2024-04-16_a1d5066d68939550a56bdea8d83e527e_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-04-16_a1d5066d68939550a56bdea8d83e527e_mafia
Size

3.8MB
MD5

a1d5066d68939550a56bdea8d83e527e
SHA1

34acf569169a1f8ffab642607ad113a054b7d1a9
SHA256

f48c57c3ed0840de3c627f89f765745bc6310f2ce4cc9a7f358b08bdcb9f367c
SHA512

e7b884891672e31fc6ac86ae6e2ef0d58967939be55007561fc071abc5ad2ee6994ebff7838a0c23f89773847d01906606bc3cd5bcf9ffb2eae524b1b22be461
SSDEEP

98304:vXCfnVKD955awdbfLZOvhqv9VrWLr4wwHixdHUHvnfOVDoOLzBa7vv1UD8giXXXk:vSfnVKVyqHWLr4wr7HUHvnGiLAT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-16_a1d5066d68939550a56bdea8d83e527e_mafia

Files

2024-04-16_a1d5066d68939550a56bdea8d83e527e_mafia
.exe windows:5 windows x86 arch:x86

58e29042de06971649e6df23fe6e7a4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCloseHandle
HttpSendRequestA
HttpQueryInfoA
InternetSetOptionA
InternetReadFile
InternetOpenA
InternetConnectA
HttpOpenRequestA
InternetCrackUrlA

uxtheme

CloseThemeData
DrawThemeText
DrawThemeBackground
OpenThemeData

winmm

PlaySoundA

msimg32

TransparentBlt
AlphaBlend

user32

RegisterClassA
SetWindowTextA
FillRect
RedrawWindow
CreateMenu
AppendMenuA
SetMenu
CreateWindowExA
SetClassLongA
GetMessageA
TranslateMessage
DispatchMessageA
GetMenu
ModifyMenuA
EnableMenuItem
MessageBoxA
DefWindowProcA
DestroyWindow
DestroyMenu
PostQuitMessage
BeginPaint
EndPaint
SetScrollInfo
EnableScrollBar
GetParent
DrawTextW
DrawFrameControl
OffsetRect
CopyRect
PtInRect
IsWindowVisible
LoadBitmapW
SetWindowPos
wsprintfA
ClientToScreen
LoadCursorA
DrawMenuBar
FindWindowExA
GetWindowThreadProcessId
GetSystemMenu
GetScrollPos
SetScrollPos
GetScrollRange
ShowScrollBar
GetClassInfoExA
GetClassInfoA
GetWindowRgn
DestroyCursor
SubtractRect
MapVirtualKeyExA
IsCharLowerA
GetDoubleClickTime
CharUpperBuffA
CopyIcon
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
SetScrollRange
IsMenu
UpdateLayeredWindow
UnionRect
MonitorFromPoint
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
GetNextDlgGroupItem
CopyImage
GetIconInfo
HideCaret
InvertRect
GetMenuDefaultItem
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CopyAcceleratorTableA
DrawEdge
DrawIconEx
DrawStateA
MessageBeep
ReleaseCapture
SetCapture
LoadMenuW
WindowFromPoint
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
IsRectEmpty
CharUpperA
UnregisterClassA
PostThreadMessageA
LoadCursorW
SetLayeredWindowAttributes
ScrollWindow
SetCursor
CloseDesktop
OpenDesktopA
SetWindowLongA
UpdateWindow
SetWindowTextW
GetWindowLongA
DestroyIcon
FindWindowA
KillTimer
GetActiveWindow
IsWindow
DeleteMenu
GetMenuItemCount
InsertMenuA
SystemParametersInfoA
SetForegroundWindow
GetCursorPos
ShowWindow
InvalidateRect
GetSysColor
DrawIcon
GetSystemMetrics
IsIconic
GetClientRect
GetWindowRect
ReleaseDC
GetDC
SetTimer
GetDesktopWindow
LoadIconA
CreatePopupMenu
LoadImageA
SendMessageA
LoadIconW
EnableWindow
RegisterWindowMessageA
PostMessageA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetRectEmpty
RealChildWindowFromPoint
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
CallWindowProcA
TrackPopupMenu
WaitMessage
EnumDisplayMonitors
GetSysColorBrush
MapVirtualKeyA
GetKeyNameTextA
NotifyWinEvent
DrawFocusRect
IntersectRect
MapDialogRect
GetWindow
GetAsyncKeyState
MoveWindow
IsDialogMessageA
ShowOwnedPopups
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
CheckDlgButton
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
CheckMenuItem
GetMenuItemInfoA
InflateRect
GetWindowDC
ScreenToClient
ValidateRect
PeekMessageA
GetKeyState
CallNextHookEx
SetWindowsHookExA
RemoveMenu
GetSubMenu
GetMenuItemID
GetMenuStringA
GetMenuState
RegisterClipboardFormatA
IsWindowEnabled
GetLastActivePopup
UnhookWindowsHookEx
EndDialog
GetNextDlgTabItem
GetDlgItem
CreateDialogIndirectParamA
SetActiveWindow
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA

kernel32

FreeResource
FindResourceA
GlobalAddAtomA
lstrcmpW
LoadLibraryW
GlobalGetAtomNameA
VirtualProtect
FindNextFileA
FileTimeToLocalFileTime
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
GetCurrentDirectoryA
GlobalFlags
GetACP
lstrcmpiA
MoveFileA
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
ConvertDefaultLocale
SetEndOfFile
GetFileSize
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
GetCPInfo
GetOEMCP
FindResourceExW
GetFileAttributesExA
GetFileTime
SetErrorMode
GetTempFileNameA
GetWindowsDirectoryA
GetNumberFormatA
InitializeCriticalSectionAndSpinCount
GetProfileIntA
SearchPathA
EncodePointer
DecodePointer
HeapFree
GetDriveTypeA
FindFirstFileExA
HeapAlloc
ExitThread
CreateThread
HeapSetInformation
GetStartupInfoW
GetFileType
CreateFileW
RtlUnwind
HeapReAlloc
RaiseException
VirtualAlloc
VirtualQuery
ExitProcess
SetStdHandle
HeapSize
HeapQueryInformation
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
GetStringTypeW
HeapCreate
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryW
LCMapStringW
SetHandleCount
GetStdHandle
GetTimeZoneInformation
GetLocaleInfoW
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetModuleFileNameW
GetDriveTypeW
CompareStringW
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
SetEnvironmentVariableA
GetSystemDefaultUILanguage
CompareStringA
ActivateActCtx
DeactivateActCtx
InterlockedExchange
lstrcmpA
GetModuleHandleW
SetLastError
GlobalSize
FormatMessageA
lstrlenW
MulDiv
SuspendThread
GetCurrentThreadId
SetThreadPriority
ExpandEnvironmentStringsA
OpenEventA
GetLocalTime
GetPrivateProfileSectionA
GetGeoInfoA
GetUserDefaultLCID
GetUserGeoID
GetTickCount
ReadFile
GetFileSizeEx
CreateFileA
FindFirstFileA
GetCurrentProcessId
GlobalFree
ReleaseSemaphore
CreateSemaphoreA
GlobalAlloc
GlobalUnlock
GlobalLock
RemoveDirectoryA
WaitForSingleObject
CopyFileA
CreateDirectoryA
GetTempPathA
GetFileAttributesA
GetSystemInfo
GetProcAddress
GetModuleHandleA
FileTimeToSystemTime
GetSystemTimeAsFileTime
GetPrivateProfileStringW
GetCurrentProcess
GetCurrentThread
LocalAlloc
lstrlenA
LocalFree
GetPrivateProfileSectionW
DeleteFileA
GetPrivateProfileSectionNamesA
GetSystemTime
GetDateFormatA
GetTimeFormatA
OpenProcess
OpenMutexA
CreateProcessA
OutputDebugStringA
GetPrivateProfileIntA
GetVersionExA
GlobalDeleteAtom
lstrcpyA
GetExitCodeThread
GetModuleFileNameA
WritePrivateProfileStringA
SetEvent
CreateEventA
InterlockedDecrement
FindClose
FindFirstFileW
FreeLibrary
GetLocaleInfoA
Sleep
LoadLibraryA
CloseHandle
ReleaseMutex
CreateMutexA
GetCommandLineA
MultiByteToWideChar
GlobalFindAtomA
GetPrivateProfileStringA
GetLastError
ResetEvent
WaitForMultipleObjects
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
ResumeThread
ReleaseActCtx
CreateActCtxW
GetProcessHeap
GetUserDefaultUILanguage
UnlockFile

gdi32

GetTextColor
GetBkColor
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
GetRgnBox
SetDIBColorTable
Rectangle
SetPixel
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
CreateEllipticRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceA
SetPixelV
LPtoDP
FillRgn
Ellipse
Polyline
EnumFontFamiliesExA
GetTextCharsetInfo
EnumFontFamiliesA
CreateCompatibleBitmap
CreateDIBitmap
DPtoLP
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateHatchBrush
GetObjectType
SelectPalette
CreateBitmap
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkColor
RestoreDC
SaveDC
CreateDCA
CopyMetaFileA
StretchBlt
TextOutA
PatBlt
LineTo
MoveToEx
SelectObject
SetTextColor
SetBkMode
TextOutW
GetTextMetricsA
GetPixel
RoundRect
GetTextExtentPoint32W
BitBlt
CreateCompatibleDC
GetStockObject
GetTextExtentPoint32A
DeleteObject
CreatePen
GetDeviceCaps
CreateFontIndirectA
GetObjectA
CreateSolidBrush

comdlg32

GetSaveFileNameA
GetFileTitleA

winspool.drv

OpenPrinterA
GetPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExW
RegQueryValueExW
OpenThreadToken
OpenProcessToken
AllocateAndInitializeSid
FreeSid
RegEnumValueA
GetTokenInformation
EqualSid
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegDeleteValueA

shell32

ShellExecuteW
ShellExecuteA
SHCreateDirectoryExA
DoEnvironmentSubstA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetFolderPathA
SHBrowseForFolderA
SHAppBarMessage
DragQueryFileA
DragFinish
SHGetDesktopFolder
SHGetFileInfoA
Shell_NotifyIconA
SHGetSpecialFolderPathA

comctl32

_TrackMouseEvent
InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFileExistsA

ole32

RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoInitialize
DoDragDrop
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoCreateGuid
OleRun
CoCreateInstance
CoUninitialize

oleaut32

VariantCopy
SafeArrayGetElement
SafeArrayGetLBound
VariantChangeType
SysStringLen
VarBstrFromDate
SafeArrayGetUBound
VariantTimeToSystemTime
VariantInit
VariantClear
SysAllocStringLen
SysFreeString
SystemTimeToVariantTime
SysAllocString
GetErrorInfo
SafeArrayGetDim

oledlg

ord8

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

psapi

EnumProcessModules
EnumProcesses
GetModuleFileNameExA

ws2_32

recv
WSAGetLastError
socket
htons
inet_addr
connect
send
closesocket
WSACleanup
getaddrinfo
inet_ntoa
freeaddrinfo
WSAStartup

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

gdiplus

GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipGetImageHeight
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdiplusShutdown

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 425KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58e29042de06971649e6df23fe6e7a4c

Headers

DLL Characteristics

File Characteristics

Imports

wininet

uxtheme

winmm

msimg32

user32

kernel32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

version

psapi

ws2_32

oleacc

gdiplus

imm32

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 425KB - Virtual size: 424KB

.data Size: 29KB - Virtual size: 69KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.reloc Size: 232KB - Virtual size: 231KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 425KB - Virtual size: 424KB

.data
Size: 29KB - Virtual size: 69KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

.reloc
Size: 232KB - Virtual size: 231KB