2024-03-26_f721fc00d917fe16bda4a6434acd7c37_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-26_f721fc00d917fe16bda4a6434acd7c37_mafia
Size

4.7MB
MD5

f721fc00d917fe16bda4a6434acd7c37
SHA1

3ecefa884c168c58fa36d0b0dcea437bc4bc2ba6
SHA256

e02a01cc177eeda379b0de01b40a2ca72a721779ee20800a17eab011558eec25
SHA512

48ccae1fe50e99b5ef259a04fc26039f92ebfe819b22e682391f1ce0503cffb020c4fc70ad803cb693568ac64ccf6d4e9437a94999596c69f9112be666c9dbaf
SSDEEP

98304:/yGLx+X7Jb06M+DB5Ys+qNOsrv87F5mTuiFv5kwgR9nrFI/qOIL:8F06M+t+3yTTkwgjrFI/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-26_f721fc00d917fe16bda4a6434acd7c37_mafia

Files

2024-03-26_f721fc00d917fe16bda4a6434acd7c37_mafia
.exe windows:5 windows x86 arch:x86

d517e67c9a6412f90611f545c6aedd35

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Projekte\TibiaStandaloneClient\TibiaStandaloneClient_bugfixes\Release\TibiaRelease.pdb

Imports

glu32

gluOrtho2D

opengl32

glTexParameteri
wglCreateContext
glAlphaFunc
glClear
glClearColor
wglGetCurrentContext
glLoadIdentity
wglDeleteContext
glGenTextures
wglGetProcAddress
glEnable
glColor4ub
wglShareLists
glViewport
glMatrixMode
glBlendFunc
glTexCoord2d
glReadBuffer
glDrawBuffer
glDeleteTextures
glCopyTexSubImage2D
wglMakeCurrent
glRecti
wglGetCurrentDC
glBegin
glGetString
glDisable
glTexImage2D
glVertex2i
glBindTexture
glEnd
glColor3ub
glTexCoord2f
glTexSubImage2D

ddraw

DirectDrawCreate

winmm

timeGetTime
PlaySoundA
timeBeginPeriod
timeEndPeriod

kernel32

GetVersionExA
QueryPerformanceCounter
GetCurrentDirectoryA
GetLastError
CreateMutexA
Sleep
lstrcpynA
QueryPerformanceFrequency
GetTickCount
GetVersion
LocalAlloc
LocalFree
InterlockedExchange
RaiseException
MultiByteToWideChar
SizeofResource
LockResource
LoadResource
FindResourceW
DeactivateActCtx
ActivateActCtx
WideCharToMultiByte
GlobalAddAtomA
GlobalGetAtomNameA
lstrlenA
GetCurrentProcessId
lstrcmpW
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CompareStringA
GlobalDeleteAtom
GlobalFindAtomA
GetCurrentThreadId
FreeResource
FindResourceA
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
InterlockedDecrement
GetModuleHandleW
lstrcmpA
LoadLibraryExA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetModuleFileNameA
GetCurrentThread
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
CloseHandle
SetThreadPriority
ResumeThread
WaitForSingleObject
InitializeCriticalSection
GlobalFree
GlobalFlags
MulDiv
lstrlenW
FormatMessageA
CopyFileA
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
GetSystemDirectoryW
lstrcpyA
GetCPInfo
GetOEMCP
GetACP
lstrcmpiA
CreateFileA
DeleteFileA
MoveFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetFileAttributesExA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesA
GetFileSizeEx
GetFileTime
GetTempFileNameA
GetTempPathA
GetWindowsDirectoryA
GetNumberFormatA
SetErrorMode
LoadLibraryW
GetProfileIntA
SearchPathA
VirtualProtect
GetUserDefaultLCID
FindResourceExW
HeapFree
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
ExitThread
CreateThread
FindFirstFileExA
FindNextFileA
CreateDirectoryA
ExitProcess
GetTimeFormatA
GetDateFormatA
HeapAlloc
HeapReAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RtlUnwind
HeapQueryInformation
HeapSize
VirtualAlloc
VirtualQuery
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapCreate
SetHandleCount
GetStdHandle
GetConsoleCP
GetConsoleMode
IsValidCodePage
GetLocaleInfoW
GetTimeZoneInformation
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeW
CompareStringW
WriteConsoleW
EnumSystemLocalesA
IsValidLocale
GetProcessHeap
CreateFileW
SetEnvironmentVariableA
GetSystemInfo
GetLocaleInfoA
GlobalMemoryStatus
GlobalUnlock
GlobalAlloc
GlobalLock
GlobalSize
SetLastError
OutputDebugStringA
LoadLibraryA
GetProcAddress
FreeLibrary

user32

IsDialogMessageA
SetWindowTextA
MoveWindow
WaitMessage
PostQuitMessage
ShowOwnedPopups
TranslateMessage
GetMessageA
RealChildWindowFromPoint
GetSysColorBrush
RemoveMenu
InsertMenuA
AppendMenuA
GetMenuStringA
InflateRect
GetMenuItemInfoA
SystemParametersInfoA
FillRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetWindowDC
BeginPaint
EndPaint
GetKeyNameTextA
MapVirtualKeyA
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadCursorW
IsRectEmpty
DeleteMenu
GetSystemMenu
SetParent
UnionRect
CopyImage
UnregisterClassA
CharUpperA
SetWindowRgn
DestroyAcceleratorTable
WindowFromPoint
NotifyWinEvent
GetAsyncKeyState
SetClassLongA
LoadMenuW
MessageBeep
DrawStateA
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
CopyAcceleratorTableA
ToAsciiEx
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetCursorPos
LockWindowUpdate
GetMenuDefaultItem
InvertRect
HideCaret
EnableScrollBar
GetNextDlgTabItem
GetIconInfo
GetNextDlgGroupItem
EndDialog
CreateDialogIndirectParamA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
UpdateLayeredWindow
IsMenu
CreateMenu
PostThreadMessageA
SetMenuDefaultItem
FrameRect
GetUpdateRect
LoadImageW
RegisterClipboardFormatA
CopyIcon
CheckDlgButton
GetDoubleClickTime
IsCharLowerA
SubtractRect
MapDialogRect
DrawIcon
GetWindowRgn
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetClassNameA
GetSysColor
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
WinHelpA
SetWindowPos
LoadImageA
DestroyIcon
SetFocus
GetWindowThreadProcessId
GetActiveWindow
IsWindowEnabled
EqualRect
GetDlgItem
SetWindowLongA
GetDlgCtrlID
GetKeyState
PeekMessageA
GetCapture
LoadAcceleratorsA
SetActiveWindow
IsWindowVisible
InvalidateRect
InsertMenuItemA
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreatePopupMenu
GetClassInfoA
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
GetMenu
GetLastActivePopup
BringWindowToTop
SetMenu
GetDesktopWindow
GetWindow
ShowWindow
GetWindowLongA
IsWindow
EnableWindow
TranslateAcceleratorA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
DeferWindowPos
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
ValidateRect
LoadCursorA
GetSystemMetrics
ReleaseCapture
PostMessageA
GetCursorPos
DestroyCursor
MapVirtualKeyExA
GetKeyboardLayout
PtInRect
GetClientRect
IsZoomed
KillTimer
SetCapture
IsIconic
GetWindowRect
ScreenToClient
SetTimer
SetCursor
ClientToScreen
UpdateWindow
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
SetScrollInfo
CharUpperBuffA
GetScrollInfo
CloseClipboard
IsClipboardFormatAvailable
GetClipboardData
EmptyClipboard
OpenClipboard
SetClipboardData
EnumDisplaySettingsA
ReleaseDC
ChangeDisplaySettingsA
SetRect
GetDC
SendMessageA
LoadIconW
MessageBoxA

gdi32

SetTextAlign
LineTo
GetLayout
SetLayout
MoveToEx
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
Escape
IntersectClipRect
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetTextExtentPoint32A
ExtTextOutA
SelectObject
ExcludeClipRect
SetPixelV
GetTextFaceA
SetPaletteEntries
ChoosePixelFormat
DescribePixelFormat
SwapBuffers
SetPixelFormat
BitBlt
CreateFontIndirectA
CreateDCA
CopyMetaFileA
ExtSelectClipRgn
DeleteDC
GetDeviceCaps
DeleteObject
GetObjectA
SetBkColor
SetTextColor
CreateCompatibleDC
CreateCompatibleBitmap
ScaleWindowExtEx
CreateBitmap
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
EnumFontFamiliesExA
Rectangle
SetPixel
StretchBlt
SetDIBColorTable
GetRgnBox
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Ellipse
Polyline
CreateEllipticRgn
GetTextColor
GetBkColor
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
DPtoLP
CreatePatternBrush
GetStockObject
SelectPalette
CombineRgn
SetRectRgn
GetTextCharsetInfo
EnumFontFamiliesA
GetTextMetricsA
CreateDIBitmap
PatBlt
CreateRectRgnIndirect
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType

advapi32

RegQueryValueExA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA

wsock32

inet_addr
recv
WSAGetLastError
WSACancelAsyncRequest
WSAAsyncSelect
recvfrom
sendto
connect
WSASetLastError
bind
ioctlsocket
shutdown
WSAAsyncGetHostByName
send
htons
gethostbyname
select
socket
htonl
accept
closesocket
WSACleanup
WSAStartup

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

GetFileTitleA

ole32

OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
CoUninitialize
CoInitialize
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoCreateGuid

oleaut32

VariantClear
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
SysAllocString
VariantChangeType

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 709KB - Virtual size: 709KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss1
Size: 574KB - Virtual size: 574KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 369KB - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d517e67c9a6412f90611f545c6aedd35

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

glu32

opengl32

ddraw

winmm

kernel32

user32

gdi32

advapi32

msimg32

comctl32

shlwapi

wsock32

oleacc

gdiplus

imm32

winspool.drv

comdlg32

ole32

oleaut32

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 709KB - Virtual size: 709KB

.data Size: 30KB - Virtual size: 1.6MB

.bss1 Size: 574KB - Virtual size: 574KB

.rsrc Size: 62KB - Virtual size: 62KB

.reloc Size: 369KB - Virtual size: 369KB

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 709KB - Virtual size: 709KB

.data
Size: 30KB - Virtual size: 1.6MB

.bss1
Size: 574KB - Virtual size: 574KB

.rsrc
Size: 62KB - Virtual size: 62KB

.reloc
Size: 369KB - Virtual size: 369KB