2024-04-28_3d71cbe73a3a55d1eef89ac047d83860_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-04-28_3d71cbe73a3a55d1eef89ac047d83860_mafia
Size

3.2MB
MD5

3d71cbe73a3a55d1eef89ac047d83860
SHA1

263055311783458ff6f7170d7231ee6acd3d570a
SHA256

3bf727ca11d488c1049e2785368813d7b62e6755793af8ca4e73888e19628e19
SHA512

a60c5dbe61973340bcd4a031f847ddeeac32640bebcec20e34a053b464d0dbe3a0c4a0b6b1f1c9e16930a92fd6e5ee0fcbb3b6b610eec771f0ea32cb3ffef634
SSDEEP

49152:2f+r1igBegCRzbAETE3zr5BRlxT6WxuBUB04OkXHSpA:WYIBAEGzcWxuBG04/XHSpA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-28_3d71cbe73a3a55d1eef89ac047d83860_mafia

Files

2024-04-28_3d71cbe73a3a55d1eef89ac047d83860_mafia
.exe windows:5 windows x86 arch:x86

68b8744107fbc416dc5d69cc0f1313bf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\all in one\vcproject\slotbi2\Release\slotbi2.pdb

Imports

kernel32

FindNextFileW
CloseHandle
lstrcpyW
lstrcmpW
lstrlenW
lstrcatW
GetModuleHandleW
ResetEvent
WaitForSingleObject
GetCurrentThreadId
CreateEventW
SetEvent
GetProcAddress
LoadLibraryW
WriteFile
CreateFileW
DeleteFileW
GetTempPathW
GlobalUnlock
GlobalLock
GlobalSize
GlobalFree
GlobalAlloc
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitProcess
GetVersionExW
GetSystemInfo
FreeLibrary
GetOEMCP
QueryPerformanceCounter
QueryPerformanceFrequency
GlobalMemoryStatus
OutputDebugStringW
CreateFileA
SetFilePointer
ExitThread
ResumeThread
SetThreadPriority
CreateThread
LoadLibraryA
WideCharToMultiByte
MultiByteToWideChar
GetLocalTime
lstrlenA
GetCurrentDirectoryW
SetCurrentDirectoryW
HeapFree
GetProcessHeap
FindClose
SuspendThread
GetCurrentThread
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
GetTempFileNameW
ReadFile
GetExitCodeThread
GetFileSize
HeapReAlloc
WaitForMultipleObjects
GetThreadPriority
GetTickCount
MulDiv
lstrcpynW
InterlockedIncrement
InterlockedDecrement
CreateSemaphoreW
ReleaseSemaphore
VirtualAlloc
VirtualFree
GetCommandLineW
HeapSetInformation
GetStartupInfoW
DecodePointer
EncodePointer
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetConsoleCP
GetConsoleMode
GetUserDefaultLCID
GetLocaleInfoW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
GetCurrentProcessId
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
HeapSize
FlushFileBuffers
LCMapStringW
SetStdHandle
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
Sleep
GetCurrentProcess
FindFirstFileW
HeapAlloc
SetPriorityClass

user32

SetWindowsHookExW
SystemParametersInfoW
UpdateWindow
ClipCursor
GetClipboardData
CloseClipboard
IsClipboardFormatAvailable
OpenClipboard
SetClipboardData
EmptyClipboard
SetWindowRgn
GetMenuItemInfoW
GetMenuItemCount
PostMessageW
ShowCursor
GetCursorPos
MessageBoxW
UnhookWindowsHookEx
ChangeDisplaySettingsW
SetWindowPos
SetForegroundWindow
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
SetActiveWindow
SetWindowLongW
ClientToScreen
DrawMenuBar
MoveWindow
DefWindowProcW
SetCursor
PostQuitMessage
DestroyWindow
FillRect
CreateWindowExW
DestroyMenu
BringWindowToTop
RegisterClassExW
LoadCursorW
FindWindowW
UnregisterClassW
GetDesktopWindow
GetKeyboardState
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
IsDialogMessageW
PeekMessageW
SetTimer
KillTimer
EnumDisplaySettingsW
PostThreadMessageW
GetQueueStatus
RegisterWindowMessageW
MsgWaitForMultipleObjects
SetWindowTextW
SetMenu
GetWindowRect
GetDC
ReleaseDC
LoadIconW
CallWindowProcW
EndPaint
GetClientRect
BeginPaint
GetWindowLongW
ShowWindow
AdjustWindowRectEx
GetSystemMetrics
SendMessageW
SetClassLongW

gdi32

GetTextExtentPoint32W
SetBkMode
GetGlyphOutlineW
SetBkColor
SetTextColor
StretchDIBits
SetDIBitsToDevice
GetStockObject
TextOutW
GetDeviceCaps
CreateFontW
CreateDIBSection
EnumFontFamiliesExW
CreateCompatibleDC
CreateSolidBrush
Rectangle
SelectObject
DeleteObject
GetObjectW
DeleteDC
GetTextMetricsW

advapi32

IsTextUnicode

ole32

CoInitialize
CoUninitialize
CoCreateInstance

shell32

DragFinish
DragQueryFileW
DragAcceptFiles

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 275KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 593KB - Virtual size: 134.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 441KB - Virtual size: 440KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68b8744107fbc416dc5d69cc0f1313bf

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

ole32

shell32

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 275KB - Virtual size: 274KB

.data Size: 593KB - Virtual size: 134.6MB

.rsrc Size: 15KB - Virtual size: 15KB

.reloc Size: 441KB - Virtual size: 440KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 275KB - Virtual size: 274KB

.data
Size: 593KB - Virtual size: 134.6MB

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 441KB - Virtual size: 440KB