2024-06-07_82a9fd102cf8de46a5aaf32f86f24c48_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-06-07_82a9fd102cf8de46a5aaf32f86f24c48_mafia
Size

1.8MB
MD5

82a9fd102cf8de46a5aaf32f86f24c48
SHA1

084f99d8232db3e49aafd4e9e641280c2bec8680
SHA256

72b438b45cfb509ec404c6f58bc5d7393394902cf2e8ad8ea3c9c44a11db6a31
SHA512

c0c6377587f262a8d4ccafb5ab1b3680a38882a833ec72f14416dbf9a0e0ae5d20767872b39386648861575209bee78bc4b8707dde1cc5c4a3fb2030211da9a0
SSDEEP

49152:9FR4fc6vQjLWeNXLCKDqWzzGySj7V8qHEqqVtl2VdwDkGQyqw:t6vQjlNXLC0q2Gy27V8qHml2VykGQyq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-07_82a9fd102cf8de46a5aaf32f86f24c48_mafia

Files

2024-06-07_82a9fd102cf8de46a5aaf32f86f24c48_mafia
.exe windows:5 windows x86 arch:x86

a2dc038025a8cf94fc4fc1fdfe450ece

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\GD32F4x5\FSetting_F4\Release\FSetting.pdb

Imports

kernel32

SetEnvironmentVariableA
WriteConsoleW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetConsoleMode
GetConsoleCP
LCMapStringW
GetStringTypeW
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
HeapQueryInformation
HeapSize
CreateThread
ExitThread
ExitProcess
HeapReAlloc
RtlUnwind
RaiseException
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapAlloc
HeapFree
EncodePointer
DecodePointer
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathW
Sleep
GetProfileIntW
InitializeCriticalSectionAndSpinCount
GetTickCount
GetTempPathW
GetTempFileNameW
GetNumberFormatW
GetWindowsDirectoryW
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
GetFileAttributesExW
SetErrorMode
GetCurrentDirectoryW
GlobalGetAtomNameW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
lstrlenA
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileW
lstrcmpiW
FileTimeToSystemTime
GetThreadLocale
InterlockedIncrement
WaitForSingleObject
ResumeThread
SetThreadPriority
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcpyW
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
GetModuleHandleW
FreeLibrary
GetProcAddress
CompareStringW
LoadLibraryW
lstrcmpW
WideCharToMultiByte
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
FormatMessageW
LocalFree
lstrlenW
GetCurrentProcessId
GetModuleFileNameW
ActivateActCtx
GetLastError
DeactivateActCtx
SetLastError
GlobalLock
GlobalUnlock
MulDiv
CloseHandle
CreateFileW
MultiByteToWideChar
InterlockedExchange
EnterCriticalSection
LeaveCriticalSection
FindResourceW
LoadResource
LockResource
SizeofResource
InterlockedCompareExchange

user32

WaitMessage
WindowFromPoint
UnregisterClassW
GetSysColorBrush
RealChildWindowFromPoint
CharUpperW
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
DrawStateW
CharNextW
ShowOwnedPopups
GetMessageW
TranslateMessage
ValidateRect
GetCursorPos
MapVirtualKeyW
GetKeyNameTextW
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
LoadMenuW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
SetForegroundWindow
ShowScrollBar
PostMessageW
CreateWindowExW
GetClassInfoExW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
CallWindowProcW
GetMenu
GetWindowTextLengthW
GetWindowTextW
IsClipboardFormatAvailable
SetFocus
DeleteMenu
ShowWindow
MoveWindow
SetWindowLongW
GetDlgCtrlID
IsWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SendDlgItemMessageW
GetDlgItem
CheckDlgButton
GetWindow
IntersectRect
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
GetWindowThreadProcessId
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
MessageBoxW
EndPaint
BeginPaint
GetWindowDC
GetDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
IsWindowVisible
KillTimer
SetTimer
DrawIcon
GetSystemMetrics
CreateMenu
TranslateMDISysAccel
DrawMenuBar
IsIconic
SendMessageW
GetWindowRect
PtInRect
FrameRect
OffsetRect
FillRect
AppendMenuW
GetSystemMenu
LoadIconW
SetScrollPos
GetScrollRange
GetScrollPos
SetRectEmpty
IsRectEmpty
CopyRect
ReleaseDC
EnableWindow
ReleaseCapture
SetCapture
LoadCursorW
ChildWindowFromPoint
EnumDisplayMonitors
SetLayeredWindowAttributes
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
SetWindowRgn
RedrawWindow
NotifyWinEvent
GetWindowRgn
UpdateWindow
DrawEdge
RegisterClassW
DefWindowProcW
GetClassInfoW
SetCursor
GetClientRect
GetSysColor
InvalidateRect
SetRect
InflateRect
DestroyCursor
SubtractRect
GetDoubleClickTime
GetUpdateRect
SetWindowPos
DefMDIChildProcW
DefFrameProcW
MapVirtualKeyExW
IsCharLowerW
PostThreadMessageW
CharUpperBuffW
CopyIcon
GetAsyncKeyState
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
RegisterClipboardFormatW
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFrameControl
SetClassLongW
DestroyAcceleratorTable
SetParent
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
DrawIconEx
LoadImageW
CopyImage
GetIconInfo
HideCaret
DrawFocusRect
InvertRect
DestroyIcon
GetMenuDefaultItem
SetMenuDefaultItem
CreatePopupMenu
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
GetFocus
IsZoomed

gdi32

RestoreDC
SetBkColor
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
CreateBitmap
SelectPalette
GetObjectType
SaveDC
CopyMetaFileW
CreateDCW
CreateFontIndirectW
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetBkColor
GetTextColor
GetTextMetricsW
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetRgnBox
CreateRoundRectRgn
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreatePolygonRgn
CreateEllipticRgn
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
SetPixelV
GetTextFaceW
Polygon
CreateHatchBrush
Ellipse
Polyline
PolyBezier
ExtCreatePen
DeleteDC
SelectObject
CreateDIBSection
GetObjectW
CreateFontW
AbortDoc
EndDoc
EndPage
StartPage
GetDeviceCaps
StartDocW
CreateCompatibleBitmap
CreateCompatibleDC
GetStockObject
BitBlt
Rectangle
CreateSolidBrush
CreatePen
DeleteObject
ExtTextOutW
GetTextExtentPoint32W

msimg32

GradientFill
TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegCloseKey
RegEnumKeyExW
RegEnumValueW

shell32

DragFinish
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
SHAppBarMessage
DragQueryFileW
SHGetDesktopFolder
ShellExecuteW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

ole32

OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
IsAccelerator
CoInitializeEx
CoUninitialize
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
OleLockRunning
CoRevokeClassObject
CoRegisterMessageFilter
CoGetClassObject
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoInitialize
OleGetClipboard

oleaut32

VariantInit
SysAllocString
OleCreateFontIndirect
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayGetElement
VariantChangeType
SafeArrayDestroy
SysStringLen
VarBstrFromDate
SysAllocStringLen
SysFreeString
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime

oledlg

OleUIBusyW

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipDeleteGraphics
GdiplusStartup
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage
GdiplusShutdown
GdipDrawImageI

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 319KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 185KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a2dc038025a8cf94fc4fc1fdfe450ece

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 319KB - Virtual size: 319KB

.data Size: 27KB - Virtual size: 4.2MB

.rsrc Size: 34KB - Virtual size: 33KB

.reloc Size: 185KB - Virtual size: 184KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 319KB - Virtual size: 319KB

.data
Size: 27KB - Virtual size: 4.2MB

.rsrc
Size: 34KB - Virtual size: 33KB

.reloc
Size: 185KB - Virtual size: 184KB