2024-09-19_e913051162f65e0ec8dbf4b5298c3c25_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-09-19_e913051162f65e0ec8dbf4b5298c3c25_mafia
Size

2.0MB
MD5

e913051162f65e0ec8dbf4b5298c3c25
SHA1

3ea592671e223ca6887b0276191a02c11ee5e2bb
SHA256

a7c8a7174184b508f300c0c9b36bd25cefaea153addbaaca226f39a1aa89df0f
SHA512

f75534fd9027a2f54c66352379349f905e0d8d1f67a1e4372e349f7cd25ef7229ac08430e77d610a625b3bbefc1ffd420ee190521bf16d2c1cf4c0f733cdc0e7
SSDEEP

49152:ePBWNf/xMUk3/79fj+F0wC2eiiHVF/GuqDvyIHd/DvVLJiWjS3uVJwer2jxToZ/x:ePoNfvy7V+Fc2eiiHVF/GuqDvyIHdKWU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-19_e913051162f65e0ec8dbf4b5298c3c25_mafia

Files

2024-09-19_e913051162f65e0ec8dbf4b5298c3c25_mafia
.exe windows:5 windows x86 arch:x86

6b2c8a7b18c937690f58639eaf563786

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\My Business\oDesk.com\bids\Under Progress\BHO Toolbar - Antivirus Signature Removal (201917641)\src\flipopia_work_3\Flipopia_only\code\project\Flipopia v1.3\Release\Flipopia.pdb

Imports

kernel32

ConnectNamedPipe
CreateNamedPipeA
GetModuleHandleA
GetCurrentThreadId
lstrcmpiA
GetCommandLineA
GetVolumeInformationA
WideCharToMultiByte
ExitProcess
CreateMutexA
GetCurrentProcessId
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetFileTime
GetTempPathA
CopyFileA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
FileTimeToLocalFileTime
FileTimeToSystemTime
GetComputerNameA
FreeResource
FindResourceA
Sleep
CreateProcessA
ReadFile
lstrlenA
GetFileAttributesA
CreateDirectoryA
FindNextFileA
FindClose
DeleteFileA
FindFirstFileA
LocalFree
FormatMessageA
SetLastError
OpenProcess
TerminateProcess
WaitForSingleObject
FreeLibrary
GetProcAddress
LoadLibraryA
GetVersionExA
GetShortPathNameA
GetModuleFileNameA
GetCurrentProcess
SetPriorityClass
DeviceIoControl
GetLastError
CreateFileA
GetTimeZoneInformation
GetSystemTime
GetTempFileNameA
MultiByteToWideChar
CloseHandle
WriteFile
SetFilePointer
lstrcpyA
lstrcmpA
FindResourceW
MulDiv
lstrlenW
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GlobalFree
DeactivateActCtx
CreateActCtxW
ReleaseActCtx
ActivateActCtx
GetModuleFileNameW
InterlockedDecrement
SystemTimeToFileTime
CreateSemaphoreA
ReleaseSemaphore
CreateEventA
MoveFileA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetFullPathNameA
SetThreadPriority
ResumeThread
SetEvent
SuspendThread
GetFileAttributesExA
SetFileAttributesA
GetFileSizeEx
GlobalGetAtomNameA
GetModuleHandleW
InterlockedExchange
CompareStringA
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
GlobalDeleteAtom
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalAddAtomA
InterlockedIncrement
lstrcmpW
LoadLibraryW
GlobalFindAtomA
LocalAlloc
GetUserDefaultLCID
TlsGetValue
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
SetErrorMode
GetCurrentDirectoryA
GetACP
GetCPInfo
GetOEMCP
GetWindowsDirectoryA
GetNumberFormatA
GetTickCount
GetProfileIntA
SearchPathA
VirtualProtect
FindResourceExW
HeapFree
HeapAlloc
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
GetFileInformationByHandle
PeekNamedPipe
GetFileType
HeapReAlloc
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSetInformation
GetStartupInfoW
RtlUnwind
RaiseException
ExitThread
CreateThread
HeapQueryInformation
HeapSize
SetStdHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
GetConsoleCP
GetConsoleMode
GetStdHandle
IsValidCodePage
IsProcessorFeaturePresent
SetHandleCount
GetLocaleInfoW
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetDriveTypeW
GetStringTypeW
CompareStringW
WriteConsoleW
EnumSystemLocalesA
IsValidLocale
GetCurrentDirectoryW
GetProcessHeap
CreateFileW
SetEnvironmentVariableA
LoadResource
LockResource
SizeofResource

user32

LoadImageW
RegisterClipboardFormatA
DrawIcon
MapDialogRect
SubtractRect
MapVirtualKeyExA
CopyIcon
CharUpperBuffA
GetDoubleClickTime
IsCharLowerA
DestroyCursor
GetWindowRgn
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetWindow
SendMessageTimeoutA
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
PostThreadMessageA
CreateMenu
GetParent
GetClassNameA
RegisterWindowMessageA
wsprintfA
PostMessageA
FindWindowExA
GetWindowThreadProcessId
GetSystemMetrics
BringWindowToTop
SetWindowTextA
GetClientRect
EnableWindow
SetParent
SetTimer
KillTimer
GetWindowTextA
GetCursorPos
EnumChildWindows
EnumThreadWindows
WaitForInputIdle
FindWindowA
SetForegroundWindow
GetForegroundWindow
IsWindowVisible
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuA
GetMenuItemID
AppendMenuA
GetMenuStringA
GetMenuState
UnhookWindowsHookEx
GetWindowTextLengthA
CharUpperA
ValidateRect
PeekMessageA
GetKeyState
SendMessageA
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
SetWindowsHookExA
PostQuitMessage
EndDialog
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
GetWindowLongA
IsWindow
DestroyWindow
CreateDialogIndirectParamA
SetActiveWindow
GetDesktopWindow
CheckMenuItem
EnableMenuItem
ModifyMenuA
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
SetCursor
ShowOwnedPopups
MessageBoxA
GetLastActivePopup
SetWindowPos
SetWindowLongA
GetMenu
CallWindowProcA
DefWindowProcA
GetDlgCtrlID
GetWindowPlacement
SetWindowPlacement
PtInRect
CopyRect
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
ScreenToClient
GetWindowRect
AdjustWindowRectEx
GetSysColor
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
UpdateWindow
ShowScrollBar
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
SetMenu
TrackPopupMenu
ScrollWindow
MapWindowPoints
GetMonitorInfoA
MonitorFromWindow
GetMessagePos
GetMessageTime
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
SetFocus
RemovePropA
GetPropA
SetPropA
GetClassLongA
GetCapture
IsChild
WinHelpA
SendDlgItemMessageA
LoadIconA
LoadIconW
CheckDlgButton
IsDialogMessageA
MoveWindow
ShowWindow
GetSysColorBrush
ReleaseDC
GetDC
LoadCursorA
UnregisterClassA
ClientToScreen
RealChildWindowFromPoint
FillRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetWindowDC
BeginPaint
EndPaint
SetCapture
WindowFromPoint
LoadCursorW
ReleaseCapture
WaitMessage
DeleteMenu
InvalidateRect
SetRectEmpty
SystemParametersInfoA
EnumDisplayMonitors
SetLayeredWindowAttributes
IsIconic
DestroyIcon
InflateRect
GetMenuItemInfoA
DestroyMenu
IntersectRect
TranslateAcceleratorA
OffsetRect
CreatePopupMenu
InsertMenuItemA
LoadAcceleratorsA
LoadImageA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
IsRectEmpty
IsZoomed
SetWindowRgn
RedrawWindow
DestroyAcceleratorTable
NotifyWinEvent
GetAsyncKeyState
SetClassLongA
LoadMenuW
GetSystemMenu
MessageBeep
DrawStateA
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
CopyAcceleratorTableA
ToAsciiEx
MapVirtualKeyA
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetRect
SetCursorPos
LockWindowUpdate
GetMenuDefaultItem
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
CopyImage
GetNextDlgGroupItem
GetKeyNameTextA
UnionRect
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
UpdateLayeredWindow
IsMenu

advapi32

RegEnumKeyA
RegEnumValueA
RegQueryValueA
SetNamedSecurityInfoA
RegOpenKeyExA
RegQueryValueExA
AllocateAndInitializeSid
RegOpenKeyA
RegDeleteValueA
RegEnumKeyExA
RegDeleteKeyA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyExA
RegCloseKey
RegSetValueExA
GetLengthSid
SetTokenInformation
DuplicateTokenEx
OpenProcessToken

oleaut32

VariantChangeType
VariantClear
VariantCopy
VariantInit
SysAllocStringLen
SysAllocString
GetErrorInfo
LoadTypeLi
VarBstrFromDate
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringByteLen
SysFreeString

ole32

ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoCreateGuid
CoDisconnectObject
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
CreateStreamOnHGlobal
DoDragDrop
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoTaskMemFree
CoInitialize
CoUninitialize
CoInitializeEx
OleRun
CoCreateInstance
CoGetMalloc
StringFromIID

shell32

DragFinish
DragQueryFileA
SHGetSpecialFolderPathA
SHGetFolderLocation
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA
SHAppBarMessage
SHBrowseForFolderA
SHGetFileInfoA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathFileExistsA
PathAppendA
PathIsDirectoryA
SHSetValueA
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecA
SHGetValueA
PathStripToRootA
PathRemoveFileSpecW
PathRemoveExtensionA
PathIsUNCA

oleacc

ObjectFromLresult
CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

ws2_32

gethostbyname

wininet

InternetWriteFile
FindFirstUrlCacheEntryA
FindCloseUrlCache
InternetOpenA
InternetConnectA
InternetGetLastResponseInfoA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetGetCookieA
InternetSetCookieA
InternetGetConnectedState
InternetCloseHandle
InternetSetFilePointer
InternetSetStatusCallback
InternetReadFile
InternetQueryDataAvailable

gdiplus

GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipDrawImageI
GdipGetImagePalette

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA

gdi32

GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
GetViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
OffsetWindowOrgEx
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetPixelV
GetTextFaceA
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
EnumFontFamiliesExA
Rectangle
SetPixel
StretchBlt
SetDIBColorTable
GetRgnBox
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Ellipse
RestoreDC
SaveDC
DeleteObject
GetObjectA
SetBkColor
SetTextColor
GetDeviceCaps
CopyMetaFileA
CreateDCA
Polyline
CreateEllipticRgn
GetTextColor
GetBkColor
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
DPtoLP
PatBlt
CombineRgn
SetRectRgn
GetTextExtentPoint32A
GetTextCharsetInfo
EnumFontFamiliesA
GetTextMetricsA
CreateRectRgnIndirect
CreateCompatibleBitmap
CreateFontIndirectA
CreateDIBitmap
CreateHatchBrush
CreateSolidBrush
CreatePen
CreateBitmap

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetFileTitleA

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 336KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b2c8a7b18c937690f58639eaf563786

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

oleaut32

ole32

shell32

version

msimg32

comctl32

shlwapi

oleacc

ws2_32

wininet

gdiplus

imm32

winmm

gdi32

winspool.drv

comdlg32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 336KB - Virtual size: 336KB

.data Size: 28KB - Virtual size: 165KB

.rsrc Size: 15KB - Virtual size: 15KB

.reloc Size: 184KB - Virtual size: 183KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 336KB - Virtual size: 336KB

.data
Size: 28KB - Virtual size: 165KB

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 184KB - Virtual size: 183KB