2024-06-01_2a458f6b385c48aad46da18e8ac9c0ac_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-06-01_2a458f6b385c48aad46da18e8ac9c0ac_mafia
Size

7.8MB
MD5

2a458f6b385c48aad46da18e8ac9c0ac
SHA1

412ee0f36a8376626f299146ef90c9b27d66f82e
SHA256

2b2c0dcb7e13c395323c8735fd71061a8a9071559aeb33d82b176642058df766
SHA512

0b7dfd6112ad23890333e2a18445091eeefa30a8526e82cde2fa8c330d5e73582a8e34de2a24ba8f924a7d8d4dea1589203174238a31b2a991fa7cb203d5c1fa
SSDEEP

196608:sTMnqr0rCcQVfXEBVL712AVDBRk3tao+A47IcMRVeWY:sTMnqreFQ9q9712AVDBRk3taoG0zeWY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-01_2a458f6b385c48aad46da18e8ac9c0ac_mafia

Files

2024-06-01_2a458f6b385c48aad46da18e8ac9c0ac_mafia
.exe windows:5 windows x86 arch:x86

3a7fa0d9d7127ca8969af8ea6ee7b92f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

SymFromAddr
SymInitialize

wsock32

select
recv
send
getsockopt
setsockopt
closesocket
WSACleanup
WSAStartup
WSAGetLastError
ntohs
WSASetLastError
shutdown
ntohl
accept
listen
bind
inet_ntoa
htons
connect
ioctlsocket
htonl
socket
gethostbyname

winmm

waveOutWrite
waveOutPrepareHeader
waveOutRestart
waveOutReset
waveOutUnprepareHeader
waveOutOpen
waveOutClose
timeEndPeriod
mciSendCommandA
waveOutPause
timeBeginPeriod

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

WideCharToMultiByte
CloseHandle
OpenProcess
GetSystemInfo
GetModuleHandleA
GetVersionExA
GetVersion
LocalFree
MultiByteToWideChar
LoadLibraryW
InitializeCriticalSection
DeleteCriticalSection
WaitForSingleObject
GetThreadTimes
GetTickCount
TerminateThread
SetEvent
Sleep
GetCurrentThreadId
CreateEventA
GetCurrentProcessId
HeapFree
HeapAlloc
GetProcessHeap
lstrlenW
lstrcpynW
QueryPerformanceCounter
FindClose
FindNextFileW
FindNextFileA
lstrcpyW
lstrcpyA
lstrlenA
FindFirstFileW
FindFirstFileA
ReadFile
FileTimeToSystemTime
CreateFileA
ExitProcess
IsBadReadPtr
lstrcatW
CreateMutexA
GetModuleFileNameW
GlobalMemoryStatus
CreateDirectoryW
DeleteFileW
GetFileAttributesW
GetModuleFileNameA
ResetEvent
CopyFileW
CopyFileA
MoveFileW
MoveFileA
GetFileAttributesA
FormatMessageA
GetSystemTimeAsFileTime
SetLastError
FileTimeToLocalFileTime
GetTimeZoneInformation
GetLocalTime
SetFilePointer
FlushFileBuffers
WriteFile
ReleaseMutex
UnmapViewOfFile
WaitForMultipleObjects
OpenEventA
OpenMutexA
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
CreateFileW
GetProcessAffinityMask
TerminateProcess
CreateProcessA
GetOverlappedResult
GetVolumeInformationA
GetSystemDirectoryA
SetThreadPriority
PulseEvent
CreateSemaphoreA
ReleaseSemaphore
lstrcmpW
GetCurrentDirectoryW
GetCurrentDirectoryA
SetCurrentDirectoryW
SetCurrentDirectoryA
CreateProcessW
GlobalUnlock
GlobalLock
TlsGetValue
TlsSetValue
TlsAlloc
GetStdHandle
GetFileType
FlushConsoleInputBuffer
DecodePointer
EncodePointer
InterlockedDecrement
InterlockedIncrement
ExitThread
CreateThread
HeapCreate
GetDriveTypeW
FindFirstFileExW
DeleteFileA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
SetConsoleCtrlHandler
ReadConsoleInputA
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
LoadLibraryA
GetProcAddress
GetCurrentProcess
GetLastError
GlobalAlloc
SetConsoleMode
GetConsoleMode
LCMapStringW
GetCPInfo
TlsFree
GetModuleHandleW
FindFirstFileExA
IsProcessorFeaturePresent
GetACP
GetOEMCP
IsValidCodePage
SetUnhandledExceptionFilter
HeapSize
GetFullPathNameA
GetFileInformationByHandle
PeekNamedPipe
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetFullPathNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetStdHandle
GetStringTypeW
GetLocaleInfoW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetEndOfFile
CompareStringW
SetEnvironmentVariableA
WriteConsoleW
RtlUnwind
RaiseException
HeapReAlloc
GetDriveTypeA
CreateDirectoryA
SystemTimeToFileTime
SetEnvironmentVariableW

user32

PostQuitMessage
MessageBeep
TranslateMessage
SetCursor
GetScrollInfo
SetWindowRgn
DestroyMenu
TrackPopupMenu
CreatePopupMenu
DrawTextW
GetForegroundWindow
DefWindowProcW
GetMessageW
GetMessageA
DispatchMessageW
DispatchMessageA
PeekMessageW
PeekMessageA
PostMessageW
PostMessageA
PostThreadMessageW
PostThreadMessageA
GetWindowLongW
SetWindowLongW
GetWindowTextLengthW
GetWindowTextLengthA
CreateDialogIndirectParamW
CreateDialogIndirectParamA
CallWindowProcW
CallWindowProcA
SetWindowsHookExW
SetWindowsHookExA
RegisterClassExW
GetClassInfoExW
GetClassInfoExA
CreateWindowExW
GetWindowTextW
GetWindowTextA
SetWindowTextW
SetWindowTextA
AppendMenuA
AppendMenuW
MessageBoxW
MessageBoxA
DrawTextA
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
PtInRect
AdjustWindowRect
GetClipboardData
IsClipboardFormatAvailable
SetMenu
GetMenu
CreateMenu
IsDialogMessageW
IsDialogMessageA
RemovePropA
LoadImageA
EnableMenuItem
GetMenuItemInfoA
CheckMenuItem
SetWindowPlacement
GetProcessWindowStation
GetUserObjectInformationW
GetSysColorBrush
FindWindowA
IntersectRect
RegisterClassExA
CreateWindowExA
GetWindowLongA
GetDC
EqualRect
SetWindowLongA
DefWindowProcA
CopyRect
SetRect
SetScrollInfo
EnableScrollBar
ScrollWindow
SetScrollPos
KillTimer
SetTimer
ShowScrollBar
EnumWindows
GetAsyncKeyState
GetWindow
GetWindowThreadProcessId
GetWindowDC
MoveWindow
IsZoomed
IsIconic
GetClientRect
ReleaseCapture
SetCapture
ReleaseDC
WindowFromPoint
GetUpdateRect
IsRectEmpty
GetKeyState
BeginPaint
InvalidateRect
SendMessageW
SendMessageA
IsWindowVisible
GetCursorPos
UpdateWindow
OffsetRect
GetSystemMetrics
GetSysColor
EndPaint
GetFocus
SystemParametersInfoA
LoadIconA
LoadCursorA
SetFocus
SetPropA
GetPropA
UnhookWindowsHookEx
ClientToScreen
CallNextHookEx
GetClassNameA
GetParent
GetActiveWindow
ScreenToClient
DestroyWindow
GetWindowPlacement
ShowWindow
SetWindowPos
SetForegroundWindow
GetDlgItem
wsprintfA
UnionRect
SetRectEmpty
DrawFocusRect
InflateRect
IsWindow
IsWindowEnabled
EnableWindow
IsChild
GetDesktopWindow
GetWindowRect
DrawEdge
RedrawWindow
DrawIcon
GetTopWindow
GetMessagePos

gdi32

CreateCompatibleDC
EnumFontFamiliesExA
TextOutW
GetCharABCWidthsW
OffsetViewportOrgEx
Rectangle
SetWindowOrgEx
ExcludeClipRect
GetWindowOrgEx
SetDIBitsToDevice
CreateDIBSection
CreatePatternBrush
SetDIBits
CreateCompatibleBitmap
GetDIBits
CreatePen
LineTo
MoveToEx
GetDeviceCaps
DeleteDC
GetTextExtentPoint32W
GetClipBox
SetBkMode
SetTextColor
GetTextMetricsA
GetStockObject
SetBkColor
ExtTextOutW
BitBlt
GetObjectA
CreateFontIndirectA
SelectObject
CreatePolygonRgn
CreateSolidBrush
DeleteObject

advapi32

RegisterEventSourceA
DeregisterEventSource
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
ReportEventA

ole32

CoInitializeEx
CoDisconnectObject
OleSetContainedObject
CoCreateInstance
OleDraw
OleCreate
CLSIDFromProgID
CoUninitialize

oleaut32

GetErrorInfo
VariantClear
VariantInit
SysFreeString
SysAllocString

Sections

.text
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 16.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 380KB - Virtual size: 379KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 686KB - Virtual size: 686KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a7fa0d9d7127ca8969af8ea6ee7b92f

Headers

DLL Characteristics

File Characteristics

Imports

dbghelp

wsock32

winmm

version

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 4.8MB - Virtual size: 4.8MB

.rdata Size: 1.9MB - Virtual size: 1.9MB

.data Size: 53KB - Virtual size: 16.1MB

.rsrc Size: 380KB - Virtual size: 379KB

.reloc Size: 686KB - Virtual size: 686KB

.text
Size: 4.8MB - Virtual size: 4.8MB

.rdata
Size: 1.9MB - Virtual size: 1.9MB

.data
Size: 53KB - Virtual size: 16.1MB

.rsrc
Size: 380KB - Virtual size: 379KB

.reloc
Size: 686KB - Virtual size: 686KB