2024-06-02_aa103eea9c8e97ebac375f0ecd4ef0f5_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-02_aa103eea9c8e97ebac375f0ecd4ef0f5_mafia
Size

2.4MB
MD5

aa103eea9c8e97ebac375f0ecd4ef0f5
SHA1

029f7c9f780ba4a468c7c0515fdd7a699ff36e83
SHA256

efd45e0335a096431401bf061571cf61114bc073d20a4775c0fdc481e41b45e9
SHA512

ba8fb098304af464dd97d18d11414f03b686bcd4e6515adcfa2dad22f1a0b6edde7dcf02cf6a3ddbd4415dc593a2f681800b933bb14f442a5f4c9df56f051df4
SSDEEP

49152:r/I9M5U/aWimrh9H/1kpakC/+RL5bUIs3nqg5:cqKrZrfdkpa/2pCI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-02_aa103eea9c8e97ebac375f0ecd4ef0f5_mafia

Files

2024-06-02_aa103eea9c8e97ebac375f0ecd4ef0f5_mafia
.exe windows:5 windows x86 arch:x86

b223d2783e8dbaf11cf5ed4d9be6a872

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\Administrator\My Documents\Visual Studio 2010\Projects\vim81\src\vim.pdb

Imports

kernel32

GlobalUnlock
GetSystemInfo
SetConsoleTitleW
GetModuleHandleA
GetCurrentProcessId
LocalFree
GlobalSize
GlobalAlloc
GlobalFree
GetFullPathNameW
GetCommandLineW
GetComputerNameA
GetFullPathNameA
GetTempFileNameW
FillConsoleOutputCharacterA
SearchPathW
WriteConsoleOutputCharacterW
WriteConsoleOutputCharacterA
SetErrorMode
WriteConsoleOutputW
CreateProcessW
SetConsoleTextAttribute
GetNumberOfConsoleMouseButtons
GetCurrentProcess
ReadConsoleOutputAttribute
WaitForSingleObject
SetConsoleScreenBufferSize
WriteConsoleInputA
GetComputerNameW
BackupSeek
WriteFile
GetConsoleMode
GetConsoleWindow
ReadConsoleOutputW
GetFileAttributesA
SetConsoleMode
SetConsoleCursorPosition
GetFileAttributesW
CreateProcessA
WriteConsoleW
SetConsoleTitleA
SetCurrentDirectoryA
GetStdHandle
GetCurrentDirectoryW
GetLongPathNameW
BackupRead
PeekConsoleInputW
MoveFileW
SearchPathA
SetFileAttributesA
LoadLibraryA
WriteConsoleA
GetConsoleScreenBufferInfo
GetFileType
MoveFileA
SetConsoleCtrlHandler
GlobalMemoryStatusEx
SetCurrentDirectoryW
SetConsoleWindowInfo
GetModuleFileNameA
SetConsoleCursorInfo
GetConsoleTitleW
FillConsoleOutputAttribute
GetCurrentDirectoryA
GetConsoleCursorInfo
WriteConsoleOutputAttribute
ScrollConsoleScreenBufferA
GetVersionExA
ReadConsoleInputW
DeleteFileW
GetFileInformationByHandle
SetFileAttributesW
TerminateProcess
GetStartupInfoA
CreatePipe
CreateFileW
IsDBCSLeadByte
MulDiv
Sleep
FormatMessageA
GetConsoleTitleA
IsBadReadPtr
GlobalLock
VirtualQuery
CreateFileA
GetLocaleInfoA
FindNextFileW
RtlUnwind
GetEnvironmentStringsW
FreeEnvironmentStringsW
CompareStringW
GetProcessHeap
FindNextFileA
FindClose
FindFirstFileA
GetTickCount
FindFirstFileW
GetConsoleCP
IsValidCodePage
GetProcAddress
IsDBCSLeadByteEx
GetLastError
GetACP
FreeLibrary
GetCPInfo
DeleteFileA
GetShortPathNameA
GetTempPathA
GetTempFileNameA
MultiByteToWideChar
WideCharToMultiByte
QueryPerformanceFrequency
QueryPerformanceCounter
CloseHandle
DebugBreakProcess
OpenProcess
GetLongPathNameA
GetLargestConsoleWindowSize
SetEndOfFile
HeapSize
LoadLibraryW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoW
GetUserDefaultLCID
RaiseException
GetTimeZoneInformation
LCMapStringW
GetModuleFileNameW
HeapCreate
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetOEMCP
DeleteCriticalSection
GetStartupInfoW
SetHandleCount
IsProcessorFeaturePresent
SetEnvironmentVariableA
DuplicateHandle
HeapSetInformation
GetCommandLineA
ReadFile
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStringTypeW
RemoveDirectoryA
CreateDirectoryA
RemoveDirectoryW
CreateDirectoryW
InitializeCriticalSectionAndSpinCount
SetStdHandle
PeekNamedPipe
FindFirstFileExW
GetDriveTypeW
SetEnvironmentVariableW
EncodePointer
VirtualAlloc
VirtualProtect
FindFirstFileExA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
FlushFileBuffers
DecodePointer
ExitProcess
GetModuleHandleW
SetFilePointer
InterlockedIncrement
InterlockedDecrement
HeapFree
HeapAlloc
GetTimeFormatA
GetDateFormatA
HeapReAlloc
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
GetExitCodeProcess

advapi32

OpenProcessToken
GetNamedSecurityInfoA
AdjustTokenPrivileges
SetNamedSecurityInfoA
GetUserNameW
GetAclInformation
LookupPrivilegeValueA
SetNamedSecurityInfoW
GetAce
GetNamedSecurityInfoW
GetUserNameA

shell32

ShellExecuteA
ExtractIconA
ShellExecuteW
CommandLineToArgvW

gdi32

SelectObject
StartDocA
EnumFontFamiliesA
DeleteObject
GetNearestColor
GetTextMetricsA
SetTextAlign
TextOutW
EndDoc
TextOutA
SetBkMode
SetAbortProc
CreateDCA
CreateFontIndirectA
GetDeviceCaps
DeleteDC
SetTextColor
StartPage
GetTextExtentPoint32W
EndPage
StartDocW
SetBkColor

comdlg32

CommDlgExtendedError
PrintDlgA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

netapi32

NetUserEnum
NetApiBufferFree

user32

OpenClipboard
SetClipboardData
DestroyWindow
GetClassNameA
GetSystemMenu
GetWindowRect
CreateDialogParamA
SendDlgItemMessageA
GetWindowDC
MsgWaitForMultipleObjects
SetForegroundWindow
GetParent
wsprintfA
SendMessageA
EnumWindows
TranslateMessage
SetDlgItemInt
IsDialogMessageW
OffsetRect
GetWindowTextA
CharUpperBuffA
EmptyClipboard
PeekMessageW
CreateWindowExA
ReleaseDC
EnableMenuItem
DefWindowProcA
CharLowerBuffA
GetDesktopWindow
SetWindowPos
EnumChildWindows
IsWindow
SystemParametersInfoA
SetWindowTextA
LoadImageA
SetDlgItemTextW
EnableWindow
FindWindowA
GetDlgItemTextA
SetDlgItemTextA
CopyRect
RegisterClassA
DispatchMessageW
MapVirtualKeyA
GetClipboardData
RegisterClipboardFormatA
IsClipboardFormatAvailable
CloseClipboard
ToUnicode
GetSystemMetrics
MessageBeep
BringWindowToTop

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 256KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b223d2783e8dbaf11cf5ed4d9be6a872

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

shell32

gdi32

comdlg32

ole32

netapi32

user32

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 74KB - Virtual size: 74KB

.data Size: 256KB - Virtual size: 305KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 151KB - Virtual size: 151KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 74KB - Virtual size: 74KB

.data
Size: 256KB - Virtual size: 305KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 151KB - Virtual size: 151KB