2024-05-26_5bac61ee3eeb945c3f8be6e59986d9d6_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-26_5bac61ee3eeb945c3f8be6e59986d9d6_mafia
Size

3.9MB
MD5

5bac61ee3eeb945c3f8be6e59986d9d6
SHA1

55697ed64c01452387f25d00c21b6d4cbd3e9a2b
SHA256

fa7395c12fc23dd922def2b3bcbeb1d94cbda10a09a176001199f15774026c24
SHA512

0198fe7bb0fa3da0e88403ffcf10886803fe1df8539da4b3372689d1026a161c358d1e9f481463615c84cbe2b0b0cc2c36f5b044751d93741e82b6dd2221e1ed
SSDEEP

98304:+mp3JRcMEXolWyRqvbNqoiS3Dp0oHEvJ4CloCUNsoj9ghi1RebMIg9Cbk/V8NgB:P2eWUqvbN+smPoCUNsojDIg9Cbk/V8Nu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-26_5bac61ee3eeb945c3f8be6e59986d9d6_mafia

Files

2024-05-26_5bac61ee3eeb945c3f8be6e59986d9d6_mafia
.exe windows:5 windows x86 arch:x86

9409c2c6873f1a22b9fe42aa00f33a4a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\newwalk\bin\WalkScriptor.pdb

Imports

kernel32

WriteConsoleW
GetProcessHeap
CreateFileW
GetCurrentDirectoryW
GetConsoleMode
GetConsoleCP
CompareStringW
GetDriveTypeW
QueryPerformanceCounter
IsDBCSLeadByteEx
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsProcessorFeaturePresent
GetStdHandle
SetHandleCount
GetStringTypeW
LCMapStringW
GetTimeZoneInformation
IsValidCodePage
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSize
HeapQueryInformation
GetFileType
SetStdHandle
CreateThread
ExitThread
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapReAlloc
RaiseException
RtlUnwind
HeapFree
HeapAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
ExitProcess
DecodePointer
EncodePointer
GetSystemTimeAsFileTime
GetDateFormatA
GetTimeFormatA
FindResourceExW
GetNumberFormatA
GetWindowsDirectoryA
VirtualProtect
GetFileSizeEx
LocalFileTimeToFileTime
GetFileAttributesExA
SetErrorMode
SearchPathA
Sleep
GetProfileIntA
GetACP
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
TlsGetValue
LocalAlloc
GlobalFlags
GetDiskFreeSpaceA
GetTempFileNameA
GetFileTime
SetFileTime
ReplaceFileA
SystemTimeToFileTime
WritePrivateProfileStringA
GetPrivateProfileIntA
GetTickCount
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
lstrcmpA
GetCurrentDirectoryA
GlobalReAlloc
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
MoveFileA
DeleteFileA
lstrcmpiA
GetThreadLocale
GetStringTypeExA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindFirstFileA
FindNextFileA
FindClose
WaitForSingleObject
ResumeThread
SetThreadPriority
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GlobalFree
CopyFileA
GlobalSize
lstrlenW
lstrcpyA
FindResourceA
FreeResource
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
CompareStringA
LoadLibraryW
lstrcmpW
GetCurrentProcessId
GlobalGetAtomNameA
GlobalAddAtomA
MultiByteToWideChar
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
CreateFileA
GetModuleFileNameA
InterlockedDecrement
InterlockedIncrement
FreeLibrary
MapViewOfFile
CreateFileMappingA
CreateMutexA
CloseHandle
UnmapViewOfFile
lstrlenA
LocalFree
FormatMessageA
GetTempPathA
GetPrivateProfileStringA
WinExec
GetFileAttributesA
ActivateActCtx
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetLastError
DeactivateActCtx
SetLastError
FindResourceW
LoadResource
LockResource
SizeofResource
SetEnvironmentVariableA
WideCharToMultiByte

user32

ValidateRect
SystemParametersInfoA
GetSysColorBrush
SetClassLongA
MapVirtualKeyA
GetKeyNameTextA
ReleaseDC
GetDC
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
LockWindowUpdate
GetUpdateRect
UnionRect
SetRect
CharUpperA
GetAsyncKeyState
NotifyWinEvent
LoadCursorA
LoadCursorW
WindowFromPoint
SetCapture
KillTimer
SetTimer
GetSystemMenu
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CheckDlgButton
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
SetWindowsHookExA
CallNextHookEx
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
MessageBoxA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
DeferWindowPos
TranslateMessage
SetScrollInfo
PtInRect
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetClassNameA
GetWindowRgn
ReuseDDElParam
LoadMenuA
DestroyMenu
WinHelpA
SetWindowPos
DestroyIcon
GetWindowThreadProcessId
IsWindowEnabled
EqualRect
GetDlgItem
SetWindowLongA
GetDlgCtrlID
LoadIconW
SetCursor
PeekMessageA
ReleaseCapture
LoadAcceleratorsA
SetActiveWindow
InvalidateRect
InsertMenuItemA
GetMenuItemID
GetMenuItemCount
CreatePopupMenu
GetClassInfoA
IntersectRect
GetMenu
GetLastActivePopup
BringWindowToTop
SetMenu
GetDesktopWindow
GetWindowLongA
TranslateAcceleratorA
DestroyWindow
GetClassLongA
SetForegroundWindow
MapVirtualKeyExA
IsCharLowerA
CreateMenu
SetParent
GetTopWindow
GetParent
SendMessageA
SetRectEmpty
ScreenToClient
GetClientRect
GetCapture
IsWindowVisible
SetWindowRgn
IsZoomed
IsIconic
OffsetRect
IsRectEmpty
CopyRect
GetWindow
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
SetFocus
ClientToScreen
PostMessageA
GetMessageA
FillRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetWindowDC
BeginPaint
EndPaint
DrawStateA
DrawEdge
DrawFrameControl
DrawFocusRect
DrawIconEx
EnumDisplayMonitors
ShowWindow
GetActiveWindow
UpdateWindow
MessageBeep
CreateWindowExA
IsWindow
GetKeyState
DeleteMenu
GetSubMenu
LoadMenuW
RedrawWindow
SetLayeredWindowAttributes
GetMenuDefaultItem
GetTabbedTextExtentW
GetScrollInfo
GetWindowRect
InflateRect
DrawTextW
RegisterClassExA
MsgWaitForMultipleObjects
GetUpdateRgn
SetCaretPos
DestroyCaret
CreateCaret
ShowCaret
GetClipboardData
GetSysColor
LoadBitmapW
EnableWindow
GetCursorPos
HideCaret
InvertRect
DrawIcon
IsChild
GetFocus
LoadImageA
GetSystemMetrics
InvalidateRgn
CharNextA
DestroyCursor
GetNextDlgGroupItem
IsClipboardFormatAvailable
GetDoubleClickTime
UnregisterClassA
EnumChildWindows
SubtractRect
CreateAcceleratorTableA
IsMenu
GetKeyboardLayout
ToAsciiEx
CopyAcceleratorTableA
RealChildWindowFromPoint
ShowOwnedPopups
WaitMessage
PostThreadMessageA
LoadAcceleratorsW
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
FrameRect
CreateDialogIndirectParamA
EndDialog
CharUpperBuffA
GetNextDlgTabItem
GetIconInfo
GetMenuItemInfoA
SetCursorPos
CopyIcon
DestroyAcceleratorTable
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
RegisterClipboardFormatA
LoadImageW
CopyImage
UnpackDDElParam
SetMenuDefaultItem
GetKeyboardState

gdi32

SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectA
SetRectRgn
CombineRgn
GetMapMode
CreateEllipticRgn
CreatePolygonRgn
GetBkColor
GetTextColor
Polyline
Ellipse
Polygon
GetTextExtentPoint32A
CreateDIBitmap
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
SetDIBColorTable
GetDIBits
RealizePalette
StretchBlt
SetPixel
Rectangle
RoundRect
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetCharWidthA
OffsetRgn
GetRgnBox
ExtFloodFill
CreatePalette
GetPaletteEntries
SetPaletteEntries
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
GetNearestPaletteIndex
GetSystemPaletteEntries
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
EnumFontFamiliesExA
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetTextExtentPointA
GetTextExtentPoint32W
SetPixelV
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
PatBlt
CreateDCA
CopyMetaFileA
BitBlt
CreateRectRgnIndirect
CreateRoundRectRgn
CreatePen
CreateBitmap
SetBkColor
SetTextColor
CreateCompatibleBitmap
CreateDIBSection
DeleteObject
SelectObject
DeleteDC
CreateCompatibleDC
GetDeviceCaps
GetStockObject
DPtoLP
GetObjectA
GetTextExtentExPointA
ExtTextOutW
TranslateCharsetInfo
GetTextExtentExPointW

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

GetJobA
OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

GetFileSecurityA
RegSetValueA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegEnumValueA
RegEnumKeyExA
RegCloseKey
SetFileSecurityA
RegQueryValueA

shell32

SHGetPathFromIDListA
ShellExecuteA
DragAcceptFiles
DragFinish
DragQueryFileA
SHGetFileInfoA
ExtractIconA
SHAddToRecentDocs
SHBrowseForFolderA
ShellExecuteExA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHAppBarMessage

comctl32

InitCommonControlsEx
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Create
ImageList_GetImageCount
ImageList_Destroy
ImageList_DrawEx

shlwapi

PathIsUNCA
PathFindExtensionA
PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathRemoveFileSpecW

ole32

CoGetClassObject
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleLockRunning
OleGetClipboard
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoInitializeEx
CoRevokeClassObject
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoCreateGuid
CreateStreamOnHGlobal
CoInitialize
CoCreateInstance
CoUninitialize
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
StringFromCLSID
CoTaskMemFree
OleDestroyMenuDescriptor

oleaut32

SysStringLen
VariantCopy
SysAllocString
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
OleCreateFontIndirect
SysAllocStringByteLen
VariantInit
SysAllocStringLen
VariantChangeType
SysFreeString
VariantClear

oledlg

ord8

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow
ImmGetCompositionStringW
ImmSetCompositionFontA
ImmNotifyIME

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

winmm

PlaySoundA

Exports

Exports

_Scintilla_DirectFunction@16

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 352KB - Virtual size: 351KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9409c2c6873f1a22b9fe42aa00f33a4a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

imm32

oleacc

winmm

Exports

Exports

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 352KB - Virtual size: 351KB

.data Size: 36KB - Virtual size: 69KB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.reloc Size: 188KB - Virtual size: 188KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 352KB - Virtual size: 351KB

.data
Size: 36KB - Virtual size: 69KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

.reloc
Size: 188KB - Virtual size: 188KB