2024-09-12_5360c478b804b42e651ca393492cb52d_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-09-12_5360c478b804b42e651ca393492cb52d_mafia
Size

370KB
MD5

5360c478b804b42e651ca393492cb52d
SHA1

f3451cb0f9332c77b6a34068b219b22022818de8
SHA256

140665c346981c6391496e9312e4c5600233dc9bc0278144468b07ef214dba0f
SHA512

ab5e9c675322713e08bc3acc32e5b1bba9ad6882e71c8490f68ee479b900aa6cba92c296c6f3e0fb8e03a6bd9a3f1df839f04636c29826dfaca994d65183ef94
SSDEEP

6144:RXatGLZz2wEZbqv+JkeTP1DJzjnGYUOTAf8AWGmQ9oOyuFkfoQ:xPrEZbU+J/P1pHUOMEANN9fkv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-12_5360c478b804b42e651ca393492cb52d_mafia

Files

2024-09-12_5360c478b804b42e651ca393492cb52d_mafia
.exe windows:5 windows x86 arch:x86

55e34ead2249609fc31380b44ab5d8a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\我的C++程序\RXBB_MF\Release\热血宝宝免费版.pdb

Imports

kernel32

GetFileAttributesA
GetFileSizeEx
GetFileTime
WaitForSingleObject
GlobalFlags
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
SetErrorMode
EncodePointer
DecodePointer
HeapFree
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RtlUnwind
RaiseException
VirtualProtect
VirtualAlloc
FileTimeToLocalFileTime
VirtualQuery
HeapReAlloc
ExitProcess
HeapQueryInformation
HeapSize
UnhandledExceptionFilter
IsDebuggerPresent
IsValidCodePage
LCMapStringW
HeapCreate
GetStringTypeW
CompareStringW
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
FileTimeToSystemTime
GetFileAttributesExA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
lstrcmpA
InterlockedExchange
GetThreadLocale
InterlockedIncrement
GetModuleFileNameA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
FindResourceA
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
lstrcmpW
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
lstrlenA
SetUnhandledExceptionFilter
Sleep
GetModuleHandleA
CreateRemoteThread
GetModuleHandleW
VirtualFreeEx
VirtualAllocEx
Module32Next
Module32First
CreateToolhelp32Snapshot
GetCurrentProcess
GetCurrentProcessId
CreateFileA
GetLocalTime
GetCurrentThreadId
GetModuleFileNameW
TerminateProcess
WriteProcessMemory
OpenProcess
GetPrivateProfileStringW
GetTickCount
CloseHandle
CreateMutexA
LoadLibraryA
FreeLibrary
lstrcpyA
GetProcAddress
GetVersionExA
LoadLibraryW
GetSystemDirectoryW
FindResourceW
LoadResource
LockResource
SizeofResource
GetACP
WideCharToMultiByte
MultiByteToWideChar
ActivateActCtx
GetLastError
DeactivateActCtx
GetSystemInfo
SetLastError

user32

UnregisterClassA
SetRect
CopyAcceleratorTableA
IsRectEmpty
InvalidateRgn
SetCapture
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
TabbedTextOutA
GetMenuState
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextA
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetKeyState
SetMenu
RedrawWindow
IsWindowVisible
ValidateRect
UpdateWindow
MessageBoxA
GetClassInfoExA
RegisterClassA
RealChildWindowFromPoint
ScreenToClient
EqualRect
GetDlgCtrlID
CallWindowProcA
SetWindowPos
PtInRect
UnhookWindowsHookEx
GetActiveWindow
GetMenuItemID
AdjustWindowRectEx
GetWindowLongA
SetWindowLongA
GetMenu
CreateWindowExA
GetSubMenu
GetMenuItemCount
DrawIcon
IsIconic
KillTimer
keybd_event
EnableScrollBar
SetTimer
IsHungAppWindow
FindWindowA
PostMessageA
IsWindow
DispatchMessageA
LoadIconW
RegisterWindowMessageA
MsgWaitForMultipleObjects
PeekMessageA
SetForegroundWindow
ShowWindow
AttachThreadInput
GetForegroundWindow
GetWindowThreadProcessId
GetClassInfoA
DefWindowProcA
GetWindow
EnableWindow
LoadCursorA
MapWindowPoints
GetParent
GetSysColorBrush
GetSysColor
SystemParametersInfoA
EnumDisplayMonitors
SetRectEmpty
CopyRect
GetMonitorInfoA
GetSystemMetrics
GetClientRect
SendMessageA
GetClassNameA
DestroyMenu
ReleaseCapture
IntersectRect
GetMessageA
SetCursor
TranslateMessage
GetCursorPos
CharUpperA
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
OffsetRect
CharNextA
InvalidateRect
IsWindowEnabled
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
GetWindowRect
DrawTextA

gdi32

SetMapMode
GetClipBox
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreateBitmap
GetBkColor
GetTextColor
GetMapMode
GetRgnBox
SaveDC
RestoreDC
SetBkColor
SetTextColor
CreateRectRgnIndirect
CreateDIBitmap
GetTextMetricsA
CreatePatternBrush
CreatePen
CreateSolidBrush
GetObjectA
GetStockObject
CreateFontIndirectA
EnumFontFamiliesA
GetTextCharsetInfo
SetViewportOrgEx
GetDeviceCaps
DeleteObject

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

shlwapi

PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFileExistsW
PathFindExtensionA

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleIsCurrentClipboard
CoRevokeClassObject
CoTaskMemFree
CoUninitialize
OleFlushClipboard
CoRegisterMessageFilter
CoCreateInstance
CoInitialize
CoTaskMemAlloc

oleaut32

SysAllocStringByteLen
VariantChangeType
VariantClear
SysStringLen
SysAllocStringLen
SysFreeString
OleCreateFontIndirect
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString
VariantInit

oledlg

ord8

dbghelp

MiniDumpWriteDump

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 235KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55e34ead2249609fc31380b44ab5d8a7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shlwapi

ole32

oleaut32

oledlg

dbghelp

oleacc

Sections

.text Size: 235KB - Virtual size: 235KB

.rdata Size: 63KB - Virtual size: 63KB

.data Size: 11KB - Virtual size: 27KB

.rsrc Size: 18KB - Virtual size: 17KB

.reloc Size: 40KB - Virtual size: 40KB

.text
Size: 235KB - Virtual size: 235KB

.rdata
Size: 63KB - Virtual size: 63KB

.data
Size: 11KB - Virtual size: 27KB

.rsrc
Size: 18KB - Virtual size: 17KB

.reloc
Size: 40KB - Virtual size: 40KB