2024-06-27_37c4fb9eb02ba856fa5c5cc6e87f471b_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-06-27_37c4fb9eb02ba856fa5c5cc6e87f471b_mafia
Size

5.6MB
MD5

37c4fb9eb02ba856fa5c5cc6e87f471b
SHA1

8b5eeea786e2af0e59b2d98ed319bc44899e3904
SHA256

a65f7cb3b72e8444f6f862b8cfd79d7a10449fc03a72afc69284a06eaf512a9c
SHA512

100fe6989227cd48d94f0a3c2073a72e04210874abe4b868e3ae021e42ab56f619ec47c2ee70c5798d7dce63510be11831ffbc188406a8ec7d518c8fe3e8438e
SSDEEP

98304:i0/2S+avHMJVDmHdMEhNGyeMNt+0ikEza9pWFUZDDNKCS:i0/V+a1ZIMfaGpWFUZTS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-27_37c4fb9eb02ba856fa5c5cc6e87f471b_mafia

Files

2024-06-27_37c4fb9eb02ba856fa5c5cc6e87f471b_mafia
.exe windows:5 windows x86 arch:x86

95d9a02ff7febbef34ba690640dc7dac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\dvs\p4\build\sw\rel\gpu_drv\r310\r310_00\drivers\ui\Sedona\Sedona\Win32\Release\bin\nvCplUI.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

rpcrt4

UuidFromStringW

gdiplus

GdipSetStringFormatAlign
GdipCreateFromHDC
GdipSetTextRenderingHint
GdipDrawString
GdipMeasureString
GdipDrawImageRectI
GdipCreateFontFromDC
GdipCreateFontFromLogfontW
GdipCreateFont
GdipGetLogFontW
GdipCreateSolidFill
GdipGetDpiY
GdipGetFontHeightGivenDPI
GdipLoadImageFromStream
GdipDisposeImage
GdipCloneImage
GdipDeleteFontFamily
GdiplusStartup
GdipGetFontHeight
GdipGetImageHeight
GdipGetImageWidth
GdipCloneBrush
GdipDeleteFont
GdipCreateFontFamilyFromName
GdipDeleteGraphics
GdipDeleteStringFormat
GdipCreateStringFormat
GdipAlloc
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdiplusShutdown
GdipDeleteBrush
GdipFree

wtsapi32

WTSUnRegisterSessionNotification
WTSQueryUserToken
WTSRegisterSessionNotification

shlwapi

PathFindFileNameW
PathFileExistsW
SHGetValueW
SHSetValueW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW

comctl32

ImageList_GetIconSize
ImageList_Add
ImageList_Create
ord17
InitCommonControlsEx

msimg32

TransparentBlt
AlphaBlend

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW

kernel32

TlsFree
SetErrorMode
GlobalFlags
lstrlenA
lstrcpyW
GetCurrentDirectoryW
GetWindowsDirectoryW
GetNumberFormatW
Sleep
VirtualProtect
GetCommandLineW
GlobalHandle
GetStartupInfoW
DecodePointer
EncodePointer
RtlUnwind
HeapAlloc
HeapFree
GetTimeFormatW
GetDateFormatW
GetTimeFormatA
GetDateFormatA
HeapReAlloc
ExitThread
CreateThread
ExitProcess
HeapSize
HeapQueryInformation
VirtualAlloc
GetSystemInfo
VirtualQuery
SetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
IsProcessorFeaturePresent
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
GetConsoleCP
GetConsoleMode
LCMapStringW
GetTimeZoneInformation
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
GlobalReAlloc
TlsGetValue
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileAttributesExW
GetTempPathW
GetProfileIntW
SearchPathW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
ConvertDefaultLocale
GetSystemDefaultUILanguage
CompareStringA
GlobalGetAtomNameW
GetShortPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
MoveFileW
DeleteFileW
GetStringTypeExW
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
LocalReAlloc
ReplaceFileW
SystemTimeToFileTime
GetUserDefaultLCID
ResumeThread
SetThreadPriority
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
ReleaseActCtx
CreateActCtxW
CopyFileW
GlobalSize
LoadLibraryA
ExpandEnvironmentStringsA
lstrcpynW
FindResourceExW
FreeResource
GetModuleHandleExA
OpenMutexW
GetVersionExW
WideCharToMultiByte
WriteFile
GetFileSizeEx
QueryPerformanceFrequency
QueryPerformanceCounter
InterlockedExchangeAdd
SetEvent
ExpandEnvironmentStringsW
CreateEventA
InterlockedCompareExchange
GetProcessTimes
GetSystemTimeAsFileTime
GetSystemDirectoryW
SetThreadLocale
SetThreadUILanguage
GetCurrentThread
LocalAlloc
InterlockedExchange
GetLocalTime
CreateFileW
GetComputerNameW
GetTickCount
CreateMutexW
WaitForSingleObject
ReleaseMutex
OutputDebugStringW
GetUserDefaultLangID
GetLocaleInfoW
lstrcmpW
FindFirstFileW
FindClose
GetFileAttributesW
IsWow64Process
GetEnvironmentVariableW
CreateProcessW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
lstrcatW
LoadLibraryExW
FreeLibrary
GetModuleFileNameW
MulDiv
InterlockedIncrement
ActivateActCtx
DeactivateActCtx
GetCurrentProcess
FlushInstructionCache
lstrcmpiW
GetModuleHandleW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrlenW
GetCurrentThreadId
IsBadReadPtr
GetThreadLocale
GetLastError
SetLastError
LoadLibraryW
GetProcAddress
GetSystemDefaultLCID
GetCurrentProcessId
ProcessIdToSessionId
GetUserDefaultUILanguage
CloseHandle
FormatMessageW
MultiByteToWideChar
InterlockedDecrement
FindResourceW
LoadResource
LockResource
SizeofResource
LocalFree
TlsSetValue
TlsAlloc
SetFileTime
InitializeCriticalSection
InterlockedPushEntrySList
VirtualFree
InterlockedPopEntrySList
RemoveDirectoryW
CreateDirectoryW
FormatMessageA
HeapSetInformation

user32

HideCaret
InvertRect
GetAsyncKeyState
GetMenuDefaultItem
CreateMenu
GetTabbedTextExtentW
IsClipboardFormatAvailable
PostThreadMessageW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
SetLayeredWindowAttributes
RealChildWindowFromPoint
UnregisterClassW
UnionRect
MonitorFromPoint
LockWindowUpdate
RegisterClipboardFormatW
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
UnregisterClassA
CreateDialogIndirectParamW
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
CharUpperW
MapVirtualKeyW
GetKeyNameTextW
GetMessageW
GetActiveWindow
ValidateRect
CheckDlgButton
SendDlgItemMessageA
GetCapture
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
SetActiveWindow
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
GetClassInfoExW
GetClassInfoW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetLastActivePopup
MessageBoxW
GetWindowDC
GrayStringW
DrawTextExW
TabbedTextOutW
GetMenuState
GetMenuStringW
SetRectEmpty
ChangeDisplaySettingsExW
BroadcastSystemMessageW
GetWindowThreadProcessId
PeekMessageW
DispatchMessageW
TranslateMessage
GetShellWindow
GetUpdateRect
DestroyCursor
CallWindowProcW
GetClassLongW
BeginDeferWindowPos
EndDeferWindowPos
ReleaseCapture
SetCapture
GetDCEx
GetSystemMenu
SystemParametersInfoW
DrawEdge
EnableScrollBar
SetDlgItemTextW
SendDlgItemMessageW
MapWindowPoints
SetWindowPos
FillRect
LoadImageW
DrawIcon
SetParent
IsIconic
SetForegroundWindow
EnumWindows
FindWindowExW
GetDlgItem
SetWindowTextW
EnumDisplayDevicesW
GetCursorPos
OffsetRect
IsChild
InflateRect
GetKeyState
GetClassNameW
SetFocus
DestroyMenu
LoadMenuIndirectW
GetMenuItemInfoW
DeleteMenu
WindowFromPoint
ScreenToClient
EnumDisplayMonitors
GetMonitorInfoW
DialogBoxParamW
IsWindowEnabled
CharLowerW
NotifyWinEvent
GetIconInfo
CopyImage
CreateWindowExW
LockSetForegroundWindow
GetNextDlgTabItem
GetFocus
UpdateWindow
LoadMenuW
RemoveMenu
InsertMenuW
GetSubMenu
GetMenuItemID
GetMenuItemCount
AppendMenuW
CreatePopupMenu
SendNotifyMessageW
FindWindowW
EnumDisplaySettingsW
GetDesktopWindow
SetRect
GetWindow
wsprintfW
CopyRect
GetWindowTextLengthW
GetWindowTextW
DrawTextW
RegisterClassW
DefWindowProcW
BeginPaint
EndPaint
IsRectEmpty
GetDlgCtrlID
GetWindowLongW
GetParent
IntersectRect
TrackMouseEvent
SetCursor
DestroyIcon
GetSystemMetrics
WinHelpW
GetDC
ReleaseDC
GetDialogBaseUnits
IsDialogMessageW
MoveWindow
GetWindowRgn
SubtractRect
GetDoubleClickTime
CharUpperBuffW
CopyIcon
FrameRect
SetMenuDefaultItem
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
IsMenu
UpdateLayeredWindow
MapVirtualKeyExW
ShowWindow
CreateDialogParamW
SetWindowLongW
DestroyWindow
CharNextW
LoadCursorW
GetSysColorBrush
RegisterClassExW
GetSysColor
SetWindowsHookExW
CallNextHookEx
LoadIconW
DrawIconEx
ClientToScreen
UnhookWindowsHookEx
KillTimer
SetTimer
RedrawWindow
IsWindowVisible
GetClientRect
SetWindowRgn
DrawFrameControl
PtInRect
MessageBoxExW
IsWindow
PostMessageW
EnableWindow
InvalidateRect
GetWindowRect
SendMessageW
RegisterWindowMessageW
LoadBitmapW
DrawStateW
SetClassLongW
IsCharLowerW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
WaitMessage
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
EndDialog
ToUnicodeEx
IsDlgButtonChecked
DestroyAcceleratorTable
DrawFocusRect
IsZoomed

gdi32

CreatePolygonRgn
CreateRoundRectRgn
CombineRgn
GetRgnBox
FrameRgn
GetCurrentObject
DeleteObject
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
CreateHatchBrush
SetRectRgn
GetBkColor
CreateEllipticRgn
IntersectClipRect
LPtoDP
Ellipse
GetCharWidthW
CreateFontW
CreateSolidBrush
StartPage
EndPage
SetAbortProc
GetTextExtentPoint32W
EndDoc
CreateRectRgn
CreateDIBitmap
GetTextCharsetInfo
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetWindowOrgEx
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
Polyline
Polygon
SetDIBColorTable
StretchBlt
SetPixel
OffsetRgn
EnumFontFamiliesExW
PtInRegion
FillRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetViewportOrgEx
CreateFontIndirectW
ExcludeClipRect
GetStockObject
BitBlt
SelectObject
GetDeviceCaps
CreateCompatibleDC
AbortDoc
GetObjectW
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
Escape
TextOutW
RectVisible
PtVisible
StartDocW
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
SetLayout
GetLayout
GetBitmapDimensionEx
SetBitmapDimensionEx
SetTextAlign
MoveToEx
LineTo
StretchDIBits
CreateBitmap
SetStretchBltMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
CopyMetaFileW
CreateDCW
DPtoLP
GetMapMode
SetMapMode
SetBkColor
SetTextColor
CreateDIBSection
SetDIBitsToDevice
SetViewportOrgEx
PatBlt
Rectangle
CreatePen
GetTextColor
EnumFontFamiliesW
ExtTextOutW
CreateRectRgnIndirect
OffsetWindowOrgEx
SetBkMode
GetClipBox
CreateCompatibleBitmap
DeleteDC
GetTextFaceW
GetTextMetricsW
GetTextExtentPointW

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter
GetJobW

advapi32

RegEnumKeyW
GetFileSecurityW
SetFileSecurityW
RegSetValueW
RegOpenKeyExA
RegQueryValueExA
RegEnumValueW
TraceMessage
GetTokenInformation
ImpersonateSelf
OpenThreadToken
OpenProcessToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
FreeSid
UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
ImpersonateLoggedOnUser
RevertToSelf
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegQueryValueW

shell32

ShellExecuteExW
SHGetFolderPathW
ShellExecuteW
DragFinish
SHGetFileInfoW
SHBrowseForFolderW
SHAppBarMessage
ExtractAssociatedIconW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetDesktopFolder
ExtractIconW
SHAddToRecentDocs
DragQueryFileW

ole32

StringFromCLSID
StringFromGUID2
CLSIDFromString
CreateStreamOnHGlobal
CoGetMalloc
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
ReleaseStgMedium
OleDuplicateData
CoUninitialize
CoInitializeEx
CoCreateGuid
CLSIDFromProgID
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
DoDragDrop
OleGetClipboard
CoLockObjectExternal
CoRevokeClassObject
CoRegisterClassObject

oleaut32

VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
OleCreateFontIndirect
VariantCopy
VariantInit
VariantClear
VariantChangeType
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SysAllocStringLen
VarUI4FromStr
SysAllocString
SysStringLen
SysFreeString

oledlg

OleUIBusyW

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

winmm

PlaySoundW

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 390KB - Virtual size: 390KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 211KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95d9a02ff7febbef34ba690640dc7dac

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

rpcrt4

gdiplus

wtsapi32

shlwapi

comctl32

msimg32

setupapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

ole32

oleaut32

oledlg

oleacc

winmm

imm32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 390KB - Virtual size: 390KB

.data Size: 43KB - Virtual size: 75KB

.rsrc Size: 3.4MB - Virtual size: 3.4MB

.reloc Size: 211KB - Virtual size: 210KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 390KB - Virtual size: 390KB

.data
Size: 43KB - Virtual size: 75KB

.rsrc
Size: 3.4MB - Virtual size: 3.4MB

.reloc
Size: 211KB - Virtual size: 210KB