2024-05-14_008b90a3cbb67e600dcd202edec6cec1_mafia

General

Target

2024-05-14_008b90a3cbb67e600dcd202edec6cec1_mafia
Size

908KB
MD5

008b90a3cbb67e600dcd202edec6cec1
SHA1

e5b409bc7e7fe207d6b79368f252cb09f1424c19
SHA256

3fbbcac0f44562cbe9df2535db1d96e48dcebab8af28671bd07e1b6bdd0fb2b1
SHA512

60ddbf570b2275c188fb3ac222230cbb543c898c1b229312781016fad829fd9b561719ea6894bb96b1267b9fc256e76bc7344a94172093c510fe2042beb1bb0d
SSDEEP

12288:FVqXcx+1sHp+HB0XnpzMjL510IwTXIl/i:cr1sHp+HBspzM37ZwTYl/

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-14_008b90a3cbb67e600dcd202edec6cec1_mafia

Files

2024-05-14_008b90a3cbb67e600dcd202edec6cec1_mafia
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_maprintf
curl_mfprintf
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape

Sections

UPX0
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

UPX1
Size: 877KB - Virtual size: 880KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 1.6MB

UPX1 Size: 877KB - Virtual size: 880KB

.rsrc Size: 29KB - Virtual size: 32KB

UPX0
Size: - Virtual size: 1.6MB

UPX1
Size: 877KB - Virtual size: 880KB

.rsrc
Size: 29KB - Virtual size: 32KB