2024-04-18_347ee3d0fc2319c3fef52a484fc75a17_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-18_347ee3d0fc2319c3fef52a484fc75a17_mafia
Size

1.9MB
MD5

347ee3d0fc2319c3fef52a484fc75a17
SHA1

ec0c998e3025cac24eb4ced15e7fb8cd48a64969
SHA256

15775c789447bc7df2541e9f3d4f301a84fb98fff0a5d1c4322119988ca6e80c
SHA512

9bdb725831153c7d8d31c5b5b62e32c0f0062f97cb228f3c1ad4789bb631eef803176b529c74b0fed5a6bdd5dc426d0bdbf411925da43f1998019cf12c737d7e
SSDEEP

49152:s0jSfSRa4dxskZQrrolQaLw5P39R1hXTN7N6KWZgKNF9zFUXd3UPdQd:HJRa4dxZQrroJk539R1hDN7N6KWa22db

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-18_347ee3d0fc2319c3fef52a484fc75a17_mafia

Files

2024-04-18_347ee3d0fc2319c3fef52a484fc75a17_mafia
.exe windows:5 windows x86 arch:x86

3441f892ddf82f03dceae929258dd408

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetStringTypeW
GetDriveTypeW
IsValidCodePage
GetStdHandle
GetConsoleMode
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
TerminateProcess
IsDebuggerPresent
LCMapStringW
GetConsoleCP
GetTimeZoneInformation
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetFileType
SetStdHandle
HeapQueryInformation
HeapSize
ExitProcess
ExitThread
HeapReAlloc
VirtualQuery
GetSystemInfo
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetCurrentDirectoryW
DecodePointer
EncodePointer
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
FindResourceExW
VirtualProtect
SearchPathA
GetProfileIntA
GetTickCount
GetTempPathA
GetTempFileNameA
GetNumberFormatA
GetWindowsDirectoryA
SetErrorMode
GetCurrentDirectoryA
lstrcpyA
GetSystemDirectoryW
GetOEMCP
GetCPInfo
GetACP
GlobalFlags
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
GetThreadLocale
GetFileTime
GetFileSizeEx
GetFileAttributesA
GetFileAttributesExA
CreateFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindFirstFileA
FindNextFileA
FindClose
GetPrivateProfileIntA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
LoadLibraryExA
lstrcmpA
GetModuleHandleW
InterlockedExchange
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
LoadLibraryW
lstrcmpW
FindResourceA
FreeResource
GetCurrentProcessId
SuspendThread
GetCurrentThreadId
ResumeThread
SetThreadPriority
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
MultiByteToWideChar
MulDiv
lstrlenA
CreateDirectoryA
ActivateActCtx
DeactivateActCtx
SetLastError
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
CreateThread
RemoveDirectoryA
WaitForSingleObject
CloseHandle
ResetEvent
GetDateFormatA
GetLocaleInfoA
GetTimeFormatA
GetModuleFileNameA
CreateEventA
DeleteFileA
GetPrivateProfileStringA
WritePrivateProfileStringA
VirtualAlloc
GetVersionExA
HeapAlloc
HeapFree
HeapDestroy
HeapCreate
GetLocalTime
Sleep
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
SetEvent
FindResourceW
LoadResource
LockResource
CompareStringW
SizeofResource

user32

SetCapture
DeleteMenu
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
CopyImage
RealChildWindowFromPoint
UnregisterClassA
CharUpperA
IntersectRect
MapVirtualKeyA
GetKeyNameTextA
DestroyMenu
GetMenuItemInfoA
EndPaint
BeginPaint
GetDC
GrayStringA
DrawTextExA
TabbedTextOutA
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
WaitMessage
SetWindowLongA
SetWindowPos
GetWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
SetWindowsHookExA
CallNextHookEx
GetMessageA
GetActiveWindow
GetKeyState
ValidateRect
UnhookWindowsHookEx
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
InflateRect
GetNextDlgGroupItem
ClientToScreen
WindowFromPoint
DestroyIcon
GetIconInfo
DrawEdge
SetRectEmpty
DrawStateA
GetCapture
ReleaseCapture
UpdateWindow
GetWindowRgn
LoadBitmapA
GetSysColorBrush
LoadImageA
SetCursor
LoadCursorA
RedrawWindow
SetWindowRgn
LoadBitmapW
CopyRect
GetWindowDC
ReleaseDC
GetWindowLongA
GetParent
GetWindowRect
DispatchMessageA
TranslateMessage
PeekMessageA
MsgWaitForMultipleObjects
MessageBoxA
OffsetRect
GetSysColor
SetRect
DrawTextA
FillRect
GetCursorPos
GetSystemMetrics
LoadIconW
FlashWindow
GetDesktopWindow
KillTimer
SetTimer
IsWindowVisible
IsIconic
GetSystemMenu
LoadMenuW
GetSubMenu
AppendMenuA
DrawIcon
CharNextA
CopyAcceleratorTableA
IsRectEmpty
DestroyCursor
SubtractRect
GetDoubleClickTime
CharUpperBuffA
CopyIcon
GetUpdateRect
FindWindowA
SendMessageA
SetForegroundWindow
SetFocus
EnableWindow
SystemParametersInfoA
IsWindow
InvalidateRect
GetClientRect
PostMessageA
PtInRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
CreateMenu
TranslateMDISysAccel
wsprintfA
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
PostThreadMessageA
IsMenu
MonitorFromPoint
UpdateLayeredWindow
InvalidateRgn
MapVirtualKeyExA
IsCharLowerA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
RegisterClipboardFormatA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
DrawFrameControl
SetClassLongA
DestroyAcceleratorTable
SetParent
IsZoomed
DrawIconEx
NotifyWinEvent
EnableScrollBar
HideCaret
DrawFocusRect
InvertRect
GetAsyncKeyState
CreatePopupMenu
GetMenuDefaultItem
GetMenu
MessageBeep
UnionRect

gdi32

ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
SelectPalette
GetObjectType
CreateSolidBrush
CreateHatchBrush
GetTextExtentPoint32A
CreateRectRgnIndirect
PatBlt
SetRectRgn
GetMapMode
GetClipBox
GetTextMetricsA
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetBkColor
GetTextColor
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
OffsetRgn
EnumFontFamiliesExA
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceA
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
CreateDCA
CopyMetaFileA
GetDeviceCaps
CreatePen
SelectClipRgn
GetRgnBox
PtInRegion
CreateRectRgn
CombineRgn
CreateFontIndirectA
GetObjectA
GetDIBits
DeleteObject
BitBlt
DPtoLP
GetStockObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegFlushKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyA
RegDeleteValueA
RegEnumKeyExA
RegCloseKey
RegQueryValueA
RegEnumValueA
RegQueryValueExA

shell32

ShellExecuteA
SHGetFileInfoA
SHGetDesktopFolder
SHAppBarMessage
SHBrowseForFolderA
Shell_NotifyIconA
DragQueryFileA
DragFinish
SHGetSpecialFolderLocation
SHGetPathFromIDListA

comctl32

_TrackMouseEvent
ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

ole32

CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoCreateInstance
CoInitialize
CoUninitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoInitializeEx
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CreateStreamOnHGlobal
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoTaskMemFree

oleaut32

VariantInit
SysAllocStringLen
SysStringLen
VariantCopy
VariantChangeType
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
VariantClear
SysFreeString
SysAllocStringByteLen

oledlg

ord8

ws2_32

WSACleanup
setsockopt
WSAStartup
WSAGetLastError
socket
bind
listen
accept
recv
htons
gethostbyname
ntohl
htonl
inet_ntoa
gethostname
ntohs
closesocket

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

gdiplus

GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

msimg32

TransparentBlt
AlphaBlend

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 283KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3441f892ddf82f03dceae929258dd408

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

ws2_32

oleacc

gdiplus

imm32

winmm

msimg32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 283KB - Virtual size: 282KB

.data Size: 25KB - Virtual size: 54KB

.rsrc Size: 243KB - Virtual size: 243KB

.reloc Size: 170KB - Virtual size: 170KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 283KB - Virtual size: 282KB

.data
Size: 25KB - Virtual size: 54KB

.rsrc
Size: 243KB - Virtual size: 243KB

.reloc
Size: 170KB - Virtual size: 170KB