2024-05-12_437cb883a7f37a2cb14d242816605507_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-12_437cb883a7f37a2cb14d242816605507_mafia
Size

4.0MB
MD5

437cb883a7f37a2cb14d242816605507
SHA1

8e100be07f78d49226afb642f5eb20cfb29656a8
SHA256

6924e34272e148f759ead90bf2445784f2c7bc892be741d8ea7a531d96df48ad
SHA512

d8a0311968924b55e17f9a5ff61e7c3a6a44a17c2ce73310a4a27876e68298bc94816ea3c83adef24f057b06482d3a42a723cc4b25f909ae48083f8647403dbb
SSDEEP

98304:rO8qnCP96V+ZbWeqTS/rQ2gVWNQG9N09+17J0UFK0Du0k10/X6Poj9ghi1RebMIX:rGnCPaVWDQ6N04pk10/X6PojDIg9Cbki

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-12_437cb883a7f37a2cb14d242816605507_mafia

Files

2024-05-12_437cb883a7f37a2cb14d242816605507_mafia
.exe windows:5 windows x86 arch:x86

d2170b6dad07b0fc2c3a1dd97af141aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\S.Sakaniwa\Documents\Visual Studio 2010\Projects\Pioneer\AF-CR1000-PC\Release\AF-CR1000-PC.pdb

Imports

kernel32

GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetDriveTypeW
CompareStringW
GetConsoleCP
GetStringTypeW
GetCurrentDirectoryW
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
GetTimeZoneInformation
GetStdHandle
LCMapStringW
IsValidCodePage
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetFileType
SetStdHandle
HeapSize
HeapQueryInformation
CreateThread
ExitThread
VirtualQuery
WideCharToMultiByte
VirtualAlloc
RaiseException
HeapReAlloc
ExitProcess
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapFree
HeapAlloc
FreeEnvironmentStringsW
GetDateFormatA
GetTimeFormatA
DecodePointer
EncodePointer
FindResourceExW
GetNumberFormatA
GetWindowsDirectoryA
VirtualProtect
SearchPathA
GetProfileIntA
SetErrorMode
GetTempPathA
GetACP
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
GetSystemDirectoryW
GetCurrentDirectoryA
FindNextFileA
GetShortPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
HeapCreate
GetThreadLocale
GetStringTypeExA
GetFileSizeEx
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
SetFileAttributesA
GetFileAttributesExA
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
ReplaceFileA
SystemTimeToFileTime
GetFileAttributesA
ResumeThread
SetThreadPriority
lstrcpyA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
InitializeCriticalSectionAndSpinCount
LoadLibraryW
lstrcmpW
GlobalSize
GlobalUnlock
lstrlenW
FindResourceA
FreeResource
GlobalFree
GetCurrentProcessId
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
lstrlenA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
CompareStringA
GlobalLock
lstrcmpA
GlobalAlloc
GetModuleHandleW
FreeLibrary
InterlockedExchange
LocalFree
FormatMessageA
QueryDosDeviceA
GetLogicalDrives
DeviceIoControl
CreateFileA
GetDriveTypeA
GlobalMemoryStatusEx
GetSystemInfo
GetModuleFileNameA
GetVersionExA
WaitForSingleObject
SetEvent
CreateEventA
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MulDiv
DeleteFileA
GetTickCount
MoveFileWithProgressA
CopyFileExA
MoveFileA
RemoveDirectoryA
CopyFileA
ActivateActCtx
GetProcAddress
GetModuleHandleA
LoadLibraryA
DeactivateActCtx
SetLastError
InterlockedDecrement
InterlockedIncrement
GetDiskFreeSpaceExA
Sleep
CloseHandle
ReleaseMutex
GetLastError
CreateMutexA
FindResourceW
LoadResource
LockResource
SizeofResource
GetConsoleMode

user32

EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
EnumChildWindows
SetClassLongA
SetParent
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CopyAcceleratorTableA
RealChildWindowFromPoint
SetLayeredWindowAttributes
EnumDisplayMonitors
GetMenuItemInfoA
LoadBitmapA
IsMenu
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadImageA
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorA
CharUpperBuffA
LockWindowUpdate
DrawIconEx
DrawFocusRect
DrawFrameControl
DrawEdge
CopyImage
GetIconInfo
DestroyIcon
GetAsyncKeyState
GetSystemMenu
DeleteMenu
IntersectRect
DestroyAcceleratorTable
NotifyWinEvent
CharUpperA
LoadCursorW
DrawIcon
IsRectEmpty
SetRectEmpty
ShowOwnedPopups
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
DestroyMenu
WaitMessage
PostThreadMessageA
LoadMenuW
MapVirtualKeyA
GetKeyNameTextA
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DrawStateA
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
LoadImageW
GetDlgItemInt
CheckDlgButton
GetSysColorBrush
MonitorFromPoint
GetSystemMetrics
GetCursorPos
FillRect
InflateRect
RegisterWindowMessageA
LoadIconW
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
ValidateRect
CreateWindowExA
GetClassInfoExA
RegisterClassA
GetSysColor
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
CopyRect
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetSubMenu
RemoveMenu
SetWindowContextHelpId
CharNextA
SetRect
InvalidateRgn
GetNextDlgGroupItem
UnionRect
EnableScrollBar
UpdateLayeredWindow
SetMenuDefaultItem
GetMenuDefaultItem
UnregisterClassA
IsClipboardFormatAvailable
SetCursorPos
FrameRect
CopyIcon
MapDialogRect
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
RegisterClipboardFormatA
SystemParametersInfoA
OffsetRect
MessageBeep
IsZoomed
GetDoubleClickTime
DefFrameProcA
DefMDIChildProcA
PostQuitMessage
GetMenuItemCount
DispatchMessageA
GetWindowRgn
CreateMenu
HideCaret
InvertRect
SubtractRect
GetUpdateRect
MapVirtualKeyExA
IsCharLowerA
DestroyCursor
TranslateMDISysAccel
DrawMenuBar
TranslateMessage
PeekMessageA
SetWindowPlacement
GetWindowPlacement
ShowWindow
SetWindowPos
wsprintfA
ReleaseDC
SetWindowRgn
GetWindowRect
RedrawWindow
PtInRect
WindowFromPoint
ClientToScreen
KillTimer
PostMessageA
SetActiveWindow
SetForegroundWindow
IsIconic
GetClassInfoA
SetTimer
IsWindowVisible
GetParent
GetFocus
GetDC
ReleaseCapture
SetCapture
LoadCursorA
SetCursor
GetClientRect
IsWindow
ScreenToClient
LoadBitmapW
InvalidateRect
EnableWindow
SendMessageA
UpdateWindow
SetPropA
FindWindowA
GetPropA
GetDesktopWindow
GetWindow
GetMessageA

gdi32

GetObjectType
CreatePen
CreateHatchBrush
CreateRectRgnIndirect
PatBlt
CreateFontIndirectA
CreateEllipticRgn
DPtoLP
LPtoDP
Ellipse
CreateDIBSection
GetTextMetricsA
CreatePolygonRgn
GetBkColor
GetTextColor
Polyline
Polygon
SetRectRgn
GetMapMode
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
OffsetRgn
GetRgnBox
SetDIBColorTable
GetDIBits
RealizePalette
SetPixel
Rectangle
ExtFloodFill
SelectPalette
GetPaletteEntries
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
EnumFontFamiliesExA
GetTextFaceA
SetPixelV
SelectClipRgn
CreatePatternBrush
CreateBitmap
SetLayout
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
CreatePalette
GetTextExtentPoint32A
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetStockObject
DeleteObject
CreateRoundRectRgn
SetBkColor
SetTextColor
CreateDCA
CopyMetaFileA
CombineRgn
GetPixel
CreateRectRgn
GetObjectA
StretchBlt
RoundRect
StrokeAndFillPath
EndPath
BeginPath
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetDeviceCaps
CreateFontA
CreateSolidBrush

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegOpenKeyExW
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegSetValueA
RegEnumKeyA
RegQueryValueA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
GetFileSecurityA
SetFileSecurityA

shell32

SHGetDesktopFolder
ord4
ShellExecuteA
SHGetPathFromIDListA
SHFileOperationA
SHBrowseForFolderA
SHGetFileInfoA
ExtractIconA
SHGetMalloc
SHGetSpecialFolderLocation
ord2
SHAddToRecentDocs
SHAppBarMessage
DragQueryFileA
DragFinish

comctl32

InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Create
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Destroy
ImageList_DrawEx

shlwapi

PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathStripToRootA
ord219
PathIsUNCA

ole32

OleLockRunning
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateStreamOnHGlobal
CoInitializeEx
OleDuplicateData
CoTaskMemAlloc
RevokeDragDrop
StringFromCLSID
CoLockObjectExternal
RegisterDragDrop
DoDragDrop
OleGetClipboard
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoCreateGuid
PropVariantClear
CoCreateInstance
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoTaskMemFree
CoUninitialize
CoInitialize
ReleaseStgMedium

oleaut32

SysFreeString
VarBstrFromDate
VariantCopy
SysAllocString
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringByteLen
SysAllocStringLen

oledlg

ord8

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree

imagehlp

MakeSureDirectoryPathExists

setupapi

SetupDiGetClassDevsA
CM_Get_DevNode_Status
SetupDiDestroyDeviceInfoList
CM_Get_DevNode_Registry_PropertyA
CM_Locate_DevNodeA
CM_Get_Child
CM_Get_Sibling
CM_Get_Parent
CM_Get_Device_IDA
SetupDiEnumDeviceInfo

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 326KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 185KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2170b6dad07b0fc2c3a1dd97af141aa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

imagehlp

setupapi

version

oleacc

imm32

winmm

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 326KB - Virtual size: 326KB

.data Size: 27KB - Virtual size: 56KB

.rsrc Size: 2.0MB - Virtual size: 2.0MB

.reloc Size: 185KB - Virtual size: 184KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 326KB - Virtual size: 326KB

.data
Size: 27KB - Virtual size: 56KB

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

.reloc
Size: 185KB - Virtual size: 184KB