2024-05-10_69c1b9447641a2dd2d64717639b68a03_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-10_69c1b9447641a2dd2d64717639b68a03_mafia
Size

378KB
MD5

69c1b9447641a2dd2d64717639b68a03
SHA1

ba558c72654d4c77372ed448b58616962892f26e
SHA256

c4426e03d4ed5f06942ade5a46183d53d968bd48932bfc3875f1f63e810e3033
SHA512

72b8a8bc538e29cfe7ccaa755fef3abafc9958f2abec12e4f8b2a414b4097792ff8697e18f5771df6bc5423fedc40e0756b68747796e5a660ac00bcf4f9af8dd
SSDEEP

6144:w/U5lNGs9qQWbmvCwIASQELNzZisCw71GjmjzV5l:wsvMK9TjnqNDt1Gjmj9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-10_69c1b9447641a2dd2d64717639b68a03_mafia

Files

2024-05-10_69c1b9447641a2dd2d64717639b68a03_mafia
.exe windows:5 windows x86 arch:x86

e95812e7fc53467da0e070fd84812134

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\SOURCE\trunk\Z80_ICE\z80_debugger\z80_debugger\Release\z80_debugger.pdb

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

ws2_32

WSAStartup
WSAGetLastError
htons
setsockopt
connect
recv
socket
closesocket
gethostbyname
send
WSAIoctl

kernel32

GetLocaleInfoW
HeapCreate
Sleep
QueryPerformanceCounter
GetSystemTimeAsFileTime
FileTimeToSystemTime
QueryPerformanceFrequency
CreateFileA
GetCommState
WriteFile
SetCommState
SetCommTimeouts
ReadFile
FlushFileBuffers
GetLastError
CloseHandle
CreateMutexW
WaitForSingleObject
ReleaseMutex
GetFullPathNameA
HeapAlloc
HeapFree
GetModuleHandleW
GetProcessHeap
GetVersionExW
GetModuleFileNameW
GetModuleFileNameA
CreateThread
GetFileSize
SetEndOfFile
SetFilePointer
SetStdHandle
GetStdHandle
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
IsProcessorFeaturePresent
GetProcAddress
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LCMapStringW
RtlUnwind
GetCPInfo
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineW
GetTimeZoneInformation
GetDateFormatA
GetTimeFormatA
ExitProcess
GetFileType
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
DecodePointer
EncodePointer
MultiByteToWideChar
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
HeapSize
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
GetCurrentProcessId
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
HeapReAlloc
WriteConsoleW
LoadLibraryW
CreateFileW
CompareStringW
SetEnvironmentVariableA
GetACP
IsValidCodePage
GetOEMCP

user32

DestroyWindow
TranslateAcceleratorW
SetTimer
InsertMenuItemA
GetMessageW
PostQuitMessage
KillTimer
GetSubMenu
DialogBoxParamW
LoadCursorW
GetClientRect
TranslateMessage
LoadAcceleratorsW
GetMenu
RegisterClassExW
LoadIconW
EnableMenuItem
LoadStringW
ShowWindow
RemoveMenu
MessageBoxW
UpdateWindow
DefWindowProcW
CheckMenuItem
DispatchMessageW
EndPaint
SendMessageA
BeginPaint
GetWindowLongW
CreateWindowExA
SetWindowLongW
GetSysColor
CreateWindowExW
CallWindowProcW
GetWindowRect
GetParent
SetFocus
wsprintfW
OffsetRect
GetWindowTextA
GetWindowTextW
GetDlgItem
EndDialog
GetDesktopWindow
SetWindowPos
SetWindowTextA
SendMessageW
EnableWindow
GetDlgCtrlID
CopyRect
GetSystemMetrics
MessageBoxA

gdi32

SetBkMode
MoveToEx
LineTo
SetTextColor
DeleteObject
SelectObject
CreateFontW
CreatePen
RoundRect
CreateSolidBrush

comdlg32

GetOpenFileNameA

comctl32

ord17

shell32

ShellExecuteA

winmm

timeSetEvent
timeKillEvent

iphlpapi

GetAdaptersAddresses

Sections

.text
Size: 229KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 18.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e95812e7fc53467da0e070fd84812134

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

ws2_32

kernel32

user32

gdi32

comdlg32

comctl32

shell32

winmm

iphlpapi

Sections

.text Size: 229KB - Virtual size: 229KB

.rdata Size: 53KB - Virtual size: 52KB

.data Size: 10KB - Virtual size: 18.5MB

.rsrc Size: 15KB - Virtual size: 14KB

.reloc Size: 69KB - Virtual size: 69KB

.text
Size: 229KB - Virtual size: 229KB

.rdata
Size: 53KB - Virtual size: 52KB

.data
Size: 10KB - Virtual size: 18.5MB

.rsrc
Size: 15KB - Virtual size: 14KB

.reloc
Size: 69KB - Virtual size: 69KB