2024-05-12_901725e8f79756cbca07d93d84ffd3b0_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-12_901725e8f79756cbca07d93d84ffd3b0_mafia
Size

2.3MB
MD5

901725e8f79756cbca07d93d84ffd3b0
SHA1

d0afd26e7afaa82a0f2afe7e1a538cf789822a71
SHA256

f2e2221bd2dd5429be4caf63df3c77df45d034e02a95fb52a93da22eb090a6fe
SHA512

8b95af6e77262611941e3101cdf9801f47f7d5584027148ae8553254861c34ccf863858b0dcd1ffa5ab1b65bef8120f583859d6cf6c4c2c5348f094fbbbb22f9
SSDEEP

24576:bVcpaPefmLlYKCfldZZTBXqcIQuHYQHDIeh3GRzApDFtoE2KT6C/Bh6cI71ny3MH:bVQaWG2Kg7Exoa9sVUN3GJbbqhnXR27

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-12_901725e8f79756cbca07d93d84ffd3b0_mafia

Files

2024-05-12_901725e8f79756cbca07d93d84ffd3b0_mafia
.exe windows:5 windows x86 arch:x86

a1a46807d41e9cb09afb0e4b233de31f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\tux\Desktop\Projekte\vim\vim73\src\gvim.pdb

Imports

kernel32

SetFileAttributesA
LoadLibraryA
GetFileType
MoveFileA
SetCurrentDirectoryW
CreatePipe
GetModuleFileNameA
GetCurrentDirectoryA
GetVersionExA
CloseHandle
DeleteFileW
GetCurrentProcessId
GetFileInformationByHandle
SetFileAttributesW
CreateThread
lstrlenA
GetTickCount
LocalHandle
IsDBCSLeadByte
LocalAlloc
LoadLibraryExA
GetStartupInfoA
SearchPathA
MoveFileW
BackupRead
GetCurrentDirectoryW
SetCurrentDirectoryA
ExitThread
CreateFileW
ReadFile
TerminateProcess
WriteConsoleW
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
RaiseException
CompareStringW
RtlUnwind
GetProcessHeap
CreateProcessA
GetFileAttributesW
GetExitCodeProcess
GetFileAttributesA
WriteFile
GetConsoleTitleA
BackupSeek
WaitForSingleObject
SetErrorMode
PeekNamedPipe
SearchPathW
CreateFileA
GetTempFileNameW
GetFullPathNameA
GetComputerNameA
GetCommandLineW
GetFullPathNameW
GlobalFree
Sleep
GlobalAlloc
GlobalSize
LocalFree
GetSystemInfo
GlobalUnlock
MulDiv
FormatMessageA
IsBadReadPtr
GlobalLock
VirtualQuery
GetLocaleInfoA
FindNextFileW
FindNextFileA
FindClose
FindFirstFileA
FindFirstFileW
IsValidCodePage
GetProcAddress
IsDBCSLeadByteEx
GetLastError
GetACP
FreeLibrary
GetCPInfo
GetModuleHandleA
DeleteFileA
GetTempPathA
GetTempFileNameA
MultiByteToWideChar
WideCharToMultiByte
SetEndOfFile
HeapSize
GetModuleFileNameW
LoadLibraryW
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoW
GetUserDefaultLCID
HeapDestroy
HeapCreate
LCMapStringW
GetTimeZoneInformation
FatalAppExitA
QueryPerformanceFrequency
QueryPerformanceCounter
GetCurrentThread
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetOEMCP
DeleteCriticalSection
GetStdHandle
SetHandleCount
IsProcessorFeaturePresent
SetEnvironmentVariableA
InterlockedExchange
GetConsoleMode
GetConsoleCP
DuplicateHandle
SetFilePointer
GetStartupInfoW
HeapSetInformation
GetCommandLineA
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
SetStdHandle
GetCurrentProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateDirectoryA
CreateDirectoryW
SetConsoleCtrlHandler
FindFirstFileExA
GetShortPathNameA
GetDriveTypeA
SetEnvironmentVariableW
EncodePointer
FindFirstFileExW
GetDriveTypeW
FileTimeToLocalFileTime
FileTimeToSystemTime
VirtualAlloc
VirtualProtect
HeapAlloc
HeapFree
DecodePointer
ExitProcess
GetModuleHandleW
InterlockedIncrement
InterlockedDecrement
GetSystemTimeAsFileTime
HeapReAlloc
GetDateFormatA
GetTimeFormatA

advapi32

GetUserNameA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegDeleteKeyA
RegEnumKeyExA
RegCreateKeyExA

shell32

DragQueryPoint
DragQueryFileW
DragAcceptFiles
DragQueryFileA
CommandLineToArgvW
Shell_NotifyIconA
DragFinish

gdi32

CreateCompatibleDC
ExtTextOutW
GetTextExtentPointW
GetTextExtentPointA
CreatePen
GetObjectA
GetDCOrgEx
ExtTextOutA
CreateSolidBrush
EndPage
StartPage
SetPixel
DeleteDC
GetDeviceCaps
CreateFontIndirectA
SetBkColor
CreateDCA
SetAbortProc
SetBkMode
DeleteObject
SelectObject
StartDocA
EnumFontFamiliesA
GetNearestColor
GetTextMetricsA
SetTextAlign
EndDoc
TextOutA
GdiFlush
CreateFontA
LineTo
BitBlt
MoveToEx
SetTextColor
GetStockObject
CreateBitmap

comdlg32

ReplaceTextA
CommDlgExtendedError
PrintDlgA
ChooseFontA
GetOpenFileNameA
GetSaveFileNameA
FindTextW
GetSaveFileNameW
ReplaceTextW
GetOpenFileNameW
FindTextA

ole32

CoCreateInstance
CoUninitialize
CoInitialize
OleUninitialize
StringFromCLSID
CoTaskMemFree
CoRevokeClassObject
CoRegisterClassObject
OleInitialize

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

comctl32

CreateToolbarEx
ord17

oleaut32

UnRegisterTypeLi
SetErrorInfo
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
RevokeActiveObject
SysAllocString
RegisterActiveObject

user32

MapWindowPoints
LoadImageA
GetDlgItemTextW
InsertMenuA
IsWindowVisible
GetSystemMetrics
RegisterClassW
ScrollWindowEx
ReleaseCapture
InsertMenuW
RemoveMenu
ShowScrollBar
GetMenuItemCount
GetClassInfoA
DrawMenuBar
FrameRect
CreatePopupMenu
SetMenu
ShowWindow
GetCursorPos
SetWindowPos
GetSysColor
DestroyCursor
RedrawWindow
EndDialog
GetDlgItem
GetMenuState
SetClassLongA
PeekMessageW
SetCursorPos
InvalidateRect
IntersectRect
TrackPopupMenuEx
GetKeyboardLayout
GetMenuItemRect
UpdateWindow
GetWindowPlacement
IsDialogMessageW
CreateDialogIndirectParamA
ShowCursor
GetDC
InsertMenuItemW
GetClassInfoW
PtInRect
BeginPaint
RegisterWindowMessageA
CreateMenu
GetClientRect
SetParent
WindowFromPoint
FindWindowExA
MessageBeep
LoadBitmapA
DrawIconEx
GetKeyState
IsZoomed
KillTimer
GetScrollPos
FillRect
IsIconic
TrackPopupMenu
GetMessageW
InsertMenuItemA
SetActiveWindow
GetWindowRect
ScreenToClient
SetTimer
InvertRect
SetWindowPlacement
EndPaint
wsprintfA
DialogBoxIndirectParamA
DestroyMenu
FindWindowA
LoadCursorA
SetWindowTextW
DestroyIcon
OffsetRect
SetScrollInfo
GetDialogBaseUnits
GetMessageTime
mouse_event
GetMessageA
GetFocus
IsDialogMessageA
MessageBoxA
PeekMessageA
DispatchMessageA
CloseClipboard
IsClipboardFormatAvailable
RegisterClipboardFormatA
GetClipboardData
EmptyClipboard
OpenClipboard
SetClipboardData
GetClassNameA
GetSystemMenu
CreateDialogParamA
SendDlgItemMessageA
GetWindowDC
MsgWaitForMultipleObjects
GetParent
SetFocus
SendMessageA
EnumWindows
TranslateMessage
GetWindowTextA
CharUpperBuffA
CreateWindowExA
ReleaseDC
EnableMenuItem
DefWindowProcA
CharLowerBuffA
GetDesktopWindow
PostMessageA
SystemParametersInfoA
SetWindowTextA
EnableWindow
GetDlgItemTextA
SetDlgItemTextA
RegisterClassA
DestroyWindow
IsWindow
SetForegroundWindow
LoadIconA
MapVirtualKeyA
GetWindow
MoveWindow
IsRectEmpty
DispatchMessageW
SetCapture
DefWindowProcW

wsock32

WSAGetLastError
connect
WSAStartup
WSAAsyncSelect
send
gethostbyname
closesocket
socket
WSACleanup
recv
htons

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 239KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1a46807d41e9cb09afb0e4b233de31f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

shell32

gdi32

comdlg32

ole32

version

comctl32

oleaut32

user32

wsock32

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 94KB - Virtual size: 94KB

.data Size: 239KB - Virtual size: 293KB

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 144KB - Virtual size: 144KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 94KB - Virtual size: 94KB

.data
Size: 239KB - Virtual size: 293KB

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 144KB - Virtual size: 144KB