2024-03-27_3e97e17b67cbfde961505b95a911cf20_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-27_3e97e17b67cbfde961505b95a911cf20_mafia
Size

3.4MB
MD5

3e97e17b67cbfde961505b95a911cf20
SHA1

34c7d8e465e1d2ae86a8a68ecd0d99af88eaa420
SHA256

837a8b0d883d2580e8b6d573137bb37d1e92c8746f4e4a7a48bd3a3d4e7f4b09
SHA512

7a29632cffe9359200fbd28ce9cee3955c315a2d414c2ecd4e95691bb2735b2eaecb12864fd7d18ae8df60a3d18813267519d2f2ea8c387069a512c914dcd221
SSDEEP

49152:mGP7+5vym1hxXuKIy6zeZJy7OVwZTRSYZz26uKlKuuGaXKy4IBAUZLYaTOb:mGP+1hxXuKIFMyIEteBAUZL0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-27_3e97e17b67cbfde961505b95a911cf20_mafia

Files

2024-03-27_3e97e17b67cbfde961505b95a911cf20_mafia
.exe windows:5 windows x86 arch:x86

5ea76351e3b63f190df52f90956a7d8c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetUserNameA

gdi32

DeleteDC
BitBlt
GetStockObject
DeleteObject
CreateCompatibleDC
SelectObject
CreateCompatibleBitmap

kernel32

GetCurrentProcessId
GetCurrentProcess
GetCurrentThreadId
CreateFileA
GetProcAddress
LoadLibraryA
SetErrorMode
SetUnhandledExceptionFilter
GetModuleFileNameA
Sleep
CreateThread
TerminateProcess
GetCurrentThread
GetLocaleInfoA
OutputDebugStringA
TerminateThread
MultiByteToWideChar
GetSystemInfo
GetModuleHandleA
GetTickCount
ReadFile
GetExitCodeProcess
CreateProcessA
DuplicateHandle
CreatePipe
FreeLibrary
SetLastError
ReadProcessMemory
GetLastError
GetEnvironmentVariableA
GetVersionExA
GetCurrentDirectoryA
ResumeThread
GetThreadContext
SuspendThread
GetACP
RtlUnwind
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapAlloc
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileExA
DeleteFileA
GetModuleHandleW
ExitProcess
EnterCriticalSection
LeaveCriticalSection
GetFileAttributesA
HeapReAlloc
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
LockResource
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
GetCPInfo
GetOEMCP
IsValidCodePage
WideCharToMultiByte
LCMapStringW
WriteFile
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
HeapSize
HeapQueryInformation
GetTimeZoneInformation
SetStdHandle
GetFullPathNameA
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
FatalAppExitA
SetConsoleCtrlHandler
InterlockedExchange
LoadLibraryW
GetLocaleInfoW
RaiseException
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetEndOfFile
GetProcessHeap
GetDriveTypeW
WriteConsoleW
CreateFileW
CompareStringW
SetEnvironmentVariableA
CreateDirectoryA
QueryPerformanceFrequency
QueryPerformanceCounter
DebugBreak
ReleaseMutex
WaitForSingleObject
CloseHandle
CreateMutexA
HeapFree
GetTempPathA

openal32

alBufferData
alDeleteBuffers
alSourceStop
alSourcei
alSourcefv
alSourcef
alListenerf
alGetSourcei
alListenerfv
alDistanceModel
alGenSources
alGetString
alcMakeContextCurrent
alcCreateContext
alcOpenDevice
alcGetString
alcCloseDevice
alcDestroyContext
alDeleteSources
alSourcePlay
alGenBuffers

shell32

SHGetSpecialFolderPathA
ShellExecuteA

user32

SetCursor
PeekMessageA
TranslateMessage
MonitorFromPoint
GetAsyncKeyState
InflateRect
OffsetRect
SetRect
CreateWindowExA
ClientToScreen
GetDC
LoadIconA
RegisterClassA
DefWindowProcA
ReleaseCapture
SetCapture
ShowCursor
SetForegroundWindow
ReleaseDC
DestroyWindow
MsgWaitForMultipleObjects
SetWindowTextA
GetClientRect
MessageBoxA
ShowWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
MonitorFromWindow
GetMonitorInfoA
AdjustWindowRectEx
DispatchMessageA
LoadCursorA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

libegl

eglWaitGL
eglGetProcAddress
eglSwapBuffers
eglSwapInterval
eglGetConfigAttrib
eglGetError
eglQueryContext
eglQueryString
eglTerminate
eglDestroySurface
eglDestroyContext
eglMakeCurrent
eglChooseConfig
eglQuerySurface
eglCreateWindowSurface
eglCreatePixmapSurface
eglCreateContext
eglBindAPI
eglInitialize
eglGetDisplay

libglesv2

glViewport
glFramebufferTexture2D
glBindFramebuffer
glBufferData
glBindBuffer
glGenBuffers
glDeleteBuffers
glBufferSubData
glDisableVertexAttribArray
glEnableVertexAttribArray
glVertexAttribPointer
glDrawArrays
glDepthFunc
glDepthMask
glDeleteFramebuffers
glDeleteRenderbuffers
glReadPixels
glGenTextures
glCopyTexSubImage2D
glFramebufferRenderbuffer
glGenFramebuffers
glRenderbufferStorage
glBindRenderbuffer
glGenRenderbuffers
glScissor
glClear
glClearDepthf
glUniform1f
glUniform1fv
glGetUniformLocation
glDeleteShader
glGetShaderInfoLog
glGetShaderiv
glCompileShader
glShaderSource
glCreateShader
glDeleteProgram
glGetProgramInfoLog
glGetProgramiv
glLinkProgram
glBindAttribLocation
glAttachShader
glCreateProgram
glCompressedTexImage2D
glPixelStorei
glGetError
glDeleteTextures
glActiveTexture
glTexImage2D
glTexParameteri
glFlush
glBindTexture
glCopyTexImage2D
glUniformMatrix4fv
glVertexAttrib4f
glClearColor
glFrontFace
glUniform4f
glUniform4fv
glUniform1i
glGetString
glGetIntegerv
glUseProgram
glDrawElements
glBlendFunc
glEnable
glDisable
glCullFace

ole32

CoCreateInstance
CoUninitialize
CoInitialize

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 60KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ea76351e3b63f190df52f90956a7d8c

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

gdi32

kernel32

openal32

shell32

user32

version

libegl

libglesv2

ole32

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 48KB - Virtual size: 692KB

.idata Size: 36KB - Virtual size: 36KB

.reloc Size: 60KB - Virtual size: 72KB

.rsrc Size: 28KB - Virtual size: 26KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 48KB - Virtual size: 692KB

.idata
Size: 36KB - Virtual size: 36KB

.reloc
Size: 60KB - Virtual size: 72KB

.rsrc
Size: 28KB - Virtual size: 26KB