2024-01-24_b6734dd9d8285871addf6315042fdb04_karagany_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-24_b6734dd9d8285871addf6315042fdb04_karagany_mafia
Size

402KB
MD5

b6734dd9d8285871addf6315042fdb04
SHA1

309b0351c366794e8a10daccda039477d00c09e2
SHA256

c054d1f186dd83ee7d31427b8219b0d970ba3ca399b981849715635500d0b99c
SHA512

77b112468629439c034ff27dff6586e023a846b660654ff3ba84f855a9704098e813b47bec5dc3adc098e98042dfd41c703686d3f20097b0d638bf2dc9130a24
SSDEEP

3072:QpK12pDsXOYTfKYg489ajKqyrhzXyMNXZWskbLYoawBphqdxX3oiTO8vgtpvgO:Qpy2xsLTfY3M23EDBCdxX4kO8Yt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-24_b6734dd9d8285871addf6315042fdb04_karagany_mafia

Files

2024-01-24_b6734dd9d8285871addf6315042fdb04_karagany_mafia
.exe windows:5 windows x86 arch:x86

5921f269f93882360b6a4dac4610b0a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
HeapAlloc
HeapFree
VirtualFree
GetProcessHeap
IsBadReadPtr
SetLastError
GetProcAddress
VirtualAlloc
LoadLibraryA
VirtualProtect
SetEndOfFile
CreateFileW
GetLastError
WideCharToMultiByte
HeapReAlloc
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
HeapSetInformation
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
TlsFree
GetModuleHandleW
GetCurrentThreadId
HeapCreate
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
IsProcessorFeaturePresent
Sleep
ExitProcess
ReadFile
SetFilePointer
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
RtlUnwind
CloseHandle
RaiseException
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringW
MultiByteToWideChar
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
LoadLibraryW
SetStdHandle
WriteConsoleW
CreateFileA
HeapSize
InitializeCriticalSection

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 285KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5921f269f93882360b6a4dac4610b0a7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 86KB - Virtual size: 86KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 285KB - Virtual size: 293KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 86KB - Virtual size: 86KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 285KB - Virtual size: 293KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 8KB - Virtual size: 8KB