2024-03-08_84778af8bff8d2cd1935f985afc1d56d_mafia_wapomi

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-08_84778af8bff8d2cd1935f985afc1d56d_mafia_wapomi
Size

356KB
MD5

84778af8bff8d2cd1935f985afc1d56d
SHA1

ae943cdcef53fd1ade00efd6ef029f53072d5a8c
SHA256

0801a9705e2588ab59ad93db774b616f1c49f5c5ae833b81d72af6eaffd0bfec
SHA512

7717e90f8810879a5d274747d710e941932f4a40066bec7e8045fe8910bdb27918121d2159d309de2ae76bb789af6d44e4fa8c530b96de3460a08b69e4539f95
SSDEEP

6144:b8mWVz82iJAYgibJQNnIbX4lxHyKLkkklkkk/SyjXPW:b8mW982iJjzbJQNnIbX4vDAkkKkk/Sof

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-08_84778af8bff8d2cd1935f985afc1d56d_mafia_wapomi

Files

2024-03-08_84778af8bff8d2cd1935f985afc1d56d_mafia_wapomi
.exe windows:5 windows x86 arch:x86

60955544c76b4965de78e19bfe8f5d79

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\beamng\torque3d\launcher\build_x86\Release\launcher.pdb

Imports

kernel32

CloseHandle
WaitForSingleObject
FreeLibrary
LoadLibraryW
GetLongPathNameW
GetFullPathNameW
RemoveDirectoryW
GetModuleFileNameW
FindClose
FindNextFileW
FindFirstFileW
LocalFree
GetCommandLineW
GetModuleHandleW
WriteConsoleW
HeapReAlloc
CreateFileW
FlushFileBuffers
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
LCMapStringW
GetConsoleMode
GetConsoleCP
SetFilePointer
GetCurrentThreadId
GetLastError
FormatMessageW
SetEndOfFile
MoveFileExW
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
RaiseException
RtlUnwind
GetSystemTimeAsFileTime
GetProcAddress
ExitProcess
DecodePointer
CreateDirectoryW
DeleteFileW
SetEnvironmentVariableW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFileAttributesW
EncodePointer
HeapAlloc
HeapFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
IsProcessorFeaturePresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
SetConsoleCtrlHandler
InterlockedExchange
GetLocaleInfoW
WriteFile
GetStdHandle
SetHandleCount
GetFileType
MultiByteToWideChar
ReadFile
Sleep
HeapSize
HeapCreate
HeapDestroy
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetProcessHeap

user32

LoadIconW
MessageBoxW
CallNextHookEx
SendMessageW
MessageBoxIndirectW
SetWindowsHookExW
UnhookWindowsHookEx

shell32

ShellExecuteExW
SHGetFolderPathW
CommandLineToArgvW

ole32

CoCreateInstance
CoInitialize

advapi32

RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegDeleteKeyW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Sections

.text
Size: 189KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

*�DM�uY
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

60955544c76b4965de78e19bfe8f5d79

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

shell32

ole32

advapi32

version

Sections

.text Size: 189KB - Virtual size: 188KB

.rdata Size: 38KB - Virtual size: 37KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 99KB - Virtual size: 98KB

.reloc Size: 8KB - Virtual size: 7KB

*�DM�uY Size: 16KB - Virtual size: 20KB

.text
Size: 189KB - Virtual size: 188KB

.rdata
Size: 38KB - Virtual size: 37KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 99KB - Virtual size: 98KB

.reloc
Size: 8KB - Virtual size: 7KB

*�DM�uY
Size: 16KB - Virtual size: 20KB