2024-06-07_a498cb2918df15f6db4f7b3cdd0ed97a_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-06-07_a498cb2918df15f6db4f7b3cdd0ed97a_mafia
Size

3.8MB
MD5

a498cb2918df15f6db4f7b3cdd0ed97a
SHA1

66e964ebaed11acb9a83a41413ed7199f07570d8
SHA256

197002edb123147f5ed3f54e980b6e71585ae9fc900ffc6e4108187fb8717f43
SHA512

72ffc7b86ec68326e553abe45b8d384898f588a3706db7e2ce16c1c7ddda6b34d2b14b9188d9e8b8256be71bc5d630a4e18d345b0425eda2ce9c180560fec883
SSDEEP

98304:EZ+LzHS+RZR8IuJRApEZ5YYVS7KTLC43c0S/0Ik:S+LzCz0jSC4/S/0Ik

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-07_a498cb2918df15f6db4f7b3cdd0ed97a_mafia

Files

2024-06-07_a498cb2918df15f6db4f7b3cdd0ed97a_mafia
.exe windows:5 windows x86 arch:x86

8e21da7f39b3e5996c46f737ed29d4ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\inst\Release\inst.pdb

Imports

kernel32

LCMapStringW
SetEnvironmentVariableA
WriteConsoleW
GetStringTypeW
CreateFileA
GetFileAttributesA
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
VirtualQuery
GetSystemInfo
VirtualAlloc
GetSystemTimeAsFileTime
HeapSize
HeapQueryInformation
GetFileType
SetStdHandle
GetFullPathNameA
GetDriveTypeW
ExitProcess
HeapReAlloc
RaiseException
RtlUnwind
CreateThread
ExitThread
HeapAlloc
DecodePointer
EncodePointer
HeapFree
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
VirtualProtect
SearchPathW
GetProfileIntW
GetNumberFormatW
GetWindowsDirectoryW
GetTempFileNameW
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesW
GetFileAttributesExW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
lstrcmpiW
DeleteFileW
GlobalFlags
GetSystemDirectoryW
GetCurrentDirectoryW
GetThreadLocale
lstrlenA
GlobalGetAtomNameW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
InterlockedIncrement
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GlobalFindAtomW
GetVersionExW
CompareStringW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GlobalAddAtomW
SetThreadPriority
GetCurrentProcessId
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
FreeResource
lstrcmpA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetModuleFileNameW
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
ActivateActCtx
LoadLibraryW
DeactivateActCtx
lstrcmpW
GetModuleHandleW
GetProcAddress
FreeLibrary
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
SetLastError
CopyFileW
GlobalSize
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
MulDiv
ResumeThread
WaitForSingleObject
GetTickCount
GlobalAlloc
GlobalFree
GetLastError
CloseHandle
WriteFile
CreateFileW
Sleep
GetTempPathW
lstrcpyW
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
GetProcessHeap
SizeofResource
DeleteFileA

user32

MessageBeep
GetNextDlgGroupItem
InvalidateRgn
IntersectRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
OffsetRect
CharNextW
KillTimer
SetTimer
RealChildWindowFromPoint
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoW
SetRectEmpty
DeleteMenu
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
LoadCursorW
GetSysColorBrush
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
IsZoomed
GetClassNameW
InvalidateRect
UpdateWindow
DrawStateW
ShowOwnedPopups
SetCursor
GetMessageW
DispatchMessageW
IsWindowVisible
GetKeyState
PeekMessageW
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
SetWindowsHookExW
UnhookWindowsHookEx
GetCursorPos
CallNextHookEx
GetFocus
PtInRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxW
MapVirtualKeyW
GetKeyNameTextW
CopyRect
GetWindowRect
LoadMenuW
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
CharUpperW
UnionRect
EnableScrollBar
GetWindowLongW
GetDlgItem
EnableWindow
LoadIconW
SendMessageW
IsIconic
GetSystemMetrics
IsWindowEnabled
GetNextDlgTabItem
EndDialog
RegisterWindowMessageW
GetWindow
SetWindowContextHelpId
GetParent
MapDialogRect
SetWindowPos
PostQuitMessage
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
UpdateLayeredWindow
MonitorFromPoint
IsMenu
CreatePopupMenu
GetMenuDefaultItem
GetWindowRgn
SetMenuDefaultItem
DestroyCursor
SubtractRect
MapVirtualKeyExW
GetMenuItemCount
GetSubMenu
RemoveMenu
GetSysColor
GetDC
ReleaseDC
LoadImageW
PostMessageW
LoadBitmapW
DrawIcon
GetClientRect
InflateRect
GetMenuItemInfoW
DestroyMenu
GetSystemMenu
SetWindowRgn
NotifyWinEvent
TranslateMessage
GetAsyncKeyState
IsCharLowerW
GetDoubleClickTime
GetUpdateRect
IsClipboardFormatAvailable
CreateMenu
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
PostThreadMessageW
CharUpperBuffW
CopyIcon
FrameRect
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetIconInfo
HideCaret
InvertRect
RegisterClipboardFormatW
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
SetClassLongW
DestroyAcceleratorTable
SetParent
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
UnregisterClassW
CopyImage
DestroyIcon
SetWindowLongW

gdi32

RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
CreateBitmap
GetStockObject
GetObjectType
CreatePen
SaveDC
CreateHatchBrush
CreateDIBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
GetBkColor
GetTextColor
GetRgnBox
GetTextExtentPoint32W
SetRectRgn
GetMapMode
DPtoLP
CreateRoundRectRgn
CreateDIBSection
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetTextFaceW
SetPixelV
CreateRectRgnIndirect
PatBlt
CreateDCW
CopyMetaFileW
CreateCompatibleBitmap
SelectObject
SetBkColor
ExtTextOutW
GetEnhMetaFilePaletteEntries
DeleteDC
CreatePalette
SelectPalette
RealizePalette
PlayEnhMetaFile
GetDIBits
SetEnhMetaFileBits
GetEnhMetaFileHeader
DeleteEnhMetaFile
GetDeviceCaps
SetWinMetaFileBits
CreateRectRgn
CombineRgn
DeleteObject
CreateSolidBrush
CreateFontIndirectW
BitBlt
GetObjectW
CreateCompatibleDC

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegOpenKeyExW
RegEnumKeyExW
RegEnumValueW

shell32

DragQueryFileW
DragFinish
SHGetFileInfoW
SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteW
SHAppBarMessage
SHBrowseForFolderW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathIsUNCW
PathStripToRootW
UrlUnescapeW
PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW

ole32

OleGetClipboard
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoCreateGuid
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoInitialize
CoUninitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CreateStreamOnHGlobal
CoTaskMemFree
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
CoInitializeEx
CoRegisterMessageFilter
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
CoRevokeClassObject
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop

oleaut32

VariantInit
VariantCopy
VariantChangeType
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VarBstrFromDate
OleCreateFontIndirect
VariantClear
SysAllocStringLen
SysAllocString
SysFreeString

oledlg

OleUIBusyW

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipFree
GdipAlloc
GdipDeleteGraphics

ws2_32

ntohl
htonl
ntohs
htons

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

wininet

InternetOpenW
InternetCloseHandle
InternetCanonicalizeUrlW
InternetOpenUrlW
InternetReadFile
InternetCrackUrlW
InternetQueryOptionW
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
HttpQueryInfoW
InternetQueryDataAvailable

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 494KB - Virtual size: 494KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 195KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e21da7f39b3e5996c46f737ed29d4ad

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

ws2_32

oleacc

wininet

imm32

winmm

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 494KB - Virtual size: 494KB

.data Size: 36KB - Virtual size: 93KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.reloc Size: 195KB - Virtual size: 194KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 494KB - Virtual size: 494KB

.data
Size: 36KB - Virtual size: 93KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

.reloc
Size: 195KB - Virtual size: 194KB