2024-05-21_9971ff095c2388f09ebbe1a1803730bc_karagany_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-21_9971ff095c2388f09ebbe1a1803730bc_karagany_mafia
Size

175KB
MD5

9971ff095c2388f09ebbe1a1803730bc
SHA1

b18d5e3c89d33df53447c2afa231ee026fdbecd8
SHA256

e4d4fba9f90d6ad1c37a64ec7fc39c9029035031d140ede8196b3c2874354a66
SHA512

18d6a7986b01b24aa865351f092a19d8bbf5980af832816831d9fc0d893a3c7d50476df85c143a47c4377d2e3e94c2f3008b4a31d8f21925f0abd14c7ad50751
SSDEEP

3072:RIaPSHc9LQItOzN6lgWW6jwecgZKN4Tib:RIaPcKVtOJ6lgWWY8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-21_9971ff095c2388f09ebbe1a1803730bc_karagany_mafia

Files

2024-05-21_9971ff095c2388f09ebbe1a1803730bc_karagany_mafia
.exe windows:5 windows x86 arch:x86

2a84363adab12d1ae9e67d44d61a1dd0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Malware\Desktop\zip\Inkie\McAfee FileInsight\bookmarks\project\bot.pdb

Imports

advapi32

GetUserNameA

crypt32

CryptBinaryToStringA
CryptStringToBinaryA

bcrypt

BCryptOpenAlgorithmProvider
BCryptGenRandom
BCryptEncrypt
BCryptCloseAlgorithmProvider
BCryptSetProperty
BCryptGenerateSymmetricKey
BCryptDecrypt
BCryptDestroyKey

wtsapi32

WTSEnumerateProcessesA
WTSFreeMemory

winhttp

WinHttpReceiveResponse
WinHttpSendRequest
WinHttpSetOption
WinHttpOpenRequest
WinHttpQueryDataAvailable
WinHttpConnect
WinHttpOpen
WinHttpCrackUrl
WinHttpReadData
WinHttpCloseHandle

wininet

InternetCloseHandle
InternetReadFile
InternetOpenA
InternetConnectA
InternetCrackUrlA
HttpOpenRequestA
HttpSendRequestA

shlwapi

HashData

ws2_32

freeaddrinfo
closesocket
send
connect
socket
WSACleanup
getaddrinfo
WSAStartup
htons
gethostbyname
sendto

urlmon

ObtainUserAgentString

kernel32

CreateFileW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
WriteConsoleW
SetStdHandle
FlushFileBuffers
GetStringTypeW
LCMapStringW
HeapReAlloc
GetConsoleMode
GetConsoleCP
SetFilePointer
RtlUnwind
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentProcessId
QueryPerformanceCounter
HeapDestroy
HeapCreate
GetStartupInfoW
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameW
GetStdHandle
GetCurrentThread
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetLocaleInfoW
LoadLibraryW
SetConsoleCtrlHandler
EncodePointer
EnterCriticalSection
FatalAppExitA
HeapFree
HeapAlloc
GetProcessHeap
LocalFree
LocalAlloc
ExitProcess
GetFileAttributesA
CloseHandle
WriteFile
GetLastError
Sleep
MultiByteToWideChar
CreateFileA
GetTempFileNameA
GetTempPathA
GetSystemPowerStatus
InterlockedExchange
WaitForSingleObject
CreateThread
lstrcmpiW
FreeLibrary
GetTickCount
GetCurrentProcess
GetModuleFileNameA
GetProcAddress
GetModuleHandleW
DecodePointer
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a84363adab12d1ae9e67d44d61a1dd0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

crypt32

bcrypt

wtsapi32

winhttp

wininet

shlwapi

ws2_32

urlmon

kernel32

Sections

.text Size: 132KB - Virtual size: 132KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 6KB - Virtual size: 14KB

.idata Size: 5KB - Virtual size: 5KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 132KB - Virtual size: 132KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 6KB - Virtual size: 14KB

.idata
Size: 5KB - Virtual size: 5KB

.reloc
Size: 5KB - Virtual size: 5KB