2024-05-30_9fef01e03732f1cbd2ea57583452a069_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-30_9fef01e03732f1cbd2ea57583452a069_mafia
Size

3.9MB
MD5

9fef01e03732f1cbd2ea57583452a069
SHA1

a6d142015ade60dcafbf15b24b681f764ca943bd
SHA256

2f84ae29fca9b7f1d2b7dcee69d399e4b4c980462c9320d44b2d52d71e141975
SHA512

ce99b1cbc7ed6d4ec30108cdf6130f54737578edd4a1effd51936c90d4962d59875f991d49796f600aa39d6272fabac7f33c2c91d6ba9ef2d9c54b61da1da56d
SSDEEP

98304:I3pQi1qPo/iO5hu2KXOxV9Enn/jmYSXqcEI5DFvZhWiOl/hNOmB:I3pVOeVKjxcEI5DFvZEiOlf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-30_9fef01e03732f1cbd2ea57583452a069_mafia

Files

2024-05-30_9fef01e03732f1cbd2ea57583452a069_mafia
.exe windows:5 windows x86 arch:x86

6505f50100931779ac76852313d9cd36

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\src\IRONMAIDEN-809\import\ReleaseDomino\DominoMigrationWizard.pdb

Imports

dsuiext

ord10

mapi32

ord17
ord21
ord23
ord129
ord140

winhttp

WinHttpQueryDataAvailable
WinHttpOpen
WinHttpConnect
WinHttpWriteData
WinHttpSetOption
WinHttpOpenRequest
WinHttpSetTimeouts
WinHttpReceiveResponse
WinHttpSendRequest
WinHttpReadData
WinHttpCloseHandle

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

wldap32

ord219
ord14
ord13
ord194
ord40
ord133
ord140
ord224
ord41
ord216
ord46

crypt32

CertFreeCertificateContext

kernel32

GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetSystemDirectoryW
lstrcpyW
LockFile
UnlockFile
GlobalGetAtomNameW
DuplicateHandle
GetVolumeInformationW
GetFullPathNameW
GetTempFileNameW
GetWindowsDirectoryW
GetNumberFormatW
SetErrorMode
GetFileAttributesW
GetFileSizeEx
GetFileTime
GetTickCount
GetProfileIntW
SearchPathW
GetUserDefaultLCID
GetCommandLineW
HeapSetInformation
GetStartupInfoW
DecodePointer
EncodePointer
GetConsoleMode
HeapFree
HeapAlloc
RtlUnwind
HeapReAlloc
ExitProcess
ExitThread
HeapQueryInformation
HeapSize
VirtualAlloc
GetSystemInfo
VirtualQuery
SetStdHandle
GetFileType
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
QueryPerformanceCounter
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
IsProcessorFeaturePresent
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringW
GetStringTypeW
GetConsoleCP
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
CreateFileA
GetProcessHeap
SetEnvironmentVariableA
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
ResumeThread
SetThreadPriority
ReleaseActCtx
CreateActCtxW
lstrcmpA
GetCurrentThread
ConvertDefaultLocale
GetSystemDefaultUILanguage
CompareStringA
GetLocaleInfoW
LoadLibraryExW
VirtualProtect
GlobalAddAtomW
GlobalFindAtomW
GlobalReAlloc
GetVersionExW
CompareStringW
InitializeCriticalSectionAndSpinCount
ActivateActCtx
DeactivateActCtx
lstrcmpW
SetLastError
CopyFileW
GlobalSize
RaiseException
lstrlenA
GetCurrentProcess
GetCurrentProcessId
LocalSize
GetUserDefaultLangID
GetModuleFileNameW
lstrcmpiW
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
LoadLibraryA
GetTimeFormatW
GetDateFormatW
GetFileSize
MulDiv
CompareFileTime
SystemTimeToTzSpecificLocalTime
GetACP
lstrlenW
GetCurrentThreadId
Sleep
PostQueuedCompletionStatus
CreateIoCompletionPort
InterlockedExchange
GetQueuedCompletionStatus
GlobalUnlock
GlobalLock
GetLocalTime
WriteConsoleW
FillConsoleOutputCharacterW
GetConsoleScreenBufferInfo
SetConsoleCursorPosition
CreateDirectoryW
GetTempPathW
CreateEventW
OutputDebugStringW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalFree
FindResourceExW
SetEnvironmentVariableW
GetEnvironmentVariableW
FreeLibrary
ReleaseMutex
GetModuleHandleW
SetUnhandledExceptionFilter
GetProcAddress
LoadLibraryW
GetCurrentDirectoryW
CreateMutexW
FindClose
FindFirstFileW
InterlockedDecrement
InterlockedIncrement
FreeResource
LocalAlloc
GetUserDefaultUILanguage
FormatMessageW
CreateThread
SetEvent
WaitForSingleObject
ResetEvent
GetFileAttributesExW
ReadFile
SetFilePointer
GetLastError
FlushFileBuffers
GlobalFree
GlobalAlloc
GetTimeFormatA
GetDateFormatA
FileTimeToSystemTime
LocalFileTimeToFileTime
DeleteFileW
CloseHandle
WriteFile
CreateFileW
SystemTimeToFileTime
GetSystemTime
GetTimeZoneInformation
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
WideCharToMultiByte
TlsGetValue
GetThreadLocale
GlobalDeleteAtom
SetEndOfFile
InterlockedCompareExchange

user32

CloseClipboard
EmptyClipboard
CopyIcon
CharUpperBuffW
GetDoubleClickTime
IsCharLowerW
MapVirtualKeyExW
SubtractRect
DrawIcon
DestroyCursor
GetWindowRgn
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateW
SetClassLongW
NotifyWinEvent
CreatePopupMenu
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
CharUpperW
DestroyIcon
IsIconic
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableW
OffsetRect
CharNextW
UnregisterClassW
KillTimer
SetTimer
DeleteMenu
WaitMessage
ReleaseCapture
SetCapture
IntersectRect
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
CopyImage
RealChildWindowFromPoint
GetWindowThreadProcessId
GetSysColorBrush
WindowFromPoint
SystemParametersInfoW
GetSystemMetrics
DestroyMenu
GetMenuItemInfoW
InflateRect
ShowOwnedPopups
GetMessageW
TranslateMessage
GetCursorPos
SetWindowContextHelpId
PostQuitMessage
MapVirtualKeyW
GetKeyNameTextW
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetActiveWindow
MapDialogRect
GetAsyncKeyState
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
SetMenuItemBitmaps
SetClipboardData
ModifyMenuW
EnableMenuItem
CheckMenuItem
IsWindowEnabled
TranslateAcceleratorW
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
IsWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
IsWindowVisible
ValidateRect
UpdateWindow
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowPos
CopyRect
PtInRect
GetWindow
LoadMenuW
GetMenuState
GetMenuStringW
OpenClipboard
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
PostThreadMessageW
CreateMenu
IsMenu
UpdateLayeredWindow
UnionRect
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
AppendMenuW
GetMenuItemID
GetMenuItemCount
GetSubMenu
RemoveMenu
FindWindowW
SetWindowLongW
GetWindowLongW
RegisterClipboardFormatW
InvalidateRect
GetSystemMenu
InsertMenuW
DefMDIChildProcW
DefFrameProcW
UnpackDDElParam
ReuseDDElParam
GetMenuCheckMarkDimensions
InsertMenuItemW
LoadIconW
LoadBitmapW
MessageBoxW
GetWindowRect
PostMessageW
keybd_event
GetParent
SendMessageW
SetCursor
LoadCursorW
EnableWindow
wsprintfW
LoadImageW
ShowWindow
GetIconInfo
RegisterWindowMessageW

gdi32

CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
SelectClipRgn
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
GetPixel
DeleteObject
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
CreateRectRgnIndirect
PatBlt
CreateDIBitmap
CreateCompatibleBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
EnumFontFamiliesExW
GetBkColor
GetTextColor
GetRgnBox
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
SetLayout
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceW
SetPixelV
GetObjectType
SelectPalette
Polyline
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
CreateHatchBrush
CreateSolidBrush
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
CreateDCW
CopyMetaFileW
GetDeviceCaps
GetTextExtentPoint32W
CreateFontIndirectW
CreatePen
Ellipse
GetObjectW
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegEnumKeyExW
RegEnumKeyW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegOpenKeyA
RegQueryValueExA
CryptAcquireContextW
CryptCreateHash
RegEnumValueW
RegQueryValueW
RegOpenKeyExW
RegDeleteKeyW
CryptReleaseContext
CryptDestroyHash
CryptGetHashParam
CryptHashData

shell32

DragFinish
SHGetFolderPathW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
SHAppBarMessage
DragQueryFileW
ShellExecuteW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetFileInfoW

comctl32

_TrackMouseEvent
ord17
ImageList_GetIconSize

shlwapi

PathRemoveFileSpecW
PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

ole32

CLSIDFromString
CoInitializeEx
CoInitialize
CoUninitialize
CreateStreamOnHGlobal
CoRegisterMessageFilter
CoRevokeClassObject
CLSIDFromProgID
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoCreateGuid
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
DoDragDrop
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoCreateInstance

oleaut32

VariantCopy
SafeArrayDestroy
SysAllocStringLen
VarBstrFromDate
OleCreateFontIndirect
VariantClear
SysAllocString
SysFreeString
VariantInit
VariantTimeToSystemTime
VariantChangeType
SysAllocStringByteLen
SysStringLen
SystemTimeToVariantTime

oledlg

OleUIBusyW

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 479KB - Virtual size: 479KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 230KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6505f50100931779ac76852313d9cd36

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

dsuiext

mapi32

winhttp

version

wldap32

crypt32

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 479KB - Virtual size: 479KB

.data Size: 43KB - Virtual size: 75KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 230KB - Virtual size: 230KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 479KB - Virtual size: 479KB

.data
Size: 43KB - Virtual size: 75KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 230KB - Virtual size: 230KB