2024-03-08_57e8a38a7f3d505ca8b6d5eb3af43525_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-03-08_57e8a38a7f3d505ca8b6d5eb3af43525_mafia
Size

284KB
MD5

57e8a38a7f3d505ca8b6d5eb3af43525
SHA1

3de3407ba88b88ca77d140056715f5a7af10e737
SHA256

739ace3f620694064997afcd318f20f4317b54d6ce50fc8591a9351ce033e43e
SHA512

6b961bf781885a3abd44c7efa565eb2fc5dab9ae4c8c0da8399ea2e1e5ca5d461bcae3be944561e5de55eb41e1905370fa2a8cec78cf88f88a1792070055bef4
SSDEEP

6144:4nKvHvLb7YmQhXcAOsH5JnwGk4lqM1K0eZ57fsfTU9/9:4nmKsKV/D1leZ5bsw9/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-08_57e8a38a7f3d505ca8b6d5eb3af43525_mafia

Files

2024-03-08_57e8a38a7f3d505ca8b6d5eb3af43525_mafia
.exe windows:5 windows x86 arch:x86

306c54f67f9943a625b11d10e79c67bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Sorgenti\CoolSoft\C\VirtualMIDISynth_1.x\bin\VirtualMIDISynth_configurator.pdb

Imports

bass

BASS_GetDeviceInfo

comctl32

ImageList_Create
CreatePropertySheetPageW
ImageList_GetIconSize
ord17
ImageList_Draw
PropertySheetW
ImageList_Destroy
_TrackMouseEvent
ImageList_ReplaceIcon

winmm

midiOutGetNumDevs
midiOutGetDevCapsW

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlW
InternetOpenW

advapi32

RegOpenKeyExW
RegOpenKeyW
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey

kernel32

SystemTimeToFileTime
GetLocalTime
CreateMutexW
FindResourceW
LoadLibraryA
GetCurrentThreadId
CloseHandle
GetVersion
SetPriorityClass
VirtualQuery
GetCurrentProcess
InitializeCriticalSection
DeleteCriticalSection
TlsAlloc
TlsFree
lstrcpyW
GetCurrentThread
SetThreadPriority
CreateThread
GetModuleHandleW
GetVersionExW
IsWow64Process
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetLocaleInfoW
GetSystemTimeAsFileTime
FindNextFileW
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WriteFile
SetFilePointer
ReadFile
GetFileType
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
ExitProcess
HeapSize
SetLastError
HeapCreate
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
LCMapStringW
RtlUnwind
RaiseException
GetCPInfo
GetStartupInfoW
HeapSetInformation
GetCommandLineW
HeapAlloc
HeapFree
Sleep
DecodePointer
EncodePointer
GetStringTypeW
InterlockedExchange
InterlockedCompareExchange
WideCharToMultiByte
FindClose
MultiByteToWideChar
FindFirstFileW
LocalFree
EnterCriticalSection
GetProcessHeap
GetProcAddress
GetLastError
GetPrivateProfileIntW
WritePrivateProfileStringW
lstrlenW
lstrcmpW
lstrcpynW
LeaveCriticalSection
FormatMessageW
LoadLibraryW
TlsSetValue
GetPrivateProfileStringW
OutputDebugStringW
InterlockedDecrement
InterlockedIncrement
FreeLibrary
TlsGetValue
IsValidLocale
HeapReAlloc
SetStdHandle
WriteConsoleW
CreateFileW
SetEndOfFile
GetCurrentProcessId

user32

TranslateMessage
UnregisterClassW
PostQuitMessage
GetMessageW
TranslateAcceleratorW
ClientToScreen
SetTimer
ScreenToClient
IsChild
SetCapture
DialogBoxIndirectParamW
DialogBoxParamW
CallNextHookEx
IsWindowEnabled
GetClientRect
SetFocus
PeekMessageW
InflateRect
IsDialogMessageW
OffsetRect
CreateDialogIndirectParamW
TrackPopupMenuEx
GetAsyncKeyState
GetWindowLongW
AppendMenuW
EndDialog
SendDlgItemMessageW
GetCursorPos
ShowWindow
CreatePopupMenu
CreateDialogParamW
UnhookWindowsHookEx
ReleaseCapture
IsWindowVisible
MapWindowPoints
EnableWindow
wsprintfW
DispatchMessageW
CheckMenuItem
MoveWindow
IsRectEmpty
SetCursor
InvalidateRect
FillRect
DrawTextW
PtInRect
DrawFocusRect
RedrawWindow
GetSysColor
GetDlgCtrlID
DrawFrameControl
CopyRect
GetWindow
EndPaint
DestroyWindow
GetWindowTextLengthW
GetWindowRect
IsMenu
LoadImageW
PostMessageW
GetParent
LoadCursorW
BeginPaint
GetClassInfoW
GetUpdateRect
GetDC
GetWindowPlacement
IntersectRect
GetWindowTextW
SystemParametersInfoW
GetClassNameW
ReleaseDC
GetDlgItem
SetWindowLongW
GetDesktopWindow
SetWindowPos
WindowFromDC
IsWindow
CreateWindowExW
MessageBoxW
RegisterClassW
GetSystemMetrics
SendMessageW
DestroyMenu
SetWindowTextW
GetMonitorInfoW
CallWindowProcW
DefWindowProcW
MonitorFromRect
SetWindowsHookExW

gdi32

SetTextColor
SetBkMode
DeleteObject
SelectObject
CreateSolidBrush
DeleteDC
GetTextMetricsW
PatBlt
SaveDC
SetBkColor
PaintRgn
RoundRect
CreatePen
CreateRectRgn
ExtTextOutW
Rectangle
CreateCompatibleBitmap
CombineRgn
CreateCompatibleDC
SelectClipRgn
CreateFontIndirectW
LineTo
BitBlt
MoveToEx
GetObjectW
GetStockObject
GetTextExtentPoint32W
RestoreDC

comdlg32

GetOpenFileNameW

shell32

ShellExecuteW

Sections

.text
Size: 186KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

306c54f67f9943a625b11d10e79c67bb

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

bass

comctl32

winmm

wininet

advapi32

kernel32

user32

gdi32

comdlg32

shell32

Sections

.text Size: 186KB - Virtual size: 185KB

.rdata Size: 45KB - Virtual size: 44KB

.data Size: 8KB - Virtual size: 18KB

.rsrc Size: 26KB - Virtual size: 26KB

.reloc Size: 17KB - Virtual size: 17KB

.text
Size: 186KB - Virtual size: 185KB

.rdata
Size: 45KB - Virtual size: 44KB

.data
Size: 8KB - Virtual size: 18KB

.rsrc
Size: 26KB - Virtual size: 26KB

.reloc
Size: 17KB - Virtual size: 17KB