2024-01-01_01ee4ef35b2670c56916ee85a94b4e8c_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-01_01ee4ef35b2670c56916ee85a94b4e8c_mafia
Size

1.1MB
MD5

01ee4ef35b2670c56916ee85a94b4e8c
SHA1

6a7ea9cdec02cb63d7ec5b5cb1cbd97a92247e23
SHA256

344c7d8d50e01913212bca22cd7b4235bb8e3dcb645aaf76090a7cd7b75f425c
SHA512

dd139898ad0dd6c8a72aa7a255a8c89d6e8aaf5bd57f32c68c7b6b37f490c1974bfefd06a378105ef95f5f1f0b89995f122196293afdc496e1999b3ab65c3624
SSDEEP

24576:EN5ls6MKOp0WO4/LFnkIyB8EkXKRaXitcoT+0d424e:K5ls6MPOsLFLKRaXio0d42

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-01_01ee4ef35b2670c56916ee85a94b4e8c_mafia

Files

2024-01-01_01ee4ef35b2670c56916ee85a94b4e8c_mafia
.exe windows:5 windows x86 arch:x86

74c9602cc864fbd21aa83356a4c9c94e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
CreateDirectoryW
CreateDirectoryA
SetCurrentDirectoryA
FindFirstFileA
GetCurrentDirectoryW
FindClose
GetModuleFileNameA
FindNextFileA
GetModuleHandleA
GetCurrentDirectoryA
CloseHandle
GetModuleHandleW
FindFirstFileW
SetCurrentDirectoryW
FindNextFileW
SetFilePointer
OutputDebugStringA
ReadFile
GetProcessHeap
SetEndOfFile
WriteConsoleW
SetStdHandle
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
WaitForSingleObject
GetExitCodeProcess
CreatePipe
GetFileAttributesA
LCMapStringW
LoadLibraryW
CompareStringW
MultiByteToWideChar
GetTimeZoneInformation
SetEnvironmentVariableA
WriteFile
GetFileSize
OpenMutexA
CreateMutexA
ReleaseMutex
Sleep
GetCurrentProcessId
CreateFileW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
CreateThread
CreateEventA
FreeLibrary
FormatMessageA
GetLastError
GetProcAddress
LoadLibraryA
HeapFree
HeapAlloc
EncodePointer
DecodePointer
GetCommandLineW
HeapSetInformation
GetStartupInfoW
GetSystemTimeAsFileTime
RtlUnwind
HeapReAlloc
ExitProcess
CreateProcessA
DuplicateHandle
GetCurrentProcess
MoveFileA
DeleteFileA
GetTimeFormatA
GetDateFormatA
InterlockedDecrement
InterlockedIncrement
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
HeapCreate
GetStdHandle
GetModuleFileNameW
RaiseException
HeapSize
GetLocaleInfoW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
IsProcessorFeaturePresent
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetFileType
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount

user32

GetDesktopWindow
MessageBoxW
GetClassInfoExW
GetForegroundWindow
GetActiveWindow
MessageBoxA
LoadCursorA
TranslateMessage
ShowCursor
PeekMessageA
DispatchMessageA
SetFocus
LoadIconW
SetClassLongW
SetWindowTextW
PostQuitMessage
PostMessageA
ReleaseCapture
GetCursorPos
SetCursorPos
SetCapture
ScreenToClient
ClientToScreen
GetKeyState
MsgWaitForMultipleObjects
DestroyCursor
SetCursor
GetSystemMetrics
SystemParametersInfoA
MoveWindow
SendMessageW
CreateWindowExW
ShowWindow
SetWindowLongW
GetClientRect
GetWindowRect
DestroyWindow
DefWindowProcW
DefWindowProcA
GetWindowLongA
RegisterClassExW

shell32

SHGetFolderPathW
SHGetFolderPathA

ole32

CoInitialize
CoUninitialize

winmm

timeBeginPeriod
timeGetTime
timeEndPeriod

dsound

ord1

Sections

.text
Size: 782KB - Virtual size: 782KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 342KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74c9602cc864fbd21aa83356a4c9c94e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

ole32

winmm

dsound

Sections

.text Size: 782KB - Virtual size: 782KB

.rdata Size: 124KB - Virtual size: 123KB

.data Size: 75KB - Virtual size: 342KB

.rsrc Size: 87KB - Virtual size: 86KB

.reloc Size: 38KB - Virtual size: 38KB

.text
Size: 782KB - Virtual size: 782KB

.rdata
Size: 124KB - Virtual size: 123KB

.data
Size: 75KB - Virtual size: 342KB

.rsrc
Size: 87KB - Virtual size: 86KB

.reloc
Size: 38KB - Virtual size: 38KB