2024-05-31_aa53c8953365e34392b7afd1e562e113_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-31_aa53c8953365e34392b7afd1e562e113_mafia
Size

4.2MB
MD5

aa53c8953365e34392b7afd1e562e113
SHA1

aec88d94d20afa554082efd8b1a7685b868947ad
SHA256

c1be5f6a918f367a4d6ca407c45735044e558673d6852543feec982131d855b0
SHA512

efd0557f1dbe8e4fdf4c264516eb571b6baff8633c8adc41c8a40502c356042a2802235c481abf1b4ec72b69a18200f6765486e2b2a4e4c02f2ae3c1547dca75
SSDEEP

98304:Fs1yE+i8W1tAxWrSF+0e5PCxv3XLJ0XSda:un+i8mQWrb5cv37kSd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-31_aa53c8953365e34392b7afd1e562e113_mafia

Files

2024-05-31_aa53c8953365e34392b7afd1e562e113_mafia
.exe windows:5 windows x86 arch:x86

5c1683897922b921f81e28e7f4d6adf7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
AreFileApisANSI
GetLastError
SetFilePointer
CloseHandle
ReadFile
WriteFile
SetEndOfFile
FlushFileBuffers
GetFileSize
UnlockFile
LockFile
LockFileEx
UnlockFileEx
GetFileAttributesA
DeleteFileA
GetFileAttributesW
DeleteFileW
GetFileAttributesExW
LoadLibraryA
LoadLibraryW
GetProcAddress
FreeLibrary
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTime
GetSystemTimeAsFileTime
UnmapViewOfFile
GetTempPathA
GetTempPathW
LocalFree
FormatMessageA
FormatMessageW
GetFullPathNameA
GetFullPathNameW
GetDiskFreeSpaceA
GetDiskFreeSpaceW
CreateFileA
CreateFileW
GetSystemInfo
MapViewOfFile
CreateFileMappingA
GetConsoleWindow
FreeConsole
GetCurrentDirectoryA
CreateDirectoryA
SetEnvironmentVariableA
GetProcessHeap
GetDriveTypeW
WriteConsoleW
GetExitCodeProcess
CreatePipe
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCurrentDirectoryW
PeekNamedPipe
LeaveCriticalSection
GetStartupInfoW
SetHandleCount
GetConsoleMode
GetConsoleCP
HeapSize
IsValidCodePage
GetOEMCP
GetACP
HeapCreate
GetTimeZoneInformation
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleFileNameW
GetCurrentThreadId
SetLastError
IsProcessorFeaturePresent
CompareStringW
GetCPInfo
LCMapStringW
GetCurrentProcess
DuplicateHandle
CreateProcessA
MoveFileA
HeapSetInformation
GetCommandLineA
HeapReAlloc
GetFileType
InitializeCriticalSectionAndSpinCount
SetStdHandle
FindFirstFileExA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetModuleHandleW
GetDateFormatA
GetTimeFormatA
HeapAlloc
RaiseException
RtlUnwind
HeapFree
GetStringTypeW
GetLocaleInfoW
DecodePointer
EncodePointer
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
CreateThread
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
WaitForSingleObject
QueryPerformanceFrequency
ExitProcess
EnterCriticalSection
DeleteCriticalSection
InterlockedCompareExchange
InitializeCriticalSection
Sleep
AttachConsole
GetStdHandle
GetModuleFileNameA
FindNextFileA
FindClose
GetFileInformationByHandle
FindFirstFileA
SetCurrentDirectoryA

user32

GetWindowThreadProcessId

shell32

ShellExecuteA

sdl2

SDL_SetWindowSize
SDL_SetWindowPosition
SDL_GetWindowPosition
SDL_EnableScreenSaver
SDL_DisableScreenSaver
SDL_SetWindowFullscreen
SDL_FreeSurface
SDL_SetWindowIcon
SDL_SetColorKey
SDL_MapRGB
SDL_LoadBMP_RW
SDL_ShowCursor
SDL_CreateCursor
SDL_SetCursor
SDL_FlushEvent
SDL_RWFromFile
SDL_GL_SetSwapInterval
SDL_GL_CreateContext
SDL_CreateWindow
SDL_GetCurrentDisplayMode
SDL_GL_SetAttribute
SDL_GetError
SDL_GL_SwapWindow
SDL_PollEvent
SDL_StartTextInput
SDL_Init
SDL_InitSubSystem
SDL_NumJoysticks
SDL_JoystickEventState
SDL_JoystickOpen
SDL_JoystickNameForIndex
SDL_SetMainReady
SDL_setenv
SDL_JoystickClose
SDL_WarpMouseInWindow
SDL_GetModState
SDL_GetWindowFlags
SDL_QuitSubSystem
SDL_WasInit

libpng14

png_error
png_get_io_ptr
png_destroy_write_struct
png_write_end
png_write_image
png_write_info
png_set_IHDR
png_set_write_fn
png_create_info_struct
png_create_write_struct
png_set_compression_level

opengl32

glGetBooleanv
glClear
glReadPixels
glReadBuffer
glPixelStorei
glIsEnabled
glDepthFunc
glClearColor
glTexSubImage2D
glColorPointer
glLineWidth
glScissor
glViewport
glTranslatef
glScalef
glGetFloatv
glBlendFunc
glColor4f
glPopMatrix
glPushMatrix
glRotatef
glDisableClientState
glDrawArrays
glVertexPointer
glEnableClientState
glEnable
glPointSize
glDisable
glTexImage2D
glTexParameteri
glBindTexture
glGenTextures
glDeleteTextures
glLoadMatrixd
glPushAttrib
glTranslated
glColor4d
glBegin
glEnd
glColor3d
glPopAttrib
glGetIntegerv
glMatrixMode
glLoadIdentity
glOrtho
glIsTexture
glGetError
glVertex3d
glTexCoord2d
glScaled
glGetDoublev
glTexCoordPointer

openal32

alListener3f
alcCaptureStart
alGetError
alcCaptureOpenDevice
alcCaptureCloseDevice
alcCaptureStop
alcCaptureSamples
alcGetIntegerv
alSource3f
alSourcei
alSourcef
alDeleteBuffers
alDeleteSources
alSourceUnqueueBuffers
alGetSourcei
alSourcePlay
alSourceQueueBuffers
alBufferData
alSourceStop
alDistanceModel
alGenBuffers
alGenSources

alure32

alureDestroyStream
alureStopSource
alureResumeSource
alurePauseSource
alurePlaySourceStream
alureCreateStreamFromFile
alureUpdate
alureBufferDataFromFile
alureGetErrorString
alureInitDevice
alureShutdownDevice

libspeex

speex_encoder_init
speex_lib_get_mode
speex_bits_init
speex_encoder_destroy
speex_bits_destroy
speex_encoder_ctl
speex_bits_read_from
speex_decode_int
speex_decoder_ctl
speex_decoder_destroy
speex_decoder_init
speex_bits_reset
speex_encode_int
speex_bits_write

ws2_32

closesocket
__WSAFDIsSet
select
htons
inet_addr
ntohs
WSAGetLastError
ioctlsocket
setsockopt
getsockname
bind
htonl
WSACleanup
WSAStartup
gethostbyname
recv
send
connect
recvfrom
sendto
socket

winmm

timeGetTime

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 710KB - Virtual size: 710KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 147KB - Virtual size: 476KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 275KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c1683897922b921f81e28e7f4d6adf7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

sdl2

libpng14

opengl32

openal32

alure32

libspeex

ws2_32

winmm

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.rdata Size: 710KB - Virtual size: 710KB

.data Size: 147KB - Virtual size: 476KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 275KB - Virtual size: 274KB

.text
Size: 3.1MB - Virtual size: 3.1MB

.rdata
Size: 710KB - Virtual size: 710KB

.data
Size: 147KB - Virtual size: 476KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 275KB - Virtual size: 274KB