2024-02-22_d108ea835371508e9549266b727dbc23_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-22_d108ea835371508e9549266b727dbc23_mafia
Size

10.1MB
MD5

d108ea835371508e9549266b727dbc23
SHA1

06ce35f81d08317794a8f3eb0affe19d867bf1a3
SHA256

ee4c926c6f3d9ceb3843a16b3beaa75ea07ebff71863bc905c358e31b8a269a8
SHA512

ddd9e77f8a9e386f302069d5cb0302925e8fa884c4dcf6c05156202a8a33ec6b1d2d71a261ddded657a203e94c76a445f58a0081c6346cfb16f77ddfa2850ac6
SSDEEP

12288:Q7QP8bFrH+xhE3WIXeQfmOsAG705lAIKVvsVUIStBiArTEaHmw45D:Q71OOFfmOss0kl8iArTV4V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-22_d108ea835371508e9549266b727dbc23_mafia

Files

2024-02-22_d108ea835371508e9549266b727dbc23_mafia
.exe windows:5 windows x86 arch:x86

87bda54d28f09e35146ce6bea8ec5c7b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\gdk-ace\games\jvh-FruitFestNL\jvh-FruitFestNL_NoAce\Intermediate\Release HTML\FruitFest.pdb

Imports

kernel32

CreateEventA
CloseHandle
SetFileAttributesA
GetStdHandle
WriteFile
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
HeapCreate
IsProcessorFeaturePresent
ExitProcess
GetModuleHandleW
GetProcAddress
HeapSize
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
HeapSetInformation
GetCommandLineA
CreateDirectoryA
GetDateFormatA
LoadLibraryA
FreeLibrary
GetTickCount
LocalFree
GetLastError
FormatMessageA
GetModuleHandleA
LockResource
SizeofResource
LoadResource
FindResourceA
lstrlenA
GetModuleFileNameA
GetTimeFormatA
InitializeCriticalSection
SetEnvironmentVariableA
CompareStringW
CreateFileW
GetProcessHeap
SetEndOfFile
GetDriveTypeW
WriteConsoleW
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
LoadLibraryW
InterlockedExchange
HeapReAlloc
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCurrentDirectoryW
CreateFileA
PeekNamedPipe
GetFileInformationByHandle
GetFullPathNameA
MultiByteToWideChar
LCMapStringW
RtlUnwind
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
SetFilePointer
GetSystemTimeAsFileTime
ReadFile
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
RaiseException
GetLocaleInfoW
Sleep
VerLanguageNameA
EncodePointer
DecodePointer
HeapFree
EnterCriticalSection
LeaveCriticalSection
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileExA
HeapAlloc
GetTimeZoneInformation
GetModuleFileNameW

user32

ScreenToClient
GetCursorPos
GetFocus
GetDC
ReleaseDC
ClientToScreen
EndPaint
SetWindowPlacement
SetCursor
RegisterClassExA
PostQuitMessage
LoadIconA
GetClientRect
BeginPaint
GetWindowPlacement
SetWindowLongA
CreateWindowExA
DefWindowProcA
SetWindowPos
GetCursor
CloseWindow
LoadCursorA
MoveWindow
GetWindowRect
GetDesktopWindow
TranslateMessage
MessageBoxA
PeekMessageA
DispatchMessageA
wsprintfA

gdi32

BitBlt
DeleteDC
StretchBlt
GetDIBits
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
SetDIBits
GetTextFaceA
RemoveFontMemResourceEx
AddFontMemResourceEx
GetStockObject

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

fmodex

?getCurrentSound@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAPAVSound@2@@Z
?setLoopCount@Channel@FMOD@@QAG?AW4FMOD_RESULT@@H@Z
?release@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?init@System@FMOD@@QAG?AW4FMOD_RESULT@@HIPAX@Z
?close@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?getVersion@System@FMOD@@QAG?AW4FMOD_RESULT@@PAI@Z
?createSound@System@FMOD@@QAG?AW4FMOD_RESULT@@PBDIPAUFMOD_CREATESOUNDEXINFO@@PAPAVSound@2@@Z
?playSound@System@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_CHANNELINDEX@@PAVSound@2@_NPAPAVChannel@2@@Z
?release@Sound@FMOD@@QAG?AW4FMOD_RESULT@@XZ
FMOD_System_Create
?setVolume@Channel@FMOD@@QAG?AW4FMOD_RESULT@@M@Z
?setPaused@Channel@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z
?stop@Channel@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?isPlaying@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PA_N@Z

d3dx9_33

D3DXSaveSurfaceToFileA
D3DXMatrixPerspectiveFovLH
D3DXVec3Unproject
D3DXPlaneIntersectLine
D3DXPlaneFromPointNormal
D3DXMatrixInverse
D3DXCreateTextureFromResourceA
D3DXMatrixLookAtLH
D3DXGetImageInfoFromResourceA
D3DXMatrixRotationYawPitchRoll
D3DXMatrixTransformation2D
D3DXCreateTexture
D3DXLoadSurfaceFromSurface
D3DXGetImageInfoFromFileA
D3DXLoadSurfaceFromResourceA
D3DXCreateLine
D3DXCreateFontIndirectA
D3DXCreateFontA
D3DXCreateSprite
D3DXLoadSurfaceFromFileA
D3DXMatrixMultiply
D3DXMatrixTranslation
D3DXCreateTextureFromFileA

d3d9

Direct3DCreate9

winmm

timeEndPeriod
timeGetTime
timeBeginPeriod

dinput8

DirectInput8Create

Sections

.text
Size: 458KB - Virtual size: 458KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9.5MB - Virtual size: 9.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87bda54d28f09e35146ce6bea8ec5c7b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

version

fmodex

d3dx9_33

d3d9

winmm

dinput8

Sections

.text Size: 458KB - Virtual size: 458KB

.rdata Size: 9.5MB - Virtual size: 9.5MB

.data Size: 66KB - Virtual size: 87KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 96KB - Virtual size: 95KB

.text
Size: 458KB - Virtual size: 458KB

.rdata
Size: 9.5MB - Virtual size: 9.5MB

.data
Size: 66KB - Virtual size: 87KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 96KB - Virtual size: 95KB