f81c2080f0422f6ebbb0c350112985a7_mafia_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f81c2080f0422f6ebbb0c350112985a7_mafia_JC.exe
Size

832KB
MD5

f81c2080f0422f6ebbb0c350112985a7
SHA1

4156ebafb1dcdf3a008c9fc137e3353cedf546ea
SHA256

f7eafff21a55edd0e958af49e7cda2d72d83b552557d2e369646a82f05f7a0a8
SHA512

526853a94e00c8ab87562481c62785060c263fb3b1db3f773b8709b529a97a48bebb6f750d2585bc75c98236c683ddf715a6aadec148ea0a639e927414a35645
SSDEEP

24576:ULsuD7rSEKiU5nDHjbeJfrrx4a0FjFKI:UsrVnDDbqfZ4a0jFn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f81c2080f0422f6ebbb0c350112985a7_mafia_JC.exe

Files

f81c2080f0422f6ebbb0c350112985a7_mafia_JC.exe
.exe windows x86

06fa29813db6c1f98441703604fe5cf8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA
VirtualProtect
ExitProcess

Sections

.text
Size: 475KB - Virtual size: 475KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ