C:\Programacion\HR1_New\builds\HiddenRunaway.pdb
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-21_4a17a34c09592072a4d293394d9fdff5_mafia.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-04-21_4a17a34c09592072a4d293394d9fdff5_mafia.exe
Resource
win10v2004-20240412-en
General
-
Target
2024-04-21_4a17a34c09592072a4d293394d9fdff5_mafia
-
Size
1.4MB
-
MD5
4a17a34c09592072a4d293394d9fdff5
-
SHA1
cc4f82d1374a1b6af7853a19ee908e0652e15f46
-
SHA256
98865ff1caea0b64dd0a548a096f2e14abd4bc78886ee1d44104265b3d3c6025
-
SHA512
8217618529875164322414d94ba5c8f1a78529b15180a6a912800ea5eb35d858f659df7c2fd4e0a750f1bbf0e72b2d44d038369c4ae20cdd7eae83c509a275b0
-
SSDEEP
24576:PNh8/qi8d++xX/SwItxN9x5TXXEkbPdsK2a9DYPQ6R4xBzyAxG6XZmz8r2NVArRb:PT5X/SDVXTVPd52a949R4TyAs6Y8r2N/
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-04-21_4a17a34c09592072a4d293394d9fdff5_mafia
Files
-
2024-04-21_4a17a34c09592072a4d293394d9fdff5_mafia.exe windows:5 windows x86 arch:x86
75f2655788bc439f022bdef8725dc7dc
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
openal32
alDeleteBuffers
alSourceUnqueueBuffers
alIsExtensionPresent
alGenSources
alIsBuffer
alSourcePlay
alSourcei
alIsSource
alGenBuffers
alSourceStop
alDeleteSources
alGetBufferi
alSourcePause
alBufferData
alGetSourcei
alGetEnumValue
alSourceQueueBuffers
alGetError
alListenerf
alListenerfv
alDistanceModel
alSourcef
alSource3f
alSource3i
alGetSourcef
alcCloseDevice
alcCreateContext
alcOpenDevice
alcMakeContextCurrent
alcGetContextsDevice
alGetProcAddress
alcGetString
alcIsExtensionPresent
alcDestroyContext
alcGetCurrentContext
pthreadvc2
pthread_join
pthread_create
pthread_setcancelstate
pthread_attr_setdetachstate
pthread_cancel
pthread_testcancel
pthread_attr_init
pthread_mutex_unlock
pthread_mutex_lock
pthread_attr_destroy
pthread_setcanceltype
shell32
SHGetSpecialFolderPathA
ShellExecuteA
SHCreateDirectoryExA
user32
LoadCursorA
ChangeDisplaySettingsA
RegisterClassA
MessageBeep
SetCursor
GetMessageA
PostQuitMessage
GetSystemMetrics
TranslateMessage
ShowCursor
CreateWindowExA
PeekMessageA
DefWindowProcA
ShowWindow
DispatchMessageA
AdjustWindowRectEx
SetWindowPos
LoadIconA
ReleaseDC
UnregisterClassA
SetWindowLongA
GetDC
SetFocus
SetForegroundWindow
DestroyWindow
MessageBoxA
gdi32
SetPixelFormat
SwapBuffers
ChoosePixelFormat
opengl32
glGetError
glDisable
glGetString
glShadeModel
glColorPointer
glDrawArrays
wglMakeCurrent
glLoadMatrixf
glTexParameteri
glPopMatrix
glReadPixels
glDisableClientState
glPushMatrix
glRotatef
glNormalPointer
glScalef
glTexEnvf
glMatrixMode
glTexEnvi
glViewport
glVertexPointer
glTranslatef
glTexCoordPointer
glLightfv
glEnable
glGenTextures
glHint
wglDeleteContext
glLoadIdentity
glLightModelfv
wglGetProcAddress
glBindTexture
glOrtho
glTexSubImage2D
glClearColor
glClear
glDepthFunc
glEnableClientState
wglCreateContext
glClearDepth
glDeleteTextures
glTexImage2D
avcodec-54
ord76
ord72
ord114
ord124
ord71
ord25
ord106
ord98
ord78
ord94
ord126
avformat-54
ord66
ord47
ord57
ord52
ord37
ord41
ord55
swscale-2
ord261
ord243
ord250
avutil-51
ord53
ord100
ord160
kernel32
CreateFileA
LoadLibraryW
FlushFileBuffers
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetLocaleInfoW
GetStringTypeW
IsValidCodePage
GetOEMCP
GetACP
GetConsoleMode
GetConsoleCP
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
WriteFile
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
HeapCreate
ExitProcess
GetModuleHandleW
HeapSize
CloseHandle
WriteConsoleW
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetHandleCount
ReadFile
SetFilePointer
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LCMapStringW
RtlUnwind
GetCPInfo
RaiseException
CreateDirectoryA
HeapReAlloc
HeapAlloc
GetSystemTimeAsFileTime
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapFree
GetLastError
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
DecodePointer
EncodePointer
MultiByteToWideChar
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
GetProcAddress
SetEndOfFile
GetProcessHeap
CreateFileW
GetFileType
Sleep
FindFirstFileA
RemoveDirectoryA
FindClose
FindNextFileA
GetSystemTime
DeleteFileA
OutputDebugStringA
GetModuleHandleA
GetTickCount
Sections
.text Size: 965KB - Virtual size: 964KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 146KB - Virtual size: 145KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 2.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 221KB - Virtual size: 221KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 83KB - Virtual size: 83KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ