2024-04-24_396b5817d256346db179a2a300f3d34d_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-04-24_396b5817d256346db179a2a300f3d34d_mafia
Size

441KB
MD5

396b5817d256346db179a2a300f3d34d
SHA1

f6ba35bf02d2bc6fe2935831b3b4bc0b4cd02934
SHA256

d5715454b459704be5047d7273d12eaa28ac61cc18bc7b9340c5cee808f566fa
SHA512

8f87f3e7913f1f8fd0455ef0394d25f8816338d8b6b4a269108d1e0f82663a8a225eb5bea8334d456f605e314ab8a602d157b00c8a4943ac80989f780d65c0f2
SSDEEP

12288:F45aOpwkd1Xk2fl/5WUqQ/ZFJ63lsibDe1dl:FT8aUqQEVVG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-24_396b5817d256346db179a2a300f3d34d_mafia

Files

2024-04-24_396b5817d256346db179a2a300f3d34d_mafia
.exe windows:5 windows x86 arch:x86

a4d7a86a6f7f390a0bef954d671bc494

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

icuuc51

??4UnicodeString@icu_51@@QAEAAV01@ABV01@@Z
?handleReplaceBetween@UnicodeString@icu_51@@UAEXHHABV12@@Z
?hasMetaData@UnicodeString@icu_51@@UBECXZ
?copy@UnicodeString@icu_51@@UAEXHHH@Z
?toLower@UnicodeString@icu_51@@QAEAAV12@XZ
??0UnicodeString@icu_51@@QAE@ABV01@@Z
??0UnicodeString@icu_51@@QAE@PB_W@Z
??0UnicodeString@icu_51@@QAE@_W@Z
?clone@UnicodeString@icu_51@@UBEPAVReplaceable@2@XZ
?getDynamicClassID@UnicodeString@icu_51@@UBEPAXXZ
?getLength@UnicodeString@icu_51@@MBEHXZ
?getCharAt@UnicodeString@icu_51@@MBE_WH@Z
?getChar32At@UnicodeString@icu_51@@MBEHH@Z
u_strlen_51
??0UnicodeString@icu_51@@QAE@CPB_WH@Z
u_toupper_51
u_strchr_51
u_isWhitespace_51
?extractBetween@UnicodeString@icu_51@@UBEXHHAAV12@@Z
?doCharAt@UnicodeString@icu_51@@ABE_WH@Z
??AUnicodeString@icu_51@@QBE_WH@Z
?getTerminatedBuffer@UnicodeString@icu_51@@QAEPB_WXZ
?setCharAt@UnicodeString@icu_51@@QAEAAV12@H_W@Z
?toUpper@UnicodeString@icu_51@@QAEAAV12@XZ
??0UnicodeString@icu_51@@QAE@ABV01@HH@Z
??0UnicodeString@icu_51@@QAE@PB_WH@Z
??1UnicodeString@icu_51@@UAE@XZ
u_isupper_51
u_islower_51
uloc_getDefault_51
ucnv_open_51
ucnv_close_51
u_errorName_51
uloc_setDefault_51
ucnv_getDefaultName_51
u_strCaseCompare_51
u_strToUTF8_51
u_strFromUTF8_51
u_strcmp_51
u_strncmp_51
??0UnicodeString@icu_51@@QAE@ABV01@H@Z
u_strncpy_51
?truncate@UnicodeString@icu_51@@QAECH@Z
?remove@UnicodeString@icu_51@@QAEAAV12@HH@Z
??YUnicodeString@icu_51@@QAEAAV01@H@Z
?append@UnicodeString@icu_51@@QAEAAV12@ABV12@@Z
?findAndReplace@UnicodeString@icu_51@@QAEAAV12@ABV12@0@Z
?lastIndexOf@UnicodeString@icu_51@@QBEHPB_WHH@Z
u_isdigit_51
??0UnicodeString@icu_51@@QAE@XZ
??3UMemory@icu_51@@SAXPAX@Z
u_ispunct_51
?length@UnicodeString@icu_51@@QBEHXZ
ucnv_setDefaultName_51
ucnv_toUChars_51
u_cleanup_51
u_init_51

icuio51

u_fflush_51
u_fputc_51
u_fprintf_51
u_fclose_51
u_fgetcx_51
u_fungetc_51
u_feof_51
u_fgets_51
u_file_read_51
u_fgetfile_51
u_finit_51
u_fgetc_51
u_sscanf_u_51
u_fprintf_u_51
u_sscanf_51

icuin51

uregex_openC_51
uregex_setText_51
uregex_find_51
uregex_close_51
uregex_group_51
uregex_groupCount_51
uregex_open_51
uregex_matches_51

kernel32

InterlockedExchange
GetModuleFileNameW
GetFileType
WriteConsoleW
CreateFileW
HeapReAlloc
SetFilePointer
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetACP
GetStringTypeW
HeapSize
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetLocaleInfoW
LoadLibraryW
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetStartupInfoW
InitializeCriticalSectionAndSpinCount
SetHandleCount
HeapCreate
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LCMapStringW
HeapAlloc
RtlUnwind
RaiseException
GetCPInfo
HeapSetInformation
GetCommandLineA
ExitProcess
GetModuleHandleW
HeapFree
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateMutexW
GetCurrentProcess
WaitForSingleObject
SetEvent
FormatMessageA
WriteFile
TerminateThread
GetExitCodeProcess
CreateProcessA
TerminateProcess
ReadFile
GetStdHandle
GetLastError
SetStdHandle
ResetEvent
GetExitCodeThread
CreateEventW
WaitForMultipleObjects
CreatePipe
DuplicateHandle
ReleaseMutex
CloseHandle
LocalFree
CreateThread
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
Sleep
MultiByteToWideChar
EncodePointer
DecodePointer
GetProcAddress

Sections

.text
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4d7a86a6f7f390a0bef954d671bc494

Headers

DLL Characteristics

File Characteristics

Imports

icuuc51

icuio51

icuin51

kernel32

Sections

.text Size: 344KB - Virtual size: 343KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 7KB - Virtual size: 19KB

.rsrc Size: 512B - Virtual size: 504B

.reloc Size: 21KB - Virtual size: 20KB

.text
Size: 344KB - Virtual size: 343KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 7KB - Virtual size: 19KB

.rsrc
Size: 512B - Virtual size: 504B

.reloc
Size: 21KB - Virtual size: 20KB