2024-04-15_2e9b3fde04e200b5a1b1f802b21711bc_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-15_2e9b3fde04e200b5a1b1f802b21711bc_mafia
Size

3.5MB
MD5

2e9b3fde04e200b5a1b1f802b21711bc
SHA1

f754ff9ff0e91a83d48608804822f42e321fd3c1
SHA256

6368b4a9a9a9c21e23b2a684781cb237fa4fbfa019be7f6bd2c2b9ed1557dcdc
SHA512

fcbcd8b96771f419424dbd0295c0c7e18ef6231ea6af8d3dd7f2e3de6460a2b9c0a24c2131b8a96c97108c82520660af896c72e6ce6b64f2f4428b7213c972f2
SSDEEP

98304:oH/tUbab1/5W1bA1FJ/lXJACti3ecRKAixJWvERvSp+JmnHi:oH/tXI6pJAMckAixJHwHi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-15_2e9b3fde04e200b5a1b1f802b21711bc_mafia

Files

2024-04-15_2e9b3fde04e200b5a1b1f802b21711bc_mafia
.exe windows:5 windows x86 arch:x86

e389333ec2ebd5ff14eb187042ed3ab4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
SetLastError
DeactivateActCtx
ActivateActCtx
GetVersionExA
GetThreadLocale
lstrcmpiA
CreateFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
FreeLibrary
GetModuleHandleW
lstrcmpA
InterlockedExchange
CompareStringA
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
SetThreadPriority
ResumeThread
WaitForSingleObject
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalAddAtomA
GetCurrentProcessId
FreeResource
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
lstrcmpW
LoadLibraryW
GlobalFindAtomA
GlobalGetAtomNameA
InterlockedIncrement
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
FileTimeToSystemTime
SetErrorMode
GetFileAttributesExA
FileTimeToLocalFileTime
GlobalSize
GetFileAttributesA
GetFileSizeEx
GetFileTime
GetCurrentDirectoryA
GlobalFlags
GetACP
GetCPInfo
GetOEMCP
GetTempFileNameA
GetTempPathA
GetWindowsDirectoryA
GetNumberFormatA
GetTickCount
InitializeCriticalSectionAndSpinCount
GetProfileIntA
SearchPathA
VirtualProtect
GetUserDefaultLCID
FindResourceExW
HeapFree
RaiseException
RtlUnwind
ExitProcess
DecodePointer
EncodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapAlloc
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
ExitThread
CreateThread
HeapQueryInformation
HeapSize
GetSystemTimeAsFileTime
SetStdHandle
GetFileType
IsProcessorFeaturePresent
HeapCreate
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetConsoleCP
GetConsoleMode
IsValidCodePage
GetLocaleInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeW
CompareStringW
GetTimeZoneInformation
LCMapStringW
WriteConsoleW
EnumSystemLocalesA
IsValidLocale
CreateFileW
SetEnvironmentVariableA
MulDiv
lstrlenA
FormatMessageA
LocalFree
lstrlenW
GetModuleHandleA
LoadLibraryA
GetProcAddress
CreateDirectoryA
InterlockedDecrement
WideCharToMultiByte
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalReAlloc
GlobalFree
OpenProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
FindResourceW
CreateMutexA
GetLastError
CloseHandle
GetModuleFileNameA
lstrcpyA
Sleep
DeleteFileA
MoveFileA
FindResourceA
LoadResource
SizeofResource
CopyFileA
LockResource
GetProcessHeap

user32

RegisterWindowMessageA
CheckDlgButton
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
LoadBitmapA
IntersectRect
GetSysColorBrush
LoadCursorA
SetRectEmpty
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadCursorW
DeleteMenu
RealChildWindowFromPoint
KillTimer
WindowFromPoint
WaitMessage
DestroyIcon
CharNextA
CopyAcceleratorTableA
IsRectEmpty
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
UnregisterClassA
IsZoomed
SetParent
DestroyAcceleratorTable
CreatePopupMenu
NotifyWinEvent
GetAsyncKeyState
SetClassLongA
LoadMenuW
DrawStateA
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetCursorPos
BringWindowToTop
LockWindowUpdate
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadImageA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
GetMenuDefaultItem
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
CopyImage
RegisterClipboardFormatA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
RemovePropA
MonitorFromPoint
UnionRect
UpdateLayeredWindow
IsMenu
CreateMenu
PostThreadMessageA
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
CopyIcon
SendDlgItemMessageA
GetDoubleClickTime
IsCharLowerA
MapVirtualKeyExA
SubtractRect
DestroyCursor
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
MessageBoxA
ShowOwnedPopups
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostMessageA
PostQuitMessage
CharUpperA
GetFocus
IsWindowEnabled
IsWindow
SetFocus
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
AdjustWindowRectEx
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
FillRect
GetWindowRect
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
InflateRect
UnhookWindowsHookEx
GetWindow
SetWindowContextHelpId
MapDialogRect
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
CharUpperBuffA
GetPropA
SetWindowPos
MapVirtualKeyA
GetKeyNameTextA
CopyRect
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
ClientToScreen
ReleaseCapture
PtInRect
GetParent
SetCapture
RedrawWindow
GetWindowRgn
OffsetRect
wsprintfA
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TranslateMDISysAccel
GetSystemMetrics
GetSysColor
LoadIconA
SetRect
LoadIconW
EnableWindow
SetTimer
InvalidateRect
GetDC
GetClientRect
SetWindowRgn
IsIconic
GetSystemMenu
SendMessageA
AppendMenuA
DrawIcon
LoadBitmapW
TabbedTextOutA

gdi32

GetViewportExtEx
SetLayout
GetWindowExtEx
IntersectClipRect
ExcludeClipRect
GetClipBox
GetLayout
GetPixel
SetPixelV
GetTextFaceA
GetObjectA
CreateCompatibleDC
SetMapMode
DeleteDC
DeleteObject
CombineRgn
ExtCreateRegion
SelectObject
CreateDIBSection
PathToRegion
CreateRectRgn
EndPath
LineTo
MoveToEx
BeginPath
CreateEllipticRgn
CreateCompatibleBitmap
OffsetRgn
GetRgnBox
PtInRegion
FillRgn
CreateSolidBrush
SelectClipRgn
TextOutA
SetTextAlign
SetTextColor
GetTextMetricsA
CreateFontIndirectA
SetBkMode
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
SetROP2
SetPolyFillMode
SetBkColor
RestoreDC
SaveDC
CreateBitmap
CreateDCA
BitBlt
GetDeviceCaps
EnumFontFamiliesExA
Rectangle
SetPixel
StretchBlt
SetDIBColorTable
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Ellipse
Polyline
CreatePolygonRgn
CreateRoundRectRgn
GetTextColor
GetBkColor
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
DPtoLP
GetMapMode
SetRectRgn
GetTextExtentPoint32A
PatBlt
CreateRectRgnIndirect
CreateHatchBrush
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreatePatternBrush
ExtSelectClipRgn
PtVisible
RectVisible
ExtTextOutA
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
Escape
SetViewportOrgEx
CopyMetaFileA

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

SHBrowseForFolderA
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA
SHGetFolderPathA
Shell_NotifyIconA
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHGetFileInfoA

ole32

OleLockRunning
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
IsAccelerator
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
CoUninitialize
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoCreateInstance
CoInitializeSecurity
CoInitializeEx

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocString
SysFreeString
VariantInit
VarBstrFromDate
OleCreateFontIndirect
SysAllocStringByteLen
SysAllocStringLen
VariantChangeType
SysStringLen
VariantClear
VariantCopy
SafeArrayDestroy

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathAppendA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW

oledlg

ord8

wininet

InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA
InternetOpenA

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA
mixerGetControlDetailsA
mixerClose
mixerGetNumDevs
mixerOpen
mixerGetLineControlsA
mciSendCommandA
mixerSetControlDetails
mixerGetLineInfoA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetFileTitleA

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 283KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e389333ec2ebd5ff14eb187042ed3ab4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msimg32

comctl32

shlwapi

oledlg

wininet

oleacc

gdiplus

imm32

winmm

winspool.drv

comdlg32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 283KB - Virtual size: 282KB

.data Size: 26KB - Virtual size: 56KB

.rsrc Size: 1.8MB - Virtual size: 1.8MB

.reloc Size: 172KB - Virtual size: 171KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 283KB - Virtual size: 282KB

.data
Size: 26KB - Virtual size: 56KB

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

.reloc
Size: 172KB - Virtual size: 171KB