2024-04-17_92769a948bfe21643360014cbcd2056f_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-17_92769a948bfe21643360014cbcd2056f_mafia
Size

1.2MB
MD5

92769a948bfe21643360014cbcd2056f
SHA1

74000a68cc82ab67868a6cae2c5943533a5891ea
SHA256

ad2df5280c2f6877bd5c6d4017f1bb21a3de5363562c133931c47bdf8b7b4585
SHA512

b6b66c562f601df5394a79f2a002ca81eed4b0be961bcec39e6dd13ba23de2f07d01d49ce653f856df0538317d92e3aa92c3733bf0a0c5651683bf20477627f3
SSDEEP

24576:an238sAfVuAQ/KFqjO1lhOJhQyU7aiW2QJVAt:ZzlJyy5iWpc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-17_92769a948bfe21643360014cbcd2056f_mafia

Files

2024-04-17_92769a948bfe21643360014cbcd2056f_mafia
.exe windows:5 windows x86 arch:x86

929af2221ecff977489e2710c161f62a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

wsock32

htonl
closesocket
WSAGetLastError
select
gethostname
inet_ntoa
bind
listen
htons
socket
WSAAsyncSelect
connect
inet_addr
ioctlsocket
accept
send
recv
WSAStartup
WSACleanup
gethostbyname

winmm

PlaySoundA

kernel32

Sleep
GetProcAddress
LoadLibraryA
GetCurrentProcessId
SetCurrentDirectoryA
lstrcpynA
FindNextFileA
InterlockedExchange
CompareStringW
GlobalUnlock
GlobalLock
GlobalAlloc
GetTimeZoneInformation
GetModuleFileNameW
GetStdHandle
ExitProcess
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCPInfo
LCMapStringW
FindFirstFileExA
GetDriveTypeA
GetModuleFileNameA
FileTimeToSystemTime
GetStartupInfoW
HeapSetInformation
GetCommandLineA
VirtualQuery
GetSystemInfo
GetModuleHandleW
VirtualProtect
GetDateFormatA
GetTimeFormatA
RtlUnwind
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
GetThreadLocale
GetLocaleInfoA
GetACP
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
IsDBCSLeadByte
InterlockedDecrement
InterlockedIncrement
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
FindFirstFileA
FindClose
CreateDirectoryA
GetUserDefaultLangID
lstrcpyA
GetWindowsDirectoryA
GetSystemDirectoryA
GetCurrentDirectoryA
TlsSetValue
TlsFree
GetLocaleInfoW
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
lstrcatA
CreateMutexA
GetLastError
CreateEventA
CreateThread
WaitForSingleObject
SetEvent
DeleteCriticalSection
InitializeCriticalSection
LockFile
UnlockFile
GetFileSize
ReadFile
SetFilePointer
CreateFileA
CloseHandle
WriteFile
lstrcmpiA
GetModuleHandleA
lstrcmpA
lstrlenA
WinExec
GetVersionExA
MulDiv
SetLastError
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
RaiseException
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetConsoleCP
TlsAlloc
GetConsoleMode
SetStdHandle
GetFullPathNameA
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryW
FlushFileBuffers
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
LoadLibraryW
WriteConsoleW
GetDriveTypeW
SetEndOfFile
SetEnvironmentVariableA
CreateFileW
FileTimeToLocalFileTime
TlsGetValue

user32

SetDlgItemInt
DrawFocusRect
CreateDialogParamA
OpenClipboard
CloseClipboard
GetClipboardData
SendDlgItemMessageA
SetClipboardData
EmptyClipboard
CharNextA
DestroyIcon
CreateIconFromResourceEx
LoadBitmapA
UnregisterClassA
MoveWindow
PostThreadMessageA
TranslateMessage
EnableMenuItem
WaitMessage
SetParent
DragDetect
EqualRect
IntersectRect
GetDoubleClickTime
GetClassLongA
DestroyCursor
GetDlgCtrlID
KillTimer
SetTimer
GetKeyState
GetMessageA
GetForegroundWindow
IsRectEmpty
GetTopWindow
IsWindowEnabled
BeginDeferWindowPos
IsZoomed
IsIconic
DrawMenuBar
GetMenuStringA
PeekMessageA
MessageBeep
TrackPopupMenu
AdjustWindowRectEx
AppendMenuA
GetWindowThreadProcessId
CreatePopupMenu
LoadStringW
PostQuitMessage
GetSystemMenu
GetCursorPos
IsMenu
SetWindowsHookExA
UnhookWindowsHookEx
GetCapture
SetCursor
PtInRect
ReleaseCapture
SetCapture
ScreenToClient
GetClassNameA
CallNextHookEx
EndPaint
BeginPaint
CallWindowProcA
GetSysColorBrush
GetWindowDC
GetSubMenu
FlashWindowEx
BringWindowToTop
TranslateMDISysAccel
DeleteMenu
SetMenu
GetMenu
WindowFromPoint
EnumWindows
SetRect
GetDC
ReleaseDC
DefWindowProcA
SetMenuDefaultItem
ModifyMenuA
TrackPopupMenuEx
MonitorFromPoint
EndDeferWindowPos
SetForegroundWindow
DeferWindowPos
DefFrameProcA
SetWindowPlacement
CharLowerA
FrameRect
DrawFrameControl
GetMenuDefaultItem
ClientToScreen
DrawIconEx
GetMonitorInfoA
SetMenuItemInfoA
GetMenuItemInfoA
GetMenuItemCount
DestroyMenu
DrawEdge
DrawTextA
FillRect
WindowFromDC
GetSysColor
OffsetRect
InflateRect
CopyRect
LoadIconA
SetRectEmpty
TranslateAcceleratorA
CheckMenuItem
MessageBoxA
UpdateWindow
RemoveMenu
GetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetSystemMetrics
InvalidateRect
GetMessagePos
GetAsyncKeyState
LoadStringA
LoadAcceleratorsA
ShowWindow
GetActiveWindow
LoadMenuA
DefMDIChildProcA
SetFocus
GetFocus
IsChild
DialogBoxParamA
PostMessageA
GetClassInfoExA
LoadCursorA
LoadImageA
RegisterClassExA
RedrawWindow
IsWindowVisible
SetWindowLongA
IsWindow
EnableWindow
DestroyWindow
CreateWindowExA
SendMessageA
RegisterWindowMessageA
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
MapWindowPoints
SetWindowPos
GetDlgItem
GetParent
EndDialog
SetWindowTextA
GetWindowLongA
DispatchMessageA
SendMessageTimeoutA

gdi32

GetClipRgn
CreateRectRgn
GetTextExtentExPointA
CreateFontA
GetTextMetricsA
SetBrushOrgEx
CreateDIBSection
Rectangle
LPtoDP
SetBkColor
Polyline
ExtTextOutA
Polygon
IntersectClipRect
SelectClipRgn
SetViewportOrgEx
RestoreDC
SaveDC
CreateSolidBrush
BitBlt
GetClipBox
CreateCompatibleBitmap
SetWindowOrgEx
CreateCompatibleDC
CreateBitmap
CreatePatternBrush
PatBlt
GetObjectA
GetStockObject
GetDeviceCaps
DPtoLP
DeleteDC
ExtCreatePen
CreateFontIndirectA
DeleteObject
CreatePen
GetTextExtentPoint32A
LineTo
MoveToEx
SetTextColor
GetViewportOrgEx
SelectObject
SetBkMode

comdlg32

GetOpenFileNameA
GetSaveFileNameA
ChooseColorA

advapi32

RegSetValueExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegCreateKeyA

shell32

SHGetPathFromIDListA
ShellExecuteA
Shell_NotifyIconA
DragQueryFileA
DragQueryPoint
DragFinish
SHBrowseForFolderA

ole32

CoUninitialize
CoInitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
DoDragDrop

oleaut32

VariantChangeType
VariantCopy
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
VariantClear
VariantInit
SysFreeString
VarUI4FromStr
SysAllocString

comctl32

ImageList_BeginDrag
_TrackMouseEvent
ImageList_ReplaceIcon
ImageList_EndDrag
ImageList_Create
ImageList_Draw
ImageList_GetImageInfo
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_DragLeave
InitCommonControlsEx
ImageList_GetIcon
ImageList_AddMasked
ImageList_GetImageCount
ImageList_LoadImageA
ImageList_Destroy
ord6

msimg32

GradientFill

Sections

.text
Size: 826KB - Virtual size: 825KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 449B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

929af2221ecff977489e2710c161f62a

Headers

DLL Characteristics

File Characteristics

Imports

version

wsock32

winmm

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

msimg32

Sections

.text Size: 826KB - Virtual size: 825KB

.rdata Size: 132KB - Virtual size: 132KB

.data Size: 56KB - Virtual size: 82KB

.tls Size: 512B - Virtual size: 449B

.rsrc Size: 113KB - Virtual size: 112KB

.reloc Size: 65KB - Virtual size: 64KB

.text
Size: 826KB - Virtual size: 825KB

.rdata
Size: 132KB - Virtual size: 132KB

.data
Size: 56KB - Virtual size: 82KB

.tls
Size: 512B - Virtual size: 449B

.rsrc
Size: 113KB - Virtual size: 112KB

.reloc
Size: 65KB - Virtual size: 64KB