2024-04-10_007defd8bf27daa55797649f19f910fd_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-10_007defd8bf27daa55797649f19f910fd_mafia
Size

634KB
MD5

007defd8bf27daa55797649f19f910fd
SHA1

7159c4f88dd064a58928689681e6f6ac82fa9907
SHA256

3bf7888bdca6bb664908c728c159d02508af1c6bb2b7a3beaf8e7e64f2bad418
SHA512

cd7bd7297b632e5a3bc088635c93f121242321d32bb01a75f47e3de1cc5e5edebae7cd5cba99a341e41cd5dc785848abeb6e02267daa8be05ab24a10b0b1445e
SSDEEP

12288:pmm7XOW5HVGOdXe8DddK6jX18VTNEDGZPBqatSN9FH6SExo:0mf1e8PK6jF8VJEstSN9FHk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-10_007defd8bf27daa55797649f19f910fd_mafia

Files

2024-04-10_007defd8bf27daa55797649f19f910fd_mafia
.exe windows:5 windows x86 arch:x86

24175544b9ef46e1fd736805a2b44d1f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\UPenn Spring 2014\Physical Based Animation\HW3\SmokeSimStarterKit\SmokeSim\Debug\SmokeSim.pdb

Imports

opengl32

glClearColor
glGetDoublev
glLoadMatrixf
glLoadIdentity
glMatrixMode
glEnd
glVertex3dv
glColor4f
glBegin
glColor4dv
glPopAttrib
glVertex3d
glColor3f
glDisable
glPushAttrib
glPopMatrix
glNormal3d
glScaled
glTranslated
glPushMatrix
glViewport
glRasterPos2f
glClear
glCullFace
glReadPixels
glLineWidth
glVertex3f
glGetIntegerv
glEnable
glBlendFunc
glDepthFunc
glShadeModel

glu32

gluProject
gluUnProject
gluPerspective
gluOrtho2D

glut32

glutPostRedisplay
glutAttachMenu
glutDetachMenu
glutSetMenu
glutGetModifiers
glutTimerFunc
glutBitmapCharacter
glutSwapBuffers
glutMainLoop
glutAddSubMenu
glutAddMenuEntry
glutReshapeFunc
glutMotionFunc
glutMouseFunc
glutSpecialFunc
glutKeyboardFunc
glutDisplayFunc
glutInitWindowPosition
glutInitWindowSize
glutInitDisplayMode
__glutInitWithExit
__glutCreateWindowWithExit
__glutCreateMenuWithExit

kernel32

VirtualQuery
GetProcessHeap
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
SetStdHandle
GetOEMCP
GetACP
GetLocaleInfoW
FreeLibrary
HeapSize
HeapDestroy
HeapCreate
CloseHandle
SetFilePointer
ReadFile
GetStartupInfoW
SetHandleCount
FatalAppExitA
InitializeCriticalSectionAndSpinCount
CreateFileA
CreateFileW
SetEndOfFile
IsValidCodePage
InterlockedCompareExchange
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WriteFile
SetConsoleCtrlHandler
GetCurrentThread
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LoadLibraryW
lstrlenA
IsDebuggerPresent
IsProcessorFeaturePresent
GetCPInfo
LCMapStringW
HeapSetInformation
GetCommandLineA
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
EncodePointer
DecodePointer
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
RtlUnwind
RaiseException
GetSystemTimeAsFileTime
WriteConsoleW
GetFileType
GetStdHandle
GetModuleFileNameW
GetLastError
HeapFree
GetProcAddress
GetModuleHandleW
ExitProcess
HeapAlloc
HeapReAlloc

Sections

.textbss
Size: - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 506KB - Virtual size: 506KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24175544b9ef46e1fd736805a2b44d1f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

opengl32

glu32

glut32

kernel32

Sections

.textbss Size: - Virtual size: 236KB

.text Size: 506KB - Virtual size: 506KB

.rdata Size: 94KB - Virtual size: 93KB

.data Size: 10KB - Virtual size: 24KB

.idata Size: 5KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 17KB - Virtual size: 16KB

.textbss
Size: - Virtual size: 236KB

.text
Size: 506KB - Virtual size: 506KB

.rdata
Size: 94KB - Virtual size: 93KB

.data
Size: 10KB - Virtual size: 24KB

.idata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 17KB - Virtual size: 16KB