2024-07-27_6fd573eb90f3440534e9d85c1cbc95c6_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-07-27_6fd573eb90f3440534e9d85c1cbc95c6_mafia
Size

3.4MB
MD5

6fd573eb90f3440534e9d85c1cbc95c6
SHA1

398569bcfb41c41973ef0ae0652b932d3e996ef3
SHA256

33edb43e4d36146d4a993d0440c3988170dd8ffc68496af5c974eecba078946a
SHA512

3dff7940eedc65aebe2e2d3b84b5d8dbc82f4d02d36d58e8f3c1f1795c9395db5c0603c90071aef9cfb2d283f31225c99c93419471871dff75addbe1d14045e2
SSDEEP

98304:4TyXQAOh2pXvGRDJgXJPZVP+EEh2jxilcASmqp0xEbr9h0oj9ghi1RebMIg9Cbki:k2pfGInVPkhscxEbr9h0ojDIg9Cbk/V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-27_6fd573eb90f3440534e9d85c1cbc95c6_mafia

Files

2024-07-27_6fd573eb90f3440534e9d85c1cbc95c6_mafia
.exe windows:5 windows x86 arch:x86

a75907d70a312a5a8caf6f5a077e7588

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\VcProject\harddiskinfo\Release\harddiskinfo.pdb

Imports

sqlite3

sqlite3_open
sqlite3_close
sqlite3_column_text
sqlite3_column_int64
sqlite3_column_int
sqlite3_column_name
sqlite3_column_count
sqlite3_reset
sqlite3_step
sqlite3_finalize
sqlite3_prepare

kernel32

GetComputerNameA
GetSystemInfo
GetVolumeInformationA
GetDiskFreeSpaceExA
lstrcmpA
GlobalMemoryStatusEx
InterlockedDecrement
FindNextFileW
FindFirstFileW
SystemTimeToTzSpecificLocalTime
FindNextFileA
MultiByteToWideChar
GetVersionExA
FreeLibrary
FormatMessageA
GlobalAlloc
ExpandEnvironmentStringsA
FindClose
FindFirstFileA
Process32Next
Process32First
CreateToolhelp32Snapshot
IsWow64Process
GetTickCount
lstrcatA
GetDateFormatA
GetTimeFormatA
GetCurrentProcess
GetWindowsDirectoryA
GetDriveTypeA
GetPrivateProfileIntA
Sleep
WinExec
DeleteFileA
GlobalFree
lstrcpyA
LoadLibraryExA
GetPrivateProfileStringA
CreateProcessA
MulDiv
lstrlenW
GlobalUnlock
GlobalLock
GlobalSize
CopyFileA
SetLastError
InterlockedExchange
GetProcAddress
GetModuleHandleW
DeactivateActCtx
LoadLibraryA
ActivateActCtx
CompareStringA
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
FreeResource
FindResourceA
LoadLibraryW
GetModuleHandleA
WritePrivateProfileStringA
GetCurrentProcessId
SetThreadPriority
ResumeThread
GlobalAddAtomA
lstrcmpW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GlobalFindAtomA
GlobalGetAtomNameA
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
GetThreadLocale
InterlockedIncrement
TlsGetValue
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetCurrentDirectoryA
GetSystemDirectoryW
GlobalFlags
GetFileAttributesA
GetFileSize
GetACP
GetStringTypeExA
lstrcmpiA
WriteFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetFullPathNameA
GetCPInfo
GetOEMCP
GetFileAttributesExA
GetFileSizeEx
SetErrorMode
GetTempFileNameA
GetTempPathA
GetProfileIntA
SearchPathA
VirtualProtect
GetNumberFormatA
FindResourceExW
GetUserDefaultLCID
HeapAlloc
HeapFree
EncodePointer
DecodePointer
ExitProcess
GetSystemTimeAsFileTime
FindFirstFileExA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapReAlloc
RtlUnwind
RaiseException
VirtualAlloc
VirtualQuery
ExitThread
CreateThread
SetStdHandle
GetFileType
HeapQueryInformation
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetTimeZoneInformation
IsValidCodePage
GetStdHandle
HeapCreate
LCMapStringW
GetLocaleInfoW
SetHandleCount
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryW
GetConsoleCP
GetConsoleMode
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetDriveTypeW
CompareStringW
EnumSystemLocalesA
IsValidLocale
GetProcessHeap
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
InterlockedCompareExchange
LCMapStringA
GetStartupInfoA
CreatePipe
GetModuleFileNameA
SetFilePointer
ReadFile
DeviceIoControl
LocalFree
LocalAlloc
GetLastError
GetFileTime
CreateFileA
CloseHandle
OpenProcess
lstrlenA
QueryDosDeviceA
GetLogicalDriveStringsA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
FileTimeToSystemTime
FileTimeToLocalFileTime
ReleaseMutex
WaitForSingleObject
CreateMutexA

user32

GetWindowTextLengthA
SetFocus
RemovePropA
GetPropA
SetPropA
GetClassLongA
GetCapture
IsChild
WinHelpA
SendDlgItemMessageA
LoadIconA
CheckDlgButton
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
GetMenuItemInfoA
DestroyMenu
SystemParametersInfoA
LoadCursorA
SetCapture
WindowFromPoint
LoadCursorW
ReleaseCapture
WaitMessage
DeleteMenu
SetRectEmpty
EnumDisplayMonitors
SetLayeredWindowAttributes
RealChildWindowFromPoint
SetTimer
KillTimer
CharNextA
CopyAcceleratorTableA
SetRect
IntersectRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
LoadMenuW
NotifyWinEvent
GetAsyncKeyState
IsZoomed
CharUpperA
CreatePopupMenu
BringWindowToTop
LockWindowUpdate
SetParent
MonitorFromPoint
IsMenu
UnionRect
OpenClipboard
CopyImage
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageA
LoadImageW
DestroyIcon
SetMenuDefaultItem
GetMenuDefaultItem
SetCursorPos
GetIconInfo
EnableScrollBar
CopyIcon
GetDoubleClickTime
SetClassLongA
DestroyAcceleratorTable
GetUpdateRect
UpdateLayeredWindow
GetWindowPlacement
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
ToAsciiEx
MapVirtualKeyA
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
GetMonitorInfoA
RegisterClipboardFormatA
FrameRect
GetWindowTextA
SubtractRect
IsClipboardFormatAvailable
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
GetKeyNameTextA
PostThreadMessageA
IsCharLowerA
MapVirtualKeyExA
InvertRect
HideCaret
CreateMenu
DestroyCursor
GetWindowRgn
LoadStringA
MapWindowPoints
GetWindowRect
SetWindowRgn
DrawFocusRect
DrawFrameControl
DrawEdge
FillRect
GetSysColor
OffsetRect
InflateRect
IsRectEmpty
DrawStateA
RegisterWindowMessageA
GetWindow
SetWindowContextHelpId
GetParent
MapDialogRect
SetWindowPos
PostQuitMessage
PostMessageA
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
CopyRect
GetClassNameA
InvalidateRect
UpdateWindow
ShowOwnedPopups
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetCursor
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
PeekMessageA
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
SetWindowsHookExA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
CharUpperBuffA
MonitorFromWindow
UnhookWindowsHookEx
GetCursorPos
CallNextHookEx
PtInRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
CreateAcceleratorTableA
SetWindowPlacement
TabbedTextOutA
GetWindowThreadProcessId
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
SendMessageA
AppendMenuA
GetSystemMenu
LoadIconW
EnableWindow
wsprintfA
GetLastActivePopup
MessageBoxA
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
DrawIconEx
GetSysColorBrush
GetFocus
RedrawWindow
UnregisterClassA
IsWindowVisible

winspool.drv

ClosePrinter
EnumPrintersA
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegFlushKey
RegQueryValueExA
RegDeleteKeyA
RegDeleteValueA
LookupAccountSidA
GetTokenInformation
QueryServiceConfig2A
QueryServiceConfigA
OpenServiceA
CloseServiceHandle
EnumServicesStatusExA
OpenSCManagerA
GetUserNameA
CloseEventLog
ReadEventLogA
GetOldestEventLogRecord
OpenEventLogA
LogonUserA
RegEnumValueA
RegEnumKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegUnLoadKeyA
GetAclInformation
RegQueryInfoKeyA
IsValidSecurityDescriptor
GetAce
GetSecurityDescriptorDacl
RegEnumKeyA
RegLoadKeyA
RegCloseKey

shell32

SHAppBarMessage
SHGetFileInfoA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragFinish
DragQueryFileA
ShellExecuteA
SHBrowseForFolderA
SHGetSpecialFolderPathA

ole32

CLSIDFromProgID
CLSIDFromString
CoInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
CoCreateGuid
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleDuplicateData
OleFlushClipboard
DoDragDrop
RegisterDragDrop
CoLockObjectExternal
CoTaskMemAlloc
OleGetClipboard
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoRevokeClassObject
CoRegisterMessageFilter
ReleaseStgMedium
CoTaskMemFree
RevokeDragDrop
OleIsCurrentClipboard
CoSetProxyBlanket
CoInitializeSecurity
CoCreateInstance
CoUninitialize
CoInitializeEx
StringFromGUID2

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysAllocString
VariantClear
VariantCopy
VariantInit
VariantChangeType
SysAllocStringLen
SysAllocStringByteLen
VarBstrFromDate
OleCreateFontIndirect
SysFreeString

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize
InitCommonControlsEx

shlwapi

PathFileExistsA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA

oledlg

ord8

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipDrawImageRectI
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipFree
GdipCreateBitmapFromScan0

wintrust

WinVerifyTrust

wlanapi

WlanEnumInterfaces
WlanOpenHandle
WlanGetAvailableNetworkList
WlanGetNetworkBssList
WlanFreeMemory

iphlpapi

GetAdaptersInfo

psapi

GetModuleBaseNameA
GetProcessImageFileNameA
GetModuleFileNameExA
EnumProcessModules
GetProcessMemoryInfo

netapi32

NetShareEnum
NetLocalGroupEnum
NetUserGetLocalGroups
NetApiBufferFree
NetUserEnum

ws2_32

closesocket
select
socket
gethostbyname
WSACleanup
WSAGetLastError
WSAStartup
sendto

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA

gdi32

SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
CreatePalette
RoundRect
StretchBlt
RealizePalette
SetPixel
Rectangle
CreateDIBSection
DPtoLP
GetMapMode
SetRectRgn
CreateRoundRectRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
GetTextFaceA
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetTextMetricsA
GetTextExtentPoint32A
ExtTextOutA
PatBlt
Polygon
Ellipse
Polyline
GetTextColor
GetBkColor
CombineRgn
CreatePolygonRgn
CreateEllipticRgn
CreateRectRgnIndirect
CreateRectRgn
CreateHatchBrush
CreateSolidBrush
CreateDCA
CopyMetaFileA
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
ExtFloodFill
OffsetRgn
GetRgnBox
GetTextCharsetInfo
EnumFontFamiliesA
CreateCompatibleBitmap
CreateDIBitmap
CreateFontIndirectA
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
SetPaletteEntries
GetViewportOrgEx
LPtoDP
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
EnumFontFamiliesExA
GetWindowOrgEx
SetPixelV
SetDIBColorTable
CreateBitmap
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectA
SelectClipRgn
DeleteObject
GetDeviceCaps

comdlg32

GetFileTitleA

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 356KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a75907d70a312a5a8caf6f5a077e7588

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

sqlite3

kernel32

user32

winspool.drv

advapi32

shell32

ole32

oleaut32

msimg32

comctl32

shlwapi

oledlg

gdiplus

wintrust

wlanapi

iphlpapi

psapi

netapi32

ws2_32

oleacc

imm32

winmm

gdi32

comdlg32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 356KB - Virtual size: 355KB

.data Size: 29KB - Virtual size: 60KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 195KB - Virtual size: 195KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 356KB - Virtual size: 355KB

.data
Size: 29KB - Virtual size: 60KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 195KB - Virtual size: 195KB