2024-04-30_65d969c85680028f7fc6e9fa81c565e1_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-30_65d969c85680028f7fc6e9fa81c565e1_mafia
Size

1.8MB
MD5

65d969c85680028f7fc6e9fa81c565e1
SHA1

39c442e942e5b9c4522302c8f38243ced598911b
SHA256

497235373a9a7d2a8b9d03b07d840fcf02fa6c9e4f354d12a1bfc74a5cdbb69e
SHA512

1e672912d8dcd31e658531e36a20a26ae2fd42b328b6dbb3a3f2a69211a150d1fde78db1247cb59611604b36ee75dd6fd572dee5094846d7ed7d0da7854640b4
SSDEEP

49152:eEM4bp756h4uwBXp6yBNb7NUX8c/NC6yQsCEEE0x5sO7nVjTzxQTwde02uKL1Cq:TYh4uwD6yBNbZY8qNC6yQsCEEhxuWxTE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-30_65d969c85680028f7fc6e9fa81c565e1_mafia

Files

2024-04-30_65d969c85680028f7fc6e9fa81c565e1_mafia
.exe windows:5 windows x86 arch:x86

be87cc4d049237d1904c30f8156a1e33

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
TerminateProcess
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
HeapCreate
GetLocaleInfoW
GetTimeZoneInformation
GetStringTypeW
SetUnhandledExceptionFilter
CreateFileW
FreeEnvironmentStringsW
GetEnvironmentStringsW
CompareStringW
EnumSystemLocalesA
IsValidLocale
GetProcessHeap
SetEnvironmentVariableA
UnhandledExceptionFilter
SetStdHandle
HeapQueryInformation
HeapSize
CreateThread
ExitThread
ExitProcess
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetStdHandle
GetFileType
WriteConsoleW
GetConsoleMode
GetConsoleCP
HeapAlloc
GetDateFormatA
GetTimeFormatA
GetSystemTimeAsFileTime
RaiseException
HeapFree
DecodePointer
EncodePointer
RtlUnwind
FindResourceExW
VirtualProtect
GetNumberFormatA
GetWindowsDirectoryA
SetErrorMode
GetFileSizeEx
LocalFileTimeToFileTime
GetFileAttributesExA
FileTimeToLocalFileTime
GetShortPathNameA
GetVolumeInformationA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
MoveFileA
GetStringTypeExA
DeleteFileA
GetCurrentDirectoryA
FileTimeToSystemTime
GetThreadLocale
GetSystemDirectoryW
GetOEMCP
GetCPInfo
GetACP
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
GetTempPathA
GetProfileIntA
SearchPathA
lstrcmpiA
LocalAlloc
LocalLock
LocalUnlock
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
ReplaceFileA
SystemTimeToFileTime
GetFileAttributesA
GetUserDefaultLCID
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
ResumeThread
SetThreadPriority
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
lstrcmpA
GetModuleHandleW
InterlockedExchange
GetCurrentProcessId
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
lstrcmpW
FindResourceA
FreeResource
GetModuleFileNameW
ActivateActCtx
ReleaseActCtx
CreateActCtxW
DeactivateActCtx
SetLastError
CopyFileA
GlobalSize
lstrlenW
MultiByteToWideChar
MulDiv
ExpandEnvironmentStringsA
_lopen
_lread
_llseek
_lclose
VirtualLock
VirtualUnlock
GetVersion
SetProcessWorkingSetSize
CreateFileA
DeviceIoControl
lstrcpyA
lstrlenA
lstrcatA
QueryPerformanceFrequency
QueryPerformanceCounter
GetTickCount
GetLastError
FormatMessageA
LocalFree
GetModuleHandleA
GetCurrentProcess
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
OpenProcess
GetProcessWorkingSetSize
CreateEventA
CloseHandle
ResetEvent
GetVersionExA
SetEvent
WaitForSingleObject
Sleep
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
GetModuleFileNameA
FindFirstFileA
FindNextFileA
FindClose
LoadLibraryA
GetProcAddress
SetHandleCount
FreeLibrary

user32

RealChildWindowFromPoint
UnregisterClassA
GetSysColorBrush
IsZoomed
SystemParametersInfoA
GetSystemMetrics
GetMenuItemInfoA
InflateRect
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
LoadImageA
DestroyIcon
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
IntersectRect
BringWindowToTop
TranslateAcceleratorA
WindowFromPoint
IsIconic
LoadCursorW
LoadCursorA
DestroyCursor
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
ReleaseCapture
SetCapture
GetTabbedTextExtentA
MessageBeep
IsClipboardFormatAvailable
GetDC
ReleaseDC
SetRectEmpty
ShowOwnedPopups
SetCursor
GetMessageA
TranslateMessage
GetCursorPos
PostQuitMessage
GetWindowThreadProcessId
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemInt
CheckDlgButton
RegisterWindowMessageA
LoadIconW
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
DrawMenuBar
GetMessageTime
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
IsWindowVisible
ValidateRect
GetClientRect
PostMessageA
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
CopyRect
PtInRect
GetWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
DefMDIChildProcA
DefFrameProcA
IsMenu
GetDlgItem
IsWindowEnabled
DestroyAcceleratorTable
SendMessageA
EnableWindow
GetDesktopWindow
SetRect
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
GetParent
ModifyMenuA
EnableMenuItem
CheckMenuItem
UnhookWindowsHookEx
GetMenuState
GetMenuStringA
wsprintfA
KillTimer
SetTimer
RemoveMenu
CopyImage
EnumDisplayMonitors
SetLayeredWindowAttributes
CharUpperA
LoadAcceleratorsW
LoadMenuW
GetWindowRgn
MapDialogRect
SubtractRect
GetDoubleClickTime
CharUpperBuffA
CopyIcon
InsertMenuA
GetSubMenu
GetMenuItemID
GetMenuItemCount
AppendMenuA
DeleteMenu
InvalidateRect
UpdateWindow
GetWindowRect
LoadBitmapW
OffsetRect
RegisterClipboardFormatA
GetUpdateRect
FrameRect
SetMenuDefaultItem
GetMessagePos
TranslateMDISysAccel
MonitorFromPoint
UpdateLayeredWindow
MapVirtualKeyExA
IsCharLowerA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableA
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
DrawFrameControl
DrawEdge
DrawStateA
SetClassLongA
WaitMessage
DrawIconEx
GetNextDlgGroupItem
GetIconInfo
NotifyWinEvent
EnableScrollBar
HideCaret
DrawFocusRect
InvertRect
GetAsyncKeyState
GetMenuDefaultItem
UnionRect
MapVirtualKeyA
GetKeyNameTextA
GetSystemMenu
GetTabbedTextExtentW
PostThreadMessageA
CreateMenu
CopyAcceleratorTableA
SetParent
SetWindowRgn
DrawIcon
GetTopWindow
IsRectEmpty

gdi32

MoveToEx
SetTextAlign
GetLayout
SetLayout
DeleteObject
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetViewportOrgEx
LineTo
PatBlt
GetBkColor
GetTextExtentPoint32A
CreateDIBitmap
CreateRectRgnIndirect
EnumFontFamiliesA
GetTextCharsetInfo
SetRectRgn
CombineRgn
CreateEllipticRgn
LPtoDP
Ellipse
CreateDIBSection
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetTextAlign
GetTextFaceA
GetTextExtentPointA
GetTextExtentPoint32W
GetWindowOrgEx
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreateRoundRectRgn
CreatePolygonRgn
Polyline
Polygon
SetDIBColorTable
StretchBlt
SetPixel
OffsetRgn
GetRgnBox
EnumFontFamiliesExA
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetCharWidthA
GetTextMetricsA
DPtoLP
CreateCompatibleBitmap
SetBkColor
SetTextColor
CreateBitmap
CreateDCA
CopyMetaFileA
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateFontIndirectA
Rectangle
GetObjectA
GetStockObject

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
GetJobA
ClosePrinter

advapi32

RegEnumValueA
RegQueryValueExA
RegOpenKeyExA
RegSetValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegEnumKeyExA
RegOpenKeyExW
RegCloseKey
GetFileSecurityA
SetFileSecurityA

shell32

DragFinish
DragQueryFileA
ExtractIconA
SHGetFileInfoA
SHAppBarMessage
SHBrowseForFolderA
ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder

comctl32

ord17
ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathRemoveFileSpecW
PathStripToRootA
PathFindExtensionA
PathIsUNCA

ole32

OleLockRunning
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoInitialize
CoInitializeEx
CoCreateInstance
CoUninitialize
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
StringFromCLSID
CoTaskMemFree
RevokeDragDrop
RegisterDragDrop
DoDragDrop
OleGetClipboard
CoLockObjectExternal
CreateStreamOnHGlobal

oleaut32

SysStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
SysAllocString
SysAllocStringLen
SysFreeString
VariantInit
VariantClear
VariantChangeType

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusShutdown
GdipDrawImageI

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 337KB - Virtual size: 337KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be87cc4d049237d1904c30f8156a1e33

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 337KB - Virtual size: 337KB

.data Size: 27KB - Virtual size: 63KB

.rsrc Size: 41KB - Virtual size: 40KB

.reloc Size: 172KB - Virtual size: 171KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 337KB - Virtual size: 337KB

.data
Size: 27KB - Virtual size: 63KB

.rsrc
Size: 41KB - Virtual size: 40KB

.reloc
Size: 172KB - Virtual size: 171KB