2024-06-04_f34e6bc02b191264b787d524bdf41cb0_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-06-04_f34e6bc02b191264b787d524bdf41cb0_mafia
Size

1.8MB
MD5

f34e6bc02b191264b787d524bdf41cb0
SHA1

0e5199fc5ce9ae62c2f375fa92e8872b918c5cf8
SHA256

32af887bd748debd35c0d0fea0ae985a93af971875ee22b91b2d66a7cdda79ad
SHA512

7957944bb625768c4f3dc1bc3893faa6e794ba03a800f5bbfc1d5766d5eee1b5a13f6aec05e69a539f621e7c7e3f15e1de0dd2ee3ce9650ce66a2b408ac24198
SSDEEP

49152:y5xGnHKF6Igon/719VthkpY888xwIlwIBgAWhnUe1hUW67oUbX1d6:Ha6No/XVthkpY888xw1IuWe1hUW67oi6

Score

1^/10

Malware Config

Signatures

Files

2024-06-04_f34e6bc02b191264b787d524bdf41cb0_mafia
.exe windows:5 windows x86 arch:x86

29df480397caca94e85b4c406582a9b5

Code Sign

07
Certificate

Issuer

CN=TrustAsia Code Signing CA,O=TrustAsia Technologies\, Inc.,C=CN

Not Before

19-05-2013 10:54

Not After

19-05-2015 10:54

Subject

CN=亚洲诚信代码签名测试证书,O=亚数信息科技（上海）有限公司,L=上海市,ST=上海市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05
Certificate

Issuer

CN=TrustAsia Root CA,O=TrustAsia Technologies\, Inc.,C=CN

Not Before

19-05-2010 10:43

Not After

19-05-2020 10:43

Subject

CN=TrustAsia Code Signing CA,O=TrustAsia Technologies\, Inc.,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e9:9d:a5:e5:64:76:b7:54:24:b3:d7:c5:8a:b0:8d:45:36:8e:f6:c9
Signer

Actual PE Digest

e9:9d:a5:e5:64:76:b7:54:24:b3:d7:c5:8a:b0:8d:45:36:8e:f6:c9

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpQueryInfoA
InternetConnectA
InternetCrackUrlA
InternetReadFile
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
InternetOpenA
InternetCloseHandle

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHAppBarMessage
ShellExecuteA
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHGetFileInfoA
SHChangeNotify
SHFileOperationA
SHGetSpecialFolderLocation

kernel32

ExitThread
CreateThread
RaiseException
GetSystemInfo
VirtualQuery
HeapQueryInformation
HeapSize
SetStdHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
SetHandleCount
GetStdHandle
GetConsoleCP
GetConsoleMode
HeapCreate
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeW
LCMapStringW
CompareStringW
GetTimeZoneInformation
WriteConsoleW
SetEnvironmentVariableA
ExitProcess
RtlUnwind
MultiByteToWideChar
FindFirstFileA
GetProcAddress
FindClose
GetModuleHandleA
CloseHandle
lstrlenA
FreeLibrary
HeapAlloc
HeapFree
VirtualFree
GetProcessHeap
IsBadReadPtr
SetLastError
GetThreadLocale
VirtualAlloc
LoadLibraryA
VirtualProtect
SetCurrentDirectoryA
GetLastError
GetModuleFileNameA
CreateMutexA
WinExec
GetTempPathA
FindResourceW
LoadResource
WideCharToMultiByte
SizeofResource
LockResource
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetModuleHandleW
GlobalAlloc
lstrcmpA
GlobalLock
InterlockedExchange
DeactivateActCtx
GetStartupInfoW
CompareStringA
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalAddAtomA
GlobalFree
FreeResource
FindResourceA
SetThreadPriority
ResumeThread
WaitForSingleObject
GlobalUnlock
MulDiv
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
InterlockedDecrement
lstrlenW
LocalFree
FormatMessageA
GlobalSize
CopyFileA
lstrcmpW
LoadLibraryW
GetVersionExA
GlobalFindAtomA
GlobalGetAtomNameA
GetCurrentDirectoryA
GlobalFlags
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
DeleteFileA
lstrcpyA
lstrcmpiA
CreateFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
GetACP
FileTimeToSystemTime
GetCPInfo
GetOEMCP
SetErrorMode
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileAttributesA
GetFileSizeEx
GetCommandLineA
ActivateActCtx
HeapSetInformation
GetFileTime
GetTempFileNameA
GetTickCount
GetWindowsDirectoryA
GetNumberFormatA
InitializeCriticalSectionAndSpinCount
GetProfileIntA
Sleep
SearchPathA
FindResourceExW
GetFileType
CreateFileW
HeapReAlloc
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
OutputDebugStringA

user32

CharUpperA
DestroyIcon
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
GetSysColorBrush
LoadCursorA
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
InvalidateRect
RealChildWindowFromPoint
DeleteMenu
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CharUpperBuffA
CopyIcon
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetUpdateRect
CheckDlgButton
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
CharNextA
IsClipboardFormatAvailable
SetMenuDefaultItem
PostThreadMessageA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
GetWindowRgn
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
CreateWindowExA
CreateMenu
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetWindowRect
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
PtInRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
InflateRect
CopyRect
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
IsMenu
UpdateLayeredWindow
UnionRect
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
CopyImage
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
RegisterClipboardFormatA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadImageA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyA
ToAsciiEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateA
LoadMenuW
SetClassLongA
GetAsyncKeyState
NotifyWinEvent
CreatePopupMenu
DestroyCursor
SubtractRect
MapVirtualKeyExA
GetKeyNameTextA
IsCharLowerA
SetScrollPos
GetDoubleClickTime
GetSubMenu
RemoveMenu
UnhookWindowsHookEx
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
ShowOwnedPopups
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
SetTimer
KillTimer
GetSystemMenu
PostQuitMessage
IsIconic
DrawIcon
GetClientRect
LoadIconW
SetWindowLongA
AppendMenuA
PostMessageA
GetSystemMetrics
EnableWindow
GetMessageA
TranslateMessage
DispatchMessageA
SendMessageA
DestroyAcceleratorTable
SetParent
RedrawWindow
SetWindowRgn
IsZoomed
UnregisterClassA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
IntersectRect
SetRect
IsRectEmpty
CopyAcceleratorTableA
GetClassInfoExA
OffsetRect
GetWindowThreadProcessId
FrameRect

advapi32

RegSetValueExA
RegQueryValueExA
RegEnumKeyExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA

ole32

ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoUninitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoInitializeEx
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
CoTaskMemFree
CLSIDFromString
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
OleGetClipboard
RegisterDragDrop
CLSIDFromProgID
CoCreateGuid
CoInitialize
CoCreateInstance
CoLockObjectExternal
RevokeDragDrop

oleaut32

VariantClear
VariantChangeType
VariantCopy
SysFreeString
SysAllocStringLen
VarBstrFromDate
VariantInit
SysAllocString
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SysStringLen
SysAllocStringByteLen

shlwapi

PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW

gdi32

CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectA
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetStretchBltMode
SetROP2
CreateCompatibleDC
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateBitmap
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExA
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceA
SetPixelV
SelectPalette
GetStockObject
GetObjectType
GetDeviceCaps
CreatePen
CreateSolidBrush
CreateHatchBrush
CopyMetaFileA
CreateDCA
CreateFontIndirectA
GetTextExtentPoint32A
CreateDIBitmap
CreateCompatibleBitmap
CreateRectRgnIndirect
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
GetBkColor
GetTextColor
GetRgnBox
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
SetBitmapBits
GetBitmapBits
SetPolyFillMode

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comctl32

ImageList_GetIconSize
_TrackMouseEvent

oledlg

ord8

gdiplus

GdipCreatePen1
GdipDrawLineI
GdipSetStringFormatLineAlign
GdipDeletePen
GdipDrawImageRectRectI
GdipCreateImageAttributes
GdipSetImageAttributesColorKeys
GdipDisposeImageAttributes
GdipDeleteStringFormat
GdipDeleteBrush
GdipCreateStringFormat
GdipGetDC
GdipDrawString
GdipSetStringFormatAlign
GdipGraphicsClear
GdipCloneBrush
GdipDeleteFont
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipDeleteFontFamily
GdipCreateSolidFill
GdipCreateFont
GdipCreateFontFamilyFromName
GdipReleaseDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

winmm

PlaySoundA

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29df480397caca94e85b4c406582a9b5

Code Sign

07Certificate

Extended Key Usages

Key Usages

05Certificate

Extended Key Usages

Key Usages

e9:9d:a5:e5:64:76:b7:54:24:b3:d7:c5:8a:b0:8d:45:36:8e:f6:c9Signer

Headers

DLL Characteristics

File Characteristics

Imports

wininet

shell32

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

gdi32

msimg32

comdlg32

winspool.drv

comctl32

oledlg

gdiplus

oleacc

winmm

imm32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 303KB - Virtual size: 302KB

.data Size: 32KB - Virtual size: 62KB

.rsrc Size: 22KB - Virtual size: 21KB

.reloc Size: 170KB - Virtual size: 170KB

07
Certificate

05
Certificate

e9:9d:a5:e5:64:76:b7:54:24:b3:d7:c5:8a:b0:8d:45:36:8e:f6:c9
Signer

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 303KB - Virtual size: 302KB

.data
Size: 32KB - Virtual size: 62KB

.rsrc
Size: 22KB - Virtual size: 21KB

.reloc
Size: 170KB - Virtual size: 170KB