2024-04-15_dc6108167abf3e64ba3b79f6d5185aed_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-04-15_dc6108167abf3e64ba3b79f6d5185aed_mafia
Size

2.3MB
MD5

dc6108167abf3e64ba3b79f6d5185aed
SHA1

e2f406be627eaa8efe83d674a59abe267d7c8eb9
SHA256

ea429fc1f4ce74f3ab8bb568af8d861fa26a9bc849dd34a7c7b93bcdd0627e30
SHA512

4355b89c8d2db64aa9bef7ad8257f3f4d5ba601991d05f9046f301b4fc6eca914f319dad3b75e82ea4ffb7ae1ac39761bf08b6c873b69bc5a8b13a4d98043489
SSDEEP

49152:JeRvdYaFaDKKofQJzucrn7VHMD4lErmuinQtm3DrE7CkJ7NTRG7rDW8UpH:Ji3FaDKPQJzucrBirmuinQtmoCkJ7NTC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-15_dc6108167abf3e64ba3b79f6d5185aed_mafia

Files

2024-04-15_dc6108167abf3e64ba3b79f6d5185aed_mafia
.exe windows:5 windows x86 arch:x86

407f6c48b4a0fae8d59dd018d78d36f9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Repository\TUpdate\Binary\CLOUDBERRY_x86_MT.pdb

Imports

kernel32

GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetStringTypeW
IsProcessorFeaturePresent
GetConsoleCP
GetCPInfo
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
IsDebuggerPresent
UnhandledExceptionFilter
QueryPerformanceCounter
HeapCreate
GetEnvironmentStringsW
SetHandleCount
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapSize
HeapQueryInformation
ExitProcess
RaiseException
RtlUnwind
CreateThread
ExitThread
HeapReAlloc
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
GetStartupInfoW
HeapSetInformation
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathW
GetProfileIntW
GetTempFileNameW
GetNumberFormatW
SetErrorMode
GetCurrentDirectoryW
GlobalFlags
LocalReAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
GlobalGetAtomNameW
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
UnlockFile
LockFile
lstrcmpiW
GetThreadLocale
lstrlenA
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
ReleaseActCtx
CreateActCtxW
SuspendThread
SetThreadPriority
GetPrivateProfileIntW
lstrcpyW
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
LoadLibraryExW
GetCurrentProcessId
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
ActivateActCtx
DeactivateActCtx
lstrcmpW
GlobalSize
GetFileType
GetFileAttributesW
GetFileSize
FreeLibrary
ResumeThread
GetTimeZoneInformation
SetFileAttributesW
TlsFree
TlsAlloc
GetVersionExW
GetLocaleInfoW
LoadLibraryW
TlsSetValue
GetDriveTypeW
TlsGetValue
SetEvent
InterlockedDecrement
InterlockedIncrement
MoveFileW
SetLastError
FlushFileBuffers
lstrlenW
CopyFileW
GetTickCount
CreateDirectoryW
MoveFileExW
SetEndOfFile
InterlockedExchange
VerifyVersionInfoW
GetTempPathW
WritePrivateProfileStringW
FormatMessageW
GetPrivateProfileStringW
VerSetConditionMask
SetFilePointer
CreateFileA
GetVersion
GetWindowsDirectoryW
GetFileTime
CreateToolhelp32Snapshot
FindNextFileW
Process32NextW
CreateEventW
LocalAlloc
Process32FirstW
FindClose
GetProcAddress
ReadFile
FileTimeToSystemTime
TerminateProcess
GetSystemDirectoryW
OpenProcess
GetModuleHandleW
OutputDebugStringW
FindFirstFileW
GlobalUnlock
GetModuleFileNameW
GlobalFree
GlobalAlloc
GlobalLock
GetCurrentThreadId
GetLocalTime
MulDiv
CloseHandle
WriteFile
CreateFileW
DeleteFileW
GetExitCodeProcess
WaitForSingleObject
GetLastError
GetCurrentProcess
Sleep
LocalFree
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
GetConsoleMode
SizeofResource

user32

CreateDialogIndirectParamW
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
ShowScrollBar
IsWindowVisible
ValidateRect
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcW
CallWindowProcW
GetMenu
GetScrollPos
SetScrollPos
GetWindowTextLengthW
IsWindowEnabled
ShowWindow
MoveWindow
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
GetDlgItem
CheckDlgButton
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
RemoveMenu
CloseClipboard
EmptyClipboard
OpenClipboard
SetClipboardData
EndPaint
SetFocus
BringWindowToTop
GetWindowTextW
SetWindowPos
GetDesktopWindow
GetNextDlgTabItem
GetSubMenu
DrawFocusRect
OffsetRect
TrackPopupMenuEx
LoadMenuW
DrawStateW
DestroyCursor
FrameRect
GetActiveWindow
DestroyMenu
FillRect
LoadImageW
SetCapture
DrawIconEx
WindowFromPoint
GetIconInfo
GetCursorPos
GetSysColorBrush
ReleaseCapture
GetMenuItemInfoW
SystemParametersInfoW
IntersectRect
MapWindowPoints
DestroyIcon
EnableWindow
SendMessageW
GetClientRect
LoadIconW
GetKeyNameTextW
MessageBoxW
EqualRect
RedrawWindow
SetTimer
KillTimer
GetKeyState
GetFocus
SetParent
GetWindowLongW
SetWindowLongW
GetClassLongW
InflateRect
SetClassLongW
IsWindow
InvalidateRect
GetWindow
ClientToScreen
ScreenToClient
GetWindowRect
DrawTextW
TabbedTextOutW
SetForegroundWindow
GetParent
AttachThreadInput
DrawTextExW
PtInRect
GetDC
GetForegroundWindow
ReleaseDC
GrayStringW
MapVirtualKeyW
IsClipboardFormatAvailable
CharUpperW
RealChildWindowFromPoint
CopyImage
SetRectEmpty
EnumDisplayMonitors
SetLayeredWindowAttributes
InvalidateRgn
WaitMessage
DeleteMenu
CharNextW
CopyAcceleratorTableW
GetWindowRgn
GetSysColor
DrawFrameControl
CopyRect
GetWindowThreadProcessId
IsRectEmpty
LoadCursorW
SetCursor
ExitWindowsEx
DrawIcon
GetSystemMetrics
IsIconic
PostMessageW
PostQuitMessage
MapDialogRect
SetWindowContextHelpId
TranslateMessage
GetMessageW
ShowOwnedPopups
GetWindowDC
BeginPaint
SubtractRect
FindWindowW
GetSystemMenu
AppendMenuW
GetDoubleClickTime
GetUpdateRect
CreateMenu
SetRect
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
MapVirtualKeyExW
IsCharLowerW
PostThreadMessageW
CharUpperBuffW
CopyIcon
RegisterClipboardFormatW
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawEdge
DestroyAcceleratorTable
HideCaret
InvertRect
UnregisterClassW
GetMenuDefaultItem
SetMenuDefaultItem
CreatePopupMenu
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
IsZoomed
GetAsyncKeyState
NotifyWinEvent
SetWindowRgn
MessageBeep
GetNextDlgGroupItem
SetActiveWindow
TranslateMDISysAccel

gdi32

SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
CreateHatchBrush
CreateRectRgnIndirect
SetRectRgn
CombineRgn
PatBlt
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetTextColor
GetRgnBox
CreateRoundRectRgn
CreateDIBSection
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
OffsetRgn
SetDIBColorTable
StretchBlt
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
SetPixelV
GetTextFaceW
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateDCW
CopyMetaFileW
SetTextColor
DeleteDC
SetBkColor
CreateBitmap
DeleteObject
CreateRectRgn
LPtoDP
GetWindowExtEx
CreateFontIndirectW
DPtoLP
GetMapMode
GetBkColor
GetViewportExtEx
BitBlt
GetTextExtentPoint32W
GetDeviceCaps
SetPixel
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
Rectangle
ExtTextOutW
PtVisible
CreateFontW
GetObjectW
Escape
CreatePen
GetClipBox
RectVisible
GetPixel
TextOutW
GetTextMetricsW
CreateSolidBrush
GetStockObject

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
CloseServiceHandle
OpenSCManagerW
OpenServiceW
GetTokenInformation
QueryServiceStatus
RegEnumValueW
RegQueryValueW
RegEnumKeyW
OpenProcessToken
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW
RegCreateKeyExW

shell32

SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetSpecialFolderPathW
SHFileOperationW
ShellExecuteW
ShellExecuteExW
CommandLineToArgvW
DragFinish
SHAppBarMessage
DragQueryFileW
SHGetMalloc

comctl32

InitCommonControlsEx
_TrackMouseEvent
ImageList_GetIconSize

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW
SHGetValueW
PathRemoveFileSpecW

ole32

OleTranslateAccelerator
ReleaseStgMedium
OleDuplicateData
CoCreateGuid
CLSIDFromProgID
OleGetClipboard
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
OleCreateMenuDescriptor
CoInitializeEx
CoTaskMemAlloc
CoTaskMemFree
OleDestroyMenuDescriptor
IsAccelerator
OleLockRunning
CoRevokeClassObject
CoRegisterMessageFilter
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoInitialize
CLSIDFromString
CoUninitialize
CoCreateInstance
StringFromGUID2
CreateStreamOnHGlobal

oleaut32

VariantChangeType
VariantInit
SysAllocString
VariantCopy
VariantClear
SafeArrayDestroy
SysStringLen
VarBstrFromDate
OleCreateFontIndirect
SysAllocStringLen
SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime

oledlg

OleUIBusyW

urlmon

URLDownloadToFileW

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipImageGetFrameCount
GdipGetImageWidth
GdipCloneImage
GdipImageGetFrameDimensionsCount
GdipCreateFromHDC
GdipGetPropertyItemSize
GdipCreateImageAttributes
GdipDisposeImage
GdipAlloc
GdipDisposeImageAttributes
GdipGetPropertyItem
GdipImageSelectActiveFrame
GdipSetImageAttributesRemapTable
GdipImageGetFrameDimensionsList
GdipLoadImageFromFile
GdiplusStartup
GdiplusShutdown
GdipLoadImageFromStream
GdipFree
GdipGetImageHeight
GdipDrawImageRectRectI
GdipDeleteGraphics

wininet

DeleteUrlCacheEntryW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

ws2_32

ntohl
ntohs

iphlpapi

GetAdaptersAddresses

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 384KB - Virtual size: 383KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

407f6c48b4a0fae8d59dd018d78d36f9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

urlmon

gdiplus

wininet

version

ws2_32

iphlpapi

oleacc

imm32

winmm

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 384KB - Virtual size: 383KB

.data Size: 32KB - Virtual size: 72KB

.rsrc Size: 63KB - Virtual size: 63KB

.reloc Size: 212KB - Virtual size: 211KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 384KB - Virtual size: 383KB

.data
Size: 32KB - Virtual size: 72KB

.rsrc
Size: 63KB - Virtual size: 63KB

.reloc
Size: 212KB - Virtual size: 211KB