2024-03-06_4da2403516d653081032dd5b9a6c64e8_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-06_4da2403516d653081032dd5b9a6c64e8_mafia
Size

935KB
MD5

4da2403516d653081032dd5b9a6c64e8
SHA1

84fcaad1a166dc79fd98bac0061dffcbe90da294
SHA256

9440d1b115c81fe25158db2ab34cc5b003040804eb06b40764412b6288704e85
SHA512

c38d25947b353d7bde2e05df1aa89e70d9a2d1f2c20d556394496c87b48ad95dce388ac6e96d625bdb51d898cd9ebf27eed7fc2494009e8199cfe8029eedc0c6
SSDEEP

24576:2LgnE8uYEoZODUuhm6WvLUYYhSd9BG4/A4Te8Du:28ufJKLUYDK4/zTe8K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-06_4da2403516d653081032dd5b9a6c64e8_mafia

Files

2024-03-06_4da2403516d653081032dd5b9a6c64e8_mafia
.exe windows:5 windows x86 arch:x86

a22ce981d28b614885e2ac0c464662cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\test\Desktop\tightvnc-2.7.10\tightvnc-2.7.10\Release\tvnviewer.pdb

Imports

comctl32

ImageList_Create
ImageList_ReplaceIcon
ImageList_Destroy
InitCommonControlsEx
CreateToolbarEx

winmm

timeGetTime

kernel32

HeapReAlloc
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
GetConsoleMode
GetConsoleCP
ReadFile
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetOEMCP
SetFilePointer
SetStdHandle
WriteConsoleW
FlushFileBuffers
SetEndOfFile
GetProcessHeap
GetACP
GetFileSizeEx
Sleep
GetModuleHandleW
GetLocalTime
CompareStringW
GetLocaleInfoW
SetEnvironmentVariableA
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
FindFirstFileW
SetErrorMode
GetLogicalDriveStringsW
CreateDirectoryW
SetFileTime
CreateFileW
MoveFileW
FindClose
RemoveDirectoryW
FindNextFileW
CloseHandle
DeleteFileW
GetCurrentThreadId
GetCurrentProcessId
FormatMessageW
WaitForSingleObject
SuspendThread
ResumeThread
CreateThread
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetDateFormatW
SystemTimeToFileTime
GetTimeFormatW
FileTimeToSystemTime
FileTimeToLocalFileTime
FreeResource
FindResourceW
LoadResource
LockResource
GetModuleFileNameW
GetLastError
CreateProcessW
SetEvent
TerminateProcess
CreateEventW
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalFree
GetCommandLineW
LoadLibraryW
GetProcAddress
GetCurrentProcess
LocalFree
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
EncodePointer
DecodePointer
HeapFree
HeapSetInformation
GetStartupInfoW
HeapAlloc
GetCPInfo
RaiseException
RtlUnwind
LCMapStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapSize
ExitProcess
IsProcessorFeaturePresent
HeapCreate
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
WriteFile
GetStdHandle

user32

MessageBoxW
GetDlgItem
GetCursorPos
SetForegroundWindow
RegisterWindowMessageW
TrackPopupMenu
IsWindowVisible
CallWindowProcW
DestroyIcon
SendMessageW
GetSystemMetrics
GetWindowLongW
PostMessageW
EnableWindow
SetWindowTextW
GetWindowTextW
InvalidateRect
IsWindow
CreateDialogParamW
EndDialog
SetClassLongW
LoadIconW
DialogBoxParamW
DestroyWindow
CreateWindowExW
CheckMenuItem
DestroyMenu
SetMenuDefaultItem
CreatePopupMenu
EnableMenuItem
InsertMenuItemW
GetMenuItemID
GetSystemMenu
SetScrollInfo
ShowScrollBar
GetClientRect
ScreenToClient
BeginPaint
EndPaint
FillRect
LoadBitmapW
GetParent
ReleaseDC
GetDC
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
GetKeyState
LoadAcceleratorsW
SystemParametersInfoW
SetClipboardViewer
SetClipboardData
OpenClipboard
EmptyClipboard
GetClipboardData
GetPriorityClipboardFormat
CloseClipboard
IsDialogMessageW
PostQuitMessage
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
GetMenuItemCount
SetRect
SetWindowPlacement
GetWindowRect
KillTimer
LoadCursorW
MessageBeep
CreateMenu
SetFocus
GetKeyboardLayoutNameW
GetWindowPlacement
AppendMenuW
MonitorFromWindow
GetDesktopWindow
SetWindowPos
ShowWindow
GetMonitorInfoW
TranslateAcceleratorW
SetTimer
GetMessageW
UnregisterClassW
TranslateMessage
SetWindowLongW
GetSysColorBrush
GetActiveWindow
RegisterClassW
DefWindowProcW
DispatchMessageW

comdlg32

GetSaveFileNameW

shell32

SHGetFolderPathW
Shell_NotifyIconW
ShellExecuteW
SHGetSpecialFolderPathW
CommandLineToArgvW

ws2_32

__WSAFDIsSet
socket
bind
recv
setsockopt
closesocket
getsockname
select
connect
gethostbyname
ntohs
send
listen
accept
htons
WSAStartup
shutdown
htonl
ntohl
WSAGetLastError
WSACleanup

avifil32

AVIFileInit
AVISaveOptions
AVIStreamRelease
AVIFileExit
AVIFileOpenW
AVIFileCreateStreamW
AVIStreamSetFormat
AVIStreamWrite
AVIFileRelease
AVIMakeCompressedStream
AVISaveOptionsFree

msvfw32

ord2

gdi32

CreateCompatibleDC
GetObjectW
BitBlt
SelectObject
CreateSolidBrush
DeleteDC
DeleteObject
GetDIBits
GetCurrentObject
CreateDIBSection
StretchBlt
SetStretchBltMode

advapi32

RegEnumKeyW
RegQueryValueExW
RegOpenKeyW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegCreateKeyW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

Sections

.text
Size: 625KB - Virtual size: 625KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a22ce981d28b614885e2ac0c464662cf

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

winmm

kernel32

user32

comdlg32

shell32

ws2_32

avifil32

msvfw32

gdi32

advapi32

version

Sections

.text Size: 625KB - Virtual size: 625KB

.rdata Size: 138KB - Virtual size: 137KB

.data Size: 17KB - Virtual size: 26KB

.rsrc Size: 110KB - Virtual size: 110KB

.reloc Size: 42KB - Virtual size: 42KB

.text
Size: 625KB - Virtual size: 625KB

.rdata
Size: 138KB - Virtual size: 137KB

.data
Size: 17KB - Virtual size: 26KB

.rsrc
Size: 110KB - Virtual size: 110KB

.reloc
Size: 42KB - Virtual size: 42KB