2024-05-31_a22ca5c82ef0d9d335abff8d86656aac_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-31_a22ca5c82ef0d9d335abff8d86656aac_mafia
Size

14.0MB
MD5

a22ca5c82ef0d9d335abff8d86656aac
SHA1

b7bd682fb93ba401f30b02c89b4b98123fdd3b2c
SHA256

270a03419ce5b40d12ebffabe1009de9453ba6879342c62e5106a77e39e6c94f
SHA512

6a20c7c8ceb6de382bfdedd4babfe671fb0380251dcdf6bc23807d9dfb350828843957c73af9425e23c6196671b5ad1ec7247e7a01935ad963b398d32bcb3f72
SSDEEP

196608:4MRTxUDGfw1pfHm3HUGER+eZpur2L++5M5LPqulUsuBfqNJ:4MRzfwDfl42L++5MtyFsuBgJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-31_a22ca5c82ef0d9d335abff8d86656aac_mafia

Files

2024-05-31_a22ca5c82ef0d9d335abff8d86656aac_mafia
.exe windows:5 windows x86 arch:x86

74f91cfbffc466facff666590ec5c175

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

r:\roz2011_ONLINE\Release\roz.pdb

Imports

gdiplus

GdipBitmapUnlockBits
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapLockBits
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipSetInterpolationMode
GdiplusShutdown
GdipFree
GdipCreateBitmapFromScan0
GdipCreateLineBrushI
GdipFillRectangleI
GdipSetLineBlend
GdipFillRectangle
GdipCreateLineBrush
GdipCloneBrush
GdipDeleteBrush
GdiplusStartup
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipDrawImageRectI
GdipGetDpiX
GdipSetPageScale
GdipSetPageUnit
GdipDeleteGraphics
GdipCreateFromHDC
GdipDisposeImage
GdipAlloc
GdipCreateBitmapFromHBITMAP

winmm

timeGetTime
PlaySoundA

wininet

InternetQueryOptionA
InternetSetOptionA
InternetCloseHandle
InternetOpenA
InternetAttemptConnect
InternetReadFile
InternetOpenUrlA
HttpQueryInfoA

kernel32

GetSystemDirectoryW
GetACP
FindResourceExW
GetWindowsDirectoryA
GetNumberFormatA
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
GetTimeFormatA
GetDriveTypeA
FindFirstFileExA
RemoveDirectoryA
PeekNamedPipe
HeapReAlloc
VirtualAlloc
VirtualQuery
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RtlUnwind
RaiseException
SetStdHandle
HeapQueryInformation
HeapSize
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetStdHandle
IsValidCodePage
LCMapStringW
IsProcessorFeaturePresent
SetHandleCount
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
GetLocaleInfoW
CompareStringW
GetOEMCP
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetDriveTypeW
WriteConsoleW
EnumSystemLocalesA
IsValidLocale
GetProcessHeap
CreateFileW
SetEnvironmentVariableA
GetCPInfo
SetErrorMode
FindResourceW
LoadResource
InterlockedIncrement
InterlockedCompareExchange
WideCharToMultiByte
SizeofResource
LockResource
OutputDebugStringA
LeaveCriticalSection
EnterCriticalSection
GetExitCodeThread
EnumResourceLanguagesA
EnumResourceNamesA
EnumResourceTypesA
GetPrivateProfileSectionNamesA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
SearchPathA
GlobalFlags
GetPrivateProfileStringA
DeleteCriticalSection
CreateThread
GetTempPathA
SetLastError
DeactivateActCtx
GetLastError
LoadLibraryA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
GetModuleHandleW
InterlockedExchange
GetProfileIntA
GetDiskFreeSpaceA
GetTempFileNameA
ReplaceFileA
GetUserDefaultLCID
VirtualProtect
ResumeThread
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryW
lstrcmpW
CreateEventA
GetModuleHandleA
GetProcAddress
ActivateActCtx
GetSystemInfo
_llseek
GetFileTime
_lread
_hread
_lopen
GetFileSizeEx
GetFileAttributesA
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SetFileAttributesA
GetFileAttributesExA
GetShortPathNameA
GetFullPathNameA
SetEndOfFile
FlushFileBuffers
MoveFileA
lstrcmpiA
GetThreadLocale
GetStringTypeExA
lstrcmpA
FormatMessageA
lstrlenW
UnlockFile
LockFile
GetVersion
GetLocalTime
UnmapViewOfFile
FileTimeToDosDateTime
GetFileInformationByHandle
FileTimeToSystemTime
SetFileTime
DosDateTimeToFileTime
GetCurrentDirectoryA
SystemTimeToFileTime
SetFilePointer
GetFileType
DuplicateHandle
GetVersionExA
GetTimeZoneInformation
QueryPerformanceCounter
GetSystemTime
CreateProcessA
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
FindClose
GetDateFormatA
WinExec
CompareStringA
WriteFile
MulDiv
FreeLibrary
GetSystemDefaultLangID
ReadFile
GetFileSize
TerminateThread
Sleep
CloseHandle
GetCurrentProcess
GetCurrentProcessId
CreateFileA
_lclose
GetModuleFileNameA
SetUnhandledExceptionFilter
GetSystemDefaultLCID
GetVolumeInformationA
GetSystemDirectoryA
GetCurrentThreadId
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
ExitThread
lstrcpynA
lstrcatA
lstrcpyA
lstrlenA
SetThreadLocale
FindNextFileA
FindFirstFileA
CreateDirectoryA
WaitForSingleObject
SetThreadPriority
ExitProcess
GetUserDefaultLangID
GetTickCount
FreeResource
FindResourceA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
LocalFree
InterlockedDecrement
CopyFileA
DeleteFileA
MultiByteToWideChar

user32

DrawEdge
DrawIconEx
DrawStateA
SetClassLongA
NotifyWinEvent
CreateMenu
GetNextDlgGroupItem
PostThreadMessageA
GetTabbedTextExtentA
MessageBeep
InvalidateRgn
CopyAcceleratorTableA
UnionRect
UnregisterClassA
GetDialogBaseUnits
SetLayeredWindowAttributes
EnumDisplayMonitors
CopyImage
GetSysColorBrush
GetTabbedTextExtentW
RealChildWindowFromPoint
ShowOwnedPopups
LoadAcceleratorsW
SetWindowContextHelpId
RegisterClipboardFormatA
GetDCEx
SetParent
GetSystemMenu
SystemParametersInfoA
WindowFromPoint
CharNextA
DestroyCursor
LoadMenuA
DestroyMenu
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
TranslateMDISysAccel
BringWindowToTop
DefMDIChildProcA
DefFrameProcA
GetMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CheckDlgButton
MapVirtualKeyA
GetKeyNameTextA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SendDlgItemMessageA
WinHelpA
IsChild
GetClassLongA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
ShowScrollBar
ValidateRect
GetClassInfoExA
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
DrawFrameControl
GetWindowPlacement
GetDlgCtrlID
CallWindowProcA
SetWindowPos
CharUpperA
GetMenuState
GetMenuStringA
InsertMenuA
OemToCharBuffA
CharToOemBuffA
IntersectRect
IsIconic
GetCapture
GetWindowDC
SetWindowRgn
EqualRect
LockWindowUpdate
MapWindowPoints
IsRectEmpty
ReleaseCapture
TrackPopupMenuEx
SetCapture
CreateIconIndirect
CheckMenuRadioItem
LoadCursorW
SetForegroundWindow
GetLastActivePopup
MessageBoxW
GetWindowRgn
GetClassNameA
SetWindowsHookExA
CallNextHookEx
UnhookWindowsHookEx
GetCursorPos
SetCursorPos
GetWindow
GetWindowThreadProcessId
MessageBoxA
SendInput
SetRectEmpty
IsClipboardFormatAvailable
GetAsyncKeyState
InvertRect
MapDialogRect
SendMessageW
DispatchMessageA
TranslateMessage
PeekMessageA
FrameRect
EnableMenuItem
RemoveMenu
CheckMenuItem
CreatePopupMenu
MoveWindow
GetDlgItemTextW
SetActiveWindow
GetActiveWindow
IsWindowEnabled
GetDesktopWindow
AppendMenuA
GetMenu
DeleteMenu
GetMenuItemInfoA
ReuseDDElParam
UnpackDDElParam
GetMenuItemID
LoadMenuW
GetSubMenu
GetMenuItemCount
IsWindowVisible
DestroyAcceleratorTable
PostQuitMessage
SetDlgItemTextW
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
GetFocus
SetWindowLongA
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableA
GetMenuDefaultItem
SubtractRect
MapVirtualKeyExA
IsCharLowerA
GetDoubleClickTime
CharUpperBuffA
CopyIcon
LoadImageW
EmptyClipboard
SetClipboardData
GetUpdateRect
GetWindowLongA
LoadIconA
LoadIconW
GetScrollPos
GrayStringA
DrawTextExA
TabbedTextOutA
DrawTextW
UpdateWindow
GetIconInfo
LoadImageA
DestroyIcon
KillTimer
SetMenuDefaultItem
WaitMessage
IsMenu
UpdateLayeredWindow
MonitorFromPoint
EnableScrollBar
SetWindowPlacement
SetTimer
RegisterClassA
LoadCursorA
CreateWindowExA
ScreenToClient
GetDlgItem
DefWindowProcA
SetCursor
EndPaint
BeginPaint
HideCaret
GetWindowTextA
IsWindow
ReleaseDC
GetDC
GetSystemMetrics
OffsetRect
ShowWindow
PostMessageA
GetParent
LoadStringA
IsWindowUnicode
GetWindowLongW
SetWindowLongW
GetMenuStringW
LoadBitmapA
LookupIconIdFromDirectoryEx
mouse_event
SendMessageTimeoutA
CreateIconFromResourceEx
GetCursor
ShowCaret
GetKeyboardLayoutList
wsprintfA
GetWindowRect
DrawFocusRect
DrawTextA
DrawIcon
FillRect
InflateRect
RedrawWindow
InvalidateRect
GetClientRect
CopyRect
SetRect
GetSysColor
DrawMenuBar
ClientToScreen
SendMessageA
EnableWindow
LoadBitmapW
GetKeyState
RegisterWindowMessageA
GetClassInfoA
IsZoomed

gdi32

GetStockObject
Rectangle
SetTextAlign
CreateRectRgn
GetBkColor
SetBkColor
UnrealizeObject
PatBlt
Arc
RealizePalette
OffsetRgn
PtInRegion
CreateBitmap
ResetDCA
GetCurrentPositionEx
TextOutW
GetViewportOrgEx
CreateDCA
SetAbortProc
StartDocA
DPtoLP
StartPage
EndPage
EndDoc
AbortDoc
GetNearestColor
DeleteDC
LPtoDP
GetWindowExtEx
GetViewportExtEx
ExtCreateRegion
GetRegionData
FillRgn
FrameRgn
CreateRoundRectRgn
CreatePolygonRgn
CombineRgn
GetRgnBox
GetPixel
CreatePolyPolygonRgn
CreateDIBSection
SetMapMode
CopyMetaFileA
CreateRectRgnIndirect
SaveDC
RestoreDC
SetPolyFillMode
SetROP2
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
Escape
SetLayout
SelectClipRgn
GetClipRgn
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
PolyBezierTo
ExtSelectClipRgn
CreatePatternBrush
GetObjectType
CreatePen
CreateHatchBrush
SetRectRgn
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextFaceA
GetCharWidthA
GetTextExtentPointA
GetTextExtentPoint32W
GetWindowOrgEx
CreateEllipticRgn
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
EnumFontFamiliesExA
Polyline
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
SetDIBColorTable
GetDIBits
SetPixel
RoundRect
ExtFloodFill
SetPaletteEntries
SetPixelV
ExtTextOutA
PtVisible
RectVisible
GetGlyphOutlineW
GetTextAlign
CreateFontIndirectA
GetCurrentObject
GetDeviceCaps
GetBoundsRect
StretchBlt
StretchDIBits
SetStretchBltMode
SelectPalette
CreatePalette
TextOutA
GetTextMetricsA
SelectObject
GetBkMode
GetTextColor
SetTextColor
SetBkMode
DeleteObject
CreateSolidBrush
Ellipse
Polygon
GetTextExtentPoint32A
CreateFontA
GetMapMode
GetLayout
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
PlayEnhMetaFile
SetWinMetaFileBits
GetObjectA
BeginPath
CloseFigure
EndPath
StrokeAndFillPath
FillPath
StrokePath
ExtTextOutW
SetBrushOrgEx
GetBitmapBits

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

GetJobA
ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegSetValueExW
RegQueryValueExW
RegCloseKey
RegSetValueA
RegOpenKeyExW
SetFileSecurityA
GetFileSecurityA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegDeleteValueA
RegOpenKeyExA
RegEnumValueA

shell32

ExtractIconExA
FindExecutableA
DragAcceptFiles
SHGetFolderPathA
Shell_NotifyIconA
SHGetFileInfoA
DragFinish
SHBrowseForFolderA
SHGetMalloc
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
SHAddToRecentDocs
ExtractIconA
DragQueryFileA
ShellExecuteA

comctl32

ImageList_DrawEx
CreatePropertySheetPageA
DestroyPropertySheetPage
PropertySheetA
ImageList_GetIconSize
ImageList_Create
ImageList_GetImageCount
ImageList_Destroy
ImageList_AddMasked
ImageList_Draw
_TrackMouseEvent

shlwapi

PathRemoveFileSpecW
PathFindExtensionA
PathRemoveExtensionA
PathFindFileNameA
PathIsUNCA
PathStripToRootA

ole32

RevokeDragDrop
RegisterDragDrop
CoInitialize
CoCreateInstance
DoDragDrop
OleGetClipboard
CoLockObjectExternal
OleLockRunning
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoCreateGuid
CLSIDFromProgID
CLSIDFromString
CoInitializeEx
CoUninitialize
CoDisconnectObject
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
StringFromCLSID
CoTaskMemFree
GetHGlobalFromStream
CreateStreamOnHGlobal
OleRun

oleaut32

SystemTimeToVariantTime
VariantChangeTypeEx
OleLoadPicturePath
VarCmp
SysFreeString
VariantTimeToSystemTime
LoadTypeLi
VarBstrFromDate
VariantInit
VariantCopy
SysStringByteLen
SysAllocStringByteLen
VariantChangeType
VarUdateFromDate
SysAllocString
SysStringLen
OleCreatePictureIndirect
VarDateFromStr
SysAllocStringLen
OleCreateFontIndirect
SafeArrayUnaccessData
SafeArrayAccessData
VariantClear
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayDestroy

oledlg

ord8
ord1

usp10

ScriptPlace
ScriptShape
ScriptFreeCache
ScriptItemize
ScriptCPtoX
ScriptLayout

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 620KB - Virtual size: 842KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 603KB - Virtual size: 602KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74f91cfbffc466facff666590ec5c175

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gdiplus

winmm

wininet

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

usp10

oleacc

imm32

Sections

.text Size: 5.7MB - Virtual size: 5.7MB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 620KB - Virtual size: 842KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 5.7MB - Virtual size: 5.7MB

.reloc Size: 603KB - Virtual size: 602KB

.text
Size: 5.7MB - Virtual size: 5.7MB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 620KB - Virtual size: 842KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 5.7MB - Virtual size: 5.7MB

.reloc
Size: 603KB - Virtual size: 602KB