Static task
static1
Behavioral task
behavioral1
Sample
20240904f42c665fe99295ac8f4936d8488487f3mafia.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
20240904f42c665fe99295ac8f4936d8488487f3mafia.exe
Resource
win10v2004-20240802-en
General
-
Target
20240904f42c665fe99295ac8f4936d8488487f3mafia
-
Size
3.3MB
-
MD5
f42c665fe99295ac8f4936d8488487f3
-
SHA1
0f674cacdf78311e8f310d06b1c89869592e880f
-
SHA256
c9acf95beda28648ae089190cc72ae88e4ccccd50d59e06740714fbbfc16f432
-
SHA512
b8014dbf8944105f40491f05d39a8d2077b6d740d15917f797435230a03dceda22e0981de67d7e7500a050fadf1bd8405434606a35403755a5276e0c092206db
-
SSDEEP
98304:eeSgJLDOQD6MV91/3/yRbNBqWUBLKVYqbS66puB:F9D1XaRBBqWUcbS66pu
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 20240904f42c665fe99295ac8f4936d8488487f3mafia
Files
-
20240904f42c665fe99295ac8f4936d8488487f3mafia.exe windows:5 windows x86 arch:x86
41cd771c95c64db58d7e41314416512b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GlobalHandle
InitializeCriticalSection
TlsSetValue
LocalReAlloc
TlsFree
GetTickCount
GetProfileIntA
SearchPathA
GetTempPathA
GetCPInfo
GetOEMCP
GetACP
lstrcmpiA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
VirtualProtect
FileTimeToLocalFileTime
GetFileAttributesExA
GetFileSizeEx
GetWindowsDirectoryA
GetNumberFormatA
SetErrorMode
FindResourceExW
EncodePointer
DecodePointer
HeapFree
HeapAlloc
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RtlUnwind
HeapReAlloc
RaiseException
GetSystemTimeAsFileTime
ExitThread
CreateThread
HeapSize
HeapQueryInformation
SetStdHandle
GetFileType
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetStdHandle
GetLocaleInfoW
IsValidCodePage
HeapCreate
FreeEnvironmentStringsW
TlsGetValue
SetHandleCount
QueryPerformanceCounter
IsProcessorFeaturePresent
GetStringTypeW
LCMapStringW
CompareStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
GlobalFlags
GetFullPathNameA
GetTempFileNameA
GetFileTime
GetUserDefaultLCID
WaitForSingleObject
ResumeThread
SetThreadPriority
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
GetModuleHandleW
GetFileSize
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GlobalReAlloc
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
GetModuleFileNameA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
CompareStringA
LoadLibraryW
lstrcmpW
GetCurrentProcessId
GlobalGetAtomNameA
GlobalAddAtomA
lstrcmpA
lstrcpyA
FreeResource
GetCurrentThreadId
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
MulDiv
FreeLibrary
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
LocalAlloc
FileTimeToSystemTime
GetEnvironmentStringsW
LocalFileTimeToFileTime
GetCurrentDirectoryA
ReadFile
GetFileAttributesA
SetFileTime
SystemTimeToFileTime
SetFilePointer
InterlockedIncrement
DeleteFileA
CloseHandle
CreateToolhelp32Snapshot
Process32Next
CreateDirectoryA
MultiByteToWideChar
Sleep
OpenProcess
WriteFile
GetCurrentThread
Process32First
InterlockedDecrement
lstrlenA
FindResourceA
CreateFileA
GetThreadContext
ExitProcess
GetModuleHandleA
LockResource
LoadLibraryA
GetProcAddress
SetLastError
GetLastError
DeactivateActCtx
SizeofResource
WideCharToMultiByte
ActivateActCtx
LoadResource
TlsAlloc
FindResourceW
user32
ShowOwnedPopups
TranslateMessage
GetMessageA
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetWindowDC
BeginPaint
EndPaint
SetRect
DestroyCursor
RealChildWindowFromPoint
UnregisterClassA
EnumDisplayMonitors
SetLayeredWindowAttributes
UnionRect
EnableScrollBar
UpdateLayeredWindow
RegisterClipboardFormatA
GetMenuDefaultItem
SetMenuDefaultItem
SetClassLongA
SetCursorPos
FrameRect
CopyIcon
CopyAcceleratorTableA
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
IsClipboardFormatAvailable
WaitMessage
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
GetUpdateRect
SubtractRect
GetDoubleClickTime
MapDialogRect
GetNextDlgGroupItem
PostThreadMessageA
EnumChildWindows
DrawIcon
CreateMenu
IsCharLowerA
MapVirtualKeyExA
GetWindowRgn
InvertRect
HideCaret
DrawEdge
DrawIconEx
FillRect
DrawStateA
LoadIconA
SendDlgItemMessageA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
MessageBoxA
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetClassNameA
GetSysColor
UnpackDDElParam
ReuseDDElParam
LoadMenuA
WinHelpA
SetWindowPos
PostQuitMessage
GetActiveWindow
IsWindowEnabled
GetDlgItem
SetWindowLongA
GetDlgCtrlID
LoadIconW
PeekMessageA
LoadAcceleratorsA
SetActiveWindow
InsertMenuItemA
GetClassInfoA
GetMenu
GetLastActivePopup
SetMenu
GetDesktopWindow
TranslateAcceleratorA
ShowWindow
SetParent
LockWindowUpdate
ValidateRect
BringWindowToTop
CreatePopupMenu
DestroyMenu
IsMenu
GetClassLongA
GetWindowLongA
GetMenuItemInfoA
DrawFrameControl
DestroyAcceleratorTable
DestroyWindow
GetKeyState
GetTopWindow
IsWindowVisible
ClientToScreen
GetWindow
CopyImage
GetIconInfo
DestroyIcon
GetSystemMetrics
IsRectEmpty
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
RegisterWindowMessageA
CharUpperA
SetFocus
SetWindowsHookExA
CallNextHookEx
IsIconic
IsZoomed
GetAsyncKeyState
NotifyWinEvent
GetCursorPos
SetCursor
MessageBeep
ReleaseCapture
LoadCursorA
LoadCursorW
WindowFromPoint
GetParent
SetCapture
GetCapture
KillTimer
SetTimer
InvalidateRect
ScreenToClient
GetWindowRect
SetWindowRgn
GetSystemMenu
PostMessageA
LoadMenuW
EnableMenuItem
CheckMenuItem
DeleteMenu
BeginDeferWindowPos
EndDeferWindowPos
GetFocus
IsChild
EqualRect
IntersectRect
OffsetRect
InflateRect
SetRectEmpty
PtInRect
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
UnhookWindowsHookEx
MapVirtualKeyA
RedrawWindow
EnableWindow
UpdateWindow
wsprintfA
GetKeyNameTextA
ReleaseDC
GetDC
GetClientRect
CopyRect
IsWindow
SendMessageA
MoveWindow
SetWindowTextA
IsDialogMessageA
GetWindowThreadProcessId
CheckDlgButton
CharUpperBuffA
MonitorFromPoint
SystemParametersInfoA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetSysColorBrush
LoadImageA
DrawFocusRect
ScrollWindow
advapi32
RegCreateKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
shell32
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetFileInfoA
SHAppBarMessage
DragQueryFileA
DragFinish
ShellExecuteA
ole32
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CoInitializeEx
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleTranslateAccelerator
OleLockRunning
DoDragDrop
CoCreateGuid
CreateStreamOnHGlobal
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemFree
oleaut32
SysAllocStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VariantChangeType
SysFreeString
VariantInit
VariantClear
SysAllocString
VarBstrFromDate
msimg32
TransparentBlt
AlphaBlend
comctl32
ImageList_GetIconSize
shlwapi
PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA
PathIsDirectoryA
PathRemoveFileSpecW
gdiplus
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdiplusShutdown
GdipDrawImageRectI
winmm
PlaySoundA
imm32
ImmReleaseContext
ImmGetContext
ImmGetOpenStatus
oleacc
CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject
gdi32
ExtSelectClipRgn
PatBlt
GetDeviceCaps
CopyMetaFileA
CreateDCA
CreatePen
GetWindowExtEx
GetViewportExtEx
CreateRoundRectRgn
CreateBitmap
SelectObject
GetTextExtentPoint32A
GetTextMetricsA
DeleteObject
GetObjectA
CreateCompatibleBitmap
CreateCompatibleDC
SetTextColor
SetBkColor
CreateSolidBrush
CreateFontIndirectA
CreateRectRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutA
CreatePolygonRgn
CombineRgn
GetBkColor
GetTextColor
BitBlt
CreateDIBSection
CreateHatchBrush
CreateEllipticRgn
Polyline
Ellipse
Polygon
ExtTextOutA
DeleteDC
SetDIBColorTable
GetDIBits
SelectPalette
GetStockObject
StretchBlt
GetPixel
SetPixel
SaveDC
RectVisible
SetBkMode
SetPolyFillMode
SetROP2
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
CreatePatternBrush
GetObjectType
SetMapMode
GetClipBox
GetViewportOrgEx
DPtoLP
Rectangle
SetRectRgn
OffsetRgn
GetRgnBox
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
CreatePalette
GetPaletteEntries
ExtFloodFill
SetPaletteEntries
LPtoDP
GetTextFaceA
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExA
SetPixelV
RestoreDC
PtVisible
LineTo
IntersectClipRect
RealizePalette
CreateRectRgnIndirect
ExcludeClipRect
winspool.drv
DocumentPropertiesA
ClosePrinter
OpenPrinterA
comdlg32
GetFileTitleA
Sections
.text Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 273KB - Virtual size: 272KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 23KB - Virtual size: 53KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 166KB - Virtual size: 165KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ