2024-04-09_4d288cceb1a99d0e2667b695b53281d0_mafia_wapomi

Sharing

Copy URL

Twitter E-mail

General

Target

2024-04-09_4d288cceb1a99d0e2667b695b53281d0_mafia_wapomi
Size

545KB
MD5

4d288cceb1a99d0e2667b695b53281d0
SHA1

99145971c862c8dd3e5e203909afcc631b72dd74
SHA256

d4ac157781c6ffdfb17016d3c0780a9afdd86cd2665de8e02acab442e79a2689
SHA512

759391ccd6abe61a99e3ac61ab2c94fd37f64402cca6ed9b52f96431b3f417932bed7c380926dbddd5dc6fe111228806d5e376ca64d5116ded1145f72dd2ecf5
SSDEEP

6144:xyFyO7XDEgLN1zLEnLssb/CP1o0INo1EGucQImhaaje95W2V2Y4NemT:xyFyUxLN1zonLxjY96

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-09_4d288cceb1a99d0e2667b695b53281d0_mafia_wapomi

Files

2024-04-09_4d288cceb1a99d0e2667b695b53281d0_mafia_wapomi
.exe windows:5 windows x86 arch:x86

acbdd79a63595715fedb5829361f8fe8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Juegos\SSeMU\Source\MHP\HackServer\Release\MHPServer.pdb

Imports

kernel32

WriteFile
GetFileSize
ReadFile
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
SetErrorMode
SetUnhandledExceptionFilter
GetSystemDirectoryA
GetVolumeInformationA
GetSystemInfo
TerminateProcess
GetModuleHandleA
VirtualProtect
VirtualQuery
GetPrivateProfileIntA
TerminateThread
CreateIoCompletionPort
GetLastError
CreateThread
SetThreadPriority
CreateSemaphoreA
ReleaseSemaphore
GetQueuedCompletionStatus
WaitForSingleObject
ExitProcess
CompareStringW
CreateFileW
SetFilePointer
SetEndOfFile
WriteConsoleW
SetStdHandle
LoadLibraryW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
HeapReAlloc
GetStringTypeW
GetLocaleInfoW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
SetLastError
TlsFree
CreateFileA
GetLocalTime
CreateDirectoryA
CloseHandle
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetProcessHeap
GetTickCount
TlsSetValue
TlsGetValue
TlsAlloc
HeapCreate
SetEnvironmentVariableA
GetModuleFileNameW
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
GetProcAddress
HeapSize
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
GetCPInfo
MultiByteToWideChar
LCMapStringW
WideCharToMultiByte
RtlUnwind
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetSystemTimeAsFileTime
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
Sleep
HeapAlloc
HeapFree

user32

SetWindowTextA
SetTimer
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
LoadIconA
LoadStringA
RegisterClassExA
CreateWindowExA
ShowWindow
SendMessageA
UpdateWindow
MessageBoxA
DestroyWindow
DialogBoxParamA
DefWindowProcA
wsprintfA
LoadCursorA
ReleaseDC
FillRect
GetDC
GetClientRect
SetDlgItemTextA
EndDialog
SetFocus
GetDlgItem
PostQuitMessage
EndPaint
LoadBitmapA
BeginPaint

gdi32

SetBkMode
SetTextColor
DeleteObject
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
GetStockObject
TextOutA

shell32

ShellExecuteA

ws2_32

WSAStartup
WSAGetLastError
socket
inet_addr
gethostbyname
connect
send
closesocket
recv
WSASocketA
htonl
bind
listen
WSASend
WSARecv
inet_ntoa
WSAAccept
htons

dbghelp

MiniDumpWriteDump

psapi

GetModuleInformation

Sections

.text
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 509KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 333KB - Virtual size: 333KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

��4R�u�
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

acbdd79a63595715fedb5829361f8fe8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

shell32

ws2_32

dbghelp

psapi

Sections

.text Size: 138KB - Virtual size: 137KB

.rdata Size: 27KB - Virtual size: 27KB

.data Size: 15KB - Virtual size: 509KB

.rsrc Size: 333KB - Virtual size: 333KB

.reloc Size: 13KB - Virtual size: 12KB

��4R�u� Size: 16KB - Virtual size: 20KB

.text
Size: 138KB - Virtual size: 137KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 15KB - Virtual size: 509KB

.rsrc
Size: 333KB - Virtual size: 333KB

.reloc
Size: 13KB - Virtual size: 12KB

��4R�u�
Size: 16KB - Virtual size: 20KB