2024-02-12_e33e52e54d56ad43351a07b9602ec057_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-12_e33e52e54d56ad43351a07b9602ec057_mafia
Size

2.0MB
MD5

e33e52e54d56ad43351a07b9602ec057
SHA1

a70a916818929cc2461b477bec085e2fcd7465fd
SHA256

1708d3e8034b620ff3a56d278e0454c9f504c4d3a598bc58c49a18b41e83d999
SHA512

961fed89a36eb466a7f7c6195f901d2c865396668a00ab4698e25abfa18abf32a645f881c5dafc182f1c56d0fe2704f571e61afd28b506a5461b5be9a92e4664
SSDEEP

24576:qnywT+Zo8EOVANF3ROjCfFhzoFgYAAzGC1TXFABT:hZFpVAPROGfXzMgYAAzGC1T1ABT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-12_e33e52e54d56ad43351a07b9602ec057_mafia

Files

2024-02-12_e33e52e54d56ad43351a07b9602ec057_mafia
.exe windows:5 windows x86 arch:x86

33278cf7bd471149de506ba5e4f1ca8b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\shok\Desktop\MyAdv\Release\toaru.pdb

Imports

user32

DestroyWindow
SetWindowLongW
SetWindowPos
AdjustWindowRectEx
GetSystemMetrics
GetDC
ReleaseDC
DispatchMessageW
DefWindowProcW
SetWindowTextW
CreateWindowExW
GetActiveWindow
PeekMessageW
RegisterClassExW
TranslateMessage
FindWindowW
SetForegroundWindow
UnregisterClassW
IsIconic
PostQuitMessage
OpenIcon
GetAsyncKeyState
PostMessageW
ScreenToClient
GetCursorPos
SetCursor
LoadImageW

winmm

mmioWrite
mmioAscend
timeEndPeriod
timeBeginPeriod
mmioRead
mmioDescend
mmioClose
mmioOpenW
timeGetTime
mmioCreateChunk
mmioGetInfo
mmioSetInfo
mmioAdvance
mmioSeek

ole32

CoInitialize
CoCreateInstance
CoUninitialize
CoInitializeEx

d3d9

Direct3DCreate9

oleaut32

VariantClear
VariantInit

d3dx9_43

D3DXCompileShader
D3DXGetPixelShaderProfile
D3DXCreateTextureFromFileInMemoryEx
D3DXGetVertexShaderProfile
D3DXFillTexture

kernel32

FormatMessageW
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
LocalFree
IsProcessorFeaturePresent
WaitForSingleObject
CloseHandle
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
GetStringTypeW
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
GetSystemTimeAsFileTime
GetCommandLineW
HeapSetInformation
GetStartupInfoW
ExitThread
GetCurrentThreadId
CreateThread
RaiseException
GetCPInfo
RtlUnwind
HeapAlloc
LCMapStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetFilePointer
ReadFile
HeapSize
GetProcAddress
GetModuleHandleW
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
HeapCreate
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
WriteFile
GetModuleFileNameW
GetLocaleInfoW
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
GetConsoleCP
SuspendThread
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
HeapReAlloc
SetStdHandle
FlushFileBuffers
LoadLibraryW
CreateFileW
WriteConsoleW
SetEndOfFile
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
ResumeThread
GetConsoleMode

gdi32

GetGlyphOutlineW
DeleteObject
GetTextMetricsW
SelectObject
CreateFontIndirectW
GetStockObject

imm32

ImmAssociateContext

Sections

.text
Size: 592KB - Virtual size: 592KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 510KB - Virtual size: 510KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 913KB - Virtual size: 912KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33278cf7bd471149de506ba5e4f1ca8b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

user32

winmm

ole32

d3d9

oleaut32

d3dx9_43

kernel32

gdi32

imm32

Sections

.text Size: 592KB - Virtual size: 592KB

.rdata Size: 510KB - Virtual size: 510KB

.data Size: 10KB - Virtual size: 19KB

.rsrc Size: 913KB - Virtual size: 912KB

.reloc Size: 66KB - Virtual size: 66KB

.text
Size: 592KB - Virtual size: 592KB

.rdata
Size: 510KB - Virtual size: 510KB

.data
Size: 10KB - Virtual size: 19KB

.rsrc
Size: 913KB - Virtual size: 912KB

.reloc
Size: 66KB - Virtual size: 66KB