2024-04-28_7f56227d04d09d9d58649fef15a7dc44_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-28_7f56227d04d09d9d58649fef15a7dc44_mafia
Size

15.9MB
MD5

7f56227d04d09d9d58649fef15a7dc44
SHA1

1d95351853a2a7c3ca4b7a5eff9f4397e218f574
SHA256

3bb7cf4d982b615213672b3604050256139d0bfccbe074f5dc590bf550483dfd
SHA512

6c8671b861fc5b9a75efcb2320d69708fb88a62abc0ad4cac32d5a51d7e5f8697dcbec5f893131bca7fa6361e4110a4f3bc60435afe02f4e7d6cd14c8afbdc48
SSDEEP

196608:+uaVPZu3F5XEDVtOPSrR8i0lHVqyF3v/sox:+aEzOKx+nFx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-28_7f56227d04d09d9d58649fef15a7dc44_mafia

Files

2024-04-28_7f56227d04d09d9d58649fef15a7dc44_mafia
.exe windows:5 windows x86 arch:x86

3c6b695afce8662a8ba95c1043bb698d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

closesocket
connect
bind
listen
recv
send
WSAGetLastError
WSAStartup
WSACleanup
WSAAsyncSelect
accept
socket
ntohs
setsockopt
gethostname
getsockopt
inet_addr
ioctlsocket
gethostbyname
getservbyname
htons
htonl
getpeername

kernel32

lstrcpyA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFullPathNameA
GetProcessHeap
HeapCompact
CreateDirectoryA
GetLocalTime
GetLastError
SetThreadPriority
GetCommTimeouts
SetCommTimeouts
GetVersionExA
WaitForSingleObject
Sleep
CreateFileW
SetEnvironmentVariableA
CompareStringW
SetCurrentDirectoryW
GetCurrentDirectoryW
WriteConsoleW
SetStdHandle
GetDriveTypeW
GetConsoleMode
GetConsoleCP
GetStringTypeW
MoveFileA
LoadLibraryA
GetProcAddress
FreeLibrary
GetTempPathA
GetSystemTime
lstrlenA
LocalLock
MultiByteToWideChar
FlushFileBuffers
SetFilePointer
WriteFile
GetFileSize
DeleteFileA
WideCharToMultiByte
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetTickCount
InitializeCriticalSection
CreateFileA
GetCommState
SetCommState
ReadFile
CreateThread
MulDiv
CreateMutexA
CloseHandle
lstrcmpiA
CreateProcessA
GetModuleFileNameA
WinExec
FindFirstFileA
FindNextFileA
FindClose
GetModuleFileNameW
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
LoadLibraryW
SetConsoleCtrlHandler
FatalAppExitA
InitializeCriticalSectionAndSpinCount
HeapSize
IsValidCodePage
GetOEMCP
GetACP
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
EncodePointer
DecodePointer
InterlockedCompareExchange
GetCurrentProcessId
IsBadReadPtr
TlsGetValue
TlsSetValue
WaitForSingleObjectEx
OutputDebugStringA
GetCurrentThreadId
GetLocaleInfoA
SetLastError
LocalFree
FormatMessageA
FreeResource
LockResource
GetModuleHandleA
FindResourceA
FindResourceExA
LoadResource
SetErrorMode
ReleaseMutex
ReleaseSemaphore
WaitForMultipleObjectsEx
DuplicateHandle
GetCurrentThread
GetCurrentProcess
SuspendThread
ResumeThread
GetExitCodeThread
TlsAlloc
TlsFree
GlobalLock
GlobalUnlock
GlobalHandle
GlobalFree
GlobalAlloc
GlobalSize
GetProfileStringA
FileTimeToSystemTime
SystemTimeToFileTime
HeapAlloc
HeapCreate
HeapFree
HeapDestroy
GetVersion
GetSystemInfo
SetEndOfFile
LockFile
UnlockFile
GetFileTime
GetFileAttributesA
OpenFile
GetProfileIntA
GetPrivateProfileIntA
GetPrivateProfileStringA
WriteProfileStringA
WritePrivateProfileStringA
GetStdHandle
LocalReAlloc
LocalUnlock
LocalHandle
GetComputerNameA
GetSystemDirectoryA
GetWindowsDirectoryA
GetTempFileNameA
GetShortPathNameA
RemoveDirectoryA
MoveFileExA
CopyFileA
SetFileAttributesA
SetFileTime
lstrlenW
FileTimeToLocalFileTime
LocalFileTimeToFileTime
RtlUnwind
RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetSystemTimeAsFileTime
GetModuleHandleW
ExitProcess
GetCommandLineA
HeapSetInformation
GetStartupInfoW
LCMapStringW
GetCPInfo
HeapReAlloc
ExitThread
GetTimeZoneInformation
IsProcessorFeaturePresent
GetLocaleInfoW

user32

InvalidateRect
CreateDialogParamA
SetFocus
GetFocus
GetNextDlgTabItem
WinHelpA
DestroyCursor
SetCursor
LoadCursorA
GetAsyncKeyState
GetKeyState
PostMessageA
MessageBoxExA
GetSystemMetrics
DrawTextA
SendDlgItemMessageA
LoadBitmapA
GetWindowTextA
DrawFocusRect
SetWindowTextA
GetCursorPos
WindowFromPoint
ReleaseCapture
SetCapture
DefWindowProcA
TranslateAcceleratorA
SetParent
GetDlgCtrlID
CallWindowProcA
GetWindowLongA
GetWindowThreadProcessId
SystemParametersInfoA
FindWindowA
RegisterWindowMessageA
DestroyMenu
RegisterClassA
GetWindow
ScreenToClient
GetDlgItemInt
SetWindowPos
GetMenuItemID
SetScrollInfo
GetScrollInfo
GetUpdateRgn
wvsprintfA
SetWindowLongA
IsZoomed
GetWindowTextLengthA
GetWindowPlacement
GetDlgItem
IsChild
GetMenu
GetLastActivePopup
GetActiveWindow
wsprintfA
GetClipboardFormatNameA
MsgWaitForMultipleObjects
EnumThreadWindows
HideCaret
SetCursorPos
LoadAcceleratorsA
LoadMenuA
LoadIconA
ModifyMenuA
CheckMenuItem
GetMenuState
IsMenu
GetClassNameA
LoadImageA
DrawIcon
UnregisterClassA
GetClassInfoA
SetWindowPlacement
ShowScrollBar
SetMenu
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
CreateMenu
GetSubMenu
DefFrameProcA
DefMDIChildProcA
GetSysColor
TabbedTextOutA
DrawTextExA
DrawFrameControl
GrayStringA
DrawEdge
ReleaseDC
GetWindowDC
LoadMenuIndirectA
GetMenuDefaultItem
SetMenuDefaultItem
CheckMenuRadioItem
GetMenuItemInfoA
SetMenuItemInfoA
InsertMenuItemA
CreatePopupMenu
InsertMenuA
TranslateMDISysAccel
GetClipboardData
SetClipboardData
CreateDialogIndirectParamA
KillTimer
DialogBoxIndirectParamA
DialogBoxParamA
EndDialog
GetDC
GetSysColorBrush
BeginPaint
EndPaint
WaitMessage
CopyIcon
CreateCursor
CreateIconFromResource
CreateIconIndirect
RemoveMenu
MapWindowPoints
DrawStateA
GetIconInfo
MessageBeep
IsClipboardFormatAvailable
GetDialogBaseUnits
InvertRect
GetDlgItemTextA
SetDlgItemTextA
EnableScrollBar
ScrollWindow
GetCapture
CloseClipboard
OpenClipboard
EnumClipboardFormats
TrackPopupMenu
ClientToScreen
ShowCaret
SetCaretPos
DestroyCaret
CreateCaret
GetClientRect
CreateWindowExA
ShowWindow
MoveWindow
DestroyWindow
SetActiveWindow
DrawMenuBar
IsWindowVisible
PeekMessageA
TranslateMessage
DispatchMessageA
IsWindow
IsWindowEnabled
SendMessageA
SetForegroundWindow
IsDialogMessageA
GetParent
SetMenuItemBitmaps
GetMenuItemCount
DeleteMenu
AppendMenuA
SetTimer
UpdateWindow
GetDesktopWindow
GetWindowRect
PostQuitMessage
FillRect
GetSystemMenu
EnableMenuItem
IsIconic
GetMenuStringA
EnableWindow

gdi32

PlayEnhMetaFile
DeleteEnhMetaFile
SetEnhMetaFileBits
CopyEnhMetaFileA
GetEnhMetaFileA
CreatePalette
GetMetaFileBitsEx
DeleteMetaFile
CopyMetaFileA
SetMetaFileBitsEx
GetMetaFileA
CreateICA
GetObjectType
Rectangle
CreateRectRgn
CombineRgn
CreateRectRgnIndirect
CreateEllipticRgnIndirect
CreateRoundRectRgn
CreatePolygonRgn
CreatePolyPolygonRgn
PlayMetaFile
EndDoc
EndPage
Escape
StartPage
StartDocA
GetStockObject
EnumFontFamiliesA
SetStretchBltMode
SetDIBitsToDevice
StretchBlt
PatBlt
SetPixel
Polygon
ExtTextOutA
StretchDIBits
LineTo
DPtoLP
GetTextMetricsA
GetObjectA
GetTextExtentPoint32A
SetBkMode
BitBlt
AddFontResourceA
SetBkColor
SelectObject
SelectPalette
GetCurrentObject
SaveDC
RestoreDC
GetDeviceCaps
ResetDCA
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
CreateDCA
MaskBlt
GetTextColor
GetBkColor
GetClipRgn
SelectClipRgn
IntersectClipRect
GetViewportOrgEx
DeviceCapabilitiesExA
SetAbortProc
GetDIBits
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
ExtCreatePen
CreatePenIndirect
CreatePen
DeleteObject
CreateFontIndirectA
CreateFontA
CreateDIBPatternBrush
CreateBrushIndirect
CreatePatternBrush
CreateHatchBrush
CreateSolidBrush
RealizePalette
CreateDIBitmap
CreateDiscardableBitmap
CreateCompatibleBitmap
CreateBitmapIndirect
CreateBitmap
CreateCompatibleDC
DeleteDC
TextOutA
ScaleWindowExtEx
SetWindowExtEx
MoveToEx

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegFlushKey

ole32

StgOpenStorage
StgIsStorageFile
OleUninitialize
WriteClassStg
ReadClassStg
OleInitialize
CLSIDFromString
StringFromGUID2
StgCreateDocfile
CoCreateGuid

zlib1

compress
crc32
uncompress

shell32

SHGetFileInfoA

oleaut32

SysAllocString

Sections

.text
Size: 11.6MB - Virtual size: 11.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 160KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 806KB - Virtual size: 806KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 889KB - Virtual size: 889KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c6b695afce8662a8ba95c1043bb698d

Headers

DLL Characteristics

File Characteristics

Imports

wsock32

kernel32

user32

gdi32

comdlg32

advapi32

ole32

zlib1

shell32

oleaut32

Sections

.text Size: 11.6MB - Virtual size: 11.6MB

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 2.5MB - Virtual size: 2.5MB

.data Size: 160KB - Virtual size: 175KB

.idata Size: 15KB - Virtual size: 14KB

.rsrc Size: 806KB - Virtual size: 806KB

.reloc Size: 889KB - Virtual size: 889KB

.text
Size: 11.6MB - Virtual size: 11.6MB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2.5MB - Virtual size: 2.5MB

.data
Size: 160KB - Virtual size: 175KB

.idata
Size: 15KB - Virtual size: 14KB

.rsrc
Size: 806KB - Virtual size: 806KB

.reloc
Size: 889KB - Virtual size: 889KB