2024-05-22_ad1f16ddd7cdb37beb10ec4c7bc34d51_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-22_ad1f16ddd7cdb37beb10ec4c7bc34d51_mafia
Size

2.6MB
MD5

ad1f16ddd7cdb37beb10ec4c7bc34d51
SHA1

9e53509b972b829694ce55eb43512fd1da953782
SHA256

92c2b610a314c2a3f710cb6502437ff61ed3c821d014cfd26f863e68c943206d
SHA512

f45f3ef63ea176c31b7301e5ace03f486b96e8f629191d1c077f8e730c9b70156cfd5d8e57f0cd8b3df92e0c46823b2563f843f8841a955ff5ad66bb3dab5f2f
SSDEEP

49152:ZxlqQ9HfJXr7YWhWxB/tQmKNy9wKOyNrZcLpycSVWeOXdRssWjEjQmzC26wkgVq7:Zf9hXr7YWhWx7QmKN0wyNWLpycSVWfX/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
2024-05-22_ad1f16ddd7cdb37beb10ec4c7bc34d51_mafia

Files

2024-05-22_ad1f16ddd7cdb37beb10ec4c7bc34d51_mafia
.exe windows:5 windows x86 arch:x86

b3d671b532487b37b7a41b410032a8ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\devel\RadioListPlayer_2.0\Release\RadioListPlayer.pdb

Imports

ws2_32

getsockopt
WSACreateEvent
WSAStartup
WSACleanup
send
WSAGetLastError
gethostname
ioctlsocket
__WSAFDIsSet
select
recvfrom
sendto
getpeername
WSAIoctl
socket
htonl
setsockopt
bind
getsockname
listen
connect
accept
recv
htons
getaddrinfo
freeaddrinfo
WSASetLastError
ntohs
WSACloseEvent
WSAEventSelect
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
WSAResetEvent
closesocket

wldap32

ord167
ord117
ord301
ord219
ord145
ord208
ord26
ord133
ord147
ord27
ord41
ord46
ord216
ord14
ord127
ord142
ord79
ord73

crypt32

CertFreeCertificateChain
CertFreeCertificateChainEngine
CertGetCertificateChain
CertCreateCertificateChainEngine
CertFindExtension
CryptDecodeObjectEx
CryptQueryObject
CertAddCertificateContextToStore
CertEnumCertificatesInStore
CertOpenStore
CryptStringToBinaryW
CertCloseStore
CertFindCertificateInStore
CertFreeCertificateContext
PFXImportCertStore

rpcrt4

UuidToStringW

normaliz

IdnToAscii
IdnToUnicode

winmm

timeGetTime
PlaySoundW

user32

DefMDIChildProcW
DefFrameProcW
PostThreadMessageW
CharUpperBuffW
CopyIcon
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
FrameRect
RegisterClipboardFormatW
LoadImageW
GetIconInfo
HideCaret
InvertRect
LockWindowUpdate
DrawMenuBar
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
TranslateMDISysAccel
CreateMenu
IsClipboardFormatAvailable
GetUpdateRect
GetDoubleClickTime
wsprintfW
SetTimer
KillTimer
IsCharLowerW
MapVirtualKeyExW
SubtractRect
DestroyCursor
SetClassLongW
DestroyAcceleratorTable
SetParent
DestroyIcon
GetNextDlgGroupItem
InvalidateRgn
SetRect
CopyAcceleratorTableW
CharNextW
UnregisterClassW
WaitMessage
GetWindowRgn
DispatchMessageW
TranslateMessage
PeekMessageW
SendMessageW
BringWindowToTop
EnableWindow
CopyImage
GetMenuDefaultItem
SetMenuDefaultItem
IsMenu
MonitorFromPoint
UpdateLayeredWindow
LoadIconW
UnionRect
IsRectEmpty
CharUpperW
IsZoomed
GetAsyncKeyState
NotifyWinEvent
MessageBeep
SetWindowRgn
LoadMenuW
DeleteMenu
OffsetRect
RealChildWindowFromPoint
GetSysColorBrush
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
IntersectRect
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
ShowOwnedPopups
GetMessageW
MapVirtualKeyW
GetKeyNameTextW
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
IsWindowVisible
ValidateRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetFocus
GetCursorPos
ScreenToClient
PtInRect
CreatePopupMenu
AppendMenuW
EnableMenuItem
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
GetClipboardData
InvalidateRect
UpdateWindow
GetSystemMenu
GetClientRect
LoadAcceleratorsW
LoadBitmapW
GetWindowRect
PostMessageW
IsIconic
GetSystemMetrics
DrawIcon
GetDC
ReleaseDC
ReleaseCapture
SetCursor
GetSubMenu
LoadCursorW
SetCapture
GetCursor
WindowFromPoint
SetWindowPos
IsChild
MoveWindow
GetDlgItem
SetDlgItemTextW
ShowWindow
GetWindowLongW
SetWindowLongW
SetWindowTextW
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcW
CallWindowProcW
GetMenu
CopyRect
GetWindowTextLengthW
GetWindowTextW
SetFocus
GetDlgCtrlID
IsDialogMessageW
IsDlgButtonChecked
SendDlgItemMessageW
GetDlgItemTextW
CheckDlgButton
GetWindow
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetMenuItemCount
InsertMenuW
GetMenuItemID
EnableScrollBar
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetMenuState
DrawStateW
FillRect
GetClassNameW
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
IsWindow
DestroyWindow
CreateDialogIndirectParamW
SetActiveWindow
GetActiveWindow
GetDesktopWindow
MessageBoxW
GetLastActivePopup
GetWindowThreadProcessId
RemoveMenu
GetMenuStringW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

LocalFree
GlobalSize
CopyFileW
FreeResource
FindClose
FindFirstFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
lstrcmpW
CompareStringW
GetVersionExW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
InterlockedExchange
LoadLibraryExW
GetLocaleInfoW
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetCurrentThread
lstrcmpA
CreateActCtxW
ReleaseActCtx
InterlockedDecrement
lstrcpyW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
GlobalFlags
InterlockedIncrement
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalGetAtomNameW
GetThreadLocale
lstrcmpiW
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationW
GetFullPathNameW
GetTempFileNameW
GetTempPathW
GetWindowsDirectoryW
GetNumberFormatW
GetProfileIntW
SearchPathW
SetErrorMode
GetFileAttributesExW
GetFileTime
VirtualProtect
GetUserDefaultLCID
FindResourceExW
GetCommandLineW
HeapSetInformation
GetStartupInfoW
HeapFree
EncodePointer
DecodePointer
ExitThread
GetCPInfo
HeapAlloc
HeapReAlloc
GetDriveTypeW
FindFirstFileExW
GetFileInformationByHandle
GetTimeFormatA
GetDateFormatA
RtlUnwind
MulDiv
ExitProcess
HeapQueryInformation
HeapSize
VirtualAlloc
GetSystemInfo
VirtualQuery
SetStdHandle
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetConsoleCP
GetConsoleMode
LCMapStringW
GetStringTypeW
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
GetProcessHeap
WriteConsoleW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetEnvironmentVariableA
ExpandEnvironmentStringsA
CreateFileW
GetFileSizeEx
MoveFileExW
GetFileType
WaitForMultipleObjects
PeekNamedPipe
ReadFile
GetCurrentProcessId
GetEnvironmentVariableA
GetModuleHandleA
VerSetConditionMask
VerifyVersionInfoW
WaitForSingleObject
QueryPerformanceCounter
GetTickCount
QueryPerformanceFrequency
GetModuleHandleW
LoadLibraryW
GetSystemDirectoryW
InitializeCriticalSection
SetLastError
FormatMessageW
GetCurrentDirectoryW
GetPrivateProfileStringA
GetFileAttributesW
GetModuleFileNameW
GetSystemTimeAsFileTime
FreeLibrary
GetProcAddress
LoadLibraryA
DeleteFileW
GlobalUnlock
GlobalLock
GlobalAlloc
InitializeCriticalSectionAndSpinCount
LockResource
SizeofResource
LoadResource
FindResourceW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetUserDefaultUILanguage
CreateDirectoryW
WriteFile
TerminateProcess
CreateProcessW
GetStdHandle
SetHandleInformation
CreatePipe
TerminateThread
CreateThread
SleepEx
CloseHandle
GetExitCodeThread
ResumeThread
SetThreadPriority
MultiByteToWideChar
lstrlenA
GetLastError
WideCharToMultiByte
lstrlenW
Sleep
CreateFileA
ActivateActCtx
DeactivateActCtx
RaiseException
GlobalFree
InterlockedCompareExchange
DeleteFileA
GetCurrentThreadId

gdi32

GetTextFaceW
SetPixelV
ExtSelectClipRgn
CreatePatternBrush
SetPaletteEntries
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
ExtFloodFill
EnumFontFamiliesExW
SetPixel
StretchBlt
SetDIBColorTable
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Ellipse
Polyline
CreateEllipticRgn
CreatePolygonRgn
GetRgnBox
GetTextColor
GetBkColor
CreateDIBSection
CreateRoundRectRgn
GetTextCharsetInfo
EnumFontFamiliesW
GetTextMetricsW
CreateDIBitmap
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
CreateFontIndirectW
CreateRectRgnIndirect
CreateHatchBrush
GetObjectType
SelectPalette
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateDCW
CopyMetaFileW
GetDeviceCaps
GetTextExtentPoint32W
BitBlt
DeleteObject
LineTo
MoveToEx
Rectangle
CreatePen
SelectObject
DeleteDC
CreateCompatibleBitmap
CreateCompatibleDC
GetStockObject
PatBlt
CreateSolidBrush
GetObjectW
CreateBitmap

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

CryptHashData
RegOpenKeyExW
RegCreateKeyW
RegQueryValueExW
RegSetValueExW
RegQueryValueW
RegCloseKey
RegDeleteValueW
CryptReleaseContext
CryptDestroyHash
CryptGetHashParam
CryptCreateHash
CryptAcquireContextW
CryptGenRandom
CryptDestroyKey
CryptEncrypt
CryptImportKey
RegQueryValueExA
RegEnumKeyExW
RegEnumValueW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExA

shell32

SHGetFileInfoW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
DragFinish
SHGetMalloc
DragQueryFileW
SHGetFolderPathW
SHAppBarMessage
SHGetDesktopFolder

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathCanonicalizeW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathStripToRootW
ord191
PathIsUNCW

ole32

StgOpenStorageOnILockBytes
CoGetClassObject
CoInitializeEx
CLSIDFromString
CLSIDFromProgID
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoCreateGuid
CoTaskMemFree
CoUninitialize
CoInitialize
PropVariantClear
CoCreateInstance
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoRegisterMessageFilter
CreateStreamOnHGlobal

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysStringLen
SysAllocString
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString
VarBstrFromDate
OleCreateFontIndirect

oledlg

OleUIBusyW

urlmon

IsValidURL

gdiplus

GdipBitmapLockBits
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipCreateBitmapFromScan0

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 391KB - Virtual size: 391KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3d671b532487b37b7a41b410032a8ee

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

wldap32

crypt32

rpcrt4

normaliz

winmm

user32

version

kernel32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

urlmon

gdiplus

oleacc

imm32

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 391KB - Virtual size: 391KB

.data Size: 35KB - Virtual size: 2.1MB

.rsrc Size: 121KB - Virtual size: 121KB

.reloc Size: 206KB - Virtual size: 206KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 391KB - Virtual size: 391KB

.data
Size: 35KB - Virtual size: 2.1MB

.rsrc
Size: 121KB - Virtual size: 121KB

.reloc
Size: 206KB - Virtual size: 206KB