2024-05-08_106a58a4b5fa3124b63f21bb6bf9cdd0_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-08_106a58a4b5fa3124b63f21bb6bf9cdd0_mafia
Size

282KB
MD5

106a58a4b5fa3124b63f21bb6bf9cdd0
SHA1

1771d7aa08723692c2ceb670a71ebb51599a4d2a
SHA256

8be51b233a66a6a84a9369b19bfc5d57273c0fc160870a485a7e88825b9eb87c
SHA512

78cf49eb3bced2b41ce4dd3b926a6bd5cb09a1b4386fb1ceed5540b7790946e9f04e2f535fe371152dfedbf97acf005339915fec20c006d61cf9975dc2200d72
SSDEEP

6144:W5GXPbDfNFhpCCzrRxnhr36BIgGogqryLIPcetk4Rw1r:WIzrRxnZKBIgR5yLNwkW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-08_106a58a4b5fa3124b63f21bb6bf9cdd0_mafia

Files

2024-05-08_106a58a4b5fa3124b63f21bb6bf9cdd0_mafia
.exe windows:5 windows x86 arch:x86

90ce33253fb235ea4d25d1d90382262c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\nakamura\src\ninja\ninja.pdb

Imports

kernel32

ExitProcess
SetHandleInformation
FormatMessageA
GetLastError
GetSystemInfo
LocalFree
GetCommandLineA
QueryPerformanceCounter
QueryPerformanceFrequency
GetFileAttributesExA
FindFirstFileExA
FindClose
FindNextFileA
GetVersionExA
CreateFileA
GetCurrentProcess
GetProcAddress
LoadLibraryA
GetCurrentThreadId
CloseHandle
GetCurrentProcessId
GetTempPathA
DeleteFileA
WaitForSingleObject
GetExitCodeProcess
CreateProcessA
ReadFile
GetStdHandle
CreatePipe
WriteConsoleOutputA
SetConsoleCursorPosition
GetConsoleScreenBufferInfo
GetQueuedCompletionStatus
ConnectNamedPipe
GenerateConsoleCtrlEvent
GetOverlappedResult
CreateNamedPipeA
GetProcessId
SetConsoleCtrlHandler
PostQueuedCompletionStatus
CreateIoCompletionPort
DuplicateHandle
GetFullPathNameA
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetDriveTypeW
HeapSetInformation
SetEndOfFile
HeapFree
HeapAlloc
GetProcessHeap
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
MultiByteToWideChar
MoveFileA
CreateDirectoryA
RaiseException
RtlUnwind
WideCharToMultiByte
LCMapStringW
GetCPInfo
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
IsProcessorFeaturePresent
SetHandleCount
GetStartupInfoW
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetModuleFileNameW
GetLocaleInfoW
GetCurrentDirectoryW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
GetTickCount
GetSystemTimeAsFileTime
SetFilePointer
CreateFileW
SetEnvironmentVariableW
HeapSize
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
HeapReAlloc
LoadLibraryW
WriteConsoleW
CompareStringW

Sections

.text
Size: 230KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90ce33253fb235ea4d25d1d90382262c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Sections

.text Size: 230KB - Virtual size: 229KB

.rdata Size: 33KB - Virtual size: 33KB

.data Size: 6KB - Virtual size: 13KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 230KB - Virtual size: 229KB

.rdata
Size: 33KB - Virtual size: 33KB

.data
Size: 6KB - Virtual size: 13KB

.reloc
Size: 12KB - Virtual size: 11KB