2024-04-28_d3e895de2557a57ff15feff8ec2b0a89_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-04-28_d3e895de2557a57ff15feff8ec2b0a89_mafia
Size

2.9MB
MD5

d3e895de2557a57ff15feff8ec2b0a89
SHA1

7df68b23dbce7d3b2336e85d75241689e71b12fd
SHA256

6d44631d41c148ff3368a0f0dd356f9a13f4ee86d92a017477e6133c2e2f0496
SHA512

f10779137f96982d2cb1c285422187e4bae06eeaae006bb3b37f78a20d69d1d9f4f1c230d5bc6d8d4fe11649c4bb183624e3ea8c5b435f4bf79d05f4147468b7
SSDEEP

49152:RsQ1VFb7CPdXpnh2Ix7Gyv/cQIkXSEmUw7CuZfNbBdVPyZi92lFTc:O2mdXpnh2sJB/XSWw7CQBdUZi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-28_d3e895de2557a57ff15feff8ec2b0a89_mafia

Files

2024-04-28_d3e895de2557a57ff15feff8ec2b0a89_mafia
.exe windows:5 windows x86 arch:x86

f8bcc128140344ece13e42b88812042e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
TlsAlloc
TlsFree
GetProcAddress
SetThreadPriority
TerminateThread
GetExitCodeThread
SetErrorMode
LocalFree
FormatMessageW
GetSystemTimeAsFileTime
OutputDebugStringW
FindNextFileW
LoadLibraryW
FreeLibrary
SetThreadLocale
GetUserDefaultUILanguage
ExpandEnvironmentStringsW
MulDiv
SetLastError
TlsSetValue
WriteConsoleW
FillConsoleOutputCharacterW
SetConsoleCursorPosition
GetConsoleScreenBufferInfo
FreeConsole
ReadConsoleOutputCharacterA
AttachConsole
GetStdHandle
GlobalLock
GlobalUnlock
GlobalAlloc
GlobalSize
GlobalFree
GlobalHandle
EncodePointer
DecodePointer
InterlockedExchange
HeapFree
RtlUnwind
ExitProcess
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapReAlloc
HeapAlloc
SetStdHandle
InitializeCriticalSectionAndSpinCount
DeleteFileW
MoveFileW
CreateDirectoryW
GetFullPathNameW
ExitThread
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
GetTimeFormatW
GetDateFormatW
LCMapStringW
IsProcessorFeaturePresent
HeapCreate
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapSize
GetOEMCP
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetTickCount
GetStringTypeW
CompareStringW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetCurrentDirectoryW
GetDriveTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetEndOfFile
GetProcessHeap
InterlockedDecrement
InterlockedIncrement
RaiseException
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetHandleInformation
CreateProcessW
CreateThread
ResumeThread
CreatePipe
WaitForMultipleObjects
GetExitCodeProcess
SetNamedPipeHandleState
PeekNamedPipe
WriteFile
ReadFile
GetThreadLocale
GetLocaleInfoW
GetACP
CopyFileW
SetCurrentDirectoryW
GetFileType
TerminateProcess
LoadResource
LockResource
SizeofResource
GetModuleFileNameW
GetNativeSystemInfo
GetVersionExW
IsValidCodePage
GetCPInfo
IsDebuggerPresent
GetCurrentProcess
GetEnvironmentVariableW
FindResourceW
GetTempFileNameW
GetLongPathNameW
FindFirstFileW
FindClose
GetShortPathNameW
GetTempPathW
GetFileAttributesW
CreateFileW
GetLastError
MultiByteToWideChar
WideCharToMultiByte
QueryPerformanceFrequency
GetLogicalDriveStringsW
GetCurrentProcessId
OpenProcess
SetPriorityClass
CreateMutexW
CreateEventW
SetEvent
CloseHandle
GetModuleHandleW
WaitForSingleObject
Sleep
WriteConsoleA
GetCommandLineW

user32

MonitorFromWindow
SetWindowRgn
CreateDialogParamW
GetDlgItem
FindWindowExW
MessageBeep
SetRect
GetClassNameW
GetWindowTextW
GetWindowTextLengthW
SetMenu
RegisterWindowMessageW
GetProcessDefaultLayout
LoadCursorW
DrawTextW
SetRectEmpty
DrawStateW
DrawFocusRect
LoadBitmapW
GetIconInfo
LoadImageW
CreateIconIndirect
DestroyIcon
GetCaretBlinkTime
GetDoubleClickTime
GetMenuState
CheckMenuItem
CheckMenuRadioItem
GetMenuItemID
GetSubMenu
GetSysColorBrush
SetMenuItemInfoW
DrawFrameControl
DrawEdge
DestroyMenu
AppendMenuW
CreateMenu
RemoveMenu
InsertMenuW
SetMenuInfo
InsertMenuItemW
CreatePopupMenu
ModifyMenuW
GetMessageW
ValidateRect
DestroyAcceleratorTable
CreateAcceleratorTableW
TranslateAcceleratorW
DrawIconEx
DestroyCursor
BeginPaint
EndPaint
GetWindowDC
UnionRect
GetDesktopWindow
GetComboBoxInfo
ChildWindowFromPoint
HideCaret
keybd_event
IsMenu
IsRectEmpty
ValidateRgn
MonitorFromPoint
ChangeDisplaySettingsExW
EnumDisplayMonitors
EnumDisplaySettingsW
GetClipboardFormatNameW
RegisterClipboardFormatW
IsClipboardFormatAvailable
SystemParametersInfoW
GetMessageTime
EndDeferWindowPos
GetWindow
GetMonitorInfoW
IsWindowEnabled
IsWindowVisible
GetSysColor
MapWindowPoints
UpdateWindow
RedrawWindow
SetParent
GetParent
ScrollWindow
EnableScrollBar
SetScrollInfo
GetScrollInfo
SetCursorPos
ReleaseCapture
SetCapture
AnimateWindow
EnableWindow
SetFocus
GetFocus
GetClientRect
GetKeyState
GetSystemMetrics
GetAsyncKeyState
VkKeyScanW
MapVirtualKeyW
TranslateMessage
PostQuitMessage
ClientToScreen
ScreenToClient
GetCursorPos
GetMessagePos
InvalidateRect
GetWindowRect
GetDialogBaseUnits
CreateDialogIndirectParamW
SetWindowTextW
MoveWindow
SetWindowPos
SetLayeredWindowAttributes
FlashWindowEx
GetSystemMenu
EnableMenuItem
DrawMenuBar
GetWindowPlacement
IsIconic
IsZoomed
GetWindowLongW
SetWindowLongW
SetTimer
KillTimer
DispatchMessageW
MsgWaitForMultipleObjects
DdePostAdvise
DdeConnect
DdeNameService
DdeCreateStringHandleW
DdeClientTransaction
DdeDisconnect
DdeInitializeW
DdeGetLastError
DdeCreateDataHandle
DdeGetData
DdeFreeDataHandle
DdeQueryStringW
DdeUninitialize
DdeFreeStringHandle
PostThreadMessageW
WaitForInputIdle
PeekMessageW
UnregisterClassW
DestroyWindow
DefWindowProcW
PostMessageW
RegisterClassW
BringWindowToTop
CreateWindowExW
GetUpdateRgn
IsWindow
GetMenuItemCount
SendMessageW
MessageBoxW
OffsetRect
CopyRect
BeginDeferWindowPos
InflateRect
LoadIconW
EndDialog
SetClassLongW
ReleaseDC
GetDC
DialogBoxParamW
SetForegroundWindow
ShowWindow
GetMenuItemInfoW
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
FillRect
CallWindowProcW
TrackPopupMenu
DeferWindowPos
PtInRect
SetCursor
GetCapture
UnregisterHotKey
RegisterHotKey
ChildWindowFromPointEx
IsDialogMessageW
GetActiveWindow
WindowFromPoint

gdi32

GetDeviceCaps
GetOutlineTextMetricsW
DeleteObject
CreateFontIndirectW
GetRegionData
ExtCreateRegion
OffsetRgn
ExcludeClipRect
CreateRectRgn
SelectPalette
RealizePalette
SetBrushOrgEx
GdiFlush
GetTextMetricsW
GetSystemPaletteEntries
EnumFontFamiliesExW
SetViewportOrgEx
CreateDCW
GetDIBColorTable
SetDIBColorTable
CreateDIBitmap
GetDIBits
CreateDIBSection
CreateICW
CreatePen
LineTo
MoveToEx
ExtTextOutW
SetBkColor
GetBkColor
SetTextColor
SetBkMode
CreateSolidBrush
GetObjectW
CreateCompatibleDC
DeleteDC
BitBlt
CreateCompatibleBitmap
CreateBitmap
CreateBitmapIndirect
GetStockObject
GetTextExtentPoint32W
GetRgnBox
EqualRgn
PtInRegion
RectInRegion
CreatePolygonRgn
CombineRgn
GetLayout
SetLayout
SetPolyFillMode
GetClipBox
GetWindowExtEx
GetViewportExtEx
GetGraphicsMode
SetROP2
SetGraphicsMode
ModifyWorldTransform
SetStretchBltMode
ExtFloodFill
GetPixel
SetPixel
Polyline
PolyBezier
SetWindowOrgEx
SetWindowExtEx
SetViewportExtEx
SetMapMode
LPtoDP
DPtoLP
SetWorldTransform
GetWorldTransform
ExtSelectClipRgn
SelectClipRgn
Arc
Pie
Polygon
PolyPolygon
Rectangle
RoundRect
Ellipse
GetObjectType
MaskBlt
StretchDIBits
StretchBlt
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
CreatePatternBrush
CreateHatchBrush
GetCharABCWidthsW
GetTextExtentExPointW
CreateRectRgnIndirect
ExtCreatePen
SelectObject

shell32

DragFinish
SHGetFolderPathW
CommandLineToArgvW
ExtractIconExW
DragQueryPoint
SHGetFileInfoW
ShellExecuteExW
DragQueryFileW
ord6
ExtractIconW
Shell_NotifyIconW

advapi32

FreeSid
AllocateAndInitializeSid
CheckTokenMembership
RegCloseKey
GetUserNameW
RegOpenKeyExW
RegCreateKeyExW
RegEnumValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegQueryValueExW

urlmon

URLDownloadToFileW

zenwinx

winx_set_killer
winx_tolower
winx_heap_free
winx_flush_dbg_log
winx_dbg_print
winx_get_os_version
winx_wcsdup
winx_check_credentials
winx_vswprintf

udefrag

udefrag_init_library
udefrag_get_volume_information
udefrag_validate_volume
udefrag_start_job
udefrag_get_error_description
udefrag_set_log_file_path

lua5.1a

luaL_newstate
lua_pcall
lua_type
lua_settop
luaL_loadfile
lua_tolstring
lua_gc
luaL_openlibs
lua_pushnumber
lua_setfield
lua_close

msimg32

AlphaBlend
GradientFill

comctl32

ImageList_Replace
ImageList_GetImageInfo
ImageList_SetBkColor
ImageList_Draw
ImageList_Create
ord17
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Destroy
ord16
ImageList_Add

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
ChooseFontW

ole32

CoInitializeEx
CoUninitialize
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
ReleaseStgMedium
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
OleInitialize
OleGetClipboard
OleUninitialize

uxtheme

GetThemePartSize
GetThemeInt
GetThemeSysFont
GetThemeMargins
GetThemeBackgroundContentRect
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
DrawThemeBackground
GetThemeColor
OpenThemeData
IsThemePartDefined
GetCurrentThemeName
SetWindowTheme
GetThemeBackgroundExtent
GetThemeFont
IsAppThemed
IsThemeActive
CloseThemeData
GetThemeSysColor

shlwapi

SHAutoComplete
PathMatchSpecW

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 589KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 234KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8bcc128140344ece13e42b88812042e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

urlmon

zenwinx

udefrag

lua5.1a

msimg32

comctl32

comdlg32

ole32

uxtheme

shlwapi

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 589KB - Virtual size: 588KB

.data Size: 50KB - Virtual size: 227KB

.rsrc Size: 71KB - Virtual size: 71KB

.reloc Size: 234KB - Virtual size: 234KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 589KB - Virtual size: 588KB

.data
Size: 50KB - Virtual size: 227KB

.rsrc
Size: 71KB - Virtual size: 71KB

.reloc
Size: 234KB - Virtual size: 234KB