2024-05-30_2a788198ffc471dfc2a4d0045274e155_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-30_2a788198ffc471dfc2a4d0045274e155_mafia
Size

128KB
MD5

2a788198ffc471dfc2a4d0045274e155
SHA1

065d3bef40367be62cce67202a02a3bbcf46a0e9
SHA256

f1fe4216287a2c8213a983a86670c7c6fa4b539384c2d9e9bb515f92b3feb819
SHA512

f44846ebd448842c79275ce7b3a64f2d7773fcbe1b13c02152ed527e8ab71bfccec4e007550d80be4af9d35f3b05e114b9eb959c3732bca496d1a809346fb0aa
SSDEEP

1536:rk2EOG8iXJmfqVZ9d3Ow88u5oJpBLGpHC7wVehUJiYpndB2GOR7h5bDV4W:omRi5mfgnhu5cMH340BYllDV4W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-30_2a788198ffc471dfc2a4d0045274e155_mafia

Files

2024-05-30_2a788198ffc471dfc2a4d0045274e155_mafia
.exe windows:5 windows x86 arch:x86

75c4f4936340fa339d6866712ce5080c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCommTimeouts
SetupComm
SetCommState
GetCommState
CreateFileA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleFileNameA
CloseHandle
WriteFile
ReadFile
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
MultiByteToWideChar
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
EncodePointer
DecodePointer
GetLastError
HeapFree
RaiseException
RtlUnwind
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
GetCommandLineA
HeapSetInformation
GetCPInfo
HeapAlloc
LCMapStringW
HeapCreate
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThreadId
GetProcAddress
GetACP
GetOEMCP
IsValidCodePage
CreateFileW
InitializeCriticalSectionAndSpinCount
ExitProcess
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeW
GetLocaleInfoW
HeapSize
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
FlushFileBuffers
SetFilePointer
HeapReAlloc
WriteConsoleW
LoadLibraryW
SetStdHandle

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75c4f4936340fa339d6866712ce5080c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 90KB - Virtual size: 90KB

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 6KB - Virtual size: 14KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 90KB - Virtual size: 90KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 6KB - Virtual size: 14KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 7KB - Virtual size: 7KB