2024-08-23_9922da28a902388ff3ef2170697d073e_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-23_9922da28a902388ff3ef2170697d073e_mafia
Size

435.5MB
MD5

9922da28a902388ff3ef2170697d073e
SHA1

6bc91d61156ac0aa60d1b6f386170a0ac30828e9
SHA256

f1463da1934cd9284836d59ebe8528cb0df8134ecc506e02752c182133c01b71
SHA512

484cdfa4888229d60c43a70b26d567b480a0a08e3fb74153d542e9b9ec95f1024c3a3d1d1962eafc36c1129208281ba250039228150d050a33f714947843518f
SSDEEP

98304:s2MfLRVFMkcu0igjHtzUX/shS33MRMBtWYklm+VM:gAaXpXWYkl2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-23_9922da28a902388ff3ef2170697d073e_mafia

Files

2024-08-23_9922da28a902388ff3ef2170697d073e_mafia
.exe windows:5 windows x86 arch:x86

16883d1553dd4d46504279a1ce7132fd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\work\Downloader1.0\branches\noNavigateforlegend\downloader\bin.32\Downloader.pdb

Imports

shlwapi

PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFileExistsW
PathRemoveFileSpecW
PathFindExtensionW

kernel32

FindFirstFileExA
ExitThread
GetFileInformationByHandle
VirtualAlloc
VirtualQuery
HeapQueryInformation
HeapSize
SetStdHandle
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
HeapFree
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
GetConsoleCP
GetConsoleMode
LCMapStringW
GetFullPathNameA
GetTimeZoneInformation
WriteConsoleW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetEnvironmentVariableA
GetDriveTypeW
GetProcessHeap
GetDriveTypeA
EncodePointer
DecodePointer
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathW
GetProfileIntW
GetTempPathW
GetTempFileNameW
GetNumberFormatW
GetWindowsDirectoryW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
SetErrorMode
GetCurrentDirectoryW
lstrcpyW
lstrlenA
GlobalGetAtomNameW
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameW
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
SetThreadPriority
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
RtlUnwind
LoadLibraryExW
InterlockedExchange
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GetThreadLocale
InterlockedIncrement
RaiseException
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
InitializeCriticalSectionAndSpinCount
LoadLibraryW
lstrcmpW
GetCurrentProcessId
ActivateActCtx
DeactivateActCtx
FreeResource
GlobalSize
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
MulDiv
LoadLibraryA
FreeLibrary
GetFileType
WaitForMultipleObjects
PeekNamedPipe
GetTickCount
FormatMessageA
SleepEx
SetLastError
ExpandEnvironmentStringsA
GetLocalTime
lstrcmpiW
GetSystemInfo
GetProcAddress
GetVersionExW
GetModuleHandleW
ResumeThread
GetCurrentProcess
SetPriorityClass
GetShortPathNameW
GetEnvironmentVariableW
SetFileAttributesW
GetFileAttributesW
FindClose
FindFirstFileW
GetStdHandle
SetEndOfFile
Sleep
GetVolumeInformationW
GlobalFree
GlobalAlloc
CreateFileA
DeviceIoControl
SetEvent
DeleteCriticalSection
CreateEventW
InitializeCriticalSection
GetPrivateProfileStringW
SetFilePointer
GetLastError
WriteFile
ReadFile
GetFileSize
CreateFileW
MoveFileExA
DeleteFileA
SetCurrentDirectoryW
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
GetSystemDefaultLangID
WideCharToMultiByte
CopyFileW
CreateDirectoryW
GetSystemDirectoryW
CreateProcessW
CreateThread
WaitForSingleObject
CloseHandle
DeleteFileW
GetModuleFileNameW
FindResourceW
LoadResource
LockResource
SizeofResource
ExitProcess
HeapReAlloc
GetSystemTimeAsFileTime
GetLocaleInfoW
HeapAlloc

user32

GetWindowRgn
DestroyCursor
SubtractRect
GetDoubleClickTime
CharUpperBuffW
CopyIcon
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
CreateMenu
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
PostThreadMessageW
IsMenu
UpdateLayeredWindow
UnionRect
MapVirtualKeyExW
IsCharLowerW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
RegisterClipboardFormatW
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFrameControl
DrawEdge
DrawStateW
GetSystemMenu
SetClassLongW
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
DrawIconEx
LoadImageW
GetIconInfo
NotifyWinEvent
EnableScrollBar
HideCaret
DrawFocusRect
InvertRect
GetAsyncKeyState
CreatePopupMenu
GetMenuDefaultItem
DestroyIcon
MessageBeep
GetNextDlgGroupItem
DeleteMenu
WaitMessage
WindowFromPoint
UnregisterClassW
ReleaseCapture
SetCapture
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
CopyImage
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
RealChildWindowFromPoint
GetSysColorBrush
IntersectRect
MapVirtualKeyW
GetKeyNameTextW
CharUpperW
ShowOwnedPopups
GetMessageW
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
OffsetRect
CharNextW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
EnableWindow
SendMessageW
GetClientRect
FillRect
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
IsWindowVisible
ValidateRect
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
CopyRect
GetWindow
LoadMenuW
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxW
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GetParent
PostMessageW
KillTimer
SetTimer
wsprintfW
LoadStringW
LoadBitmapW
LoadIconW
MonitorFromPoint
ShowWindow
IsWindow
IsIconic
GetSystemMetrics
DrawIcon
InvalidateRect
SetCursor
LoadCursorW
GetCursorPos
GetWindowRect
PtInRect
InflateRect
TranslateMessage
DispatchMessageW
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuW
GetMenuItemID
AppendMenuW
GetMenuStringW
GetMenuState
EndDialog
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
GetWindowLongW
DestroyWindow
CreateDialogIndirectParamW
SetActiveWindow
GetActiveWindow
GetDesktopWindow
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
ScreenToClient

gdi32

CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
SetPixel
OffsetRgn
EnumFontFamiliesExW
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetSystemPaletteEntries
ExtFloodFill
SetPaletteEntries
SetPixelV
GetNearestPaletteIndex
GetTextFaceW
GetObjectType
SelectPalette
GetBoundsRect
RealizePalette
GetPaletteEntries
CreatePalette
GetRgnBox
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
GetTextMetricsW
GetTextExtentPoint32W
DPtoLP
CombineRgn
SetRectRgn
CreateFontIndirectW
PatBlt
CreateRectRgnIndirect
GetTextColor
GetBkColor
CreateHatchBrush
GetStockObject
CreateBitmap
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
GetMapMode
StretchBlt
SelectObject
CreateCompatibleDC
CreatePen
GetObjectW
CreateSolidBrush
CreateFontW
Rectangle
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateDCW
CopyMetaFileW
GetDeviceCaps
BitBlt
CreateCompatibleBitmap

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegEnumKeyExW
RegCreateKeyW
RegQueryValueExW
RegCloseKey
RegSetValueExW
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyExW
RegEnumValueW
RegQueryValueW

shell32

SHAppBarMessage
SHBrowseForFolderW
DragQueryFileW
DragFinish
ShellExecuteW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetDesktopFolder
SHGetFileInfoW
SHFileOperationW
SHGetSpecialFolderPathW

comctl32

InitCommonControlsEx
_TrackMouseEvent
ImageList_GetIconSize

ole32

CoRevokeClassObject
CoTaskMemFree
CoTaskMemAlloc
OleDuplicateData
CoCreateGuid
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoInitialize
CoUninitialize
CoGetClassObject
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoInitializeEx
CreateStreamOnHGlobal
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
ReleaseStgMedium

oleaut32

VarBstrFromDate
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantClear
SysFreeString
SysAllocStringLen
VariantChangeType
VariantInit
VariantCopy
SysAllocString
DispCallFunc
LoadRegTypeLi
OleCreateFontIndirect
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayCreate
SafeArrayDestroy

oledlg

OleUIBusyW

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

ws2_32

ioctlsocket
select
__WSAFDIsSet
listen
accept
recvfrom
sendto
getaddrinfo
freeaddrinfo
WSASetLastError
connect
setsockopt
getpeername
getsockopt
htons
gethostname
ntohs
getsockname
send
recv
socket
closesocket
WSAGetLastError
WSAStartup
WSACleanup
bind

wldap32

ord211
ord143
ord60
ord50
ord26
ord30
ord32
ord35
ord79
ord200
ord33
ord301
ord27
ord41
ord46
ord22

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 358KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 582.5MB - Virtual size: 582.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 189KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16883d1553dd4d46504279a1ce7132fd

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shlwapi

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

oledlg

oleacc

gdiplus

imm32

winmm

ws2_32

wldap32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 358KB - Virtual size: 357KB

.data Size: 32KB - Virtual size: 63KB

.rsrc Size: 582.5MB - Virtual size: 582.5MB

.reloc Size: 189KB - Virtual size: 188KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 358KB - Virtual size: 357KB

.data
Size: 32KB - Virtual size: 63KB

.rsrc
Size: 582.5MB - Virtual size: 582.5MB

.reloc
Size: 189KB - Virtual size: 188KB