2024-06-12_91c11172a9127d5dd227d21473e6b9ff_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-06-12_91c11172a9127d5dd227d21473e6b9ff_mafia
Size

789KB
MD5

91c11172a9127d5dd227d21473e6b9ff
SHA1

61d0d1428ba4a6fd1c107110f9192f7b94decc61
SHA256

6367ef26da11901ecf60c1e9a43626af9f18e4f382fccf1fcf520d9b08e18485
SHA512

ca909b94869bb791ec2cef3acb1caaba069fed963e196cceb66ccf6732ca2901ab68a931d24b45350f33a0df398dcfbb2f57a991c5c8e8ddf61309e17a439b71
SSDEEP

12288:5dPKz2NfV0lXDhUKEoUUGEPyIEU316q9gwnPBXZAKLqCT9IC/N9NduB/HLi5HljO:5dPKzU2EMqIBOgAC/N9mxHLi5FvdKp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-12_91c11172a9127d5dd227d21473e6b9ff_mafia

Files

2024-06-12_91c11172a9127d5dd227d21473e6b9ff_mafia
.exe windows:5 windows x86 arch:x86

fdfcc1fc5b56ded074fefd234aaa9c50

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
WriteFile
ReadFile
GetFileType
GetCurrentDirectoryA
DuplicateHandle
FreeResource
GetModuleHandleA
LoadLibraryA
SetThreadContext
GetThreadContext
ResumeThread
GetCurrentThreadId
InterlockedCompareExchange
VirtualFree
VirtualAlloc
FlushInstructionCache
VirtualProtect
VirtualQuery
GetVersionExA
lstrlenA
GetExitCodeProcess
TerminateProcess
OpenProcess
GetCurrentProcessId
CreateProcessA
DeleteCriticalSection
GetCurrentThread
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
QueryPerformanceCounter
Sleep
GetTickCount
GetModuleFileNameA
GetPrivateProfileStringA
WritePrivateProfileStringA
CreateDirectoryA
GetLongPathNameA
CreateFileA
MultiByteToWideChar
GetLocalTime
GlobalMemoryStatusEx
InterlockedIncrement
GetCurrentProcess
SetProcessWorkingSetSize
OpenFile
GetLastError
DeleteFileA
CloseHandle
WaitForSingleObject
FindResourceExW
FindResourceW
LoadResource
CreateFileW
SetEndOfFile
FlushFileBuffers
SetStdHandle
SystemTimeToFileTime
LoadLibraryW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetProcAddress
GetACP
LockResource
SizeofResource
GetFileSize
ExitProcess
MulDiv
GetStringTypeW
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleMode
GetConsoleCP
GetLocaleInfoW
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
HeapCreate
GetModuleFileNameW
GetStdHandle
GetModuleHandleW
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
LCMapStringW
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetSystemTimeAsFileTime
CreateThread
ExitThread
DecodePointer
EncodePointer
InterlockedExchange
LocalFree
InitializeCriticalSectionAndSpinCount
RaiseException
GetProcessHeap
HeapSize
HeapReAlloc
lstrlenW
WideCharToMultiByte
InterlockedDecrement
SetFilePointer
DosDateTimeToFileTime
WriteConsoleW
SuspendThread
HeapFree
HeapAlloc
HeapDestroy
GlobalAlloc
IsDBCSLeadByte
GlobalLock
GlobalUnlock
FindResourceA

user32

GetUpdateRect
BeginPaint
EndPaint
SendMessageA
DestroyWindow
GetWindowLongA
SetWindowLongA
ScreenToClient
GetClientRect
IsZoomed
PostQuitMessage
GetSystemMetrics
MessageBoxA
SystemParametersInfoA
SetWindowPos
MoveWindow
UnregisterHotKey
RegisterHotKey
GetKeyState
SetTimer
GetMessageTime
GetWindowRect
ShowWindow
GetParent
CharNextA
MonitorFromWindow
FindWindowA
IsWindow
SwitchToThisWindow
IsIconic
SetWindowRgn
SendMessageTimeoutA
ClientToScreen
GetCursorPos
LoadIconA
IsWindowVisible
GetWindowRgn
MapWindowPoints
FillRect
InvalidateRgn
SetWindowTextA
GetWindowTextLengthA
GetWindowTextA
GetCaretPos
ShowCaret
HideCaret
GetSysColor
DrawTextA
SetRect
CharPrevA
SetParent
SetForegroundWindow
PostMessageA
GetMonitorInfoA
RegisterClassA
OffsetRect
InflateRect
UnionRect
SetCursor
LoadCursorA
DefWindowProcA
DispatchMessageA
TranslateMessage
SetFocus
GetMessageA
EnableWindow
GetWindow
LoadImageA
CallWindowProcA
GetPropA
SetPropA
IsRectEmpty
RegisterClassExA
GetClassInfoExA
CreateWindowExA
GetDC
CreateCaret
InvalidateRect
KillTimer
SetCapture
ReleaseCapture
PtInRect
GetCaretBlinkTime
SetCaretPos
IntersectRect
GetFocus
ReleaseDC
UpdateLayeredWindow
CreateAcceleratorTableA

gdi32

GetTextMetricsA
GetObjectA
CreateFontIndirectA
SelectObject
DeleteObject
CreateRoundRectRgn
GetStockObject
CreatePen
DeleteDC
BitBlt
CreateCompatibleBitmap
RestoreDC
SaveDC
CreateDIBSection
CreateCompatibleDC
PtInRegion
CreateRectRgn
GetDeviceCaps
SelectClipRgn
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
CombineRgn
StretchBlt
SetStretchBltMode
CreateSolidBrush
LineTo
MoveToEx
CreatePenIndirect
Rectangle
RoundRect
TextOutA
GetTextExtentPoint32A
GetCharABCWidthsA
SetBkColor
SetTextColor
SetBkMode

advapi32

RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegQueryValueExA
RegSetValueExA

shell32

Shell_NotifyIconA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
ShellExecuteA
SHGetMalloc

ole32

CoInitializeEx
PropVariantClear
CoCreateInstance
CoCreateGuid
CoUninitialize
OleUninitialize
CLSIDFromProgID
CLSIDFromString
OleLockRunning
CreateStreamOnHGlobal
OleInitialize
CoInitialize

oleaut32

SysFreeString
SysAllocString
SysAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantClear
VariantInit

gdiplus

GdipCloneImage
GdipDrawImageRectI
GdiplusStartup
GdiplusShutdown
GdipDeleteBrush
GdipFree
GdipAlloc
GdipCloneStringFormat
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipDeleteGraphics
GdipDeleteFont
GdipCreateSolidFill
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipCreateFromHDC
GdipSetTextRenderingHint
GdipFillRectangleI
GdipCreateFontFromDC
GdipGetPropertyItem
GdipCloneBrush
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipCreateFontFromLogfontA

winmm

waveOutWrite
midiStreamOut
timeSetEvent
timeGetTime
PlaySoundA

comctl32

_TrackMouseEvent
ord17

imm32

ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext

wininet

FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
DeleteUrlCacheEntry
InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetOpenA

urlmon

URLDownloadToFileA

dsound

ord1

Sections

.text
Size: 574KB - Virtual size: 573KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fdfcc1fc5b56ded074fefd234aaa9c50

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

gdiplus

winmm

comctl32

imm32

wininet

urlmon

dsound

Sections

.text Size: 574KB - Virtual size: 573KB

.rdata Size: 116KB - Virtual size: 115KB

.data Size: 12KB - Virtual size: 21KB

.rsrc Size: 39KB - Virtual size: 38KB

.reloc Size: 47KB - Virtual size: 46KB

.text
Size: 574KB - Virtual size: 573KB

.rdata
Size: 116KB - Virtual size: 115KB

.data
Size: 12KB - Virtual size: 21KB

.rsrc
Size: 39KB - Virtual size: 38KB

.reloc
Size: 47KB - Virtual size: 46KB