Behavioral task
behavioral1
Sample
2024-03-05_8c9275cfc09b0fcc68e9f378203fc69a_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-05_8c9275cfc09b0fcc68e9f378203fc69a_mafia.exe
Resource
win10v2004-20240226-en
General
-
Target
2024-03-05_8c9275cfc09b0fcc68e9f378203fc69a_mafia
-
Size
384KB
-
MD5
8c9275cfc09b0fcc68e9f378203fc69a
-
SHA1
ce7ccb72922d0b1602d7a782196a0c897ecb0f98
-
SHA256
d733c58d131298a1f82e601e6fd88619c02c9f34575b630d2f61b16327673934
-
SHA512
ffed601a9eea4f99855a327d91c04ee6494e258b68dd4d7b813281f1ae9774403f6ebb21978d8210d0f539d8d8dbfbe26366e82afb2967177257550cf76948f1
-
SSDEEP
6144:auuL3Lq8sbcmblLg8Nwlo8c7+s5K87PmkzhSDkyIFoqRyTBSET/R:NuLLqbbcmZLg8Nw9AK87PmkzhSDaRyTL
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-03-05_8c9275cfc09b0fcc68e9f378203fc69a_mafia
Files
-
2024-03-05_8c9275cfc09b0fcc68e9f378203fc69a_mafia.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 224KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
UPX1 Size: 152KB - Virtual size: 152KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE