2024-05-23_933df502937824b0b9a761d5f5c7697f_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-23_933df502937824b0b9a761d5f5c7697f_mafia
Size

2.4MB
MD5

933df502937824b0b9a761d5f5c7697f
SHA1

71e1953e1d309d4eae2084641eee484713da4010
SHA256

a232e8e4694dd8b73aa721c3bb8bc7263abbd24163397b6b9fd30bdfe2c1b52c
SHA512

d4d87cc4d2cfb975943ba1260214f43eac14e85432a3c05d077eecec2d32fe36e9fb31a29d75d46f6055381e1212ef3aeaadff9a6d2701bb2ff41fcb79ad3ae2
SSDEEP

49152:WMuiRKUxoxhTLhMOPDuH2Xdzqalm3FM4mUMRQrCeRUDWnAHlwRCQcKt8md4pMi5g:WMuiRKMOPDuH0zhgM4mJRQrCeWDWnAHC

Score

1^/10

Malware Config

Signatures

Files

2024-05-23_933df502937824b0b9a761d5f5c7697f_mafia
.exe windows:5 windows x86 arch:x86

f0903766c0fc73b5ecebca50e7f03503

Code Sign

07
Certificate

Issuer

CN=TrustAsia Code Signing CA,O=TrustAsia Technologies\, Inc.,C=CN

Not Before

19/05/2013, 10:54

Not After

19/05/2015, 10:54

Subject

CN=亚洲诚信代码签名测试证书,O=亚数信息科技（上海）有限公司,L=上海市,ST=上海市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05
Certificate

Issuer

CN=TrustAsia Root CA,O=TrustAsia Technologies\, Inc.,C=CN

Not Before

19/05/2010, 10:43

Not After

19/05/2020, 10:43

Subject

CN=TrustAsia Code Signing CA,O=TrustAsia Technologies\, Inc.,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

62:e5:54:e5:40:49:b5:37:cc:ba:f5:13:b5:24:71:fc:6d:8d:4e:c5
Signer

Actual PE Digest

62:e5:54:e5:40:49:b5:37:cc:ba:f5:13:b5:24:71:fc:6d:8d:4e:c5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
QueryPerformanceCounter
GetLocaleInfoW
GetStringTypeW
CompareStringW
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
CreateFileW
FreeEnvironmentStringsW
CreateMutexA
LockResource
GetExitCodeProcess
CreatePipe
GetDateFormatA
GetTimeFormatA
CreateProcessA
SetHandleCount
SetEnvironmentVariableA
GetConsoleMode
lstrlenA
GetConsoleCP
InterlockedDecrement
GetCurrentProcess
GlobalLock
GlobalAlloc
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
MulDiv
MultiByteToWideChar
lstrlenW
GlobalUnlock
RaiseException
GetLastError
SetLastError
EnterCriticalSection
GetModuleFileNameA
DeleteCriticalSection
GetCurrentThreadId
SetCurrentDirectoryA
FindResourceW
LoadLibraryExA
GetModuleHandleA
GetProcAddress
lstrcmpiA
IsDBCSLeadByte
SizeofResource
LoadResource
FreeLibrary
FindResourceA
IsValidCodePage
GetStdHandle
HeapCreate
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WinExec
LCMapStringW
GetFileType
SetStdHandle
HeapSize
HeapQueryInformation
ExitThread
ExitProcess
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetSystemTimeAsFileTime
HeapReAlloc
VirtualQuery
GetSystemInfo
DecodePointer
EncodePointer
FindResourceExW
GetUserDefaultLCID
SearchPathA
GetProfileIntA
GetNumberFormatA
GetWindowsDirectoryA
GetTickCount
GetTempFileNameA
GetFileTime
GetFileSizeEx
GetFileAttributesA
FileTimeToLocalFileTime
GetFileAttributesExA
SetErrorMode
GetOEMCP
GetCPInfo
GetACP
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
MoveFileA
CreateFileA
lstrcpyA
DeleteFileA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetCurrentDirectoryA
FileTimeToSystemTime
GlobalFlags
InitializeCriticalSection
GlobalGetAtomNameA
GlobalFindAtomA
GetVersionExA
LoadLibraryW
lstrcmpW
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
CopyFileA
GlobalSize
FormatMessageA
LocalFree
ResumeThread
SetThreadPriority
FreeResource
GlobalFree
GlobalAddAtomA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GlobalDeleteAtom
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
CompareStringA
InterlockedExchange
GetModuleHandleW
GetTimeZoneInformation
GetCurrentProcessId
TerminateProcess
VirtualProtect
VirtualAlloc
GetThreadLocale
IsBadReadPtr
GetProcessHeap
VirtualFree
HeapFree
HeapAlloc
FindClose
CreateThread
GetSystemTime
CloseHandle
ReleaseMutex
FindFirstFileA
Sleep
WaitForSingleObject
LoadLibraryA
DeactivateActCtx
ActivateActCtx
GetTempPathA
InterlockedIncrement
lstrcmpA

user32

SetWindowPos
GetSysColor
GetDesktopWindow
RedrawWindow
DefWindowProcA
GetDlgItem
ReleaseDC
CreateWindowExA
GetWindowLongA
CreateAcceleratorTableA
InvalidateRect
SetWindowLongA
GetWindowTextA
OffsetRect
GetDC
BeginPaint
RegisterWindowMessageA
SendMessageA
GetWindowTextLengthA
SetFocus
GetClientRect
CharNextA
InvalidateRgn
GetParent
GetFocus
DrawTextA
SetCapture
GetClassInfoExA
IsChild
FillRect
GetWindowRect
ScreenToClient
DestroyAcceleratorTable
GetClassNameA
DestroyWindow
ClientToScreen
EndPaint
PostQuitMessage
DispatchMessageA
TranslateMessage
GetMessageA
EnableWindow
GetSystemMetrics
PostMessageA
AppendMenuA
CreatePopupMenu
GetCursorPos
LoadIconW
DrawIcon
LoadIconA
SetForegroundWindow
IsIconic
CopyRect
KillTimer
GetWindowDC
SetTimer
GetWindowThreadProcessId
TabbedTextOutA
IsWindow
GrayStringA
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
SetCursor
GetWindowRgn
DestroyCursor
SubtractRect
MapVirtualKeyExA
IsCharLowerA
GetDoubleClickTime
CharUpperBuffA
CopyIcon
LoadImageW
EmptyClipboard
CloseClipboard
OpenClipboard
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
PostThreadMessageA
CreateMenu
IsMenu
UpdateLayeredWindow
UnionRect
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
CopyImage
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
RegisterClipboardFormatA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadImageA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
LockWindowUpdate
BringWindowToTop
SetCursorPos
ReleaseCapture
SetWindowTextA
CallWindowProcA
LoadCursorA
GetWindow
MoveWindow
DrawTextExA
SetPropA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateA
GetSystemMenu
LoadMenuW
SetClassLongA
GetAsyncKeyState
NotifyWinEvent
SetParent
SetWindowRgn
IsZoomed
UnregisterClassA
MessageBeep
GetNextDlgGroupItem
SetRect
IsRectEmpty
CopyAcceleratorTableA
CharUpperA
DestroyIcon
WaitMessage
WindowFromPoint
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
DeleteMenu
GetSysColorBrush
RealChildWindowFromPoint
IntersectRect
ShowWindow
IsDialogMessageA
CheckDlgButton
SendDlgItemMessageA
WinHelpA
GetCapture
GetClassLongA
SetClipboardData
GetPropA
RemovePropA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
UpdateWindow
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
PtInRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
GetMenu
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
InflateRect
UnhookWindowsHookEx
MapVirtualKeyA
GetKeyNameTextA
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
SetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
ValidateRect
SetWindowContextHelpId
MapDialogRect
GetLastActivePopup
IsWindowEnabled
MessageBoxA
ShowOwnedPopups

advapi32

RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegQueryValueExA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegQueryInfoKeyW
RegSetValueExA

ole32

CoRevokeClassObject
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemRealloc
CoTaskMemFree
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoRegisterMessageFilter
CoFreeUnusedLibraries
CoInitializeEx
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoUninitialize
OleDuplicateData
ReleaseStgMedium
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoGetClassObject
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
OleLockRunning
CoCreateInstance
CoCreateGuid
CoInitialize
CoTaskMemAlloc

shell32

SHAppBarMessage
ShellExecuteA
SHBrowseForFolderA
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
Shell_NotifyIconA
SHFileOperationA

oleaut32

VariantCopy
VariantChangeType
SysAllocStringByteLen
VarUI4FromStr
SafeArrayDestroy
SysFreeString
OleCreateFontIndirect
SysAllocStringLen
VariantInit
VariantClear
SysStringLen
SysAllocString
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate

shlwapi

PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW

gdi32

SelectObject
DeleteObject
GetDeviceCaps
DeleteDC
BitBlt
Ellipse
CreateBrushIndirect
CreateFontIndirectA
GetTextExtentPoint32A
TextOutA
ExtTextOutA
RectVisible
Escape
PtVisible
CreateBitmap
CopyMetaFileA
CreateDCA
CreateRectRgnIndirect
PatBlt
SaveDC
RestoreDC
SetBkColor
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
CreateCompatibleDC
GetObjectType
CreatePen
CreateHatchBrush
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
CreateDIBitmap
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
GetBkColor
GetTextColor
GetRgnBox
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExA
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceA
SetPixelV
GetObjectA
GetStockObject
CreateSolidBrush
CreateCompatibleBitmap

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comctl32

InitCommonControlsEx
ImageList_GetIconSize

oledlg

ord8

lunar

ord16
ord18
ord1
ord4
ord5
ord7
ord8
ord9
ord10
ord12
ord13
ord17

wininet

HttpQueryInfoA
InternetCrackUrlA
InternetReadFile
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
InternetOpenA
InternetCloseHandle
InternetConnectA

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

gdiplus

GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipGetImageHeight
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipDisposeImage
GdipCreateBitmapFromStream
GdipCreateFromHDC

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 375KB - Virtual size: 374KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0903766c0fc73b5ecebca50e7f03503

Code Sign

07Certificate

Extended Key Usages

Key Usages

05Certificate

Extended Key Usages

Key Usages

62:e5:54:e5:40:49:b5:37:cc:ba:f5:13:b5:24:71:fc:6d:8d:4e:c5Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

shell32

oleaut32

shlwapi

gdi32

msimg32

comdlg32

winspool.drv

comctl32

oledlg

lunar

wininet

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 375KB - Virtual size: 374KB

.data Size: 41KB - Virtual size: 77KB

.rsrc Size: 296KB - Virtual size: 296KB

.reloc Size: 193KB - Virtual size: 192KB

07
Certificate

05
Certificate

62:e5:54:e5:40:49:b5:37:cc:ba:f5:13:b5:24:71:fc:6d:8d:4e:c5
Signer

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 375KB - Virtual size: 374KB

.data
Size: 41KB - Virtual size: 77KB

.rsrc
Size: 296KB - Virtual size: 296KB

.reloc
Size: 193KB - Virtual size: 192KB