Static task
static1
Behavioral task
behavioral1
Sample
2024-03-08_6a8ff2d0571a179fac9a9288d304f59c_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-08_6a8ff2d0571a179fac9a9288d304f59c_mafia.exe
Resource
win10v2004-20240226-en
General
-
Target
2024-03-08_6a8ff2d0571a179fac9a9288d304f59c_mafia
-
Size
1.3MB
-
MD5
6a8ff2d0571a179fac9a9288d304f59c
-
SHA1
6c6a848fe5333bbcc31dbec9b60a49488f243303
-
SHA256
b01ca0bed38df83833b4a956da4cddb4c8c3619878fe66b86316c93eec7c7839
-
SHA512
803fb47a41b98c1f22e3817c7d8806662547b354be4d22ffeb7ab657af36ab6162408411518596e87b52077570d4a4045917c7172acfeae60eb50bddedfcda62
-
SSDEEP
24576:CtH/R1rqWNtBM97wAHnm0sZK/YyvC0ntSxdM5lc2:CtH/R8WNtBM97wAG0um5SxdM5ll
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-03-08_6a8ff2d0571a179fac9a9288d304f59c_mafia
Files
-
2024-03-08_6a8ff2d0571a179fac9a9288d304f59c_mafia.exe windows:5 windows x86 arch:x86
8a1fcab676cfe7d7d3fe8093e631df3a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
comctl32
ImageList_ReplaceIcon
ord6
CreateToolbarEx
InitCommonControlsEx
ImageList_Create
ord17
winmm
timeGetTime
timeSetEvent
timeKillEvent
PlaySoundA
ws2_32
getpeername
connect
inet_addr
select
WSACleanup
WSAStartup
accept
htons
shutdown
setsockopt
socket
__WSAFDIsSet
closesocket
gethostbyname
send
listen
WSAAsyncSelect
bind
recv
WSAGetLastError
ioctlsocket
kernel32
FindNextFileA
GetTempPathA
DeleteFileA
lstrcpyA
CreateFileA
SetFilePointer
lstrlenA
MoveFileExA
SetEndOfFile
SetErrorMode
SystemTimeToFileTime
CompareFileTime
SetFileTime
WriteFile
GetDriveTypeA
InitializeCriticalSection
LeaveCriticalSection
GetFileAttributesA
FileTimeToSystemTime
ReadFile
FlushFileBuffers
CreateDirectoryA
GetLogicalDriveStringsA
lstrcmpiA
EnterCriticalSection
MoveFileA
GetFileTime
DeleteCriticalSection
FileTimeToLocalFileTime
MulDiv
AllocConsole
GetStdHandle
WriteConsoleA
OutputDebugStringA
GetComputerNameA
GetVersionExA
LoadLibraryW
LCMapStringW
HeapSize
SetHandleCount
GetLocaleInfoW
GetModuleFileNameW
HeapCreate
FindClose
SetLastError
TlsFree
IsValidCodePage
GetOEMCP
GetACP
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetModuleFileNameA
ExitThread
PeekNamedPipe
GetFileInformationByHandle
GetDriveTypeW
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
RtlUnwind
GetCPInfo
HeapReAlloc
GetConsoleMode
GetConsoleCP
InterlockedIncrement
InterlockedDecrement
GetStartupInfoW
HeapSetInformation
GetCommandLineA
FindFirstFileExA
ExitProcess
GetModuleHandleW
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetTimeZoneInformation
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
TlsAlloc
DuplicateHandle
GetCurrentThreadId
SetThreadPriority
CreateSemaphoreA
TlsSetValue
GetCurrentThread
TlsGetValue
GetFileType
lstrcatA
ReleaseMutex
CreateMutexA
InterlockedExchange
GetProcessHeap
HeapFree
GetCurrentProcess
HeapAlloc
lstrcpynA
LocalFileTimeToFileTime
GetVersion
GetLocalTime
SetFileAttributesA
GetVolumeInformationA
GetLocaleInfoA
SetVolumeLabelA
DosDateTimeToFileTime
GetFullPathNameA
QueryPerformanceFrequency
QueryPerformanceCounter
RaiseException
LoadLibraryA
CopyFileA
GetProcAddress
FindFirstFileA
FreeLibrary
GlobalFree
MultiByteToWideChar
WideCharToMultiByte
GlobalSize
GetPrivateProfileStringA
WritePrivateProfileStringA
GlobalUnlock
GetPrivateProfileIntA
GlobalAlloc
GlobalLock
CreateThread
ResumeThread
RemoveDirectoryA
LocalFree
CloseHandle
GetLastError
Beep
CreateEventA
Sleep
FormatMessageA
GetTickCount
SetEvent
WaitForSingleObject
GetModuleHandleA
GetCurrentDirectoryW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
WriteConsoleW
SetEnvironmentVariableW
CompareStringW
CreateFileW
IsProcessorFeaturePresent
user32
SetCapture
ScreenToClient
IsDlgButtonChecked
LoadKeyboardLayoutA
CallNextHookEx
GetForegroundWindow
SetWindowsHookExA
GetWindowThreadProcessId
ToAscii
GetKeyState
keybd_event
VkKeyScanW
GetKeyboardState
ToUnicode
SetWindowRgn
LoadBitmapA
PtInRect
GetDesktopWindow
GetMenuStringA
GetScrollInfo
ModifyMenuA
SendDlgItemMessageA
DrawTextA
GetParent
GetWindowTextLengthA
TranslateMessage
PeekMessageA
GetMenuItemCount
DispatchMessageA
GetComboBoxInfo
EnableWindow
DestroyIcon
EnumDisplaySettingsExA
MonitorFromPoint
GetMonitorInfoA
SystemParametersInfoA
GetSystemMetrics
EnumDisplayDevicesA
ValidateRect
RegisterClassExA
TrackPopupMenu
GetMenuItemID
GetSubMenu
SetCaretBlinkTime
ReleaseCapture
CallWindowProcA
GetCaretBlinkTime
GetMessageA
PostThreadMessageA
LoadStringA
LoadMenuA
SetMenuDefaultItem
IsClipboardFormatAvailable
RegisterClipboardFormatA
SetWindowLongA
SetCursorPos
RedrawWindow
GetCursorPos
CloseClipboard
GetClipboardData
EmptyClipboard
OpenClipboard
SetClipboardData
GetClipboardOwner
EndPaint
DestroyWindow
SetCursor
GetDlgItemInt
GetSystemMenu
SetTimer
GetWindowRect
PostQuitMessage
IsIconic
FillRect
SendNotifyMessageA
KillTimer
GetFocus
LoadIconA
InvalidateRgn
wsprintfA
GetClientRect
SetFocus
RegisterWindowMessageA
BeginPaint
GetDC
SetDlgItemInt
GetWindowTextA
SetRect
MessageBoxA
InvalidateRect
CreateWindowExA
ReleaseDC
EnableMenuItem
ChangeClipboardChain
DefWindowProcA
SetWindowPos
ShowWindow
CreatePopupMenu
GetSysColorBrush
DrawMenuBar
AppendMenuA
IsWindow
ShowScrollBar
PostMessageA
AdjustWindowRectEx
ScrollWindowEx
SetWindowTextA
UpdateWindow
DestroyMenu
LoadCursorA
SetClipboardViewer
SetScrollInfo
CheckMenuItem
RegisterClassA
MoveWindow
GetKeyboardLayoutNameA
SendMessageA
GetWindowLongA
GetDlgItem
GetDlgItemTextA
DestroyAcceleratorTable
CreateAcceleratorTableA
TranslateAcceleratorA
SetForegroundWindow
EndDialog
LoadImageA
DialogBoxParamA
SetDlgItemTextA
wvsprintfA
CharToOemA
OemToCharA
SendMessageTimeoutA
gdi32
DeleteDC
SetStretchBltMode
SelectPalette
RealizePalette
CombineRgn
CreatePalette
SetDIBColorTable
SetBrushOrgEx
StretchBlt
GetDeviceCaps
GetStockObject
CreateRectRgnIndirect
Rectangle
CreatePen
SetBkMode
CreateFontA
SetTextColor
LineTo
MoveToEx
CreatePolygonRgn
SetROP2
UpdateColors
BitBlt
CreateDIBSection
DeleteObject
SelectObject
CreateCompatibleDC
CreateRectRgn
CreateSolidBrush
comdlg32
GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError
advapi32
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
IsValidAcl
OpenProcessToken
GetKernelObjectSecurity
GetSecurityDescriptorLength
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
AdjustTokenPrivileges
IsValidSecurityDescriptor
GetSecurityDescriptorSacl
IsValidSid
GetSecurityDescriptorOwner
SetKernelObjectSecurity
LookupPrivilegeValueA
GetSecurityDescriptorControl
RegSetValueExA
shell32
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHFileOperationA
Shell_NotifyIconA
SHGetFolderPathA
imm32
ImmAssociateContext
Sections
.text Size: 667KB - Virtual size: 666KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 98KB - Virtual size: 98KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 10KB - Virtual size: 347KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 474KB - Virtual size: 473KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 35KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ