General

Malware Config

Signatures

Files

• 2024-05-23_b4227bd9c00d9f1b99ac2d2c9f834dce_mafia

  .exe windows:5 windows x86 arch:x86

  f59a7d670e6b616b4a2e98529de589c5

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  PDB Paths

  E:\bamboo-build-dir\INT-INT484-JOB1\!result\Installer\Release\x86\bin\setup.pdb

  Imports

  shlwapi

  PathIsUNCW

  PathFindExtensionW

  PathRemoveExtensionW

  PathFindFileNameW

  PathStripToRootW

  PathRemoveFileSpecW

  PathFileExistsW

  kernel32

  GetTimeZoneInformation

  GetConsoleCP

  GetConsoleMode

  GetLocaleInfoA

  EnumSystemLocalesA

  IsValidLocale

  LCMapStringW

  SetEnvironmentVariableA

  GetCPInfo

  GetStringTypeW

  SetConsoleCtrlHandler

  FatalAppExitA

  IsValidCodePage

  GetOEMCP

  WriteConsoleW

  GetACP

  SizeofResource

  LockResource

  LoadResource

  FindResourceW

  GetSystemInfo

  GetCurrentProcess

  GetProcAddress

  GetModuleHandleW

  MultiByteToWideChar

  GetVersionExW

  IsProcessorFeaturePresent

  CloseHandle

  GetExitCodeProcess

  WaitForSingleObject

  CreateProcessW

  GetUserDefaultLCID

  GetModuleFileNameW

  ReleaseMutex

  GetLastError

  CreateMutexW

  InterlockedExchange

  LoadLibraryExW

  GetLocaleInfoW

  FreeLibrary

  GlobalAlloc

  lstrcmpW

  GlobalLock

  WideCharToMultiByte

  SetLastError

  DeactivateActCtx

  LoadLibraryW

  ActivateActCtx

  CompareStringA

  GetSystemDefaultUILanguage

  ConvertDefaultLocale

  GetUserDefaultUILanguage

  GetCurrentThreadId

  GetCurrentThread

  GlobalDeleteAtom

  lstrcmpA

  MulDiv

  lstrlenW

  LocalFree

  FormatMessageW

  GlobalUnlock

  GlobalSize

  TerminateProcess

  IsDebuggerPresent

  UnhandledExceptionFilter

  QueryPerformanceCounter

  HeapDestroy

  HeapCreate

  SetHandleCount

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetStdHandle

  SetUnhandledExceptionFilter

  GetFileType

  SetStdHandle

  VirtualQuery

  VirtualAlloc

  GetSystemTimeAsFileTime

  HeapSize

  HeapQueryInformation

  CreateThread

  ExitThread

  HeapReAlloc

  RaiseException

  ExitProcess

  HeapFree

  HeapAlloc

  DecodePointer

  EncodePointer

  RtlUnwind

  GetStartupInfoW

  HeapSetInformation

  GetCommandLineW

  LocalLock

  LocalUnlock

  FindResourceExW

  GetDiskFreeSpaceW

  ReplaceFileW

  VirtualProtect

  GetNumberFormatW

  GetWindowsDirectoryW

  SearchPathW

  Sleep

  CopyFileW

  GlobalFree

  CreateActCtxW

  GetProfileIntW

  GetTickCount

  GetFileTime

  GetFileSizeEx

  GetFileAttributesW

  SetFileTime

  LocalFileTimeToFileTime

  FileTimeToLocalFileTime

  SetFileAttributesW

  GetFileAttributesExW

  GetTempPathW

  GetTempFileNameW

  SetErrorMode

  GetShortPathNameW

  GetFullPathNameW

  GetVolumeInformationW

  FindFirstFileW

  FindClose

  DuplicateHandle

  GetFileSize

  SetEndOfFile

  UnlockFile

  LockFile

  FlushFileBuffers

  SetFilePointer

  WriteFile

  ReadFile

  MoveFileW

  CreateFileW

  lstrcmpiW

  GetStringTypeExW

  FreeResource

  GlobalFindAtomW

  InitializeCriticalSectionAndSpinCount

  SystemTimeToFileTime

  FileTimeToSystemTime

  GetThreadLocale

  lstrlenA

  GetAtomNameW

  GlobalGetAtomNameW

  DeleteFileW

  InterlockedIncrement

  TlsFree

  DeleteCriticalSection

  LocalReAlloc

  TlsSetValue

  TlsAlloc

  InitializeCriticalSection

  GlobalHandle

  GlobalReAlloc

  EnterCriticalSection

  TlsGetValue

  LeaveCriticalSection

  LocalAlloc

  CompareStringW

  GlobalFlags

  lstrcpyW

  GetSystemDirectoryW

  GetCurrentDirectoryW

  GetCurrentProcessId

  GlobalAddAtomW

  GetPrivateProfileStringW

  WritePrivateProfileStringW

  GetPrivateProfileIntW

  CreateEventW

  SuspendThread

  SetEvent

  ResumeThread

  SetThreadPriority

  InterlockedDecrement

  ReleaseActCtx

  user32

  GetTabbedTextExtentW

  GetDCEx

  EnumChildWindows

  GetWindowRgn

  WindowFromDC

  DestroyCursor

  DrawIcon

  MapDialogRect

  GetDialogBaseUnits

  GetNextDlgGroupItem

  HideCaret

  InvertRect

  SubtractRect

  MapVirtualKeyExW

  GetKeyNameTextW

  IsCharLowerW

  GetIconInfo

  GetDoubleClickTime

  CharUpperBuffW

  CopyIcon

  RegisterClipboardFormatW

  EmptyClipboard

  CloseClipboard

  SetClipboardData

  OpenClipboard

  GetMenuDefaultItem

  GetUpdateRect

  FrameRect

  SendNotifyMessageW

  IsClipboardFormatAvailable

  PostThreadMessageW

  CreateMenu

  InSendMessage

  IsMenu

  UpdateLayeredWindow

  EnableScrollBar

  UnionRect

  MonitorFromPoint

  TranslateMDISysAccel

  DrawMenuBar

  DefMDIChildProcW

  DefFrameProcW

  CreateDialogIndirectParamW

  GetNextDlgTabItem

  EndDialog

  CopyImage

  UnpackDDElParam

  ReuseDDElParam

  GetMenuBarInfo

  LoadImageW

  InsertMenuItemW

  TranslateAcceleratorW

  LockWindowUpdate

  BringWindowToTop

  SetCursorPos

  SetRect

  CreateAcceleratorTableW

  LoadAcceleratorsW

  GetKeyboardState

  GetKeyboardLayout

  MapVirtualKeyW

  ToUnicodeEx

  CopyAcceleratorTableW

  DrawFocusRect

  DrawFrameControl

  DrawEdge

  DrawIconEx

  DrawStateW

  MessageBeep

  GetSystemMenu

  LoadMenuW

  IntersectRect

  SetClassLongW

  GetAsyncKeyState

  NotifyWinEvent

  CreatePopupMenu

  DestroyAcceleratorTable

  SetParent

  SetWindowRgn

  IsZoomed

  OffsetRect

  IsRectEmpty

  DestroyMenu

  GetMenuItemInfoW

  InflateRect

  CharUpperW

  DestroyIcon

  IsIconic

  ScrollWindowEx

  ShowWindow

  MoveWindow

  IsDialogMessageW

  IsDlgButtonChecked

  SetDlgItemTextW

  SetDlgItemInt

  GetDlgItemTextW

  GetDlgItemInt

  CheckRadioButton

  CheckDlgButton

  RegisterWindowMessageW

  LoadIconW

  SendDlgItemMessageW

  SendDlgItemMessageA

  WinHelpW

  IsChild

  GetClassLongW

  SetPropW

  GetPropW

  RemovePropW

  IsWindow

  SetFocus

  GetForegroundWindow

  SetActiveWindow

  BeginDeferWindowPos

  EndDeferWindowPos

  GetDlgItem

  GetTopWindow

  DestroyWindow

  GetMessageTime

  GetMessagePos

  MonitorFromWindow

  ScrollWindow

  TrackPopupMenuEx

  TrackPopupMenu

  SetMenu

  SetScrollRange

  GetScrollRange

  SetScrollPos

  GetScrollPos

  SetForegroundWindow

  ShowScrollBar

  RedrawWindow

  CreateWindowExW

  GetClassInfoExW

  RegisterClassW

  AdjustWindowRectEx

  EqualRect

  DeferWindowPos

  GetScrollInfo

  SetScrollInfo

  GetSystemMetrics

  MessageBoxExW

  PostQuitMessage

  PostMessageW

  RemoveMenu

  SetWindowPlacement

  GetWindowPlacement

  CallWindowProcW

  GetMenu

  SetWindowLongW

  SetWindowPos

  GetWindowTextLengthW

  UnregisterClassW

  WaitMessage

  ReleaseCapture

  GetCapture

  WindowFromPoint

  SetCapture

  KillTimer

  SetTimer

  InvalidateRect

  UpdateWindow

  GetDesktopWindow

  RealChildWindowFromPoint

  GetWindow

  GetDlgCtrlID

  GetWindowRect

  GetClassNameW

  PtInRect

  GetWindowTextW

  SetWindowTextW

  EndPaint

  BeginPaint

  GetWindowDC

  ReleaseDC

  GetDC

  ClientToScreen

  ScreenToClient

  GrayStringW

  DrawTextExW

  DrawTextW

  TabbedTextOutW

  FillRect

  GetSysColorBrush

  GetSubMenu

  GetMenuItemCount

  InsertMenuW

  GetMenuItemID

  AppendMenuW

  GetMenuStringW

  GetMenuState

  UnhookWindowsHookEx

  CheckMenuItem

  EnableMenuItem

  ModifyMenuW

  SendMessageW

  GetParent

  GetFocus

  LoadBitmapW

  GetMenuCheckMarkDimensions

  SetMenuItemBitmaps

  ValidateRect

  GetCursorPos

  PeekMessageW

  GetKeyState

  IsWindowVisible

  GetActiveWindow

  DispatchMessageW

  TranslateMessage

  GetMessageW

  CallNextHookEx

  SetWindowsHookExW

  SetCursor

  ShowOwnedPopups

  MessageBoxW

  EnableWindow

  IsWindowEnabled

  GetLastActivePopup

  GetWindowLongW

  GetWindowThreadProcessId

  DeleteMenu

  CopyRect

  SetRectEmpty

  GetMonitorInfoW

  SystemParametersInfoW

  EnumDisplayMonitors

  GetSysColor

  SetLayeredWindowAttributes

  LoadCursorW

  GetClientRect

  MapWindowPoints

  DefWindowProcW

  GetClassInfoW

  SetMenuDefaultItem

  gdi32

  GetClipRgn

  CreateRectRgn

  SelectClipPath

  GetViewportExtEx

  GetWindowExtEx

  GetPixel

  StartDocW

  PtVisible

  RectVisible

  TextOutW

  ExtTextOutW

  Escape

  SelectObject

  SetViewportOrgEx

  OffsetViewportOrgEx

  SetViewportExtEx

  ScaleViewportExtEx

  SetWindowOrgEx

  OffsetWindowOrgEx

  SetWindowExtEx

  ScaleWindowExtEx

  GetCurrentPositionEx

  ArcTo

  PolyDraw

  PolylineTo

  PolyBezierTo

  ExtSelectClipRgn

  DeleteDC

  CreateDIBPatternBrushPt

  SelectPalette

  PlayMetaFileRecord

  GetObjectType

  EnumMetaFile

  PlayMetaFile

  ExtCreatePen

  CreateHatchBrush

  GetTextExtentPoint32W

  GetCharWidthW

  CreateFontW

  StretchDIBits

  GetCurrentObject

  CreateDIBSection

  CreateRoundRectRgn

  CreatePolygonRgn

  CombineRgn

  GetBkColor

  GetTextColor

  SelectClipRgn

  CreateEllipticRgn

  Polyline

  Ellipse

  Polygon

  SetRectRgn

  GetMapMode

  SetArcDirection

  OffsetRgn

  GetRgnBox

  SetDIBColorTable

  GetDIBits

  RealizePalette

  StretchBlt

  SetPixel

  RoundRect

  Rectangle

  CreatePalette

  GetPaletteEntries

  GetNearestPaletteIndex

  GetSystemPaletteEntries

  LPtoDP

  GetWindowOrgEx

  GetViewportOrgEx

  PtInRegion

  FillRgn

  FrameRgn

  GetBoundsRect

  ExtFloodFill

  SetPaletteEntries

  EnumFontFamiliesExW

  StartPage

  EndPage

  SetAbortProc

  AbortDoc

  EndDoc

  GetNearestColor

  GetBkMode

  GetPolyFillMode

  GetROP2

  GetStretchBltMode

  GetTextAlign

  GetTextFaceW

  CreateMetaFileW

  CloseMetaFile

  DeleteMetaFile

  SetPixelV

  PatBlt

  SetColorAdjustment

  SetLayout

  GetLayout

  SetMapperFlags

  SetTextCharacterExtra

  SetTextJustification

  SetTextAlign

  MoveToEx

  SetBkColor

  LineTo

  OffsetClipRgn

  IntersectClipRect

  ExcludeClipRect

  GetClipBox

  SetMapMode

  ModifyWorldTransform

  RestoreDC

  SaveDC

  DeleteObject

  GetTextCharsetInfo

  EnumFontFamiliesW

  GetTextMetricsW

  BitBlt

  CreateCompatibleDC

  CreateRectRgnIndirect

  CreateCompatibleBitmap

  GetObjectW

  CreateFontIndirectW

  CreatePatternBrush

  CreateSolidBrush

  SetWorldTransform

  SetGraphicsMode

  SetTextColor

  SetStretchBltMode

  SetROP2

  SetPolyFillMode

  CreateDCW

  CreateBitmap

  DPtoLP

  CreateDIBitmap

  SetBkMode

  CreatePen

  GetStockObject

  GetDeviceCaps

  CopyMetaFileW

  msimg32

  TransparentBlt

  AlphaBlend

  comdlg32

  GetFileTitleW

  winspool.drv

  GetJobW

  DocumentPropertiesW

  ClosePrinter

  OpenPrinterW

  advapi32

  RegEnumKeyExW

  RegOpenKeyExW

  RegQueryValueExW

  RegSetValueW

  RegCreateKeyExW

  RegSetValueExW

  RegDeleteValueW

  RegDeleteKeyW

  RegEnumKeyW

  GetFileSecurityW

  SetFileSecurityW

  RegCloseKey

  RegEnumValueW

  RegQueryValueW

  shell32

  SHGetMalloc

  SHAddToRecentDocs

  ExtractIconW

  SHGetFileInfoW

  ShellExecuteW

  DragFinish

  DragQueryFileW

  SHAppBarMessage

  SHGetDesktopFolder

  SHGetPathFromIDListW

  SHGetSpecialFolderLocation

  ShellExecuteExW

  SHBrowseForFolderW

  comctl32

  ImageList_GetIconSize

  ImageList_ReplaceIcon

  ImageList_GetIcon

  ImageList_Create

  ImageList_GetImageCount

  ImageList_Destroy

  ImageList_AddMasked

  ImageList_Remove

  ImageList_DrawEx

  ole32

  OleCreateFromData

  OleSaveToStream

  WriteClassStm

  OleSave

  StgCreateDocfileOnILockBytes

  PropVariantCopy

  DoDragDrop

  OleFlushClipboard

  OleIsCurrentClipboard

  OleSetClipboard

  CreateStreamOnHGlobal

  OleSetMenuDescriptor

  OleLockRunning

  IsAccelerator

  OleTranslateAccelerator

  OleDestroyMenuDescriptor

  OleCreateMenuDescriptor

  StgIsStorageFile

  StgOpenStorage

  OleCreateLinkFromData

  CreateILockBytesOnHGlobal

  OleRegGetMiscStatus

  StgCreateDocfile

  CoInitializeEx

  CLSIDFromString

  StringFromGUID2

  CoDisconnectObject

  CoUninitialize

  CoInitialize

  CoCreateInstance

  OleDuplicateData

  CoTreatAsClass

  StringFromCLSID

  CoTaskMemAlloc

  ReleaseStgMedium

  CreateBindCtx

  ReadClassStg

  OleRegEnumVerbs

  CreateGenericComposite

  OleCreateStaticFromData

  OleCreate

  OleLoad

  GetHGlobalFromILockBytes

  CLSIDFromProgID

  CoRegisterMessageFilter

  CoRevokeClassObject

  CoRegisterClassObject

  CoGetClassObject

  OleInitialize

  CoFreeUnusedLibraries

  OleUninitialize

  CreateDataAdviseHolder

  CreateOleAdviseHolder

  CoGetMalloc

  GetRunningObjectTable

  OleIsRunning

  OleQueryLinkFromData

  OleQueryCreateFromData

  RevokeDragDrop

  CoLockObjectExternal

  RegisterDragDrop

  OleGetClipboard

  CreateFileMoniker

  OleRun

  ReadFmtUserTypeStg

  OleRegGetUserType

  WriteClassStg

  WriteFmtUserTypeStg

  SetConvertStg

  CoTaskMemFree

  CoCreateGuid

  CreateItemMoniker

  OleGetIconOfClass

  OleCreateLinkToFile

  OleCreateFromFile

  StgOpenStorageOnILockBytes

  OleSetContainedObject

  oleaut32

  SysStringLen

  RegisterTypeLi

  LoadTypeLi

  LoadRegTypeLi

  SafeArrayUnaccessData

  SafeArrayAccessData

  SafeArrayGetUBound

  SafeArrayGetLBound

  SafeArrayGetElemsize

  SafeArrayGetDim

  SafeArrayCreate

  VariantClear

  SafeArrayRedim

  VariantChangeType

  VariantCopy

  SafeArrayAllocData

  SafeArrayAllocDescriptor

  SysStringByteLen

  SafeArrayGetElement

  SafeArrayPtrOfIndex

  SafeArrayPutElement

  SafeArrayLock

  SafeArrayUnlock

  SafeArrayDestroy

  SafeArrayDestroyData

  SafeArrayDestroyDescriptor

  VariantTimeToSystemTime

  SystemTimeToVariantTime

  SysAllocStringLen

  VarDateFromStr

  SysReAllocStringLen

  VarBstrFromCy

  VarBstrFromDec

  VarDecFromStr

  VarBstrFromDate

  VariantInit

  SysAllocStringByteLen

  SysAllocString

  SysFreeString

  SafeArrayCopy

  VarCyFromStr

  oledlg

  OleUIBusyW

  gdiplus

  GdipGetImageGraphicsContext

  GdipBitmapUnlockBits

  GdipBitmapLockBits

  GdipCreateBitmapFromScan0

  GdipCreateBitmapFromStreamICM

  GdipCreateBitmapFromStream

  GdipCreateBitmapFromFileICM

  GdipCreateBitmapFromFile

  GdipGetImagePalette

  GdipGetImagePaletteSize

  GdipGetImagePixelFormat

  GdipGetImageHeight

  GdipGetImageWidth

  GdipCloneImage

  GdipDrawImageRectI

  GdipSetInterpolationMode

  GdipCreateFromHDC

  GdiplusShutdown

  GdiplusStartup

  GdipCreateBitmapFromHBITMAP

  GdipDisposeImage

  GdipDeleteGraphics

  GdipAlloc

  GdipFree

  GdipDrawImageI

  oleacc

  LresultFromObject

  AccessibleObjectFromWindow

  CreateStdAccessibleObject

  imm32

  ImmReleaseContext

  ImmGetContext

  ImmGetOpenStatus

  winmm

  PlaySoundW

  Sections

  .text

  Size: 2.4MB - Virtual size: 2.4MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 560KB - Virtual size: 560KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 40KB - Virtual size: 70KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 23KB - Virtual size: 22KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 697KB - Virtual size: 697KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 184KB - Virtual size: 184KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ