2024-06-27_1554c91cb3c235d4585a67a7979a21b9_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-27_1554c91cb3c235d4585a67a7979a21b9_mafia
Size

1.6MB
MD5

1554c91cb3c235d4585a67a7979a21b9
SHA1

93dac126f432ab024dba469d6a5ae23dd11ec90c
SHA256

7fee6c5473a2cdbe161f279ccb57030421886ea678089bca3ed8e4662c9468fa
SHA512

4be9ef598034f650f00bc2366f46a3847b7628277241701d4899629fce02bd275b1f6223f5fd4e93a63f3865778015300d0efcbda61b62a41e18f6c86815c181
SSDEEP

24576:nHkx4tXC4ZN9o5Jxj8gjCujZhLpytsolgVm:HEhLpyBWw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-27_1554c91cb3c235d4585a67a7979a21b9_mafia

Files

2024-06-27_1554c91cb3c235d4585a67a7979a21b9_mafia
.exe windows:5 windows x86 arch:x86

0082205519a843329556c2d9618fd53a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\BigAnt_PC_5.X\WindowsClient\tags\ssid\bin\Release\BigAntExternal.pdb

Imports

libcef

cef_cookie_manager_get_global_manager
cef_stream_reader_create_for_data
cef_stream_reader_create_for_handler
cef_process_message_create
cef_v8value_create_undefined
cef_v8value_create_null
cef_v8value_create_bool
cef_v8value_create_int
cef_v8value_create_uint
cef_v8value_create_double
cef_v8value_create_date
cef_v8value_create_string
cef_v8value_create_object
cef_v8value_create_array
cef_v8value_create_function
cef_v8context_get_current_context
cef_string_list_append
cef_string_map_append
cef_string_multimap_append
cef_string_list_value
cef_string_list_size
cef_string_map_value
cef_string_map_key
cef_string_map_size
cef_string_multimap_value
cef_string_multimap_key
cef_string_multimap_size
cef_string_list_copy
cef_parse_url
cef_post_task
cef_register_scheme_handler_factory
cef_initialize
cef_execute_process
cef_currently_on
cef_run_message_loop
cef_shutdown
cef_string_map_alloc
cef_string_map_free
cef_string_list_alloc
cef_string_list_free
cef_command_line_get_global
cef_api_hash
cef_command_line_create
cef_string_multimap_alloc
cef_string_multimap_free
cef_string_userfree_utf16_free
cef_log
cef_browser_host_create_browser
cef_string_utf8_clear
cef_string_utf16_clear
cef_string_utf8_to_utf16
cef_string_utf16_set
cef_string_utf16_cmp
cef_time_now
cef_time_delta
cef_string_utf16_to_utf8

libcurl

curl_easy_setopt
curl_easy_perform
curl_formadd
curl_easy_init
curl_slist_append

kernel32

GetTickCount
FindResourceW
LoadResource
SizeofResource
LockResource
GlobalLock
WaitForSingleObject
GlobalAlloc
GlobalUnlock
OpenEventW
GetCommandLineW
CreateThread
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MulDiv
GetProcAddress
GetModuleFileNameW
GetFileAttributesW
GetModuleHandleW
CreateDirectoryW
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
lstrlenA
CreateFileW
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetFilePointer
LoadLibraryW
CreateFileA
WriteConsoleW
SetStdHandle
FlushFileBuffers
SetEndOfFile
GetProcessHeap
ReadFile
CloseHandle
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleMode
InterlockedExchange
EncodePointer
DecodePointer
GetConsoleCP
GetFileType
SetHandleCount
HeapSize
GetLocaleInfoW
GetStdHandle
WriteFile
ExitProcess
HeapCreate
GetStringTypeW
IsProcessorFeaturePresent
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
LCMapStringW
RtlUnwind
GetCPInfo
RaiseException
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
HeapSetInformation
GetCurrentThreadId
ExitThread
HeapReAlloc
HeapAlloc
HeapFree
InitializeCriticalSection
Sleep

gdi32

CreateDIBSection
PtInRegion
CreateRectRgn
TextOutW
CreateFontIndirectW
GetStockObject
SelectClipRgn
BitBlt
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
CreateSolidBrush
SetBkMode
CreateRectRgnIndirect
CombineRgn
MoveToEx
GetTextExtentPoint32W
LineTo
SetTextColor
GetDeviceCaps
DeleteObject
SelectObject
CreatePen
CreateRoundRectRgn

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW

shell32

SHGetSpecialFolderLocation
SHGetFolderPathW
SHGetPathFromIDListW
SHGetMalloc

user32

GetWindowPlacement
SetWindowPlacement
GetWindowRgn
GetFocus
UpdateLayeredWindow
GetMessageW
PostQuitMessage
KillTimer
TranslateMessage
EmptyClipboard
OpenClipboard
UpdateWindow
SetClipboardData
DispatchMessageW
GetWindowTextLengthW
SetWindowRgn
RegisterWindowMessageW
SetWindowPos
FillRect
IsZoomed
DrawIconEx
SetPropW
GetWindowTextW
SystemParametersInfoW
SendMessageW
DestroyIcon
GetPropW
CallWindowProcW
InvalidateRgn
IntersectRect
InvalidateRect
GetParent
EnableWindow
SetWindowTextW
ShowWindow
GetMonitorInfoW
MonitorFromRect
CloseClipboard
IsIconic
LoadStringW
LoadStringA
CharNextW
ReleaseDC
OffsetRect
GetDC
PtInRect
DrawTextW
PostMessageW
DefWindowProcW
ReleaseCapture
CreateWindowExW
IsWindow
GetCursorPos
SetWindowLongW
SetClassLongW
GetAncestor
GetWindowLongW
LoadIconW
RegisterClassExW
BeginPaint
SetFocus
GetClientRect
LoadCursorW
TrackMouseEvent
SetCapture
GetWindowRect
ScreenToClient
SetCursor
DestroyWindow
EndPaint
SetTimer

gdiplus

GdipDeleteBrush
GdipFree
GdipCloneBrush
GdipDeleteGraphics
GdipCreateSolidFill
GdipAlloc
GdipDeletePath
GdipSetSolidFillColor
GdipFillPath
GdipFillRectangleI
GdipGetImageHeight
GdipDrawImageRectRectI
GdipDrawImageRectI
GdipLoadImageFromFile
GdipImageGetFrameDimensionsList
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipDisposeImage
GdipCreateBitmapFromFile
GdipGetPropertyItemSize
GdipCreateHBITMAPFromBitmap
GdipCreateFromHDC
GdipImageGetFrameDimensionsCount
GdipCloneImage
GdipGetImageWidth
GdipImageGetFrameCount
GdipSetImageAttributesColorMatrix
GdipSetImageAttributesWrapMode
GdipSetSmoothingMode
GdipAddPathLineI
GdipAddPathArcI
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipCreatePath
GdiplusStartup

Sections

.text
Size: 438KB - Virtual size: 437KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0082205519a843329556c2d9618fd53a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

libcef

libcurl

kernel32

gdi32

advapi32

shell32

user32

gdiplus

Sections

.text Size: 438KB - Virtual size: 437KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 11KB - Virtual size: 20KB

.rsrc Size: 1.0MB - Virtual size: 1.0MB

.reloc Size: 42KB - Virtual size: 41KB

.text
Size: 438KB - Virtual size: 437KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 11KB - Virtual size: 20KB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

.reloc
Size: 42KB - Virtual size: 41KB