2024-06-29_b78ab54f88ec37606a7cd49269f40dd2_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-06-29_b78ab54f88ec37606a7cd49269f40dd2_mafia
Size

3.0MB
MD5

b78ab54f88ec37606a7cd49269f40dd2
SHA1

eb4b33595914122b411c9e21fe3e8a8bc1aa56b3
SHA256

f5a73de4dc65befb98c0900d0f04fc35c5fa29583d9119d9c5451ddb6a2fc421
SHA512

801a3a13e21435f3ff9fcfeae10969a0d59942cd30e7b3822b02cf3c2edf161e2014c165bbba9d49f140bd9cf67ca3c49fadb4aeee54643ceaf473b847ca3507
SSDEEP

49152:R4UZQ/cuVqMyTs9yYd3PhO1VMTG9JcwKc65f0Z:0kLDYluX2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-29_b78ab54f88ec37606a7cd49269f40dd2_mafia

Files

2024-06-29_b78ab54f88ec37606a7cd49269f40dd2_mafia
.exe windows:5 windows x86 arch:x86

e624853ee46da3be5ae8f9e5b08a6b89

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOverlappedResult
SetThreadPriority
DisconnectNamedPipe
FlushFileBuffers
GetTempPathW
GetLastError
GetCurrentDirectoryW
GetProcAddress
MoveFileW
EnterCriticalSection
FindClose
CreateEventW
RemoveDirectoryW
WaitForMultipleObjects
GetModuleHandleA
CancelIo
IsDebuggerPresent
FindNextFileW
GetFileAttributesExW
QueryPerformanceFrequency
DeleteCriticalSection
GetCurrentThreadId
SetThreadAffinityMask
ReleaseMutex
CloseHandle
DeleteFileW
GetVolumeInformationW
GetCommandLineW
GlobalSize
GlobalLock
GlobalAlloc
GlobalUnlock
GetCurrentProcessId
SetEnvironmentVariableA
CompareStringW
SetStdHandle
GetConsoleMode
GetConsoleCP
GetTickCount
GetFileType
CreateFileW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
InitializeCriticalSectionAndSpinCount
GetStringTypeW
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
HeapSize
GetStdHandle
GetModuleHandleW
HeapCreate
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
MultiByteToWideChar
LCMapStringW
RtlUnwind
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetSystemTimeAsFileTime
GetTimeZoneInformation
WideCharToMultiByte
GetDateFormatW
GetTimeFormatW
CreateThread
ExitThread
HeapReAlloc
HeapAlloc
HeapFree
DecodePointer
EncodePointer
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
ReadFile
TerminateProcess
GetFileAttributesW
LeaveCriticalSection
IsProcessorFeaturePresent
GetVersionExW
FormatMessageW
CopyFileW
Sleep
GetLocaleInfoW
TerminateThread
LoadLibraryW
InitializeCriticalSection
WriteFile
SetFileTime
GetCurrentThread
OutputDebugStringW
ConnectNamedPipe
SetEvent
WaitForSingleObject
CreateDirectoryW
QueryPerformanceCounter
GetLogicalDriveStringsW
GetCurrentProcess
FreeLibrary
ExitProcess
GetDriveTypeW
SetFilePointer
GetNativeSystemInfo
FindFirstFileW
CreateMutexW
SetHandleCount
WriteConsoleW

user32

TrackMouseEvent
GetParent
SetForegroundWindow
SetCapture
GetMessageExtraInfo
IsChild
GetWindowRect
GetWindowThreadProcessId
AttachThreadInput
DispatchMessageW
DefWindowProcW
CreateWindowExW
SendMessageTimeoutW
PeekMessageW
GetWindowTextW
GetWindowLongW
RegisterClassExW
GetUpdateRgn
CloseClipboard
EnumDisplayMonitors
SetCursor
EndPaint
MoveWindow
CallWindowProcW
TranslateMessage
EnumWindows
SetFocus
GetSystemMenu
PostMessageW
UnregisterClassW
GetMessageW
DestroyWindow
ReleaseDC
GetDC
GetMessagePos
GetMessageTime
DestroyIcon
SetWindowTextW
SetClipboardData
SendMessageW
SetCaretPos
IsWindowVisible
GetSystemMetrics
ReleaseCapture
MessageBoxW
OpenClipboard
CreateCaret
GetActiveWindow
ShowWindow
SetLayeredWindowAttributes
GetCursorPos
SetWindowPos
GetDesktopWindow
DestroyCaret
DestroyCursor
RedrawWindow
SetWindowLongW
EmptyClipboard
EnableMenuItem
SystemParametersInfoW
GetClipboardData
GetAncestor
SetCursorPos
InvalidateRect
GetAsyncKeyState
GetWindowPlacement
GetFocus
MapVirtualKeyW
GetForegroundWindow
GetCapture
GetIconInfo
CreateIconIndirect
BeginPaint
ShowCaret
LoadCursorW
GetWindowInfo
MessageBeep
WindowFromPoint
GetClientRect

gdi32

CreateCompatibleDC
GetOutlineTextMetricsW
SetMapperFlags
GetKerningPairsW
EnumFontFamiliesExW
GetGlyphOutlineW
SelectObject
CombineRgn
CreateRectRgnIndirect
GetRegionData
CreateBitmap
ExcludeClipRect
CreateDIBSection
DeleteObject
CreateFontIndirectW
GetDeviceCaps
DeleteDC
GetTextMetricsW
RestoreDC
GetPixel
CreateRectRgn
GetObjectW
StretchDIBits
GetGlyphIndicesW
SetMapMode
SaveDC

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

GetUserNameW

shell32

SHGetPathFromIDListW
SHFileOperationW
Shell_NotifyIconW
ExtractAssociatedIconW
ShellExecuteW
SHGetMalloc
SHBrowseForFolderW
SHGetSpecialFolderPathW

ole32

OleCreate
OleSetContainedObject
RegisterDragDrop
CoTaskMemAlloc
DoDragDrop
RevokeDragDrop
OleUninitialize
OleInitialize
CoCreateInstance

oleaut32

SafeArrayUnaccessData
VariantInit
SafeArrayAccessData
SafeArrayCreateVector
VariantClear
SysAllocString

wininet

HttpQueryInfoW
HttpEndRequestW
InternetCloseHandle
HttpOpenRequestW
InternetSetFilePointer
InternetOpenW
HttpSendRequestExW
InternetCrackUrlW
FtpOpenFileW
InternetReadFile
InternetConnectW
InternetWriteFile
InternetSetOptionW

ws2_32

__WSAFDIsSet
closesocket
getsockopt
accept
setsockopt
select
inet_ntoa
recv
WSAStartup

shlwapi

PathStripToRootW

winmm

timeGetTime
timeBeginPeriod
timeKillEvent

imm32

ImmGetContext
ImmGetCompositionStringW
ImmSetCandidateWindow
ImmNotifyIME
ImmReleaseContext

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 599KB - Virtual size: 599KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e624853ee46da3be5ae8f9e5b08a6b89

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

wininet

ws2_32

shlwapi

winmm

imm32

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 599KB - Virtual size: 599KB

.data Size: 31KB - Virtual size: 50KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 31KB - Virtual size: 30KB

.reloc Size: 160KB - Virtual size: 159KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 599KB - Virtual size: 599KB

.data
Size: 31KB - Virtual size: 50KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 31KB - Virtual size: 30KB

.reloc
Size: 160KB - Virtual size: 159KB