2024-04-09_30a1969c62836bb15959e99f6756684b_mafia_ramnit

General

Target

2024-04-09_30a1969c62836bb15959e99f6756684b_mafia_ramnit
Size

11.0MB
MD5

30a1969c62836bb15959e99f6756684b
SHA1

d235d6793b6bbd6b40fc86e5f0023da2665e0042
SHA256

1ad2b9bbb32b75ae282dd3bacc9356be661d90923cb6ff6793833219f817eaf3
SHA512

32f39ebc767ad250b75f1700340177cfb5cf8c560b8d47f7ca5e9f44799ce8af26db23e9f0192d7dcb2fca6784db4d339a30f325be2b3501f545fb0f37b97f40
SSDEEP

196608:iIcRGBfW1GBfW1pVG1qfoIZIcXJyHFE7RwDU:iIBWCW0QfoIZIc5yy7RwDU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-09_30a1969c62836bb15959e99f6756684b_mafia_ramnit

Files

2024-04-09_30a1969c62836bb15959e99f6756684b_mafia_ramnit
.exe windows:4 windows x86 arch:x86

60efa693a19725b0dd128cb84a9a313f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegCloseKey
LookupPrivilegeValueA
OpenProcessToken
RegOpenKeyExA

kernel32

SearchPathA
GetModuleFileNameA
GetModuleHandleA
lstrcatA
ShowConsoleCursor
GetFileSize
Sleep
RemoveDirectoryA
lstrlenA
GetShortPathNameA
CopyFileA
lstrcpynA
lstrcpyA
GetUserDefaultUILanguage
MoveFileA
GetFullPathNameA
SetFileAttributesA
lstrcatW
CreateTimerQueue
WaitForSingleObjectEx
SetEnvironmentVariableW
SetLocalTime
FlushConsoleInputBuffer
GetCurrentConsoleFont
WaitForMultipleObjects
QueryPerformanceCounter
ExitProcess
GetConsoleCP
LocalReAlloc
WaitCommEvent
IsDBCSLeadByteEx
GetSystemTimeAsFileTime
SetThreadAffinityMask
GetModuleHandleA
CreateTimerQueueTimer
GetCurrentThreadId
GlobalMemoryStatus
SetConsolePalette
ClearCommError

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

user32

SendDlgItemMessageA
ShowWindow
CreateWindowExA
GetDlgItemTextA
SetWindowTextA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

60efa693a19725b0dd128cb84a9a313f

Headers

File Characteristics

Imports

advapi32

kernel32

version

user32

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 7KB - Virtual size: 35KB

.rsrc Size: 2KB - Virtual size: 2KB

.rdata Size: 83KB - Virtual size: 103KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 7KB - Virtual size: 35KB

.rsrc
Size: 2KB - Virtual size: 2KB

.rdata
Size: 83KB - Virtual size: 103KB