2024-05-21_583f7b05616ab93e08c01899487de775_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-21_583f7b05616ab93e08c01899487de775_mafia
Size

1.0MB
MD5

583f7b05616ab93e08c01899487de775
SHA1

1224854e4ac3224a5860f800dab9e8c04f365928
SHA256

1b5d1c097eff67eec7df54413952e98c4ba8aecb4118b0aa7c915d5b486512a1
SHA512

db04fe99f6cdad2f9913036a7e2f7d77ad1be6c9192e6a8a97723ff739a1e85db3b121eb44a92453abd33deea1dc8e2205f99d5f4bb9b91233e2fe13d645dc19
SSDEEP

24576:DHao7I9kGl6622glbdHLc3UMsy6biqm9AzCC/Cn1:h7IQ622erc3UM2biqmSzCgC1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-21_583f7b05616ab93e08c01899487de775_mafia

Files

2024-05-21_583f7b05616ab93e08c01899487de775_mafia
.exe windows:5 windows x86 arch:x86

31b8850b017c210537c6f0f6482658f0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\code\app\SEBrowserV2\Release\SEBrowserV2.pdb

Imports

kernel32

WriteFile
GetUserDefaultLCID
DeleteFileW
GetTickCount
FindFirstFileW
FindClose
IsWow64Process
GetCurrentProcess
MoveFileW
MoveFileExW
GetVersionExW
RemoveDirectoryW
FindNextFileW
DeviceIoControl
SetEndOfFile
AllocConsole
GetStdHandle
SetConsoleTextAttribute
SetConsoleTitleW
GetDateFormatW
GetTimeFormatW
GetEnvironmentVariableW
GetFileTime
FileTimeToSystemTime
OpenProcess
GetSystemTimeAsFileTime
CreateDirectoryW
GetFileAttributesW
WideCharToMultiByte
GetCurrentDirectoryW
SleepEx
VerifyVersionInfoA
VerSetConditionMask
ExpandEnvironmentStringsA
FormatMessageA
InterlockedIncrement
ReadFile
SetFilePointer
CreateFileW
GetModuleFileNameW
OpenEventW
WaitForMultipleObjects
CreateEventW
SetEvent
GetExitCodeProcess
CreateProcessW
GetLocalTime
GetSystemTime
LoadLibraryA
GetSystemInfo
CopyFileW
CreateToolhelp32Snapshot
Process32NextW
GetProcessId
Process32FirstW
GetTempPathW
GetBinaryTypeW
GetUserDefaultUILanguage
lstrlenA
LocalFree
GetTimeZoneInformation
GetProcessHeap
GetDriveTypeW
SetEnvironmentVariableA
WriteConsoleW
FreeLibrary
LoadLibraryW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
CreateFileA
PeekNamedPipe
GetFileInformationByHandle
GetFullPathNameA
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
IsValidCodePage
GetOEMCP
WaitForSingleObject
CloseHandle
GetVolumeInformationW
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
GetCurrentThreadId
MulDiv
GetLastError
GetModuleHandleW
DeleteCriticalSection
InterlockedDecrement
Sleep
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
FindResourceExW
FindResourceW
SizeofResource
LockResource
LoadResource
SetLastError
InterlockedCompareExchange
InterlockedExchange
GetStringTypeW
EncodePointer
DecodePointer
HeapFree
ExitThread
ResumeThread
GetACP
HeapSize
FlushFileBuffers
SetHandleCount
GetConsoleMode
GetConsoleCP
ExitProcess
HeapDestroy
HeapCreate
CreateThread
GetCPInfo
HeapAlloc
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThread
GetProcAddress
HeapReAlloc
SetStdHandle
GetLocaleInfoW
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
CompareStringW
LCMapStringW
RtlUnwind
RaiseException
FindFirstFileExA
GetDriveTypeA
FileTimeToLocalFileTime
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetFileType
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar

user32

CreateWindowExW
SetCapture
TrackMouseEvent
ReleaseCapture
IsWindowVisible
GetForegroundWindow
SetWindowTextW
IsIconic
SetForegroundWindow
BringWindowToTop
SetActiveWindow
SetFocus
GetWindowThreadProcessId
AttachThreadInput
RegisterClassExW
LoadCursorW
LoadIconW
ReleaseDC
UpdateLayeredWindow
GetWindowDC
ShowWindow
TranslateMessage
IsWindow
ScreenToClient
PeekMessageW
DispatchMessageW
SetClipboardData
EmptyClipboard
CloseClipboard
GetClipboardData
OpenClipboard
ShowScrollBar
GetClientRect
GetAsyncKeyState
GetKeyState
SetTimer
GetCursorPos
GetDesktopWindow
GetWindowLongW
SetWindowLongW
DefWindowProcW
GetSystemMetrics
DestroyWindow
SendMessageW
FindWindowW
PostQuitMessage
PostMessageW
KillTimer
GetParent
LoadStringW
FindWindowExW
EnableWindow
BeginPaint
GetSysColor
FillRect
EndPaint
MessageBoxW
GetMonitorInfoW
MonitorFromPoint
EnumDesktopWindows
EnumChildWindows
GetWindowTextW
wsprintfW
SetWindowPos
MoveWindow
GetWindowRect

gdi32

CreateCompatibleDC
SelectObject
DeleteObject
GetDeviceCaps
CreateFontW
CreateSolidBrush
SetBkColor
TextOutW

advapi32

GetTokenInformation
OpenProcessToken
RegSetValueExW
RegQueryValueExW
RegEnumKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
CryptDestroyHash
CryptReleaseContext
CryptHashData
RegEnumValueW
RegQueryInfoKeyW
CryptAcquireContextA
AdjustTokenPrivileges
LookupPrivilegeValueW
CryptGetHashParam
CryptCreateHash

shell32

ShellExecuteExW
SHCreateDirectoryExW
SHGetPathFromIDListW
SHGetMalloc
SHGetFolderPathW
SHAppBarMessage
ShellExecuteW
SHGetDesktopFolder
SHBrowseForFolderW

ole32

CoInitialize
CoInitializeSecurity
CoUninitialize
CreateStreamOnHGlobal
CoCreateGuid
CoCreateInstance
OleInitialize
OleCreate
CoSetProxyBlanket
StringFromGUID2

oleaut32

SysAllocStringLen
SysStringLen
VariantChangeType
VariantClear
VariantCopy
VariantInit
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysFreeString

gdiplus

GdiplusStartup
GdipFree
GdipAlloc
GdipDisposeImage
GdipCloneImage
GdipGetImagePixelFormat
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipSetCompositingMode
GdipSetCompositingQuality
GdipSetInterpolationMode
GdipDrawImageI
GdipGetImageWidth
GdipGetImageHeight
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStream
GdipDrawImagePointRectI
GdipDeleteBrush
GdipCloneBrush
GdipCreateSolidFill
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipSetTextRenderingHint
GdipSetSmoothingMode
GdipGraphicsClear
GdipDrawString
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily
GdipCreateFont
GdipDeleteFont
GdipCreateBitmapFromScan0
GdipCloneBitmapAreaI

urlmon

URLDownloadToFileW
ObtainUserAgentString
UrlMkSetSessionOption
UrlMkGetSessionOption

ws2_32

getsockname
setsockopt
WSAIoctl
send
recv
select
WSAGetLastError
__WSAFDIsSet
htons
WSASetLastError
WSAStartup
ntohs
bind
ioctlsocket
gethostbyname
connect
socket
closesocket
getpeername
getsockopt
WSACleanup

iphlpapi

GetAdaptersInfo

wininet

InternetCloseHandle
InternetOpenUrlA
InternetOpenW
InternetGetConnectedState
InternetQueryOptionW
InternetReadFile

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

psapi

GetModuleFileNameExW
GetProcessImageFileNameW
EnumProcesses

comctl32

ord413
ord412
ord410

rpcrt4

UuidCreate

shlwapi

PathCanonicalizeW
PathAppendW
PathFindFileNameW
PathFileExistsW
PathRemoveFileSpecW
PathIsRelativeW

Sections

.text
Size: 759KB - Virtual size: 759KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31b8850b017c210537c6f0f6482658f0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

gdiplus

urlmon

ws2_32

iphlpapi

wininet

version

psapi

comctl32

rpcrt4

shlwapi

Sections

.text Size: 759KB - Virtual size: 759KB

.rdata Size: 125KB - Virtual size: 125KB

.data Size: 62KB - Virtual size: 71KB

.rsrc Size: 47KB - Virtual size: 47KB

.reloc Size: 50KB - Virtual size: 49KB

.text
Size: 759KB - Virtual size: 759KB

.rdata
Size: 125KB - Virtual size: 125KB

.data
Size: 62KB - Virtual size: 71KB

.rsrc
Size: 47KB - Virtual size: 47KB

.reloc
Size: 50KB - Virtual size: 49KB