2024-06-02_064d245924f755301786c457f95bc707_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-02_064d245924f755301786c457f95bc707_mafia
Size

3.8MB
MD5

064d245924f755301786c457f95bc707
SHA1

ce939ad536ceef4ca08f76b8b83a5eaae676de1c
SHA256

50f8b002100fd2d0064452f1b7d0e1f6142fbf904a470d12fa3ff0685f674168
SHA512

81c02f1576cb9214d29dca63b270beee6272c59add0c107f558290ae1536f20e28cc6d50270943f59093e89447317614274214af04050005dcf6aa8b63d00dc5
SSDEEP

98304:at+Zvg3hfZ9RGqQc9xSf8RHR5GF3zLs+OIwVIqfEOCIu/i+/50iCowy9dP7Z:tqhfZ+S63sPJc/mowy9Bd

Score

1^/10

Malware Config

Signatures

Files

2024-06-02_064d245924f755301786c457f95bc707_mafia
.exe windows:5 windows x86 arch:x86

81c7df277a0f89121a31cc2475fc4298

Code Sign

04:00:00:00:00:01:31:89:c6:37:e8
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02/08/2011, 10:00

Not After

02/08/2019, 10:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31/12/2015, 00:00

Not After

09/07/2019, 18:40

Subject

CN=COMODO SHA-1 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

11:21:65:9f:89:d6:45:b8:4a:63:61:db:ab:1c:e3:6d:63:15
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

16/09/2015, 11:55

Not After

16/09/2016, 11:55

Subject

CN=Tuto4pc Com Group,O=Tuto4pc Com Group,L=Paris,ST=Ile de France,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

c7:c2:9c:13:ae:f3:95:db:ee:40:e4:1f:4e:17:47:40:2d:14:f7:1f
Signer

Actual PE Digest

c7:c2:9c:13:ae:f3:95:db:ee:40:e4:1f:4e:17:47:40:2d:14:f7:1f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Blqck\Desktop\new cbc eop\n\Release\ComBroadcaster.pdb

Imports

shell32

ShellExecuteW
SHGetSpecialFolderPathW
Shell_NotifyIconW
SHFileOperationW
CommandLineToArgvW
SHGetFolderPathW
SHAppBarMessage
SHBrowseForFolderW
DragQueryFileW
DragFinish
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetDesktopFolder
SHGetFileInfoW

rpcrt4

RpcStringFreeW
UuidToStringA
RpcStringFreeA
UuidCreate
UuidToStringW

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTimeZoneInformation
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetStringTypeW
GetFileInformationByHandle
PeekNamedPipe
SetCurrentDirectoryW
WriteConsoleW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetProcessHeap
GetFullPathNameA
SetEnvironmentVariableA
HeapCreate
IsProcessorFeaturePresent
SetEnvironmentVariableW
SetConsoleMode
GetStdHandle
SetConsoleCtrlHandler
GetDriveTypeA
GetDateFormatA
GetTimeFormatA
FlushConsoleInputBuffer
GetVersionExA
GlobalMemoryStatus
GetVersion
ExpandEnvironmentStringsA
WaitForMultipleObjects
SleepEx
DeleteFileA
AreFileApisANSI
GetSystemTime
GetTempPathA
GetDiskFreeSpaceA
LockFileEx
FormatMessageA
UnlockFileEx
CreateFileA
FindNextFileW
SystemTimeToTzSpecificLocalTime
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
OutputDebugStringW
DebugBreak
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedCompareExchange
GetConsoleMode
GetConsoleCP
FindFirstFileExA
SetHandleCount
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapQueryInformation
HeapSize
ExitThread
GetFileType
SetStdHandle
GetCPInfo
FindFirstFileExW
GetDriveTypeW
GetFileAttributesA
VirtualQuery
GetSystemInfo
RtlUnwind
HeapAlloc
HeapReAlloc
GetStartupInfoW
HeapSetInformation
ExitProcess
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
HeapFree
FindResourceExW
GetDiskFreeSpaceW
GetUserDefaultLCID
SearchPathW
GetProfileIntW
GetNumberFormatW
GetWindowsDirectoryW
GetPrivateProfileStringW
WritePrivateProfileStringW
lstrcpyW
GetCurrentDirectoryW
GetFileTime
GetFileSizeEx
GetFileAttributesW
SetFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
GetFileAttributesExW
GetUserDefaultUILanguage
InterlockedExchange
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileW
lstrcmpiW
GlobalFlags
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryW
SystemTimeToFileTime
FileTimeToSystemTime
lstrcmpA
GlobalGetAtomNameW
CompareStringW
GetModuleHandleW
GetProcAddress
CreateEventW
ResumeThread
SetThreadPriority
GlobalSize
FormatMessageW
WideCharToMultiByte
GetCurrentProcessId
ActivateActCtx
ReleaseActCtx
DeactivateActCtx
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalFree
LocalAlloc
GetLocaleInfoW
GetSystemDefaultLCID
CreateFileW
CloseHandle
GetTempPathW
GetVersionExW
CreateDirectoryW
GetTempFileNameW
FindFirstFileW
FindClose
CopyFileW
LockResource
SizeofResource
LoadResource
FindResourceW
GlobalFree
SetLastError
GlobalAlloc
GlobalLock
GlobalUnlock
InterlockedIncrement
MulDiv
lstrcmpW
FlushInstructionCache
lstrlenW
InterlockedDecrement
lstrlenA
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
GetModuleFileNameW
CreateProcessW
CreateThread
SetProcessWorkingSetSize
Sleep
GetTickCount
GetCurrentProcess
VirtualProtect
GetModuleHandleA
LoadLibraryA
VirtualAlloc
VirtualFree
FreeLibrary
GetCurrentThreadId
DeleteCriticalSection
GetLastError
RaiseException
InitializeCriticalSectionAndSpinCount
SetEvent
GetCommandLineW
ReadConsoleInputA

user32

DrawTextExW
DrawTextW
TabbedTextOutW
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
CharUpperW
DestroyIcon
RealChildWindowFromPoint
IsDialogMessageW
CheckDlgButton
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
PostMessageW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
GetDlgCtrlID
GetMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetSysColorBrush
SetWindowsHookExW
CallNextHookEx
GetActiveWindow
GetKeyState
PeekMessageW
ValidateRect
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
GrayStringW
UnhookWindowsHookEx
GetWindowInfo
EnumWindows
GetWindowDC
IsIconic
SetRectEmpty
IntersectRect
ShowOwnedPopups
IsWindowVisible
EnumChildWindows
SendMessageTimeoutW
SetTimer
GetMessageW
TranslateMessage
DispatchMessageW
KillTimer
SetCursor
SetLayeredWindowAttributes
CreatePopupMenu
AppendMenuW
GetCursorPos
SetForegroundWindow
TrackPopupMenu
GetWindowPlacement
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
DeleteMenu
EnumDisplayMonitors
GetMenuDefaultItem
IsRectEmpty
MapVirtualKeyW
GetAsyncKeyState
InvertRect
DrawFocusRect
HideCaret
EnableScrollBar
NotifyWinEvent
MessageBeep
GetNextDlgTabItem
OffsetRect
GetIconInfo
CopyImage
LoadImageW
GetNextDlgGroupItem
DrawIconEx
MessageBoxW
PostThreadMessageW
GetLastInputInfo
MessageBoxA
GetProcessWindowStation
GetUserObjectInformationW
wvsprintfW
LoadStringW
UnregisterClassA
wsprintfW
GetClassNameW
GetForegroundWindow
WaitForInputIdle
SetWindowLongW
GetWindowLongW
SendMessageW
GetWindowRect
GetSystemMetrics
FindWindowW
SetWindowPos
CreateIconIndirect
SwitchToThisWindow
ShowWindow
PostQuitMessage
MoveWindow
UpdateWindow
CreateWindowExW
UpdateLayeredWindow
GetDC
DefWindowProcW
GetSysColor
CharNextW
GetClientRect
ClientToScreen
ScreenToClient
ReleaseDC
InvalidateRect
EmptyClipboard
InvalidateRgn
RedrawWindow
SetCapture
IsChild
GetParent
GetDlgItem
ReleaseCapture
FillRect
DestroyWindow
EndDialog
CreateDialogIndirectParamW
TranslateAcceleratorW
CallWindowProcW
EndPaint
BeginPaint
GetDesktopWindow
BringWindowToTop
InsertMenuItemW
LoadAcceleratorsW
DestroyAcceleratorTable
GetWindow
GetFocus
SetFocus
IsWindow
GetClassInfoExW
LoadCursorW
RegisterClassExW
CreateAcceleratorTableW
SetWindowTextW
LoadMenuW
ReuseDDElParam
UnpackDDElParam
SetRect
WindowFromPoint
IsZoomed
SetWindowRgn
SetParent
SetClassLongW
GetSystemMenu
DrawStateW
DrawEdge
DrawFrameControl
CopyAcceleratorTableW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
SetCursorPos
LockWindowUpdate
GetKeyNameTextW
OpenClipboard
SetClipboardData
CloseClipboard
GetWindowRgn
DestroyCursor
DrawIcon
MapDialogRect
SubtractRect
GetDoubleClickTime
CharUpperBuffW
CopyIcon
RegisterClipboardFormatW
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
CreateMenu
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
WaitMessage
IsMenu
MonitorFromPoint
UnionRect
MapVirtualKeyExW
IsCharLowerW
EnableWindow

gdi32

IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
CreatePen
CreateHatchBrush
CreateRectRgnIndirect
SetRectRgn
SetMapMode
ExcludeClipRect
DPtoLP
CreateDIBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
GetBkColor
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
OffsetRgn
GetRgnBox
EnumFontFamiliesExW
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceW
PatBlt
GetClipBox
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetTextExtentPoint32W
ExtTextOutW
CreateFontIndirectW
SetTextColor
CreateBitmap
CreateDCW
CopyMetaFileW
GetStockObject
GetObjectW
CreateSolidBrush
GetDeviceCaps
BitBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
CombineRgn
SetBkColor
DeleteObject

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

comdlg32

GetFileTitleW

advapi32

RegOpenKeyExW
RegCloseKey
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegOpenKeyExA
RegCreateKeyExW
RegDeleteKeyW
RegQueryValueExW
RegEnumKeyExW
RegSetValueExW
RegDeleteValueW

ole32

OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
DoDragDrop
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
CoUninitialize
CoCreateGuid
OleDuplicateData
ReleaseStgMedium
CoTaskMemFree
CoInitialize
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
CoReleaseServerProcess
CoAddRefServerProcess
CoCreateInstance

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
VariantChangeType
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
SysAllocString
VariantClear
SysStringLen
SysFreeString
VarBstrFromDate
VariantInit

shlwapi

PathRemoveFileSpecW
PathFindExtensionW
PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathFileExistsW
PathAppendW

msimg32

AlphaBlend
TransparentBlt

comctl32

ImageList_GetIconSize

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromFile
GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdiplusStartup
GdiplusShutdown
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStream
GdipFree

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

ws2_32

listen
accept
recvfrom
getaddrinfo
select
WSASetLastError
connect
setsockopt
getpeername
getsockopt
htons
bind
ntohs
getsockname
send
recv
socket
closesocket
WSAGetLastError
WSAStartup
WSACleanup
ioctlsocket
gethostname
freeaddrinfo
__WSAFDIsSet
sendto
shutdown

winmm

PlaySoundW

wldap32

ord30
ord32
ord35
ord79
ord200
ord33
ord301
ord27
ord41
ord46
ord26
ord50
ord22
ord211
ord143
ord60

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 635KB - Virtual size: 635KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81c7df277a0f89121a31cc2475fc4298

Code Sign

04:00:00:00:00:01:31:89:c6:37:e8Certificate

Extended Key Usages

Key Usages

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0bCertificate

Extended Key Usages

Key Usages

11:21:65:9f:89:d6:45:b8:4a:63:61:db:ab:1c:e3:6d:63:15Certificate

Extended Key Usages

Key Usages

c7:c2:9c:13:ae:f3:95:db:ee:40:e4:1f:4e:17:47:40:2d:14:f7:1fSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shell32

rpcrt4

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

ole32

oleaut32

shlwapi

msimg32

comctl32

oleacc

gdiplus

imm32

version

ws2_32

winmm

wldap32

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.rdata Size: 635KB - Virtual size: 635KB

.data Size: 58KB - Virtual size: 104KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 252KB - Virtual size: 251KB

04:00:00:00:00:01:31:89:c6:37:e8
Certificate

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

11:21:65:9f:89:d6:45:b8:4a:63:61:db:ab:1c:e3:6d:63:15
Certificate

c7:c2:9c:13:ae:f3:95:db:ee:40:e4:1f:4e:17:47:40:2d:14:f7:1f
Signer

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 635KB - Virtual size: 635KB

.data
Size: 58KB - Virtual size: 104KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 252KB - Virtual size: 251KB