2024-01-09_e6a0cc20e11473d9824fe3c28ef7ba3c_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-09_e6a0cc20e11473d9824fe3c28ef7ba3c_mafia
Size

615KB
MD5

e6a0cc20e11473d9824fe3c28ef7ba3c
SHA1

9d56a63a2afdb88a06795725b09975fbbd906efb
SHA256

874531751832042570a9148f2a0647ed3c1bfd5a92c66b761db68624210c4460
SHA512

06c6a11070ee3516da291b9eff3475b903039eea1354d9153fb920fe9277d5605275532760791e3f7d08c47cd8d813fa453e6f48a9881eb29968645b259f0544
SSDEEP

12288:5Ucxwab/J4fI2fYPMDOMzniJ5bQ893Kioj8J1b3XiJs6iZbh+RutV5K505WlqTH2:6cxr/J4fI2wPMDOwniJ52iB1LiJs8lq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-09_e6a0cc20e11473d9824fe3c28ef7ba3c_mafia

Files

2024-01-09_e6a0cc20e11473d9824fe3c28ef7ba3c_mafia
.exe windows:5 windows x86 arch:x86

1574ffeca3e74d8dc528d3becfbae6de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetModuleHandleA
GetModuleFileNameA
CreateDirectoryA
GetStartupInfoA
CreateProcessA
GetVersionExA
GlobalMemoryStatusEx
GlobalAlloc
GlobalLock
GlobalUnlock
WideCharToMultiByte
GetSystemDirectoryA
SetCurrentDirectoryA
CreateMutexA
GetLastError
CloseHandle
SetEnvironmentVariableA
CompareStringW
GetVolumeInformationA
GetDriveTypeA
GetLogicalDriveStringsA
DeleteFileA
GetTickCount
GetProcAddress
SuspendThread
ResumeThread
SetEvent
CreateEventA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
FindNextFileA
LoadLibraryA
GetFullPathNameA
FindClose
FindFirstFileA
ReadFile
FreeResource
LockResource
SizeofResource
LoadResource
FindResourceA
GetFileSize
CreateFileA
FlushFileBuffers
CreateFileW
WriteConsoleW
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
LoadLibraryW
HeapReAlloc
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
HeapFree
GetSystemTimeAsFileTime
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
RtlUnwind
GetCPInfo
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
IsProcessorFeaturePresent
HeapSize
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetLocaleInfoW
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetUserDefaultLCID

user32

SetWindowTextA
GetClientRect
IsRectEmpty
LoadIconA
SendMessageA
DefWindowProcA
SetWindowPos
GetSystemMetrics
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
EnumDisplaySettingsA
ReleaseDC
GetDC
MessageBoxA
SetRect
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EnumDisplayDevicesA
GetDesktopWindow
GetWindowRect
PostQuitMessage
EnableWindow
MapWindowPoints
BeginPaint
EndPaint
ShowWindow
DestroyWindow
IsWindow
UpdateWindow
GetWindowTextA
GetDlgItem
IsWindowEnabled
GetWindowLongA
SetWindowLongA
IsWindowVisible
GetPropA
CallWindowProcA
CheckDlgButton
IsDlgButtonChecked
CreateDialogParamA
MonitorFromWindow
GetMonitorInfoA
EnumWindows
ChangeDisplaySettingsExA
GetWindowPlacement
GetWindowTextLengthA
EnumChildWindows
ChangeDisplaySettingsA
GetParent
SetWindowPlacement
IsDialogMessageA
GetMessageA

gdi32

GetDeviceCaps

shell32

SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteA
SHGetPathFromIDListA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysStringLen
VariantClear
VariantInit

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

winmm

timeGetTime
timeEndPeriod
timeBeginPeriod
waveOutGetNumDevs
waveOutGetDevCapsA

d3d9

Direct3DCreate9

d3dx9_35

D3DXVec3TransformCoord
D3DXMatrixRotationYawPitchRoll
D3DXAssembleShader

Sections

.text
Size: 459KB - Virtual size: 459KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1574ffeca3e74d8dc528d3becfbae6de

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

version

winmm

d3d9

d3dx9_35

Sections

.text Size: 459KB - Virtual size: 459KB

.rdata Size: 104KB - Virtual size: 104KB

.data Size: 20KB - Virtual size: 1.0MB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 25KB - Virtual size: 25KB

.text
Size: 459KB - Virtual size: 459KB

.rdata
Size: 104KB - Virtual size: 104KB

.data
Size: 20KB - Virtual size: 1.0MB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 25KB - Virtual size: 25KB