2024-04-20_7fea1af1892a9a0dec07edbc3a88f9aa_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-20_7fea1af1892a9a0dec07edbc3a88f9aa_mafia
Size

2.4MB
MD5

7fea1af1892a9a0dec07edbc3a88f9aa
SHA1

0de02c1feb02fc426e358dcedabbe70577d1f4e5
SHA256

d8842d5f3945f3bcbeab8c416dd4ce8d865f30cc8b48cc70b73eda1c91c389d5
SHA512

edc85a4aa8ada5047c9fe228e4858ead3111a5e8f61d5b2b87ed2ec39ed327b6dc8fbb86c9b0a3299e07bed1d39d9172b8b38f784ef041e5b5f34c89b10233bb
SSDEEP

49152:tn++O7lmmyZc1uijWXnj3YncyFV/DLi/v7QKBWLFrfweq4JLvBftdGl16aNOEq0o:d++HmyZc1aXDYncyFV/Dav7QKBWGD4J3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-20_7fea1af1892a9a0dec07edbc3a88f9aa_mafia

Files

2024-04-20_7fea1af1892a9a0dec07edbc3a88f9aa_mafia
.exe windows:5 windows x86 arch:x86

df01e5917bba7333485bb7af0bfd8676

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\arnaldo\Documents\Visual Studio 2010\Projects\Logitherm\Release\Logitherm.pdb

Imports

kernel32

WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
SetStdHandle
VirtualQuery
GetSystemInfo
SizeofResource
VirtualAlloc
HeapSize
HeapQueryInformation
ExitThread
ExitProcess
HeapReAlloc
RtlUnwind
HeapFree
LCMapStringW
CreateDirectoryW
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
IsProcessorFeaturePresent
GetConsoleMode
GetUserDefaultLCID
VirtualProtect
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GetFileAttributesExW
SetErrorMode
SearchPathW
GetProfileIntW
GetFileAttributesW
GetNumberFormatW
GetWindowsDirectoryW
GetTempPathW
GetTempFileNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
HeapAlloc
InterlockedCompareExchange
InterlockedPushEntrySList
VirtualFree
InterlockedPopEntrySList
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
lstrcmpiW
DeleteFileW
GetCurrentDirectoryW
FileTimeToSystemTime
GetThreadLocale
GetSystemDirectoryW
GlobalGetAtomNameW
lstrlenA
InterlockedIncrement
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
WaitForSingleObject
ResumeThread
SetThreadPriority
GetPrivateProfileIntW
lstrcpyW
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
CompareStringA
LoadLibraryExW
InterlockedExchange
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GetCurrentProcessId
CopyFileW
GlobalSize
FormatMessageW
LocalFree
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
ActivateActCtx
DeactivateActCtx
lstrcmpW
FreeResource
SetLastError
RaiseException
MultiByteToWideChar
GetModuleFileNameW
GetLastError
CreateMutexW
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
GetLocaleInfoW
GetSystemTime
Sleep
GetModuleHandleW
FreeLibrary
CloseHandle
WaitForMultipleObjects
CreateThread
WideCharToMultiByte
GetProcAddress
LoadLibraryW
GetPrivateProfileStringW
WritePrivateProfileStringW
lstrlenW
MulDiv
GetTickCount
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
FindResourceW
LoadResource
LockResource
GetConsoleCP

user32

CharUpperBuffW
CopyIcon
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
RegisterClipboardFormatW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetIconInfo
HideCaret
InvertRect
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyW
ToUnicodeEx
DrawFrameControl
DrawEdge
DrawIconEx
SetClassLongW
DestroyAcceleratorTable
SetParent
DestroyIcon
GetNextDlgGroupItem
InvalidateRgn
SetRect
CopyAcceleratorTableW
CharNextW
WaitMessage
GetMenuDefaultItem
SetMenuDefaultItem
CreatePopupMenu
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
IsRectEmpty
CharUpperW
IsZoomed
GetAsyncKeyState
NotifyWinEvent
MessageBeep
ReleaseCapture
SetCapture
SetWindowRgn
GetSystemMenu
DeleteMenu
UnregisterClassW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
GetSysColorBrush
CopyImage
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
ShowOwnedPopups
SetCursor
GetMessageW
TranslateMessage
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
DrawStateW
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetCursorPos
WindowFromPoint
IntersectRect
GetWindowThreadProcessId
GetWindowDC
FillRect
PostThreadMessageW
AppendMenuW
InsertMenuW
RemoveMenu
IsWindowEnabled
ShowWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
RedrawWindow
IsWindowVisible
ValidateRect
UpdateWindow
GetMenuItemID
GetMenuItemCount
GetClassInfoW
RegisterClassW
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
CreateMenu
IsClipboardFormatAvailable
GetUpdateRect
GetDoubleClickTime
IsCharLowerW
GetKeyNameTextW
MapVirtualKeyExW
SubtractRect
DestroyCursor
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetMenu
SetWindowPos
LoadMenuW
GetSubMenu
LoadImageW
GetDlgCtrlID
GetWindow
GetWindowRgn
GetMenuStringW
MoveWindow
AdjustWindowRectEx
ClientToScreen
TranslateAcceleratorW
LoadAcceleratorsW
CreateWindowExW
LoadCursorW
GetClassInfoExW
RegisterClassExW
DrawIcon
OffsetRect
GetSystemMetrics
PtInRect
ScreenToClient
IsIconic
SetForegroundWindow
SendMessageTimeoutW
RegisterWindowMessageW
CallWindowProcW
DefWindowProcW
GetWindowLongW
SetWindowLongW
LoadIconW
MessageBoxW
LoadBitmapW
PostMessageW
ReleaseDC
EndPaint
BeginPaint
GetDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
IsWindow
GetWindowRect
GetClientRect
InvalidateRect
EqualRect
FrameRect
InflateRect
DrawFocusRect
GetSysColor
CopyRect
EnableWindow
SetTimer
GetParent
SendMessageW
KillTimer
RealChildWindowFromPoint
UnregisterClassA

gdi32

CreatePatternBrush
SelectPalette
GetObjectType
CreateHatchBrush
CreateFontIndirectW
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetTextExtentPoint32W
CreateDIBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
CreateDIBSection
GetBkColor
GetTextColor
GetRgnBox
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
SetPixel
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetTextFaceW
SetPixelV
IntersectClipRect
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
GetNearestPaletteIndex
GetStockObject
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
CreateDCW
CopyMetaFileW
CreateFontW
GetTextExtentPointA
GetTextMetricsA
SetDCPenColor
SetDCBrushColor
SetBitmapBits
SetTextAlign
Rectangle
LineTo
MoveToEx
SetTextColor
SetStretchBltMode
SetBkMode
SetBkColor
CreateBitmap
GetObjectW
StretchBlt
DeleteDC
CreateSolidBrush
GetDeviceCaps
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
RoundRect
SelectObject
CreatePen
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
RegCloseKey
RegEnumKeyExW

shell32

SHAppBarMessage
ShellExecuteW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListW
DragQueryFileW
DragFinish
SHGetFolderPathW
SHGetFileInfoW
SHBrowseForFolderW

comctl32

_TrackMouseEvent
InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathRemoveFileSpecW
PathIsUNCW

ole32

OleCreateMenuDescriptor
CoInitializeEx
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleDestroyMenuDescriptor
CoInitialize
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoGetClassObject
CoTaskMemFree
CreateStreamOnHGlobal
CoRegisterMessageFilter
CoUninitialize
CoRevokeClassObject

oleaut32

SysFreeString
OleCreateFontIndirect
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysStringLen
SysAllocString
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen

oledlg

OleUIBusyW

gdiplus

GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdiplusShutdown
GdiplusStartup
GdipDrawImageRectRect
GdipGetImageHeight
GdipGetImageWidth
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipDrawImageRectI
GdipDeleteGraphics
GdipCreateFromHDC
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromStream
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipDrawImageI

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 650KB - Virtual size: 649KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df01e5917bba7333485bb7af0bfd8676

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 295KB - Virtual size: 294KB

.data Size: 29KB - Virtual size: 60KB

.rsrc Size: 650KB - Virtual size: 649KB

.reloc Size: 174KB - Virtual size: 173KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 295KB - Virtual size: 294KB

.data
Size: 29KB - Virtual size: 60KB

.rsrc
Size: 650KB - Virtual size: 649KB

.reloc
Size: 174KB - Virtual size: 173KB