryFileA
ExtractIconA
SHGetFileInfoA
ShellExecuteA

shlwapi

PathRemoveExtensionA
PathFindFileNameA
UrlUnescapeA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
StringFromCLSID
CoRegisterClassObject
CoRevokeClassObject
OleSetContainedObject
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleDuplicateData
ReleaseStgMedium
OleCreateStaticFromData
CoTaskMemFree
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
OleRun
CoTreatAsClass
CreateBindCtx
CoTaskMemAlloc
CreateStreamOnHGlobal
CoCreateInstance
StringFromGUID2
CLSIDFromString
CoDisconnectObject
CoGetClassObject
StgOpenStorageOnILockBytes
CLSIDFromProgID
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard

oleaut32

SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VarDateFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromDate
SafeArrayCreateVector
OleCreateFontIndirect
LoadTypeLi
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen
SysAllocString
VariantClear

ws2_32

ntohs
WSACleanup
gethostname
WSAStartup
WSAGetLastError
inet_ntoa
gethostbyname
listen
recv
send
WSAAsyncSelect
recvfrom
sendto
connect
WSASetLastError
getpeername
getsockname
bind
inet_addr
htons
htonl
select
socket
accept
closesocket

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

wininet

InternetConnectA
FtpFindFirstFileA
GopherCreateLocatorA
FtpCommandA
FtpOpenFileA
GopherGetAttributeA
HttpSendRequestExA
HttpEndRequestA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
GopherFindFirstFileA
InternetCloseHandle
GopherOpenFileA
HttpQueryInfoA
HttpAddRequestHeadersA
InternetErrorDlg
FtpGetFileA
FtpPutFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
FtpCreateDirectoryA
FtpRenameFileA
FtpDeleteFileA
InternetQueryDataAvailable
InternetGetCookieA
InternetSetCookieA
InternetSetOptionExA
InternetQueryOptionA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetOpenUrlA
HttpOpenRequestA
InternetFindNextFileA

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 396KB - Virtual size: 395KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 877KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 318KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

47ed2c5353e4409fa222b7bbe3ce3ec1

Headers

DLL Characteristics

File Characteristics

Imports

dinput8

winmm

d3d9

dsound

netapi32

snmpapi

iphlpapi

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

ws2_32

oleacc

wininet

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 396KB - Virtual size: 395KB

.data Size: 31KB - Virtual size: 877KB

.idata Size: 21KB - Virtual size: 20KB

.didat Size: 2KB - Virtual size: 1KB

.rsrc Size: 318KB - Virtual size: 318KB

.reloc Size: 138KB - Virtual size: 137KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 396KB - Virtual size: 395KB

.data
Size: 31KB - Virtual size: 877KB

.idata
Size: 21KB - Virtual size: 20KB

.didat
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 318KB - Virtual size: 318KB

.reloc
Size: 138KB - Virtual size: 137KB