2024-12-30_85856482c1c320881623677723a068bf_mafia_wapomi

Sharing

Copy URL

Twitter E-mail

General

Target

2024-12-30_85856482c1c320881623677723a068bf_mafia_wapomi
Size

2.5MB
MD5

85856482c1c320881623677723a068bf
SHA1

d960566ab7df402ba961b507acd85760bebf26cd
SHA256

4b10e0b045ca4b3f841a521c993f9e1daf7b6ce6cfe6cb0be95ca6e84acbac41
SHA512

83376e625ba29f255e7b0ecacf2199076e118a437bcf178ecc207e81a2a8933c0ef3b9b4468ef9c3ab2d6beefce07910bdec67aaab1c16932d4f691bbe6f2266
SSDEEP

49152:IYgqNpq3yCTcQSj6MrYHH2fdruaQH4s3Wn6V:Ii3lEcQSXrUmuaQH4sG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-12-30_85856482c1c320881623677723a068bf_mafia_wapomi

Files

2024-12-30_85856482c1c320881623677723a068bf_mafia_wapomi
.exe windows:5 windows x86 arch:x86

f6b4cf3cba04030bd79bbc97730015cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GlobalLock
ResetEvent
RaiseException
EnterCriticalSection
LeaveCriticalSection
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
FlushInstructionCache
GetCurrentProcess
InterlockedDecrement
lstrlenA
GetCurrentThreadId
MultiByteToWideChar
SetEndOfFile
WriteConsoleW
FlushFileBuffers
SetStdHandle
LoadLibraryW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleMode
GetConsoleCP
GetFileType
SetHandleCount
GetStringTypeW
IsValidCodePage
GetOEMCP
GetACP
HeapSize
HeapCreate
GetLocaleInfoW
GetModuleFileNameW
GetStdHandle
GetTickCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
CreateThread
ExitThread
GetCPInfo
LCMapStringW
HeapReAlloc
ExitProcess
GetStartupInfoW
HeapSetInformation
GetCommandLineA
VirtualQuery
GetModuleHandleW
VirtualProtect
RtlUnwind
CreateWaitableTimerA
SetWaitableTimer
WaitForMultipleObjects
SystemTimeToFileTime
ResumeThread
TlsSetValue
OpenEventA
GetCurrentProcessId
TlsGetValue
TlsFree
TlsAlloc
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
LoadLibraryA
UnmapViewOfFile
CreateFileW
CreateFileMappingA
MapViewOfFile
GetFullPathNameA
InitializeCriticalSection
InterlockedExchange
GetSystemInfo
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedCompareExchange
HeapAlloc
IsDebuggerPresent
GetProcessHeap
HeapFree
Sleep
lstrcpyA
GlobalAlloc
GlobalFree
GetPrivateProfileStringA
lstrcmpA
DeleteFileA
GetFileSize
CreateFileA
FindFirstFileA
FindClose
WriteFile
SetFilePointer
ReadFile
GetLocalTime
CreateDirectoryA
SetEvent
CreateEventA
GetDriveTypeA
GetFileAttributesA
CreateMutexA
WaitForSingleObject
OutputDebugStringA
DebugBreak
CloseHandle
GetModuleFileNameA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
SetLastError
IsDBCSLeadByte
WideCharToMultiByte
lstrlenW
GetProcAddress
GetModuleHandleA
InterlockedIncrement
lstrcmpiA
GetVersionExA

user32

EndDialog
GetWindowLongA
GetParent
SetWindowPos
MapWindowPoints
GetClientRect
GetMonitorInfoA
MonitorFromWindow
GetWindowRect
GetWindow
DispatchMessageA
PeekMessageA
UnregisterClassA
GetMessageA
GetForegroundWindow
TranslateMessage
SetWindowLongA
MsgWaitForMultipleObjects
UpdateWindow
ShowWindow
SetRect
LoadStringA
MessageBoxA
SetForegroundWindow
SetRectEmpty
ScreenToClient
GetKeyState
GetCursorPos
EqualRect
OffsetRect
FillRect
IntersectRect
UnionRect
IsRectEmpty
EnumDisplayDevicesA
EnumDisplaySettingsA
ChangeDisplaySettingsExA
ChangeDisplaySettingsA
ClientToScreen
SetMenu
PostMessageA
TranslateAcceleratorA
CloseWindow
IsWindowVisible
IsIconic
GetWindowPlacement
SetWindowTextA
GetActiveWindow
GetDC
ReleaseDC
DialogBoxParamA
GetDlgItem
CopyRect
EndPaint
BeginPaint
AdjustWindowRectEx
SystemParametersInfoA
GetSystemMetrics
EnumDisplayMonitors
LoadMenuA
LoadAcceleratorsA
wvsprintfA
CreateWindowExA
PtInRect
IsWindow
MessageBeep
AppendMenuA
TrackPopupMenuEx
MonitorFromPoint
GetMenuItemInfoA
GetMenuItemCount
DestroyMenu
LoadStringW
PostQuitMessage
SetFocus
RemoveMenu
CreatePopupMenu
SendMessageA
InvalidateRect
GetClassInfoExA
LoadCursorA
LoadImageA
RegisterClassExA
DestroyWindow
CallWindowProcA
CharNextA
DefWindowProcA

gdi32

CreatePen
CreateFontIndirectA
StrokeAndFillPath
EndPath
BeginPath
TextOutA
StretchBlt
BitBlt
CreateCompatibleDC
GetGlyphOutlineA
GetTextMetricsA
SetBkMode
CreateDIBSection
GdiFlush
CreateDCA
PatBlt
DeleteObject
CreateSolidBrush
SelectObject
GetStockObject
GetClipBox
GetDeviceCaps
DeleteDC

advapi32

RegOpenKeyA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegSetValueExA
RegQueryInfoKeyW
RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
CoUninitialize
CoInitializeEx

oleaut32

VarUI4FromStr

shlwapi

PathFileExistsA
PathIsDirectoryA

comctl32

InitCommonControlsEx

winmm

timeBeginPeriod
timeGetDevCaps
timeGetTime
timeEndPeriod

dsound

ord11

d3d9

Direct3DCreate9

imm32

ImmAssociateContext
ImmGetDefaultIMEWnd

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 421KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 247KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Bl��u
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f6b4cf3cba04030bd79bbc97730015cb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

shlwapi

comctl32

winmm

dsound

d3d9

imm32

version

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 421KB - Virtual size: 420KB

.data Size: 84KB - Virtual size: 131KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 247KB - Virtual size: 247KB

.reloc Size: 129KB - Virtual size: 129KB

Bl��u Size: 16KB - Virtual size: 20KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 421KB - Virtual size: 420KB

.data
Size: 84KB - Virtual size: 131KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 247KB - Virtual size: 247KB

.reloc
Size: 129KB - Virtual size: 129KB

Bl��u
Size: 16KB - Virtual size: 20KB