2024-04-09_511dcbbb446caa65150911e8e4e3e223_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-09_511dcbbb446caa65150911e8e4e3e223_mafia
Size

2.6MB
MD5

511dcbbb446caa65150911e8e4e3e223
SHA1

8c8ff2f6044f991f6bbb3f14238232e10551563e
SHA256

4d1aab54243d4cdea26eca9194dae72610358415a52a0aee85152495b365fb01
SHA512

c8bc4c8a91cace5c63e9e8fbd944ff3dc7872e89d6bf2db44885269ea3f46ee6d671b7005fb0db8c98a634fe60fd4d788d617eb8c8731667ecc7b1948e694dcb
SSDEEP

49152:RhIHT3s2y6cionVvqvAUnrhp5CfmJxax31wue5N48TjFi:Rez3s2y6cionVwR1p5Pxad1PeL4b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-09_511dcbbb446caa65150911e8e4e3e223_mafia

Files

2024-04-09_511dcbbb446caa65150911e8e4e3e223_mafia
.exe windows:5 windows x86 arch:x86

af66c29121c8a6eef06cf6537a9d1428

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\projects\Pangenesis\Release\Pangenesis.pdb

Imports

kernel32

ExitThread
FindClose
FindNextFileW
FindFirstFileW
WideCharToMultiByte
MultiByteToWideChar
WaitForSingleObject
SetEvent
CloseHandle
SetErrorMode
CreateWaitableTimerW
LoadLibraryA
VirtualQuery
VirtualProtect
OutputDebugStringW
CreateFileMappingA
LocalFree
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
GetFileAttributesW
CreateDirectoryW
FormatMessageW
DeviceIoControl
SetThreadAffinityMask
SuspendThread
SetThreadPriority
ResetEvent
ReleaseMutex
ReleaseSemaphore
CreateThread
CreateEventW
Sleep
GlobalUnlock
GlobalLock
CreateMutexW
CreateSemaphoreW
InterlockedCompareExchange
VerSetConditionMask
VerifyVersionInfoW
QueryPerformanceFrequency
OutputDebugStringA
InterlockedExchangeAdd
SetEnvironmentVariableA
CompareStringW
GetProcessHeap
SetEndOfFile
CreateFileW
FreeLibrary
CreateProcessA
GetExitCodeProcess
SetStdHandle
WriteConsoleW
CreateFileA
LoadLibraryW
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetACP
HeapSize
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
ReadFile
SetFilePointer
GetFileType
SetHandleCount
ExitProcess
HeapCreate
GetFileAttributesA
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
GetModuleFileNameW
GetStdHandle
WriteFile
IsProcessorFeaturePresent
GetProcAddress
GetCurrentThread
GetCurrentThreadId
SetLastError
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCPInfo
LCMapStringW
RtlUnwind
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineW
RemoveDirectoryA
CreateDirectoryA
HeapAlloc
HeapReAlloc
HeapFree
MoveFileA
GetSystemTimeAsFileTime
DeleteFileA
GetLastError
DecodePointer
EncodePointer
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
InterlockedDecrement
InterlockedIncrement

user32

LoadAcceleratorsW
ShowCursor
PeekMessageW
TranslateMessage
SetWindowLongW
LoadStringW
DispatchMessageW
GetActiveWindow
ReleaseDC
GetMonitorInfoW
EnumDisplayMonitors
GetWindowRect
GetClientRect
SetCursorPos
GetCursorPos
EnumDisplaySettingsW
SetWindowPos
ChangeDisplaySettingsW
CloseClipboard
EnumDisplayDevicesW
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
AdjustWindowRect
GetDC
InvalidateRect
GetWindowTextLengthW
SendMessageW
MessageBoxW
EndDialog
GetRawInputData
PostQuitMessage
EndPaint
BeginPaint
DefWindowProcW
DestroyWindow
DialogBoxParamW
RegisterRawInputDevices
LoadIconW
CallWindowProcW
SetFocus
SetWindowTextW
GetWindowTextW
UpdateWindow
ShowWindow
GetWindowLongW
CreateWindowExW
GetSystemMetrics
RegisterClassExW
LoadCursorW
MoveWindow

gdi32

SetPixelFormat
SwapBuffers
CreateFontW
ChoosePixelFormat

winmm

timeGetTime
timeEndPeriod
timeBeginPeriod

setupapi

SetupDiOpenDevRegKey
SetupDiEnumDeviceInfo
SetupDiGetClassDevsExW
SetupDiGetDeviceRegistryPropertyW

ssleay32

ord12
ord8
ord183
ord110
ord174
ord74

libeay32

ord88
ord89
ord52
ord67
ord3212
ord233
ord198

xinput9_1_0

XInputGetState

ws2_32

freeaddrinfo
recvfrom
sendto
gethostbyname
htonl
inet_addr
getaddrinfo
ntohs
listen
closesocket
select
__WSAFDIsSet
connect
WSAGetLastError
accept
recv
send
getsockname
shutdown
ntohl
WSACleanup
WSAStartup
socket
bind
ioctlsocket
setsockopt
htons

opengl32

glDrawBuffer
glReadBuffer
glGenTextures
glDeleteTextures
glBindTexture
glDisable
glPolygonOffset
glEnable
glReadPixels
glPixelStorei
glDepthRange
glDepthMask
glCullFace
glFrontFace
glDrawElements
glDrawArrays
glGetError
glClear
glViewport
glGetString
glClearColor
glFogf
glFogfv
glColorMask
glDepthFunc
glBlendFunc
glFogi
glShadeModel
glClearDepth
wglGetProcAddress
glGetIntegerv
wglDeleteContext
wglMakeCurrent
wglCreateContext
glTexImage2D
glTexParameteri

openal32

alSourcePause
alSourcePlay
alSourceStop
alGetSourcei
alListenerfv
alBufferData
alDeleteBuffers
alDeleteSources
alListener3f
alcDestroyContext
alSourcef
alSourcei
alSource3f
alGenSources
alcCloseDevice
alcMakeContextCurrent
alcCreateContext
alcOpenDevice
alGetError
alGenBuffers

dbghelp

ImageDirectoryEntryToData

advapi32

RegisterEventSourceA
RegOpenKeyExA
RegQueryValueExA
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegEnumValueA
RegCloseKey
DeregisterEventSource
ReportEventA

shell32

SHGetFolderPathW

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 360KB - Virtual size: 359KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af66c29121c8a6eef06cf6537a9d1428

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winmm

setupapi

ssleay32

libeay32

xinput9_1_0

ws2_32

opengl32

openal32

dbghelp

advapi32

shell32

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 360KB - Virtual size: 359KB

.data Size: 24KB - Virtual size: 39KB

.rsrc Size: 48KB - Virtual size: 48KB

.reloc Size: 89KB - Virtual size: 88KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 360KB - Virtual size: 359KB

.data
Size: 24KB - Virtual size: 39KB

.rsrc
Size: 48KB - Virtual size: 48KB

.reloc
Size: 89KB - Virtual size: 88KB