2024-04-17_0e8ac552a3dd0d30a17cd2ecf28aa24d_mafia_wapomi

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-17_0e8ac552a3dd0d30a17cd2ecf28aa24d_mafia_wapomi
Size

26.0MB
MD5

0e8ac552a3dd0d30a17cd2ecf28aa24d
SHA1

3687b3b20ca116078d8755c1f05760da87ba4687
SHA256

2f01b7feb86dee34016fb69bfac0dcbc866645280a96f5bf850a1d8f7b2f2537
SHA512

546677e768285dea01add233c38d733781fd96af31b60cc8df4947ab27e96643e272e2b57806c9c729710fb07f87bc33f42d4141970b90721f0413226c3174cd
SSDEEP

393216:ZVYDmmWFDwwYBNaDw63E5Og74AscHCTo+RJsv6tWKFdu9CN6j:ZV0mmWFDiaDw605dM8HCrs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-17_0e8ac552a3dd0d30a17cd2ecf28aa24d_mafia_wapomi

Files

2024-04-17_0e8ac552a3dd0d30a17cd2ecf28aa24d_mafia_wapomi
.exe windows:5 windows x86 arch:x86

3556456856aeff7b9cbfdecc6caaed59

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalDrives
GetFileAttributesExW
SetCurrentDirectoryW
GetFileType
SetFilePointerEx
SetEndOfFile
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
FindNextFileW
FindFirstFileExW
WaitForSingleObjectEx
GetModuleHandleW
GetStartupInfoW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
OutputDebugStringW
LoadLibraryW
GetSystemDirectoryW
GetDateFormatW
GetTimeFormatW
GetCurrencyFormatW
GetUserDefaultUILanguage
ResetEvent
GetOverlappedResult
ExpandEnvironmentStringsW
InterlockedDecrement
GlobalUnlock
GlobalLock
GlobalAlloc
GetUserDefaultLangID
CheckRemoteDebuggerPresent
IsValidLocale
IsValidLanguageGroup
lstrcmpW
GlobalSize
GlobalFree
SetFileTime
ExitProcess
GetFileInformationByHandle
GetLongPathNameW
GetVolumeInformationW
GetFileSize
CreateFileA
GetDriveTypeW
RtlUnwind
GetSystemTimeAsFileTime
RaiseException
EncodePointer
DecodePointer
GetCommandLineA
HeapSetInformation
HeapAlloc
HeapFree
HeapReAlloc
ExitThread
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetStdHandle
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
InterlockedIncrement
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapSize
GetModuleFileNameA
SetHandleCount
HeapCreate
HeapDestroy
GetCurrentDirectoryW
SetConsoleCtrlHandler
InterlockedExchange
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetEnvironmentVariableW
SetEnvironmentVariableA
FlushFileBuffers
WriteConsoleW
GetFullPathNameA
LCMapStringW
GetStringTypeW
GetLocaleInfoA
EnumSystemLocalesA
lstrlenW
GetTempPathW
GetFullPathNameW
DeviceIoControl
FindFirstFileW
FindClose
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
QueryPerformanceCounter
QueryPerformanceFrequency
GetEnvironmentStringsW
FreeEnvironmentStringsW
CreateProcessW
PeekNamedPipe
ReadFile
GetStdHandle
WriteFile
SetFilePointer
GetExitCodeProcess
CreatePipe
WideCharToMultiByte
MultiByteToWideChar
FormatMessageW
LocalFree
GetVersionExW
VerSetConditionMask
VerifyVersionInfoW
GetLocaleInfoW
GetSystemTime
GetLocalTime
DuplicateHandle
CreateEventW
CreateThread
SetEvent
WaitForMultipleObjects
TlsGetValue
GetThreadPriority
ResumeThread
SetThreadPriority
TerminateThread
TlsAlloc
GetCurrentThread
Sleep
SwitchToThread
FindNextChangeNotification
GetSystemInfo
GetCurrentThreadId
TlsSetValue
TlsFree
CreateSemaphoreW
WaitForSingleObject
ReleaseSemaphore
SetErrorMode
LoadLibraryExW
GetProcAddress
FreeLibrary
GetCommandLineW
GetCurrentProcessId
GetUserDefaultLCID
CompareStringW
LocalFileTimeToFileTime
SystemTimeToFileTime
CreateFileW
DeleteFileW
MoveFileW
CopyFileW
GetFileAttributesW
RemoveDirectoryW
FatalAppExitA
CreateDirectoryW
FindCloseChangeNotification
lstrlenA
FindFirstChangeNotificationW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
TerminateProcess
GetCurrentProcess
GetTickCount
OpenProcess
ReadProcessMemory
WriteProcessMemory
CloseHandle
CreateMutexW
GetLastError
ReleaseMutex
GetProfileStringW
SetFileAttributesW

user32

SetMenuItemInfoW
GetMenu
GetClipboardFormatNameW
TrackPopupMenuEx
MapVirtualKeyW
GetKeyboardState
ToAscii
GetWindow
GetClassNameA
GetWindowTextA
GetTopWindow
PostMessageA
GetWindowThreadProcessId
EnumChildWindows
SendMessageA
ToUnicode
CharNextExA
PostMessageW
PostThreadMessageW
GetKeyboardLayout
DestroyCaret
SetCaretPos
CreateCaret
HideCaret
GetKeyboardLayoutList
RegisterWindowMessageW
GetAsyncKeyState
RegisterClipboardFormatW
GetIconInfo
DrawIconEx
GetClassInfoW
GetSysColorBrush
RegisterClassExW
GetWindowRgn
ClipCursor
GetUpdateRect
InvalidateRgn
BeginPaint
EndPaint
GetSysColor
WindowFromPoint
LoadIconW
SetClipboardViewer
ChangeClipboardChain
EnumWindows
PeekMessageW
GetMessageW
SetTimer
CallNextHookEx
KillTimer
GetQueueStatus
DefWindowProcW
GetWindowLongW
SetWindowLongW
CreateWindowExW
RegisterClassW
UnregisterClassW
DestroyWindow
UnhookWindowsHookEx
SetWindowsHookExW
DispatchMessageW
TranslateMessage
MsgWaitForMultipleObjectsEx
EnableMenuItem
GetSystemMenu
SetFocus
GetFocus
IsChild
GetActiveWindow
GetDC
ReleaseDC
DestroyIcon
GetParent
GetDoubleClickTime
SetDoubleClickTime
SetCaretBlinkTime
GetKeyState
GetCaretBlinkTime
FlashWindowEx
MessageBeep
LoadImageW
CreateCursor
CreateIconIndirect
GetCursorPos
SetCursorPos
DestroyCursor
SystemParametersInfoW
GetDesktopWindow
SetParent
ValidateRgn
GetClientRect
GetWindowPlacement
SetWindowPlacement
GetWindowRect
IsWindowVisible
IsIconic
IsZoomed
MoveWindow
InvalidateRect
ShowWindow
ScreenToClient
SetWindowRgn
SetCursor
SetCapture
GetSystemMetrics
SendMessageW
SetWindowTextW
AdjustWindowRectEx
ScrollWindowEx
UpdateWindow
SetWindowPos
SetForegroundWindow
ReleaseCapture
ClientToScreen

advapi32

FreeSid
GetLengthSid
GetTokenInformation
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegFlushKey
RegQueryValueExW
RegSetValueExW
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
CopySid
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges

shell32

ShellExecuteW
SHGetFileInfoW

ole32

OleInitialize
CoCreateGuid
StringFromGUID2
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoCreateInstance
ReleaseStgMedium
DoDragDrop
OleGetClipboard
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemFree
CoGetMalloc
CoInitialize
CoUninitialize
OleUninitialize

ws2_32

getsockname
getpeername
WSAHtons
WSAHtonl
WSANtohs
WSANtohl
closesocket
select
__WSAFDIsSet
WSARecv
WSAConnect
WSAAccept
listen
setsockopt
WSASocketW
WSAIoctl
WSACleanup
WSAStartup
WSAGetLastError
getsockopt
htonl
WSAAsyncSelect
bind
WSASendTo
WSASend
ntohl
gethostname
gethostbyaddr
gethostbyname
inet_addr
WSARecvFrom

gdi32

GetDeviceCaps
GetRegionData
CreateRectRgn
CreateEllipticRgn
GetObjectW
GetStockObject
RealizePalette
SelectPalette
PtInRegion
GetDIBits
CreateDIBSection
CreateBitmap
DeleteDC
SelectObject
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
GetOutlineTextMetricsW
ExtTextOutW
SetTextAlign
SetBkMode
SetTextColor
GetGlyphOutlineW
SetWorldTransform
SetGraphicsMode
GetTextMetricsW
CreateFontIndirectW
GetTextExtentPoint32W
GetCharABCWidthsFloatW
GetCharABCWidthsI
GetCharABCWidthsW
CombineRgn
GetTextFaceW
EnumFontFamiliesExW
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
GdiFlush
SelectClipRgn
ResetDCW
EndDoc
EndPage
AbortDoc
StartPage
GetBkMode
CreatePen
CreateSolidBrush
RestoreDC
StretchBlt
SaveDC
SetPolyFillMode
EndPath
MoveToEx
CloseFigure
LineTo
PolyBezierTo
BeginPath
FillPath
StrokePath
ExtCreatePen
CreateDCW
StartDocW
SelectClipPath
GetFontData
DeleteObject
OffsetRgn

comdlg32

PrintDlgExW

oleaut32

SysAllocString
SysFreeString
SysAllocStringLen
VariantInit
GetErrorInfo
VariantChangeType
VariantClear
SetErrorInfo
CreateErrorInfo
SysStringLen

imm32

ImmSetCompositionWindow
ImmSetCandidateWindow
ImmAssociateContext
ImmGetCompositionStringW
ImmNotifyIME
ImmGetDefaultIMEWnd
ImmGetContext
ImmReleaseContext
ImmSetCompositionFontW

winmm

PlaySoundW

winspool.drv

ClosePrinter
OpenPrinterW
GetPrinterW
DeviceCapabilitiesW
EnumPrintersW
EnumFormsW

Sections

.text
Size: 10.3MB - Virtual size: 10.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15.2MB - Virtual size: 15.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 403KB - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

�)��u�
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3556456856aeff7b9cbfdecc6caaed59

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

ws2_32

gdi32

comdlg32

oleaut32

imm32

winmm

winspool.drv

Sections

.text Size: 10.3MB - Virtual size: 10.3MB

.rdata Size: 15.2MB - Virtual size: 15.2MB

.data Size: 62KB - Virtual size: 92KB

.idata Size: 14KB - Virtual size: 14KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 403KB - Virtual size: 403KB

�)��u� Size: 16KB - Virtual size: 20KB

.text
Size: 10.3MB - Virtual size: 10.3MB

.rdata
Size: 15.2MB - Virtual size: 15.2MB

.data
Size: 62KB - Virtual size: 92KB

.idata
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 403KB - Virtual size: 403KB

�)��u�
Size: 16KB - Virtual size: 20KB