2024-06-02_ff6fe91a8821c062ddba72394c124f52_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-02_ff6fe91a8821c062ddba72394c124f52_mafia
Size

1.8MB
MD5

ff6fe91a8821c062ddba72394c124f52
SHA1

1861407e259bcaeb33aa9f6526bd60c4c8b76e32
SHA256

b899260fe1c24affe9dd8e0c5c758983c4f43539710fe66dd18f020e2b6c1dd9
SHA512

54ee48ddb388434f0b7c87d01e2eb2efa86d84a19b45c069b360248cf22140e6a124c5482bdaaf2dc2fe7f2b97b3b5733cbb06f3ec9741589fe73114e78c6329
SSDEEP

49152:PDkYmjRG6YFQ3w+xYUNRef4LTzBcQJQdpYrtEUMR1yUe2x4bRGRpG5rj8:PejRG6YFd+xYUNy4LTWQJQdyrtEUeyGL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-02_ff6fe91a8821c062ddba72394c124f52_mafia

Files

2024-06-02_ff6fe91a8821c062ddba72394c124f52_mafia
.exe windows:5 windows x86 arch:x86

0387f251430ce8455d4dc8e6aef651b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
FreeLibrary
FreeResource
GetVersionExA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentProcessId
GetModuleHandleW
lstrcmpA
InterlockedExchange
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetUserDefaultLCID
GetFileAttributesA
SystemTimeToFileTime
ReplaceFileA
SetFileTime
GetFileTime
GetTempFileNameA
GetFullPathNameA
GetDiskFreeSpaceA
GetStringTypeExA
GetThreadLocale
lstrcmpiA
ReadFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetShortPathNameA
LeaveCriticalSection
EnterCriticalSection
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
GetProfileIntA
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
GetACP
GetCPInfo
GetOEMCP
FileTimeToSystemTime
lstrcpyA
GetCurrentDirectoryA
FileTimeToLocalFileTime
GetFileAttributesExA
LocalFileTimeToFileTime
GetFileSizeEx
SetErrorMode
LoadLibraryW
GetNumberFormatA
GetTempPathA
GetTickCount
InitializeCriticalSectionAndSpinCount
SearchPathA
VirtualProtect
FindResourceExW
HeapFree
RaiseException
RtlUnwind
ExitProcess
DecodePointer
EncodePointer
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitThread
CreateThread
HeapReAlloc
HeapSize
HeapQueryInformation
GetSystemTimeAsFileTime
SetStdHandle
GetFileType
IsProcessorFeaturePresent
HeapCreate
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeW
LCMapStringW
CompareStringW
GetTimeZoneInformation
WriteConsoleW
EnumSystemLocalesA
IsValidLocale
CreateFileW
SetEnvironmentVariableA
WaitForSingleObject
GetCurrentThreadId
ResumeThread
SetThreadPriority
SetLastError
CopyFileA
GlobalSize
FormatMessageA
LocalFree
FindResourceW
lstrlenW
MultiByteToWideChar
MulDiv
lstrlenA
ActivateActCtx
DeactivateActCtx
GetWindowsDirectoryA
lstrcmpW
WideCharToMultiByte
GlobalAlloc
GlobalLock
CreateFileA
WriteFile
GlobalUnlock
GlobalFree
LoadLibraryA
GetProcAddress
GetModuleFileNameA
CreateDirectoryA
OpenProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
InterlockedDecrement
InterlockedIncrement
GetLastError
CloseHandle
CreateMutexA
Sleep
DeleteFileA
MoveFileA
FindResourceA
LoadResource
SizeofResource
GetModuleHandleA
LockResource
GetProcessHeap

user32

InflateRect
PostQuitMessage
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
CharUpperA
IsRectEmpty
SystemParametersInfoA
DrawIcon
SetWindowRgn
LoadCursorW
GetDCEx
GetMenuItemInfoA
DestroyCursor
IsZoomed
DeleteMenu
GetSystemMenu
SetParent
GetSysColorBrush
RealChildWindowFromPoint
GetKeyNameTextA
MapVirtualKeyA
EnumDisplayMonitors
SetLayeredWindowAttributes
UnionRect
LoadAcceleratorsW
CharNextA
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
UnregisterClassA
CreateMenu
PostThreadMessageA
GetTabbedTextExtentW
LockWindowUpdate
RedrawWindow
GetMenuDefaultItem
GetAsyncKeyState
InvertRect
DrawFocusRect
HideCaret
EnableScrollBar
NotifyWinEvent
GetIconInfo
CopyImage
DrawIconEx
DestroyAcceleratorTable
DrawStateA
DrawEdge
DrawFrameControl
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableA
SetCursorPos
RegisterClipboardFormatA
IsClipboardFormatAvailable
WaitMessage
LoadImageW
IsCharLowerA
MapVirtualKeyExA
UpdateLayeredWindow
MonitorFromPoint
IsMenu
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
SetMenuDefaultItem
FrameRect
GetUpdateRect
CopyIcon
CharUpperBuffA
GetDoubleClickTime
SubtractRect
GetWindowRgn
ReuseDDElParam
SetForegroundWindow
ShowScrollBar
MessageBoxA
EndPaint
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
GetWindowRect
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
GetWindow
RegisterWindowMessageA
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
PeekMessageA
ValidateRect
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
LoadMenuA
DestroyMenu
LoadImageA
DestroyIcon
GetWindowThreadProcessId
SetCursor
LoadAcceleratorsA
IsIconic
InsertMenuItemA
CreatePopupMenu
IntersectRect
BringWindowToTop
TranslateAcceleratorA
WindowFromPoint
KillTimer
OffsetRect
SetRectEmpty
GetSystemMetrics
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
GetScrollPos
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
LoadIconW
SendDlgItemMessageA
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
CreateWindowExA
UnpackDDElParam
WinHelpA
IsChild
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
LoadIconA
SetTimer
IsWindowVisible
SendMessageA
GetParent
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
ReleaseCapture
GetKeyState
SetCapture
GetCapture
ClientToScreen
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
LoadMenuW
GetSubMenu
FillRect
wsprintfA
LoadCursorA
SetClassLongA
PostMessageA
GetCursorPos
ReleaseDC
GetDC
ScreenToClient
SetRect
UpdateWindow
EnableWindow
InvalidateRect
GetClientRect
PtInRect
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos

gdi32

SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
GetClipBox
SetPixelV
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
SetPolyFillMode
EnumFontFamiliesExA
OffsetRgn
SetPixel
StretchBlt
SetDIBColorTable
Rectangle
DPtoLP
GetStockObject
CreatePen
CreateCompatibleBitmap
CreateCompatibleDC
GetDIBits
RealizePalette
SelectPalette
GetObjectA
DeleteDC
GetDeviceCaps
CreateDCA
Ellipse
SetBkMode
RestoreDC
SaveDC
Polygon
Polyline
CreatePolygonRgn
CreateRoundRectRgn
GetSystemPaletteEntries
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
GetWindowOrgEx
GetTextExtentPoint32W
GetTextExtentPointA
GetTextFaceA
GetTextAlign
GetStretchBltMode
GetBkColor
StretchDIBits
CreateFontA
SelectObject
GetCharWidthA
DeleteObject
CreateBitmap
SetBkColor
PtInRegion
CopyMetaFileA
GetROP2
GetPolyFillMode
GetBkMode
GetNearestColor
GetRgnBox
GetTextColor
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
GetTextMetricsA
GetViewportOrgEx
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
GetTextExtentPoint32A
UnrealizeObject
CreateDIBSection
LPtoDP
CreateEllipticRgn
PatBlt
GetMapMode
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateFontIndirectA
CreateHatchBrush
CreateSolidBrush
GetObjectType
CreatePatternBrush
ExtSelectClipRgn
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
GetLayout
SetLayout
ScaleViewportExtEx
SetViewportExtEx
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
StartDocA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetTextColor

advapi32

RegSetValueA
RegEnumValueA
RegOpenKeyExW
GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
LookupPrivilegeValueA
OpenProcessToken
RegSetValueExA
RegCloseKey
RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA

shell32

ShellExecuteA
SHGetFolderPathA
SHAppBarMessage
SHBrowseForFolderA
DragFinish
DragQueryFileA
SHGetFileInfoA
SHAddToRecentDocs
ExtractIconA
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetSpecialFolderLocation

ole32

OleLockRunning
CoLockObjectExternal
OleInitialize
OleGetClipboard
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
RegisterDragDrop
RevokeDragDrop
CoFreeUnusedLibraries
OleUninitialize
CoCreateInstance
CoInitializeSecurity
CoInitializeEx
CoTaskMemFree
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
CoUninitialize
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
StringFromCLSID

oleaut32

VariantChangeType
SysAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringByteLen
SysStringLen
SysAllocString
SysFreeString
VariantInit
VariantClear
VarBstrFromDate
OleCreateFontIndirect
VariantCopy
SafeArrayDestroy

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathAppendA
PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA

oledlg

ord8

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle
HttpQueryInfoA

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCreateBitmapFromStream
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusShutdown
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipCloneImage

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

winspool.drv

OpenPrinterA
GetJobA
ClosePrinter
DocumentPropertiesA

comdlg32

GetFileTitleA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0387f251430ce8455d4dc8e6aef651b9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msimg32

comctl32

shlwapi

oledlg

wininet

oleacc

gdiplus

imm32

winmm

winspool.drv

comdlg32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 300KB - Virtual size: 299KB

.data Size: 27KB - Virtual size: 57KB

.rsrc Size: 36KB - Virtual size: 36KB

.reloc Size: 170KB - Virtual size: 170KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 300KB - Virtual size: 299KB

.data
Size: 27KB - Virtual size: 57KB

.rsrc
Size: 36KB - Virtual size: 36KB

.reloc
Size: 170KB - Virtual size: 170KB