2024-06-15_69625f146fa0294dea9a343e0c194d10_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-15_69625f146fa0294dea9a343e0c194d10_mafia
Size

1.1MB
MD5

69625f146fa0294dea9a343e0c194d10
SHA1

569871ee52b3d54d7100390c74e544e029533d84
SHA256

3a149f7be8703a6230b297902e950159306a1ad84e5d1db8d2d570490b36770b
SHA512

ea8bf68df63770412c1a308a0ac54870becdd59c7db13c78c140fcd7c4f30a43f0bc285d507929bb070219e2b327926577a5c37d79be6bd9ffd443b8158acde3
SSDEEP

24576:cxeYQ0bYFGiHfY+V+8CE25dG6SStDygBhFy1pL+Ka:Yec8FD/ltsDJFy1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-15_69625f146fa0294dea9a343e0c194d10_mafia

Files

2024-06-15_69625f146fa0294dea9a343e0c194d10_mafia
.exe windows:5 windows x86 arch:x86

fad9518847cbb3b71d80f69347cf1d40

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\usr\sqlite-src-3170000\build\sqlite3sh.pdb

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
GetCurrentProcess
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
GetStdHandle
FlushViewOfFile
InterlockedCompareExchange
GetProcessHeap
OutputDebugStringW
OutputDebugStringA
WaitForSingleObjectEx
WaitForSingleObject
WriteFile
WideCharToMultiByte
UnmapViewOfFile
UnlockFileEx
UnlockFile
SystemTimeToFileTime
Sleep
SetFilePointer
SetEndOfFile
ReadFile
QueryPerformanceCounter
MultiByteToWideChar
MapViewOfFile
LockFileEx
LockFile
LocalFree
LoadLibraryW
HeapCompact
HeapValidate
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GetVersionExW
GetVersionExA
GetTickCount
GetTempPathW
GetTempPathA
GetSystemTimeAsFileTime
GetSystemTime
GetSystemInfo
GetLastError
GetFullPathNameW
GetFullPathNameA
GetFileSize
GetFileAttributesExW
GetFileAttributesW
GetFileAttributesA
GetDiskFreeSpaceW
GetDiskFreeSpaceA
GetCurrentProcessId
FormatMessageW
FormatMessageA
FlushFileBuffers
DeleteFileW
DeleteFileA
CreateMutexW
CreateFileMappingW
CreateFileMappingA
CreateFileW
CreateFileA
CloseHandle
AreFileApisANSI
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
TryEnterCriticalSection
GetCurrentThreadId
InterlockedExchange
GetModuleHandleW
ExitProcess
DecodePointer
CreateProcessA
DuplicateHandle
ExitThread
CreateThread
EncodePointer
GetCommandLineW
HeapSetInformation
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
SetStdHandle
GetConsoleCP
GetConsoleMode
FatalAppExitA
IsProcessorFeaturePresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThread
SetConsoleCtrlHandler
GetLocaleInfoW
GetModuleFileNameW
RtlUnwind
CreatePipe
GetExitCodeProcess
LCMapStringW
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
WriteConsoleW
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
CompareStringW
SetEnvironmentVariableA

Sections

.text
Size: 981KB - Virtual size: 981KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fad9518847cbb3b71d80f69347cf1d40

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Sections

.text Size: 981KB - Virtual size: 981KB

.rdata Size: 93KB - Virtual size: 93KB

.data Size: 16KB - Virtual size: 26KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 27KB - Virtual size: 27KB

.text
Size: 981KB - Virtual size: 981KB

.rdata
Size: 93KB - Virtual size: 93KB

.data
Size: 16KB - Virtual size: 26KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 27KB - Virtual size: 27KB