2024-07-09_ed396abec99b0e673cfb3c71ac07ed61_mafia_poet-rat

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-09_ed396abec99b0e673cfb3c71ac07ed61_mafia_poet-rat
Size

8.9MB
MD5

ed396abec99b0e673cfb3c71ac07ed61
SHA1

7de56431c27aeb168e8eeed2d3a1913562506c89
SHA256

3cb0989169ec7c52f5c6a78385e72f824d5f4b5f131ee01bba0e1e64b3a828e6
SHA512

fd75d1bb7e56e25aa342f7b27f7baadff9b7ba8eb792cc3ada91696cf14761f91151aee5d69bdc9c05f008fa5bd1c6c5c6f3dc40babd8971fcfca6bdc6009c62
SSDEEP

98304:XVMqxhKc53JGMb44iOg8T2qaiG+JGfS20Joaa5w/xBRSP2FuKnyY3aNb6T4/wvID:1NHGtYNnnqYUP7Kr3aNb6CwvIjlpP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-09_ed396abec99b0e673cfb3c71ac07ed61_mafia_poet-rat

Files

2024-07-09_ed396abec99b0e673cfb3c71ac07ed61_mafia_poet-rat
.exe windows:5 windows x86 arch:x86

6df3c8951149b01b4b4cc6433c098312

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameW
GetFileTitleW

user32

DrawStateW
MessageBeep
ReleaseCapture
SetCapture
GetSystemMenu
LoadMenuW
IntersectRect
SetClassLongW
GetAsyncKeyState
NotifyWinEvent
WindowFromPoint
CreatePopupMenu
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
OffsetRect
IsRectEmpty
DestroyMenu
GetMenuItemInfoW
InflateRect
CharUpperW
DestroyIcon
IsIconic
ShowWindow
MoveWindow
IsDialogMessageW
SetDlgItemTextW
CheckDlgButton
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
SetFocus
GetWindowTextLengthW
GetForegroundWindow
MessageBoxW
PostQuitMessage
PostMessageW
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
SendMessageW
GetParent
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageW
GetKeyState
IsWindowVisible
GetActiveWindow
CheckMenuRadioItem
ClipCursor
DispatchMessageW
TranslateMessage
GetMessageW
DrawIconEx
SetWindowsHookExW
SetCursor
ShowOwnedPopups
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetWindowLongW
GetWindowThreadProcessId
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuW
GetMenuItemID
AppendMenuW
GetMenuStringW
DeleteMenu
CopyRect
SetRectEmpty
GetMonitorInfoW
SystemParametersInfoW
EnumDisplayMonitors
GetSystemMetrics
GetSysColor
SetLayeredWindowAttributes
LoadCursorW
GetClientRect
MapWindowPoints
DefWindowProcW
GetClassInfoW
GetSysColorBrush
UnhookWindowsHookEx
FillRect
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
ScreenToClient
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
SetWindowTextW
GetWindowTextW
PtInRect
GetClassNameW
GetWindowRect
GetDlgCtrlID
GetWindow
RealChildWindowFromPoint
GetDesktopWindow
UpdateWindow
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
InvalidateRect
SetTimer
KillTimer
SetWindowPos
SetWindowLongW
CreateAcceleratorTableW
SetRect
SetCursorPos
BringWindowToTop
LockWindowUpdate
UnregisterClassW
CopyImage
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
TranslateAcceleratorW
InsertMenuItemW
LoadImageW
DrawEdge
DrawFrameControl
DrawFocusRect
CopyAcceleratorTableW
ToUnicodeEx
CallNextHookEx
MapVirtualKeyW
ReuseDDElParam
UnpackDDElParam
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
UnionRect
EnableScrollBar
UpdateLayeredWindow
IsMenu
CreateMenu
PostThreadMessageW
WaitMessage
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
GetMenuDefaultItem
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
RegisterClipboardFormatW
CopyIcon
CharUpperBuffW
GetDoubleClickTime
GetIconInfo
IsCharLowerW
GetKeyNameTextW
MapVirtualKeyExW
SubtractRect
InvertRect
HideCaret
GetNextDlgGroupItem
MapDialogRect
DrawIcon
DestroyCursor
GetMenu
CallWindowProcW
GetWindowPlacement
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
AdjustWindowRectEx
RegisterClassW
GetClassInfoExW
CreateWindowExW
RedrawWindow
ShowScrollBar
SetForegroundWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
SetMenu
TrackPopupMenu
ScrollWindow
MonitorFromWindow
GetMessagePos
GetMessageTime
GetWindowRgn
GetTabbedTextExtentW
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
DestroyWindow
LoadStringW
GetTopWindow

gdi32

SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
GetSystemPaletteEntries
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Rectangle
RoundRect
SetPixel
StretchBlt
RealizePalette
SetDIBColorTable
GetRgnBox
OffsetRgn
DPtoLP
SetRectRgn
Polygon
Ellipse
Polyline
CreateEllipticRgn
PatBlt
GetTextColor
EndPage
CombineRgn
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
StretchDIBits
CreateFontW
EnumFontFamiliesExW
GetTextExtentPoint32W
CreateHatchBrush
ExtCreatePen
GetObjectType
SelectPalette
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
StartDocW
SetAbortProc
GetPixel
GetWindowExtEx
GetViewportExtEx
AbortDoc
EndDoc
GetCharWidthW
StartPage
CreateBrushIndirect
SetBoundsRect
StrokePath
FillPath
EndPath
PolyBezier
BeginPath
GetWorldTransform
Arc
GetTextFaceW
SetPixelV
GetBkColor
CreateRectRgn
SelectClipRgn
SetArcDirection
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetWorldTransform
SetGraphicsMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
DeleteObject
GetTextCharsetInfo
EnumFontFamiliesW
GetTextMetricsW
BitBlt
CreateCompatibleDC
CreateRectRgnIndirect
CreateCompatibleBitmap
GetObjectW
CreateFontIndirectW
CreatePatternBrush
CreateSolidBrush
CreatePen
GetStockObject
CreateDIBitmap
CreateDCW
CopyMetaFileW
GetDeviceCaps
CreateBitmap

kernel32

DeleteFileW
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
CompareStringW
GlobalFlags
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GetVersionExW
lstrcpyW
GetSystemDirectoryW
GetCurrentDirectoryW
GlobalFree
CopyFileW
GlobalSize
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
GetCurrentProcessId
GlobalAddAtomW
GetPrivateProfileStringW
lstrlenW
WritePrivateProfileStringW
GetPrivateProfileIntW
CreateEventW
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
lstrcmpiW
CreateFileW
InitializeCriticalSectionAndSpinCount
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileW
GetVolumeInformationW
GetFullPathNameW
SetErrorMode
GlobalGetAtomNameW
GetTempFileNameW
GetTempPathW
lstrlenA
FileTimeToSystemTime
SystemTimeToFileTime
GetFileAttributesExW
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetFileTime
GetFileAttributesW
GetFileSizeEx
GetFileTime
GetTickCount
GetProfileIntW
Sleep
SearchPathW
GetWindowsDirectoryW
GetNumberFormatW
VirtualProtect
GetUserDefaultLCID
ReplaceFileW
GetDiskFreeSpaceW
FindResourceExW
LocalUnlock
LocalLock
GlobalFindAtomW
FreeResource
MoveFileW
GetStringTypeW
InterlockedCompareExchange
EncodePointer
DecodePointer
ReleaseMutex
ReleaseSemaphore
WaitForMultipleObjects
GetThreadPriority
CreateMutexW
CreateSemaphoreW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
OpenMutexW
OpenEventW
VirtualQuery
OpenSemaphoreW
GetComputerNameW
GetDriveTypeW
GetLogicalDriveStringsW
GetUserDefaultLangID
GetModuleHandleA
SetCurrentDirectoryW
GetCommandLineW
HeapSetInformation
GetStartupInfoW
RaiseException
RtlUnwind
ExitProcess
HeapAlloc
HeapFree
ExitThread
CreateThread
HeapQueryInformation
HeapReAlloc
HeapSize
GetSystemTimeAsFileTime
VirtualAlloc
GetSystemInfo
SetStdHandle
GetFileType
GetCPInfo
LCMapStringW
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
QueryPerformanceCounter
IsProcessorFeaturePresent
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
SetEnvironmentVariableW
CreateFileA
GetProcessHeap
SetEnvironmentVariableA
QueryPerformanceFrequency
SetThreadAffinityMask
GetProcessAffinityMask
FindNextFileW
OutputDebugStringW
CreateDirectoryW
FindFirstFileExW
InterlockedExchange
LoadLibraryExW
GetLocaleInfoW
SizeofResource
LockResource
LoadResource
FindResourceW
FreeLibrary
GetProcAddress
GetModuleHandleW
GlobalAlloc
lstrcmpW
GlobalLock
WideCharToMultiByte
MultiByteToWideChar
SetLastError
DeactivateActCtx
GetLastError
LoadLibraryW
ActivateActCtx
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetModuleFileNameW
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
lstrcmpA

advapi32

RegCloseKey
StartServiceW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
RegEnumKeyExW
SetFileSecurityW
GetFileSecurityW
CloseServiceHandle
QueryServiceStatus
OpenServiceW
OpenSCManagerW
DeregisterEventSource
ReportEventW
RegisterEventSourceW
RegOpenKeyW

comctl32

ImageList_GetIconSize

ole32

CoCreateGuid
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
CoUninitialize
CoInitialize
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
OpenPrinterW
GetJobW
ClosePrinter

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetDesktopFolder
SHAppBarMessage
DragQueryFileW
DragFinish
ShellExecuteW
SHGetFileInfoW
SHBrowseForFolderW

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
VarBstrFromDate
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysStringLen
SysAllocString
SysFreeString

gdiplus

GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipBitmapUnlockBits
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipGetImageGraphicsContext
GdipDrawImageI
GdipGetImageHeight

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

ddraw

DirectDrawCreateEx

Sections

.text
Size: 7.0MB - Virtual size: 7.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_patmax
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_text2
Size: 512B - Virtual size: 398B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 194KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_cortab
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 602KB - Virtual size: 601KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6df3c8951149b01b4b4cc6433c098312

Headers

DLL Characteristics

File Characteristics

Imports

comdlg32

user32

gdi32

kernel32

advapi32

comctl32

ole32

msimg32

winspool.drv

shell32

shlwapi

oleaut32

gdiplus

oleacc

imm32

winmm

ddraw

Sections

.text Size: 7.0MB - Virtual size: 7.0MB

_text Size: 22KB - Virtual size: 22KB

_patmax Size: 3KB - Virtual size: 2KB

_text2 Size: 512B - Virtual size: 398B

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 194KB - Virtual size: 285KB

_cortab Size: 1KB - Virtual size: 1KB

.rsrc Size: 48KB - Virtual size: 48KB

.reloc Size: 602KB - Virtual size: 601KB

.text
Size: 7.0MB - Virtual size: 7.0MB

_text
Size: 22KB - Virtual size: 22KB

_patmax
Size: 3KB - Virtual size: 2KB

_text2
Size: 512B - Virtual size: 398B

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 194KB - Virtual size: 285KB

_cortab
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 48KB - Virtual size: 48KB

.reloc
Size: 602KB - Virtual size: 601KB