2024-07-07_9bc9a8f8e4b15b2c3c7296676b313e0c_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-07_9bc9a8f8e4b15b2c3c7296676b313e0c_mafia
Size

3.6MB
MD5

9bc9a8f8e4b15b2c3c7296676b313e0c
SHA1

3fbe544eb8b4d90f48e1575fc096775a0a7b65cf
SHA256

5422f8765938894f5fd4d53264c8885d78f1a47c3ac4311054ee2461fcc129d2
SHA512

f75eb5011242d48ec741e34f9e7b55dbe410fa01befdee334767d8125b89010d3c9ba60d65014f1643fed6445c455b159c459ee2451cce0f47d170b8555ab2d8
SSDEEP

49152:7hGVRz3jL1DveYadR+B7448o2eQg9+W/5CU3WdTWWrpcL69PWot:q1e9w0d4/5CuWr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-07_9bc9a8f8e4b15b2c3c7296676b313e0c_mafia

Files

2024-07-07_9bc9a8f8e4b15b2c3c7296676b313e0c_mafia
.exe windows:5 windows x86 arch:x86

9786447d71e2216b8930fdd21c9e0fbe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW
ChooseColorW
ChooseFontW
PrintDlgW
PageSetupDlgW

gdi32

EndDoc
StartPage
EndPage
StartDocW
CreateDCW
EnumFontFamiliesExW
GetSystemPaletteEntries
GetEnhMetaFileW
CopyEnhMetaFileW
DeleteEnhMetaFile
DeleteDC
SetAbortProc
GetObjectW
DeleteObject
GetTextMetricsW
SelectObject
GdiFlush
RealizePalette
SelectPalette
GetTextExtentPoint32W
CreateRectRgn
ExcludeClipRect
CreateFontIndirectW
GetDeviceCaps
OffsetRgn
ExtCreateRegion
GetRegionData
GetPaletteEntries
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
CreateBitmap
SetBkColor
SetTextColor
SetBkMode
LineTo
MoveToEx
CreateSolidBrush
GetStockObject
CreatePen
CreateICW
CombineRgn
CreateRectRgnIndirect
RestoreDC
SaveDC
SetStretchBltMode
GetClipBox
ExtSelectClipRgn
ExtFloodFill
GetPixel
SetPixel
Polyline
PolyBezier
TextOutW
SetROP2
GetCharABCWidthsW
GetTextExtentExPointW
SetWindowOrgEx
SetViewportOrgEx
SetWindowExtEx
SetViewportExtEx
SetMapMode
GetBkColor
GetTextColor
SelectClipRgn
Arc
Pie
Polygon
SetPolyFillMode
PolyPolygon
Rectangle
RoundRect
Ellipse
SetBrushOrgEx
MaskBlt
StretchBlt
StretchDIBits
CreatePatternBrush
GetRgnBox
EqualRgn
PtInRegion
RectInRegion
CreatePolygonRgn
ExtCreatePen
CreateHatchBrush
GetNearestPaletteIndex
CreatePalette
PatBlt
SetTextAlign
CreateDIBSection
GetDIBits
CreateDIBitmap
GetDIBColorTable

kernel32

GetLocaleInfoA
EnumSystemLocalesA
WriteConsoleW
CompareStringW
SetEndOfFile
SetEnvironmentVariableA
lstrlenA
SetLastError
GlobalAlloc
GlobalFree
GetLastError
GetCurrentThreadId
LCMapStringW
GetStringTypeW
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
SetHandleCount
HeapCreate
GetOEMCP
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetDriveTypeW
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetTimeFormatW
GetFullPathNameW
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
HeapReAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapAlloc
HeapFree
EncodePointer
DecodePointer
RtlUnwind
LoadLibraryA
SetStdHandle
MoveFileW
DeleteFileW
CreateDirectoryW
GetCurrentDirectoryW
GetSystemDirectoryW
GetUserDefaultLangID
GetSystemDefaultLangID
GetProcessHeap
HeapSize
GlobalLock
GlobalSize
GlobalUnlock
GetCommandLineW
LocalAlloc
SetErrorMode
RaiseException
FindNextFileW
ExpandEnvironmentStringsW
OutputDebugStringW
GetStdHandle
WriteFile
ReadFile
GetTempFileNameW
GetFileTime
FindFirstFileW
FindClose
GetTempPathW
FileTimeToLocalFileTime
FileTimeToSystemTime
ExitProcess
TlsAlloc
TlsSetValue
TlsFree
TlsGetValue
InterlockedDecrement
InterlockedIncrement
ReleaseMutex
GetDateFormatW
GetACP
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
GetEnvironmentVariableW
GetCurrentProcessId
GetVersionExW
Sleep
GetCPInfo
IsValidCodePage
GetProcAddress
GetModuleHandleW
SetEnvironmentVariableW
GetCurrentProcess
GetModuleFileNameW
WaitForSingleObject
TerminateProcess
CloseHandle
GetFileType
GetFileAttributesW
CopyFileW
SetCurrentDirectoryW
GetWindowsDirectoryW
CreateFileW
GetTimeZoneInformation
GetThreadLocale
LocalFree
FormatMessageW
WideCharToMultiByte
MultiByteToWideChar
FreeLibrary
LoadLibraryW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateMutexW

ole32

CoCreateInstance
OleUninitialize
OleInitialize
RegisterDragDrop
CoLockObjectExternal
ReleaseStgMedium
OleSetClipboard
RevokeDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard

user32

DefMDIChildProcW
TranslateMDISysAccel
DefFrameProcW
RegisterClipboardFormatW
GetMessagePos
InsertMenuItemW
GetSubMenu
CreateMenu
AppendMenuW
InsertMenuW
RemoveMenu
DestroyMenu
CreatePopupMenu
SetMenuItemInfoW
MapWindowPoints
GetClassInfoW
DrawIconEx
DrawFrameControl
GetWindowDC
ChildWindowFromPoint
TranslateAcceleratorW
CreateAcceleratorTableW
DestroyAcceleratorTable
OffsetRect
CopyRect
DestroyCursor
DrawFocusRect
DrawTextW
KillTimer
SetTimer
GetWindowTextW
GetClassNameW
GetWindowTextLengthW
HideCaret
OpenClipboard
IsClipboardFormatAvailable
CloseClipboard
keybd_event
UnionRect
GetForegroundWindow
ModifyMenuW
CheckMenuRadioItem
CheckMenuItem
GetMenuState
CreateIconIndirect
CreateDialogIndirectParamW
FlashWindow
SetWindowRgn
GetMenu
AdjustWindowRectEx
GetSystemMenu
EnableMenuItem
DrawMenuBar
GetDesktopWindow
IsIconic
IsZoomed
BringWindowToTop
GetMenuStringW
CreateDialogParamW
InflateRect
GetUpdateRgn
GetSysColor
IsDialogMessageW
TrackPopupMenu
IsWindow
PtInRect
GetCapture
UnregisterHotKey
RegisterHotKey
CallNextHookEx
GetActiveWindow
GetMenuItemCount
GetMenuItemInfoW
SystemParametersInfoW
GetMessageTime
GetWindow
BeginDeferWindowPos
EndDeferWindowPos
InvalidateRect
SetWindowTextW
GetFocus
IsWindowEnabled
IsWindowVisible
CallWindowProcW
DeferWindowPos
MoveWindow
ClientToScreen
ScreenToClient
UpdateWindow
RedrawWindow
SetParent
GetCursorPos
WindowFromPoint
GetParent
ScrollWindow
SetScrollInfo
GetScrollInfo
SetWindowsHookExW
GetWindowRect
SetCursorPos
ReleaseCapture
SetCapture
ShowWindow
EnableWindow
SetFocus
SetWindowLongW
GetWindowLongW
FillRect
GetMessageW
ValidateRect
GetAsyncKeyState
VkKeyScanW
GetDC
ReleaseDC
DispatchMessageW
TranslateMessage
PostQuitMessage
LoadImageW
DestroyIcon
GetIconInfo
DrawEdge
DrawStateW
ChangeDisplaySettingsW
EnumDisplaySettingsW
SetClipboardData
ShowCursor
GetMonitorInfoW
EnumDisplayMonitors
SetWindowPos
UnhookWindowsHookEx
MessageBoxA
wvsprintfA
GetDlgItem
DestroyWindow
SendMessageW
CreateWindowExW
MessageBeep
RegisterClassW
PostMessageW
MessageBoxW
PostThreadMessageW
DefWindowProcW
wsprintfA
PeekMessageW
DdeFreeStringHandle
DdeQueryStringW
DdeUninitialize
DdeFreeDataHandle
DdeGetData
DdeCreateDataHandle
DdeGetLastError
DdeInitializeW
DdeDisconnect
DdeClientTransaction
DdeCreateStringHandleW
DdeNameService
DdeConnect
DdePostAdvise
SetCursor
LoadCursorW
SetForegroundWindow
SetMenu
EndPaint
DrawIcon
GetClientRect
BeginPaint
GetUpdateRect
GetKeyState
UnregisterClassW
LoadIconW
LoadBitmapW
GetSystemMetrics

winspool.drv

DocumentPropertiesW
ClosePrinter
EnumPrintersW
OpenPrinterW

advapi32

RegQueryValueExW
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegCloseKey

comctl32

ImageList_SetDragCursorImage
ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_DragMove
ImageList_EndDrag
ImageList_Destroy
CreateStatusWindowW
ImageList_Create
ImageList_BeginDrag
ImageList_Add
ord17
ImageList_GetIconSize
ImageList_Draw
ImageList_GetImageCount
ImageList_DragLeave
ord16

gdiplus

GdiplusStartup
GdipCloneMatrix
GdipGetFamily
GdipGetLineSpacing
GdipGetCellDescent
GdipGetCellAscent
GdipGetEmHeight
GdipCreateRegionHrgn
GdipCloneBrush
GdipClonePath
GdipCloneImage
GdipGetDC
GdipReleaseDC
GdipGetFontSize
GdipIsMatrixEqual
GdipFree
GdipAlloc
GdipDeleteMatrix
GdipDeleteBrush
GdipCreatePen1
GdipDeletePen
GdipCloneStringFormat
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipCreatePath
GdipDeletePath
GdipSetPathGradientCenterColor
GdipGetPathGradientPointCount
GdipSetPathGradientSurroundColorsWithCount
GdipSetPathGradientCenterPoint
GdipDeleteGraphics
GdipGetPathWorldBounds
GdipIsVisiblePathPoint
GdipDeleteRegion
GdipGetRegionBounds
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily
GdipCreateFont
GdipDeleteFont
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromHICON
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipBitmapGetPixel
GdiplusShutdown
GdipCreateMatrix
GdipGetMatrixElements
GdipSetMatrixElements
GdipMultiplyMatrix
GdipTranslateMatrix
GdipScaleMatrix
GdipRotateMatrix
GdipInvertMatrix
GdipTransformMatrixPoints
GdipVectorTransformMatrixPoints
GdipIsMatrixIdentity
GdipCreateSolidFill
GdipCreateTexture
GdipCreateLineBrush
GdipCreateHatchBrush
GdipSetPenLineCap197819
GdipSetPenLineJoin
GdipSetPenBrushFill
GdipSetPenDashStyle
GdipSetPenDashArray
GdipSetStringFormatFlags
GdipGetStringFormatFlags
GdipSetStringFormatMeasurableCharacterRanges
GdipSetPathFillMode
GdipStartPathFigure
GdipClosePathFigure
GdipGetPathLastPoint
GdipAddPathLine
ord1
GdipAddPathBezier
GdipAddPathRectangle
GdipAddPathEllipse
GdipAddPathPath
GdipTransformPath
GdipCreatePathGradientFromPath
GdipCreateFromHDC
GdipCreateFromHWND
GdipSetTextRenderingHint
GdipSetSmoothingMode
GdipSetPixelOffsetMode
GdipSetWorldTransform
GdipMultiplyWorldTransform
GdipTranslateWorldTransform
GdipScaleWorldTransform
GdipRotateWorldTransform
GdipGetWorldTransform
GdipGetDpiY
GdipDrawLinesI
GdipDrawPath
GdipFillPolygonI
GdipFillPath
GdipDrawString
GdipMeasureString
GdipMeasureCharacterRanges
GdipDrawImageRect
GdipDrawImageRectRectI
GdipSetClipRect
GdipSetClipRegion
GdipResetClip
GdipSaveGraphics
GdipRestoreGraphics
GdipCreateRegion

mscms

GetColorDirectoryW

shell32

ExtractIconW
DragAcceptFiles
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteExW
DragQueryPoint
ExtractIconExW
DragFinish
DragQueryFileW
SHBrowseForFolderW
SHGetSpecialFolderLocation
ShellExecuteW

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 971KB - Virtual size: 971KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 384KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9786447d71e2216b8930fdd21c9e0fbe

Headers

DLL Characteristics

File Characteristics

Imports

comdlg32

gdi32

kernel32

ole32

user32

winspool.drv

advapi32

comctl32

gdiplus

mscms

shell32

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 971KB - Virtual size: 971KB

.data Size: 88KB - Virtual size: 253KB

.rsrc Size: 145KB - Virtual size: 144KB

.reloc Size: 384KB - Virtual size: 384KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 971KB - Virtual size: 971KB

.data
Size: 88KB - Virtual size: 253KB

.rsrc
Size: 145KB - Virtual size: 144KB

.reloc
Size: 384KB - Virtual size: 384KB