Static task
static1
Behavioral task
behavioral1
Sample
2024-02-21_19ca004c802db8b9e1b9274f60cf7b7f_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-02-21_19ca004c802db8b9e1b9274f60cf7b7f_mafia.exe
Resource
win10v2004-20240221-en
General
-
Target
2024-02-21_19ca004c802db8b9e1b9274f60cf7b7f_mafia
-
Size
486KB
-
MD5
19ca004c802db8b9e1b9274f60cf7b7f
-
SHA1
d0da7b5dc7a0f19b479cf0f145bfb6a5b2d81f41
-
SHA256
2d2f12737210ef746166636fa58e9ddc22ea2e6a9cf4064c97c9bb4038169b72
-
SHA512
9e460f4f70325431d1409df72c27a9cc9b4ab6afb99e47e230a5c5ff6e8eeb206bc037458738bcd88806371a7b04fa7a2cac97e634150e21429887f9805d7ef3
-
SSDEEP
12288:3O4rfItL8HPJduULqb0wvOOwRDcL1fAzD9W67rKxUYXhW:3O4rQtGPKUub0gt2uX63KxUYXhW
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-02-21_19ca004c802db8b9e1b9274f60cf7b7f_mafia
Files
-
2024-02-21_19ca004c802db8b9e1b9274f60cf7b7f_mafia.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.reloc Size: 133KB - Virtual size: 132KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 24KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 257KB - Virtual size: 278KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.giats Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.pdata Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 6KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.pdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ