2024-01-23_f755b5ea4a77c1961fdf9e34b5aab007_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-01-23_f755b5ea4a77c1961fdf9e34b5aab007_mafia
Size

1.8MB
MD5

f755b5ea4a77c1961fdf9e34b5aab007
SHA1

0989c917245d560c3a15645670cc3cf167aa6e3e
SHA256

a446ba6885e36a79e0fb5afe9bf4cdb13df6425517f620e8ab83b82c55b6caef
SHA512

da6a23351b269fcd8b72100af79eb86f7495c246398baf72c915604d086c30a78b0d05a605584942236db9a2a41be20bf7161b2a857b3aae9570f932cbdfcc14
SSDEEP

24576:IDvnFlLFq/BcLNz525BDamT1M0p2OCBy/RwEO3t1+ujRTqF8L9Zh9Ty6QowqlE:+n3Fqq5z5OOmT1MIOD+ujZqF8LUu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-23_f755b5ea4a77c1961fdf9e34b5aab007_mafia

Files

2024-01-23_f755b5ea4a77c1961fdf9e34b5aab007_mafia
.exe windows:5 windows x86 arch:x86

e397889d300f5e39310acb3299f70002

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

ntohl
recv
WSAStartup
send
htonl
gethostbyname
htons
connect
setsockopt
WSACleanup
inet_ntoa
socket
closesocket

kernel32

GetConsoleMode
GetDateFormatA
GetTimeFormatA
VirtualQuery
SetErrorMode
DeleteFileA
GetVersionExA
SetThreadPriority
CreateProcessA
GetTempPathA
GetTempFileNameA
GetFullPathNameA
GetFileInformationByHandle
UnmapViewOfFile
GetHandleInformation
IsBadReadPtr
MapViewOfFile
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
RtlUnwind
GetCommandLineA
HeapSetInformation
HeapAlloc
GetLastError
HeapFree
HeapReAlloc
RaiseException
GetSystemTimeAsFileTime
DecodePointer
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
Sleep
GetProcAddress
GetModuleHandleW
ExitProcess
GetCPInfo
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentThread
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
MultiByteToWideChar
WriteFile
WideCharToMultiByte
GetConsoleCP
GetProcessHeap
FlushFileBuffers
SetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
IsProcessorFeaturePresent
GetTimeZoneInformation
SetConsoleCtrlHandler
InterlockedExchange
LoadLibraryW
LCMapStringW
WriteConsoleW
SetFilePointer
HeapSize
CloseHandle
CreateFileW
ReadFile
CompareStringW
SetEnvironmentVariableA
VirtualAlloc
VirtualFree
FileTimeToLocalFileTime
GetLocalTime
SystemTimeToFileTime
GetThreadLocale
LoadLibraryA
FormatMessageA
GetModuleHandleA
CreateFileA
WaitForSingleObject
ReleaseMutex
CreateMutexA
SetEndOfFile
InitializeCriticalSection
SetEvent
CreateEventA
ExitThread
TerminateThread
OpenFileMappingA
CreateFileMappingA

imagehlp

SymCleanup
SymInitialize
StackWalk

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 946KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e397889d300f5e39310acb3299f70002

Headers

DLL Characteristics

File Characteristics

Imports

wsock32

kernel32

imagehlp

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.text1 Size: 512B - Virtual size: 80B

.rdata Size: 228KB - Virtual size: 227KB

.data Size: 65KB - Virtual size: 946KB

.trace Size: 4KB - Virtual size: 3KB

.reloc Size: 116KB - Virtual size: 115KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.text1
Size: 512B - Virtual size: 80B

.rdata
Size: 228KB - Virtual size: 227KB

.data
Size: 65KB - Virtual size: 946KB

.trace
Size: 4KB - Virtual size: 3KB

.reloc
Size: 116KB - Virtual size: 115KB