2024-05-07_1765892ac40d19226a43d6067765a55a_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-07_1765892ac40d19226a43d6067765a55a_mafia
Size

2.4MB
MD5

1765892ac40d19226a43d6067765a55a
SHA1

bbb6b59dc63549237dcbfdb560e830e7010fcdf4
SHA256

6ff0f3a829218e3e1951bd1caee2460ffaed30680481c756dc3f70d75672bd7f
SHA512

47b0d199546267c6da7fc200fd394e988501c08ed1b490bbccc80a91b07fc5a32a2b722b43442c5b7fd2ec6c9e1b4e9cc8e4f93c3fa919eb70c53ce8287c47b2
SSDEEP

49152:PwM3ygV1kIKEFiSGqLkogPPd3sKeBgQ6V+heb3gVNdX63Bax4q9p5U:4M3TmIKdSGnogPV3sKeBgQg+hei63Ix5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-07_1765892ac40d19226a43d6067765a55a_mafia

Files

2024-05-07_1765892ac40d19226a43d6067765a55a_mafia
.exe windows:5 windows x86 arch:x86

c809617d2c6bb2081ddf0db28f746820

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\wti\sw1\exe\CameraDisplay.pdb

Imports

avformat-54

avformat_open_input
av_find_stream_info
av_close_input_file
av_register_all
av_read_frame

avcodec-54

avcodec_open
avcodec_find_decoder
avcodec_register_all
avcodec_flush_buffers
avcodec_alloc_frame
avcodec_alloc_context
avcodec_close
av_init_packet
avcodec_decode_video2
avpicture_fill
av_picture_copy
av_free_packet

avutil-52

av_free
av_log_set_callback
av_get_cpu_flags
av_malloc

swscale-2

sws_scale
sws_getCachedContext
sws_freeContext

d3dx9_43

D3DXCreateFontIndirectW
D3DXMatrixTransformation2D
D3DXCreateSprite
D3DXCreateLine
D3DXMatrixLookAtRH
D3DXMatrixOrthoOffCenterRH
D3DXCreateTextureFromResourceExW
D3DXFillTexture

d3d9

Direct3DCreate9

dxva2

DXVA2CreateDirect3DDeviceManager9

iphlpapi

GetAdaptersInfo

kernel32

GetCommandLineW
GetStartupInfoW
EncodePointer
DecodePointer
HeapFree
GetSystemTimeAsFileTime
GetTimeZoneInformation
HeapAlloc
RtlUnwind
RaiseException
HeapReAlloc
ExitProcess
ExitThread
HeapSize
HeapQueryInformation
VirtualAlloc
GetSystemInfo
VirtualQuery
SetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
GetConsoleCP
GetConsoleMode
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
GetFileAttributesExW
FileTimeToLocalFileTime
GetShortPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
lstrcmpiW
GetStringTypeExW
GetCurrentDirectoryW
GetThreadLocale
lstrcpyW
GetSystemDirectoryW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
VirtualProtect
GlobalGetAtomNameW
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
SetFileTime
SearchPathW
SystemTimeToFileTime
GetUserDefaultLCID
ReleaseActCtx
CreateActCtxW
CreateSemaphoreW
lstrlenA
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
ResumeThread
SetThreadPriority
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
CompareStringA
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
GetCurrentProcessId
CopyFileW
MulDiv
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
InitializeCriticalSectionAndSpinCount
FreeLibrary
lstrcmpW
ActivateActCtx
DeactivateActCtx
SetLastError
WideCharToMultiByte
lstrlenW
GetSystemTime
GetLocalTime
Sleep
QueryPerformanceCounter
QueryPerformanceFrequency
CreateThread
ReleaseSemaphore
GetTickCount
MultiByteToWideChar
GetProcAddress
GetModuleHandleW
GetVersionExA
CreateDirectoryW
MoveFileW
DeleteFileW
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
GetFileAttributesW
GetModuleFileNameW
GetLastError
LocalFree
FormatMessageW
LoadLibraryW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WaitForSingleObject
ResetEvent
SetEvent
CreateEventW
GlobalSize
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
FileTimeToSystemTime
GetFileTime
WriteFile
SetFilePointerEx
GetFileSizeEx
ReadFile
CloseHandle
CreateFileW
FindResourceW
LoadResource
LockResource
SizeofResource
GetProfileIntW
SetErrorMode
GetWindowsDirectoryW
GetNumberFormatW
GetTempPathW
FindResourceExW
ReplaceFileW
LocalFileTimeToFileTime
HeapSetInformation
InterlockedCompareExchange

user32

InvertRect
HideCaret
EnableScrollBar
GetIconInfo
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
UpdateLayeredWindow
IsMenu
CreateMenu
WaitMessage
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
CopyIcon
CharUpperBuffW
GetDoubleClickTime
IsCharLowerW
MapVirtualKeyExW
SubtractRect
DestroyCursor
GetWindowRgn
SetLayeredWindowAttributes
EnumDisplayMonitors
CopyImage
RealChildWindowFromPoint
GetSystemMenu
DeleteMenu
IsZoomed
SystemParametersInfoW
GetMenuItemInfoW
InflateRect
GetAsyncKeyState
UnpackDDElParam
ReuseDDElParam
DestroyMenu
GetMenuBarInfo
LoadImageW
DestroyIcon
ReleaseCapture
LoadAcceleratorsW
InsertMenuItemW
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorW
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatW
ShowOwnedPopups
SetCursor
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetWindowDC
GrayStringW
DrawTextExW
TabbedTextOutW
GetMenuStringW
AppendMenuW
InsertMenuW
RemoveMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
IsWindowEnabled
SetWindowTextW
IsDialogMessageW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
GetMenuDefaultItem
GetTopWindow
GetMessageTime
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
ValidateRect
UpdateWindow
GetMenuItemID
GetMenuItemCount
MessageBoxW
GetClassInfoExW
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
CallWindowProcW
GetMenu
MapVirtualKeyW
GetKeyNameTextW
ReleaseDC
GetDC
GetMonitorInfoW
GetMessagePos
MessageBeep
SetMenuDefaultItem
GetSubMenu
LoadMenuW
ScreenToClient
ClientToScreen
MoveWindow
AttachThreadInput
SetWindowLongW
SetParent
SetActiveWindow
ShowWindow
GetClassNameW
GetDlgCtrlID
GetWindowTextW
GetWindow
GetWindowLongW
SetWindowPos
GetDlgItem
LoadBitmapW
LoadIconW
IsWindowVisible
PtInRect
GetCursorPos
SetFocus
EndPaint
IsRectEmpty
BeginPaint
ShowCursor
SetTimer
KillTimer
PostQuitMessage
DispatchMessageW
TranslateMessage
GetMessageW
SetRectEmpty
PostThreadMessageW
LoadCursorW
CopyRect
MonitorFromWindow
PeekMessageW
PostMessageW
UnregisterClassW
DestroyWindow
CreateWindowExW
RegisterClassW
GetClassInfoW
DefWindowProcW
EqualRect
IntersectRect
OffsetRect
SystemParametersInfoA
GetWindowRect
GetWindowPlacement
IsIconic
GetSystemMetrics
DrawTextW
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawEdge
DrawIconEx
DrawStateW
SetClassLongW
NotifyWinEvent
DestroyAcceleratorTable
LockWindowUpdate
GetDCEx
WindowFromPoint
SetWindowRgn
DrawIcon
UnionRect
SetRect
GetClientRect
SetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
GetSysColorBrush
GetFocus
DrawFrameControl
DrawFocusRect
FillRect
GetSysColor
IsChild
GetNextDlgGroupItem
SetCapture
InvalidateRgn
CopyAcceleratorTableW
CharNextW
CharUpperW
EndDeferWindowPos
GetParent
InvalidateRect
IsWindow
SendMessageW
EnableWindow
UnhookWindowsHookEx

gdi32

SetMapMode
SetROP2
IntersectClipRect
RectVisible
TextOutW
ExtTextOutW
Escape
ExcludeClipRect
SetPolyFillMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateHatchBrush
GetCharWidthW
CreateFontW
StretchDIBits
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
CreateDIBitmap
SetBkMode
GetTextCharsetInfo
GetRgnBox
SaveDC
CreateEllipticRgn
LPtoDP
Ellipse
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
Polyline
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
SetPixel
Rectangle
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceW
SetPixelV
CreateRectRgn
SelectClipRgn
EnumFontFamiliesW
RestoreDC
SetLayout
GetLayout
CreateDCW
CopyMetaFileW
GetDeviceCaps
CreateBitmap
SetBkColor
SetTextColor
PatBlt
CreateRectRgnIndirect
DeleteObject
DeleteDC
StretchBlt
SelectObject
GetClipBox
CreateFontIndirectW
GetPixel
GetTextExtentPoint32W
CreateCompatibleBitmap
GetTextMetricsW
CreateCompatibleDC
GetObjectW
GetBkColor
CreateSolidBrush
PtVisible
BitBlt
GetWindowExtEx
EnumFontFamiliesExW
GetTextColor
SetTextAlign
MoveToEx
LineTo
GetViewportExtEx

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExW
RegSetValueW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
SetFileSecurityW
GetFileSecurityW
RegCloseKey

shell32

SHGetSpecialFolderLocation
SHGetFolderPathW
SHChangeNotify
DragAcceptFiles
DragFinish
DragQueryFileW
SHAddToRecentDocs
SHBrowseForFolderW
SHAppBarMessage
ShellExecuteW
SHGetPathFromIDListW
SHGetDesktopFolder
SHGetFileInfoW
ExtractIconW

comctl32

ord410
ord412
ord413
InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindExtensionW
PathRemoveExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
SHDeleteKeyW
PathRemoveFileSpecW

ole32

StringFromCLSID
DoDragDrop
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoGetClassObject
CoUninitialize
CoInitialize
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
ReleaseStgMedium
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoCreateGuid
CoTaskMemFree
CoCreateInstance
OleRun
OleDuplicateData

oleaut32

VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
OleCreateFontIndirect
SysStringLen
SysAllocString

oledlg

OleUIBusyW

ws2_32

ntohl
htonl
htons
WSAGetLastError
__WSAFDIsSet
WSAStartup
WSACleanup
gethostbyname
ioctlsocket
recvfrom
select
setsockopt
sendto
bind
socket
getsockname
connect
closesocket
send
getsockopt
gethostname
ntohs
inet_addr
inet_ntoa

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipCreateBitmapFromStream
GdipBitmapUnlockBits
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusShutdown
GdipDrawImageI

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW
timeEndPeriod
timeBeginPeriod
timeGetDevCaps

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 391KB - Virtual size: 390KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 218KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c809617d2c6bb2081ddf0db28f746820

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

avformat-54

avcodec-54

avutil-52

swscale-2

d3dx9_43

d3d9

dxva2

iphlpapi

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

ws2_32

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 391KB - Virtual size: 390KB

.data Size: 58KB - Virtual size: 98KB

.rsrc Size: 77KB - Virtual size: 76KB

.reloc Size: 218KB - Virtual size: 217KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 391KB - Virtual size: 390KB

.data
Size: 58KB - Virtual size: 98KB

.rsrc
Size: 77KB - Virtual size: 76KB

.reloc
Size: 218KB - Virtual size: 217KB