2024-05-31_9b25f0adeaa76e4b96718dead6c81298_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-31_9b25f0adeaa76e4b96718dead6c81298_mafia
Size

7.5MB
MD5

9b25f0adeaa76e4b96718dead6c81298
SHA1

095cf842ea871945bb3b9e1312a46120932d4b68
SHA256

4b0a42bfd9c8c4a738cd3a2823ca195b936e9c0a06be8b45256dc09f191ccbd0
SHA512

aff14ebeb22429df4afe273faccdc092a08dba8cd63314fcb1ca52aa9c102f697c5b0c8df23e85cc83a7a0c56c55c9d0583a34cf2839084efc1e9d3061edbe43
SSDEEP

196608:DznVloqH17uha3Gw6lptUJsv6tWKFdu9CGc:/VloqH1mhUJsv6tWKFdu9Cp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-31_9b25f0adeaa76e4b96718dead6c81298_mafia

Files

2024-05-31_9b25f0adeaa76e4b96718dead6c81298_mafia
.exe windows:5 windows x86 arch:x86

4acdb869eb90d55e4f08077d94486c60

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

tbapi

_DLL_TBApiSetSettingSZ@12
_DLL_TBApiSetSettingDWORD@12
_DLL_TBApiGetSettingSZ@16
_DLL_TBApiApplyNoReload@0
_DLL_TBApiUnregisterDataCallback@4
_DLL_TBApiClose@0
_DLL_TBApiTerminate@0
_DLL_TBApiDefaultSettingsPath@8
_DLL_TBApiInit@4
_DLL_TBApiOpen@0
_DLL_TBApiRegisterDataCallback@16
_DLL_TBApiGetRelativeDevice@4
_DLL_TBApiGetRotate@8
_DLL_TBApiGetSettingDWORD@12
_DLL_TBApiMousePortInterfaceEnable@4

winmm

PlaySoundW

ws2_32

WSAStartup
htons
htonl
ntohl
setsockopt
socket
closesocket
connect
send
gethostbyname
WSACleanup
WSAAsyncSelect

psapi

GetProcessImageFileNameW

gdi32

SetGraphicsMode
DeleteObject
OffsetRgn
CombineRgn
GetDeviceCaps
GetRegionData
CreateRectRgn
CreateEllipticRgn
GetObjectW
GetStockObject
RealizePalette
SelectPalette
PtInRegion
GetDIBits
CreateDIBSection
CreateBitmap
DeleteDC
SelectObject
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
GetPaletteEntries
CreatePalette
GetOutlineTextMetricsW
ExtTextOutW
SetTextAlign
SetBkMode
SetTextColor
GetGlyphOutlineW
SetWorldTransform
GetTextMetricsW
CreateFontIndirectW
GetTextExtentPoint32W
GetCharABCWidthsFloatW
GetCharABCWidthsI
GetCharABCWidthsW
GetFontData
GetTextFaceW
EnumFontFamiliesExW
GdiFlush
SelectClipRgn

comdlg32

GetOpenFileNameW

oleaut32

VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocString

imm32

ImmGetDefaultIMEWnd
ImmGetContext
ImmReleaseContext
ImmNotifyIME
ImmGetCompositionStringW
ImmAssociateContext
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmSetCompositionFontW

ole32

CoInitialize
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
OleGetClipboard
CoGetMalloc
CoCreateInstance
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
StringFromGUID2
CoCreateGuid
OleInitialize
OleUninitialize
ReleaseStgMedium
DoDragDrop
CoUninitialize
CoTaskMemFree

user32

CharNextExA
MsgWaitForMultipleObjectsEx
DispatchMessageW
RegisterClassW
GetQueueStatus
KillTimer
SetTimer
SetClipboardViewer
ChangeClipboardChain
GetClipboardFormatNameW
LoadIconW
GetMenu
GetKeyboardState
SetMenuItemInfoW
TrackPopupMenuEx
MapVirtualKeyW
ToAscii
ToUnicode
GetKeyboardLayout
DestroyCaret
SetCaretPos
CreateCaret
HideCaret
TranslateMessage
GetKeyboardLayoutList
RegisterWindowMessageW
GetAsyncKeyState
RegisterClipboardFormatW
DrawIconEx
GetClassInfoW
GetSysColorBrush
RegisterClassExW
DefWindowProcW
GetWindowRgn
UnregisterClassW
ClipCursor
GetUpdateRect
InvalidateRgn
BeginPaint
EndPaint
GetSysColor
WindowFromPoint
GetParent
GetDoubleClickTime
SetDoubleClickTime
SetCaretBlinkTime
PeekMessageW
PostMessageW
GetKeyState
GetCaretBlinkTime
FlashWindowEx
MessageBeep
LoadImageW
CreateCursor
CreateIconIndirect
GetCursorPos
SetCursorPos
DestroyCursor
SystemParametersInfoW
GetDesktopWindow
CreateWindowExW
GetSystemMenu
EnableMenuItem
SetParent
ValidateRgn
GetClientRect
GetWindowPlacement
SetWindowPlacement
GetWindowRect
IsWindowVisible
IsIconic
IsZoomed
MoveWindow
InvalidateRect
ShowWindow
ScreenToClient
ClientToScreen
DestroyWindow
SetWindowRgn
SetCursor
SetWindowsHookExW
SetCapture
GetSystemMetrics
SendMessageW
SetWindowTextW
AdjustWindowRectEx
ScrollWindowEx
UpdateWindow
SetWindowPos
SetForegroundWindow
ReleaseCapture
UnhookWindowsHookEx
DestroyIcon
CallNextHookEx
ReleaseDC
GetDC
GetWindowLongW
SetWindowLongW
GetWindowThreadProcessId
GetForegroundWindow
GetActiveWindow
IsChild
GetFocus
SetFocus
GetIconInfo

advapi32

RegQueryValueExW
RegOpenKeyExW
GetTokenInformation
OpenProcessToken
RegCreateKeyExW
RegFlushKey
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW

shell32

Shell_NotifyIconW
ShellExecuteW
SHGetFileInfoW

kernel32

GetTickCount
SetEvent
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
IsProcessorFeaturePresent
HeapSize
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetSystemTimeAsFileTime
FlushFileBuffers
GetACP
WaitForMultipleObjects
InterlockedIncrement
InterlockedDecrement
GetEnvironmentVariableW
lstrcatW
lstrcpyW
GetOEMCP
IsValidCodePage
SetEnvironmentVariableW
SetEnvironmentVariableA
GetStringTypeW
GetLocaleInfoA
EnumSystemLocalesA
CreateEventW
CloseHandle
UnhandledExceptionFilter
TerminateProcess
SetLastError
LCMapStringW
GetCPInfo
GetShortPathNameW
CreateThread
ExitThread
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
HeapReAlloc
HeapAlloc
HeapSetInformation
GetCommandLineA
GetStdHandle
WriteConsoleW
HeapFree
SetConsoleCtrlHandler
RaiseException
RtlUnwind
DecodePointer
EncodePointer
InterlockedExchange
GetModuleFileNameW
OpenProcess
GetProcAddress
GetModuleHandleW
GetStartupInfoW
FindNextChangeNotification
FindFirstChangeNotificationW
FindCloseChangeNotification
FindFirstFileExW
FindNextFileW
GetUserDefaultUILanguage
GetCurrencyFormatW
GetTimeFormatW
GetDateFormatW
GetFileAttributesExW
GetCurrentDirectoryW
GetTempPathW
GetFullPathNameW
DeviceIoControl
DeleteFileW
MoveFileW
CopyFileW
GetFileAttributesW
RemoveDirectoryW
CreateDirectoryW
GetFileInformationByHandle
FindFirstFileW
FindClose
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
TlsGetValue
GetCurrentProcess
DuplicateHandle
ResumeThread
TlsSetValue
SetThreadPriority
TerminateThread
TlsAlloc
Sleep
SwitchToThread
TlsFree
ResetEvent
GetCurrentThread
GetThreadPriority
GetSystemInfo
GetLogicalDrives
SetEndOfFile
SetFilePointerEx
GetFileType
MultiByteToWideChar
GetCurrentThreadId
GetLocalTime
CreateSemaphoreW
WaitForSingleObject
ReleaseSemaphore
QueryPerformanceCounter
QueryPerformanceFrequency
OutputDebugStringW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryW
GetSystemDirectoryW
GetVersionExW
FormatMessageW
LocalFree
GetCommandLineW
GetCurrentProcessId
GetVolumeInformationW
GetUserDefaultLCID
CompareStringW
CreateFileW
WideCharToMultiByte
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
SetFilePointer
WriteFile
ReadFile
lstrlenA
ExitProcess
GetDriveTypeW
GlobalFree
CreateProcessW
ExpandEnvironmentStringsW
GlobalSize
lstrcmpW
GetLongPathNameW
GetUserDefaultLangID
IsValidLanguageGroup
IsValidLocale
GlobalAlloc
GlobalLock
GlobalUnlock
GetLocaleInfoW
GetLastError
SetFileAttributesW
SetErrorMode

Sections

.text
Size: 5.4MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 298KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4acdb869eb90d55e4f08077d94486c60

Headers

DLL Characteristics

File Characteristics

Imports

tbapi

winmm

ws2_32

psapi

gdi32

comdlg32

oleaut32

imm32

ole32

user32

advapi32

shell32

kernel32

Sections

.text Size: 5.4MB - Virtual size: 5.4MB

.rdata Size: 1.7MB - Virtual size: 1.7MB

.data Size: 42KB - Virtual size: 63KB

.rsrc Size: 59KB - Virtual size: 58KB

.reloc Size: 298KB - Virtual size: 298KB

.text
Size: 5.4MB - Virtual size: 5.4MB

.rdata
Size: 1.7MB - Virtual size: 1.7MB

.data
Size: 42KB - Virtual size: 63KB

.rsrc
Size: 59KB - Virtual size: 58KB

.reloc
Size: 298KB - Virtual size: 298KB