2024-06-13_f4b6dd96a0a01900c77ed96e8c24c21d_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-13_f4b6dd96a0a01900c77ed96e8c24c21d_mafia
Size

2.2MB
MD5

f4b6dd96a0a01900c77ed96e8c24c21d
SHA1

a679d26d6dc4d69aac404aab2d03378b21f28cbb
SHA256

1c279fb00fa2a506db02fc395fe6ee967c87dddfbd7e3769b97955501b88763c
SHA512

3e1f91f215b2de7e1252ea01617d6ca5a9f17b2f88be3e2b5d0b832166449329accb52c5287ec5244cfad9e6f2985ebfdad07572c31d2fe0eceb235d404e8ea7
SSDEEP

24576:VhyT+Tr0MPg1UQSJI57y2sD43Z7kTgtNO7i0GgpObbh/H/rtun0X20XBzDU45krw:VhyimJ5sEkO825Y9Wg3qhAxd+1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-13_f4b6dd96a0a01900c77ed96e8c24c21d_mafia

Files

2024-06-13_f4b6dd96a0a01900c77ed96e8c24c21d_mafia
.exe windows:5 windows x86 arch:x86

44ff307fa817157378924e49a9543639

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\hp\Desktop\Projekte-SVN\vim\vim\src\vim.pdb

Imports

kernel32

GlobalUnlock
GetSystemInfo
SetConsoleTitleW
GetModuleHandleA
GetCurrentProcessId
LocalFree
GlobalSize
GlobalAlloc
GlobalFree
GetFullPathNameW
GetCommandLineW
GetComputerNameA
GetFullPathNameA
GetTempFileNameW
FillConsoleOutputCharacterA
SearchPathW
WriteConsoleOutputCharacterA
SetErrorMode
CreateProcessW
SetConsoleTextAttribute
GetNumberOfConsoleMouseButtons
GetCurrentProcess
ReadConsoleOutputAttribute
WaitForSingleObject
SetConsoleScreenBufferSize
GetComputerNameW
BackupSeek
ReadConsoleOutputA
WriteFile
GetConsoleMode
ReadConsoleInputA
WriteConsoleOutputA
GetFileAttributesA
SetConsoleMode
SetConsoleCursorPosition
GetFileAttributesW
SetConsoleTitleA
GetLargestConsoleWindowSize
SetCurrentDirectoryA
GetStdHandle
GetCurrentDirectoryW
BackupRead
MoveFileW
SearchPathA
SetFileAttributesA
LoadLibraryA
GetConsoleScreenBufferInfo
GetFileType
MoveFileA
SetConsoleCtrlHandler
SetCurrentDirectoryW
SetConsoleWindowInfo
GetModuleFileNameA
SetConsoleCursorInfo
GetConsoleTitleW
FillConsoleOutputAttribute
GetCurrentDirectoryA
GetConsoleCursorInfo
PeekConsoleInputA
WriteConsoleOutputAttribute
ScrollConsoleScreenBufferA
GetVersionExA
CloseHandle
DeleteFileW
GetFileInformationByHandle
SetFileAttributesW
TerminateProcess
GetStartupInfoA
CreatePipe
CreateFileW
MulDiv
Sleep
FormatMessageA
GetConsoleTitleA
IsBadReadPtr
GetTickCount
GlobalLock
RaiseException
WriteConsoleW
RtlUnwind
VirtualQuery
CreateFileA
GetConsoleCP
GetLocaleInfoA
FindNextFileW
FindNextFileA
FindClose
FindFirstFileA
FindFirstFileW
IsValidCodePage
GetProcAddress
IsDBCSLeadByteEx
GetLastError
GetACP
FreeLibrary
GetCPInfo
DeleteFileA
GetTempPathA
GetTempFileNameA
MultiByteToWideChar
WideCharToMultiByte
GetShortPathNameA
QueryPerformanceFrequency
QueryPerformanceCounter
CreateProcessA
GetEnvironmentStringsW
FreeEnvironmentStringsW
CompareStringW
GetProcessHeap
SetEndOfFile
HeapSize
LoadLibraryW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoW
GetUserDefaultLCID
FlushFileBuffers
LCMapStringW
GetTimeZoneInformation
GetModuleFileNameW
HeapDestroy
HeapCreate
FatalAppExitA
GetCurrentThread
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetOEMCP
DeleteCriticalSection
GetStartupInfoW
SetHandleCount
IsProcessorFeaturePresent
SetEnvironmentVariableA
InterlockedExchange
DuplicateHandle
SetFilePointer
ReadFile
HeapSetInformation
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStringTypeW
CreateDirectoryA
CreateDirectoryW
FindFirstFileExA
GetDriveTypeA
InitializeCriticalSectionAndSpinCount
SetStdHandle
SetEnvironmentVariableW
EncodePointer
FindFirstFileExW
GetDriveTypeW
VirtualAlloc
VirtualProtect
PeekNamedPipe
FileTimeToLocalFileTime
FileTimeToSystemTime
DecodePointer
ExitProcess
HeapFree
HeapAlloc
GetTimeFormatA
GetDateFormatA
HeapReAlloc
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
GetExitCodeProcess

advapi32

OpenProcessToken
AdjustTokenPrivileges
GetUserNameA
GetUserNameW
GetAclInformation
LookupPrivilegeValueA
GetAce

shell32

CommandLineToArgvW
ExtractIconA

gdi32

CreateDCA
SetAbortProc
SetBkMode
DeleteObject
SelectObject
SetBkColor
EnumFontFamiliesA
GetNearestColor
GetTextMetricsA
SetTextAlign
TextOutW
EndDoc
TextOutA
CreateFontIndirectA
GetDeviceCaps
DeleteDC
SetTextColor
StartPage
GetTextExtentPoint32W
EndPage
StartDocA

comdlg32

CommDlgExtendedError
PrintDlgA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

user32

IsDialogMessageA
PeekMessageA
DispatchMessageA
GetSystemMetrics
LoadKeyboardLayoutA
CloseClipboard
IsClipboardFormatAvailable
RegisterClipboardFormatA
GetClipboardData
EmptyClipboard
OpenClipboard
SetClipboardData
DestroyWindow
GetClassNameA
GetSystemMenu
GetWindowRect
CreateDialogParamA
SendDlgItemMessageA
GetWindowDC
MsgWaitForMultipleObjects
SetForegroundWindow
GetParent
wsprintfA
SendMessageA
MessageBeep
TranslateMessage
SetDlgItemInt
OffsetRect
GetWindowTextA
CharUpperBuffA
BringWindowToTop
CreateWindowExA
ReleaseDC
EnableMenuItem
DefWindowProcA
CharLowerBuffA
GetDesktopWindow
SetWindowPos
IsWindow
SystemParametersInfoA
SetWindowTextA
LoadImageA
SetDlgItemTextW
EnableWindow
FindWindowA
GetDlgItemTextA
SetDlgItemTextA
CopyRect
RegisterClassA
MapVirtualKeyA
ToAscii
GetMessageA
EnumWindows

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 227KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44ff307fa817157378924e49a9543639

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

shell32

gdi32

comdlg32

ole32

user32

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 84KB - Virtual size: 83KB

.data Size: 227KB - Virtual size: 276KB

.rsrc Size: 30KB - Virtual size: 29KB

.reloc Size: 139KB - Virtual size: 139KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 84KB - Virtual size: 83KB

.data
Size: 227KB - Virtual size: 276KB

.rsrc
Size: 30KB - Virtual size: 29KB

.reloc
Size: 139KB - Virtual size: 139KB