2024-06-11_28b551c4428f5e7a4a079b59335063d6_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-11_28b551c4428f5e7a4a079b59335063d6_mafia
Size

1.6MB
MD5

28b551c4428f5e7a4a079b59335063d6
SHA1

774b4bdaed778c3aa42ff163382e49906952c426
SHA256

ff86c558ecf3c7c8a6b580e3848d0194502e864e627e984bac0262e55b4ba91b
SHA512

acca89f53f9ab8082afb8930cc2e7d943349c106307bd1614837f5504d24ca082a726115036c8c76d7b925cf425c61e591834c7167e8dee3aab11dd7c0cf0fae
SSDEEP

24576:9VfEcMNM43jfQLeP/TwSfVcYG3K/cJHlnFR+IGNe8j3Iz:LVtafPLNiXicJFFRGNzj3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-11_28b551c4428f5e7a4a079b59335063d6_mafia

Files

2024-06-11_28b551c4428f5e7a4a079b59335063d6_mafia
.exe windows:5 windows x86 arch:x86

3493f73a844ceb186d8e56106e8482e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathA

kernel32

RemoveDirectoryA
DeleteFileA
LocalFree
lstrcmpA
GetCommandLineA
WriteFile
CreateFileA
CreateDirectoryA
Sleep
GetCurrentProcessId
GetCurrentThreadId
GetLocalTime
FormatMessageW
SetHandleInformation
CreatePipe
GetExitCodeProcess
TerminateProcess
ReadFile
PeekNamedPipe
CreateProcessA
WideCharToMultiByte
SetDllDirectoryA
FindClose
GetLocaleInfoA
GetProcAddress
GetNativeSystemInfo
GetCurrentProcess
GetVersionExA
GetModuleFileNameA
GetTempPathA
GetTickCount
LoadLibraryW
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateMutexA
DecodePointer
GetLocaleInfoW
GetStringTypeW
RaiseException
RtlUnwind
HeapSetInformation
GetStartupInfoW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileExA
HeapFree
HeapAlloc
GetConsoleCP
GetConsoleMode
GetFileType
GetCPInfo
LCMapStringW
GetTimeFormatA
GetDateFormatA
GetLastError
IsProcessorFeaturePresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
GetOEMCP
IsValidCodePage
ExitProcess
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
HeapCreate
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetFullPathNameA
GetFileInformationByHandle
GetCurrentDirectoryW
FlushFileBuffers
SetFilePointer
SetStdHandle
WriteConsoleW
SetEndOfFile
GetProcessHeap
HeapSize
HeapReAlloc
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetTimeZoneInformation
GetDriveTypeW
CreateFileW
SetEnvironmentVariableA
WaitForSingleObject
CloseHandle
GetSystemDirectoryA
GlobalAlloc
EncodePointer
CompareStringW

user32

GetMessageA
TranslateMessage
DispatchMessageW
DispatchMessageA
PeekMessageA
MsgWaitForMultipleObjectsEx
IsWindowUnicode
GetMessageW

advapi32

RegCloseKey
RegDeleteValueA
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegEnumKeyA
RegCreateKeyExA

Sections

.text
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1.2MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3493f73a844ceb186d8e56106e8482e5

Headers

DLL Characteristics

File Characteristics

Imports

shell32

kernel32

user32

advapi32

Sections

.text Size: 260KB - Virtual size: 259KB

.rdata Size: 59KB - Virtual size: 59KB

.data Size: 10KB - Virtual size: 18KB

.rsrc Size: 31KB - Virtual size: 31KB

.reloc Size: 1.2MB - Virtual size: 1.9MB

.text
Size: 260KB - Virtual size: 259KB

.rdata
Size: 59KB - Virtual size: 59KB

.data
Size: 10KB - Virtual size: 18KB

.rsrc
Size: 31KB - Virtual size: 31KB

.reloc
Size: 1.2MB - Virtual size: 1.9MB