2024-03-26_fe50de311bb5addff9cec202492e809b_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-03-26_fe50de311bb5addff9cec202492e809b_mafia
Size

357KB
MD5

fe50de311bb5addff9cec202492e809b
SHA1

2e75a9f21c2c90db668e1cfc5b2f497dd9e0108f
SHA256

5b5a6a4adb4f4afbcbf5e0d575f563de161578fe9237037549bfecd5482740f5
SHA512

dfbff18f0ccbe55af4a11bc8d152554529bbb4c010d011356ccfe62d3930f3e08d3dc09951e43992456b49ebddb7d6f35223299274cdeeeee1928e1fe0cc9b29
SSDEEP

6144:dhWpj/jZfBCkEo/II3A2JFqQfFwBSg5L4mKoo65BfMn56PyII2J0rr6Y28tC6Lxg:dhWpj/jZfBCkEo/II3A2F9FwBXL0F65j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-26_fe50de311bb5addff9cec202492e809b_mafia

Files

2024-03-26_fe50de311bb5addff9cec202492e809b_mafia
.exe windows:5 windows x86 arch:x86

4aeaf124e969af2e210d8db535f7bf67

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\SepPDFtest\Release\SepPDF.pdb

Imports

kernel32

IsProcessorFeaturePresent
HeapSize
CompareStringW
FlushFileBuffers
WriteConsoleW
HeapReAlloc
LoadLibraryW
GetStringTypeW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
RaiseException
GetCurrentDirectoryW
LCMapStringW
GetProcessHeap
HeapAlloc
SetEndOfFile
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
WriteFile
RtlUnwind
Sleep
HeapFree
ExitProcess
SetFilePointer
SetStdHandle
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetHandleCount
LeaveCriticalSection
EnterCriticalSection
GetProcAddress
GetCurrentThreadId
GetSystemTime
CloseHandle
GetVersionExA
GetFileTime
GetLocalTime
SearchPathA
FindFirstFileA
MultiByteToWideChar
IsDBCSLeadByte
GetUserDefaultLangID
SetFileTime
GlobalSize
lstrlenA
GetFullPathNameA
CreateFileA
GlobalFree
GlobalAlloc
SetLastError
GetModuleHandleW
TlsFree
TlsSetValue
CreateFileW
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
ExitThread
GetLastError
ResumeThread
CreateThread
DeleteFileA
ReadFile
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFileType
GetDriveTypeW
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
GetCPInfo
InterlockedIncrement
InterlockedDecrement

user32

MoveWindow
EndPaint
DestroyWindow
SetCursor
GetMessageA
GetWindowRect
PostQuitMessage
SendDlgItemMessageA
FillRect
GetKeyState
GetSubMenu
DrawIconEx
SetForegroundWindow
LoadIconA
IsWindowEnabled
GetClientRect
SetFocus
SendMessageA
BeginPaint
GetDC
TranslateMessage
GetMenu
GetWindowTextA
SetWindowLongA
MessageBoxA
InvalidateRect
GetWindowLongA
CreateWindowExA
ReleaseDC
EnableMenuItem
TranslateAcceleratorA
GetDlgItem
EndDialog
DefWindowProcA
GetDesktopWindow
SetWindowPos
GetMenuItemInfoA
LoadAcceleratorsA
ShowWindow
DispatchMessageA
GetSystemMetrics
SetWindowTextA
LoadImageA
UpdateWindow
EnableWindow
CallWindowProcA
FindWindowA
SetMenuItemInfoA
LoadCursorA
DialogBoxParamA
SetDlgItemTextA
RegisterClassA

gdi32

GetTextExtentPoint32A
SetTextColor
DeleteDC
CreateFontA
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
Rectangle
CreatePen
GetStockObject
TextOutA
BitBlt

comdlg32

GetFileTitleA
GetOpenFileNameA

shell32

DragAcceptFiles
SHAppBarMessage
DragFinish
SHGetPathFromIDListA
ShellExecuteA
SHBrowseForFolderA
DragQueryFileA

ole32

CoTaskMemFree

Sections

.text
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4aeaf124e969af2e210d8db535f7bf67

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

shell32

ole32

Sections

.text Size: 248KB - Virtual size: 247KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 7KB - Virtual size: 22KB

.rsrc Size: 44KB - Virtual size: 43KB

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 248KB - Virtual size: 247KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 7KB - Virtual size: 22KB

.rsrc
Size: 44KB - Virtual size: 43KB

.reloc
Size: 20KB - Virtual size: 19KB