2024-04-20_e562aa4695924a58b609eca275c8234c_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-20_e562aa4695924a58b609eca275c8234c_mafia
Size

6.6MB
MD5

e562aa4695924a58b609eca275c8234c
SHA1

dd423c7ec5d2ba65cc48f5d95b4c4d2087281717
SHA256

f1031ec8aa53737cb08774fbe4d46755f8986993a79202b1bdf1e75caab3387d
SHA512

e45d397d91a1eab609dfb56f520fc26a6ef8e5debb8e555bc35884f54be86cb7c64232fd366e1e0c86f79ad0fea1d876aa6d849c7a4415575dd43fb8d4257e41
SSDEEP

98304:0SPSmPk5Fa2eaY+g2kkF+Zh9RegSQrGXonRQdGmkQD4imeIGWNai29:0Q9jaUhOG2IQdoymeIGWNaV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-20_e562aa4695924a58b609eca275c8234c_mafia

Files

2024-04-20_e562aa4695924a58b609eca275c8234c_mafia
.exe windows:5 windows x86 arch:x86

a79e5093d489e22684b041080c5b5295

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscms

CloseColorProfile
OpenColorProfileW
CreateMultiProfileTransform
DeleteColorTransform
GetStandardColorSpaceProfileW
TranslateBitmapBits

cudart32_50_35

__cudaRegisterVar
__cudaRegisterTexture
__cudaRegisterFunction
__cudaRegisterFatBinary
cudaConfigureCall
cudaCreateChannelDesc
cudaGetDeviceProperties
cudaSetupArgument
cudaDeviceSynchronize
cudaMalloc
cudaMemcpy
cudaGetErrorString
cudaFree
cudaSetDeviceFlags
cudaDeviceReset
cudaBindTexture
cudaUnbindTexture
cudaMemcpyToSymbol
cudaSetDevice
__cudaUnregisterFatBinary
cudaGetDeviceCount
cudaLaunch

kernel32

ExitThread
CreateThread
SetStdHandle
GetFileType
HeapSize
HeapQueryInformation
VirtualAlloc
VirtualQuery
FindFirstFileExW
LCMapStringW
GetCPInfo
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
QueryPerformanceCounter
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
IsProcessorFeaturePresent
GetACP
GetOEMCP
HeapReAlloc
GetTimeZoneInformation
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetFileInformationByHandle
PeekNamedPipe
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
GetTimeFormatA
EnumResourceLanguagesW
LoadLibraryA
GetModuleHandleA
TerminateThread
CreateDirectoryW
lstrcpynW
RaiseException
RtlUnwind
ExitProcess
GetSystemTimeAsFileTime
LocalSize
OpenProcess
GetModuleFileNameA
LoadLibraryExA
IsValidCodePage
GetDateFormatA
GetPrivateProfileSectionNamesW
EnumResourceTypesW
EnumResourceNamesW
FindResourceW
LoadResource
LockResource
SizeofResource
GetWindowsDirectoryW
LoadLibraryW
FreeLibrary
lstrcpyW
MultiByteToWideChar
GetVersionExW
GetSystemInfo
HeapAlloc
GetProcessHeap
HeapFree
GetComputerNameW
FormatMessageW
LocalFree
GetCommandLineW
CreateMutexW
GetLastError
WaitForSingleObject
ReleaseMutex
CloseHandle
GetModuleFileNameW
lstrcatW
CreateProcessW
GetDriveTypeW
SetEvent
ResetEvent
ResumeThread
WaitForMultipleObjects
Sleep
CreateFileW
ReadDirectoryChangesW
CancelIo
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
SetLastError
GetDateFormatW
GetTimeFormatW
GetStartupInfoW
HeapSetInformation
DecodePointer
EncodePointer
CreateFileA
InterlockedExchangeAdd
SearchPathW
GetNumberFormatW
FindResourceExW
GetTempPathW
SetErrorMode
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetCurrentThread
GetUserDefaultUILanguage
DeactivateActCtx
GetModuleHandleW
GetProcAddress
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
LoadLibraryExW
CompareStringA
InterlockedExchange
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GlobalGetAtomNameW
GetDiskFreeSpaceW
GetTempFileNameW
ReplaceFileW
GetUserDefaultLCID
lstrlenA
lstrcmpA
FindNextFileW
GetProfileIntW
GetCurrentDirectoryW
ReleaseSemaphore
CreateSemaphoreW
VirtualProtect
GetSystemDirectoryW
CreateEventW
SetThreadPriority
GetCurrentProcessId
GetFileTime
GetFileSizeEx
GetFileAttributesW
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
SetFileAttributesW
GetFileAttributesExW
WideCharToMultiByte
CopyFileW
GlobalSize
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
MoveFileW
DeleteFileW
lstrcmpiW
GetThreadLocale
GetStringTypeExW
lstrlenW
MulDiv
ReleaseActCtx
CreateActCtxW
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
SuspendThread
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetTickCount
PulseEvent
InterlockedDecrement
InterlockedIncrement
GetExitCodeThread
ActivateActCtx
SetEnvironmentVariableA

user32

GetDialogBaseUnits
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CopyAcceleratorTableW
GetSystemMenu
DeleteMenu
SetClassLongW
NotifyWinEvent
DestroyAcceleratorTable
SetParent
IsZoomed
UnregisterClassW
RealChildWindowFromPoint
WaitMessage
ShowOwnedPopups
SetWindowContextHelpId
RegisterClipboardFormatW
DrawIcon
UnpackDDElParam
ReuseDDElParam
LoadImageW
InsertMenuItemW
CreatePopupMenu
TranslateMDISysAccel
BringWindowToTop
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
IsClipboardFormatAvailable
DrawIconEx
SetWindowRgn
DrawFocusRect
DrawFrameControl
DrawEdge
DrawStateW
WindowFromPoint
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
MsgWaitForMultipleObjectsEx
MapVirtualKeyW
GetKeyNameTextW
MapDialogRect
GetAsyncKeyState
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetSysColorBrush
EnumDisplayMonitors
DestroyMenu
GetMenuItemInfoW
GetMessageW
GetActiveWindow
ValidateRect
GetWindowThreadProcessId
GetMenuStringW
AppendMenuW
InsertMenuW
RemoveMenu
CharUpperW
IsWindowEnabled
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
SetMenuDefaultItem
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
IsWindow
ReleaseDC
InflateRect
CopyIcon
PostMessageW
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
GetSubMenu
GetMenuItemID
MessageBoxW
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetMenuDefaultItem
CopyImage
GetIconInfo
GetDoubleClickTime
PostThreadMessageW
CharNextW
InvalidateRgn
GetNextDlgGroupItem
InvertRect
HideCaret
CreateMenu
GetUpdateRect
CharUpperBuffW
IsCharLowerW
GetDlgCtrlID
CallWindowProcW
GetMenu
PostQuitMessage
RedrawWindow
SetLayeredWindowAttributes
DispatchMessageW
TranslateMessage
ClientToScreen
SetWindowPos
GetWindowLongW
MapVirtualKeyExW
SubtractRect
MessageBoxA
GetWindowRgn
DestroyCursor
SetMenuItemBitmaps
GetDCEx
LoadIconW
GetMenuItemCount
OffsetRect
SetRectEmpty
SystemParametersInfoW
IsRectEmpty
FindWindowW
CopyRect
LockWindowUpdate
IntersectRect
SetRect
GetFocus
ScreenToClient
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
FrameRect
MessageBeep
GetWindow
LoadMenuW
LoadAcceleratorsW
GetTabbedTextExtentA
AdjustWindowRect
RegisterClassA
DefMDIChildProcA
DefDlgProcW
DefDlgProcA
DefFrameProcA
DefWindowProcA
CallWindowProcA
LoadStringW
IsWindowUnicode
GetWindowLongA
SetWindowLongA
LookupIconIdFromDirectoryEx
GetCursor
GetClipboardData
GetKeyboardLayoutList
OpenInputDesktop
GetUserObjectInformationW
CloseDesktop
wsprintfW
ShowCaret
CreateIconFromResourceEx
CreateIconIndirect
mouse_event
TranslateAcceleratorW
GetSystemMetrics
DestroyIcon
GetCursorPos
FillRect
PtInRect
ReleaseCapture
SetCapture
GetClassInfoW
DefWindowProcW
LoadCursorW
KillTimer
InvalidateRect
SetTimer
GetClientRect
SetCursor
GetWindowRect
GetParent
GetCapture
EnableWindow
GetDC
SetWindowLongW
SendMessageW
EqualRect
IsWindowVisible
UpdateWindow
RegisterWindowMessageW
EnumWindows
SetForegroundWindow
SendMessageTimeoutW
ShowWindow
IsIconic
GetSysColor

gdi32

SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
GetClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateBitmap
CreateCompatibleDC
SelectPalette
GetObjectType
CreatePen
CreateHatchBrush
SetStretchBltMode
SetRectRgn
CombineRgn
PatBlt
DPtoLP
CopyMetaFileW
CreateDCW
CreateDIBitmap
CreateCompatibleBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
CreateDIBSection
CreateEllipticRgn
CreatePolygonRgn
GetBkColor
GetTextColor
Polyline
Ellipse
Polygon
CreateRoundRectRgn
LPtoDP
GetCharWidthW
CreateFontW
StretchDIBits
GetCurrentObject
EnumFontFamiliesExW
OffsetRgn
GetRgnBox
Rectangle
SetDIBColorTable
GetDIBits
RealizePalette
StretchBlt
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
RoundRect
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextAlign
GetTextFaceW
SetPixelV
GetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
CreateSolidBrush
DeleteObject
ExtCreateRegion
SetBrushOrgEx
GetBitmapBits
GetTextExtentPoint32A
StrokePath
FillPath
StrokeAndFillPath
EndPath
CloseFigure
BeginPath
GetDeviceCaps
SetPixel
GetTextExtentPoint32W
CreateFontIndirectW
GetObjectW
GetStockObject
CreateRectRgnIndirect
LineTo
GetICMProfileW

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueW
RegCloseKey
GetCurrentHwProfileW
RegQueryValueExW
RegSetValueExW
RegSetValueW
SetFileSecurityW
GetFileSecurityW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegEnumValueW
RegEnumKeyExW
RegOpenKeyExW

shell32

SHGetMalloc
DragQueryFileW
SHFileOperationW
SHGetFileInfoW
DragAcceptFiles
DragFinish
SHAppBarMessage
ExtractIconW
SHAddToRecentDocs
SHGetDesktopFolder
SHBrowseForFolderW
ShellExecuteW
SHGetSpecialFolderLocation
SHGetPathFromIDListW

comctl32

InitCommonControlsEx
ImageList_GetIconSize
_TrackMouseEvent
FlatSB_GetScrollProp
ImageList_GetBkColor
ImageList_GetImageInfo
ImageList_DrawIndirect
ImageList_GetImageCount
ImageList_Destroy
ImageList_DrawEx

shlwapi

StrStrW
PathQuoteSpacesW
StrToIntW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathRemoveExtensionW
PathFindFileNameW

ole32

CreateStreamOnHGlobal
OleRun
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
CoRevokeClassObject
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoCreateGuid
CoDisconnectObject
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
OleGetClipboard
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoInitializeEx
CoCreateInstance
CoUninitialize
OleDuplicateData
StringFromCLSID
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoInitialize

oleaut32

SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringByteLen
SysStringByteLen
SysStringLen
SysAllocString
LoadTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SysFreeString
VariantTimeToSystemTime
SafeArrayDestroy
OleCreateFontIndirect
VarBstrFromDate
VarDateFromStr
VariantCopy
SystemTimeToVariantTime
OleLoadPicturePath
VarUdateFromDate
VariantChangeTypeEx

oledlg

OleUIAddVerbMenuW
OleUIBusyW

gdiplus

GdipFillRectangle
GdipDrawString
GdipGetDC
GdipReleaseDC
GdipCreateLineBrushFromRect
GdipCreatePen1
GdipDeletePen
GdipDrawLineI
GdipGetGenericFontFamilySansSerif
GdipSetPenDashStyle
GdipDrawLine
GdipSetClipRectI
GdipFillPolygon
GdipDrawLines
GdipFlush
GdipDrawCurve
GdipCreateBitmapFromStream
GdipSetImagePalette
GdipSetSmoothingMode
GdipSetCompositingMode
GdipMeasureString
GdipSetPixelOffsetMode
GdipCreateBitmapFromGraphics
GdipDrawRectangleI
GdipDrawImageRect
GdipFillRectanglesI
GdipFillRectangleI
GdiplusStartup
GdiplusShutdown
GdipCreateBitmapFromHBITMAP
GdipGetImagePaletteSize
GdipGetImagePalette
GdipSetStringFormatFlags
GdipFree
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeleteFont
GdipDisposeImage
GdipCreateFont
GdipDeleteFontFamily
GdipAlloc
GdipCreateFontFamilyFromName
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreateBitmapFromFile
GdipDrawImageI
GdipDrawImageRectI
GdipSetInterpolationMode
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipCloneBitmapAreaI
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImagePointRectI
GdipDeleteGraphics
GdipCreateFromHDC
GdipCloneImage
GdipCreateBitmapFromResource
GdipSetCompositingQuality

iphlpapi

GetAdaptersAddresses

ws2_32

htons
htonl
ntohl
ntohs

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

wininet

InternetConnectW
HttpOpenRequestW
InternetQueryDataAvailable
InternetCloseHandle
InternetGetLastResponseInfoW
InternetOpenW
InternetSetStatusCallbackW
InternetSetFilePointer
InternetWriteFile
InternetReadFile
HttpSendRequestW

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

imagehlp

ImageDirectoryEntryToData

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 987KB - Virtual size: 987KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 353KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nv_fatb
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nvFatBi
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 897KB - Virtual size: 896KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 391KB - Virtual size: 391KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a79e5093d489e22684b041080c5b5295

Headers

DLL Characteristics

File Characteristics

Imports

mscms

cudart32_50_35

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

iphlpapi

ws2_32

oleacc

wininet

imm32

winmm

imagehlp

Sections

.text Size: 3.9MB - Virtual size: 3.9MB

.rdata Size: 987KB - Virtual size: 987KB

.data Size: 353KB - Virtual size: 1.2MB

.nv_fatb Size: 126KB - Virtual size: 125KB

.nvFatBi Size: 512B - Virtual size: 16B

.rsrc Size: 897KB - Virtual size: 896KB

.reloc Size: 391KB - Virtual size: 391KB

.text
Size: 3.9MB - Virtual size: 3.9MB

.rdata
Size: 987KB - Virtual size: 987KB

.data
Size: 353KB - Virtual size: 1.2MB

.nv_fatb
Size: 126KB - Virtual size: 125KB

.nvFatBi
Size: 512B - Virtual size: 16B

.rsrc
Size: 897KB - Virtual size: 896KB

.reloc
Size: 391KB - Virtual size: 391KB