2024-04-11_18874d84306f30fca6e46912e3722e70_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-11_18874d84306f30fca6e46912e3722e70_mafia
Size

720KB
MD5

18874d84306f30fca6e46912e3722e70
SHA1

f6de497e13f00fa0f2cf5341f84dd946a4507941
SHA256

edc2cdfe5f9628e9c52f8daf37c2aedbefcbd8f954c20fffc101c7b35bf112cf
SHA512

5a1d36b12ed44c64fe3aef42ab92b60091402752db5293a49a55c2933de00443b1b85e7a69ac6281f1d70f6313eace1f2b47d32b1f50011d0007a39964387608
SSDEEP

12288:cwfvt5guESRbMO/rbcgi4UFHSK9AAAG07HJ9TA3DP047jBf5:NIuHVUJ9j7Y9T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-11_18874d84306f30fca6e46912e3722e70_mafia

Files

2024-04-11_18874d84306f30fca6e46912e3722e70_mafia
.exe windows:5 windows x86 arch:x86

6f21da2507944ce6d7380be9f3a5507b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
GetLastError
SetFilePointer
CloseHandle
CreateFileW
GetFileAttributesW
GetFileAttributesExW
MoveFileExW
DeleteFileW
RemoveDirectoryW
CreateDirectoryW
WideCharToMultiByte
GetCurrentDirectoryW
GetLongPathNameW
GetSystemDirectoryW
GetTempPathW
GetSystemTimeAsFileTime
InterlockedExchange
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
Sleep
GetCurrentProcessId
GetCurrentProcess
GetStdHandle
GetStartupInfoW
TerminateProcess
WaitForSingleObject
GetSystemInfo
GetEnvironmentVariableW
GetVersionExW
GetComputerNameW
FindClose
FindNextFileW
FindFirstFileW
TlsFree
TlsGetValue
TlsSetValue
GetExitCodeThread
GetCurrentThreadId
SetEvent
TlsAlloc
SetThreadPriority
GetTimeZoneInformation
CreateEventW
LeaveCriticalSection
GetConsoleScreenBufferInfo
ReadFile
SetConsoleTextAttribute
FreeLibrary
LoadLibraryW
FlushFileBuffers
EncodePointer
DecodePointer
InitializeCriticalSection
MultiByteToWideChar
RtlUnwind
RaiseException
GetCommandLineW
HeapSetInformation
HeapFree
HeapReAlloc
HeapAlloc
ExitThread
CreateThread
LCMapStringW
GetCPInfo
IsProcessorFeaturePresent
GetModuleHandleW
SetLastError
GetProcAddress
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
QueryPerformanceCounter
GetTickCount
GetLocaleInfoW
HeapSize
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetStdHandle
CompareStringW
SetEnvironmentVariableA
GetModuleFileNameW
InterlockedIncrement
WriteConsoleW
EnterCriticalSection
GetConsoleMode
InterlockedDecrement

iphlpapi

GetAdaptersInfo

advapi32

RegCreateKeyExW
RegSetValueExW
RegCloseKey
ReportEventW
DeregisterEventSource
RegisterEventSourceW

Sections

.text
Size: 442KB - Virtual size: 441KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f21da2507944ce6d7380be9f3a5507b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

iphlpapi

advapi32

Sections

.text Size: 442KB - Virtual size: 441KB

.rdata Size: 183KB - Virtual size: 183KB

.data Size: 18KB - Virtual size: 28KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 74KB - Virtual size: 74KB

.text
Size: 442KB - Virtual size: 441KB

.rdata
Size: 183KB - Virtual size: 183KB

.data
Size: 18KB - Virtual size: 28KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 74KB - Virtual size: 74KB