2024-02-18_9f6c4c75f33e69bc4948a657ff3c9b6a_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-18_9f6c4c75f33e69bc4948a657ff3c9b6a_mafia
Size

678KB
MD5

9f6c4c75f33e69bc4948a657ff3c9b6a
SHA1

0df972f3e129cd1ee2289889ea4d6b3f476b4c39
SHA256

9c543bcd9e2b5f7827a649d7d5ccb6e37d7574f7727a4a65528cbcd2191643bf
SHA512

7145785c34971b39d150ea4826c689c007d6028bca10759b9ae10f3b25b3e3d9d599ba32e69165de01643ecb8c2c20c272d5b2d9e93736d5aedce302b40263c7
SSDEEP

12288:HpTKoyWQIhckj2gIae3Js+ajn7YbIH8CY/krtCnQmeM8QM2TzMhst2Y5n:lqWQ4ckj2gxYJs+az7YbIH8CY/krtTMv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-18_9f6c4c75f33e69bc4948a657ff3c9b6a_mafia

Files

2024-02-18_9f6c4c75f33e69bc4948a657ff3c9b6a_mafia
.exe windows:5 windows x86 arch:x86

873f07d3b581150d7184d4f08e2235db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Users\Eric\Documents\_Documents\minecraft\Mineways\git_code\Release\Mineways32.pdb

Imports

kernel32

CreateFileMappingW
GetFileInformationByHandle
GetSystemTime
SetEnvironmentVariableA
CompareStringW
GetProcessHeap
SetEndOfFile
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
GetDriveTypeW
HeapSize
CreateFileA
WriteConsoleW
SetStdHandle
GetLocaleInfoW
LoadLibraryW
LCMapStringW
GetFileType
IsValidCodePage
SetFilePointer
GetACP
GetCPInfo
RaiseException
RtlUnwind
FlushFileBuffers
GetConsoleMode
GetConsoleCP
Sleep
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
GetLocalTime
GetLastError
FileTimeToSystemTime
WideCharToMultiByte
GetCurrentProcess
SystemTimeToFileTime
UnmapViewOfFile
GetFileSize
MapViewOfFile
FileTimeToDosDateTime
GetTimeZoneInformation
ReadFile
MultiByteToWideChar
CloseHandle
GetCurrentDirectoryW
WriteFile
CreateFileW
DeleteFileW
FindNextFileW
TlsAlloc
EncodePointer
FindFirstFileW
GetOEMCP
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
GetStdHandle
DecodePointer
GetCommandLineW
HeapSetInformation
GetStartupInfoW
HeapAlloc
HeapFree
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
GetFullPathNameW
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetProcAddress
GetModuleHandleW
ExitProcess
InitializeCriticalSection

user32

DialogBoxParamW
GetDlgItem
SendMessageW
EnableMenuItem
GetMenuItemInfoW
InsertMenuItemW
DeleteMenu
wsprintfW
SetCursor
PostQuitMessage
SetWindowPos
EndPaint
BeginPaint
FillRect
DefWindowProcW
DestroyWindow
ReleaseCapture
InvalidateRect
SetCapture
SetFocus
GetKeyState
MoveWindow
SetWindowTextW
GetClientRect
GetSysColor
CheckMenuItem
GetMenu
UpdateWindow
ShowWindow
CreateWindowExW
RegisterClassExW
LoadIconW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
LoadCursorW
LoadAcceleratorsW
LoadStringW
GetDlgItemTextA
MessageBoxW
IsDlgButtonChecked
SendDlgItemMessageW
CheckDlgButton
SetDlgItemTextA
GetDlgItemInt
GetDlgItemTextW
SetDlgItemTextW
EnableWindow
EndDialog

gdi32

SelectObject
CreateCompatibleDC
DeleteObject
GetClipBox
SetBkColor
SetTextColor
CreateDIBSection
CreateSolidBrush
BitBlt

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegCreateKeyExW
RegDeleteValueW
RegEnumValueW
RegSetValueExW
RegCloseKey
RegQueryValueExW

shell32

SHGetFolderPathW

comctl32

InitCommonControlsEx

shlwapi

PathRemoveFileSpecW
PathAppendW
PathFileExistsW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Sections

.text
Size: 394KB - Virtual size: 394KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

873f07d3b581150d7184d4f08e2235db

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

comctl32

shlwapi

version

Sections

.text Size: 394KB - Virtual size: 394KB

.rdata Size: 112KB - Virtual size: 112KB

.data Size: 32KB - Virtual size: 95KB

.rsrc Size: 110KB - Virtual size: 109KB

.reloc Size: 27KB - Virtual size: 27KB

.text
Size: 394KB - Virtual size: 394KB

.rdata
Size: 112KB - Virtual size: 112KB

.data
Size: 32KB - Virtual size: 95KB

.rsrc
Size: 110KB - Virtual size: 109KB

.reloc
Size: 27KB - Virtual size: 27KB