2024-05-31_8d70aaaa0e350a9c2d56f27efbec15b6_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-31_8d70aaaa0e350a9c2d56f27efbec15b6_mafia
Size

4.9MB
MD5

8d70aaaa0e350a9c2d56f27efbec15b6
SHA1

85b255ec6b27f4370e02c5c7c461fca1d99b4921
SHA256

68f167a645cc75709db28da8a8928072457e2eefb4c2311247e1876d489d1b70
SHA512

a7e71c08ac61908d1ac6d1738bd080934c10886ba601a96302f51038fea13fef9c284b3e8af9367a538fa6c6040fad549aa8b354154518669c529074889ef1f2
SSDEEP

98304:Cj8YSGmBgKDPx2FTNtixIG+dkaq0vDjqifpo0cjHkBJFISQNVpd:Cj8YSn3kGiqOjqifp3JFISQNVpd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-31_8d70aaaa0e350a9c2d56f27efbec15b6_mafia

Files

2024-05-31_8d70aaaa0e350a9c2d56f27efbec15b6_mafia
.exe windows:5 windows x86 arch:x86

6dfc4f3a58f5ff1af4dd46b3db345ca8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

sndPlaySoundA
PlaySoundA

taskkeyhook

?DisableTaskKeys@@YAHHH@Z

pcalarmctrl

?nPCAlarmCtrl@@3HA
?InstallFilter@@YGHHH@Z
?SetParentWindowName@@YGHPAD@Z
?InitHooksDll@@YGHPAUHWND__@@H@Z

avicap32

capGetDriverDescriptionA
capCreateCaptureWindowA

kernel32

ExitProcess
ExitThread
CreateThread
HeapSize
HeapQueryInformation
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetStdHandle
HeapCreate
IsValidCodePage
IsProcessorFeaturePresent
GetStringTypeW
LCMapStringW
GetTimeZoneInformation
CompareStringW
GetFileType
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetConsoleCP
GetConsoleMode
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
GetSystemInfo
SetStdHandle
HeapReAlloc
VirtualQuery
SizeofResource
LockResource
LoadResource
FindResourceW
WideCharToMultiByte
LoadLibraryA
GetModuleHandleA
GetProcAddress
SetLastError
DeactivateActCtx
GetLastError
ActivateActCtx
GetShortPathNameA
SetCurrentDirectoryA
Sleep
MultiByteToWideChar
GetModuleFileNameA
GetVersion
GetWindowsDirectoryA
GetComputerNameA
lstrcatA
GetPrivateProfileStringA
WritePrivateProfileStringA
CreateDirectoryA
GetTickCount
lstrcpyA
WinExec
lstrlenA
LocalFree
LocalAlloc
FormatMessageA
InterlockedDecrement
FreeLibrary
GetCurrentDirectoryA
InterlockedIncrement
VirtualAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetDateFormatA
GetTimeFormatA
DecodePointer
EncodePointer
RaiseException
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
RtlUnwind
FindResourceExW
VirtualProtect
SearchPathA
GetProfileIntA
GetNumberFormatA
GetTempPathA
GetACP
GetSystemDirectoryW
GetOEMCP
GetCPInfo
GlobalFlags
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalMemoryStatus
lstrcpynA
CloseHandle
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
GetDiskFreeSpaceA
GetTempFileNameA
ReplaceFileA
GetPrivateProfileIntA
SuspendThread
ResumeThread
SetThreadPriority
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
GetModuleHandleW
InterlockedExchange
GetFileTime
GetFileSizeEx
GetFileAttributesA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
SetFileAttributesA
GetFileAttributesExA
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GetCurrentProcessId
FindResourceA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
lstrcmpW
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenW
MulDiv
lstrcmpA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
MoveFileA
WaitForSingleObject
DeleteFileA
CreateFileA
lstrcmpiA
GetThreadLocale
GetStringTypeExA
ExpandEnvironmentStringsA
GetVersionExA
GetExitCodeThread
CreateEventA
ResetEvent
SetEvent

user32

LoadAcceleratorsW
GetSystemMenu
DeleteMenu
InvalidateRgn
CopyAcceleratorTableA
UnregisterClassA
SetLayeredWindowAttributes
EnumDisplayMonitors
CopyImage
RealChildWindowFromPoint
GetSysColorBrush
DestroyCursor
SetWindowRgn
DrawIcon
GetMenuItemInfoA
RegisterClipboardFormatA
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
WaitMessage
GetMessageA
LoadCursorW
MonitorFromPoint
SetParent
UnionRect
IsRectEmpty
WindowFromPoint
SetRect
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
LoadImageA
DestroyIcon
LoadAcceleratorsA
IsIconic
InsertMenuItemA
CreatePopupMenu
IntersectRect
BringWindowToTop
TranslateAcceleratorA
CharNextA
GetActiveWindow
CreateDialogIndirectParamA
EndDialog
MapVirtualKeyA
GetWindowThreadProcessId
ShowWindow
SetWindowTextA
SetDlgItemTextA
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
RedrawWindow
GetNextDlgGroupItem
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowPos
EndPaint
BeginPaint
GetWindowDC
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
CharUpperA
IsWindowEnabled
PostThreadMessageA
CreateMenu
GetTabbedTextExtentW
AppendMenuA
EnumDisplaySettingsA
ChangeDisplaySettingsA
wsprintfA
GetWindowTextA
MessageBoxA
RegisterWindowMessageA
GetKeyNameTextA
SetWindowsHookExA
GetCursorPos
SetCursorPos
EnumDesktopWindows
UnhookWindowsHookEx
OpenDesktopA
CloseDesktop
LoadIconW
ClientToScreen
LoadMenuW
GetSubMenu
IsWindowVisible
DestroyAcceleratorTable
NotifyWinEvent
GetAsyncKeyState
SetClassLongA
DrawStateA
DrawIconEx
DrawEdge
DrawFrameControl
ToAsciiEx
GetKeyboardLayout
GetWindowRgn
SubtractRect
MapVirtualKeyExA
IsCharLowerA
GetKeyboardState
SystemParametersInfoA
CallNextHookEx
GetDesktopWindow
ReleaseDC
LoadBitmapW
GetTopWindow
GetWindow
GetClassInfoA
GetDoubleClickTime
CharUpperBuffA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetUpdateRect
FrameRect
SetMenuDefaultItem
IsClipboardFormatAvailable
IsMenu
UpdateLayeredWindow
IsZoomed
CopyIcon
ReleaseCapture
SetCapture
PtInRect
MoveWindow
OffsetRect
IsWindow
LoadBitmapA
GetWindowLongA
SetWindowLongA
GetSystemMetrics
GetDC
FindWindowA
SetForegroundWindow
SetActiveWindow
PostMessageA
SetCursor
LoadCursorA
GetClassNameA
GetWindowRect
SetRectEmpty
DrawFocusRect
GetSysColor
InflateRect
MessageBeep
GetKeyState
GetParent
GetNextDlgTabItem
UpdateWindow
CopyRect
EnableWindow
KillTimer
SetTimer
InvalidateRect
GetClientRect
SendMessageA
FillRect
PeekMessageA
DispatchMessageA
TranslateMessage
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
LockWindowUpdate
ValidateRect
CreateAcceleratorTableA
IsDialogMessageA

gdi32

GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocA
PtVisible
RectVisible
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
CreateHatchBrush
CreateRectRgnIndirect
PatBlt
GetBkColor
GetTextColor
GetTextMetricsA
DPtoLP
EndPage
SetMapMode
AbortDoc
EndDoc
CreateEllipticRgn
LPtoDP
Ellipse
CreateDIBSection
GetViewportOrgEx
Rectangle
SetRectRgn
CombineRgn
GetMapMode
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetRgnBox
GetCharWidthA
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetTextExtentPointA
GetTextExtentPoint32W
GetWindowOrgEx
CreateRoundRectRgn
CreatePolygonRgn
Polyline
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
EnumFontFamiliesExA
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
SetAbortProc
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CopyMetaFileA
MaskBlt
CreateBitmap
CreateDCA
GetDeviceCaps
DeleteDC
TextOutA
SetTextColor
SetBkColor
SetTextAlign
GetStockObject
ExtTextOutA
SelectObject
DeleteObject
CreateFontA
CreateSolidBrush
GetTextExtentPoint32A
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
StartPage
CreatePen
CreateFontIndirectA

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

GetJobA
OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCreateKeyA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegOpenKeyExA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueExA
RegEnumValueA
GetUserNameA
GetFileSecurityA
SetFileSecurityA
RegEnumKeyA
RegSetValueA
RegOpenKeyExW
RegCloseKey
RegEnumKeyExA
RegQueryValueA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
Shell_NotifyIconA
DragFinish
DragQueryFileA
DragAcceptFiles
SHGetFileInfoA
ExtractIconA
SHGetDesktopFolder
SHGetSpecialFolderLocation
ShellExecuteA
SHAppBarMessage

comctl32

ord17
ImageList_GetIconSize

shlwapi

PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA
PathRemoveExtensionA
PathFindFileNameA
UrlUnescapeA

ole32

OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
DoDragDrop
OleGetClipboard
CoLockObjectExternal
CoTaskMemFree
CoCreateInstance
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
StringFromCLSID
CoInitialize
CoDisconnectObject
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoUninitialize
CoInitializeEx
CoRegisterClassObject
CoRevokeClassObject
CoCreateGuid
CLSIDFromProgID
CLSIDFromString
OleUninitialize
CoFreeUnusedLibraries
OleInitialize

oleaut32

SafeArrayDestroy
LoadTypeLi
SysAllocString
VariantCopy
SysStringLen
SysAllocStringByteLen
RegisterActiveObject
RevokeActiveObject
GetActiveObject
SysFreeString
VarUdateFromDate
SysAllocStringLen
SystemTimeToVariantTime
VarBstrFromDate
VariantTimeToSystemTime
OleCreateFontIndirect
VariantInit
VariantChangeType
VariantClear
SysStringByteLen
CreateErrorInfo

oledlg

ord8

ws2_32

WSAStartup
WSACleanup
WSASetLastError

mpr

WNetGetConnectionA

wininet

InternetSetStatusCallback
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetSetOptionExA
InternetQueryDataAvailable
InternetOpenUrlA
InternetConnectA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetGetConnectedState
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

gdiplus

GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipSetInterpolationMode
GdipCreateBitmapFromScan0
GdipCreateFromHDC
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusShutdown
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipDrawImageRectI

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 347KB - Virtual size: 346KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 199KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6dfc4f3a58f5ff1af4dd46b3db345ca8

Headers

DLL Characteristics

File Characteristics

Imports

winmm

taskkeyhook

pcalarmctrl

avicap32

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

ws2_32

mpr

wininet

oleacc

gdiplus

imm32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 347KB - Virtual size: 346KB

.data Size: 31KB - Virtual size: 61KB

.rsrc Size: 2.9MB - Virtual size: 2.9MB

.reloc Size: 199KB - Virtual size: 198KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 347KB - Virtual size: 346KB

.data
Size: 31KB - Virtual size: 61KB

.rsrc
Size: 2.9MB - Virtual size: 2.9MB

.reloc
Size: 199KB - Virtual size: 198KB