2024-05-23_91bd48de62a8fcc7d1269c19211cc091_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-23_91bd48de62a8fcc7d1269c19211cc091_mafia
Size

251KB
MD5

91bd48de62a8fcc7d1269c19211cc091
SHA1

0f4a73af1398149fa53df620817b605109b88e97
SHA256

17706f335045763652585436c1826bac56e63d5e42f78aef7296c426374e83c4
SHA512

0f52309d7d9548bbffb67f0c65a69f16876824f19083fee42eef28ff2c13b42913363f1991867df59eb845f8c72d7666b0b67b4ff420600971e3dde62d797797
SSDEEP

3072:u6B6dRkfgQHQJhzcvn56eaj9S+d44EmZAP90A4w9azexIavkhWtd85oNUFRXLv1E:NMHQHCtpxZd443m999JxI7WG5gU77v6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-23_91bd48de62a8fcc7d1269c19211cc091_mafia

Files

2024-05-23_91bd48de62a8fcc7d1269c19211cc091_mafia
.exe windows:5 windows x86 arch:x86

7dc62cfe8a9c81d409c3b0653851efab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipCreateHBITMAPFromBitmap
GdipDisposeImage
GdipAlloc
GdipCloneImage
GdipCreateHICONFromBitmap
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromHICON
GdiplusShutdown
GdiplusStartup
GdipFree

kernel32

GetCurrentProcessId
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CloseHandle
GetModuleFileNameW
CreateDirectoryW
WaitForSingleObject
Sleep
ReleaseMutex
CreateMutexW
RaiseException
GetLocalTime
MulDiv
GetCurrentProcess
FlushInstructionCache
FreeLibrary
GetLastError
GetProcAddress
LoadLibraryW
GetModuleHandleW
lstrcmpiW
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
InitializeCriticalSection
DeleteCriticalSection
SetLastError
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcmpW
OpenJobObjectW
AssignProcessToJobObject
GetVersionExW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
LCMapStringW
GetCPInfo
RtlUnwind
ResumeThread
LeaveCriticalSection
HeapSetInformation
GetCommandLineW
CreateThread
ExitThread
DecodePointer
EncodePointer
GetStringTypeW
InterlockedCompareExchange
InterlockedExchange
GetVersionExA
VirtualAlloc
VirtualFree
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InitializeCriticalSectionAndSpinCount
CreateEventW
WriteFile
CreateFileW
SetEvent
WideCharToMultiByte
FreeEnvironmentStringsW
EnterCriticalSection
GetCurrentThreadId
InterlockedIncrement
lstrlenA
OutputDebugStringW
DebugBreak
lstrlenW
InterlockedDecrement
GetConsoleMode
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
GetLocaleInfoW
IsValidLocale
SetFilePointer
GetConsoleCP
SetStdHandle
WriteConsoleW
FlushFileBuffers
HeapSize
ExitProcess
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
HeapReAlloc
HeapCreate
GetStdHandle
GetStartupInfoW

user32

PostMessageW
PostQuitMessage
LoadMenuW
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
TranslateAcceleratorW
CreateDialogParamW
LoadStringA
DestroyMenu
AppendMenuW
GetMenuItemInfoW
MessageBeep
TrackPopupMenuEx
GetMonitorInfoW
MonitorFromPoint
PtInRect
CreatePopupMenu
RemoveMenu
LoadAcceleratorsW
SetWindowTextW
BeginPaint
EndPaint
IsChild
GetFocus
SetFocus
GetClassNameW
GetSysColor
GetClassInfoExW
CreateAcceleratorTableW
ClientToScreen
MoveWindow
SetCapture
ReleaseCapture
FillRect
InvalidateRgn
GetDC
ReleaseDC
GetDesktopWindow
DestroyAcceleratorTable
LoadCursorW
RegisterClassExW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
CallWindowProcW
DefWindowProcW
InvalidateRect
RedrawWindow
IsWindowVisible
ShowWindow
CreateWindowExW
SendMessageW
ScreenToClient
GetMessagePos
DestroyWindow
GetDlgItem
GetWindow
SystemParametersInfoW
GetWindowRect
MapWindowPoints
IsDialogMessageW
IsWindow
GetParent
GetKeyState
LoadImageW
DestroyIcon
GetClientRect
SetWindowPos
GetWindowLongW
SetWindowLongW
LoadStringW
CharNextW
MessageBoxW
GetMenu
AdjustWindowRectEx
IsWindowEnabled
UpdateWindow
GetCapture
SetTimer
GetDlgCtrlID
KillTimer
UnregisterClassA
GetMenuItemCount

gdi32

CreateSolidBrush
CreateCompatibleDC
SelectObject
DeleteObject
BitBlt
GetDeviceCaps
GetObjectW
GetStockObject
DeleteDC
CreateCompatibleBitmap

advapi32

RegCloseKey
RegDeleteValueW
RegCreateKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW

shell32

SHGetFolderPathW

ole32

CoUninitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
OleUninitialize
StringFromGUID2
OleLockRunning
CreateStreamOnHGlobal
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
OleInitialize
CoInitializeEx

oleaut32

VarUI4FromStr
SysFreeString
SysAllocStringLen
VariantInit
VariantClear
SysStringByteLen
SysAllocString
VarBstrCmp
LoadTypeLi
LoadRegTypeLi
SysStringLen
OleCreateFontIndirect

shlwapi

PathRemoveFileSpecW
PathFileExistsW

comctl32

ImageList_AddMasked
_TrackMouseEvent
ImageList_GetIconSize
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Create
ImageList_Destroy
ImageList_Draw

Sections

.text
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ATL
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7dc62cfe8a9c81d409c3b0653851efab

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

Sections

.text Size: 177KB - Virtual size: 177KB

.rdata Size: 43KB - Virtual size: 42KB

.data Size: 10KB - Virtual size: 19KB

ATL Size: 512B - Virtual size: 8B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 17KB - Virtual size: 16KB

.text
Size: 177KB - Virtual size: 177KB

.rdata
Size: 43KB - Virtual size: 42KB

.data
Size: 10KB - Virtual size: 19KB

ATL
Size: 512B - Virtual size: 8B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 17KB - Virtual size: 16KB