174f1f6851e3c25549df72f055270b27_mafia_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

174f1f6851e3c25549df72f055270b27_mafia_JC.exe
Size

956KB
MD5

174f1f6851e3c25549df72f055270b27
SHA1

547676835a1bc92739b23095092c57535d772136
SHA256

12f2dca627a4fe7f85abf153a9441f534ec6075cee0839cfb39a3e4821ca763b
SHA512

9a0dfae7e69991eeccc117fbb112aabfbf21cf4474bde144d6f07218cf295ab8a7b0aee8f67331f9280e78eccffa651a3ba907cb796bc35ec8e9aaf188fa630d
SSDEEP

24576:Vx+hFGDdLWPsviWhAzxRvTA4lzxo3/7OVh+:Sh4gPOA1pTA4l18/e+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
174f1f6851e3c25549df72f055270b27_mafia_JC.exe

Files

174f1f6851e3c25549df72f055270b27_mafia_JC.exe
.exe windows x86

06fa29813db6c1f98441703604fe5cf8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA
VirtualProtect
ExitProcess

Sections

.text
Size: 574KB - Virtual size: 574KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ