2024-10-26_243ceff9abfad447dc7aa68a8492386d_mafia_wapomi

Sharing

Copy URL

Twitter E-mail

General

Target

2024-10-26_243ceff9abfad447dc7aa68a8492386d_mafia_wapomi
Size

1.5MB
MD5

243ceff9abfad447dc7aa68a8492386d
SHA1

0ddb755df9c53e270b163c186a0b1876ffef5ddf
SHA256

26b76c40598f883a638431f54a428c060ae6b4a9569a3d3285960d82adbe9f28
SHA512

1c9f578718efae3330b66816eb5792759de9e2a54e0e09669afa2117ef69e1fa7dbeccd137a9fe04c555ca4b7b8eaa170c10f4bcbf4b082d5b48a4048a293bc5
SSDEEP

24576:e3hqWJp/0vkxZ+TacBmTl9Inwfi88GrOq0dxzTY:e34WJp/04ITacSoGaqQxz8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-10-26_243ceff9abfad447dc7aa68a8492386d_mafia_wapomi

Files

2024-10-26_243ceff9abfad447dc7aa68a8492386d_mafia_wapomi
.exe windows:5 windows x86 arch:x86

7bc6fac0b315db9d73c06cfccff03a0f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

MD5Init
MD5Update
MD5Final
LookupPrivilegeValueW
OpenProcessToken
AdjustTokenPrivileges

comctl32

_TrackMouseEvent
ord17

wininet

InternetOpenW
HttpQueryInfoW
InternetReadFile
InternetCloseHandle
InternetOpenUrlW

user32

SetCaretPos
ShowCaret
HideCaret
CreateCaret
SetRect
CharPrevW
DrawTextW
CharNextW
MoveWindow
CreateAcceleratorTableW
IntersectRect
InvalidateRgn
FillRect
wvsprintfW
SetCursor
InflateRect
OffsetRect
IsZoomed
GetCursorPos
GetUpdateRect
BeginPaint
EndPaint
IsRectEmpty
MapWindowPoints
ClientToScreen
DestroyWindow
ReleaseDC
PtInRect
ReleaseCapture
SetCapture
KillTimer
SetTimer
InvalidateRect
GetDC
GetKeyState
CreateWindowExW
GetClassInfoExW
RegisterClassExW
LoadCursorW
ScreenToClient
SetWindowRgn
GetSystemMenu
AppendMenuW
MessageBoxW
PostQuitMessage
GetWindowRect
GetSysColor
SetWindowTextW
wsprintfW
ShowWindow
FindWindowA
GetClientRect
GetFocus
IsWindow
GetWindowThreadProcessId
GetWindowLongW
SetWindowLongW
IsIconic
DialogBoxParamW
EndDialog
GetDesktopWindow
GetWindow
GetWindowTextLengthW
GetWindowTextW
wsprintfA
DefWindowProcW
DispatchMessageW
RegisterClassW
PostMessageW
SetPropW
GetPropW
CallWindowProcW
GetSystemMetrics
LoadImageW
SendMessageW
GetParent
MonitorFromWindow
GetMonitorInfoW
SetWindowPos
EnableWindow
GetMessageW
SetFocus
TranslateMessage

shell32

ShellExecuteW

gdi32

TextOutW
SetBkMode
GetTextExtentPoint32W
GetCharABCWidthsW
GetObjectA
SetTextColor
RoundRect
CreatePenIndirect
MoveToEx
LineTo
CreateSolidBrush
SetBkColor
ExtTextOutW
SetStretchBltMode
CreateDIBSection
StretchBlt
CombineRgn
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
SelectClipRgn
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
SaveDC
BitBlt
RestoreDC
Rectangle
SetWindowOrgEx
DeleteDC
CreatePen
GetStockObject
GetObjectW
CreateFontIndirectW
SelectObject
GetTextMetricsW
CreateRoundRectRgn
DeleteObject

oleaut32

SysFreeString
VariantClear
VariantInit
SysAllocString

kernel32

RtlUnwind
RaiseException
HeapFree
HeapAlloc
HeapReAlloc
GetSystemTimeAsFileTime
GetStartupInfoW
HeapSetInformation
GetCommandLineW
GetLocalTime
SetFileTime
DosDateTimeToFileTime
SystemTimeToFileTime
DuplicateHandle
GetFileType
CreateFileW
MulDiv
GetACP
LoadLibraryW
DecodePointer
LCMapStringW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
Process32NextW
Module32NextW
Module32FirstW
Process32FirstW
CreateToolhelp32Snapshot
FindResourceExW
MultiByteToWideChar
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
OpenFileMappingW
CopyFileW
FreeResource
WritePrivateProfileStringW
GetPrivateProfileStringA
GetPrivateProfileStringW
GetPrivateProfileIntW
MoveFileExW
GetTempPathW
MoveFileA
SetFilePointer
DeleteFileA
WriteFile
CreateFileA
FindClose
GetCPInfo
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetCurrentProcessId
UnhandledExceptionFilter
IsDebuggerPresent
GetOEMCP
IsValidCodePage
GetLocaleInfoW
IsProcessorFeaturePresent
GetConsoleCP
GetConsoleMode
FlushFileBuffers
HeapSize
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
WriteConsoleW
SetStdHandle
SetEndOfFile
EncodePointer
FindNextFileA
FindFirstFileA
GetTickCount
ExitProcess
GetCurrentDirectoryW
WideCharToMultiByte
GetLastError
LoadResource
LockResource
SizeofResource
FindResourceW
GetProcAddress
CloseHandle
GetModuleHandleW
DeleteFileW
SetFileAttributesW
CreateThread
WaitForSingleObject
GetModuleFileNameW
GetFileSize
ReadFile
GetFileAttributesW
CreateDirectoryW
GetCurrentProcess
GetVersionExW
CreateRemoteThread
OpenProcess
VirtualAllocEx
WriteProcessMemory
VirtualFreeEx
CreateProcessW
lstrcpyA
GetThreadContext
SetThreadContext
GetCurrentDirectoryA
TerminateProcess
ResumeThread
Sleep
GetProcessHeap

ole32

CLSIDFromProgID
CoCreateInstance
OleLockRunning
CoUninitialize
CoInitialize
CLSIDFromString

psapi

GetModuleBaseNameW
EnumProcessModules

gdiplus

GdipCreateFromHDC
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipCreateLineBrushI
GdiplusStartup
GdipSetTextRenderingHint
GdipDeleteGraphics
GdipDeleteStringFormat
GdipFree
GdipDeleteBrush
GdiplusShutdown
GdipDrawString
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipCloneBrush
GdipDeleteFont
GdipAlloc
GdipCreateStringFormat

Sections

.text
Size: 344KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1008KB - Virtual size: 1008KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

)��F�u�
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7bc6fac0b315db9d73c06cfccff03a0f

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

comctl32

wininet

user32

shell32

gdi32

oleaut32

kernel32

ole32

psapi

gdiplus

Sections

.text Size: 344KB - Virtual size: 344KB

.rdata Size: 95KB - Virtual size: 95KB

.data Size: 23KB - Virtual size: 42KB

.rsrc Size: 1008KB - Virtual size: 1008KB

.reloc Size: 28KB - Virtual size: 28KB

)��F�u� Size: 16KB - Virtual size: 20KB

.text
Size: 344KB - Virtual size: 344KB

.rdata
Size: 95KB - Virtual size: 95KB

.data
Size: 23KB - Virtual size: 42KB

.rsrc
Size: 1008KB - Virtual size: 1008KB

.reloc
Size: 28KB - Virtual size: 28KB

)��F�u�
Size: 16KB - Virtual size: 20KB