2024-05-22_13002db5be8f543e4848b756ce755f08_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-22_13002db5be8f543e4848b756ce755f08_mafia
Size

3.6MB
MD5

13002db5be8f543e4848b756ce755f08
SHA1

ae4ec40311b0e27eaac1555a0ea4a24c34b16b4a
SHA256

996dcb0df5881ff0ac0138d76be70a2b7a3023185c6ca7fa09be9924047c3f5a
SHA512

5c16ebefabd6d7039af79c7c9ac5f3013d557381d43bf30274a63b5aa10911d9fef094c9ed3647137fc420cc930adf28a971f3019db8b030c4ccda9da53e25bd
SSDEEP

98304:MsbqUldfPnkEUGOaqYJ7Vc435xkjF99j+wjhL+BIWfAWOJ:Mil1nkAh3Ejl+A+BIWYW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
2024-05-22_13002db5be8f543e4848b756ce755f08_mafia

Files

2024-05-22_13002db5be8f543e4848b756ce755f08_mafia
.exe windows:5 windows x86 arch:x86

d9f02dee9fd0e702615f346915c1b45c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\mizuno\MCBook\honto\PC_Viewer_Src\honto-MCBookViewer-src_20150312\Release\MCBookViewer.pdb

Imports

sync

ord1
ord2
ord11
ord41
ord37
ord7
ord34
ord27
ord28
ord5
ord3
ord21
ord32
ord25
ord6
ord36
ord9
ord39
ord30
ord38
ord23

bookv000

ord1
ord6
ord17
ord8
ord15
ord9
ord2
ord3
ord12
ord4

imm32

ImmGetContext
ImmReleaseContext
ImmGetCompositionStringW
ImmGetOpenStatus

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

VirtualAlloc
GetSystemInfo
VirtualQuery
GetTimeFormatW
GetDateFormatW
ExitProcess
GetSystemTimeAsFileTime
HeapReAlloc
GetDriveTypeA
FindFirstFileExA
RtlUnwind
RaiseException
ExitThread
CreateThread
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
IsProcessorFeaturePresent
GetConsoleCP
GetConsoleMode
LCMapStringW
GetFullPathNameA
GetFileInformationByHandle
PeekNamedPipe
GetStringTypeW
WriteConsoleW
GetDriveTypeW
SetEnvironmentVariableA
FindResourceW
LoadResource
SizeofResource
LockResource
DecodePointer
GlobalLock
GlobalAlloc
LeaveCriticalSection
GlobalUnlock
InterlockedExchange
EnterCriticalSection
GlobalFree
Sleep
GetVersionExW
GetModuleFileNameW
GetTickCount
MultiByteToWideChar
HeapAlloc
HeapFree
GetProcessHeap
DeleteFileA
CreateFileA
GetFileSize
GetLastError
CloseHandle
GetPrivateProfileStringW
WritePrivateProfileStringW
GetLocalTime
DeleteFileW
lstrlenA
SystemTimeToFileTime
WideCharToMultiByte
GetFileAttributesA
CreateDirectoryA
FindFirstFileA
RemoveDirectoryA
SetFileAttributesA
GetTempFileNameA
FindClose
FindNextFileA
GetTempPathA
LocalFileTimeToFileTime
FreeResource
lstrlenW
SetLastError
DeactivateActCtx
ActivateActCtx
EncodePointer
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
VirtualProtect
GetCurrentProcessId
MulDiv
LocalFree
FormatMessageW
GlobalSize
CopyFileW
lstrcmpW
FreeLibrary
LoadLibraryW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
CompareStringW
GetProcAddress
GetModuleHandleW
GlobalDeleteAtom
SearchPathW
GetProfileIntW
GetFileTime
GetFileSizeEx
GetFileAttributesW
GetFileAttributesExW
SetErrorMode
GetTempPathW
GetTempFileNameW
GetNumberFormatW
GetWindowsDirectoryW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
GlobalFindAtomW
GlobalAddAtomW
GetCurrentThreadId
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
lstrcmpiW
GetCurrentDirectoryW
GetSystemDirectoryW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalGetAtomNameW
GlobalFlags
InitializeCriticalSection
lstrcpyW
CreateEventW
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GetPrivateProfileIntW
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
LoadLibraryExW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindFirstFileW
FindNextFileW
lstrcmpA
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GetThreadLocale
InterlockedIncrement

user32

GetWindowRgn
DestroyCursor
SubtractRect
CharUpperBuffW
CopyIcon
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
CreateMenu
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
PostThreadMessageW
IsMenu
MonitorFromPoint
UnionRect
MapVirtualKeyExW
IsCharLowerW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
RegisterClipboardFormatW
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFrameControl
DrawEdge
DrawStateW
SetClassLongW
DestroyAcceleratorTable
SetParent
GetIconInfo
NotifyWinEvent
HideCaret
DrawFocusRect
InvertRect
GetAsyncKeyState
CreatePopupMenu
GetMenuDefaultItem
MessageBeep
GetNextDlgGroupItem
CharUpperW
WaitMessage
UnregisterClassW
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableW
SetRectEmpty
CopyImage
GetSysColorBrush
RealChildWindowFromPoint
DestroyMenu
GetMenuItemInfoW
GetMessageW
TranslateMessage
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
MapVirtualKeyW
GetKeyNameTextW
WindowFromPoint
CharNextW
InflateRect
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
ShowScrollBar
ValidateRect
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowPos
GetWindow
GetMenuStringW
AppendMenuW
InsertMenuW
GetSysColor
EndPaint
BeginPaint
GetWindowDC
EnableWindow
SetLayeredWindowAttributes
GetDC
GetParent
CopyRect
ReleaseDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuW
GetMenuState
GetDoubleClickTime
CreateIconIndirect
IntersectRect
MessageBoxW
SetWindowRgn
AnimateWindow
RemoveMenu
EqualRect
FillRect
DrawIconEx
OffsetRect
SetRect
ClientToScreen
EnumDisplayMonitors
GetSystemMenu
IsIconic
GetMenuItemID
IsZoomed
GetSubMenu
SetForegroundWindow
DeleteMenu
DrawIcon
GetMenu
LoadIconW
LoadMenuW
GetWindowLongW
SystemParametersInfoW
EnableMenuItem
SetWindowLongW
LoadBitmapW
GetDesktopWindow
InvalidateRect
PtInRect
GetClientRect
PostMessageW
GetWindowRect
ScreenToClient
SetTimer
UpdateLayeredWindow
SendMessageW
RedrawWindow
KillTimer
DestroyIcon
ReleaseCapture
TrackMouseEvent
SetCapture
LoadImageW
GetCursorPos
LoadCursorW
SetCursor
GetScrollPos
EnableScrollBar
ShowWindow
SetScrollPos
GetScrollRange
wsprintfW
CheckMenuItem
SetMenuItemInfoW
IsWindowVisible
GetSystemMetrics
GetMenuItemCount
DrawMenuBar
BringWindowToTop

gdi32

SetBkColor
CreateBitmap
GetTextExtentPoint32W
CreateRoundRectRgn
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetGraphicsMode
SetWorldTransform
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
GetStockObject
SelectPalette
GetObjectType
CreatePen
RestoreDC
CreateHatchBrush
CopyMetaFileW
CreateDCW
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetBkColor
GetTextColor
GetTextMetricsW
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetRgnBox
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetPixel
Rectangle
OffsetRgn
EnumFontFamiliesExW
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceW
GetDeviceCaps
SaveDC
RemoveFontMemResourceEx
AddFontMemResourceEx
ExtCreatePen
SetDIBitsToDevice
GetDIBits
CreatePatternBrush
CreateFontIndirectW
GetTextCharset
StretchBlt
GetBitmapBits
SetBitmapBits
BitBlt
DeleteDC
CreateDIBSection
SetDIBColorTable
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
CreateSolidBrush

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
RegEnumValueW
RegCloseKey
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW

shell32

ShellExecuteW
ord165
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
SHAppBarMessage
DragQueryFileW
DragFinish

comctl32

ImageList_GetIconSize
InitCommonControlsEx

shlwapi

PathRemoveFileSpecW
PathFileExistsA
PathFileExistsW
PathRemoveFileSpecA
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW

ole32

OleIsCurrentClipboard
OleLockRunning
OleFlushClipboard
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateStreamOnHGlobal
CoTaskMemFree
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoCreateGuid
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoInitialize
CoUninitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoInitializeEx
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleTranslateAccelerator
CoRegisterMessageFilter
CoRevokeClassObject
IsAccelerator
DoDragDrop

oleaut32

VarBstrFromDate
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysAllocString
VariantClear
SysFreeString
SysAllocStringLen
VariantChangeType
VariantInit
OleCreateFontIndirect
VariantCopy

oledlg

OleUIBusyW

gdiplus

GdipCreateBitmapFromHBITMAP
GdipSetLineBlend
GdipDrawRectangleI
GdipCreatePen1
GdipCreatePath
GdipSetPenDashStyle
GdipDrawLineI
GdipFillRectangleI
GdipSetInterpolationMode
GdipFillPath
GdipCreateLineBrushI
GdipSetLineGammaCorrection
GdipCreateImageAttributes
GdipDeletePath
GdipSetPenWidth
GdipSetPenColor
GdipDisposeImageAttributes
GdipCreateSolidFill
GdipAddPathArcI
GdipDrawLinesI
GdipAddPathLineI
GdipSetPenCompoundArray
GdipSetPenDashArray
GdipDrawPath
GdipDrawImageRectRectI
GdipSetImageAttributesColorMatrix
GdipCloneBrush
GdipDeletePen
GdipDeleteBrush
GdipReleaseDC
GdipCreateFromHDC
GdipDrawImageRectI
GdipLoadImageFromStream
GdiplusStartup
GdipGetImageWidth
GdipCloneImage
GdipBitmapLockBits
GdipGetImagePaletteSize
GdipDisposeImage
GdipAlloc
GdipDrawImageI
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImageHeight
GdipFree
GdiplusShutdown

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

winmm

PlaySoundW

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 712KB - Virtual size: 712KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 430KB - Virtual size: 430KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 201KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9f02dee9fd0e702615f346915c1b45c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

sync

bookv000

imm32

version

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

oleacc

winmm

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 712KB - Virtual size: 712KB

.data Size: 87KB - Virtual size: 119KB

.rsrc Size: 430KB - Virtual size: 430KB

.reloc Size: 201KB - Virtual size: 201KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 712KB - Virtual size: 712KB

.data
Size: 87KB - Virtual size: 119KB

.rsrc
Size: 430KB - Virtual size: 430KB

.reloc
Size: 201KB - Virtual size: 201KB