2024-02-20_cd2443377d894e273bbd9434d84125ba_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-20_cd2443377d894e273bbd9434d84125ba_mafia
Size

2.8MB
MD5

cd2443377d894e273bbd9434d84125ba
SHA1

982015a3e5ab74cfb370d24b04922030528f1dcf
SHA256

4b06e6ac8eb992d22d993581efc74c5387599a02ef0f59bbb6d1dd73e1dd4e02
SHA512

0f47571a527fa5625e3b3257549feb38feb1ef17730fd35cc143fc6a421ddd15b1950b0c019ae3dd43154fe3585be7ed2cc8c916bf486de6189416cb8e3671c0
SSDEEP

49152:slJ0jLAnyHjxz21NRBAvw0oF7naIw3fQNWTGhR/jYv8kjwr78r43:240yHNz21L+vyIvMhR/jYvwr78r4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-20_cd2443377d894e273bbd9434d84125ba_mafia

Files

2024-02-20_cd2443377d894e273bbd9434d84125ba_mafia
.exe windows:5 windows x86 arch:x86

61eaf1e4af4506634aee3511706b34fc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\spidweb\Documents\Visual Studio 2010\Projects\Avernum 2 Steam\Avernum 2\Avernum 2.pdb

Imports

winmm

timeGetTime

opengl32

glReadPixels
glViewport
glMatrixMode
glLoadIdentity
glShadeModel
glClearColor
glEnable
glFlush
glClear
glOrtho
glDisable
glTranslatef
glScalef
glRotatef
glBlendFunc
glColor4f
glBegin
glTexCoord2f
glVertex3f
glEnd
glColor3f
glVertex2f
glVertex3i
glPixelStorei
glGenTextures
glBindTexture
glTexImage2D
glTexParameteri
glTexSubImage2D
glDeleteTextures
glPushMatrix
glPopMatrix
glReadBuffer
glVertex2d
glTexParameterf
glGetIntegerv
glCopyTexSubImage2D
glFinish
wglMakeCurrent
wglDeleteContext
glGetString
wglGetProcAddress
wglCreateContext
glScissor

dsound

ord1

shell32

SHGetFolderPathW
SHGetFolderLocation
SHGetPathFromIDListW

kernel32

InterlockedIncrement
GetCPInfo
DeleteCriticalSection
GetFileType
SetHandleCount
SetFilePointer
GetConsoleMode
GetConsoleCP
ReadFile
InitializeCriticalSectionAndSpinCount
HeapSize
HeapCreate
GetStdHandle
WriteFile
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
HeapReAlloc
RaiseException
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineA
FindFirstFileExA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
InterlockedDecrement
GetACP
FindClose
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
DeleteFileA
GetOEMCP
WideCharToMultiByte
lstrlenW
GetCurrentDirectoryW
lstrlenA
CreateDirectoryW
GetLastError
GetLocalTime
GetTickCount
GetVersionExW
GetModuleFileNameW
QueryPerformanceFrequency
QueryPerformanceCounter
GetProcAddress
LoadLibraryW
GetModuleHandleW
GlobalFree
GlobalAlloc
CloseHandle
WaitForSingleObject
ResumeThread
Sleep
TerminateThread
GetExitCodeThread
DecodePointer
EncodePointer
HeapFree
HeapAlloc
GetCurrentProcessId
FlushFileBuffers
LCMapStringW
SetStdHandle
WriteConsoleW
GetStringTypeW
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
IsProcessorFeaturePresent
GetTimeZoneInformation
GetEnvironmentStringsW
GetFullPathNameA
GetFileInformationByHandle
PeekNamedPipe
CreateFileA
GetModuleFileNameA
FreeEnvironmentStringsW
GetDriveTypeW
SetEndOfFile
GetProcessHeap
CreateFileW
CompareStringW
SetEnvironmentVariableA
MultiByteToWideChar
GetFileAttributesA

user32

DialogBoxParamW
GetDlgItem
CheckDlgButton
SendMessageW
IsDlgButtonChecked
EndDialog
EnumDisplaySettingsW
MessageBoxW
SetWindowTextW
GetWindowRect
GetDesktopWindow
GetAsyncKeyState
SetKeyboardState
GetKeyboardLayout
GetCursorPos
ScreenToClient
ShowCursor
PeekMessageW
DispatchMessageW
GetForegroundWindow
ReleaseDC
IsWindow
DestroyWindow
GetSystemMetrics
SetCursor
LoadCursorW
LoadIconW
RegisterClassW
SetRect
AdjustWindowRect
CreateWindowExW
GetClientRect
SetWindowLongW
GetSysColor
DefWindowProcW
EndPaint
BeginPaint
GetWindowLongW
PostQuitMessage
ChangeDisplaySettingsW
IsWindowVisible
ShowWindow
MoveWindow
GetDC
GetMessageW
UpdateWindow
TranslateMessage

gdi32

SetPixelFormat
SetWinMetaFileBits
GetDeviceCaps
DeleteEnhMetaFile
GetEnhMetaFileHeader
SetEnhMetaFileBits
GetDIBits
PlayEnhMetaFile
RealizePalette
SelectPalette
CreatePalette
ChoosePixelFormat
DeleteObject
GetEnhMetaFilePaletteEntries
ExtTextOutA
SetBkColor
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
SwapBuffers
DeleteDC
GetStockObject

steam_api

SteamUserStats
SteamAPI_UnregisterCallback
SteamUtils
SteamAPI_Shutdown
SteamAPI_Init
SteamAPI_RegisterCallback
SteamUser
SteamAPI_RunCallbacks

ws2_32

htonl
ntohs
htons
ntohl

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 303KB - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 8.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 567KB - Virtual size: 567KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

61eaf1e4af4506634aee3511706b34fc

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winmm

opengl32

dsound

shell32

kernel32

user32

gdi32

steam_api

ws2_32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 303KB - Virtual size: 303KB

.data Size: 138KB - Virtual size: 8.7MB

.rsrc Size: 567KB - Virtual size: 567KB

.reloc Size: 105KB - Virtual size: 105KB

.data Size: 26KB - Virtual size: 26KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 303KB - Virtual size: 303KB

.data
Size: 138KB - Virtual size: 8.7MB

.rsrc
Size: 567KB - Virtual size: 567KB

.reloc
Size: 105KB - Virtual size: 105KB

.data
Size: 26KB - Virtual size: 26KB