2024-06-15_de99111800191cf95593eca22b883871_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-15_de99111800191cf95593eca22b883871_mafia
Size

3.7MB
MD5

de99111800191cf95593eca22b883871
SHA1

ffdc5e9149d2339474ebb249763af2e7a8cc338e
SHA256

795ff5c03d4597ab36037c9ace692367ef29e436e67000fb6942680a4b2ae634
SHA512

3b345ee420a9f4519c9e2f398cc12563bd924bc9f07d64d7077e6c188bf9bd7334e617e68dc586577d64e44be0cd8135b45e173120b93541583f1eae90eb6a13
SSDEEP

98304:XWhuxE4VQ33otTowaVJ6VP4OgOeilPuDj+fPerQX67spOPvsEmAVsIkPLj7TiCa+:muxEpZORun+Y7spOPvsEmg+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-15_de99111800191cf95593eca22b883871_mafia

Files

2024-06-15_de99111800191cf95593eca22b883871_mafia
.exe windows:5 windows x86 arch:x86

bcd3a7e9c0e1ed14ab233f120fd2b702

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\OpencvTrackingKeona\SignalVio_SE_263\Exe\SignalVio_SE.pdb

Imports

autoiris2007

_OpenAutoIRIS@20
_SetIrisImageData@20
_CloseAutoIRIS@4

ipl

iplResize
iplSubtractS
iplDeallocate
iplCreateImageHeader
iplAllocateImage

jpegdll

_EncodeNullDataToGrayJpgFile@20

nvp1204ioctl

ord11
ord8
ord7
ord1
ord2
IT_GetEncoderBufferMapping
ord10
IT_SetFrameCount
ord3
ord5
ord12
IT_SetCameraColorControl
ord6
IT_SetAudioDMAControl
IT_SetVideoDMAControl

bt878

ord1
ord4
ord5

imm32

ImmGetConversionStatus
ImmSetConversionStatus
ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

lpr_keona

ord1
ord2
ord4
ord3

expkeona_dll

ord2
ord3
ord1

kernel32

GetProfileIntA
SearchPathA
LocalUnlock
LocalLock
HeapFree
RtlUnwind
HeapAlloc
GetSystemTimeAsFileTime
ExitProcess
DecodePointer
EncodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsValidCodePage
HeapCreate
HeapDestroy
GetStdHandle
SetHandleCount
LCMapStringW
GetTimeZoneInformation
GetStringTypeW
FatalAppExitA
SetConsoleCtrlHandler
GetLocaleInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetDriveTypeW
CompareStringW
GetConsoleCP
GetConsoleMode
EnumSystemLocalesA
IsValidLocale
GetCurrentDirectoryW
SetCurrentDirectoryW
WriteConsoleW
GetProcessHeap
CreateFileW
SetEnvironmentVariableA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentDirectoryA
SetThreadPriority
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateThread
Sleep
SetEvent
ExitThread
ResetEvent
WaitForMultipleObjects
CreateEventA
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetCurrentProcess
GetVersionExA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalAlloc
GetTickCount
CloseHandle
WaitForSingleObject
GlobalMemoryStatus
SystemTimeToFileTime
CreateDirectoryA
GetDiskFreeSpaceA
GetLocalTime
SetLocalTime
SizeofResource
LockResource
LoadResource
FindResourceW
WideCharToMultiByte
GetModuleFileNameA
OutputDebugStringA
CreateThread
FreeLibrary
GetProcAddress
LoadLibraryA
LocalFree
FormatMessageA
GetOverlappedResult
WriteFile
ClearCommError
ResumeThread
PurgeComm
SetCommState
BuildCommDCBA
GetCommState
SetCommMask
SetCommTimeouts
CreateFileA
InitializeCriticalSection
ReadFile
GetCommMask
WaitCommEvent
CreateMutexA
InterlockedIncrement
InterlockedDecrement
CopyFileA
lstrlenA
MulDiv
MultiByteToWideChar
lstrlenW
GlobalSize
SetLastError
DeactivateActCtx
CreateActCtxW
ReleaseActCtx
ActivateActCtx
GetModuleFileNameW
GlobalAddAtomA
GlobalGetAtomNameA
GetModuleHandleA
GetCurrentProcessId
lstrcmpW
LoadLibraryW
CompareStringA
GlobalDeleteAtom
GlobalFindAtomA
GetCurrentThreadId
FreeResource
FindResourceA
SuspendThread
VirtualProtect
FileTimeToSystemTime
FileTimeToLocalFileTime
InterlockedExchange
GetModuleHandleW
lstrcmpA
LoadLibraryExA
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
GetPrivateProfileIntA
GetUserDefaultLCID
GetFileAttributesA
ReplaceFileA
SetFileTime
GetFileTime
GetTempFileNameA
GetFullPathNameA
GetStringTypeExA
GetThreadLocale
lstrcmpiA
MoveFileA
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetVolumeInformationA
GetShortPathNameA
LocalAlloc
TlsGetValue
GlobalReAlloc
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetSystemDirectoryW
GetAtomNameA
GetCPInfo
GetOEMCP
GetACP
FindResourceExW
GetFileAttributesExA
SetFileAttributesA
LocalFileTimeToFileTime
GetFileSizeEx
SetErrorMode
GetTempPathA
GetWindowsDirectoryA
GetNumberFormatA

user32

GetWindowRgn
EnumChildWindows
GetTabbedTextExtentW
GetTabbedTextExtentA
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMessageA
GetCursorPos
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
LoadIconA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
ValidateRect
GetClientRect
MessageBoxA
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetWindowTextLengthA
GetWindowTextA
GetFocus
ScrollWindowEx
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
SendDlgItemMessageA
GetDlgItemTextA
UpdateLayeredWindow
CheckRadioButton
CheckDlgButton
GetClassNameA
GetSysColor
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
GetMenuBarInfo
WinHelpA
SetWindowPos
LoadImageA
DestroyIcon
SetFocus
GetWindowThreadProcessId
GetActiveWindow
WindowFromDC
EqualRect
GetDlgItem
SetWindowLongA
GetDlgCtrlID
LoadIconW
SetCursor
GetCapture
ReleaseCapture
LoadAcceleratorsA
SetActiveWindow
IsIconic
InsertMenuItemA
CreatePopupMenu
GetClassInfoA
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
GetMenu
GetLastActivePopup
BringWindowToTop
SetMenu
GetDesktopWindow
GetWindow
ShowWindow
GetWindowLongA
IsWindow
TranslateAcceleratorA
UnhookWindowsHookEx
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
PostThreadMessageA
LoadBitmapW
PtInRect
GetSysColorBrush
GetWindowRect
GetParent
InvalidateRect
GetKeyState
UpdateWindow
FindWindowA
ExitWindowsEx
EnableWindow
PeekMessageA
TranslateMessage
DispatchMessageA
KillTimer
SetTimer
PostMessageA
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
SendMessageA
IsWindowVisible
DrawIconEx
DefMDIChildProcA
DefFrameProcA
RegisterClipboardFormatA
GetIconInfo
wsprintfA
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
GetDCEx
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableA
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
DrawFocusRect
DrawFrameControl
DrawEdge
ClientToScreen
DrawStateA
SetClassLongA
NotifyWinEvent
DestroyCursor
SubtractRect
MapVirtualKeyExA
IsCharLowerA
GetDoubleClickTime
CharUpperBuffA
CopyIcon
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetUpdateRect
FrameRect
WindowFromPoint
DestroyAcceleratorTable
IsZoomed
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
SetRect
CopyAcceleratorTableA
CharNextA
LoadMenuW
SendNotifyMessageA
IsClipboardFormatAvailable
SetMenuDefaultItem
CreateMenu
InSendMessage
IsWindowEnabled
IsMenu
LoadAcceleratorsW
GetDialogBaseUnits
CopyImage
UnionRect
SetParent
GetSystemMenu
DeleteMenu
SetLayeredWindowAttributes
EnumDisplayMonitors
GetMenuItemInfoA
InflateRect
RealChildWindowFromPoint
UnregisterClassA
LoadCursorA
LoadCursorW
SetCapture
SetWindowRgn
DrawIcon
SystemParametersInfoA
IsRectEmpty
CharUpperA
GetSystemMetrics
WaitMessage
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
MapDialogRect
GetAsyncKeyState
MapVirtualKeyA
GetKeyNameTextA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDlgItemInt
GetDC

gdi32

StretchBlt
DeleteDC
SetStretchBltMode
BitBlt
DPtoLP
SetPixelV
DeleteMetaFile
CloseMetaFile
CreateMetaFileA
GetTextExtentPoint32W
GetTextExtentPointA
GetTextFaceA
GetTextAlign
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetNearestColor
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
RoundRect
SetPixel
GetDIBits
SetDIBColorTable
OffsetRgn
GetSystemPaletteEntries
GetNearestPaletteIndex
GetPaletteEntries
Polygon
Polyline
CreatePolygonRgn
CreateRoundRectRgn
GetCurrentObject
GetRgnBox
GetTextColor
GetBkColor
EnumFontFamiliesExA
GetCharWidthA
CombineRgn
SetRectRgn
GetTextCharsetInfo
EnumFontFamiliesA
GetTextMetricsA
CreateDIBitmap
GetTextExtentPoint32A
CreateDIBSection
Ellipse
LPtoDP
CreateEllipticRgn
PatBlt
CreateRectRgnIndirect
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
GetStockObject
CreatePatternBrush
CreateDIBPatternBrushPt
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
StartDocA
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetLayout
GetLayout
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
CreateCompatibleBitmap
CreateDCA
CopyMetaFileA
GetDeviceCaps
CreateFontIndirectA
DeleteObject
Rectangle
CreatePalette
CreatePen
SetDIBitsToDevice
RealizePalette
CreateFontA
CreateCompatibleDC
SelectObject
GetMapMode
SetMapMode
GetObjectA
StretchDIBits

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

GetJobA
ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegDeleteValueA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegSetValueA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExW
RegDeleteKeyA
RegEnumKeyExA
RegEnumValueA
RegEnumKeyA

shell32

ShellExecuteA
SHBrowseForFolderA
DragFinish
DragQueryFileA
SHGetFileInfoA
SHAddToRecentDocs
ShellExecuteExA
SHGetMalloc
SHAppBarMessage
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
ExtractIconA

comctl32

ImageList_GetImageCount
ImageList_Create
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_AddMasked
ImageList_DrawEx
ImageList_Destroy
ImageList_Remove

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

ole32

CoTaskMemFree
OleRegGetUserType
WriteFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
ReadFmtUserTypeStg
SetConvertStg
WriteClassStg
OleDestroyMenuDescriptor
OleTranslateAccelerator
CreateBindCtx
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoCreateGuid
CLSIDFromProgID
CLSIDFromString
PropVariantCopy
StringFromGUID2
CoDisconnectObject
CoCreateInstance
CoInitialize
CoUninitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
CoInitializeEx
OleRun
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
StgCreateDocfile
CreateFileMoniker
StgOpenStorage
StgIsStorageFile
CreateDataAdviseHolder
CreateOleAdviseHolder
CoGetMalloc
GetRunningObjectTable
OleIsRunning
OleQueryLinkFromData
OleQueryCreateFromData
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleRegGetMiscStatus
OleRegEnumVerbs
CreateGenericComposite
CreateItemMoniker
OleGetIconOfClass
OleCreateLinkToFile
OleCreateFromFile
OleSetContainedObject
GetHGlobalFromILockBytes
OleLoad
OleCreate
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSaveToStream
WriteClassStm
OleSave
CoRegisterMessageFilter
CoRevokeClassObject
CoRegisterClassObject
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
OleSetMenuDescriptor
OleLockRunning
IsAccelerator
OleCreateMenuDescriptor

oleaut32

SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen
VarDateFromStr
RegisterTypeLi
VarBstrFromDec
VarDecFromStr
SafeArrayDestroy
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SafeArrayUnaccessData
LoadRegTypeLi
VarCyFromStr
LoadTypeLi
SysStringByteLen
VarBstrFromCy
SysFreeString
SysAllocStringByteLen

oledlg

ord8

ws2_32

htons
htonl
WSAStartup
WSACleanup
bind
closesocket
setsockopt
socket
listen
WSAGetLastError
inet_addr
accept
send
sendto
ioctlsocket
recv
recvfrom
getservbyname
gethostbyname
gethostname
ntohs
WSAAsyncSelect
WSASetLastError
ntohl
inet_ntoa
select
connect
__WSAFDIsSet
getpeername
getsockname

_jpeglib3_dll

ord1

_jpeglib3_2_dll

ord1

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

gdiplus

GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdiplusShutdown
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipGetImageHeight

winmm

PlaySoundA

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 582KB - Virtual size: 581KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 340KB - Virtual size: 379KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 227KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xaqkzfs
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

flvxpug
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bcd3a7e9c0e1ed14ab233f120fd2b702

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

autoiris2007

ipl

jpegdll

nvp1204ioctl

bt878

imm32

lpr_keona

expkeona_dll

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

ws2_32

_jpeglib3_dll

_jpeglib3_2_dll

oleacc

gdiplus

winmm

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 582KB - Virtual size: 581KB

.data Size: 340KB - Virtual size: 379KB

.rsrc Size: 95KB - Virtual size: 95KB

.reloc Size: 227KB - Virtual size: 229KB

xaqkzfs Size: 30KB - Virtual size: 32KB

flvxpug Size: 38KB - Virtual size: 37KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 582KB - Virtual size: 581KB

.data
Size: 340KB - Virtual size: 379KB

.rsrc
Size: 95KB - Virtual size: 95KB

.reloc
Size: 227KB - Virtual size: 229KB

xaqkzfs
Size: 30KB - Virtual size: 32KB

flvxpug
Size: 38KB - Virtual size: 37KB