2024-05-10_256f1440dc46421ef5f2b9e4793405e2_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-10_256f1440dc46421ef5f2b9e4793405e2_mafia
Size

2.6MB
MD5

256f1440dc46421ef5f2b9e4793405e2
SHA1

8ceddba2b86fdace17ed9ec0587d23340a052402
SHA256

74abcd492c1db2bd07d13253c453d68f2324e8d9df7d368148e52dd4ac2d2df2
SHA512

c11d7c2c568b5b7697eb484927077d92dd35d4f0cb8ce5cbdeda34697c98dcf28246d7ce246d29e6d20e6b2109b5a94bff52e73ae1ed5d8423689156a0c16770
SSDEEP

49152:HFlLAPzCLx9lD1mAojfgPzxVsvaEfXaWx9BJsNVbL+DRABqg9+vRNfdz2ghg:OCV/oAojfgPsvrfXaWx9BJsfsRABCvRD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-10_256f1440dc46421ef5f2b9e4793405e2_mafia

Files

2024-05-10_256f1440dc46421ef5f2b9e4793405e2_mafia
.exe windows:5 windows x86 arch:x86

688e06537c963a9ceab5d518cfb74c07

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\dev\Measure\Release\TakeoffPro.pdb

Imports

kernel32

CreateFileA
SetEnvironmentVariableA
InterlockedCompareExchange
WriteConsoleW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
LCMapStringW
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
IsProcessorFeaturePresent
GetStringTypeW
IsValidCodePage
GetOEMCP
GetACP
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapCreate
SetHandleCount
SizeofResource
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
GetFileType
SetStdHandle
HeapSize
HeapQueryInformation
ExitProcess
HeapReAlloc
RaiseException
RtlUnwind
GetCPInfo
ExitThread
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapFree
HeapAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
VirtualProtect
SearchPathW
Sleep
GetProfileIntW
GetTickCount
InitializeCriticalSectionAndSpinCount
GetNumberFormatW
GetWindowsDirectoryW
SetErrorMode
GetFileSizeEx
LocalFileTimeToFileTime
GetFileAttributesExW
FileTimeToLocalFileTime
GetCurrentDirectoryW
lstrcpyW
GlobalFlags
FileTimeToSystemTime
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
GetShortPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
WriteFile
MoveFileW
lstrcmpiW
GetThreadLocale
GetStringTypeExW
lstrlenA
GetDiskFreeSpaceW
GetFullPathNameW
GetFileTime
SetFileTime
ReplaceFileW
SystemTimeToFileTime
GetFileAttributesW
GetUserDefaultLCID
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringA
ReleaseActCtx
CreateActCtxW
SetThreadPriority
GlobalGetAtomNameW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
GetModuleHandleW
FreeLibrary
GetProcAddress
CompareStringW
LoadLibraryW
ActivateActCtx
DeactivateActCtx
lstrcmpW
SetLastError
CopyFileW
GlobalSize
LocalAlloc
ResetEvent
SetEvent
ResumeThread
GlobalFree
CreateEventW
CreateFileMappingW
SetEndOfFile
SetFilePointer
MulDiv
GlobalUnlock
FreeResource
GlobalLock
GlobalAlloc
InterlockedDecrement
InterlockedIncrement
DeleteFileW
GetTempFileNameW
GetTempPathW
ReadFile
GetFileSize
CreateDirectoryW
WideCharToMultiByte
lstrlenW
SetUnhandledExceptionFilter
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
LocalFree
GetLastError
FormatMessageW
CreateFileW
GetModuleFileNameW
CloseHandle
WaitForSingleObject
CreateThread
MultiByteToWideChar
InterlockedExchange
EnterCriticalSection
LeaveCriticalSection
FindResourceW
LoadResource
LockResource
GetProcessHeap

user32

CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFrameControl
DrawStateW
SetClassLongW
DestroyAcceleratorTable
DrawIconEx
GetNextDlgGroupItem
CopyImage
GetIconInfo
MessageBeep
NotifyWinEvent
EnableScrollBar
HideCaret
DrawFocusRect
InvertRect
GetAsyncKeyState
GetMenuDefaultItem
RedrawWindow
GetTabbedTextExtentW
PostThreadMessageW
CreateMenu
CopyAcceleratorTableW
UnregisterClassW
SetParent
GetSystemMenu
DeleteMenu
SetLayeredWindowAttributes
EnumDisplayMonitors
RealChildWindowFromPoint
CharUpperW
DestroyCursor
SetWindowRgn
DrawIcon
SystemParametersInfoW
ShowOwnedPopups
PostQuitMessage
IsZoomed
GetSystemMetrics
WindowFromPoint
KillTimer
SetTimer
GetMessageW
TranslateMessage
ValidateRect
UnpackDDElParam
ReuseDDElParam
LoadMenuW
DestroyMenu
LoadImageW
DestroyIcon
LoadAcceleratorsW
IsIconic
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
MapVirtualKeyW
GetKeyNameTextW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
TabbedTextOutW
SetCursorPos
MoveWindow
SetWindowTextW
GetDoubleClickTime
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemInt
CheckDlgButton
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
GetWindowRect
FillRect
InvalidateRect
EnableWindow
IsRectEmpty
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
LockWindowUpdate
IsClipboardFormatAvailable
WaitMessage
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
IsCharLowerW
MapVirtualKeyExW
UpdateLayeredWindow
MonitorFromPoint
IsMenu
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
SetMenuDefaultItem
FrameRect
GetUpdateRect
RegisterClipboardFormatW
CopyIcon
ShowWindow
CharUpperBuffW
GetDC
DrawTextW
IntersectRect
EqualRect
SendMessageW
MessageBoxA
SubtractRect
GetWindowRgn
MapDialogRect
IsDialogMessageW
PostMessageW
GetClientRect
GetMenuItemCount
GetMenuItemInfoW
SetMenuItemInfoW
AdjustWindowRect
GetWindowLongW
ReleaseDC
CopyRect
LoadBitmapW
DrawEdge
MessageBoxW
UpdateWindow
OffsetRect
GetSysColorBrush
GetCursorPos
ScreenToClient
PtInRect
SetCursor
LoadCursorW
CreatePopupMenu
AppendMenuW
SetRectEmpty
UnionRect
InflateRect
SetCapture
ReleaseCapture
SetRect
GetSysColor
RemoveMenu
GetSubMenu
InsertMenuW
GetMenuItemID
GetMenuStringW
GetMenuState
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
IsWindow
DestroyWindow
CreateDialogIndirectParamW
DrawMenuBar

gdi32

GetObjectType
CreatePen
CreateHatchBrush
CreateRectRgnIndirect
PatBlt
GetBkColor
GetTextMetricsW
GetCharWidthW
CreateFontW
StretchDIBits
SetRectRgn
CombineRgn
DPtoLP
CreateEllipticRgn
LPtoDP
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetTextColor
GetTextAlign
GetTextFaceW
GetWindowOrgEx
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreateRoundRectRgn
CreatePolygonRgn
Polyline
Polygon
SetPixel
OffsetRgn
GetRgnBox
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
SetArcDirection
SetLayout
SelectPalette
CreatePatternBrush
CreateBitmap
ExtSelectClipRgn
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
StartDocW
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
GetStretchBltMode
DeleteObject
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
CreateDCW
CopyMetaFileW
SelectClipRgn
GetDIBColorTable
StretchBlt
Ellipse
Rectangle
Arc
GetCurrentObject
GetViewportOrgEx
CreateCompatibleBitmap
GetTextExtentPoint32W
GetDeviceCaps
SetBrushOrgEx
CreateSolidBrush
BitBlt
CreateFontIndirectW
SetBkMode
GetStockObject
EnumFontFamiliesExW
CreateCompatibleDC
SetDIBColorTable
SelectObject
DeleteDC
CreateDIBSection
GetObjectW

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetSaveFileNameW
GetFileTitleW

winspool.drv

GetJobW
DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

GetFileSecurityW
RegCreateKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegSetValueW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW
RegEnumValueW
RegOpenKeyW
SetFileSecurityW
RegQueryValueW
RegEnumKeyW

shell32

DragAcceptFiles
SHGetFolderPathW
DragFinish
DragQueryFileW
SHGetFileInfoW
SHAddToRecentDocs
SHAppBarMessage
SHBrowseForFolderW
ShellExecuteW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetDesktopFolder
ExtractIconW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathAppendW
PathFindFileNameW
PathRemoveFileSpecW
PathRemoveExtensionW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoInitialize
CoCreateGuid
OleDuplicateData
StringFromCLSID
CoTaskMemAlloc
ReleaseStgMedium
OleGetClipboard
OleLockRunning
CoLockObjectExternal
RevokeDragDrop
RegisterDragDrop
DoDragDrop
CoTaskMemFree
CoUninitialize
OleRun
CoCreateInstance
CLSIDFromProgID
CreateStreamOnHGlobal
CoInitializeEx

oleaut32

SysFreeString
OleLoadPicture
SysAllocString
VariantClear
SysAllocStringLen
VariantChangeType
VariantInit
VarBstrFromDate
SysStringLen
CreateErrorInfo
SystemTimeToVariantTime
VariantTimeToSystemTime
VarDateFromStr
GetErrorInfo

gdiplus

GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipGetImageDecodersSize
GdipGetImageDecoders
GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipGetImageHeight
GdipGetImageWidth
GdipLoadImageFromStream
GdiplusStartup
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage
GdipSaveImageToFile
GdiplusShutdown

pdf

OpenPdf
GetPdfHeight
GetPdfWidth
DrawPdf
GetPdfPageCount

dbghelp

MiniDumpWriteDump

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 645KB - Virtual size: 645KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

688e06537c963a9ceab5d518cfb74c07

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

pdf

dbghelp

oleacc

imm32

winmm

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 330KB - Virtual size: 329KB

.data Size: 27KB - Virtual size: 57KB

.rsrc Size: 645KB - Virtual size: 645KB

.reloc Size: 184KB - Virtual size: 183KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 330KB - Virtual size: 329KB

.data
Size: 27KB - Virtual size: 57KB

.rsrc
Size: 645KB - Virtual size: 645KB

.reloc
Size: 184KB - Virtual size: 183KB