2024-04-09_f3530640c72ed13116115fe4423515e5_mafia_wapomi

Sharing

Copy URL

Twitter E-mail

General

Target

2024-04-09_f3530640c72ed13116115fe4423515e5_mafia_wapomi
Size

545KB
MD5

f3530640c72ed13116115fe4423515e5
SHA1

e13b0e0af017698ee3f10b6faaf70c2fda60df4d
SHA256

b6e1a408b28e0b9f161d129a5ed0174d95cbaa103e4e81f778873ad0c182044f
SHA512

05b92584bb1da68beebd704a2b2e82f94ec83be8bc31ede7df8da85006b3fbe02d51e9adca241bec71161312312314a8b5f44c37b346ab63a95838660c4c65f0
SSDEEP

6144:xyFyO7XDEgLN1zLEnLssb/CP1o0INo1EGucQImhaaje95W2V2Y4Nemb:xyFyUxLN1zonLxjY96

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-09_f3530640c72ed13116115fe4423515e5_mafia_wapomi

Files

2024-04-09_f3530640c72ed13116115fe4423515e5_mafia_wapomi
.exe windows:5 windows x86 arch:x86

acbdd79a63595715fedb5829361f8fe8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Juegos\SSeMU\Source\MHP\HackServer\Release\MHPServer.pdb

Imports

kernel32

WriteFile
GetFileSize
ReadFile
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
SetErrorMode
SetUnhandledExceptionFilter
GetSystemDirectoryA
GetVolumeInformationA
GetSystemInfo
TerminateProcess
GetModuleHandleA
VirtualProtect
VirtualQuery
GetPrivateProfileIntA
TerminateThread
CreateIoCompletionPort
GetLastError
CreateThread
SetThreadPriority
CreateSemaphoreA
ReleaseSemaphore
GetQueuedCompletionStatus
WaitForSingleObject
ExitProcess
CompareStringW
CreateFileW
SetFilePointer
SetEndOfFile
WriteConsoleW
SetStdHandle
LoadLibraryW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
HeapReAlloc
GetStringTypeW
GetLocaleInfoW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
SetLastError
TlsFree
CreateFileA
GetLocalTime
CreateDirectoryA
CloseHandle
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetProcessHeap
GetTickCount
TlsSetValue
TlsGetValue
TlsAlloc
HeapCreate
SetEnvironmentVariableA
GetModuleFileNameW
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
GetProcAddress
HeapSize
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
GetCPInfo
MultiByteToWideChar
LCMapStringW
WideCharToMultiByte
RtlUnwind
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetSystemTimeAsFileTime
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
Sleep
HeapAlloc
HeapFree

user32

SetWindowTextA
SetTimer
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
LoadIconA
LoadStringA
RegisterClassExA
CreateWindowExA
ShowWindow
SendMessageA
UpdateWindow
MessageBoxA
DestroyWindow
DialogBoxParamA
DefWindowProcA
wsprintfA
LoadCursorA
ReleaseDC
FillRect
GetDC
GetClientRect
SetDlgItemTextA
EndDialog
SetFocus
GetDlgItem
PostQuitMessage
EndPaint
LoadBitmapA
BeginPaint

gdi32

SetBkMode
SetTextColor
DeleteObject
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
GetStockObject
TextOutA

shell32

ShellExecuteA

ws2_32

WSAStartup
WSAGetLastError
socket
inet_addr
gethostbyname
connect
send
closesocket
recv
WSASocketA
htonl
bind
listen
WSASend
WSARecv
inet_ntoa
WSAAccept
htons

dbghelp

MiniDumpWriteDump

psapi

GetModuleInformation

Sections

.text
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 509KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 333KB - Virtual size: 333KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

��4R�u�
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

acbdd79a63595715fedb5829361f8fe8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

shell32

ws2_32

dbghelp

psapi

Sections

.text Size: 138KB - Virtual size: 137KB

.rdata Size: 27KB - Virtual size: 27KB

.data Size: 15KB - Virtual size: 509KB

.rsrc Size: 333KB - Virtual size: 333KB

.reloc Size: 13KB - Virtual size: 12KB

��4R�u� Size: 16KB - Virtual size: 20KB

.text
Size: 138KB - Virtual size: 137KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 15KB - Virtual size: 509KB

.rsrc
Size: 333KB - Virtual size: 333KB

.reloc
Size: 13KB - Virtual size: 12KB

��4R�u�
Size: 16KB - Virtual size: 20KB