2024-10-14_c2dd0c1dc7cec6781e02e7d22aff559e_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-14_c2dd0c1dc7cec6781e02e7d22aff559e_mafia
Size

1.7MB
MD5

c2dd0c1dc7cec6781e02e7d22aff559e
SHA1

65161f9719a76226f9aac27cc1d46030e8484dde
SHA256

af7115e48d1d22fe1eacbcd474daf1dee4df01ef1a6662f752e045fe01dbcb70
SHA512

6df2806c9626b1e25b9c36ca695ca8bdd1bf5cd95b71f9d31167d8f41c6f3a2b921264901b0e90b55aad3d05a79b37a2d903ef7caf0dde9128021c3f916aadea
SSDEEP

49152:F5nEGAG5z3uSMDSK5CkXPtaihVMdzsiZsS4FNHzpawdUExA+cAr9RA:FpT5z3uSMDgk4ihVMd4iZsSoiwmExA+F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-10-14_c2dd0c1dc7cec6781e02e7d22aff559e_mafia

Files

2024-10-14_c2dd0c1dc7cec6781e02e7d22aff559e_mafia
.exe windows:5 windows x86 arch:x86

65431f1769a4bc8fc29b649d5c38db57

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeInformationW
GetFullPathNameW
CreateActCtxW
ReleaseActCtx
SetThreadPriority
FlushFileBuffers
GetSystemDirectoryW
lstrcpyW
TlsGetValue
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalGetAtomNameW
lstrlenA
GlobalFlags
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetTempFileNameW
GetTempPathW
GetWindowsDirectoryW
GetNumberFormatW
GetTickCount
GetProfileIntW
Sleep
SearchPathW
VirtualProtect
GetUserDefaultLCID
FindResourceExW
GetTimeFormatW
GetDateFormatW
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
HeapFree
HeapSetInformation
HeapAlloc
RtlUnwind
RaiseException
HeapReAlloc
SetStdHandle
GetFileType
ExitThread
CreateThread
HeapQueryInformation
HeapSize
VirtualAlloc
GetSystemInfo
VirtualQuery
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
IsProcessorFeaturePresent
HeapCreate
LCMapStringW
GetStdHandle
DuplicateHandle
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoW
QueryPerformanceCounter
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
GetDriveTypeW
SetEnvironmentVariableA
SetFilePointer
WriteFile
DeleteFileW
lstrcmpiW
FindFirstFileW
FindNextFileW
FindClose
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileAttributesExW
SetErrorMode
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
GetProcAddress
CompareStringW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
FreeLibrary
lstrcmpW
GetCurrentThreadId
GetCurrentProcessId
ActivateActCtx
DeactivateActCtx
FreeResource
WideCharToMultiByte
SetLastError
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
SetEndOfFile
UnlockFile
FreeEnvironmentStringsW
LockFile
GetLogicalDriveStringsW
ReadFile
GetFileSize
CreateFileW
LocalFree
LocalSize
lstrlenW
LocalAlloc
FormatMessageW
WaitForSingleObject
GetModuleFileNameW
GetComputerNameW
GetLastError
GetEnvironmentVariableW
GetCurrentDirectoryW
CloseHandle
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetCurrentProcess
CheckRemoteDebuggerPresent
ExitProcess
IsDebuggerPresent
GetModuleHandleW
GetCommandLineW
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
ResumeThread
SizeofResource

user32

DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
CopyAcceleratorTableW
ToUnicodeEx
MapVirtualKeyW
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableW
SetRect
SetCursorPos
BringWindowToTop
LockWindowUpdate
DestroyIcon
InvertRect
HideCaret
GetIconInfo
LoadImageW
GetNextDlgGroupItem
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
RegisterClipboardFormatW
FrameRect
TranslateAcceleratorW
InsertMenuItemW
ReuseDDElParam
UnpackDDElParam
CopyIcon
CharUpperBuffW
PostThreadMessageW
WaitMessage
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
CreateMenu
IsClipboardFormatAvailable
GetUpdateRect
GetDoubleClickTime
IsCharLowerW
GetKeyNameTextW
MapVirtualKeyExW
SubtractRect
DestroyCursor
MapDialogRect
DrawIcon
GetWindowRgn
SetCursor
MessageBeep
ReleaseCapture
WindowFromPoint
SetCapture
KillTimer
SetTimer
SetWindowRgn
GetSystemMenu
DeleteMenu
OffsetRect
IntersectRect
InflateRect
RealChildWindowFromPoint
GetSysColorBrush
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoW
SetRectEmpty
GetMessageW
TranslateMessage
CharUpperW
GetSystemMetrics
LoadMenuW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
SetClassLongW
IsChild
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
RedrawWindow
IsWindowVisible
ValidateRect
PostMessageW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
CopyRect
GetWindowTextLengthW
GetWindowTextW
GetScrollPos
SetScrollPos
GetWindow
SetFocus
SetWindowsHookExW
UnhookWindowsHookEx
GetCursorPos
CallNextHookEx
GetFocus
GetWindowRect
PtInRect
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetWindowThreadProcessId
GetLastActivePopup
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
EnableWindow
SendMessageW
MessageBoxW
DestroyAcceleratorTable
GetSubMenu
RemoveMenu
GetClassNameW
LoadBitmapW
InvalidateRect
UpdateWindow
GetClientRect
FillRect
DrawStateW
SetParent
ShowOwnedPopups
CopyImage
SetMenuDefaultItem
GetMenuDefaultItem
GetMenuItemInfoW
CreatePopupMenu
IsMenu
DestroyMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
IsRectEmpty
IsIconic
IsZoomed
GetAsyncKeyState
WinHelpW
NotifyWinEvent
PostQuitMessage

advapi32

RegQueryValueW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegEnumKeyW
RegSetValueExW
RegEnumValueW
RegDeleteValueW
RegEnumKeyExW
RegDeleteKeyW
OpenProcessToken
CreateProcessWithLogonW

oleaut32

VariantInit
VariantChangeType
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantClear
SysAllocStringLen
SysAllocString
SysStringLen
SysAllocStringByteLen
SysFreeString
VarBstrFromDate

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW

gdiplus

GdipDrawImageI
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

gdi32

PatBlt
DPtoLP
CreateRoundRectRgn
CreateSolidBrush
GetObjectW
GetStockObject
GetDeviceCaps
CreatePen
GetObjectType
SelectPalette
CreateCompatibleDC
CopyMetaFileW
CreateDCW
SaveDC
RestoreDC
SetBkColor
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
CombineRgn
SetRectRgn
GetTextExtentPoint32W
GetTextCharsetInfo
EnumFontFamiliesW
GetTextMetricsW
CreateRectRgnIndirect
CreateCompatibleBitmap
CreateFontIndirectW
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
CreateBitmap
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
CreateDIBitmap
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
CreateDIBSection
CreatePolygonRgn
GetBkColor
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
GetRgnBox
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetTextFaceW
SetPixelV
GetPixel
CreateHatchBrush
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
DeleteObject
SetWindowOrgEx

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

comdlg32

GetFileTitleW

shell32

DragQueryFileW
DragFinish
SHAppBarMessage
ShellExecuteW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetDesktopFolder
SHGetFileInfoW
SHBrowseForFolderW

ole32

OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoInitializeEx
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
DoDragDrop
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemFree
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 299KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65431f1769a4bc8fc29b649d5c38db57

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

userenv

msimg32

comctl32

shlwapi

gdiplus

oleacc

imm32

winmm

gdi32

winspool.drv

comdlg32

shell32

ole32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 299KB - Virtual size: 298KB

.data Size: 24KB - Virtual size: 54KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 167KB - Virtual size: 167KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 299KB - Virtual size: 298KB

.data
Size: 24KB - Virtual size: 54KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 167KB - Virtual size: 167KB