dbe3722a674631574ee654d60e3d0a6c_mafia_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dbe3722a674631574ee654d60e3d0a6c_mafia_JC.exe
Size

839KB
MD5

dbe3722a674631574ee654d60e3d0a6c
SHA1

669a9bcccbc1262c3af086f5c7c8f2d97e75ddd5
SHA256

b45ebc8ab610f0d21f59d0f72ff8e9a05d13e220ef201696450d9c15507c5765
SHA512

bba9b20881de03c9d2988aa1f7ed7cf7d17171a6676f893a5fdcb245a5c3e8230c81c40cf63cd597cdfc30332ac09f30a2864cf9d105bafb6edbb1bacd72517e
SSDEEP

24576:Dfvo0ytlsjSC++SYp06Sp6el2ihxd4ddnlWLggE9rEUMA:bvo/cq6Ydsi7d4dWknElA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbe3722a674631574ee654d60e3d0a6c_mafia_JC.exe

Files

dbe3722a674631574ee654d60e3d0a6c_mafia_JC.exe
.exe windows x86

06fa29813db6c1f98441703604fe5cf8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA
VirtualProtect
ExitProcess

Sections

.text
Size: 478KB - Virtual size: 478KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ