2024-03-13_f52ef2f360bbef052f3c1e8432c004fc_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-13_f52ef2f360bbef052f3c1e8432c004fc_mafia
Size

3.9MB
MD5

f52ef2f360bbef052f3c1e8432c004fc
SHA1

751839ce5d0b4bc95a7cda29a5eb96609f4e339d
SHA256

6b779f25bd14f9b99f9d227fb1fe23325a82782829abcbf5730c30afa3b3bcd2
SHA512

748772fa0c139c8ba1321b9750557257793c83fd5cd95be7f4bbf6ef784f15cb411b4d9709841ec8597d844ee0ab79b05ebdbfc6ddf9be38b2e49fa4c29a715f
SSDEEP

49152:GZsgwtLjhxTNzTHT0VYTFT3PPxHHuss5vHQQnOOE44Oh:WrwRtlhT0Qgss5vHQQnOOE44Oh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-13_f52ef2f360bbef052f3c1e8432c004fc_mafia

Files

2024-03-13_f52ef2f360bbef052f3c1e8432c004fc_mafia
.exe windows:5 windows x86 arch:x86

a45245b836d236e9b4235e53619638c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
LoadLibraryA
GetProcAddress
GetLastError
WriteConsoleW
SetEnvironmentVariableA
CompareStringW
SetStdHandle
GetConsoleMode
FreeLibrary
CreateFileA
LockResource
SizeofResource
LoadResource
FindResourceA
ExitProcess
GetCommandLineW
CreateMutexW
FindFirstFileW
SetFilePointer
GetDriveTypeW
GetCurrentProcess
GetLogicalDriveStringsW
GlobalSize
QueryPerformanceCounter
CreateDirectoryW
GlobalLock
WaitForSingleObject
SetEvent
OutputDebugStringW
GetModuleHandleW
GetCurrentThread
WriteFile
InitializeCriticalSection
GlobalAlloc
LoadLibraryW
TerminateThread
Sleep
FormatMessageW
GetVersionExW
LeaveCriticalSection
IsProcessorFeaturePresent
GetFileAttributesW
ReadFile
GetModuleFileNameW
CreateFileW
SetThreadPriority
GlobalUnlock
FlushFileBuffers
GetTempPathW
GetCurrentDirectoryW
EnterCriticalSection
FindClose
CreateEventW
IsDebuggerPresent
FindNextFileW
GetFileAttributesExW
QueryPerformanceFrequency
DeleteCriticalSection
GetCurrentThreadId
SetThreadAffinityMask
ReleaseMutex
GetVolumeInformationW
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
MultiByteToWideChar
EncodePointer
DecodePointer
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
ExitThread
CreateThread
GetTimeFormatW
GetDateFormatW
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCPInfo
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapCreate
GetStdHandle
HeapSize
GetLocaleInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetTickCount
GetCurrentProcessId
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetConsoleCP

msvfw32

DrawDibDraw
DrawDibOpen

winmm

timeGetTime
timeBeginPeriod

shlwapi

PathStripToRootW

imm32

ImmReleaseContext
ImmGetCompositionStringW
ImmSetCandidateWindow
ImmNotifyIME
ImmGetContext

user32

SetClipboardData
SendMessageW
SetCaretPos
GetSystemMetrics
ReleaseCapture
MessageBoxW
OpenClipboard
CreateWindowExW
CreateCaret
GetActiveWindow
SendMessageTimeoutW
ShowWindow
SetLayeredWindowAttributes
GetCursorPos
SetWindowPos
GetDesktopWindow
DestroyCaret
DestroyCursor
RedrawWindow
SetWindowLongW
EmptyClipboard
EnableMenuItem
ReleaseDC
PeekMessageW
SystemParametersInfoW
GetWindowTextW
GetClipboardData
GetAncestor
GetWindowLongW
SetCursorPos
InvalidateRect
GetAsyncKeyState
GetWindowPlacement
SetWindowTextW
GetForegroundWindow
TranslateMessage
GetCapture
GetDC
GetIconInfo
CreateIconIndirect
EnumWindows
BeginPaint
ShowCaret
SetFocus
WindowFromPoint
MessageBeep
GetWindowInfo
LoadCursorW
AttachThreadInput
TrackMouseEvent
GetParent
GetFocus
SetForegroundWindow
PostMessageW
UnregisterClassW
SetCapture
IsChild
RegisterWindowMessageW
GetMessageW
GetWindowRect
GetSystemMenu
MapVirtualKeyW
GetUpdateRgn
CloseClipboard
EnumDisplayMonitors
SetCursor
DestroyWindow
EndPaint
DestroyIcon
DefWindowProcW
GetMessageTime
GetMessagePos
GetWindowThreadProcessId
DispatchMessageW
RegisterClassExW

gdi32

GetGlyphOutlineW
GetPixel
GetGlyphIndicesW
RestoreDC
SaveDC
SetMapperFlags
GetKerningPairsW
StretchDIBits
GetObjectW
CreateBitmap
GetTextMetricsW
DeleteDC
CreateDIBSection
CreateFontIndirectW
GetDeviceCaps
ExcludeClipRect
GetOutlineTextMetricsW
GetRegionData
DeleteObject
SelectObject
CreateCompatibleDC
CreateRectRgnIndirect
CombineRgn
SetMapMode
CreateRectRgn

comdlg32

GetOpenFileNameW

shell32

SHGetSpecialFolderPathW
ExtractAssociatedIconW
Shell_NotifyIconW

ole32

RevokeDragDrop
OleInitialize
OleUninitialize
DoDragDrop
CoTaskMemAlloc
RegisterDragDrop

Sections

.text
Size: 993KB - Virtual size: 992KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a45245b836d236e9b4235e53619638c6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvfw32

winmm

shlwapi

imm32

user32

gdi32

comdlg32

shell32

ole32

Sections

.text Size: 993KB - Virtual size: 992KB

.rdata Size: 168KB - Virtual size: 168KB

.data Size: 20KB - Virtual size: 28KB

.rsrc Size: 2.7MB - Virtual size: 2.7MB

.reloc Size: 64KB - Virtual size: 63KB

.text
Size: 993KB - Virtual size: 992KB

.rdata
Size: 168KB - Virtual size: 168KB

.data
Size: 20KB - Virtual size: 28KB

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

.reloc
Size: 64KB - Virtual size: 63KB