2024-05-03_0afcb3884c7ee9e0d915b58ee4f1a02d_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-03_0afcb3884c7ee9e0d915b58ee4f1a02d_mafia
Size

2.7MB
MD5

0afcb3884c7ee9e0d915b58ee4f1a02d
SHA1

99795c625e87c08a7c3f80770551a7b3fb337984
SHA256

fa3045bb068303234e3b68425324ed33f1fb1578e8202158ef7572a8c5a3292d
SHA512

b559f1528005845a0876be4389b86dd555e4740b1e94af76c990be7d8df03d2a070c141a0a6d3a414b78156fe965f64c4120af685c3234d93663cf3708ad80b0
SSDEEP

49152:TMtTgb4gMH11aoOrFTFImCqqY/WConqSRP+U5RPJvQh0webBEM7oj3+HDaKpiyR0:TMtY4gGwFTpCqqY/WC9SRP+U5RPJvQh9

Score

1^/10

Malware Config

Signatures

Files

2024-05-03_0afcb3884c7ee9e0d915b58ee4f1a02d_mafia
.exe windows:5 windows x86 arch:x86

e5e6071b325b5772f818abfd0066d767

Code Sign

72:d7:b7:22:d0:2a:98:fd:3e:79:14:43:61:d4:ad:ba:b0:4c:8b:77
Signer

Actual PE Digest

72:d7:b7:22:d0:2a:98:fd:3e:79:14:43:61:d4:ad:ba:b0:4c:8b:77

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\work\star\tools\Launcher\Release\Launcher.pdb

Imports

wldap32

ord200
ord79
ord35
ord32
ord30
ord26
ord33
ord60
ord143
ord211
ord22
ord301
ord27
ord41
ord46
ord50

kernel32

GetCPInfo
GetOEMCP
SetErrorMode
GetTempFileNameA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
GetNumberFormatA
GetProfileIntA
SearchPathA
VirtualProtect
GetUserDefaultLCID
FindResourceExW
HeapFree
EncodePointer
DecodePointer
GetTimeFormatA
GetDateFormatA
GetCurrentProcess
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapAlloc
ExitThread
HeapReAlloc
FindFirstFileExA
RtlUnwind
VirtualQuery
HeapSize
HeapQueryInformation
SetStdHandle
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapCreate
GetTimeZoneInformation
IsValidCodePage
SetHandleCount
GetLocaleInfoW
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
LCMapStringW
GetStringTypeW
CompareStringW
WriteConsoleW
EnumSystemLocalesA
IsValidLocale
SetEnvironmentVariableA
GetDriveTypeW
GetProcessHeap
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
lstrcmpiA
FileTimeToSystemTime
GetACP
GetThreadLocale
InterlockedIncrement
lstrcpyA
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalGetAtomNameA
GlobalFindAtomA
InitializeCriticalSectionAndSpinCount
LoadLibraryW
lstrcmpW
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GlobalSize
LocalFree
lstrlenW
MulDiv
GlobalAddAtomA
GlobalUnlock
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
lstrlenA
FreeResource
GlobalFree
GlobalDeleteAtom
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
ActivateActCtx
DeactivateActCtx
GlobalLock
lstrcmpA
GlobalAlloc
InterlockedExchange
SuspendThread
SetThreadPriority
CopyFileA
RaiseException
GetDriveTypeA
FindResourceA
ExpandEnvironmentStringsA
GetFileType
PeekNamedPipe
FormatMessageA
VerSetConditionMask
VerifyVersionInfoA
SleepEx
WaitForMultipleObjects
QueryPerformanceCounter
ResetEvent
ReleaseSemaphore
CreateSemaphoreA
CreateEventA
SetEvent
VirtualAlloc
VirtualFree
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
FileTimeToDosDateTime
DosDateTimeToFileTime
GetVersionExA
LocalFileTimeToFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GetTempPathW
GetTempPathA
DeleteFileW
CreateDirectoryW
CreateDirectoryA
GetModuleHandleW
RemoveDirectoryA
SetFileAttributesW
SetFileAttributesA
GetSystemDirectoryW
GetWindowsDirectoryA
GetCurrentDirectoryW
GetCurrentDirectoryA
GetLogicalDriveStringsA
GetFileAttributesW
SetLastError
GetModuleHandleA
FindNextFileA
FindFirstFileW
FindFirstFileA
FindClose
GetStdHandle
GetFileInformationByHandle
SetEndOfFile
WriteFile
SetFileTime
ReadFile
SetFilePointer
GetFileSize
CreateFileW
AreFileApisANSI
WinExec
GetProcAddress
LoadLibraryA
FreeLibrary
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetFileAttributesA
DeleteFileA
GetModuleFileNameA
CreateFileMappingA
CreateFileA
LeaveCriticalSection
GetLastError
MapViewOfFile
UnmapViewOfFile
EnterCriticalSection
CloseHandle
DeleteCriticalSection
InitializeCriticalSection
GetSystemInfo
Sleep
WaitForSingleObject
ResumeThread
CreateThread
GetFullPathNameA
CompareStringA
GetVolumeInformationA
ExitProcess

user32

GetWindowRgn
IsMenu
UpdateLayeredWindow
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
UnionRect
GetKeyNameTextA
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
RegisterClipboardFormatA
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableA
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyA
ToAsciiEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateA
GetSystemMenu
LoadMenuW
SetClassLongA
GetAsyncKeyState
NotifyWinEvent
DestroyAcceleratorTable
SetParent
IsZoomed
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadImageA
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorA
CopyImage
DestroyMenu
GetMenuItemInfoA
UnregisterClassA
DestroyIcon
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableA
OffsetRect
CharNextA
KillTimer
InvalidateRect
EnumDisplayMonitors
SystemParametersInfoA
SetRectEmpty
DeleteMenu
WaitMessage
ReleaseCapture
LoadCursorW
WindowFromPoint
SetCapture
LoadCursorA
GetSysColorBrush
RealChildWindowFromPoint
LoadIconA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
PtInRect
IntersectRect
InflateRect
CopyRect
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetWindowTextLengthA
GetWindowTextA
SetFocus
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
CheckDlgButton
UnhookWindowsHookEx
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxA
ShowOwnedPopups
SetCursor
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
RegisterWindowMessageA
GetWindow
DestroyCursor
SubtractRect
MapVirtualKeyExA
IsCharLowerA
GetDoubleClickTime
CharUpperBuffA
CopyIcon
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetUpdateRect
SetWindowContextHelpId
MapDialogRect
SetWindowPos
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuA
GetMenuState
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
CreateMenu
MapWindowPoints
EnableMenuItem
CheckMenuItem
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
PeekMessageA
ValidateRect
CharPrevExA
CharUpperA
CharUpperW
EnableWindow
GetWindowRect
GetCursorPos
GetKeyState
DrawIcon
GetSystemMetrics
IsIconic
SetTimer
SendMessageA
SetWindowRgn
GetClientRect
SetLayeredWindowAttributes
LoadIconW
PostThreadMessageA
PostMessageA
GetScrollPos
LoadAcceleratorsW

gdi32

CreateSolidBrush
CreateHatchBrush
CreateFontIndirectA
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
CreateDIBitmap
CreateCompatibleBitmap
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
GetBkColor
GetTextColor
GetRgnBox
GetTextExtentPoint32A
CreateDIBSection
CreateRoundRectRgn
SetViewportExtEx
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
StretchBlt
Rectangle
EnumFontFamiliesExA
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceA
SetPixelV
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
SetDIBColorTable
CreatePen
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateDCA
CopyMetaFileA
GetDeviceCaps
CreateBitmap
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
FillPath
SetPixel
CreateRectRgn
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectA
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
ScaleViewportExtEx

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

CryptAcquireContextA
CryptHashData
CryptReleaseContext
CryptDestroyHash
CryptGetHashParam
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegEnumKeyExA
RegEnumValueA
CryptCreateHash
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA

shell32

DragFinish
SHGetPathFromIDListA
ShellExecuteA
SHGetDesktopFolder
SHGetMalloc
SHBrowseForFolderA
SHAppBarMessage
DragQueryFileA
SHGetSpecialFolderLocation
SHGetFileInfoA

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

ole32

CoCreateInstance
CoInitialize
CoUninitialize
CoRevokeClassObject
DoDragDrop
OleFlushClipboard
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoCreateGuid
CLSIDFromProgID
CLSIDFromString
CoTaskMemFree
CoFreeUnusedLibraries
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoDisconnectObject
OleUninitialize
OleInitialize
CoInitializeEx
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoRegisterMessageFilter
OleIsCurrentClipboard
CreateStreamOnHGlobal
OleLockRunning

oleaut32

SafeArrayCreate
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SysAllocStringByteLen
LoadRegTypeLi
DispCallFunc
SysStringLen
VariantChangeType
VariantInit
VariantCopy
VariantClear
VarBstrFromDate
LoadTypeLi
SafeArrayUnaccessData
SysAllocString
SysAllocStringLen
SysFreeString

oledlg

ord8

urlmon

ObtainUserAgentString
UrlMkSetSessionOption

gdiplus

GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree

ws2_32

ioctlsocket
listen
accept
recvfrom
sendto
getaddrinfo
freeaddrinfo
connect
socket
closesocket
getpeername
getsockopt
htons
bind
ntohs
getsockname
setsockopt
WSAIoctl
send
recv
select
WSAGetLastError
__WSAFDIsSet
WSASetLastError
WSAStartup
WSACleanup
gethostname

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.9MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 364KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ctrl
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 230KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5e6071b325b5772f818abfd0066d767

Code Sign

72:d7:b7:22:d0:2a:98:fd:3e:79:14:43:61:d4:ad:ba:b0:4c:8b:77Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wldap32

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

urlmon

gdiplus

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 1.9MB - Virtual size: 1.8MB

.rdata Size: 364KB - Virtual size: 363KB

.data Size: 32KB - Virtual size: 88KB

.ctrl Size: 1KB - Virtual size: 1KB

.rsrc Size: 230KB - Virtual size: 229KB

.reloc Size: 200KB - Virtual size: 200KB

72:d7:b7:22:d0:2a:98:fd:3e:79:14:43:61:d4:ad:ba:b0:4c:8b:77
Signer

.text
Size: 1.9MB - Virtual size: 1.8MB

.rdata
Size: 364KB - Virtual size: 363KB

.data
Size: 32KB - Virtual size: 88KB

.ctrl
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 230KB - Virtual size: 229KB

.reloc
Size: 200KB - Virtual size: 200KB