2024-09-09_7ac161793523033f25556183d40b5bd0_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-09-09_7ac161793523033f25556183d40b5bd0_mafia
Size

12.2MB
MD5

7ac161793523033f25556183d40b5bd0
SHA1

13a362a61d5e0bde13fc526e7a263e0ca1707572
SHA256

7d6635ed45e45df5a49744a70e5788fc29000b67bc9f96361327647b22bb44f0
SHA512

c25daec2a8a0e056a7b61f7323f2a749f1906f64547f7888470dafe8b671b02333c03bc0d368fa0c11b5a6f3284d381511971da42fc0fba0e28d53a0b78c6bf5
SSDEEP

196608:kwkha5GbR9PM/proeXNOrJMIinDkQeBatfHi0KnTeNNYeFjw33uG+M/T592hXmHS:t1GR9POoe9G+5DTea5We/uuitXi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-09_7ac161793523033f25556183d40b5bd0_mafia

Files

2024-09-09_7ac161793523033f25556183d40b5bd0_mafia
.exe windows:5 windows x86 arch:x86

d461fe5c93dcc91e42ea79cc37a3ce16

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\PC_emu\trunk\bin\5funSetup.pdb

Imports

kernel32

FreeResource
GetACP
InterlockedExchange
GetFileType
DuplicateHandle
DosDateTimeToFileTime
lstrlenW
MulDiv
InterlockedIncrement
InterlockedDecrement
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetLocaleInfoW
GetStdHandle
GetStringTypeW
GetTickCount
LocalFileTimeToFileTime
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
ExitProcess
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LCMapStringW
GetCPInfo
RtlUnwind
GetSystemTimeAsFileTime
GetStartupInfoW
HeapSetInformation
GetCommandLineW
CreateThread
ExitThread
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
InitializeCriticalSectionAndSpinCount
RaiseException
DecodePointer
EncodePointer
LoadLibraryW
SetLastError
GetCurrentDirectoryW
GetFileAttributesW
SetFileTime
SystemTimeToFileTime
ReadFile
GetCurrentThreadId
DeleteCriticalSection
FindNextFileW
CreateEventW
GetLocalTime
ResetEvent
FindClose
EnterCriticalSection
FlushFileBuffers
LeaveCriticalSection
InitializeCriticalSection
SetEvent
MoveFileExW
FindResourceExW
FindFirstFileW
GetFileSize
CreateFileW
WriteFile
SetEndOfFile
SetFilePointer
DeleteFileW
SetFileAttributesW
GetCurrentProcessId
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
GlobalFree
TerminateProcess
OpenProcess
GetSystemInfo
GetExitCodeThread
GetProcAddress
GetVersionExW
GetModuleHandleW
GetCurrentProcess
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
TerminateThread
WaitForSingleObject
GetDiskFreeSpaceExW
ExpandEnvironmentStringsW
WritePrivateProfileStringW
CreateDirectoryW
Sleep
LockResource
SizeofResource
LoadResource
FindResourceW
GetLastError
CreateMutexW
OutputDebugStringW
GetModuleFileNameW
TlsFree
WriteConsoleW

user32

MapWindowPoints
GetFocus
DestroyWindow
BeginPaint
IsRectEmpty
UpdateLayeredWindow
EndPaint
GetWindowDC
ReleaseDC
PtInRect
ReleaseCapture
SetCapture
KillTimer
SetTimer
InvalidateRect
GetUpdateRect
GetCursorPos
MoveWindow
CharNextW
SetCursor
wvsprintfW
GetWindowTextW
GetWindowTextLengthW
SetWindowTextW
ClientToScreen
MessageBoxW
FindWindowW
PostMessageW
SetForegroundWindow
LoadStringW
GetWindowLongW
SetWindowLongW
IsZoomed
ScreenToClient
HideCaret
ShowCaret
IntersectRect
GetSysColor
SystemParametersInfoW
GetClientRect
IsIconic
GetMonitorInfoW
MonitorFromWindow
IsWindowVisible
GetDC
GetKeyState
GetWindowRect
SetWindowRgn
PostQuitMessage
SendMessageW
IsWindow
ShowWindow
PostThreadMessageW
GetMessageW
GetSystemMetrics
GetParent
DefWindowProcW
DispatchMessageW
TranslateMessage
SetFocus
EnableWindow
GetWindow
GetPropW
RemovePropW
SetPropW
SetWindowPos
LoadImageW
CallWindowProcW
OffsetRect
InflateRect
DestroyIcon
RegisterClassW
LoadCursorW
FillRect
DrawTextW
CharPrevW
SetRect
SetCaretPos
InvalidateRgn
CreateAcceleratorTableW
CreateCaret
RegisterClassExW
GetClassInfoExW
CreateWindowExW

gdi32

GetTextMetricsW
DeleteObject
CreateRoundRectRgn
GetClipBox
CombineRgn
StretchBlt
LineTo
MoveToEx
CreatePenIndirect
Rectangle
CreatePen
SelectObject
TextOutW
SetBkColor
GetTextExtentPoint32W
GetObjectA
SetStretchBltMode
ExtTextOutW
GetCharABCWidthsW
CreateBitmap
GetDeviceCaps
PlgBlt
CreateFontIndirectW
GetObjectW
GetStockObject
DeleteDC
CreateDIBSection
CreateCompatibleDC
SetWindowOrgEx
RestoreDC
BitBlt
SaveDC
CreateCompatibleBitmap
GdiFlush
CreateSolidBrush
SetBkMode
SetTextColor
CreatePatternBrush
GetViewportOrgEx
GetCurrentObject
ExtSelectClipRgn
RoundRect
SelectClipRgn
CreateRectRgnIndirect

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueW
RegCloseKey
OpenProcessToken
RegQueryValueExA
RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW

shell32

SHGetSpecialFolderPathW
SHGetFolderPathW
SHGetPathFromIDListW
SHCreateDirectoryExW
SHChangeNotify
ShellExecuteW
SHBrowseForFolderW
ord165

ole32

OleLockRunning
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoCreateGuid
StringFromGUID2
CoUninitialize
CoInitialize

oleaut32

VariantInit
SysFreeString
VariantClear
SysAllocString

winmm

timeKillEvent
timeGetDevCaps
timeSetEvent
timeBeginPeriod

comctl32

_TrackMouseEvent

gdiplus

GdipDrawImageRectRect
GdipDrawString
GdipFillPath
GdipDrawPath
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipCloneBrush
GdipAddPathArcI
GdipAddPathLineI
GdipClosePathFigure
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipCreateTexture
GdipCreateFontFromDC
GdipCreateBitmapFromHBITMAP
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteFont
GdipDeleteGraphics
GdipDeletePath
GdipCreatePath
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeletePen
GdipCreatePen1
GdipDeleteBrush
GdipAlloc
GdipFree
GdiplusShutdown
GdiplusStartup
GdipCreateSolidFill
GdipCreateFontFromLogfontA
GdipCloneImage
GdipSetTextRenderingHint
GdipCreateFromHDC

shlwapi

PathFindFileNameW
PathFileExistsW

msimg32

AlphaBlend

iphlpapi

GetAdaptersInfo

winhttp

WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpAddRequestHeaders
WinHttpReadData
WinHttpReceiveResponse
WinHttpSetTimeouts
WinHttpSetOption
WinHttpSendRequest
WinHttpConnect
WinHttpCloseHandle
WinHttpQueryDataAvailable
WinHttpOpen
WinHttpOpenRequest

Sections

.text
Size: 557KB - Virtual size: 556KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56.7MB - Virtual size: 56.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d461fe5c93dcc91e42ea79cc37a3ce16

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

winmm

comctl32

gdiplus

shlwapi

msimg32

iphlpapi

winhttp

Sections

.text Size: 557KB - Virtual size: 556KB

.rdata Size: 133KB - Virtual size: 132KB

.data Size: 12KB - Virtual size: 94KB

.rsrc Size: 56.7MB - Virtual size: 56.7MB

.reloc Size: 183KB - Virtual size: 183KB

.text
Size: 557KB - Virtual size: 556KB

.rdata
Size: 133KB - Virtual size: 132KB

.data
Size: 12KB - Virtual size: 94KB

.rsrc
Size: 56.7MB - Virtual size: 56.7MB

.reloc
Size: 183KB - Virtual size: 183KB