2024-06-15_936cc94a8e72c40efd4277601e344633_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-15_936cc94a8e72c40efd4277601e344633_mafia
Size

1.7MB
MD5

936cc94a8e72c40efd4277601e344633
SHA1

e240984e6288a9c800ea0ce1b21e7ef1a087c170
SHA256

6183b6b34a2b89c127ee4eed49671c254c833c32b11ee015461f4d9c1939ddf9
SHA512

03bcdf76af19302b29ea85b031a02c415de5a70b24838fd909fe79f5ae5e1f00a0649cf52d1f8428cf17f9d8410c3040af5412dc6ae941611aba3411b54dfdd6
SSDEEP

49152:N03KaMy64rfZGVCTQsgQ49sNltY1EqN6FWyVmf1CV0geaunHyvfezz:JaMl4r4VChgQ49sNltY1EqN6YGV0gea+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-15_936cc94a8e72c40efd4277601e344633_mafia

Files

2024-06-15_936cc94a8e72c40efd4277601e344633_mafia
.exe windows:5 windows x86 arch:x86

c272337aff6927b1492da0835b453ddc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeSetEvent
timeKillEvent
PlaySoundA

reesdata

??1CReesData@@QAE@XZ
?elaptens@@YAJPAJ@Z
?BackupDatabase@CReesData@@QAE_NPBD0@Z
?RestoreDatabase@CReesData@@QAE_NPBD0_N1@Z
?geterrors@CReesData@@QAEPBDXZ
?maketime@@YAXPADPAUclock@@PAUparmhead@@_N@Z
?calcraw@@YAXKPAUclock@@@Z
?Decryptpw@CReesData@@QAEPBDPBD@Z
?exepath@@3PADA
?getfilelocations@@YAXD@Z
?timetobuf@@YAXPADGPAUparmhead@@_N@Z
?Encryptpw@CReesData@@QAEPBDPBD@Z
?OpenRowset@CMapnameSet@@QAE_NPBD@Z
?getpctime@@YAKPAUclock@@_N@Z
?OpenDB@CReesData@@QAE_N_NPBD@Z
?SetDatabaseType@CReesData@@QAEX_N0@Z
?reesini@@3PADA
??0CReesData@@QAE@XZ
?cstrtotime@@YAFAAV?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PAGPAUparmhead@@_N@Z
?timetocstr@@YAXAAV?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@GPAUparmhead@@_N@Z
?gettime@@YAXPAJ@Z

kernel32

GetStdHandle
IsValidCodePage
LCMapStringW
IsProcessorFeaturePresent
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
QueryPerformanceCounter
GetStringTypeW
GetTimeZoneInformation
CompareStringW
GetConsoleCP
GetConsoleMode
GetDriveTypeW
GetProcessHeap
WriteConsoleW
CreateFileW
GetVersion
SizeofResource
LockResource
LoadResource
FindResourceW
CreateFileA
Sleep
WideCharToMultiByte
CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
CreateThread
GetCurrentDirectoryA
GetFileType
FormatMessageA
GetLastError
GetWindowsDirectoryA
SetCurrentDirectoryA
GetDiskFreeSpaceExA
GetComputerNameA
OutputDebugStringA
GetCurrentThreadId
GetModuleFileNameA
InterlockedExchange
FreeLibrary
GetProcAddress
GetModuleHandleW
GlobalAlloc
lstrcmpA
GlobalLock
SetLastError
DeactivateActCtx
IsDebuggerPresent
ActivateActCtx
CompareStringA
MultiByteToWideChar
LoadLibraryExA
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
GlobalDeleteAtom
lstrlenA
GlobalFree
FreeResource
FindResourceA
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
InterlockedDecrement
SetStdHandle
GetSystemTimeAsFileTime
HeapSize
HeapQueryInformation
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
RaiseException
ExitThread
HeapFree
HeapAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
CreateDirectoryA
GetDriveTypeA
SetEnvironmentVariableA
FindNextFileA
FindFirstFileExA
EncodePointer
DecodePointer
ExitProcess
RtlUnwind
FindResourceExW
VirtualProtect
SearchPathA
GetProfileIntA
GetNumberFormatA
GetTickCount
GetTempPathA
GetTempFileNameA
SetErrorMode
GetOEMCP
GetCPInfo
GetACP
TlsFree
GlobalUnlock
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LoadLibraryA
TerminateProcess
LocalReAlloc
TlsSetValue
SetThreadPriority
ResumeThread
TlsAlloc
InitializeCriticalSection
GlobalHandle
TlsGetValue
LocalAlloc
GlobalFlags
lstrcpyA
GetSystemDirectoryW
GlobalReAlloc
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
lstrcmpiA
GetFileTime
GetFileSizeEx
GetFileAttributesA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
SetFileAttributesA
GetFileAttributesExA
GetThreadLocale
InterlockedIncrement
GlobalGetAtomNameA
GlobalFindAtomA
GetVersionExA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
lstrcmpW
CopyFileA
GlobalSize
LocalFree
lstrlenW
MulDiv
GetCurrentProcessId
GlobalAddAtomA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetModuleHandleA

user32

ToAsciiEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateA
SetClassLongA
GetAsyncKeyState
NotifyWinEvent
DestroyAcceleratorTable
SetWindowRgn
UnionRect
SetParent
CopyImage
WaitMessage
WindowFromPoint
UnregisterClassA
MessageBeep
GetNextDlgGroupItem
SetCapture
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableA
RealChildWindowFromPoint
GetSysColorBrush
LoadCursorA
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
DeleteMenu
IsZoomed
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadImageA
DestroyIcon
LoadAcceleratorsA
InvalidateRect
InsertMenuItemA
CreatePopupMenu
IntersectRect
SetRectEmpty
BringWindowToTop
TranslateAcceleratorA
CharUpperA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
FillRect
CharNextA
MapVirtualKeyA
GetKeyNameTextA
ReleaseDC
GetDC
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
BeginDeferWindowPos
GetKeyboardLayout
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
RedrawWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
IsClipboardFormatAvailable
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
PtInRect
GetSysColor
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
InflateRect
CopyRect
GetMenuStringA
InsertMenuA
GetMenuItemCount
RemoveMenu
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxA
ShowOwnedPopups
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
IsWindowVisible
GetKeyState
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetCursorPos
LockWindowUpdate
RegisterClipboardFormatA
GetMenuDefaultItem
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
DestroyWindow
GetNextDlgTabItem
EndDialog
UnhookWindowsHookEx
SetWindowContextHelpId
MapDialogRect
GetWindowTextLengthA
GetWindowTextA
GetFocus
SetFocus
TranslateMDISysAccel
MonitorFromPoint
IsMenu
CreateMenu
EndDeferWindowPos
PostThreadMessageA
SetWindowPos
GetParent
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
IsWindow
SetWindowTextA
GetWindowLongA
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
CheckDlgButton
GetWindow
PostQuitMessage
SetMenuDefaultItem
GetCursorPos
TrackPopupMenu
LoadMenuW
GetSubMenu
GetMenuItemID
PostMessageA
LoadIconA
GetDesktopWindow
DrawTextA
RegisterWindowMessageA
SetForegroundWindow
PeekMessageA
DispatchMessageA
TranslateMessage
GetSystemMetrics
EnableWindow
LoadIconW
KillTimer
SetTimer
GetClientRect
GetWindowRect
IsIconic
GetSystemMenu
SendMessageA
AppendMenuA
DrawIcon
OffsetRect
UpdateWindow
FrameRect
GetUpdateRect
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
CopyIcon
CharUpperBuffA
GetDoubleClickTime
IsCharLowerA
MapVirtualKeyExA
SubtractRect
DestroyCursor
GetWindowRgn
SetWindowPlacement
ReleaseCapture
UpdateLayeredWindow

gdi32

GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateCompatibleBitmap
GetTextMetricsA
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetRgnBox
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
GetViewportExtEx
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExA
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceA
SetPixelV
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetTextColor
GetBkColor
GetStockObject
PatBlt
CreateRectRgnIndirect
SetBkColor
SetTextColor
GetTextExtentPoint32A
CreateCompatibleDC
CreateBitmap
GetDeviceCaps
CopyMetaFileA
CreateDCA
GetObjectA
CreateFontIndirectA
ExtTextOutA
BitBlt

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegisterServiceCtrlHandlerA
ImpersonateLoggedOnUser
LogonUserA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
CloseServiceHandle
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
StartServiceCtrlDispatcherA
RevertToSelf
SetServiceStatus
DeleteService
CreateServiceA
RegCreateKeyA
DeregisterEventSource
RegisterEventSourceA
ReportEventA
ControlService
StartServiceA
QueryServiceStatus
OpenSCManagerA
OpenServiceA

shell32

SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetMalloc
Shell_NotifyIconA
SHGetFileInfoA
DragFinish
SHAppBarMessage
ShellExecuteA
SHGetPathFromIDListA
SHGetDesktopFolder
DragQueryFileA

comctl32

ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

ole32

DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoRevokeClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoUninitialize
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
CoInitialize
CoTaskMemFree
CoRegisterMessageFilter
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CreateILockBytesOnHGlobal

oleaut32

VariantChangeType
SysAllocStringLen
VariantCopy
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocString
SysStringLen
SysAllocStringByteLen
OleCreateFontIndirect
VariantInit
SafeArrayDestroy
SysFreeString
VarBstrFromDate
VariantClear

oledlg

ord8

odbc32

ord10
ord18

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 285KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c272337aff6927b1492da0835b453ddc

Headers

DLL Characteristics

File Characteristics

Imports

winmm

reesdata

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

odbc32

oleacc

gdiplus

imm32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 285KB - Virtual size: 284KB

.data Size: 27KB - Virtual size: 57KB

.rsrc Size: 22KB - Virtual size: 21KB

.reloc Size: 170KB - Virtual size: 170KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 285KB - Virtual size: 284KB

.data
Size: 27KB - Virtual size: 57KB

.rsrc
Size: 22KB - Virtual size: 21KB

.reloc
Size: 170KB - Virtual size: 170KB