2024-04-10_2a704814c9d9252e058f940d16694364_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-10_2a704814c9d9252e058f940d16694364_mafia
Size

2.2MB
MD5

2a704814c9d9252e058f940d16694364
SHA1

4be36091fc87e7db43c1efbcc20460c37070a10f
SHA256

3a2172fd3f5ddd77ed4456b5679d089cdee2b97e6490dd3193b5d302bea3c8c5
SHA512

907aee47c1fafc2428ee03a829cae4cdb2ea795086645ebe96bb00ae1e05d12ae6d60ab0cd0f842d1b3e44751ea36486011ad2717bcff7291d1cdf4c9a2e3c78
SSDEEP

49152:WTFqjg1+/rHNgik5vlzAYWPu8f3Ie4tP8frqcpWqIcFVbTRh/YGWsUXf0lOVXYKt:WTFqjg1+/rHNgik5vlzAYWPu8f3Ie4t3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-10_2a704814c9d9252e058f940d16694364_mafia

Files

2024-04-10_2a704814c9d9252e058f940d16694364_mafia
.exe windows:5 windows x86 arch:x86

87ccef919ef725eb534a87a14690e3db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

ntohl
recv
WSAStartup
send
htonl
gethostbyname
htons
connect
setsockopt
WSACleanup
inet_ntoa
socket
closesocket

kernel32

GetConsoleCP
GetDateFormatA
GetTimeFormatA
VirtualQuery
DeleteFileA
GetVersionExA
SetThreadPriority
CreateProcessA
GetTempPathA
GetTempFileNameA
GetFullPathNameA
GetFileInformationByHandle
UnmapViewOfFile
GetHandleInformation
IsBadReadPtr
MapViewOfFile
CreateFileMappingA
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
RtlUnwind
GetCommandLineA
HeapSetInformation
HeapAlloc
GetLastError
HeapFree
HeapReAlloc
RaiseException
GetSystemTimeAsFileTime
HeapSize
DecodePointer
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
Sleep
GetProcAddress
GetModuleHandleW
ExitProcess
GetCPInfo
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentThread
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
MultiByteToWideChar
WriteFile
WideCharToMultiByte
GetProcessHeap
GetConsoleMode
FlushFileBuffers
SetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
IsProcessorFeaturePresent
GetTimeZoneInformation
SetConsoleCtrlHandler
InterlockedExchange
LoadLibraryW
LCMapStringW
WriteConsoleW
SetFilePointer
CloseHandle
CreateFileW
ReadFile
CompareStringW
SetEnvironmentVariableA
GetThreadLocale
LoadLibraryA
FormatMessageA
GetModuleHandleA
CreateFileA
VirtualAlloc
VirtualFree
FileTimeToLocalFileTime
GetLocalTime
SystemTimeToFileTime
WaitForSingleObject
ReleaseMutex
CreateMutexA
SetEndOfFile
SetErrorMode
InitializeCriticalSection
SetEvent
CreateEventA
ExitThread
TerminateThread
OpenFileMappingA

imagehlp

SymCleanup
SymInitialize
StackWalk

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 943KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87ccef919ef725eb534a87a14690e3db

Headers

DLL Characteristics

File Characteristics

Imports

wsock32

kernel32

imagehlp

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.text1 Size: 512B - Virtual size: 80B

.rdata Size: 280KB - Virtual size: 279KB

.data Size: 63KB - Virtual size: 943KB

.trace Size: 4KB - Virtual size: 3KB

.reloc Size: 157KB - Virtual size: 156KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.text1
Size: 512B - Virtual size: 80B

.rdata
Size: 280KB - Virtual size: 279KB

.data
Size: 63KB - Virtual size: 943KB

.trace
Size: 4KB - Virtual size: 3KB

.reloc
Size: 157KB - Virtual size: 156KB