2024-03-14_0ab62b3db1d1b11953a909d20b447cdb_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-14_0ab62b3db1d1b11953a909d20b447cdb_mafia
Size

2.2MB
MD5

0ab62b3db1d1b11953a909d20b447cdb
SHA1

5be80eb569ae47eae0579dad6e3b662431c6b918
SHA256

521236b2a0d93deb860a385b9a554ef93f449d73a663508f7334a917999f9d9f
SHA512

4ebe426431ec3acc2b0f207d774e1da4fec9a3fb075b2947286eb1b0cb2819c858ce5295fe3c7138fef2a3de2d9f39b6600dd0dbd44f07691fa703a6177f931c
SSDEEP

49152:PDgtWae0RCF+WXVlLJ5+WLJfTM3vM7bYxIwNRe:PDgtWa9q+WvV55NMfMGRe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-14_0ab62b3db1d1b11953a909d20b447cdb_mafia

Files

2024-03-14_0ab62b3db1d1b11953a909d20b447cdb_mafia
.exe windows:5 windows x86 arch:x86

87ccef919ef725eb534a87a14690e3db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

ntohl
recv
WSAStartup
send
htonl
gethostbyname
htons
connect
setsockopt
WSACleanup
inet_ntoa
socket
closesocket

kernel32

GetConsoleCP
GetDateFormatA
GetTimeFormatA
VirtualQuery
DeleteFileA
GetVersionExA
SetThreadPriority
CreateProcessA
GetTempPathA
GetTempFileNameA
GetFullPathNameA
GetFileInformationByHandle
UnmapViewOfFile
GetHandleInformation
IsBadReadPtr
MapViewOfFile
CreateFileMappingA
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
RtlUnwind
GetCommandLineA
HeapSetInformation
HeapAlloc
GetLastError
HeapFree
HeapReAlloc
RaiseException
GetSystemTimeAsFileTime
HeapSize
DecodePointer
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
Sleep
GetProcAddress
GetModuleHandleW
ExitProcess
GetCPInfo
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentThread
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
MultiByteToWideChar
WriteFile
WideCharToMultiByte
GetProcessHeap
GetConsoleMode
FlushFileBuffers
SetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
IsProcessorFeaturePresent
GetTimeZoneInformation
SetConsoleCtrlHandler
InterlockedExchange
LoadLibraryW
LCMapStringW
WriteConsoleW
SetFilePointer
CloseHandle
CreateFileW
ReadFile
CompareStringW
SetEnvironmentVariableA
GetThreadLocale
LoadLibraryA
FormatMessageA
GetModuleHandleA
CreateFileA
VirtualAlloc
VirtualFree
FileTimeToLocalFileTime
GetLocalTime
SystemTimeToFileTime
WaitForSingleObject
ReleaseMutex
CreateMutexA
SetEndOfFile
SetErrorMode
InitializeCriticalSection
SetEvent
CreateEventA
ExitThread
TerminateThread
OpenFileMappingA

imagehlp

SymCleanup
SymInitialize
StackWalk

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 281KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 943KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87ccef919ef725eb534a87a14690e3db

Headers

DLL Characteristics

File Characteristics

Imports

wsock32

kernel32

imagehlp

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.text1 Size: 512B - Virtual size: 80B

.rdata Size: 281KB - Virtual size: 281KB

.data Size: 63KB - Virtual size: 943KB

.trace Size: 4KB - Virtual size: 3KB

.reloc Size: 158KB - Virtual size: 158KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.text1
Size: 512B - Virtual size: 80B

.rdata
Size: 281KB - Virtual size: 281KB

.data
Size: 63KB - Virtual size: 943KB

.trace
Size: 4KB - Virtual size: 3KB

.reloc
Size: 158KB - Virtual size: 158KB