2024-06-08_e15ac9cc66be1325a760930c2d38208a_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-08_e15ac9cc66be1325a760930c2d38208a_mafia
Size

1.4MB
MD5

e15ac9cc66be1325a760930c2d38208a
SHA1

57b53de30910e9c7a0bb8ea0e0fc877e820a6b6e
SHA256

681ab817685a27505de867de09df57a0ff2a26ca15dfcff1e89caf2b5d79ff69
SHA512

5180aabd65e869f3e79d59482ba803b554106ffad4e07dc9c238247b9363ba037914e0b736fb0ca4b0e180d48f59e5c754aa1e06a3dbe705cf4d671ea09dd5be
SSDEEP

24576:KZgrfkgixAhl/I/qFdR9VVRWHWwNt1BkA4+T5gTmnfsQ:nrfkg6Cl/zW9Nt1aA4i5gTUfsQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-08_e15ac9cc66be1325a760930c2d38208a_mafia

Files

2024-06-08_e15ac9cc66be1325a760930c2d38208a_mafia
.exe windows:5 windows x86 arch:x86

c8400a15bbf98373f8e9895825ed4a63

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetProcessMemoryInfo

kernel32

IsValidLocale
CloseHandle
OpenProcess
GetProcessTimes
FlushFileBuffers
GetLastError
SetFilePointer
CreateFileA
GetStdHandle
ReadFile
SetEndOfFile
CreateFileW
DeviceIoControl
HeapReAlloc
GetFileAttributesW
GetFileTime
SetLastError
GetProcAddress
GetModuleHandleA
MultiByteToWideChar
AreFileApisANSI
WideCharToMultiByte
LocalFree
FormatMessageA
SetStdHandle
WriteConsoleW
DeleteCriticalSection
EnumSystemLocalesA
GetLocaleInfoA
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
GetLocaleInfoW
GetStringTypeW
HeapFree
GetSystemTimeAsFileTime
GetModuleHandleW
ExitProcess
GetCommandLineA
HeapSetInformation
RtlUnwind
RaiseException
GetCurrentProcessId
HeapAlloc
GetTimeFormatA
GetDateFormatA
SetEnvironmentVariableA
GetCPInfo
LCMapStringW
CompareStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
IsProcessorFeaturePresent
HeapCreate
WriteFile
GetConsoleCP
GetConsoleMode
HeapSize
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
LoadLibraryW
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetTimeZoneInformation
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c8400a15bbf98373f8e9895825ed4a63

Headers

DLL Characteristics

File Characteristics

Imports

psapi

kernel32

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 214KB - Virtual size: 213KB

.data Size: 44KB - Virtual size: 54KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 117KB - Virtual size: 117KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 214KB - Virtual size: 213KB

.data
Size: 44KB - Virtual size: 54KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 117KB - Virtual size: 117KB