2024-07-09_0be01c2f4921982d33f955b7ceb52885_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-09_0be01c2f4921982d33f955b7ceb52885_mafia
Size

3.4MB
MD5

0be01c2f4921982d33f955b7ceb52885
SHA1

50e49647ca9f4c37ac178565ca2a6b7b7a2f6865
SHA256

69a23fa449a02ce229ad6b520965f386e8b3960d2f4c29a2f0ca48b6e12b51f5
SHA512

cc51b42ea428518b233bdfa18e03d424d0be9df58cf7da534d89b124555b0a704ce5e4d0d683f84bd255344dea9e91f3af274395d772093404bc515c20efda1a
SSDEEP

49152:/ljb4y6/G0vc50GgQbsc3PGwNiC/44jm5RN5Q/4Dy6giZXNoy6sKniZQvZKdurkw:5KvTXBz45vXNwuC4C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-09_0be01c2f4921982d33f955b7ceb52885_mafia

Files

2024-07-09_0be01c2f4921982d33f955b7ceb52885_mafia
.exe windows:5 windows x86 arch:x86

617efc8d6f500bb2d9a67c0516c686c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\_dev\Game_DummyQ_V2\Bin\App\DummyQ\Client\AppPlayQ.pdb

Imports

kernel32

SetConsoleMode
ReadConsoleInputA
SetUnhandledExceptionFilter
LoadResource
FreeLibrary
FindResourceW
VirtualQuery
CreateMutexW
FlushConsoleInputBuffer
GetVersionExA
GlobalMemoryStatus
GetVersion
GetDriveTypeW
GetCurrentDirectoryW
GetFullPathNameA
FindFirstFileExA
GetDriveTypeA
FindClose
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileAttributesA
ExpandEnvironmentStringsA
LoadLibraryA
WaitForMultipleObjects
PeekNamedPipe
FormatMessageA
VerSetConditionMask
VerifyVersionInfoA
SleepEx
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
InterlockedPushEntrySList
SetEnvironmentVariableA
CompareStringW
GetProcessHeap
SetEndOfFile
WriteConsoleW
SetStdHandle
SetConsoleCtrlHandler
ExitProcess
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapSize
GetLocaleInfoW
GetTimeZoneInformation
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
GetUserDefaultLangID
CreateEventW
Sleep
GetModuleHandleW
SetEvent
GetStartupInfoW
CreateProcessW
GetCurrentThreadId
SetLastError
GetLastError
RaiseException
FlushInstructionCache
GlobalUnlock
lstrcmpW
GetModuleFileNameW
MulDiv
InitializeCriticalSectionAndSpinCount
GlobalAlloc
GlobalLock
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
CreateFileW
WriteFile
SetFilePointer
IsDBCSLeadByte
GetFileSize
CreateFileA
HeapCreate
IsProcessorFeaturePresent
GetFileType
GetStdHandle
SetHandleCount
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetCPInfo
LCMapStringW
LoadLibraryW
HeapSetInformation
GetCommandLineW
RtlUnwind
CreateThread
ExitThread
GetSystemTimeAsFileTime
HeapReAlloc
HeapAlloc
HeapFree
InterlockedCompareExchange
InterlockedExchange
DecodePointer
EncodePointer
lstrcmpiW
SetCurrentDirectoryW
GetProcAddress
IsBadWritePtr
SizeofResource
GetStringTypeW
LoadLibraryExW
CloseHandle
TerminateThread
WaitForSingleObject
DeleteCriticalSection
EnterCriticalSection
ReadFile
LeaveCriticalSection
InitializeCriticalSection
lstrlenW
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
IsValidLocale

user32

FillRect
IsChild
SetCapture
PostMessageW
GetFocus
wsprintfW
SendMessageW
GetParent
InvalidateRgn
LoadCursorW
IsWindowEnabled
GetClientRect
CreateAcceleratorTableW
BeginPaint
GetWindowTextLengthW
DestroyWindow
ClientToScreen
EndPaint
GetClassInfoExW
TranslateMessage
GetForegroundWindow
RegisterClassExW
RegisterWindowMessageW
CharNextW
FindWindowW
MessageBoxW
ShowWindow
GetDC
GetMessageW
SetForegroundWindow
DispatchMessageW
MoveWindow
GetWindow
DefWindowProcW
MessageBoxA
GetProcessWindowStation
GetUserObjectInformationW
CallWindowProcW
SetWindowTextW
EnableWindow
ScreenToClient
InvalidateRect
GetWindowLongW
GetWindowTextW
PeekMessageW
UnregisterClassA
GetWindowRect
ReleaseCapture
CreateWindowExW
IsWindow
SetWindowPos
GetSysColor
GetDesktopWindow
RedrawWindow
SetWindowLongW
GetDlgItem
ReleaseDC
GetClassNameW
ValidateRect
GetSystemMetrics
RegisterClassW
SetFocus
DestroyAcceleratorTable
LoadAcceleratorsW
SetRect
AdjustWindowRect
SendDlgItemMessageW
CreateDialogParamW
UpdateWindow
KillTimer
LoadIconW
LoadStringW
PostThreadMessageW

gdi32

SetPixelFormat
CreateSolidBrush
SwapBuffers
ChoosePixelFormat
SetBkColor
ExtTextOutW
BitBlt
DeleteDC
GetDeviceCaps
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
GetStockObject

advapi32

RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegCreateKeyExW
RegQueryValueExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW

shell32

ShellExecuteW

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoGetClassObject
OleUninitialize
OleInitialize
StringFromGUID2
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
OleLockRunning
CoCreateInstance

oleaut32

SysAllocStringLen
SysFreeString
SysAllocString
SysStringLen
VariantClear
LoadTypeLi
SysAllocStringByteLen
VariantInit
OleCreateFontIndirect
SysStringByteLen
LoadRegTypeLi
VarUI4FromStr

ws2_32

inet_addr
WSARecv
WSACloseEvent
WSASend
WSAIoctl
connect
WSASetLastError
recv
send
getsockname
ntohs
bind
getsockopt
getpeername
freeaddrinfo
getaddrinfo
sendto
recvfrom
accept
listen
gethostname
select
WSAGetLastError
WSAEnumNetworkEvents
htons
WSAEventSelect
shutdown
setsockopt
WSACleanup
socket
WSACreateEvent
__WSAFDIsSet
closesocket
WSAStartup
ioctlsocket

rpcrt4

UuidToStringA
UuidCreate
RpcStringFreeA

winmm

mmioAscend
mmioSetInfo
mmioDescend
mmioSeek
mmioGetInfo
mmioRead
timeGetTime
mmioOpenW

glu32

gluTessBeginPolygon
gluNewTess
gluTessEndPolygon
gluDeleteTess
gluTessEndContour
gluTessBeginContour
gluTessProperty
gluTessCallback
gluTessVertex
gluTessNormal

opengl32

glVertex3f
glTexSubImage2D
glCallList
glGenLists
glNewList
glEndList
glDeleteLists
glPushClientAttrib
glBegin
glPopClientAttrib
glNormal3f
glEnd
glTexCoord2f
glVertex2f
glTexParameteri
glGetIntegerv
glPushAttrib
glPopAttrib
wglDeleteContext
glPopMatrix
glPushMatrix
glMatrixMode
glTranslatef
glDisable
glColor4f
glBlendFunc
glScalef
glTexEnvf
glEnable
glEnableClientState
glDrawElements
glBindTexture
glShadeModel
glDisableClientState
glRotatef
glVertexPointer
glTexCoordPointer
glDrawArrays
glClearDepth
glDepthFunc
glClear
glClearColor
glOrtho
glGetFloatv
glViewport
glHint
glLoadIdentity
glColorPointer
glLineWidth
glDeleteTextures
glTexParameterf
glPixelStorei
glTexImage2D
glGenTextures
wglCreateContext
wglGetCurrentDC
wglMakeCurrent

dsound

ord1

imm32

ImmGetCandidateListA
ImmReleaseContext
ImmGetCompositionStringA
ImmSetConversionStatus
ImmGetConversionStatus
ImmNotifyIME
ImmGetContext

gdiplus

GdipGetImageHeight
GdipDeleteGraphics
GdipDrawImageRectI
GdipDrawImagePointRect
GdipGetImageWidth
GdipCreateFromHWND
GdipFree
GdipLoadImageFromFile
GdipAlloc
GdipDisposeImage
GdiplusStartup
GdiplusShutdown
GdipCloneImage

wldap32

ord33
ord301
ord79
ord41
ord46
ord143
ord35
ord32
ord200
ord30
ord26
ord50
ord60
ord22
ord27
ord211

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 541KB - Virtual size: 541KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 403KB - Virtual size: 657KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 354KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

617efc8d6f500bb2d9a67c0516c686c9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

ws2_32

rpcrt4

winmm

glu32

opengl32

dsound

imm32

gdiplus

wldap32

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 541KB - Virtual size: 541KB

.data Size: 403KB - Virtual size: 657KB

.rsrc Size: 354KB - Virtual size: 354KB

.reloc Size: 115KB - Virtual size: 114KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 541KB - Virtual size: 541KB

.data
Size: 403KB - Virtual size: 657KB

.rsrc
Size: 354KB - Virtual size: 354KB

.reloc
Size: 115KB - Virtual size: 114KB