2023-08-27_10dea02c6daaf484b3d029813ebca7bb_mafia_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-27_10dea02c6daaf484b3d029813ebca7bb_mafia_JC.exe
Size

4.0MB
MD5

10dea02c6daaf484b3d029813ebca7bb
SHA1

f4544e9d6620b223a32f9fb91e7f943ebea2f102
SHA256

2e26f48507ec6606dee24eb6f116d5741a876e1b2242dca3a8a6b5162780b397
SHA512

37958aaf7b149a111e6b2d31b4edf47aece4c37c20a4ea9d01d1d97f73cc0fd51a1e7ebe81d03d77bca5e9cf2cb09754430f2428404fd867bf6484dabc77a455
SSDEEP

98304:xDFa1S5PFOGJVupOPtQASJpxw1iOsL5fscsL5fscsL5fs:9FaIFOL0aJcDsBBsBBsB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2023-08-27_10dea02c6daaf484b3d029813ebca7bb_mafia_JC.exe

Files

2023-08-27_10dea02c6daaf484b3d029813ebca7bb_mafia_JC.exe
.exe windows:5 windows x86

737412ee011ec68a68fa62774f5fff88

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetStockObject

kernel32

CreateFileW
SetStdHandle
HeapReAlloc
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
SetFilePointer
GetSystemTimeAsFileTime
HeapAlloc
GetFileAttributesA
CreateDirectoryA
SetCurrentDirectoryA
FindFirstFileA
RemoveDirectoryA
FindClose
FindNextFileA
GetCurrentDirectoryA
CloseHandle
DeleteFileA
Sleep
GetModuleHandleA
TerminateThread
SetThreadPriority
SetEndOfFile
TryEnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetFilePointerEx
GetOEMCP
GetACP
IsValidCodePage
HeapSize
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetProcessHeap
WriteFile
GetCurrentThreadId
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CreateThread
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
WriteConsoleW
GetModuleFileNameW
GetFileType
GetStdHandle
AreFileApisANSI
GetProcAddress
GetModuleHandleExW
ExitProcess
ReadFile
IsProcessorFeaturePresent
IsDebuggerPresent
HeapFree
GetLastError
GetCommandLineA
DeleteCriticalSection
DecodePointer
EncodePointer
GetStringTypeW
MultiByteToWideChar
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
RtlUnwind
RaiseException
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
GetCPInfo

openal32

alSourceQueueBuffers
alGetSourcei
alBufferData
alDeleteSources
alSourceStop
alGenBuffers
alSourcei
alSourcePlay
alcGetCurrentContext
alGenSources
alSourceUnqueueBuffers
alDeleteBuffers
alcMakeContextCurrent
alcGetError
alcDestroyContext
alListenerfv
alcOpenDevice
alcCreateContext
alcCloseDevice
alSourcef
alGetError

shell32

SHGetSpecialFolderLocation
ShellExecuteA
SHGetPathFromIDListA

user32

ToUnicode
SetWindowTextW
LoadCursorA
GetCursorPos
LoadImageA
GetSystemMetrics
MessageBoxA
CreateWindowExW
UpdateWindow
DefWindowProcA
GetKeyState
TranslateMessage
GetAsyncKeyState
PeekMessageA
DispatchMessageA
ScreenToClient
RegisterClassExA
GetClipCursor
ShowCursor
MapVirtualKeyA
SetWindowLongA
ClipCursor
SetWindowPos
ShowWindow
AdjustWindowRectEx

winmm

timeGetTime

d3d9

Direct3DCreate9

d3dx9_43

D3DXMatrixRotationYawPitchRoll
D3DXCreateTextureFromFileExA
D3DXCreateTextureFromFileInMemoryEx
D3DXGetImageInfoFromFileA
D3DXCreateTexture
D3DXGetImageInfoFromFileInMemory
D3DXMatrixPerspectiveFovLH

vorbisfile

ov_pcm_total
ov_clear
ov_comment
ov_info
ov_open_callbacks
ov_pcm_seek
ov_read

Sections

.text
Size: 647KB - Virtual size: 648KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 162KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 34KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text1
Size: 754KB - Virtual size: 768KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 130KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc1
Size: 38KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.pdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zeke
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

737412ee011ec68a68fa62774f5fff88

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

openal32

shell32

user32

winmm

d3d9

d3dx9_43

vorbisfile

Sections

.text Size: 647KB - Virtual size: 648KB

.rdata Size: 162KB - Virtual size: 164KB

.data Size: 17KB - Virtual size: 1.1MB

.reloc Size: 34KB - Virtual size: 72KB

.text1 Size: 754KB - Virtual size: 768KB

.adata Size: - Virtual size: 64KB

.data1 Size: 130KB - Virtual size: 192KB

.reloc1 Size: 38KB - Virtual size: 64KB

.pdata Size: 1.2MB - Virtual size: 1.2MB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.zeke Size: 4KB - Virtual size: 4KB

.text
Size: 647KB - Virtual size: 648KB

.rdata
Size: 162KB - Virtual size: 164KB

.data
Size: 17KB - Virtual size: 1.1MB

.reloc
Size: 34KB - Virtual size: 72KB

.text1
Size: 754KB - Virtual size: 768KB

.adata
Size: - Virtual size: 64KB

.data1
Size: 130KB - Virtual size: 192KB

.reloc1
Size: 38KB - Virtual size: 64KB

.pdata
Size: 1.2MB - Virtual size: 1.2MB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

.zeke
Size: 4KB - Virtual size: 4KB