D:\data\Software.MFC\iALotOfPathAndFileOperations\Ver32\iALotOfPathAndFileOperations.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-06-15_033a1eb0ebca87ce377884cae0391a74_mafia.exe
Resource
win7-20240508-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
2024-06-15_033a1eb0ebca87ce377884cae0391a74_mafia.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
2024-06-15_033a1eb0ebca87ce377884cae0391a74_mafia
-
Size
13.7MB
-
MD5
033a1eb0ebca87ce377884cae0391a74
-
SHA1
6b759d32ac8a14e99b86222f9f51049dc2acade3
-
SHA256
245fd3dc9de84e9849e377f73c11b95083ddf86c6002d31f45e01e4867dbc57b
-
SHA512
a817eeb41e2c2a7895b6491d08199bb019178ab6d0d7edfe457fb281d14b2409a8d963f3676e1f567f928660f7537c3e9d8b570f8833c5ecc1035fb5efc1816d
-
SSDEEP
196608:RUigoe0YytrZF0x9YjgvpSdNpAP6eBJVB0AriaaOTTE6BYuRrejzQO5GX7UK:RUGipSdv8d0AriaaeTE6SuFCEwK
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-06-15_033a1eb0ebca87ce377884cae0391a74_mafia
Files
-
2024-06-15_033a1eb0ebca87ce377884cae0391a74_mafia.exe windows:5 windows x86 arch:x86
acdedf53a5c005157eb5798dcb70af1b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
query
LoadIFilter
crypt32
CertGetCertificateContextProperty
CryptSignMessage
CertOpenStore
CertEnumCertificatesInStore
CertFreeCertificateContext
CertCloseStore
CertFindCertificateInStore
fontsub
CreateFontPackage
kernel32
GetEnvironmentStringsW
SetHandleCount
WriteConsoleW
GetLocaleInfoW
CompareStringW
LCMapStringW
SetConsoleCtrlHandler
FreeEnvironmentStringsW
EnumSystemLocalesA
IsValidLocale
FileTimeToSystemTime
FileTimeToLocalFileTime
GetLastError
QueryPerformanceCounter
QueryPerformanceFrequency
IsProcessorFeaturePresent
HeapCreate
FlushConsoleInputBuffer
ReadConsoleInputA
SetConsoleMode
IsValidCodePage
SetUnhandledExceptionFilter
SetStdHandle
HeapSize
HeapQueryInformation
FindFirstFileExA
PeekNamedPipe
GetFileInformationByHandle
GetFileType
GetTimeFormatA
ExitThread
HeapReAlloc
GetConsoleMode
GetConsoleCP
HeapAlloc
GetStartupInfoW
HeapSetInformation
GetDriveTypeW
SetEnvironmentVariableA
HeapFree
DecodePointer
EncodePointer
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathA
GetNumberFormatA
GetSystemDirectoryW
GetOEMCP
GlobalFlags
LocalReAlloc
FindNextFileA
GetPrivateProfileIntA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
lstrcmpA
InterlockedExchange
DuplicateHandle
GetFileSize
UnlockFile
LockFile
FlushFileBuffers
lstrcmpiA
GetFileAttributesExA
GetProfileIntA
lstrlenW
ReleaseActCtx
CreateActCtxW
SuspendThread
ResumeThread
GlobalFindAtomA
InitializeCriticalSectionAndSpinCount
ActivateActCtx
DeactivateActCtx
SetLastError
lstrcmpW
CreateDirectoryA
SetVolumeLabelA
SetFileAttributesA
GetCurrentDirectoryA
GetTempPathA
GetTempFileNameA
CreateEventA
DisableThreadLibraryCalls
EnumCalendarInfoA
FileTimeToDosDateTime
GetACP
GetCPInfo
GetDateFormatA
GetDiskFreeSpaceA
GetFullPathNameA
GetFullPathNameW
GetProfileStringA
GetStringTypeExA
GlobalHandle
LoadLibraryW
LocalFileTimeToFileTime
ResetEvent
SetErrorMode
SetEvent
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetStdHandle
RaiseException
RtlUnwind
UnhandledExceptionFilter
GetCommandLineA
GetLocaleInfoA
GetStartupInfoA
GetThreadLocale
LoadLibraryExA
VirtualQuery
GetVersion
LocalAlloc
VirtualAlloc
VirtualFree
DeleteCriticalSection
OpenProcess
BackupRead
BackupSeek
GlobalSize
GlobalReAlloc
lstrcpynA
GetFileAttributesExW
GetFileSizeEx
SetFilePointerEx
ReadFile
FindResourceA
FreeResource
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCurrentProcess
CreateProcessA
GetBinaryTypeA
CompareStringA
GetFileAttributesA
MulDiv
GetSystemTime
GetLocalTime
GlobalGetAtomNameA
GlobalDeleteAtom
GlobalAddAtomA
WritePrivateProfileStringA
CopyFileA
MoveFileA
GetWindowsDirectoryA
GetPrivateProfileStringA
GetSystemInfo
GetSystemTimeAsFileTime
GetComputerNameA
GetVersionExA
ReleaseSemaphore
GetProcessHeap
HeapLock
HeapWalk
HeapUnlock
GlobalMemoryStatus
FindNextFileW
GetCurrentDirectoryW
GetTimeZoneInformation
SystemTimeToFileTime
TerminateProcess
GetExitCodeProcess
CreateProcessW
WaitForSingleObject
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
ReleaseMutex
CreateMutexA
RemoveDirectoryW
CreateDirectoryW
DeleteFileW
MoveFileW
CopyFileW
GetFileTime
SetFileTime
FindFirstFileA
GetTempPathW
SetFileAttributesW
GetFileAttributesW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FormatMessageA
LocalFree
SetEndOfFile
EnterCriticalSection
IsBadReadPtr
IsBadWritePtr
LoadLibraryA
GetProcAddress
FreeLibrary
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
GetCurrentProcessId
CreateFileW
SetFilePointer
WriteFile
LoadResource
LockResource
SizeofResource
FindResourceW
GetModuleFileNameA
IsDebuggerPresent
DebugBreak
GetVolumeNameForVolumeMountPointA
SetVolumeMountPointA
CreateHardLinkA
WideCharToMultiByte
MultiByteToWideChar
ExitProcess
CreateThread
GetDiskFreeSpaceExA
RemoveDirectoryA
DeleteFileA
SetThreadPriority
lstrlenA
GlobalAlloc
GlobalLock
GlobalFree
lstrcpyA
GlobalUnlock
FindFirstFileW
FindClose
CreateFileA
DeviceIoControl
CloseHandle
WinExec
GetDriveTypeA
GetTickCount
GetVolumeInformationA
GetLogicalDrives
InitializeCriticalSection
FindCloseChangeNotification
FindFirstChangeNotificationA
WaitForMultipleObjects
FindNextChangeNotification
Sleep
LeaveCriticalSection
GetStringTypeW
user32
SystemParametersInfoA
DestroyMenu
GetActiveWindow
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
SetFocus
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
RedrawWindow
IsWindowVisible
ValidateRect
GetMenuItemID
GetMenuItemCount
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
CharUpperBuffA
CharLowerBuffA
CharUpperBuffW
CreateIcon
DrawIconEx
wvsprintfA
CharNextA
LoadStringA
GetKeyboardType
PostMessageA
GetWindowThreadProcessId
GetWindowTextA
LoadBitmapW
CreateWindowExA
EndDialog
LoadIconA
GetDesktopWindow
LoadCursorW
GetDlgCtrlID
GetWindow
LockWindowUpdate
MonitorFromRect
GetUpdateRect
GetCursorPos
SubtractRect
MonitorFromWindow
EnumDisplayMonitors
UnionRect
GetMonitorInfoA
DeleteMenu
AppendMenuA
GetSubMenu
LoadMenuW
DestroyCursor
GetWindowRgn
IntersectRect
UnregisterClassA
GetComboBoxInfo
SetRect
GetDC
ReleaseDC
ShowScrollBar
SendMessageW
GetWindowTextLengthA
GetWindowLongA
GetSysColor
EnumChildWindows
GetDialogBaseUnits
MapDialogRect
GetWindowTextW
SetWindowTextW
CharLowerA
CharUpperA
CharToOemA
MsgWaitForMultipleObjects
PeekMessageA
TranslateMessage
DispatchMessageA
MessageBoxA
IsZoomed
RemoveMenu
EnableMenuItem
SetForegroundWindow
BringWindowToTop
wsprintfA
TranslateAcceleratorA
LoadAcceleratorsA
GetDoubleClickTime
ScreenToClient
PtInRect
GetIconInfo
DestroyIcon
GetFocus
KillTimer
SetTimer
InvalidateRect
UpdateWindow
GetWindowRect
IsClipboardFormatAvailable
IsWindow
OpenClipboard
GetClipboardData
EmptyClipboard
CloseClipboard
SetClipboardData
GetAsyncKeyState
AppendMenuW
RegisterClipboardFormatA
CreateMenu
GetNextDlgTabItem
CreateDialogIndirectParamA
GetKeyNameTextA
MapVirtualKeyA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
InsertMenuA
IsRectEmpty
SetCapture
ReleaseCapture
DrawStateA
PostQuitMessage
MessageBeep
SetMenuItemInfoA
GetCursor
LoadCursorA
SetCursor
CopyRect
FillRect
DrawTextW
DrawFocusRect
InflateRect
GetMenuItemInfoA
GetKeyState
OffsetRect
ShowOwnedPopups
SetWindowContextHelpId
RealChildWindowFromPoint
CopyImage
GetSysColorBrush
SetRectEmpty
TranslateMDISysAccel
SetLayeredWindowAttributes
GetSystemMenu
SetWindowRgn
WindowFromPoint
EnableScrollBar
UpdateLayeredWindow
MonitorFromPoint
IsMenu
CreatePopupMenu
GetProcessWindowStation
GetUserObjectInformationW
GetMenuStringA
LoadBitmapA
LoadIconW
GetClientRect
IsIconic
SendMessageA
SetMenuDefaultItem
GetMenuDefaultItem
WaitMessage
PostThreadMessageA
CopyAcceleratorTableA
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
DestroyAcceleratorTable
LoadAcceleratorsW
CreateAcceleratorTableA
SetParent
SetClassLongA
InsertMenuItemA
LoadImageA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
LoadImageW
InvalidateRgn
GetNextDlgGroupItem
DrawEdge
DrawFrameControl
SetCursorPos
InvertRect
HideCaret
FrameRect
CopyIcon
IsCharLowerA
MapVirtualKeyExA
DefFrameProcA
DefMDIChildProcA
GetMessageA
DrawMenuBar
GetClassNameA
GetParent
EnableWindow
GetSystemMetrics
DrawIcon
NotifyWinEvent
gdi32
GetDeviceCaps
GetDIBColorTable
GetCurrentPositionEx
GetCharWidthW
GetCharWidth32W
GetBrushOrgEx
GetBitmapBits
GdiFlush
FillPath
ExtTextOutA
ExtEscape
EnumFontsA
EnumFontFamiliesExA
EnumEnhMetaFile
EndPath
EndPage
EndDoc
DeleteEnhMetaFile
CreateScalableFontResourceW
CreatePenIndirect
CreatePalette
CreateICA
CreateEnhMetaFileA
CreateDIBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileA
CombineTransform
CloseFigure
CloseEnhMetaFile
BeginPath
AddFontResourceW
CreateRectRgnIndirect
SaveDC
RestoreDC
SetPolyFillMode
SetMapMode
GetClipBox
ExcludeClipRect
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPaletteEntries
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
GetObjectType
CreateHatchBrush
CopyMetaFileA
EnumFontFamiliesA
GetTextCharsetInfo
SetRectRgn
GetMapMode
GetEnhMetaFileBits
CreateRoundRectRgn
OffsetRgn
GetRgnBox
GetTextColor
GetBkColor
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
GetNearestPaletteIndex
Rectangle
ExtFloodFill
LPtoDP
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
SetPixelV
GetEnhMetaFileDescriptionA
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetFontData
GetPixel
GetSystemPaletteEntries
GetTextFaceA
GetWinMetaFileBits
GetWindowOrgEx
IntersectClipRect
MaskBlt
PatBlt
PlayEnhMetaFile
PolyBezierTo
RemoveFontResourceW
SetAbortProc
SetBrushOrgEx
SetDIBColorTable
SetEnhMetaFileBits
SetICMMode
SetPaletteEntries
SetPixel
SetROP2
SetStretchBltMode
SetWinMetaFileBits
StartDocA
StartDocW
StartPage
StretchDIBits
StrokeAndFillPath
StrokePath
UnrealizeObject
FloodFill
SelectPalette
RealizePalette
GetDIBits
CreateDIBSection
CombineRgn
CreatePen
LineTo
BitBlt
StretchBlt
DeleteDC
GetStockObject
GetTextMetricsA
CreateCompatibleDC
CreateHalftonePalette
CreateFontIndirectA
GetTextExtentPoint32A
SelectObject
CreateDCA
DeleteObject
CreateSolidBrush
SetTextColor
SetBkMode
GetObjectA
GetFontLanguageInfo
SetBkColor
GetGlyphIndicesA
GetGlyphIndicesW
GetGlyphOutlineW
GetKerningPairs
GetOutlineTextMetricsA
DPtoLP
GetOutlineTextMetricsW
GetTextExtentPointW
PtVisible
MoveToEx
CreateCompatibleBitmap
msimg32
TransparentBlt
AlphaBlend
comdlg32
GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA
winspool.drv
EnumPrintersA
GetJobA
DeviceCapabilitiesA
ClosePrinter
ord203
OpenPrinterA
DocumentPropertiesA
EnumPrintersW
SetJobA
advapi32
CryptAcquireContextA
ReportEventA
RegisterEventSourceA
RegQueryValueA
RegEnumKeyA
CryptAcquireContextW
EnumDependentServicesA
ControlService
QueryServiceConfigA
StartServiceA
QueryServiceStatus
OpenServiceA
OpenSCManagerA
CloseServiceHandle
IsValidSecurityDescriptor
LookupPrivilegeValueA
AdjustTokenPrivileges
DeregisterEventSource
CryptReleaseContext
CryptCreateHash
CryptDestroyHash
CryptHashData
CryptGetHashParam
OpenProcessToken
GetTokenInformation
RegDeleteKeyA
RegQueryInfoKeyA
RegEnumKeyExA
RegOpenKeyA
RegEnumValueA
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
shell32
SHGetMalloc
DragQueryFileA
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteExA
Shell_NotifyIconA
ShellExecuteA
SHAppBarMessage
DragFinish
ExtractIconExA
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetFileInfoA
SHFileOperationA
comctl32
InitCommonControlsEx
ImageList_GetIconSize
shlwapi
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
ole32
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
CoRegisterMessageFilter
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CreateStreamOnHGlobal
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleGetClipboard
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CLSIDFromProgID
CoCreateInstance
CoInitializeEx
CoUninitialize
CoCreateGuid
CoTaskMemFree
CoInitialize
oleaut32
SysAllocString
VariantInit
VariantClear
SysReAllocStringLen
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopyInd
VariantCopy
GetErrorInfo
SysAllocStringByteLen
SysStringLen
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
OleCreateFontIndirect
SysFreeString
oledlg
ord8
gdiplus
GdipDrawString
GdipMeasureString
GdipDrawImageRectRectI
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipGetImageWidth
GdipGetImageHeight
GdipDisposeImage
GdipCloneImage
GdipCreateBitmapFromHBITMAP
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipFillRectangle
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipDrawImageI
GdipDrawImageRectI
GdipSetInterpolationMode
GdipSetCompositingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipDeleteStringFormat
GdipCreateStringFormat
GdipAlloc
GdipFree
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipSetImageAttributesColorKeys
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdiplusShutdown
GdiplusStartup
GdipGetImagePixelFormat
GdipSetPageUnit
mpr
WNetGetUniversalNameA
WNetDisconnectDialog
WNetConnectionDialog
WNetAddConnection3A
WNetGetConnectionA
netapi32
NetShareEnum
NetDfsEnum
NetApiBufferFree
ws2_32
bind
listen
getsockopt
__WSAFDIsSet
setsockopt
WSAStartup
socket
WSAGetLastError
htons
gethostbyname
connect
gethostname
closesocket
htonl
ntohs
inet_ntoa
inet_addr
WSACleanup
recv
ioctlsocket
WSASetLastError
select
accept
shutdown
send
winmm
PlaySoundA
oleacc
AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject
imm32
ImmGetOpenStatus
ImmReleaseContext
ImmGetContext
version
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA
wininet
InternetQueryOptionA
HttpOpenRequestA
InternetConnectA
FtpFindFirstFileA
HttpSendRequestExA
InternetSetOptionExA
InternetSetCookieA
InternetQueryDataAvailable
FtpSetCurrentDirectoryA
FtpGetCurrentDirectoryA
FtpPutFileA
HttpAddRequestHeadersA
HttpQueryInfoA
InternetFindNextFileA
InternetCloseHandle
InternetGetLastResponseInfoA
InternetOpenA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
HttpEndRequestA
Sections
.text Size: 4.8MB - Virtual size: 4.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
CODE Size: 2.4MB - Virtual size: 2.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 412KB - Virtual size: 3.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
DATA Size: 134KB - Virtual size: 134KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3.9MB - Virtual size: 3.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 496KB - Virtual size: 496KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ