33a21084e1bd37fab4795c93910c4818_mafia_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

33a21084e1bd37fab4795c93910c4818_mafia_JC.exe
Size

955KB
MD5

33a21084e1bd37fab4795c93910c4818
SHA1

fd7d271b0ec3e82db74620d65d76a2096df1b0c3
SHA256

2662cf1bab220a90223e91ce44fd0694e533214a167e24ec25aeda4dddb2dc05
SHA512

fa2860b67c859aa301b67a8d75db9422fd44b55f203990151923f30cdbf5a700b00f49f3ea44def562fed8c8eddbe9555c82c0d78d14ff158da7d77d04a444b5
SSDEEP

24576:ORqst+IdZziyy6tB7YI+LInr5mtN4X4IETosJY/Tqa:Rs4pT68j4X4IiRJY3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33a21084e1bd37fab4795c93910c4818_mafia_JC.exe

Files

33a21084e1bd37fab4795c93910c4818_mafia_JC.exe
.exe windows x86

06fa29813db6c1f98441703604fe5cf8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA
VirtualProtect
ExitProcess

Sections

.text
Size: 574KB - Virtual size: 574KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ