2024-06-03_211ba7f100e977e4f2941b300cc7fcc1_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-03_211ba7f100e977e4f2941b300cc7fcc1_mafia
Size

2.1MB
MD5

211ba7f100e977e4f2941b300cc7fcc1
SHA1

14ebf9498945d1fb9202661a07319fd3de96db96
SHA256

43682cd578d4c966b5ebe53bbd9fe23467a7deec5691ea17a4e002a200a4ced9
SHA512

4ac6d9896f55ba1b7e3d1e461f879a51d82eefbdbf133e5bbd7902cd42e5ada2464122d12dbfeb9440d9e06fd82faf72e3e7487f81da091a246b0c485c44af87
SSDEEP

49152:j2MmySvxiKw0l/jMCyWI0zMEGZyaZY3GTm8ubN:j2NySvxiKwcHz5Go

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-03_211ba7f100e977e4f2941b300cc7fcc1_mafia

Files

2024-06-03_211ba7f100e977e4f2941b300cc7fcc1_mafia
.exe windows:5 windows x86 arch:x86

d02caa31cf4a4a04cf19048df340da92

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateAcceleratorTableW
DestroyAcceleratorTable
DestroyCursor
InsertMenuItemW
GetSubMenu
CreateMenu
AppendMenuW
InsertMenuW
RemoveMenu
DestroyMenu
CreatePopupMenu
SetMenuItemInfoW
ModifyMenuW
CheckMenuRadioItem
CheckMenuItem
GetMenuState
SetClipboardData
RegisterClipboardFormatW
GetUpdateRect
DrawIcon
SetMenu
DrawIconEx
BeginPaint
GetWindowDC
EndPaint
GetClassNameW
MapWindowPoints
GetClassInfoW
KillTimer
SetTimer
UnionRect
GetForegroundWindow
DrawFocusRect
CreateIconIndirect
CreateDialogIndirectParamW
UnregisterClassW
FlashWindow
SetWindowRgn
GetMenu
AdjustWindowRectEx
GetSystemMenu
EnableMenuItem
DrawMenuBar
GetDesktopWindow
IsIconic
IsZoomed
BringWindowToTop
GetDlgItem
CreateDialogParamW
GetUpdateRgn
IsDialogMessageW
TrackPopupMenu
IsWindow
PtInRect
GetCapture
UnregisterHotKey
RegisterHotKey
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
GetActiveWindow
GetMenuItemCount
GetMenuItemInfoW
SystemParametersInfoW
GetMessageTime
GetWindow
BeginDeferWindowPos
EndDeferWindowPos
InvalidateRect
GetFocus
IsWindowEnabled
IsWindowVisible
DeferWindowPos
MoveWindow
ClientToScreen
ScreenToClient
UpdateWindow
TranslateAcceleratorW
SetParent
GetCursorPos
WindowFromPoint
ScrollWindow
SetScrollInfo
GetScrollInfo
SetCursorPos
ReleaseCapture
SetCapture
ShowWindow
EnableWindow
SetFocus
GetClientRect
GetWindowRect
GetAsyncKeyState
VkKeyScanW
DispatchMessageW
TranslateMessage
PostQuitMessage
ReleaseDC
GetDC
LoadImageW
DestroyIcon
GetIconInfo
GetSystemMetrics
LoadBitmapW
LoadIconW
GetWindowTextLengthW
HideCaret
GetWindowLongW
keybd_event
SetWindowPos
GetParent
CallWindowProcW
OpenClipboard
IsClipboardFormatAvailable
CloseClipboard
ChildWindowFromPoint
SetWindowTextW
SetWindowLongW
GetKeyState
LoadCursorW
SetCursor
DdePostAdvise
DdeConnect
DdeNameService
DdeCreateStringHandleW
DdeClientTransaction
DdeDisconnect
DdeInitializeW
DdeGetLastError
DdeCreateDataHandle
DdeGetData
DdeFreeDataHandle
DdeUninitialize
DdeQueryStringW
DdeFreeStringHandle
PeekMessageW
PostThreadMessageW
PostMessageW
RegisterClassW
MessageBeep
GetWindowThreadProcessId
CreateWindowExW
WaitForInputIdle
DestroyWindow
DefWindowProcW
MessageBoxW
GetMessageW
ValidateRect
DrawEdge
DrawFrameControl
FillRect
SendMessageW
OffsetRect
CopyRect
GetSysColor
InflateRect
DrawTextW
EnumWindows
SetForegroundWindow
GetMessagePos
DrawStateW
DefFrameProcW
TranslateMDISysAccel
DefMDIChildProcW
GetMenuStringW
ChangeDisplaySettingsW
EnumDisplaySettingsW
ShowCursor
wvsprintfA
MessageBoxA
wsprintfA
RedrawWindow
GetWindowTextW

gdi32

CreateSolidBrush
SetTextColor
SetBkMode
CreatePen
SelectObject
DeleteObject
CreateRectRgnIndirect
CreateDCW
StartDocW
EndPage
StartPage
EndDoc
SetAbortProc
EnumFontFamiliesExW
DeleteEnhMetaFile
CopyEnhMetaFileW
GetEnhMetaFileW
GetSystemPaletteEntries
PatBlt
SetTextAlign
GetObjectW
CombineRgn
RectInRegion
PtInRegion
EqualRgn
GetRgnBox
GetDIBColorTable
CreateDIBitmap
GetDIBits
CreateDIBSection
CreatePalette
GetNearestPaletteIndex
ExtCreatePen
CreateHatchBrush
StretchDIBits
StretchBlt
MaskBlt
GetStockObject
Ellipse
RoundRect
Rectangle
PolyPolygon
SetPolyFillMode
Polygon
Pie
Arc
SelectClipRgn
GetTextColor
GetBkColor
SetMapMode
SetViewportExtEx
SetWindowExtEx
SetViewportOrgEx
SetWindowOrgEx
GetTextExtentExPointW
GetCharABCWidthsW
SetROP2
TextOutW
PolyBezier
Polyline
SetPixel
GetPixel
ExtFloodFill
ExtSelectClipRgn
GetClipBox
SetStretchBltMode
SaveDC
RestoreDC
MoveToEx
LineTo
CreateICW
CreatePatternBrush
SetBrushOrgEx
SetBkColor
CreateBitmap
CreateCompatibleBitmap
BitBlt
DeleteDC
CreateCompatibleDC
GetPaletteEntries
GetRegionData
ExtCreateRegion
OffsetRgn
ExcludeClipRect
CreateRectRgn
GetTextExtentPoint32W
SelectPalette
RealizePalette
GdiFlush
GetTextMetricsW
GetDeviceCaps
CreateFontIndirectW

shell32

SHBrowseForFolderW
DragQueryPoint
DragFinish
DragAcceptFiles
ExtractIconExW
ExtractIconW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteExW
SHGetSpecialFolderPathW
DragQueryFileW

kernel32

SetEnvironmentVariableA
CompareStringW
SetEndOfFile
EnumSystemLocalesA
GetLocaleInfoA
GetDriveTypeW
GetCurrentDirectoryW
GetStringTypeW
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
SetHandleCount
LCMapStringW
GetOEMCP
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapCreate
WriteConsoleW
MoveFileW
GetFullPathNameW
CreateDirectoryW
GetDateFormatW
GetTimeFormatW
GetSystemTimeAsFileTime
DeleteFileW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetVersionExW
WideCharToMultiByte
MultiByteToWideChar
CreateFileW
CloseHandle
GetLastError
GetTempPathW
FindClose
FindFirstFileW
GetTempFileNameW
LocalFree
FormatMessageW
GetFileType
GetFileAttributesW
CopyFileW
SetCurrentDirectoryW
GetWindowsDirectoryW
ExpandEnvironmentStringsW
ReadFile
WriteFile
CreatePipe
PeekNamedPipe
SetNamedPipeHandleState
GetExitCodeProcess
WaitForSingleObject
Sleep
ResumeThread
CreateThread
CreateProcessW
DuplicateHandle
GetCurrentProcess
GetEnvironmentVariableW
GetCurrentProcessId
GetCPInfo
IsValidCodePage
GetProcAddress
GetModuleHandleW
SetEnvironmentVariableW
GetModuleFileNameW
TerminateProcess
OpenProcess
GetTimeZoneInformation
GetLocaleInfoW
GetThreadLocale
GetACP
GetUserDefaultLCID
IsValidLocale
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
LoadLibraryW
HeapReAlloc
InterlockedIncrement
InterlockedDecrement
TlsGetValue
TlsFree
TlsSetValue
TlsAlloc
ExitProcess
FreeLibrary
GetStdHandle
OutputDebugStringW
RaiseException
SetLastError
SetErrorMode
GetCommandLineW
LocalAlloc
GlobalUnlock
GlobalLock
GlobalSize
GlobalFree
GlobalAlloc
HeapSize
GetProcessHeap
SetFilePointer
CreateFileA
lstrlenA
HeapFree
DecodePointer
EncodePointer
RtlUnwind
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapAlloc

comdlg32

PageSetupDlgW
PrintDlgW
ChooseFontW
ChooseColorW
GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError

comctl32

ImageList_GetImageCount
CreateStatusWindowW
ImageList_Destroy
ImageList_EndDrag
ord17
ImageList_Draw
ImageList_GetIconSize
ImageList_DragMove
ImageList_Add
ImageList_BeginDrag
ImageList_Create
ImageList_ReplaceIcon
ImageList_SetDragCursorImage
ImageList_DragLeave
ImageList_DragEnter
ord16

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

ole32

OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
ReleaseStgMedium
OleInitialize
OleUninitialize
CoCreateInstance
OleFlushClipboard
OleIsCurrentClipboard
RevokeDragDrop
OleSetClipboard

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 509KB - Virtual size: 508KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d02caa31cf4a4a04cf19048df340da92

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

shell32

kernel32

comdlg32

comctl32

advapi32

ole32

winspool.drv

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 509KB - Virtual size: 508KB

.data Size: 46KB - Virtual size: 203KB

.rsrc Size: 89KB - Virtual size: 89KB

.reloc Size: 164KB - Virtual size: 164KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 509KB - Virtual size: 508KB

.data
Size: 46KB - Virtual size: 203KB

.rsrc
Size: 89KB - Virtual size: 89KB

.reloc
Size: 164KB - Virtual size: 164KB