27bc97bbc9993653ac3b75dacb697d90_mafia_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27bc97bbc9993653ac3b75dacb697d90_mafia_JC.exe
Size

595KB
MD5

27bc97bbc9993653ac3b75dacb697d90
SHA1

d655d53145dfa89beda31f9a3a10dccde87c0c54
SHA256

9230240ec69f366b693c86b59ade3236ee6b2230d9bced8be986fee24225543e
SHA512

dbb53fdbfa5d58b0e9f3caf76494e4556abf003bcdcee74cc558b0c0ac101ca752e64e2499d37d3e8380b8b29f33e6808a81156f631ffac9ee07c254baca97c2
SSDEEP

12288:khyhuHS7CxbAzMWqOQwUF19LR1LEYIZjCAUmY0iPL6gE+waoWsUQ8Nab4l0E3MD3:gLKYI6m1illsT8Nab4+EcDq3njcR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27bc97bbc9993653ac3b75dacb697d90_mafia_JC.exe

Files

27bc97bbc9993653ac3b75dacb697d90_mafia_JC.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 594KB - Virtual size: 593KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

OPCODE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HOCKPACK
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE