2024-06-17_2130772930936551612ad6c1c15efe76_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-17_2130772930936551612ad6c1c15efe76_mafia
Size

10.6MB
MD5

2130772930936551612ad6c1c15efe76
SHA1

0cdaca4bc44250b8798bb8aaffaf78ef18859ab7
SHA256

9c7b57aef32afb28ed8c99f7667909d5359c7c4629ecdcb7eb7d42724ae77c12
SHA512

2a4cebe57b5ad14f9799d917b67fbbcbdfadfb7a88a7bd1162dd38cef5f7d49a95508136b467522d4c7f03567e6213760525ffc1f9eb8644a3c4d5921eece597
SSDEEP

196608:ryRNX9WdhgrvkQDxFJFtM5YGTjyVxyasPCo6Y+tkrejzQO5GX7Ui:ruvkOGYGTjyVxyasPCDYwgCEw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-17_2130772930936551612ad6c1c15efe76_mafia

Files

2024-06-17_2130772930936551612ad6c1c15efe76_mafia
.exe windows:5 windows x86 arch:x86

084875f6299b0a43c5a7eb6be6fa96bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\data\Software.MFC\iSemestertreffenHelper\Ver32\iSemestertreffenHelper.pdb

Imports

fontsub

CreateFontPackage

kernel32

GetEnvironmentStringsW
SetHandleCount
IsValidCodePage
GetLocaleInfoW
GetConsoleCP
GetConsoleMode
LCMapStringW
FreeEnvironmentStringsW
GetStringTypeW
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
HeapCreate
CompareStringW
IsProcessorFeaturePresent
GetWindowsDirectoryA
GetModuleFileNameA
CloseHandle
GetLastError
SetThreadPriority
GetCurrentThread
MultiByteToWideChar
WideCharToMultiByte
DeleteFileA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WinExec
FindResourceW
SizeofResource
LockResource
LoadResource
InterlockedIncrement
InterlockedDecrement
lstrlenA
FreeLibrary
GetProcAddress
LoadLibraryA
IsBadWritePtr
IsBadReadPtr
GetCurrentThreadId
CreateFileW
WriteFile
SetEndOfFile
SetFilePointer
LocalFree
FormatMessageA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetFileAttributesW
SetFileAttributesW
GetTempPathW
FindClose
FindFirstFileA
FindFirstFileW
FileTimeToSystemTime
SetFileTime
GetFileTime
CopyFileW
Sleep
SetUnhandledExceptionFilter
SetStdHandle
HeapSize
HeapQueryInformation
SetEnvironmentVariableA
FindFirstFileExA
GetDriveTypeW
GetProcessHeap
GetFileType
GetTimeFormatA
CreateThread
ExitThread
HeapReAlloc
HeapAlloc
GetStartupInfoW
HeapSetInformation
HeapFree
DecodePointer
EncodePointer
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathA
GetProfileIntA
GetNumberFormatA
GetTempFileNameA
FindNextFileA
GetOEMCP
LocalReAlloc
GlobalFlags
lstrcpyA
GetSystemDirectoryW
GetFileAttributesExA
DuplicateHandle
GetFileSize
UnlockFile
LockFile
FlushFileBuffers
lstrcmpiA
ReleaseActCtx
CreateActCtxW
GlobalFindAtomA
InitializeCriticalSectionAndSpinCount
lstrcmpW
lstrlenW
GetPrivateProfileIntA
ResumeThread
GetUserDefaultUILanguage
MoveFileW
DeleteFileW
CreateDirectoryW
ConvertDefaultLocale
GetSystemDefaultUILanguage
ActivateActCtx
DeactivateActCtx
SetLastError
lstrcmpA
InterlockedExchange
GetTempFileNameW
InterlockedExchangeAdd
SetVolumeLabelA
GetDriveTypeA
GetFileAttributesA
SetFileAttributesA
GetTempPathA
GetDiskFreeSpaceExA
OutputDebugStringA
CreateEventA
DisableThreadLibraryCalls
EnumCalendarInfoA
FileTimeToDosDateTime
GetACP
GetCPInfo
GetDateFormatA
GetDiskFreeSpaceA
GetFullPathNameA
GetFullPathNameW
GetProfileStringA
GetStringTypeExA
GlobalHandle
LoadLibraryW
LocalFileTimeToFileTime
ResetEvent
SetErrorMode
SetEvent
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetStdHandle
RaiseException
RtlUnwind
UnhandledExceptionFilter
GetCommandLineA
GetLocaleInfoA
GetStartupInfoA
GetThreadLocale
LoadLibraryExA
VirtualQuery
GetVersion
LocalAlloc
VirtualAlloc
VirtualFree
GetCurrentDirectoryA
SetCurrentDirectoryA
GlobalSize
GlobalReAlloc
OpenProcess
CompareStringA
MulDiv
lstrcpynA
ExitProcess
GetFileAttributesExW
GetVolumeInformationA
GetFileSizeEx
SetFilePointerEx
ReadFile
FindResourceA
FreeResource
GetCurrentProcess
CreateFileA
CreateProcessA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
IsDebuggerPresent
DebugBreak
GetLocalTime
GlobalGetAtomNameA
GlobalDeleteAtom
GlobalAddAtomA
WritePrivateProfileStringA
CopyFileA
MoveFileA
GetTimeZoneInformation
SystemTimeToFileTime
GetPrivateProfileStringA
GetSystemInfo
GetSystemTimeAsFileTime
FindNextFileW
GetCurrentDirectoryW
FileTimeToLocalFileTime
GetVersionExA
ReleaseSemaphore
TerminateProcess
GetExitCodeProcess
CreateProcessW
WaitForSingleObject
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
GetCurrentProcessId
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount

user32

ReuseDDElParam
LoadMenuA
LoadImageA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
SetCursorPos
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
DrawFocusRect
DrawFrameControl
DrawEdge
SetClassLongA
DestroyAcceleratorTable
SetParent
UnregisterClassA
CopyImage
GetMenuDefaultItem
SetMenuDefaultItem
GetMenuItemInfoA
CreatePopupMenu
IsMenu
DestroyMenu
UpdateLayeredWindow
EnableScrollBar
NotifyWinEvent
SetWindowRgn
GetSystemMenu
LoadMenuW
InflateRect
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
IntersectRect
IsRectEmpty
CopyAcceleratorTableA
OffsetRect
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
RealChildWindowFromPoint
GetSysColorBrush
LoadCursorW
SetLayeredWindowAttributes
SetRectEmpty
DeleteMenu
MapVirtualKeyA
GetKeyNameTextA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
RedrawWindow
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
UnpackDDElParam
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
DrawStateA
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
EndPaint
BeginPaint
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
UnhookWindowsHookEx
ScreenToClient
ClientToScreen
PtInRect
SetWindowContextHelpId
RegisterWindowMessageA
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetLastActivePopup
SendMessageA
SystemParametersInfoA
GetSystemMetrics
SetCursor
LoadCursorA
GetCursor
ReleaseDC
GetDC
DrawIcon
IsIconic
IsWindowEnabled
ShowOwnedPopups
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
IsWindowVisible
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
PostQuitMessage
CharUpperBuffA
CharLowerBuffA
CharUpperBuffW
CreateIcon
DestroyIcon
DrawIconEx
GetIconInfo
wvsprintfA
CharNextA
LoadStringA
GetKeyboardType
MonitorFromPoint
GetWindowDC
PostMessageA
GetParent
GetWindow
LockWindowUpdate
MonitorFromWindow
IsZoomed
SetWindowPos
GetWindowRect
InvertRect
HideCaret
RegisterClipboardFormatA
LoadImageW
FrameRect
CopyIcon
PostThreadMessageA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
IsClipboardFormatAvailable
GetUpdateRect
GetDoubleClickTime
IsCharLowerA
EnumDisplayMonitors
UnionRect
CopyRect
GetMonitorInfoA
ShowScrollBar
SendMessageW
SetFocus
GetWindowTextLengthA
GetSysColor
MapVirtualKeyExA
SubtractRect
DestroyCursor
GetWindowRgn
SetScrollInfo
GetClientRect
EnableWindow
LoadIconW
CharToOemA
DispatchMessageA
TranslateMessage
PeekMessageA
MsgWaitForMultipleObjects
CharUpperA
CharLowerA
SetWindowTextW
GetWindowTextW
MessageBoxA
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
GetClipboardData
GetWindowLongA
GetClassNameA
EnumChildWindows
GetWindowTextA
GetWindowThreadProcessId
LoadIconA
CreateWindowExA
GetDlgCtrlID
GetFocus
GetAsyncKeyState
GetMessageA
SetTimer
GetDesktopWindow
FillRect
BringWindowToTop
KillTimer
SetForegroundWindow
GetKeyState
SetRect
MapDialogRect
UpdateWindow
InvalidateRect

gdi32

GetOutlineTextMetricsW
GetOutlineTextMetricsA
GetKerningPairs
GetGlyphOutlineW
GetGlyphIndicesW
GetGlyphIndicesA
GetFontLanguageInfo
GetFontData
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileDescriptionA
GetEnhMetaFileBits
GetDeviceCaps
GetDIBColorTable
GetCurrentPositionEx
GetCharWidthW
GetCharWidth32W
GetBrushOrgEx
GetBitmapBits
GdiFlush
FillPath
ExtTextOutA
ExtEscape
EnumFontsA
EnumFontFamiliesExA
EnumEnhMetaFile
EndPath
EndPage
EndDoc
DeleteEnhMetaFile
CreateScalableFontResourceW
CreatePenIndirect
CreatePalette
CreateICA
CreateEnhMetaFileA
CreateDCA
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileA
CombineTransform
CloseFigure
CloseEnhMetaFile
BeginPath
AddFontResourceW
SaveDC
RestoreDC
SetPolyFillMode
SetMapMode
GetClipBox
ExcludeClipRect
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetPaletteEntries
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
GetObjectType
CreateHatchBrush
CopyMetaFileA
CreateRectRgnIndirect
EnumFontFamiliesA
GetTextCharsetInfo
GetBkColor
GetTextColor
GetRgnBox
CreateRoundRectRgn
SetRectRgn
GetMapMode
DPtoLP
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
GetNearestPaletteIndex
OffsetRgn
Rectangle
ExtFloodFill
LPtoDP
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
SetPixelV
GetPixel
GetSystemPaletteEntries
GetTextFaceA
GetWinMetaFileBits
GetWindowOrgEx
IntersectClipRect
MaskBlt
PatBlt
PlayEnhMetaFile
PolyBezierTo
RemoveFontResourceW
SetAbortProc
SetBkColor
SetBkMode
SetBrushOrgEx
GetStockObject
GetTextMetricsA
GetTextExtentPoint32A
SelectObject
CreateFontIndirectA
CreateSolidBrush
GetObjectA
DeleteObject
GetTextExtentPointW
CreateCompatibleBitmap
CreateHalftonePalette
CreateCompatibleDC
DeleteDC
CreateDIBitmap
GetDIBits
StretchBlt
BitBlt
LineTo
MoveToEx
CreatePen
CombineRgn
CreateDIBSection
RealizePalette
SelectPalette
UnrealizeObject
StrokePath
StrokeAndFillPath
StretchDIBits
StartPage
StartDocW
StartDocA
SetWinMetaFileBits
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
SetPaletteEntries
SetICMMode
SetEnhMetaFileBits
SetDIBColorTable

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
GetJobA
ClosePrinter
ord203
DeviceCapabilitiesA
EnumPrintersA
EnumPrintersW
SetJobA
OpenPrinterA

advapi32

DeregisterEventSource
ReportEventA
RegisterEventSourceA
RegCloseKey
RegQueryValueA
RegEnumKeyA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyExA
RegEnumValueA
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHFileOperationA
SHGetDesktopFolder
SHAppBarMessage
ShellExecuteA
DragQueryFileA
DragFinish
SHGetFileInfoA
SHGetMalloc
SHGetSpecialFolderLocation

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW

ole32

IsAccelerator
CoCreateGuid
CoInitialize
CoUninitialize
CoInitializeEx
CoCreateInstance
CoTaskMemFree
CLSIDFromProgID
CLSIDFromString
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
OleTranslateAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoRegisterMessageFilter
CoRevokeClassObject
OleLockRunning

oleaut32

SysReAllocStringLen
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopyInd
VariantCopy
GetErrorInfo
SysAllocStringByteLen
SysStringLen
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
VariantClear
VarBstrFromDate
VariantInit
SysFreeString
SysAllocString

oledlg

ord8

gdiplus

GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePalette
GdipDrawImageI
GdipFree
GdipAlloc
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipFillRectangleI
GdipDrawImageRectI
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipDisposeImage
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromScan0
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawString
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile

winmm

PlaySoundA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

ws2_32

htons
ntohl
ntohs
htonl

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CODE
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 371KB - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 413KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

084875f6299b0a43c5a7eb6be6fa96bb

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

fontsub

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

winmm

version

ws2_32

oleacc

imm32

Sections

.text Size: 3.6MB - Virtual size: 3.6MB

CODE Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 371KB - Virtual size: 3.9MB

DATA Size: 134KB - Virtual size: 134KB

BSS Size: 12KB - Virtual size: 12KB

.rsrc Size: 2.4MB - Virtual size: 2.4MB

.reloc Size: 413KB - Virtual size: 412KB

.text
Size: 3.6MB - Virtual size: 3.6MB

CODE
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 371KB - Virtual size: 3.9MB

DATA
Size: 134KB - Virtual size: 134KB

BSS
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

.reloc
Size: 413KB - Virtual size: 412KB