2024-02-02_6763b91563c13c8171d7d0dd5a1adc74_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-02_6763b91563c13c8171d7d0dd5a1adc74_mafia
Size

276KB
MD5

6763b91563c13c8171d7d0dd5a1adc74
SHA1

ce2a1d0fc2e3724e8e8b609525e311bb826b8443
SHA256

2d9cd779eb6f99310840d532fbbe418858a65c31e96f8221a236f620b92bcb11
SHA512

2b918decc72c88ce6c93d0d32720e1649f51de68ca52d52a615acb1d50c4d94e03660d47c90c55cefdfad7c4d8de7b6bf7e57522ef31cf0e2336accf1c56f962
SSDEEP

6144:EbDoK7aoesxZ3a+WNVRPR8vI18KR8ocdk8OwL8IKW2O/rjnmb4fKmgHVAELB:AFZ3vWNVR58g1peocuxwQIKW1TjmkfE7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-02_6763b91563c13c8171d7d0dd5a1adc74_mafia

Files

2024-02-02_6763b91563c13c8171d7d0dd5a1adc74_mafia
.exe windows:5 windows x86 arch:x86

b5f3682d7f30f08e6ec6f669957f1216

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
FindNextFileA
FindFirstFileA
WriteConsoleW
GetFileType
GetStdHandle
GetModuleFileNameW
DecodePointer
EncodePointer
GetSystemTimeAsFileTime
RtlUnwind
GetProcAddress
GetModuleHandleW
ExitProcess
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
HeapSetInformation
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetLastError
HeapAlloc
HeapReAlloc
GetDriveTypeA
FindFirstFileExA
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
LoadLibraryW
IsProcessorFeaturePresent
WriteFile
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RaiseException
SetHandleCount
GetStartupInfoW
Sleep
SetStdHandle
WideCharToMultiByte
HeapSize
CloseHandle
MultiByteToWideChar
ReadFile
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CreateFileA
LCMapStringW
GetFullPathNameA
GetCurrentDirectoryW
GetTimeZoneInformation
GetStringTypeW
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
GetProcessHeap
GetDriveTypeW
CreateFileW

Sections

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5f3682d7f30f08e6ec6f669957f1216

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 184KB - Virtual size: 183KB

.rdata Size: 69KB - Virtual size: 69KB

.data Size: 7KB - Virtual size: 22KB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 184KB - Virtual size: 183KB

.rdata
Size: 69KB - Virtual size: 69KB

.data
Size: 7KB - Virtual size: 22KB

.reloc
Size: 14KB - Virtual size: 13KB