2024-04-29_1a74101c13cff082bf8df100e01acd16_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-29_1a74101c13cff082bf8df100e01acd16_mafia
Size

2.2MB
MD5

1a74101c13cff082bf8df100e01acd16
SHA1

2c23a8c9204bad9775838660940e921099ed7f9e
SHA256

cd07e1c315c85e49d7feff8f689d577802476f750b4489d86ee4350ff7080982
SHA512

fcf288878c700f1cc9e901942aec3fca99b95c184e25d5262e3899c3c5ad1d961df11cd46e99f7ab2b24e895f8b687d30e03d13ec93fea1695caa53f1e9ba6d1
SSDEEP

49152:logrRcB1W5tLOMi3BPM+KOPRVUV/jy2eeBzPiudVZ5TMoDy:b6s23BPMkRVP2eehdVZ5LD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-29_1a74101c13cff082bf8df100e01acd16_mafia

Files

2024-04-29_1a74101c13cff082bf8df100e01acd16_mafia
.exe windows:5 windows x86 arch:x86

dfe8a42f4bf245544f462187a2b35ebf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetContext
ImmSetCompositionFontA
ImmGetCompositionFontA
ImmSetCompositionWindow
ImmGetCompositionStringW
ImmReleaseContext

kernel32

WriteFile
ReadFile
WriteConsoleOutputAttribute
WriteConsoleOutputCharacterA
ReadConsoleOutputCharacterA
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
CreateConsoleScreenBuffer
WriteConsoleA
ScrollConsoleScreenBufferA
SetConsoleTitleA
GetTickCount
GetCurrentProcessId
GetConsoleTitleA
DeviceIoControl
GetFileAttributesA
CreateFileW
GetFileAttributesW
GetVolumePathNamesForVolumeNameA
SetConsoleCtrlHandler
GetCurrentThreadId
SetLastError
FlushInstructionCache
GetCurrentProcess
lstrlenA
InterlockedIncrement
InterlockedDecrement
lstrlenW
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
IsDBCSLeadByte
GlobalLock
GlobalFree
GlobalUnlock
GlobalAlloc
GlobalSize
MulDiv
GetProfileStringA
FindFirstFileW
GetShortPathNameW
SetFileAttributesW
MoveFileW
MoveFileExW
GetFileAttributesExW
GetDiskFreeSpaceW
ExpandEnvironmentStringsA
VirtualFree
VirtualAlloc
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetDriveTypeW
HeapSize
SetStdHandle
SetFilePointer
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetConsoleCP
GetModuleFileNameW
FlushFileBuffers
LoadLibraryW
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
LCMapStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetFullPathNameA
GetFullPathNameW
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
SetEnvironmentVariableW
CreateDirectoryA
CreateDirectoryW
RemoveDirectoryA
RemoveDirectoryW
DeleteFileA
DeleteFileW
VirtualQuery
GetSystemInfo
VirtualProtect
EncodePointer
RtlUnwind
GetCPInfo
HeapReAlloc
CreateThread
ResumeThread
ExitThread
CreatePipe
DuplicateHandle
SetCurrentDirectoryW
GetCurrentDirectoryW
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
GetStringTypeW
GetSystemTimeAsFileTime
GetTimeZoneInformation
HeapCreate
DecodePointer
QueryPerformanceCounter
ExitProcess
GetModuleHandleW
SetNamedPipeHandleState
Sleep
GetProcessId
CompareStringW
CreateFileA
CreateProcessW
SetEndOfFile
GetVersionExA
GetProcessHeap
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CreateEventA
WaitForMultipleObjects
SetEvent
ResetEvent
GetModuleHandleA
CreateRemoteThread
WaitForSingleObject
GetExitCodeThread
TerminateProcess
FreeLibrary
GetProcAddress
LoadLibraryA
OpenProcess
GetExitCodeProcess
GetModuleFileNameA
CreateProcessA
SetConsoleMode
GetConsoleMode
GetVolumeInformationA
FileTimeToDosDateTime
GetFileTime
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
CloseHandle
FindNextFileW
FindClose
FileTimeToLocalFileTime
GetStdHandle
GetConsoleScreenBufferInfo
WriteConsoleW
FormatMessageA
LocalFree
Beep
GetLocalTime
GetDriveTypeA
GetVersion
GetLocaleInfoA
EnumSystemCodePagesA
GetCPInfoExA
WideCharToMultiByte
MultiByteToWideChar
GetLastError
GetSystemDirectoryA
GetWindowsDirectoryA
HeapFree
HeapAlloc
RaiseException
GetLocaleInfoW

user32

ShowCaret
CreateCaret
CreateDialogParamA
DestroyCaret
SetWindowPlacement
SetWindowTextW
HideCaret
GetPriorityClipboardFormat
GetClipboardData
OpenClipboard
SetCaretPos
EmptyClipboard
SetClipboardData
UnregisterClassA
TrackPopupMenu
GetCaretPos
ClientToScreen
GetKeyState
SetTimer
MessageBoxA
SetDlgItemInt
GetDlgItemInt
FillRect
ScreenToClient
EndPaint
KillTimer
CloseClipboard
BeginPaint
ReleaseDC
GetDC
EnableWindow
GetDlgItem
CharNextA
CreateWindowExA
GetClassInfoExA
LoadCursorA
LoadImageA
RegisterClassExA
LoadIconA
DestroyIcon
LoadMenuA
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
CallWindowProcA
RemoveMenu
MonitorFromPoint
GetMonitorInfoA
TrackPopupMenuEx
CreatePopupMenu
GetMenuItemInfoA
PeekMessageA
PtInRect
IsWindow
MessageBeep
DestroyMenu
DefWindowProcA
LoadStringW
SetFocus
SendMessageA
LoadAcceleratorsA
DestroyAcceleratorTable
EndDialog
DialogBoxParamA
ModifyMenuA
GetSubMenu
GetMenuStringA
GetMenuItemID
GetMenuItemCount
EnableMenuItem
AppendMenuA
DestroyWindow
TranslateAcceleratorA
LoadStringA
LoadBitmapA
GetMenu
SetMenu
CopyAcceleratorTableA
DrawMenuBar
InvalidateRect
GetWindowPlacement
IsZoomed
SetWindowLongA
SetWindowTextA
GetWindow
GetWindowRect
GetWindowLongA
GetClientRect
MapWindowPoints
SetWindowPos
GetParent
GetActiveWindow
IsWindowVisible
PostMessageA
PostQuitMessage
GetWindowThreadProcessId
ShowWindow
EnumWindows
FindWindowA
SystemParametersInfoA
GetWindowTextA

gdi32

GetTextFaceA
GetClipBox
SetWindowExtEx
SetWindowOrgEx
SetViewportExtEx
SetViewportOrgEx
SetMapMode
ResetDCA
GetBoundsRect
GetDeviceCaps
StartDocA
AbortDoc
GetViewportExtEx
GetObjectA
CreateRectRgnIndirect
GetTextMetricsA
CreatePen
GetTextExtentPoint32A
TextOutA
Polyline
SelectClipRgn
SetTextColor
SetBkColor
SelectObject
DeleteDC
DeleteObject
RestoreDC
SaveDC
CreatePenIndirect
EnumFontFamiliesA
TextOutW
StartPage
EndPage
CreateSolidBrush
CreateDCA
GetWindowExtEx
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
EndDoc
CreateFontA

winspool.drv

OpenPrinterA
GetPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetOpenFileNameA
GetSaveFileNameA
PrintDlgExA

advapi32

RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteValueA
RegQueryValueExA
RegCloseKey

shell32

DragQueryFileA
DragQueryPoint
DragFinish
ShellExecuteA
DragAcceptFiles

ole32

CoCreateInstance
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
DoDragDrop
CoInitialize
OleInitialize

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx
ord6

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 711KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dfe8a42f4bf245544f462187a2b35ebf

Headers

DLL Characteristics

File Characteristics

Imports

imm32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 59KB - Virtual size: 59KB

.data Size: 312KB - Virtual size: 711KB

.rsrc Size: 24KB - Virtual size: 24KB

.reloc Size: 63KB - Virtual size: 62KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 59KB - Virtual size: 59KB

.data
Size: 312KB - Virtual size: 711KB

.rsrc
Size: 24KB - Virtual size: 24KB

.reloc
Size: 63KB - Virtual size: 62KB