C:\Users\keith\Documents\Visual Studio 2010\Projects\gCADPlus\11.0\gCADPlus9\bin\gCADPlus.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-04-29_6f73b49477649ffd947e4194a2fc45e9_mafia.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
2024-04-29_6f73b49477649ffd947e4194a2fc45e9_mafia.exe
Resource
win10v2004-20240419-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
2024-04-29_6f73b49477649ffd947e4194a2fc45e9_mafia
-
Size
5.2MB
-
MD5
6f73b49477649ffd947e4194a2fc45e9
-
SHA1
9d059ec23eef65a765562badbc14695d91551637
-
SHA256
29f11a59c4e26de073a47bfb4b406d05cff8d3f669bb03c4f4e59f323102e6a9
-
SHA512
c0af25dab6ae2cb4e6b5380cbd321b3d18a83fcfbd3b98190bbdce57031c53f8411a702c19a713c07bbc00423cea1f7cfbf9db22649a58a5f6ab409c1ecd8e93
-
SSDEEP
98304:aQH5Iw1wHDN/67EeYE/r0+m0wRym8Qn+TUYKV+SmDUwH14oGL+RaeDoj9ghi1Re5:TH5IpDN/67EQ7mFn+QagwH14oGARDoju
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-04-29_6f73b49477649ffd947e4194a2fc45e9_mafia
Files
-
2024-04-29_6f73b49477649ffd947e4194a2fc45e9_mafia.exe windows:5 windows x86 arch:x86
2e2893cf3fd27dbcd26e68bfebf6fcae
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
wininet
InternetCrackUrlW
libhpdf
HPDF_LoadPngImageFromFile
HPDF_New
HPDF_Page_DrawImage
HPDF_Page_SetHeight
HPDF_Page_SetWidth
HPDF_SaveToFile
HPDF_Free
HPDF_SetCompressionMode
HPDF_AddPage
comctl32
ImageList_Destroy
ImageList_DrawEx
ImageList_GetImageCount
ImageList_Create
ImageList_GetIcon
ImageList_ReplaceIcon
InitCommonControlsEx
ImageList_GetIconSize
litecad
lcDrwRegenViews
lcViewGetEntsByRect
lcCmdDrawPickbox
lcCreateCommand
lcWndRedraw
lcBlockGetFirstSel
lcBlockSelectEnt
lcBlockUnselect
lcCmdPrompt
lcCmdExit
lcBlockGetNextSel
lcViewGetEntity
lcPropGetFloat
lcEntMove
lcCmdRedraw
lcPropPutFloat
lcCmdRegen
lcCmdSelectEnt
lcBlockAddMText
lcPlineGetFirstVer
lcCmdSetFocus
lcBlockSelMove
lcBlockSelRotate
lcBlockAddArc3P
lcDrwPurge
lcDrwSaveMem
lcDrwDeleteObject
lcBlockAddLine
lcDrwAddBlock
lcDrwGetObjectByName
lcBlockAddBlockRef
lcIntersection
lcEntErase
lcBlockAddArc
lcBlockAddCircle
lcDrwAddLayer
lcInterGetPoint
lcBlockAddPoint
lcPlineGetLastVer
lcPlineGetVer
lcBlockGetFirstEnt
lcDrwSortObjects
lcWndSelectView
lcBlockAddDimAli
lcBlockGetNextEnt
lcBlkRefGetNextAtt
lcBlkRefGetFirstAtt
lcDgGetValue2
lcBlockGetEntByID
lcMlineGetFirstVer
lcBlockAddText2
lcDrwAddTextStyle
lcWndExeCommand
lcPropPutHandle
lcDrwAddImage
lcBlockAddImageRef
lcViewRasterize
lcBlockSelErase
lcDrwGetViewByBlock
lcViewRegen
lcBlockClear
lcBlockAddRect
lcBlockAddPoint2
lcHatchSetPattern
lcBlockAddPolyline
lcPlineAddVer
lcBlockAddXline
lcEntToBottom
lcDgGetValue
lcCmdGetEntByPoint
lcBlockPurge
lcCreateDrawing
lcGetErrorCode
lcDeleteDrawing
lcDrwNew
lcCreateWindow
lcDeleteWindow
lcDrwAddBlockFromDrw
lcWndGetEntByPoint
lcColorGetIndex
lcColorGetRed
lcColorGetPalette
lcColorIsRGB
lcColorGetGreen
lcColorGetBlue
lcDrwGetEntByID
lcDrwLoad
lcDrwNewT
lcWndResize
lcDrwAddViewPaper
lcBlockGetLastEnt
lcEntExplode
lcRectGetPolyline
lcPlineGetNextVer
lcExtractPreview
lcCmdwinUpdate
lcOnEventMouseDown
lcOnEventKeyDown
lcInitialize
lcUninitialize
lcOnEventEntErase
lcOnEventMouseMove
lcOnEventAddEntity
lcOnEventMouseDblClk
lcOnEventAddStr
lcDgGetFileName
lcPropwinUpdate
lcStrFileSave
lcStrSet
lcStrAdd
lcStrFileLoad
lcOnEventAddCommand
lcOnEventCmdString
lcOnEventCmdMouseDown
lcOnEventCmdFinish
lcOnEventCmdStart
lcOnEventCmdMouseUp
lcOnEventCmdMouseMove
lcBlockAddLeader
lcBlockAddEllipse
lcDrwAddLinetype
lcViewSetPaperSize
lcColorSetPalette
lcViewSetGrid
lcDrwAddDimStyle
lcViewSetRect
lcViewSetLimits
lcBlockAddAttDef
lcBlkRefAddAtt
lcBlockAddDimOrd
lcBlockAddDimAng
lcBlockAddDimRad
lcBlockAddDimAng2
lcBlockAddDimRot
lcBlockAddDimDia
lcPlineAddVer2
lcBlockAddFace4
lcBlockAddXline2P
lcVportSetView
lcBlockAddViewport
lcWndGetCursorCoord
lcDrwInsert
lcDrwAddBlockFile
lcDrwLoadMem
lcLayerClear
lcCmdSetBasePoint
lcPropPutInt
lcPlineDeleteVer
lcPropwinResize
lcCreatePropwin
lcDrwGetNextObject
lcPropGetInt
lcDrwGetFirstObject
lcStrGet
lcPropPutStr
lcDrwSave
lcPropPutBool
lcPropGetStr
lcCmdDrawLine
lcCmdwinResize
lcCreateCmdwin
lcWndSetCmdwin
lcWndStopCommand
lcPropGetHandle
lcWndSetFocus
lcExtractFileInfo
lcPropGetBool
lcWndSetPropwin
sqlite3
sqlite3_column_double
sqlite3_step
sqlite3_finalize
sqlite3_column_int
sqlite3_busy_timeout
sqlite3_errmsg
sqlite3_column_text
sqlite3_mprintf
sqlite3_column_count
sqlite3_open
sqlite3_close
sqlite3_column_name
sqlite3_column_type
sqlite3_prepare_v2
sqlite3_free
user32
SetForegroundWindow
FindWindowW
SetWindowPlacement
GetFocus
GetWindowPlacement
IsWindow
PostMessageA
MoveWindow
CreateWindowExW
EndPaint
ScreenToClient
GetWindowRect
IsWindowEnabled
SetFocus
BeginPaint
GetWindowTextW
LoadBitmapW
CheckRadioButton
DestroyWindow
SetCursor
LoadCursorW
IntersectRect
SystemParametersInfoW
SetWindowPos
ShowWindow
CreateDialogParamW
IsDlgButtonChecked
SetRectEmpty
mouse_event
FillRect
DrawTextW
DialogBoxParamW
GetDC
ReleaseDC
GetDlgItem
EndDialog
MessageBoxW
SetWindowTextW
RegisterClassExA
PostMessageW
GetSubMenu
GetParent
GetClientRect
GetWindowTextA
InvalidateRect
GetWindowLongW
SetWindowLongW
DrawMenuBar
GetMenuItemCount
RemoveMenu
SendMessageW
DestroyMenu
DefWindowProcW
SetDlgItemTextW
GetDlgItemTextW
CallWindowProcW
SetParent
SetMenuItemInfoW
GetSystemMetrics
CheckDlgButton
DrawTextExW
GetClassNameW
wsprintfW
GetSysColor
GetWindowTextLengthW
GetWindow
UpdateWindow
GetMenu
InsertMenuItemW
GetMenuItemInfoW
DeleteMenu
MessageBoxA
InsertMenuW
LoadMenuW
GetSystemMenu
DispatchMessageW
TranslateMessage
TrackPopupMenu
PostQuitMessage
GetMessageW
OffsetRect
GetMenuItemID
AppendMenuW
GetMenuStringW
GetSysColorBrush
SetCursorPos
LoadIconW
SendMessageA
GetMenuState
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
TranslateAcceleratorW
GetDesktopWindow
keybd_event
KillTimer
SetTimer
SetMenu
BringWindowToTop
GetLastActivePopup
CopyRect
GetClassInfoW
CreatePopupMenu
IsIconic
SetActiveWindow
LoadAcceleratorsW
PeekMessageW
GetKeyState
EqualRect
GetActiveWindow
GetWindowThreadProcessId
DestroyIcon
WinHelpW
ReuseDDElParam
UnpackDDElParam
SetScrollInfo
GetScrollInfo
DeferWindowPos
ClientToScreen
RegisterClassExW
LoadImageW
ReleaseCapture
GetCursorPos
DrawFocusRect
GetCapture
SetCapture
GetScrollPos
GetDlgCtrlID
SetScrollPos
InflateRect
GetScrollRange
SetScrollRange
GetClassInfoExW
EnableWindow
PtInRect
MapVirtualKeyExW
IsCharLowerW
GetWindowRgn
CreateMenu
DestroyCursor
DrawIcon
HideCaret
InvertRect
GetDoubleClickTime
CharUpperBuffW
EnumChildWindows
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
GetNextDlgGroupItem
InvalidateRgn
CharNextW
UnregisterClassW
SubtractRect
CopyIcon
GetMenuDefaultItem
FrameRect
CopyAcceleratorTableW
IsClipboardFormatAvailable
SetMenuDefaultItem
AdjustWindowRectEx
MapVirtualKeyW
GetKeyNameTextW
RealChildWindowFromPoint
SetLayeredWindowAttributes
EnumDisplayMonitors
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
DrawIconEx
DrawEdge
DrawFrameControl
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
CopyImage
GetIconInfo
CharUpperW
WaitMessage
PostThreadMessageW
MessageBeep
GetWindowDC
GrayStringW
TabbedTextOutW
RegisterClipboardFormatW
CreateDialogIndirectParamW
GetNextDlgTabItem
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
DrawStateW
LockWindowUpdate
GetUpdateRect
UnionRect
SetRect
DestroyAcceleratorTable
SetClassLongW
GetAsyncKeyState
NotifyWinEvent
WindowFromPoint
IsDialogMessageW
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
RedrawWindow
SetWindowRgn
IsZoomed
IsRectEmpty
ValidateRect
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
IsChild
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
ShowScrollBar
IsWindowVisible
RegisterClassW
ole32
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoInitializeEx
DoDragDrop
OleLockRunning
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoInitialize
CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal
CoFreeUnusedLibraries
CoCreateGuid
OleDuplicateData
StringFromCLSID
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
OleUninitialize
OleInitialize
OleCreate
StgCreateDocfile
OleSetContainedObject
CLSIDFromString
CoGetClassObject
StgCreateDocfileOnILockBytes
CoRevokeClassObject
CLSIDFromProgID
OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
oleaut32
OleCreateFontIndirect
SysAllocString
SysStringLen
SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
kernel32
FileTimeToLocalFileTime
GetTempPathW
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
GetProfileIntW
GetFileAttributesExW
GlobalHandle
TlsGetValue
LocalAlloc
FileTimeToSystemTime
GetDateFormatA
GetTimeFormatA
InterlockedCompareExchange
LocalFileTimeToFileTime
GetFileSizeEx
InitializeCriticalSection
SetErrorMode
GetSystemDirectoryW
GlobalReAlloc
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
GetStringTypeExW
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
SetFileTime
ReplaceFileW
SystemTimeToFileTime
GetFileAttributesW
GetUserDefaultLCID
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
LoadLibraryExW
CompareStringA
ReleaseActCtx
CreateActCtxW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
ResumeThread
SetThreadPriority
FreeResource
GetCurrentThreadId
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
FreeLibrary
CompareStringW
GetCurrentProcessId
GetProcAddress
LoadLibraryW
GlobalGetAtomNameW
GlobalAddAtomW
ActivateActCtx
DeactivateActCtx
GlobalSize
FormatMessageW
LocalFree
SetLastError
MoveFileW
CreateThread
ExitThread
Sleep
lstrcmpA
lstrcmpiW
CopyFileW
WaitForSingleObject
CreateDirectoryW
CreateProcessW
SetFileAttributesW
WideCharToMultiByte
GetLastError
GetTickCount
InterlockedDecrement
InterlockedIncrement
GetShortPathNameW
GlobalFree
GetCurrentDirectoryW
GlobalUnlock
GlobalAlloc
GlobalLock
GetNativeSystemInfo
MulDiv
lstrcpynW
CloseHandle
CreateFileW
SetFilePointer
ReadFile
WriteFile
FindNextFileW
EnterCriticalSection
InterlockedExchange
LeaveCriticalSection
DeleteFileW
GetModuleFileNameW
CreateFileMappingW
MapViewOfFile
OutputDebugStringA
lstrcpyA
lstrcatW
SetCurrentDirectoryW
WritePrivateProfileStringA
GetPrivateProfileStringA
FindClose
GetPrivateProfileIntW
WritePrivateProfileStringW
lstrcatA
GetPrivateProfileStringW
lstrlenA
FindFirstFileW
lstrcpyW
lstrlenW
lstrcmpW
LockResource
SizeofResource
LoadResource
FindResourceW
MultiByteToWideChar
GetModuleHandleW
SearchPathW
GetWindowsDirectoryW
GetNumberFormatW
VirtualProtect
FindResourceExW
GetCommandLineW
HeapSetInformation
GetStartupInfoW
HeapFree
HeapAlloc
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
GetCPInfo
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
RtlUnwind
RaiseException
ExitProcess
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetACP
GetOEMCP
IsValidCodePage
IsProcessorFeaturePresent
GetStringTypeW
LCMapStringW
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
TlsAlloc
CreateFileA
gdi32
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
IntersectClipRect
ExcludeClipRect
GetClipBox
CreatePatternBrush
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
CreateRectRgnIndirect
SetBkColor
CreateCompatibleBitmap
CreateBitmap
CreateDCW
CopyMetaFileW
CreateBrushIndirect
EndPage
StartPage
CreateFontW
StartDocW
EndDoc
AbortDoc
StretchBlt
GetDIBColorTable
StretchDIBits
SetStretchBltMode
GetDeviceCaps
Rectangle
GetTextMetricsW
CreateFontIndirectW
SetBkMode
Polyline
SetTextAlign
TextOutW
GetStockObject
CreateDIBSection
SetDIBColorTable
GetObjectW
BitBlt
DeleteDC
CreateCompatibleDC
MoveToEx
GetTextExtentPoint32W
LineTo
SetTextColor
DeleteObject
SelectObject
CreatePen
CreateSolidBrush
SelectPalette
GetObjectType
CreateHatchBrush
DPtoLP
PatBlt
CreateRoundRectRgn
CreateEllipticRgn
CreatePolygonRgn
CombineRgn
GetBkColor
GetTextColor
Ellipse
Polygon
RoundRect
GetDIBits
SetMapMode
SetPixelV
GetTextFaceW
EnumFontFamiliesExW
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
GetSystemPaletteEntries
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
GetRgnBox
OffsetRgn
GetMapMode
SetRectRgn
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
SetPixel
RealizePalette
msimg32
TransparentBlt
AlphaBlend
comdlg32
GetOpenFileNameW
GetFileTitleW
GetSaveFileNameW
winspool.drv
OpenPrinterW
ClosePrinter
DocumentPropertiesW
advapi32
GetFileSecurityW
SetFileSecurityW
RegQueryValueW
RegCreateKeyExW
RegSetValueW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegCreateKeyW
RegSetValueExA
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegQueryValueExA
shell32
DragQueryFileW
SHGetFileInfoW
DragFinish
DragAcceptFiles
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW
SHGetFolderPathA
SHGetSpecialFolderPathW
SHAppBarMessage
SHAddToRecentDocs
ExtractIconW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
shlwapi
PathRemoveFileSpecW
PathFindExtensionW
PathRemoveExtensionW
PathFindFileNameW
PathStripToRootW
StrTrimA
PathIsUNCW
oledlg
OleUIBusyW
gdiplus
GdiplusStartup
GdipGetImageWidth
GdipCloneImage
GdipBitmapLockBits
GdipGetImagePaletteSize
GdipCreateBitmapFromFile
GdipDisposeImage
GdipAlloc
GdipDrawImageI
GdipBitmapUnlockBits
GdipGetImageEncodersSize
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImageHeight
GdipFree
GdiplusShutdown
GdipCreateBitmapFromHBITMAP
GdipGetImageEncoders
GdipDrawImageRectI
GdipSaveImageToFile
GdipCreateFromHDC
GdipSetInterpolationMode
GdipGetImageGraphicsContext
GdipCreateBitmapFromStream
spellchecker
SpcCreate
SpcCheckWord
SpcGetDicFolder
SpcSetDicFolder
SpcDestroy
winhttp
WinHttpAddRequestHeaders
WinHttpReadData
WinHttpCrackUrl
WinHttpGetProxyForUrl
WinHttpOpenRequest
WinHttpOpen
WinHttpQueryDataAvailable
WinHttpQueryHeaders
WinHttpCloseHandle
WinHttpConnect
WinHttpWriteData
WinHttpSendRequest
WinHttpGetIEProxyConfigForCurrentUser
WinHttpSetOption
WinHttpSetTimeouts
WinHttpReceiveResponse
oleacc
LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject
imm32
ImmReleaseContext
ImmGetContext
ImmGetOpenStatus
winmm
PlaySoundW
Sections
.text Size: 2.1MB - Virtual size: 2.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 986KB - Virtual size: 985KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 53KB - Virtual size: 110KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1.8MB - Virtual size: 1.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 244KB - Virtual size: 244KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ