2024-09-19_f6812fbb08c901229c78f435e97e0205_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-19_f6812fbb08c901229c78f435e97e0205_mafia
Size

1.9MB
MD5

f6812fbb08c901229c78f435e97e0205
SHA1

d40a5725d2e500e0fa99cc4a5ada115125853709
SHA256

189c6db5ee807cc86de22fce1ebc66b8dbe4d59425ef55da8af0078fc6030f95
SHA512

935bce6c833b72430407c8664d8657f79c93355e65e09ec86769ce319488e5deb72b50350a642c0ebe4a201059c42f425ea10c5a950e52d3e5fb34caf716659d
SSDEEP

49152:RfP8gy+GmU7xmakE93o7NtdBi6y2XUpGGq9SBgteIcZWqqSbun/84iXY/k:h8vNmU7VkE93o7NJBy2XUpGGq1cZWq/r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-19_f6812fbb08c901229c78f435e97e0205_mafia

Files

2024-09-19_f6812fbb08c901229c78f435e97e0205_mafia
.exe windows:5 windows x86 arch:x86

48f391fb9f7bb1602958ce97e49d123e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

hfc_portusb10

??1CHfc_portusb10@@UAE@XZ
?WritePortData@CHfc_portusb10@@UAEGPAEK@Z
?ReadPortData@CHfc_portusb10@@UAEGPAEK@Z
?ClosePort@CHfc_portusb10@@UAEHXZ
??0CHfc_portusb10@@QAE@XZ
?GetPortCount@CHfc_portusb10@@UAEGPAE@Z
?OpenPort@CHfc_portusb10@@UAEHE@Z

hfc_portusb

?WritePortData@CHfc_portusb@@UAEGPAEK@Z
?ReadPortData@CHfc_portusb@@UAEGPAEK@Z
?ClosePort@CHfc_portusb@@UAEHXZ
?OpenPort@CHfc_portusb@@UAEHE@Z
??1CHfc_portusb@@UAE@XZ
?GetPortCount@CHfc_portusb@@UAEGPAE@Z
??0CHfc_portusb@@QAE@E@Z

hfc_hrcp10

?ReleaseRecvData@CHfc_hrcp10@@QAEXXZ
??0CHfc_hrcp10@@QAE@PAVCBaseComm@@PAD@Z
??1CHfc_hrcp10@@UAE@XZ
?OpenPortConnect@CHfc_hrcp10@@QAEGE@Z
?ClosePort@CHfc_hrcp10@@QAEHXZ
?SetTimeout@CHfc_hrcp10@@QAEXK@Z
?WriteDataWithWaitSignal@CHfc_hrcp10@@QAEPAURECV_DATA@@GGPAE@Z

hfc_hrcp

?ReleaseRecvData@CHfc_hrcp@@QAEXXZ
?SetTimeout@CHfc_hrcp@@QAEXK@Z
?ClosePort@CHfc_hrcp@@QAEHXZ
?OpenPortConnect@CHfc_hrcp@@QAEGE@Z
??1CHfc_hrcp@@UAE@XZ
??0CHfc_hrcp@@QAE@PAVCBaseComm@@PAD@Z
?WriteDataWithWaitSignal@CHfc_hrcp@@QAEPAURECV_DATA@@GGPAEH@Z

winmm

mmioRead
mmioSeek
mmioClose
mmioOpenW
PlaySoundW

kernel32

HeapReAlloc
ExitProcess
ExitThread
HeapAlloc
HeapQueryInformation
HeapSize
GetSystemTimeAsFileTime
VirtualAlloc
GetSystemInfo
VirtualQuery
SetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetTimeZoneInformation
LCMapStringW
GetConsoleCP
GetConsoleMode
GetDriveTypeW
WriteConsoleW
SetEnvironmentVariableA
HeapFree
GetStartupInfoW
HeapSetInformation
GetCommandLineW
GetUserDefaultLCID
SearchPathW
GetProfileIntW
InitializeCriticalSectionAndSpinCount
GetTempPathW
GetTempFileNameW
GetNumberFormatW
GetWindowsDirectoryW
FindResourceExW
SetErrorMode
lstrcpyW
GetCurrentDirectoryW
GlobalGetAtomNameW
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
VirtualProtect
GetFileTime
GetFileSizeEx
GetFileAttributesW
RaiseException
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
lstrcmpiW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindFirstFileW
FindNextFileW
FindClose
CreateEventW
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
WritePrivateProfileStringW
GetTickCount
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
InterlockedExchange
GetThreadLocale
InterlockedIncrement
lstrlenA
lstrcmpA
GetCurrentProcessId
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
WideCharToMultiByte
lstrlenW
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
FreeLibrary
CompareStringW
lstrcmpW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetLocalTime
Sleep
TerminateThread
CreateDirectoryW
SetThreadPriorityBoost
DeleteFileW
GetModuleFileNameW
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
ActivateActCtx
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetLastError
DeactivateActCtx
SetLastError
RtlUnwind
DecodePointer
GetFileAttributesExW
EncodePointer
CreateThread

user32

DrawFrameControl
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableW
SetCursorPos
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
FrameRect
CopyIcon
CharUpperBuffW
IsCharLowerW
MapVirtualKeyExW
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
CreateMenu
IsClipboardFormatAvailable
GetUpdateRect
GetDoubleClickTime
SubtractRect
DestroyCursor
GetWindowRgn
LoadAcceleratorsW
InsertMenuItemW
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorW
DestroyIcon
GetNextDlgGroupItem
PostThreadMessageW
SetLayeredWindowAttributes
EnumDisplayMonitors
KillTimer
SetTimer
DeleteMenu
WaitMessage
WindowFromPoint
ReleaseCapture
SetCapture
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableW
UnregisterClassW
IntersectRect
LoadCursorW
GetSysColorBrush
RealChildWindowFromPoint
GetAsyncKeyState
CharUpperW
SetRectEmpty
IsZoomed
ShowOwnedPopups
SetCursor
GetMessageW
TranslateMessage
ValidateRect
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatW
PostQuitMessage
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
OffsetRect
CharNextW
GetWindowThreadProcessId
MapVirtualKeyW
GetKeyNameTextW
EndPaint
BeginPaint
ReleaseDC
GetDC
GrayStringW
DrawTextExW
TabbedTextOutW
GetMenuStringW
InsertMenuW
RemoveMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
CheckMenuItem
MoveWindow
DrawEdge
IsDialogMessageW
SetDlgItemTextW
GetDlgItemTextW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
PtInRect
SetWindowPlacement
GetWindowPlacement
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowPos
GetWindow
EnumChildWindows
GetClassNameW
GetDlgCtrlID
GetFocus
ShowWindow
GetDlgItem
DrawMenuBar
RegisterDeviceNotificationW
DrawIcon
GetSystemMetrics
IsIconic
GetMenuItemID
GetSubMenu
ModifyMenuW
GetMenuItemCount
LoadMenuW
GetWindowRect
GetWindowDC
AppendMenuW
LoadIconW
EnableMenuItem
GetSystemMenu
ScreenToClient
GetCursorPos
DrawStateW
SetClassLongW
DestroyAcceleratorTable
SetParent
DrawIconEx
CopyImage
GetIconInfo
HideCaret
DrawFocusRect
InvertRect
GetMenuDefaultItem
SetMenuDefaultItem
IsMenu
MonitorFromPoint
DrawTextW
FillRect
InvalidateRect
CopyRect
GetClientRect
RedrawWindow
SetWindowLongW
GetWindowLongW
LockWindowUpdate
ClientToScreen
LoadImageW
UpdateLayeredWindow
EnableScrollBar
UnionRect
ReuseDDElParam
SetWindowRgn
SetWindowTextW
UnpackDDElParam
GetSysColor
MessageBeep
PostMessageW
GetKeyState
GetParent
SendMessageW
EnableWindow
IsWindowEnabled
NotifyWinEvent

gdi32

SetTextAlign
GetLayout
SetLayout
DeleteObject
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
SetViewportOrgEx
CreatePen
CreateSolidBrush
CreateHatchBrush
PatBlt
GetBkColor
GetTextColor
CreateFontIndirectW
GetTextExtentPoint32W
GetTextMetricsW
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
GetRgnBox
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
MoveToEx
CreateRoundRectRgn
CreateDIBSection
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
SetPixelV
GetTextFaceW
SelectObject
Escape
ExtTextOutW
GetTextCharsetInfo
LineTo
TextOutW
RectVisible
PtVisible
GetPixel
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateDCW
CopyMetaFileW
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetDeviceCaps
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
EnumFontFamiliesExW
CreateRectRgnIndirect
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
OffsetViewportOrgEx

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegCloseKey
RegEnumKeyExW
RegEnumValueW

shell32

SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetMalloc
SHGetFileInfoW
SHAppBarMessage
ShellExecuteW
SHGetPathFromIDListW
SHGetDesktopFolder
DragQueryFileW
DragFinish

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

ole32

OleUninitialize
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
DoDragDrop
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoInitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitializeEx
CoCreateInstance
CoUninitialize
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries

oleaut32

SysAllocString
OleCreateFontIndirect
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString
VarBstrFromDate
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VariantCopy
VarDateFromStr
VariantInit

oledlg

OleUIBusyW

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

gdiplus

GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI
GdipGetImageHeight

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 319KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48f391fb9f7bb1602958ce97e49d123e

Headers

DLL Characteristics

File Characteristics

Imports

hfc_portusb10

hfc_portusb

hfc_hrcp10

hfc_hrcp

winmm

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

oleacc

gdiplus

imm32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 319KB - Virtual size: 318KB

.data Size: 25KB - Virtual size: 55KB

.rsrc Size: 57KB - Virtual size: 57KB

.reloc Size: 179KB - Virtual size: 178KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 319KB - Virtual size: 318KB

.data
Size: 25KB - Virtual size: 55KB

.rsrc
Size: 57KB - Virtual size: 57KB

.reloc
Size: 179KB - Virtual size: 178KB