2024-05-20_d6f4eca8a6d8f98217c301495060e985_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-20_d6f4eca8a6d8f98217c301495060e985_mafia
Size

3.1MB
MD5

d6f4eca8a6d8f98217c301495060e985
SHA1

6d163c626e893139fa48650c0f1a6591f3d62ef5
SHA256

49ae60ce95e3ec63c56fd3f617d5d79e9af36a097a13eb33c2da5ffc6a7bf113
SHA512

b5667d08d6ea89a337ecac623c4b324fda177e2ada45234d84e43613bf29356f7aa5b202801e4400c3be19b266c38642778e2d90420ea5c076e3c49e9bb88fd7
SSDEEP

98304:fQQ/kpz3nKvx5gdFk+OGcLXuHDvP4oj9ghi1RebMIg9Cbk/V8H:x/ANWyHDvP4ojDIg9Cbk/V8H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-20_d6f4eca8a6d8f98217c301495060e985_mafia

Files

2024-05-20_d6f4eca8a6d8f98217c301495060e985_mafia
.exe windows:5 windows x86 arch:x86

c6e8f94d2220949482767d6443a2e944

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Tsujiyama\Application\DeviceProgrammer\MTConverter\Source\MTConverter\Release\MTConverter.pdb

Imports

kernel32

GetTimeZoneInformation
IsProcessorFeaturePresent
LCMapStringW
GetConsoleCP
GetConsoleMode
GetCPInfo
GetStringTypeW
IsValidLocale
WriteConsoleW
GetDriveTypeW
SetEnvironmentVariableA
IsDebuggerPresent
UnhandledExceptionFilter
IsValidCodePage
GetOEMCP
EnumSystemLocalesA
GetACP
TerminateProcess
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
HeapSize
HeapQueryInformation
CreateThread
ExitThread
SizeofResource
ExitProcess
VirtualQuery
GetSystemInfo
VirtualAlloc
GetFileType
SetStdHandle
HeapReAlloc
RaiseException
RtlUnwind
DecodePointer
EncodePointer
GetDateFormatW
GetTimeFormatW
HeapAlloc
GetSystemTimeAsFileTime
HeapFree
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathW
GetProfileIntW
GetTickCount
Sleep
GetNumberFormatW
GetWindowsDirectoryW
GetTempPathW
GetTempFileNameW
SetErrorMode
GetCurrentDirectoryW
GetSystemDirectoryW
GlobalFlags
GlobalGetAtomNameW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedIncrement
CreateEventW
SuspendThread
SetEvent
SetThreadPriority
FindNextFileW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
CompareStringA
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
GetFileAttributesExW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
lstrcmpiW
lstrcpyW
lstrlenA
lstrcmpA
FileTimeToSystemTime
GetThreadLocale
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GetCurrentProcessId
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
lstrcmpW
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenW
MulDiv
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetExitCodeThread
WaitForSingleObject
ResumeThread
LocalFree
FormatMessageW
DeleteFileW
FreeLibrary
SetCurrentDirectoryW
CreateMutexW
MultiByteToWideChar
GetModuleFileNameW
CloseHandle
ActivateActCtx
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetLastError
DeactivateActCtx
SetLastError
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
GetLocaleInfoA

user32

RegisterClipboardFormatW
EnumChildWindows
LockWindowUpdate
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CopyAcceleratorTableW
PostThreadMessageW
DestroyAcceleratorTable
SetClassLongW
GetIconInfo
GetNextDlgGroupItem
SetCursorPos
SetParent
CopyIcon
GetMenuDefaultItem
SetMenuDefaultItem
DeleteMenu
WindowFromPoint
UnpackDDElParam
ReuseDDElParam
LoadImageW
DestroyIcon
LoadAcceleratorsW
InsertMenuItemW
TranslateAcceleratorW
IsMenu
MonitorFromPoint
UpdateLayeredWindow
UnionRect
SetWindowRgn
DrawFrameControl
DrawEdge
UnregisterClassW
SetLayeredWindowAttributes
EnumDisplayMonitors
CopyImage
RealChildWindowFromPoint
ShowOwnedPopups
GetMessageW
TranslateMessage
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
WaitMessage
IsZoomed
SystemParametersInfoW
DestroyMenu
CharUpperW
GetMenuItemInfoW
BringWindowToTop
CreatePopupMenu
FrameRect
IntersectRect
OffsetRect
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
DrawStateW
NotifyWinEvent
GetAsyncKeyState
GetCursorPos
ReleaseCapture
EnableScrollBar
HideCaret
SetCapture
DrawFocusRect
InvertRect
InflateRect
SetRectEmpty
IsRectEmpty
MapVirtualKeyW
GetKeyNameTextW
MessageBeep
GetWindowThreadProcessId
OpenClipboard
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
IsWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
EnableWindow
GetSysColor
SendMessageW
GetSysColorBrush
LoadCursorW
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
SetClipboardData
CloseClipboard
EmptyClipboard
CharNextW
SetRect
InvalidateRgn
GetDoubleClickTime
CharUpperBuffW
GetUpdateRect
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
IsWindowVisible
ValidateRect
UpdateWindow
MessageBoxW
CreateWindowExW
GetWindowRgn
DestroyCursor
CreateMenu
SubtractRect
MapVirtualKeyExW
IsCharLowerW
EndPaint
TranslateMDISysAccel
GetWindowRect
GetParent
GetDC
ReleaseDC
SetCursor
InvalidateRect
GetSystemMetrics
FillRect
DrawIconEx
LoadIconW
GetClientRect
SetTimer
KillTimer
GetSystemMenu
AppendMenuW
IsIconic
DrawIcon
PostMessageW
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuW
GetMenuItemID
GetMenuStringW
GetMenuState
LoadMenuW
GetWindow
PtInRect
CopyRect
SetWindowPos
SetWindowLongW
GetWindowLongW
GetMenu
CallWindowProcW
DefWindowProcW
GetDlgCtrlID
GetWindowPlacement
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
RegisterClassW
GetClassInfoW
GetClassInfoExW
IsClipboardFormatAvailable

gdi32

CreateDIBitmap
CreateCompatibleBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
CreateEllipticRgn
CreatePolygonRgn
GetBkColor
GetTextColor
Polyline
Ellipse
Polygon
CreateDIBSection
CreatePalette
GetPaletteEntries
RealizePalette
Rectangle
CreateRoundRectRgn
OffsetRgn
GetRgnBox
SetDIBColorTable
GetDIBits
StretchBlt
SetPixel
PatBlt
GetSystemPaletteEntries
EnumFontFamiliesExW
PtInRegion
FrameRgn
SetPixelV
ExtFloodFill
SetPaletteEntries
GetWindowOrgEx
FillRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
GetTextFaceW
SetViewportOrgEx
SelectObject
Escape
CreateHatchBrush
CreateRectRgnIndirect
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
GetNearestPaletteIndex
CreateFontIndirectW
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
CreateDCW
CopyMetaFileW
GetDeviceCaps
GetObjectW
GetTextExtentPoint32W
GetTextMetricsW
CreateSolidBrush
OffsetViewportOrgEx

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegCloseKey
RegEnumValueW
RegEnumKeyExW

shell32

SHGetFileInfoW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
DragFinish
DragQueryFileW
SHAppBarMessage
ShellExecuteW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindFileNameW
PathRenameExtensionW
PathRemoveFileSpecW
PathCombineW
PathFileExistsW
PathStripToRootW
PathIsUNCW
PathFindExtensionW

ole32

CLSIDFromString
CoCreateInstance
OleDuplicateData
CoUninitialize
CoInitializeEx
CoCreateGuid
CLSIDFromProgID
CoInitialize
CreateStreamOnHGlobal
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
OleLockRunning
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
CoRegisterMessageFilter
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
ReleaseStgMedium
IsAccelerator

oleaut32

SysStringByteLen
SysFreeString
SysAllocStringLen
SysAllocString
VariantChangeType
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VarBstrFromDate
OleCreateFontIndirect
VariantInit
VariantCopy
VariantClear

oledlg

OleUIBusyW

gdiplus

GdipGetImageHeight
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree

ws2_32

WSAStartup
WSACleanup
gethostbyname
closesocket
htonl
htons
inet_addr
accept
socket
select
bind
WSASetLastError
connect
sendto
recvfrom
WSAAsyncSelect
send
recv
WSAGetLastError

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 317KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6e8f94d2220949482767d6443a2e944

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

ws2_32

version

oleacc

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 317KB - Virtual size: 317KB

.data Size: 27KB - Virtual size: 57KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.reloc Size: 185KB - Virtual size: 185KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 317KB - Virtual size: 317KB

.data
Size: 27KB - Virtual size: 57KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.reloc
Size: 185KB - Virtual size: 185KB