2024-06-06_2ac48af7a17a13f532068ca94e83adc8_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-06_2ac48af7a17a13f532068ca94e83adc8_mafia
Size

2.5MB
MD5

2ac48af7a17a13f532068ca94e83adc8
SHA1

f73aa1ae685de125f27bdbf1d33a149c57a64136
SHA256

a92080e3fcc18ad55d3f2f4a3e8adbb91089d397f0fc547320d518a220ffa7e5
SHA512

1c643f6b16dd115f3eb282ed4616b5e25d46eae5f549e0d92709d8fee50b6f85f8bde70e09b2b345de07ba8026fe2cd4b8f768c1e7b1d8fb86a66447557f9c4b
SSDEEP

49152:7c/I7LUfwqJU2QhPVn+KFLf4cxdAlV0eqMqoMq0g8afI4rzNkR9Ir3PIXPQd+ayc:7c/I7iwqJ8vn+KFLPxdAD0eqMqoMFgIa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-06_2ac48af7a17a13f532068ca94e83adc8_mafia

Files

2024-06-06_2ac48af7a17a13f532068ca94e83adc8_mafia
.exe windows:5 windows x86 arch:x86

c7c40d0c05cb9b1bceeb70b62586484b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\luofuyou\IE&Clinet&Param\Client\DVRClient\binRelease\DVRClient.pdb

Imports

winmm

PlaySoundA

madvsnetdll

MANET_SetRealMsgCallBack
MANET_SetChannelColor
MANET_GetColorDefaults
MANET_GetChannelColor
MANET_StopDownRecordFile
MANET_CloseNetPlayback
MANET_StartDownRecordFile
MANET_SetDownRecordFileMsgCallBack
MANET_OpenNetPlayback
MANET_SearchDVSRecFile
MANET_SetSearchRecordCallBack
MANET_UnInitialize
MANET_StartSearchDevice
MANET_StopSearchDevice
MANET_SetSearchCallBack
MANET_Initialize
MANET_CloseNetPlaybackSound
MANET_OpenNetPlaybackSound
MANET_StartNetPlayback
MANET_StopNetPlayback
MANET_NetPlaybackCaptureBMP
MANET_CloseSetup
MANET_SearchLog
MANET_SetSearchLogDataCallBack
MANET_SetSearchLogMsgCallBack
MANET_OpenSetupDevServerMode
MANET_CloseUploadFile
MANET_Reboot
MANET_LoadFailSafeDefaults
MANET_StopUploadUpdateFile
MANET_StartUploadUpdateFile
MANET_SetUploadUFileCallBack
MANET_OpenUploadFile
MANET_SetNetPlaybackSound
MANET_GetPlayTime
MANET_AlarmCoreControl
MANET_LoadAlarmDefaults
MANET_SetElectric
MANET_SynDevTime
MANET_GetDevOtherInfo
MANET_GetDevOtherInfo3520
MANET_GetParam
MANET_SetParam
MANET_Set3G
MANET_Reset3G
MANET_Get3GConnetState
MANET_CloseAlarmListen
MANET_StopAlarmListen
MANET_CloseVoiceCom
MANET_StopVoiceCom
MANET_SetVoiceComMsgCallBack
MANET_StartAlarmListen
MANET_SetAlarmDataCallBack
MANET_SetAlarmMsgCallBack
MANET_OpenAlarmListen
MANET_StartVoiceCom
MANET_OpenVoiceCom
MANET_OpenDevice
MANET_PlaySound
MANET_PTZAction
MANET_SetEnhanceCoeff
MANET_OpenRealPlayDevServerMode
_MANET_SetStreamingMode@8
_MANET_SetStreamingFormat@12
MANET_StartRealPlay
MANET_StartRecord
MANET_CaptureBMP
MANET_StopRecord
MANET_SetRealDecCallBack
MANET_SetRealDisplayCallBack
MANET_StopRealPlay
MANET_CloseRealPlay
MANET_GetEnhanceCoeff

netserverdll

?EAVS_AddUser@@YAJJPBU_tagUserInfo@@@Z
?EAVS_StartHeartbeat@@YAJJK@Z
?EAVS_SetHeartbeatCallBack@@YAJJP6GXPAUEAVS_HEARTBEAT@@IK@ZK@Z
?EAVS_SetAlarmCallBack@@YAJJP6GXPAUEAVS_ALARM_INFO_EX@@IK@ZK@Z
?EAVS_SetUserInfo@@YAJPAU_tagServerNetInfo@@PAU_tagUserInfo@@PAJ@Z
?EAVS_StartUp@@YAJXZ

kernel32

GetCurrentProcessId
GetThreadLocale
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
CreateActCtxW
GetModuleHandleW
lstrcmpA
InterlockedExchange
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
SetThreadPriority
VirtualProtect
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileAttributesA
GetFileSizeEx
GetFileTime
TlsGetValue
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetACP
GetOEMCP
SetErrorMode
GetCurrentDirectoryA
FindResourceExW
GetNumberFormatA
GetTempFileNameA
GetTempPathA
GetProfileIntA
SearchPathA
RaiseException
GetSystemTimeAsFileTime
RtlUnwind
HeapAlloc
HeapFree
VirtualAlloc
GetSystemInfo
VirtualQuery
GetTimeFormatA
GetDateFormatA
GetConsoleCP
GetConsoleMode
EncodePointer
DecodePointer
GetProcessHeap
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapReAlloc
ExitProcess
ExitThread
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
GetStringTypeW
GetStdHandle
HeapCreate
LCMapStringW
GetTimeZoneInformation
SetHandleCount
CreateFileW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
CompareStringW
SetEnvironmentVariableA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
LoadLibraryW
lstrcmpW
CopyFileA
GlobalSize
FormatMessageA
DeleteFileA
ResumeThread
MoveFileA
SuspendThread
GetTickCount
InitializeCriticalSectionAndSpinCount
GetDiskFreeSpaceExA
LocalAlloc
lstrcmpiA
GetFileSize
ReadFile
GlobalReAlloc
GlobalFree
TerminateThread
FindFirstFileA
FindClose
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
CreateProcessA
InterlockedIncrement
TerminateProcess
GetModuleFileNameA
InterlockedDecrement
LocalFree
LeaveCriticalSection
EnterCriticalSection
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcatA
WinExec
GetWindowsDirectoryA
MulDiv
lstrcpyA
LoadLibraryExA
FreeLibrary
lstrlenW
FindResourceA
FreeResource
GetCPInfo
GetVersion
GetVersionExA
CreateFileA
WriteFile
ResetEvent
ActivateActCtx
GetLastError
DeactivateActCtx
SetLastError
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetLocalTime
OpenMutexA
CreateMutexA
CreateDirectoryA
lstrlenA
FileTimeToSystemTime
GetModuleFileNameW
WriteConsoleW
ReleaseActCtx
MultiByteToWideChar
InitializeCriticalSection
CreateEventA
CreateThread
Sleep
DeleteCriticalSection
CloseHandle
SetEvent
WaitForSingleObject
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
GetFullPathNameA

user32

EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
UnionRect
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
DrawFrameControl
DrawStateA
SetClassLongA
DestroyAcceleratorTable
RegisterClipboardFormatA
CopyImage
NotifyWinEvent
EnableScrollBar
HideCaret
DrawFocusRect
InvertRect
GetMenuDefaultItem
SetParent
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadAcceleratorsA
InsertMenuItemA
BringWindowToTop
TranslateAcceleratorA
MessageBeep
GetNextDlgGroupItem
WaitMessage
SetLayeredWindowAttributes
InvalidateRgn
CopyAcceleratorTableA
UnregisterClassA
RealChildWindowFromPoint
LoadCursorW
DestroyMenu
IsZoomed
GetAsyncKeyState
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
EndPaint
BeginPaint
CharNextA
CharUpperA
GetWindowThreadProcessId
MapVirtualKeyA
GetKeyNameTextA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetFocus
LoadImageW
GetWindowTextLengthA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
MessageBoxA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
CallWindowProcA
GetMenu
GetActiveWindow
CreateDialogIndirectParamA
GetDlgItem
GetNextDlgTabItem
EndDialog
GetMenuStringA
IntersectRect
GetMonitorInfoA
MonitorFromWindow
EnumDisplayMonitors
MonitorFromPoint
InflateRect
GetClassInfoA
DefWindowProcA
GetWindowTextA
ChildWindowFromPoint
IsWindowEnabled
IsWindow
WindowFromPoint
GetDesktopWindow
EqualRect
OffsetRect
SetRectEmpty
IsRectEmpty
GetClassNameA
GetWindowDC
GetCapture
IsWindowVisible
ClientToScreen
GetWindowRgn
SetWindowRgn
GetWindow
ClipCursor
DestroyCursor
LoadCursorA
CopyIcon
CreateIconIndirect
GetIconInfo
GetMenuItemInfoA
SystemParametersInfoA
DrawIconEx
IsCharLowerA
MapVirtualKeyExA
UpdateLayeredWindow
IsMenu
PostThreadMessageA
SubtractRect
GetDoubleClickTime
CharUpperBuffA
GetUpdateRect
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyIcon
GetSysColorBrush
ReleaseDC
GetDC
RemoveMenu
ModifyMenuA
GetMenuState
IsClipboardFormatAvailable
SetMenuDefaultItem
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
SetFocus
DefFrameProcA
GetMenuItemID
CreatePopupMenu
CreateMenu
DrawEdge
FillRect
CopyRect
SetRect
GetSysColor
SetCursor
RedrawWindow
UpdateWindow
CreateWindowExA
DestroyWindow
LoadIconA
LoadIconW
SetForegroundWindow
SetActiveWindow
IsIconic
GetSystemMenu
AppendMenuA
DrawIcon
ScreenToClient
LoadMenuW
InsertMenuA
GetSubMenu
GetMenuItemCount
DeleteMenu
GetCursorPos
GetDlgCtrlID
SetWindowPos
GetSystemMetrics
SetTimer
GetWindowLongA
SetWindowLongA
LoadBitmapW
ReleaseCapture
PtInRect
SetCapture
GetWindowRect
GetParent
InvalidateRect
FrameRect
PostMessageA
KillTimer
GetClientRect
LoadImageA
SendMessageA
EnableWindow
DeferWindowPos

gdi32

Escape
GetTextExtentPoint32W
StretchBlt
CreateBitmap
LineTo
MoveToEx
SetBkMode
SetTextJustification
CreateRectRgn
CombineRgn
GetRgnBox
PtInRegion
ExtCreateRegion
FrameRgn
SelectClipRgn
FillRgn
CreatePolygonRgn
CreateRoundRectRgn
OffsetRgn
SetViewportExtEx
SetViewportOrgEx
CreateDCA
CopyMetaFileA
CreateRectRgnIndirect
GetBkColor
GetTextColor
SaveDC
RestoreDC
SetPolyFillMode
SetROP2
ExtTextOutA
PatBlt
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
SetTextAlign
GetLayout
SetLayout
GetViewportExtEx
GetWindowExtEx
GetPixel
OffsetViewportOrgEx
ScaleViewportExtEx
GetTextFaceA
RectVisible
PtVisible
Rectangle
Ellipse
GetBkMode
CreateCompatibleBitmap
CreateHatchBrush
GetStockObject
CreateFontIndirectA
CreateSolidBrush
CreateDIBSection
SelectObject
DeleteObject
BitBlt
CreateCompatibleDC
GetObjectA
SetBkColor
CreatePen
GetDeviceCaps
GetTextMetricsA
StartDocA
StartPage
EndPage
EndDoc
DeleteDC
GetTextExtentPoint32A
SetTextColor
TextOutA
SetPixelV
SetPaletteEntries
ExtFloodFill
GetBoundsRect
GetViewportOrgEx
GetWindowOrgEx
SetPixel
SetDIBColorTable
Polygon
Polyline
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
EnumFontFamiliesExA
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
LPtoDP
CreateEllipticRgn
StretchDIBits
CreateFontA
GetCharWidthA
DPtoLP
GetMapMode
SetRectRgn
GetObjectType
SelectPalette
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx

msimg32

TransparentBlt
AlphaBlend
GradientFill

comdlg32

PrintDlgA
GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegEnumKeyExA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey
RegEnumValueA
RegEnumKeyA

shell32

DragQueryFileA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetSpecialFolderLocation
Shell_NotifyIconA
ShellExecuteA
SHGetFileInfoA
SHAppBarMessage
SHGetDesktopFolder
SHGetMalloc
DragFinish

comctl32

ord17
ImageList_GetIconSize
ImageList_GetIcon
ImageList_GetImageCount

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA
PathFileExistsA
PathRemoveFileSpecW

ole32

OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
IsAccelerator
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoCreateInstance
OleRun
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
OleLockRunning
DoDragDrop
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoInitializeEx

oleaut32

VarBstrFromDate
OleLoadPicture
VariantChangeType
VariantClear
SysAllocString
VariantInit
VariantCopy
SysAllocStringByteLen
SysStringByteLen
SysStringLen
SysAllocStringLen
OleCreateFontIndirect
SysFreeString
SafeArrayDestroy
VariantTimeToSystemTime
VarUdateFromDate
VarDateFromStr
SystemTimeToVariantTime
GetErrorInfo

oledlg

ord8

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusShutdown
GdipDrawImageI

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 374KB - Virtual size: 374KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 230KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 219KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7c40d0c05cb9b1bceeb70b62586484b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winmm

madvsnetdll

netserverdll

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

oleacc

gdiplus

imm32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 374KB - Virtual size: 374KB

.data Size: 28KB - Virtual size: 57KB

.rsrc Size: 230KB - Virtual size: 229KB

.reloc Size: 219KB - Virtual size: 219KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 374KB - Virtual size: 374KB

.data
Size: 28KB - Virtual size: 57KB

.rsrc
Size: 230KB - Virtual size: 229KB

.reloc
Size: 219KB - Virtual size: 219KB