2024-04-29_183feb9a89b4b92f06d63e6f235552a9_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-04-29_183feb9a89b4b92f06d63e6f235552a9_mafia
Size

8.2MB
MD5

183feb9a89b4b92f06d63e6f235552a9
SHA1

9825770ae3370e960d67cb847a178834948ee255
SHA256

684497162f8f9b8afa725b29c932e38640839c4b5fce66a96c57dbfe9c0d4e22
SHA512

824d5003c6dec5713e89808ae75e7219c38a6b4446338e66fa4b5bd5dacd9a9cfe8b6c6cacc9d098bfbfd3f378e30a876f28dc0874031f235fd00bf6b45b438e
SSDEEP

196608:KfYYt+R4wpsuqTvNvOY4fH4qHQKUkg5jbpHdb:Zqzpv6HQKUdjbp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-29_183feb9a89b4b92f06d63e6f235552a9_mafia

Files

2024-04-29_183feb9a89b4b92f06d63e6f235552a9_mafia
.exe windows:5 windows x86 arch:x86

a81f8bb3038edaa173adf3de82d850a0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\data\Software.MFC\iALotOfMailOperations\Ver32\iALotOfMailOperations.pdb

Imports

crypt32

CertFreeCertificateContext
CertGetCertificateContextProperty
CertEnumCertificatesInStore
CertCloseStore
CryptSignMessage

fontsub

CreateFontPackage

kernel32

EnumSystemLocalesA
GetStringTypeW
WriteConsoleW
CompareStringW
IsValidLocale
SetEnvironmentVariableA
LCMapStringW
GetWindowsDirectoryA
CopyFileA
GetModuleFileNameA
CloseHandle
GetLastError
SetThreadPriority
GetCurrentThread
ExitProcess
GetTickCount
FindResourceW
SizeofResource
LockResource
LoadResource
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
GetConsoleCP
lstrlenA
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryA
IsBadWritePtr
IsBadReadPtr
GetCurrentThreadId
CreateFileW
WriteFile
SetEndOfFile
SetFilePointer
LocalFree
FormatMessageA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetFileAttributesW
SetFileAttributesW
GetTempPathW
FindClose
FindFirstFileA
FindFirstFileW
FileTimeToSystemTime
GetFileTime
Sleep
DeleteFileW
GetLocaleInfoW
IsValidCodePage
IsProcessorFeaturePresent
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetUnhandledExceptionFilter
SetStdHandle
HeapSize
HeapQueryInformation
GetDriveTypeW
GetConsoleMode
SetConsoleMode
ReadConsoleInputA
FindFirstFileExA
GetDriveTypeA
SetConsoleCtrlHandler
GetProcessHeap
PeekNamedPipe
GetFileInformationByHandle
GetTimeFormatA
CreateThread
ExitThread
HeapFree
HeapReAlloc
HeapAlloc
GetStartupInfoW
HeapSetInformation
DecodePointer
EncodePointer
FindResourceExW
GetUserDefaultLCID
VirtualProtect
GetProfileIntA
SearchPathA
GetTempPathA
GetTempFileNameA
GetNumberFormatA
GetFileAttributesExA
lstrcpyA
GetSystemDirectoryW
GetOEMCP
LocalReAlloc
QueryPerformanceFrequency
QueryPerformanceCounter
GlobalFlags
GetVolumeInformationA
DuplicateHandle
GetFileSize
UnlockFile
LockFile
FlushFileBuffers
lstrcmpiA
lstrlenW
GetPrivateProfileIntA
ResumeThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
lstrcmpA
InterlockedExchange
ReleaseActCtx
CreateActCtxW
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
InitializeCriticalSectionAndSpinCount
ActivateActCtx
DeactivateActCtx
lstrcmpW
GetCurrentDirectoryA
CreateEventA
DeleteFileA
DisableThreadLibraryCalls
EnumCalendarInfoA
FileTimeToDosDateTime
GetACP
GetCPInfo
GetDateFormatA
GetDiskFreeSpaceA
GetFullPathNameA
GetFullPathNameW
GetProfileStringA
GetStringTypeExA
GlobalHandle
LoadLibraryW
LocalFileTimeToFileTime
ResetEvent
SetErrorMode
SetEvent
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
RaiseException
RtlUnwind
UnhandledExceptionFilter
GetCommandLineA
GetLocaleInfoA
GetStartupInfoA
GetThreadLocale
LoadLibraryExA
VirtualQuery
LocalAlloc
VirtualAlloc
VirtualFree
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GlobalSize
GlobalReAlloc
MulDiv
GetFileAttributesA
lstrcpynA
CreateFileA
GetFileSizeEx
ReadFile
FindResourceA
FreeResource
GetCurrentProcess
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
IsDebuggerPresent
DebugBreak
GetSystemTime
GetLocalTime
WritePrivateProfileStringA
FlushConsoleInputBuffer
SetLastError
GetStdHandle
GetFileType
GetVersion
GetTimeZoneInformation
SystemTimeToFileTime
GetPrivateProfileStringA
GlobalMemoryStatus
GetSystemInfo
GetSystemTimeAsFileTime
GetComputerNameA
FindNextFileW
GetCurrentDirectoryW
FileTimeToLocalFileTime
GetVersionExA
ReleaseSemaphore
CompareStringA
TerminateProcess
WaitForSingleObject
ReleaseMutex
CreateMutexA
GetCurrentProcessId

user32

SetCursorPos
DrawFrameControl
DrawEdge
EnableScrollBar
HideCaret
DrawFocusRect
InvertRect
GetMenuDefaultItem
GetNextDlgGroupItem
InvalidateRgn
LoadImageW
DrawStateA
RegisterClipboardFormatA
EnumChildWindows
IsRectEmpty
IsMenu
GetSystemMenu
MonitorFromPoint
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadImageA
LoadAcceleratorsA
InsertMenuItemA
BringWindowToTop
TranslateAcceleratorA
SetClassLongA
SetParent
CreatePopupMenu
NotifyWinEvent
SetWindowRgn
CreateAcceleratorTableA
LoadAcceleratorsW
DestroyAcceleratorTable
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyA
ToAsciiEx
CopyAcceleratorTableA
PostThreadMessageA
LoadMenuW
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
DeleteMenu
UnregisterClassA
IntersectRect
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
GetSysColorBrush
CopyImage
DestroyMenu
GetMenuItemInfoA
InflateRect
RealChildWindowFromPoint
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
SetWindowContextHelpId
GetWindowThreadProcessId
ShowOwnedPopups
SetCursor
GetCursorPos
SystemParametersInfoA
OffsetRect
MessageBeep
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
UnionRect
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
RedrawWindow
GetSystemMetrics
DrawIcon
SendMessageA
IsIconic
GetClientRect
SetTimer
KillTimer
EnableWindow
LoadIconW
GetAsyncKeyState
IsWindowVisible
ValidateRect
PostMessageA
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
CopyRect
PtInRect
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
CharUpperBuffA
CharLowerBuffA
CharUpperBuffW
CreateIcon
DestroyIcon
DrawIconEx
GetIconInfo
UpdateLayeredWindow
SetMenuDefaultItem
IsCharLowerA
GetKeyNameTextA
MapVirtualKeyExA
IsClipboardFormatAvailable
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
FrameRect
GetUpdateRect
CopyIcon
SubtractRect
CreateMenu
wvsprintfA
CharNextA
LoadStringA
GetKeyboardType
LoadBitmapW
SetForegroundWindow
GetKeyState
GetMessageA
GetFocus
GetDlgCtrlID
GetParent
GetDoubleClickTime
GetWindowRgn
DestroyCursor
EnableMenuItem
DispatchMessageA
TranslateMessage
PeekMessageA
MsgWaitForMultipleObjects
CharToOemA
CharUpperA
CharLowerA
SetWindowTextW
GetWindowTextW
GetUserObjectInformationW
GetProcessWindowStation
GetDesktopWindow
MessageBoxA
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
GetClipboardData
GetClassNameA
GetWindowLongA
LoadCursorA
LoadIconA
CreateWindowExA
MapDialogRect
UpdateWindow
InvalidateRect
GetSysColor
LoadBitmapA
GetWindowTextLengthA
SendMessageW
ShowScrollBar
ReleaseDC
GetDC
SetRect
FillRect
IsZoomed
GetWindowRect
LockWindowUpdate
GetWindow

gdi32

GetWinMetaFileBits
GetSystemPaletteEntries
GetPixel
GetPaletteEntries
GetOutlineTextMetricsW
GetOutlineTextMetricsA
GetKerningPairs
GetGlyphOutlineW
GetGlyphIndicesA
GetFontData
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileDescriptionA
GetEnhMetaFileBits
GetDIBColorTable
GetCurrentPositionEx
GetCharWidthW
GetCharWidth32W
GetBrushOrgEx
GdiFlush
FillPath
ExtTextOutA
EnumFontsA
EnumFontFamiliesExA
EnumEnhMetaFile
EndPath
EndPage
EndDoc
DeleteEnhMetaFile
CreateScalableFontResourceW
CreatePenIndirect
CreatePalette
CreateICA
CreateEnhMetaFileA
CreateDIBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileA
CombineTransform
CloseFigure
CloseEnhMetaFile
BeginPath
AddFontResourceW
SaveDC
RestoreDC
SetPolyFillMode
SetMapMode
GetClipBox
ExcludeClipRect
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetWindowOrgEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
GetObjectType
CreateHatchBrush
CopyMetaFileA
CreateRectRgnIndirect
EnumFontFamiliesA
GetTextCharsetInfo
SetRectRgn
GetMapMode
DPtoLP
OffsetRgn
GetRgnBox
CreateRoundRectRgn
GetTextColor
GetBkColor
GetNearestPaletteIndex
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
Rectangle
LPtoDP
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
ExtFloodFill
GetTextFaceA
SetPixelV
IntersectClipRect
MaskBlt
PatBlt
PlayEnhMetaFile
PolyBezierTo
RemoveFontResourceW
SetAbortProc
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetEnhMetaFileBits
SetICMMode
DeleteDC
DeleteObject
GetBitmapBits
BitBlt
GetObjectA
SelectObject
CreateCompatibleBitmap
GetDeviceCaps
CreateCompatibleDC
CreateDCA
GetStockObject
GetTextExtentPointW
CreateSolidBrush
CreateFontIndirectA
CreateHalftonePalette
GetTextExtentPoint32A
GetTextMetricsA
FloodFill
StretchBlt
LineTo
MoveToEx
CreatePen
CombineRgn
CreateDIBSection
GetDIBits
RealizePalette
SelectPalette
UnrealizeObject
StrokePath
StrokeAndFillPath
StartPage
StartDocW
StartDocA
SetWinMetaFileBits
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
GetViewportExtEx
SetPaletteEntries

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
EnumPrintersW
ClosePrinter
GetJobA
DeviceCapabilitiesA
EnumPrintersA
SetJobA
OpenPrinterA
ord203

advapi32

CryptGetHashParam
DeregisterEventSource
ReportEventA
RegisterEventSourceA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegEnumKeyA
CryptAcquireContextW
CryptReleaseContext
CryptCreateHash
CryptDestroyHash
CryptHashData
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegEnumValueA
RegSetValueExA
RegDeleteValueA

shell32

DragFinish
SHGetFileInfoA
SHGetDesktopFolder
ShellExecuteA
SHAppBarMessage
DragQueryFileA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA

ole32

DoDragDrop
OleCreateMenuDescriptor
CoInitialize
CoCreateGuid
CoUninitialize
CoInitializeEx
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoTaskMemFree
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CreateStreamOnHGlobal
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleLockRunning
OleIsCurrentClipboard
OleFlushClipboard
OleInitialize
OleGetClipboard
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor

oleaut32

SysReAllocStringLen
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopyInd
VariantCopy
GetErrorInfo
SysAllocStringByteLen
SysStringLen
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
VariantClear
VarBstrFromDate
VariantInit
SysFreeString
SysAllocString

oledlg

ord8

gdiplus

GdipDrawImageI
GdipDrawImageRectI
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipDisposeImage
GdipGetImageHeight
GdipGetImageWidth
GdipCreateBitmapFromStream
GdiplusStartup
GdiplusShutdown
GdipFree
GdipAlloc
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetInterpolationMode

winmm

PlaySoundA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

ws2_32

recv
select
__WSAFDIsSet
getsockopt
listen
connect
ntohs
htonl
htons
bind
ioctlsocket
setsockopt
closesocket
socket
gethostname
inet_addr
gethostbyname
WSAGetLastError
inet_ntoa
WSACleanup
WSAStartup
accept
shutdown
send
WSASetLastError

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CODE
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 395KB - Virtual size: 440KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 395KB - Virtual size: 394KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a81f8bb3038edaa173adf3de82d850a0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

crypt32

fontsub

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

winmm

version

ws2_32

oleacc

imm32

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

CODE Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 395KB - Virtual size: 440KB

DATA Size: 133KB - Virtual size: 133KB

BSS Size: 12KB - Virtual size: 12KB

.rsrc Size: 1.0MB - Virtual size: 1.0MB

.reloc Size: 395KB - Virtual size: 394KB

.text
Size: 2.7MB - Virtual size: 2.7MB

CODE
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 395KB - Virtual size: 440KB

DATA
Size: 133KB - Virtual size: 133KB

BSS
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

.reloc
Size: 395KB - Virtual size: 394KB