2024-02-20_2663715e3c55401adfa56e264ad6db4d_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-20_2663715e3c55401adfa56e264ad6db4d_mafia
Size

1.6MB
MD5

2663715e3c55401adfa56e264ad6db4d
SHA1

700a6eb1b440af1009357aa830ea8f097a9e03bd
SHA256

4a771935016b70d85e6036e0da8498661c7b61f90ac703b4cc6412b7ae799dd4
SHA512

6a6617f1df610b10bee73190539f357e4f0036df0c08768c7252614fb4fd5c33f3af45457314488c05d8636f2e12c50bfde77340f2951c5c49129149d674fc01
SSDEEP

49152:sD+LCIkPeNoRbfE0DuJKkpimNCXg3uQKa:+vRg0DuJ/pimNQg3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-20_2663715e3c55401adfa56e264ad6db4d_mafia

Files

2024-02-20_2663715e3c55401adfa56e264ad6db4d_mafia
.exe windows:5 windows x86 arch:x86

383a6b5fb18a0ca0eb465067b14b00ea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\cpp\kod\NewSFML\Release\KFY_Editor.pdb

Imports

openal32

alSourcei
alSourceStop
alDeleteBuffers

opengl32

wglCreateContext
wglShareLists
wglGetCurrentContext
wglMakeCurrent
wglDeleteContext
wglGetCurrentDC
wglGetProcAddress
glColor4f
glTexCoord2f
glVertex2f
glEnd
glBegin
glBlendFunc
glViewport
glLoadMatrixf
glClearColor
glClear
glDisable
glEnable
glAlphaFunc
glMatrixMode
glLoadIdentity
glGetTexImage
glGenTextures
glTexImage2D
glGetIntegerv
glCopyTexSubImage2D
glBindTexture
glTexSubImage2D
glDeleteTextures
glGetString
glTexParameteri
glFlush

gdi32

SetPixelFormat
ChoosePixelFormat
SwapBuffers
GetDeviceCaps
DescribePixelFormat

winmm

joyGetDevCapsA
joyGetPosEx

kernel32

SetEnvironmentVariableA
CompareStringW
SetStdHandle
IsValidLocale
EnumSystemLocalesA
WriteConsoleW
HeapFree
FormatMessageA
LocalFree
AreFileApisANSI
SetLastError
CreateDirectoryW
GetCurrentDirectoryW
GetFileAttributesW
FindNextFileW
FindFirstFileW
GetLastError
GetLocaleInfoA
DeviceIoControl
FindClose
CreateFileW
GetProcessHeap
SetEndOfFile
DecodePointer
EncodePointer
InterlockedExchange
InterlockedCompareExchange
GetStringTypeW
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
ExitProcess
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
RtlUnwind
HeapAlloc
HeapReAlloc
LCMapStringW
GetCPInfo
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
GetACP
GetTimeFormatA
GetOEMCP
IsValidCodePage
HeapCreate
GetFileType
GetStdHandle
GetModuleFileNameW
GetUserDefaultLCID
GetTickCount
GetDateFormatA
GetEnvironmentStringsW
GetSystemTimeAsFileTime
CreateFileA
GetCurrentProcess
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GetModuleHandleA
GetCurrentThreadId
CloseHandle
GetCurrentProcessId
GetSystemTime
SetUnhandledExceptionFilter
GetVersionExA
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
Sleep
QueryPerformanceFrequency
QueryPerformanceCounter
SetThreadAffinityMask
GetCurrentThread
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
FreeEnvironmentStringsW
HeapSize
GetLocaleInfoW
LoadLibraryW
FlushFileBuffers
ReadFile
GetConsoleMode
GetConsoleCP
WriteFile
SetFilePointer
GetTimeZoneInformation

user32

CreateIcon
SendMessageA
GetDC
ReleaseDC
CreateWindowExW
CreateWindowExA
RegisterClassW
RegisterClassA
SetWindowTextA
CallWindowProcA
DefWindowProcW
DefWindowProcA
GetClientRect
TrackMouseEvent
DestroyIcon
DestroyWindow
UnregisterClassW
UnregisterClassA
SetWindowLongA
MapVirtualKeyA
ChangeDisplaySettingsA
ShowWindow
GetWindowLongA
AdjustWindowRect
SetWindowPos
LoadCursorA
SetCursor
PeekMessageA
TranslateMessage
EnumDisplaySettingsA
ScreenToClient
GetCursorPos
GetAsyncKeyState
wsprintfA
DispatchMessageA

Sections

.text
Size: 962KB - Virtual size: 962KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 618KB - Virtual size: 618KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

383a6b5fb18a0ca0eb465067b14b00ea

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

openal32

opengl32

gdi32

winmm

kernel32

user32

Sections

.text Size: 962KB - Virtual size: 962KB

.rdata Size: 618KB - Virtual size: 618KB

.data Size: 13KB - Virtual size: 97KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 62KB - Virtual size: 62KB

.text
Size: 962KB - Virtual size: 962KB

.rdata
Size: 618KB - Virtual size: 618KB

.data
Size: 13KB - Virtual size: 97KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 62KB - Virtual size: 62KB