2024-05-04_b85d3362b24c04f78f9bd208bf65d855_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-04_b85d3362b24c04f78f9bd208bf65d855_mafia
Size

2.1MB
MD5

b85d3362b24c04f78f9bd208bf65d855
SHA1

caf0f343b4440c94ed5d02857152a1ef1f7afb28
SHA256

6e5478b5a4682e2a52dbb1532c0ccd6648daac3713d828e4369c18bcbe97ef6b
SHA512

de7ecbfb09d871375ff4a357723705208aecd6b274c3b2aef7d8bfbcffe8aa5e98362ce6734c6b3f7d5ce1df81779b0c6c70ccec00e60a2ab693b3da1ca404dd
SSDEEP

49152:Kv6qCjvJhK0H+pH1f58XRASqlVoW4cPUpXEVP5DlnbBvtbXmA8xD+sxk5Dz:KS9hK0HEH1f5SA7VoW4cPaXEVP5Dh2AB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-04_b85d3362b24c04f78f9bd208bf65d855_mafia

Files

2024-05-04_b85d3362b24c04f78f9bd208bf65d855_mafia
.exe windows:5 windows x86 arch:x86

1d373837fe2322e823f2f98a1f1e50ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\_work\utv_win\mkvi_config_v1\Release\MkVI_Config.pdb

Imports

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentDirectoryW
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
GetConsoleMode
GetConsoleCP
SetHandleCount
HeapCreate
IsProcessorFeaturePresent
GetStringTypeW
LCMapStringW
GetStdHandle
IsValidCodePage
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetFileType
SetStdHandle
HeapSize
HeapQueryInformation
ExitThread
ExitProcess
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
RaiseException
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetTimeZoneInformation
GetDateFormatA
GetTimeFormatA
GetDriveTypeW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
DecodePointer
EncodePointer
FindResourceExW
VirtualProtect
SearchPathA
GetProfileIntA
GetNumberFormatA
GetTempPathA
SetErrorMode
GetOEMCP
GetCPInfo
GetCurrentDirectoryA
GetACP
lstrcpyA
GetSystemDirectoryW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
FindNextFileA
LocalAlloc
GetFileSizeEx
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileAttributesExA
GetShortPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
MoveFileA
CreateFileA
lstrcmpiA
GetThreadLocale
GetStringTypeExA
GlobalFlags
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
ReplaceFileA
SystemTimeToFileTime
GetFileAttributesA
ResumeThread
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
GetModuleHandleW
InterlockedExchange
lstrcmpA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
CompareStringA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
FreeLibrary
lstrcmpW
GetCurrentThreadId
GetCurrentProcessId
GetModuleFileNameA
FreeResource
GlobalSize
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
Sleep
GetTickCount
DeleteFileA
CopyFileA
CreateDirectoryA
GlobalFree
GlobalAlloc
MultiByteToWideChar
FindResourceA
GetWindowsDirectoryA
MulDiv
ActivateActCtx
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetLastError
DeactivateActCtx
SetLastError
GetExitCodeThread
CloseHandle
SetEvent
SetThreadPriority
CreateThread
CreateEventA
WaitForSingleObject
InterlockedDecrement
InterlockedIncrement
lstrlenA
lstrcpynA
FindResourceW
LoadResource
LockResource
SizeofResource
CompareStringW
WideCharToMultiByte

user32

UnpackDDElParam
ReuseDDElParam
DestroyMenu
DestroyIcon
LoadAcceleratorsA
IsIconic
InsertMenuItemA
CreatePopupMenu
IntersectRect
SetRectEmpty
TranslateAcceleratorA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CheckDlgButton
GetMenuCheckMarkDimensions
LoadIconW
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetClassLongA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetForegroundWindow
DispatchMessageA
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
GetScrollPos
SetForegroundWindow
ShowScrollBar
ValidateRect
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowPos
GetWindow
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
EndPaint
BeginPaint
GetWindowDC
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxA
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindowEnabled
GetNextDlgTabItem
EndDialog
AppendMenuA
InsertMenuA
GetDlgItem
LockWindowUpdate
GetFocus
GrayStringA
IsRectEmpty
TabbedTextOutA
DrawTextA
GetCursorPos
SetScrollPos
BringWindowToTop
IsWindow
RegisterWindowMessageA
IsWindowVisible
GetWindowRgn
EndDeferWindowPos
DeferWindowPos
EqualRect
BeginDeferWindowPos
SetWindowLongA
GetClassNameA
ScreenToClient
GetSystemMetrics
GetWindowLongA
GetWindowTextA
PtInRect
CopyIcon
LoadCursorA
DestroyCursor
SetMenuItemBitmaps
RemoveMenu
ModifyMenuA
GetMenuItemInfoA
GetMenuStringA
GetMenuState
GetMenuItemID
GetMenuItemCount
EnableMenuItem
CheckMenuItem
LoadMenuA
LoadMenuW
ReleaseDC
GetDC
GetIconInfo
LoadImageA
LoadBitmapW
PostMessageA
EnableWindow
SendMessageA
SetTimer
IsZoomed
TranslateMessage
DrawEdge
OffsetRect
DrawStateA
DrawFocusRect
GetSysColorBrush
FrameRect
InflateRect
CopyRect
DrawFrameControl
FillRect
SetCursor
GetSubMenu
GetWindowRect
ReleaseCapture
WindowFromPoint
ClientToScreen
MapDialogRect
SubtractRect
MapVirtualKeyExA
IsCharLowerA
GetDoubleClickTime
GetUpdateRect
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
IsClipboardFormatAvailable
CharUpperBuffA
RegisterClipboardFormatA
LoadImageW
SetCapture
GetCapture
GetActiveWindow
GetNextDlgGroupItem
GetParent
InvalidateRect
GetClientRect
GetSysColor
UpdateWindow
KillTimer
RedrawWindow
DeleteMenu
GetSystemMenu
SetParent
MonitorFromPoint
SetCursorPos
LoadCursorW
DrawTextExA
PostQuitMessage
GetMessageA
ShowOwnedPopups
SystemParametersInfoA
DrawIcon
SetWindowRgn
SetRect
GetKeyNameTextA
MapVirtualKeyA
RealChildWindowFromPoint
CharUpperA
EnumDisplayMonitors
WaitMessage
SetLayeredWindowAttributes
MessageBeep
NotifyWinEvent
GetAsyncKeyState
UnionRect
EnableScrollBar
UpdateLayeredWindow
IsMenu
SetMenuDefaultItem
GetMenuDefaultItem
CopyImage
GetDCEx
LoadAcceleratorsW
CopyAcceleratorTableA
CreateMenu
PostThreadMessageA
GetTabbedTextExtentW
UnregisterClassA
DestroyAcceleratorTable
SetClassLongA
DrawIconEx
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableA
InvertRect
HideCaret
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard

gdi32

SetROP2
SetStretchBltMode
SetTextColor
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocA
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateBitmap
SelectPalette
GetObjectType
CreatePen
CreateHatchBrush
GetTextMetricsA
SetPolyFillMode
StretchDIBits
PatBlt
CreateEllipticRgn
LPtoDP
Ellipse
CreateDIBSection
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetViewportOrgEx
Rectangle
CreateRectRgnIndirect
CombineRgn
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
CreateRoundRectRgn
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetTextAlign
GetTextFaceA
GetTextExtentPointA
GetTextExtentPoint32W
GetWindowOrgEx
CreatePolygonRgn
Polyline
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
GetRgnBox
SetDIBColorTable
StretchBlt
EnumFontFamiliesExA
ExtFloodFill
SetPaletteEntries
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
SetPixelV
SetBkColor
SetBkMode
RestoreDC
SaveDC
CreateDCA
CopyMetaFileA
CreateFontA
CreateSolidBrush
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetBkColor
GetCurrentObject
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
SetRectRgn
OffsetRgn
CreateRectRgn
DPtoLP
GetTextExtentPoint32A
SetPixel
GetDeviceCaps
DeleteObject
CreateFontIndirectA
GetCharWidthA
GetStockObject
GetObjectA

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

GetJobA
OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExW
RegSetValueA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumKeyExA
RegEnumValueA
RegCloseKey
GetFileSecurityA
SetFileSecurityA

shell32

SHAppBarMessage
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
ExtractIconA
SHAddToRecentDocs
SHGetFileInfoA
DragQueryFileA
DragFinish
ShellExecuteA
DragAcceptFiles
SHBrowseForFolderA

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

UrlUnescapeA
PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathRemoveExtensionA
PathFindExtensionA
PathRemoveFileSpecW

ole32

DoDragDrop
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CreateStreamOnHGlobal
CoInitialize
CoInitializeEx
CoCreateInstance
CoUninitialize
CoCreateGuid
OleDuplicateData
ReleaseStgMedium
StringFromCLSID
CoTaskMemFree
OleLockRunning
RevokeDragDrop
RegisterDragDrop
OleGetClipboard
CoLockObjectExternal
CoTaskMemAlloc

oleaut32

VarBstrFromDate
SysAllocString
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime

ws2_32

ioctlsocket
recv
send
connect
setsockopt
closesocket
socket
WSACleanup
WSAStartup
getsockopt
WSAGetLastError
WSASetLastError

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusShutdown

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

wininet

InternetSetOptionExA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetOpenUrlA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
HttpQueryInfoA
InternetQueryDataAvailable
InternetQueryOptionA

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 321KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 221KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 187KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d373837fe2322e823f2f98a1f1e50ba

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

ws2_32

gdiplus

oleacc

wininet

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 321KB - Virtual size: 321KB

.data Size: 26KB - Virtual size: 59KB

.rsrc Size: 221KB - Virtual size: 220KB

.reloc Size: 187KB - Virtual size: 187KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 321KB - Virtual size: 321KB

.data
Size: 26KB - Virtual size: 59KB

.rsrc
Size: 221KB - Virtual size: 220KB

.reloc
Size: 187KB - Virtual size: 187KB