2024-01-11_0a2287bf801ada6d4e063adfb82de013_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-11_0a2287bf801ada6d4e063adfb82de013_mafia
Size

702KB
MD5

0a2287bf801ada6d4e063adfb82de013
SHA1

77131f73337b39fb9f2099c5f6e80906575704a8
SHA256

e94dcb84b0a1212bb59f125b0b2710edc595383902f9d946fc012b145104568e
SHA512

287fb0aee0b3876f4a6e5e0dfc9b9487d47ac08bc3e7d02c79170c47d30c5b502d20269b9c6bf46818148f6b31054b656970845e49896ee278f76e8e59bc3036
SSDEEP

12288:bejsvXlL9C+5PYMQLs/SJbo/+Msnb11ofVhZzwCuDVUjxFto9T0eBBY:bewhuBvbnbQVhFwCuD+jxFu9T0e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-11_0a2287bf801ada6d4e063adfb82de013_mafia

Files

2024-01-11_0a2287bf801ada6d4e063adfb82de013_mafia
.exe windows:5 windows x86 arch:x86

8ccb7f86fc04cc45d13b86c634114ca7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

wsock32

accept
recvfrom
send
inet_ntoa
__WSAFDIsSet
getsockopt
bind
listen
setsockopt
htonl
htons
socket
connect
shutdown
select
closesocket
ntohl
gethostbyname
gethostname
WSAGetLastError
WSACleanup
WSAStartup

advapi32

RegisterEventSourceA
ReportEventA
DeregisterEventSource
GetUserNameA

gdi32

SwapBuffers
ChoosePixelFormat
SetPixelFormat

shell32

CommandLineToArgvW
SHGetSpecialFolderPathA
SHGetFolderPathA

kernel32

GetFileInformationByHandle
ReadFile
GetCurrentDirectoryW
GetACP
GetOEMCP
IsValidCodePage
SetStdHandle
SetEndOfFile
GetProcessHeap
FlushFileBuffers
SetEnvironmentVariableW
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
CreateFileW
CompareStringW
PeekNamedPipe
GetConsoleMode
GetConsoleCP
SetFilePointer
LoadLibraryW
HeapSize
InterlockedCompareExchange
InterlockedExchange
DebugBreak
QueryPerformanceCounter
QueryPerformanceFrequency
GetCommandLineW
SetCurrentDirectoryA
GetCurrentDirectoryA
GetModuleHandleW
InitializeCriticalSection
DeleteCriticalSection
CreateEventA
CloseHandle
GetCurrentThreadId
Sleep
SetEvent
RaiseException
FindClose
GetLastError
EnterCriticalSection
LeaveCriticalSection
CreateEventW
SetLastError
WaitForSingleObjectEx
GetVersionExA
FindNextFileA
FindFirstFileA
GetVolumeInformationA
GetModuleFileNameA
GetVersion
GetFileType
GetStdHandle
GetTickCount
GetCurrentProcessId
GlobalMemoryStatus
FreeLibrary
GetProcAddress
LoadLibraryA
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
EncodePointer
DecodePointer
RtlUnwind
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapFree
WriteConsoleW
GetModuleFileNameW
ExitProcess
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileExA
GetTimeZoneInformation
GetSystemTimeAsFileTime
HeapAlloc
CreateDirectoryA
CreateFileA
LockFile
UnlockFile
GetFullPathNameA
HeapReAlloc
GetDriveTypeW
DeleteFileA
SetEnvironmentVariableA
SetFileAttributesA
GetFileAttributesA
LCMapStringW
GetCPInfo
GetLocaleInfoW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
HeapCreate
IsProcessorFeaturePresent

user32

ValidateRect
InvalidateRect
SetFocus
SetForegroundWindow
GetClientRect
CreateWindowExA
AdjustWindowRectEx
RegisterClassExW
LoadCursorW
LoadIconW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
DefWindowProcW
GetDesktopWindow
GetSystemMetrics
GetUserObjectInformationW
GetProcessWindowStation
ShowWindow
MessageBoxA
ReleaseDC
GetDC
DestroyWindow

opengl32

glBindTexture
glGetError
glTexSubImage2D
glPopAttrib
glReadPixels
glReadBuffer
glPushAttrib
glPixelStorei
wglCreateContext
wglShareLists
wglMakeCurrent
wglDeleteContext
glDeleteTextures
glGetTexLevelParameteriv
glTexImage2D
glGenTextures

Sections

.text
Size: 494KB - Virtual size: 493KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ccb7f86fc04cc45d13b86c634114ca7

Headers

DLL Characteristics

File Characteristics

Imports

iphlpapi

wsock32

advapi32

gdi32

shell32

kernel32

user32

opengl32

Sections

.text Size: 494KB - Virtual size: 493KB

.rdata Size: 93KB - Virtual size: 92KB

.data Size: 59KB - Virtual size: 83KB

.reloc Size: 55KB - Virtual size: 55KB

.text
Size: 494KB - Virtual size: 493KB

.rdata
Size: 93KB - Virtual size: 92KB

.data
Size: 59KB - Virtual size: 83KB

.reloc
Size: 55KB - Virtual size: 55KB