2024-09-11_66efe7116c12a7cdf393039571f69c85_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-11_66efe7116c12a7cdf393039571f69c85_mafia
Size

47.6MB
MD5

66efe7116c12a7cdf393039571f69c85
SHA1

9871474ada4471caeb3b572bb1f015a9d7a72165
SHA256

eba2c134bbc86e299d5ba43564c41f38c4445cc444ba7c3ac9515a2bbc548c33
SHA512

fcf5dbc4ccc57ef3250fee522d11f1278ff44ebb9935dedbd4e392c04882cd95006040da548e275b2208d66de7541990aefd4437b30b49c57539c4b0c3be3b8b
SSDEEP

786432:lQs/kd1ZKbhsgse2scxdbYENcjSNlNdd/RM54ag0DJStN5jUrhii+rJm3AsB5d7:lQs/fFS7s0bdNcqNdZStgE47uuJm3nBM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-11_66efe7116c12a7cdf393039571f69c85_mafia

Files

2024-09-11_66efe7116c12a7cdf393039571f69c85_mafia
.exe windows:5 windows x86 arch:x86

3a10502f8fc5c937f48d65297621158d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
CreateFileW
GlobalGetAtomNameW
ReleaseActCtx
GetCurrentDirectoryW
lstrlenA
GetThreadLocale
FileTimeToSystemTime
GlobalFlags
LocalAlloc
TlsGetValue
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
DeleteFileW
GetStringTypeExW
lstrcmpiW
MoveFileW
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileW
GetVolumeInformationW
GetShortPathNameW
GetTempPathW
FileTimeToLocalFileTime
GetFileAttributesExW
LocalFileTimeToFileTime
GetFileSizeEx
GetProfileIntW
Sleep
SearchPathW
GetWindowsDirectoryW
GetNumberFormatW
FindResourceExW
EncodePointer
DecodePointer
ExitProcess
GetCommandLineW
HeapSetInformation
GetStartupInfoW
HeapAlloc
HeapFree
RtlUnwind
RaiseException
HeapReAlloc
ExitThread
CreateThread
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
QueryPerformanceCounter
GetStringTypeW
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
SetEnvironmentVariableA
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
SetFileTime
ReplaceFileW
SystemTimeToFileTime
GetFileAttributesW
GetUserDefaultLCID
GlobalFindAtomW
GetVersionExW
CompareStringW
ResumeThread
SetThreadPriority
CopyFileW
GlobalSize
FormatMessageW
LocalFree
MulDiv
GlobalAddAtomW
FreeResource
GlobalFree
GetCurrentProcessId
GetTickCount
GetPrivateProfileStringW
lstrlenW
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetModuleFileNameW
GetLocaleInfoW
CompareStringA
MultiByteToWideChar
WideCharToMultiByte
GlobalAlloc
InterlockedExchange
FreeLibrary
GlobalUnlock
GlobalLock
lstrcmpW
GlobalReAlloc
EnterCriticalSection
GetStdHandle
LeaveCriticalSection
lstrcpyW
WaitForSingleObject
WriteFile
GetModuleFileNameA
CloseHandle
ReadFile
GetFileSize
CreateFileA
VirtualProtect
LoadLibraryA
GetModuleHandleA
VirtualAlloc
ActivateActCtx
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetLastError
DeactivateActCtx
SetLastError
InterlockedDecrement
InterlockedIncrement
FindResourceW
LoadResource
LockResource
SizeofResource

user32

GetAsyncKeyState
CharUpperW
GetMenuDefaultItem
IsMenu
DrawIconEx
SetMenuDefaultItem
OpenClipboard
CopyImage
SetClipboardData
CloseClipboard
EmptyClipboard
UnionRect
GetUpdateRect
LockWindowUpdate
GetKeyNameTextW
MapVirtualKeyW
GetMenuItemInfoW
SetClassLongW
DestroyAcceleratorTable
EnableScrollBar
UpdateLayeredWindow
DrawEdge
DrawFrameControl
DrawFocusRect
EnumDisplayMonitors
SetLayeredWindowAttributes
GetIconInfo
CharUpperBuffW
FrameRect
InvertRect
HideCaret
RealChildWindowFromPoint
CopyAcceleratorTableW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableW
EnumChildWindows
CharNextW
InvalidateRgn
GetNextDlgGroupItem
DestroyCursor
IsClipboardFormatAvailable
DrawIcon
GetDoubleClickTime
SetCursorPos
CopyIcon
SubtractRect
IsCharLowerW
MapVirtualKeyExW
CreateMenu
GetTabbedTextExtentW
GetWindowRgn
CreatePopupMenu
IntersectRect
BringWindowToTop
TranslateAcceleratorW
LoadIconW
SendDlgItemMessageA
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetMessageTime
GetMessagePos
MonitorFromWindow
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcW
CallWindowProcW
GetMenu
ShowOwnedPopups
SetCursor
GetMessageW
IsWindowVisible
NotifyWinEvent
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
TranslateMessage
DispatchMessageW
PeekMessageW
WaitMessage
PostThreadMessageW
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
PtInRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
RemoveMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetNextDlgTabItem
EndDialog
GetClassNameW
DrawStateW
GetWindowTextLengthW
GetWindowTextW
SetFocus
ShowWindow
MoveWindow
SetWindowLongW
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SendDlgItemMessageW
GetDlgItem
CheckDlgButton
LoadAcceleratorsW
DestroyMenu
GetSysColorBrush
MonitorFromPoint
GetMonitorInfoW
GetCursorPos
SetWindowRgn
FillRect
CopyRect
RegisterWindowMessageW
IsWindow
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
MessageBoxW
RegisterClipboardFormatW
SystemParametersInfoW
OffsetRect
MessageBeep
IsZoomed
PostMessageW
PostQuitMessage
UpdateWindow
EnableWindow
ClientToScreen
GetParent
SetRectEmpty
LoadMenuW
GetSubMenu
SendMessageW
ScreenToClient
GetClientRect
InvalidateRect
GetWindowRect
InflateRect
GetSysColor
LoadBitmapW
IsChild
GetFocus
LoadImageW
GetSystemMetrics
RedrawWindow
LoadCursorW
WindowFromPoint
SetCapture
KillTimer
SetTimer
GetSystemMenu
DeleteMenu
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
SetParent
IsRectEmpty
SetRect
UnpackDDElParam
ReuseDDElParam
DestroyIcon
ReleaseCapture
IsIconic
GetKeyState
InsertMenuItemW
GetTopWindow

gdi32

CreateSolidBrush
GetDeviceCaps
CopyMetaFileW
CreateDCW
SaveDC
RestoreDC
SetBkColor
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
GetObjectW
GetTextExtentPoint32W
GetStockObject
DeleteObject
CreateFontIndirectW
MoveToEx
SetTextAlign
GetLayout
SetLayout
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
DPtoLP
CreateCompatibleBitmap
CreateHatchBrush
CreatePen
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
StartDocW
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
GetObjectType
SelectPalette
CreateCompatibleDC
CreateBitmap
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
GetCurrentPositionEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
CreateDIBSection
CreateRectRgnIndirect
GetTextColor
SetDIBColorTable
CreateRoundRectRgn
SetPixelV
PatBlt
GetDIBits
RealizePalette
CombineRgn
StretchBlt
SetPixel
GetTextMetricsW
SetRectRgn
GetMapMode
CreateEllipticRgn
CreatePolygonRgn
GetBkColor
Polyline
Ellipse
Polygon
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
Rectangle
RoundRect
OffsetRgn
GetRgnBox
GetCharWidthW
GetViewportOrgEx
LPtoDP
ExtFloodFill
CreatePalette
GetPaletteEntries
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceW
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
EnumFontFamiliesExW
ScaleWindowExtEx

shell32

SHBrowseForFolderW
DragFinish
DragQueryFileW
SHAppBarMessage
SHAddToRecentDocs
ShellExecuteW
SHGetFileInfoW
ExtractIconW
ShellExecuteExA
SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder

oleaut32

VariantChangeType
VariantInit
SysStringLen
VariantCopy
SysAllocStringLen
SysFreeString
VariantClear
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
OleCreateFontIndirect
SysAllocString

msimg32

TransparentBlt
AlphaBlend

comctl32

InitCommonControlsEx
ImageList_DrawEx
ImageList_Destroy
ImageList_GetImageCount
ImageList_Create
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_GetIconSize

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW

oledlg

OleUIBusyW

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipDrawImageI

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

winspool.drv

ClosePrinter
GetJobW
OpenPrinterW
DocumentPropertiesW

comdlg32

GetFileTitleW

advapi32

RegEnumValueW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegSetValueW
SetFileSecurityW
GetFileSecurityW
RegEnumKeyExW

ole32

DoDragDrop
OleGetClipboard
OleLockRunning
OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
ReleaseStgMedium
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoInitializeEx
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoCreateGuid
OleIsCurrentClipboard
CoRevokeClassObject
CoGetClassObject
CoInitialize
CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal
OleDuplicateData
StringFromCLSID
CoTaskMemAlloc

Exports

Exports

RunWebHelper

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45.8MB - Virtual size: 45.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 294KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a10502f8fc5c937f48d65297621158d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

oleaut32

msimg32

comctl32

shlwapi

oledlg

gdiplus

oleacc

imm32

winmm

winspool.drv

comdlg32

advapi32

ole32

Exports

Exports

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 45.8MB - Virtual size: 45.8MB

.data Size: 28KB - Virtual size: 59KB

.rsrc Size: 69KB - Virtual size: 72KB

.reloc Size: 294KB - Virtual size: 294KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 45.8MB - Virtual size: 45.8MB

.data
Size: 28KB - Virtual size: 59KB

.rsrc
Size: 69KB - Virtual size: 72KB

.reloc
Size: 294KB - Virtual size: 294KB