2024-05-14_fb2245f27552fb9fa6a5d328e30badbb_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-14_fb2245f27552fb9fa6a5d328e30badbb_mafia
Size

3.4MB
MD5

fb2245f27552fb9fa6a5d328e30badbb
SHA1

8fc83a608a7aee3b154cfb398d20aac928de471e
SHA256

8e48590669416ebdcaa68dd44de9694eae437d8fe43ad36ff1aeaac346c995b2
SHA512

4607cb795922547a99543d23ffeb7352e6919f760899c60f6b8da29208c786bfcdbb41d715dbf6f2c10a6d5338ac4db11522309879d52f42b36f81f459a22b62
SSDEEP

98304:ysr3J9zRlOrQl7nhAzxVlrY66tI/Wg+M/dk4Udc:ysr3J9zRlOrQ6x066tI4sl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-14_fb2245f27552fb9fa6a5d328e30badbb_mafia

Files

2024-05-14_fb2245f27552fb9fa6a5d328e30badbb_mafia
.exe windows:5 windows x86 arch:x86

ae7ec73226c0a7335c720c574b7c6854

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\code\vchat\trunk-clean\VChat\vc10\ReleaseDebug\VoiceChatter_Debug.pdb

Imports

ws2_32

recv
select
__WSAFDIsSet
getsockopt
ioctlsocket
send
gethostbyname
getservbyname
gethostbyaddr
ntohl
WSAGetLastError
accept
freeaddrinfo
htonl
inet_addr
ntohs
WSAStartup
sendto
recvfrom
socket
connect
closesocket
htons
getaddrinfo
WSACleanup
shutdown
listen
getsockname
bind
setsockopt

dinput8

DirectInput8Create

user32

BringWindowToTop
RegisterWindowMessageA
GetAsyncKeyState
PostThreadMessageA
CreateWindowExA
MessageBeep
RegisterClassA
PostMessageA
MessageBoxA
PeekMessageA
SendMessageA
DefWindowProcA
DestroyWindow
SetCursor
LoadCursorA
DdeFreeStringHandle
DdeQueryStringA
DdeUninitialize
DdeFreeDataHandle
DdeGetData
DdeCreateDataHandle
DdeGetLastError
DdeInitializeA
DdeDisconnect
DdeClientTransaction
DdeCreateStringHandleA
DdeNameService
DdeConnect
DdePostAdvise
KillTimer
SetTimer
GetForegroundWindow
SetForegroundWindow
IsWindow
InvalidateRect
PostQuitMessage
TranslateMessage
DispatchMessageA
ReleaseDC
GetDC
VkKeyScanA
wsprintfA
wvsprintfA
EnumDisplaySettingsA
ChangeDisplaySettingsA
GetMenuStringA
DefMDIChildProcA
TranslateMDISysAccel
DefFrameProcA
SetClipboardData
RegisterClipboardFormatA
DrawStateA
DrawEdge
ShowCursor
GetWindowDC
TranslateAcceleratorA
CreateAcceleratorTableA
DestroyAcceleratorTable
DrawIconEx
DrawFrameControl
GetWindowTextA
GetClassNameA
ValidateRect
GetMessageA
DestroyCursor
GetUpdateRect
BeginPaint
DrawIcon
EndPaint
SetMenu
UnionRect
ChildWindowFromPoint
InsertMenuItemA
GetSubMenu
CreateMenu
AppendMenuA
InsertMenuA
RemoveMenu
DestroyMenu
CreatePopupMenu
SetMenuItemInfoA
ModifyMenuA
CheckMenuRadioItem
CheckMenuItem
GetMenuState
GetMessagePos
CreateIconIndirect
MapWindowPoints
GetClassInfoA
LoadImageA
GetIconInfo
LoadBitmapA
LoadIconA
DestroyIcon
GetWindowTextLengthA
HideCaret
OpenClipboard
IsClipboardFormatAvailable
CloseClipboard
keybd_event
OffsetRect
DrawFocusRect
CopyRect
DrawTextA
GetDlgItem
CreateDialogParamA
CreateDialogIndirectParamA
UnregisterClassA
FlashWindow
SetWindowRgn
AdjustWindowRectEx
GetSystemMenu
EnableMenuItem
DrawMenuBar
GetDesktopWindow
IsIconic
IsZoomed
GetSystemMetrics
InflateRect
GetUpdateRgn
GetSysColor
SetWindowsHookExA
IsDialogMessageA
TrackPopupMenu
PtInRect
GetCapture
UnhookWindowsHookEx
UnregisterHotKey
RegisterHotKey
CallNextHookEx
GetActiveWindow
GetMenuItemCount
GetMenuItemInfoA
SystemParametersInfoA
GetMessageTime
GetWindow
BeginDeferWindowPos
EndDeferWindowPos
SetWindowTextA
GetFocus
IsWindowEnabled
IsWindowVisible
CallWindowProcA
DeferWindowPos
MoveWindow
ClientToScreen
ScreenToClient
UpdateWindow
RedrawWindow
SetParent
GetCursorPos
WindowFromPoint
GetParent
ScrollWindow
SetScrollInfo
GetScrollInfo
SetCursorPos
ReleaseCapture
SetCapture
ShowWindow
EnableWindow
SetFocus
SetWindowPos
SetWindowLongA
GetWindowLongA
FillRect
GetClientRect
GetWindowRect
GetKeyState
EnumDisplayMonitors

shell32

ExtractIconExA
ExtractIconA
DragQueryFileA
DragQueryPoint
DragFinish
DragAcceptFiles
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteExA
Shell_NotifyIconA

advapi32

GetUserNameA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ole32

CoCreateInstance
OleUninitialize
OleInitialize
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
ReleaseStgMedium
OleGetClipboard
CoUninitialize
CoInitialize

gdi32

GetDIBColorTable
CreateDIBitmap
GetDIBits
CreateDIBSection
PatBlt
ExtCreatePen
SetTextAlign
CreateRectRgnIndirect
CreateHatchBrush
SaveDC
RestoreDC
CreatePalette
GetNearestPaletteIndex
CombineRgn
RectInRegion
PtInRegion
GetRgnBox
StretchDIBits
StretchBlt
MaskBlt
Ellipse
RoundRect
Rectangle
PolyPolygon
SetPolyFillMode
Polygon
GetSystemPaletteEntries
Arc
SelectClipRgn
GetTextColor
GetBkColor
SetMapMode
SetViewportExtEx
SetWindowExtEx
SetViewportOrgEx
SetWindowOrgEx
GetTextExtentExPointA
GetCharABCWidthsA
SetROP2
TextOutA
PolyBezier
Polyline
SetPixel
GetPixel
ExtFloodFill
ExtSelectClipRgn
GetClipBox
SetStretchBltMode
LineTo
GetStockObject
CreateICA
CreateBitmap
BitBlt
GetPaletteEntries
CreatePatternBrush
CreateCompatibleBitmap
SetBrushOrgEx
DeleteDC
CreateCompatibleDC
GetObjectA
GetDeviceCaps
CreateFontIndirectA
CreateSolidBrush
CreatePen
DeleteObject
SetBkMode
SetTextColor
SetBkColor
GetRegionData
ExtCreateRegion
OffsetRgn
ExcludeClipRect
CreateRectRgn
GetTextExtentPoint32A
SelectPalette
RealizePalette
GdiFlush
SelectObject
GetTextMetricsA
GetEnhMetaFileA
CopyEnhMetaFileA
DeleteEnhMetaFile
SetAbortProc
EndDoc
StartPage
EndPage
StartDocA
CreateDCA
MoveToEx
EnumFontFamiliesExA
Pie
EqualRgn

comdlg32

ChooseColorA
PageSetupDlgA
PrintDlgA
GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError
ChooseFontA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

timeGetTime
waveInMessage
waveOutMessage
waveInGetNumDevs
waveOutGetNumDevs
waveInPrepareHeader
waveOutPrepareHeader
waveOutReset
waveInReset
waveOutPause
waveInStart
waveOutRestart
waveOutGetPosition
waveOutWrite
waveInAddBuffer
waveInUnprepareHeader
waveOutUnprepareHeader
waveInClose
waveOutClose
waveOutGetDevCapsA
waveInGetDevCapsA
waveOutOpen
waveOutGetErrorTextA
waveInOpen
waveInGetErrorTextA
timeKillEvent
timeSetEvent

kernel32

GetThreadLocale
GetLocaleInfoA
GetTimeZoneInformation
CreateFileA
GetWindowsDirectoryA
SetCurrentDirectoryA
CopyFileA
GetFileType
CreateEventA
SetEvent
AddVectoredExceptionHandler
GetCurrentProcess
DeleteFileA
GetCurrentProcessId
FindFirstFileA
FindNextFileA
FindClose
CreateDirectoryA
QueryPerformanceFrequency
QueryPerformanceCounter
Sleep
GetCurrentThreadId
CreateThread
WaitForSingleObject
ReleaseSemaphore
CreateSemaphoreA
DeleteCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
EnterCriticalSection
InitializeCriticalSection
FormatMessageA
CreateProcessA
GetModuleHandleA
OutputDebugStringA
GetVersionExA
ReadProcessMemory
GetCurrentThread
RtlCaptureContext
SuspendThread
GetThreadContext
ResumeThread
CloseHandle
GetFileAttributesA
LoadLibraryA
GetProcAddress
GetLastError
CompareStringW
CreateFileW
LoadLibraryW
GetStringTypeW
EnumSystemLocalesA
GetTickCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
InterlockedIncrement
InterlockedDecrement
SetThreadPriority
TlsGetValue
TlsFree
TlsSetValue
TlsAlloc
ExitProcess
WideCharToMultiByte
MultiByteToWideChar
SetLastError
GetCurrentDirectoryA
GetModuleFileNameA
GetEnvironmentVariableA
FreeLibrary
GetCurrentDirectoryW
GetFileInformationByHandle
GetCPInfo
IsValidCodePage
GetComputerNameA
SetEnvironmentVariableA
TerminateProcess
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileSize
GetTempPathA
GetTempFileNameA
GetACP
GetUserDefaultLCID
IsValidLocale
LocalFree
GetStdHandle
ExpandEnvironmentStringsA
ReadFile
WriteFile
PeekNamedPipe
RaiseException
SetErrorMode
GetCommandLineA
LocalAlloc
GlobalLock
GlobalUnlock
GlobalAlloc
GlobalSize
GlobalFree
HeapSize
GetProcessHeap
SetFilePointer
lstrlenA
ResetEvent
WaitForMultipleObjects
FlushFileBuffers
SetEndOfFile
EncodePointer
DecodePointer
RtlUnwind
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetDriveTypeA
FindFirstFileExA
MoveFileA
HeapSetInformation
GetOEMCP
GetStartupInfoW
HeapReAlloc
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetDriveTypeW
GetFullPathNameA
GetTimeFormatA
GetDateFormatA
GetModuleHandleW
GetConsoleCP
GetConsoleMode
WriteConsoleW
GetModuleFileNameW
LCMapStringW
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
HeapCreate
GetLocaleInfoW
TerminateThread

comctl32

ImageList_ReplaceIcon
ImageList_Add
ImageList_Create
ImageList_GetImageCount
ImageList_Draw
ImageList_GetIconSize
ord17
ord16
ImageList_EndDrag
ImageList_DragMove
ImageList_DragEnter
ImageList_DragLeave
ImageList_SetDragCursorImage
ImageList_BeginDrag
ord6
ImageList_Destroy

Exports

Exports

?espeak_CompileDictionary@@YAXPBDPAU_iobuf@@H@Z
?espeak_SetPhonemeCallback@@YAXP6AHPBD@Z@Z
espeak_Cancel
espeak_Char
espeak_GetCurrentVoice
espeak_GetParameter
espeak_Info
espeak_Initialize
espeak_IsPlaying
espeak_Key
espeak_ListVoices
espeak_SetParameter
espeak_SetPhonemeTrace
espeak_SetPunctuationList
espeak_SetSynthCallback
espeak_SetUriCallback
espeak_SetVoiceByName
espeak_SetVoiceByProperties
espeak_Synchronize
espeak_Synth
espeak_Synth_Mark
espeak_Terminate

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 634KB - Virtual size: 633KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 222KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae7ec73226c0a7335c720c574b7c6854

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

dinput8

user32

shell32

advapi32

ole32

gdi32

comdlg32

version

winmm

kernel32

comctl32

Exports

Exports

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 634KB - Virtual size: 633KB

.data Size: 81KB - Virtual size: 287KB

.rsrc Size: 28KB - Virtual size: 28KB

.reloc Size: 222KB - Virtual size: 222KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 634KB - Virtual size: 633KB

.data
Size: 81KB - Virtual size: 287KB

.rsrc
Size: 28KB - Virtual size: 28KB

.reloc
Size: 222KB - Virtual size: 222KB