2024-03-25_abb6b1016e3b0c0fd69bb8e926f5b425_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-03-25_abb6b1016e3b0c0fd69bb8e926f5b425_mafia
Size

3.0MB
MD5

abb6b1016e3b0c0fd69bb8e926f5b425
SHA1

7eb05e58bc94e1090fbbb5396aa1505f8e3634b7
SHA256

7fc316a258543a00b4de1ce91fd8ff6595aea29ab22d38204092d97e269fc89f
SHA512

e32b6bb799f7572590f19e635aa630c5379629cd10989e0dad17981c4f18a9b4ac6ce96c38bdb1f469ea776354d2d5fd459689ca92ca181b2de9ccbf21b4ea12
SSDEEP

49152:1ZBnvoGKPVUYvc6MYN5ZFJIg+h/DhqZbsAuwKF/1yz7ZKh5kdqkpTIao8Z+T787:1LcP2F6MiZFJIgKhqBsAuzF/1yz7ZKFl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-25_abb6b1016e3b0c0fd69bb8e926f5b425_mafia

Files

2024-03-25_abb6b1016e3b0c0fd69bb8e926f5b425_mafia
.exe windows:5 windows x86 arch:x86

90dfbd5ee2b7b624b129c0038d76bb59

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Work\MORISAWA\MCBookV4\Windows\MCBookViewer\Release\MCBookViewer.pdb

Imports

sync

ord1
ord2
ord11
ord41
ord37
ord7
ord34
ord27
ord28
ord5
ord3
ord21
ord32
ord25
ord6
ord36
ord9
ord39
ord30
ord38
ord23

bookv000

ord9
ord2
ord3
ord15
ord8
ord6
ord4
ord12
ord1

imm32

ImmGetContext
ImmReleaseContext
ImmGetCompositionStringW
ImmGetOpenStatus

kernel32

GetSystemTimeAsFileTime
HeapReAlloc
RtlUnwind
RaiseException
ExitThread
CreateThread
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
IsProcessorFeaturePresent
LCMapStringW
GetStringTypeW
WriteConsoleW
GetDriveTypeW
GetProcessHeap
SetEnvironmentVariableA
FindResourceW
LoadResource
SizeofResource
LockResource
GlobalLock
GlobalAlloc
LeaveCriticalSection
GlobalUnlock
InterlockedExchange
EnterCriticalSection
GlobalFree
ExitProcess
GetVersionExW
GetModuleFileNameW
GetTickCount
MultiByteToWideChar
DeleteFileA
CreateFileA
GetFileSize
GetLastError
CloseHandle
lstrlenA
SystemTimeToFileTime
WideCharToMultiByte
GetFileAttributesA
CreateDirectoryA
FindFirstFileA
RemoveDirectoryA
SetFileAttributesA
GetTempFileNameA
FindClose
FindNextFileA
GetTempPathA
LocalFileTimeToFileTime
FreeResource
GetLocalTime
lstrlenW
SetLastError
DeactivateActCtx
ActivateActCtx
GetCurrentProcessId
MulDiv
LocalFree
FormatMessageW
GlobalSize
CopyFileW
lstrcmpW
FreeLibrary
LoadLibraryW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
CompareStringW
GetDateFormatW
GetTimeFormatW
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapAlloc
HeapFree
DecodePointer
EncodePointer
GetStartupInfoW
HeapSetInformation
GetProcAddress
GetModuleHandleW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GetCurrentThreadId
InterlockedIncrement
GetThreadLocale
CreateActCtxW
ReleaseActCtx
InterlockedDecrement
lstrcmpA
FindNextFileW
FindFirstFileW
FileTimeToSystemTime
GetCommandLineW
FindResourceExW
VirtualProtect
SearchPathW
Sleep
GetProfileIntW
GetFileTime
GetFileSizeEx
GetFileAttributesW
GetFileAttributesExW
FileTimeToLocalFileTime
LoadLibraryExW
GetLocaleInfoW
SetErrorMode
GetTempPathW
GetTempFileNameW
GetNumberFormatW
GetWindowsDirectoryW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
lstrcmpiW
DeleteFileW
GetCurrentDirectoryW
GetSystemDirectoryW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalGetAtomNameW
GlobalFlags
InitializeCriticalSection
lstrcpyW
CreateEventW
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage

user32

GetWindowRgn
DestroyCursor
SubtractRect
GetDoubleClickTime
CharUpperBuffW
CopyIcon
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
CreateMenu
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
PostThreadMessageW
IsMenu
MonitorFromPoint
UnionRect
MapVirtualKeyExW
IsCharLowerW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
RegisterClipboardFormatW
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawEdge
DrawStateW
SetClassLongW
DestroyAcceleratorTable
SetParent
GetIconInfo
NotifyWinEvent
HideCaret
DrawFocusRect
InvertRect
GetAsyncKeyState
CreatePopupMenu
GetMenuDefaultItem
MessageBeep
GetNextDlgGroupItem
CharUpperW
WaitMessage
WindowFromPoint
UnregisterClassW
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableW
SetRectEmpty
CopyImage
GetSysColorBrush
RealChildWindowFromPoint
MapVirtualKeyW
GetKeyNameTextW
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
GetMessageW
TranslateMessage
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
CharNextW
InflateRect
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
SetForegroundWindow
ShowScrollBar
ValidateRect
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowPos
EnableWindow
SetLayeredWindowAttributes
GetDC
GetParent
CopyRect
GetWindow
GetMenuStringW
AppendMenuW
InsertMenuW
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuW
GetMenuState
CheckMenuItem
SetCursor
LoadCursorW
CreateIconIndirect
IntersectRect
MessageBoxW
SetWindowRgn
RemoveMenu
EqualRect
FillRect
DrawIconEx
OffsetRect
SetRect
ClientToScreen
EnumDisplayMonitors
GetSystemMenu
IsIconic
GetMenuItemID
IsZoomed
GetSubMenu
DeleteMenu
AnimateWindow
GetDesktopWindow
InvalidateRect
PtInRect
GetClientRect
PostMessageW
GetWindowRect
ScreenToClient
SetTimer
UpdateLayeredWindow
SendMessageW
RedrawWindow
KillTimer
DestroyIcon
ReleaseCapture
TrackMouseEvent
SetCapture
LoadImageW
GetScrollPos
EnableScrollBar
ShowWindow
SetScrollPos
GetScrollRange
wsprintfW
SetMenuItemInfoW
IsWindowVisible
GetSystemMetrics
GetMenuItemCount
DrawMenuBar
LoadBitmapW
GetCursorPos
SetWindowLongW
EnableMenuItem
GetWindowLongW
LoadMenuW
LoadIconW
GetMenu
DrawIcon
DrawFrameControl

gdi32

GetTextExtentPoint32W
CreateRoundRectRgn
RemoveFontMemResourceEx
RestoreDC
SetBkColor
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
SelectPalette
GetObjectType
AddFontMemResourceEx
SaveDC
CreateHatchBrush
CopyMetaFileW
CreateDCW
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
GetBkColor
GetTextColor
GetTextMetricsW
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetRgnBox
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetPixel
Rectangle
OffsetRgn
EnumFontFamiliesExW
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceW
GetDeviceCaps
CreateBitmap
ExtCreatePen
PatBlt
StretchBlt
GetDIBColorTable
CreatePen
GetStockObject
CreatePatternBrush
CreateFontIndirectW
GetTextCharset
GetBitmapBits
SetBitmapBits
BitBlt
DeleteDC
CreateDIBSection
SetDIBColorTable
DeleteObject
SelectObject
CreateSolidBrush
GetObjectW
CreateCompatibleBitmap
CreateCompatibleDC

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
RegEnumValueW
RegCloseKey
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW

shell32

ShellExecuteW
ord165
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
SHAppBarMessage
DragQueryFileW
DragFinish

comctl32

ImageList_GetIconSize
InitCommonControlsEx

shlwapi

PathRemoveFileSpecW
PathFileExistsA
PathFileExistsW
PathRemoveFileSpecA
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoUninitialize
CoInitialize
CoCreateInstance
CLSIDFromString
CoCreateGuid
OleDuplicateData
CoInitializeEx
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CreateStreamOnHGlobal
CoRegisterMessageFilter
CoRevokeClassObject
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
IsAccelerator
CLSIDFromProgID
OleTranslateAccelerator

oleaut32

VarBstrFromDate
SysStringLen
VariantTimeToSystemTime
SafeArrayDestroy
SysAllocString
VariantClear
SysFreeString
SysAllocStringLen
VariantChangeType
VariantInit
OleCreateFontIndirect
VariantCopy
SystemTimeToVariantTime

oledlg

OleUIBusyW

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipFillRectangleI
GdipCreateFromHDC
GdipCreateSolidFill
GdipDeleteBrush
GdiplusStartup
GdipGetImageWidth
GdipCloneImage
GdipBitmapLockBits
GdipGetImagePaletteSize
GdipDisposeImage
GdipAlloc
GdipDrawImageI
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImageHeight
GdipFree
GdiplusShutdown

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

winmm

PlaySoundW

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 586KB - Virtual size: 585KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 409KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 190KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90dfbd5ee2b7b624b129c0038d76bb59

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

sync

bookv000

imm32

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

oleacc

winmm

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 586KB - Virtual size: 585KB

.data Size: 80KB - Virtual size: 112KB

.rsrc Size: 409KB - Virtual size: 408KB

.reloc Size: 190KB - Virtual size: 189KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 586KB - Virtual size: 585KB

.data
Size: 80KB - Virtual size: 112KB

.rsrc
Size: 409KB - Virtual size: 408KB

.reloc
Size: 190KB - Virtual size: 189KB