2024-03-26_53c06ee0d9d56f481ea0d9cc361a9e38_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-03-26_53c06ee0d9d56f481ea0d9cc361a9e38_mafia
Size

2.2MB
MD5

53c06ee0d9d56f481ea0d9cc361a9e38
SHA1

93bcb10088d48ad8f17ebb37310adc81f039b4c8
SHA256

a7ae51fc0cd9b6684fe6c9db03210aab616d7bf2372795cec8274c02f81b4e66
SHA512

0515307305595b3fdcc41706744dd110814edb8903e93702a7caa24225482e121efb6b8f7c639aa843d0ae933d4c101eab07ba52c0b2e4c5a7910dbcf25640b3
SSDEEP

49152:WtMXdRKbQXX8Yn91u12Umx8xdgOX/m7vPJ2CJwViLVY2/xnTNlcSQU+NKNTflvE:fRKCX8Yn91RUo0dnX/m7vPJX+KVY2/x1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-26_53c06ee0d9d56f481ea0d9cc361a9e38_mafia

Files

2024-03-26_53c06ee0d9d56f481ea0d9cc361a9e38_mafia
.exe windows:5 windows x86 arch:x86

0f724026fbf84f8ae96e84c84a10b44c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Builds\5\InfoUSB\InfoUsb\Binaries\InfoUSB.pdb

Imports

winhttp

WinHttpGetIEProxyConfigForCurrentUser

kernel32

GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
IsProcessorFeaturePresent
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapDestroy
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetProcessHeap
GetFileType
SetStdHandle
HeapQueryInformation
VirtualQuery
GetSystemInfo
VirtualAlloc
ExitProcess
RaiseException
RtlUnwind
CreateThread
ExitThread
WriteConsoleW
HeapReAlloc
DecodePointer
EncodePointer
HeapFree
HeapAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
VirtualProtect
SearchPathW
Sleep
GetProfileIntW
GetTickCount
GetTempFileNameW
InitializeCriticalSectionAndSpinCount
GetNumberFormatW
GetWindowsDirectoryW
lstrcpyW
GetFileTime
FileTimeToLocalFileTime
GetFileAttributesExW
SetErrorMode
FileTimeToSystemTime
GlobalGetAtomNameW
InterlockedIncrement
GlobalFlags
HeapSize
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
SuspendThread
SetThreadPriority
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
CompareStringA
InterlockedExchange
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
lstrcmpiW
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GlobalSize
FormatMessageW
LocalFree
GetCurrentProcessId
GetModuleFileNameW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
GetModuleHandleW
FreeLibrary
GetProcAddress
CompareStringW
LoadLibraryW
ActivateActCtx
DeactivateActCtx
SetLastError
lstrcmpW
GetCurrentDirectoryW
CopyFileW
DeleteFileW
ResetEvent
SetEvent
WaitForSingleObject
FreeResource
GlobalAlloc
ResumeThread
MulDiv
GlobalUnlock
GlobalLock
CreateEventW
WriteFile
SetFilePointer
GetTempPathW
GetFileAttributesW
GetLocaleInfoW
GlobalFree
lstrlenW
GetLastError
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
CloseHandle
ReadFile
GetFileSizeEx
CreateFileW
FindClose
FindNextFileW
FindFirstFileW
FindResourceW
LoadResource
LockResource
SizeofResource
SetEnvironmentVariableA

user32

DefMDIChildProcW
DefFrameProcW
PostThreadMessageW
IsMenu
MonitorFromPoint
UpdateLayeredWindow
UnionRect
MapVirtualKeyExW
IsCharLowerW
GetKeyNameTextW
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CopyAcceleratorTableW
DrawFrameControl
DrawEdge
GetSystemMenu
SetClassLongW
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
DrawIconEx
GetNextDlgGroupItem
CopyImage
NotifyWinEvent
EnableScrollBar
HideCaret
InvertRect
ReleaseCapture
GetAsyncKeyState
SetCapture
MapVirtualKeyW
CreatePopupMenu
GetMenuDefaultItem
IsIconic
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
DeleteMenu
IsRectEmpty
UnregisterClassW
LoadCursorW
GetSysColorBrush
RealChildWindowFromPoint
SystemParametersInfoW
GetMenuItemInfoW
GetMessageW
TranslateMessage
ValidateRect
WaitMessage
PostQuitMessage
CharUpperW
GetSystemMetrics
MessageBeep
GetDesktopWindow
CreateDialogIndirectParamW
EndDialog
IntersectRect
GetMenuStringW
AppendMenuW
InsertMenuW
RemoveMenu
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawMenuBar
TabbedTextOutW
GetCursorPos
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
GetMenuItemID
GetMenuItemCount
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
TranslateMDISysAccel
CreateMenu
SetMenuDefaultItem
IsClipboardFormatAvailable
GetUpdateRect
RegisterClipboardFormatW
GetWindowRgn
DrawIcon
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
PtInRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
MapDialogRect
SubtractRect
GetDoubleClickTime
CharUpperBuffW
DrawTextW
CopyIcon
SetWindowLongW
SetWindowPos
GetWindow
LoadBitmapW
LoadIconW
SetRect
RegisterWindowMessageW
SetTimer
KillTimer
IsWindow
UpdateWindow
RedrawWindow
FrameRect
LoadMenuW
LoadImageW
GetIconInfo
ReleaseDC
GetDC
GetSysColor
FillRect
DrawStateW
OffsetRect
GetClientRect
DrawFocusRect
InflateRect
CopyRect
PostMessageW
TrackPopupMenuEx
GetSubMenu
GetWindowRect
GetActiveWindow
WindowFromPoint
ClientToScreen
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
SendMessageW
GetWindowLongW
DestroyIcon
DestroyMenu
DestroyCursor
EnableWindow
ShowOwnedPopups

gdi32

CopyMetaFileW
CreateDCW
CreateRectRgnIndirect
SetRectRgn
CombineRgn
PatBlt
DPtoLP
GetTextExtentPoint32W
GetTextMetricsW
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetBkColor
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
SetDIBColorTable
StretchBlt
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateEllipticRgn
Polyline
CreateHatchBrush
CreatePen
OffsetRgn
GetRgnBox
EnumFontFamiliesExW
LPtoDP
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceW
GetWindowExtEx
GetViewportExtEx
Ellipse
CreateRectRgn
GetObjectType
SelectPalette
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
Polygon
DeleteObject
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetDeviceCaps
Rectangle
SetViewportOrgEx
GetViewportOrgEx
CreateFontIndirectW
CreateSolidBrush
GetObjectW
SetPixel
GetPixel
DeleteDC
SetTextColor
SetBkColor
SelectObject
CreateBitmap
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetStockObject
PtVisible

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
RegCloseKey
RegEnumKeyExW

shell32

DragQueryFileW
ShellExecuteW
SHGetFileInfoW
SHGetDesktopFolder
SHAppBarMessage
SHBrowseForFolderW
ShellExecuteExW
DragFinish
SHGetSpecialFolderLocation
SHGetPathFromIDListW

comctl32

_TrackMouseEvent
InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathIsUNCW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathRemoveFileSpecW

ole32

CoTaskMemFree
CoInitialize
RevokeDragDrop
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoCreateGuid
CoUninitialize
CoInitializeEx
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
DoDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CreateStreamOnHGlobal
CoCreateInstance

oleaut32

SysFreeString
VarBstrFromDate
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocString
VariantChangeType
OleLoadPicture
SysAllocStringLen
VariantInit
VariantClear

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipGetImageWidth

ws2_32

WSAStartup
WSASetLastError
WSACleanup

winmm

PlaySoundW

wininet

InternetSetOptionW
InternetReadFile
InternetGetConnectedState
HttpQueryInfoW
HttpSendRequestW
HttpOpenRequestW
InternetCloseHandle
InternetConnectW
InternetOpenW

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 286KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 591KB - Virtual size: 591KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f724026fbf84f8ae96e84c84a10b44c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winhttp

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

ws2_32

winmm

wininet

oleacc

imm32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 286KB - Virtual size: 285KB

.data Size: 25KB - Virtual size: 54KB

.rsrc Size: 591KB - Virtual size: 591KB

.reloc Size: 170KB - Virtual size: 170KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 286KB - Virtual size: 285KB

.data
Size: 25KB - Virtual size: 54KB

.rsrc
Size: 591KB - Virtual size: 591KB

.reloc
Size: 170KB - Virtual size: 170KB