2024-03-28_365634987586c58925754ebf236cdde7_mafia_nionspy | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-28_365634987586c58925754ebf236cdde7_mafia_nionspy
Size

327KB
MD5

365634987586c58925754ebf236cdde7
SHA1

dbe3c369fcce06f2e870bffe36bda16ecc9ec4bd
SHA256

01fc9d035b199e44cdbcd5b8582106a690c6d76f859b74e3e46011bcd41adf17
SHA512

1e14cfdc27fe5759a2f0a78aa37b972f9ddcdb57eef13615b16a000878d0aba55706be773e0ce00240e146e4c43ec8044562b5fbbaade68730579a2af8ea53a4
SSDEEP

6144:c2+JS2sFafI8U0obHCW/2a7XQcsPMjVWrG8KgbPzDh:c2TFafJiHCWBWPMjVWrXK0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-28_365634987586c58925754ebf236cdde7_mafia_nionspy

Files

2024-03-28_365634987586c58925754ebf236cdde7_mafia_nionspy
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 222KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ