2024-06-20_1302fc232fefed83958486d42a24c9aa_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-20_1302fc232fefed83958486d42a24c9aa_mafia
Size

1.5MB
MD5

1302fc232fefed83958486d42a24c9aa
SHA1

0fcf4f72cd6c6247b13fdb99ea20459ef1207706
SHA256

df995610d391da0a10936d7cae6a6f362a0ff5e16785845ca33addde598e4d10
SHA512

b674efabab016750461bda3a84c0a2b1c88dd1af42a28f8d0980de246160784861888954ea273c569fa41aa6de85dfa79038db0a32854449a9e7665e3e796927
SSDEEP

24576:dEziOJ0Pf0T4PbnNtsW9R03WSoB3juA8GI0UlkW15f5/6TaSllUi3e:dEr+Uw7dRQqB3juykeSp5/6T9llj3e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-20_1302fc232fefed83958486d42a24c9aa_mafia

Files

2024-06-20_1302fc232fefed83958486d42a24c9aa_mafia
.exe windows:5 windows x86 arch:x86

c3ca591a88cf9146ab5ea2ddf505b614

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SwapBuffers

user32

CloseClipboard
OpenClipboard
SetClipboardData
FlashWindowEx
EmptyClipboard
GetClipboardData
MessageBoxA

ws2_32

send
recv
closesocket
listen
ioctlsocket
WSAStartup
connect
accept
recvfrom
sendto
socket
setsockopt
bind
WSAStringToAddressA
getaddrinfo
freeaddrinfo
htons
select
__WSAFDIsSet
WSAGetLastError

shell32

ShellExecuteA

opengl32

glVertexPointer
wglGetCurrentContext
wglGetCurrentDC
wglMakeCurrent
glOrtho
glLoadIdentity
glMatrixMode
glTexParameteri
glBindTexture
glScissor
glDisable
glBlendFunc
glEnable
glTexSubImage2D
glDeleteTextures
glTexImage2D
glGenTextures
glGetIntegerv
glClear
glClearColor
glDrawArrays
glEnableClientState
glColorPointer
glTexCoordPointer
glReadPixels
glPixelStorei
glDepthMask
glAlphaFunc
glFinish
glGetError

glu32

gluBuild2DMipmaps

libopusfile-0

op_channel_count
op_open_memory
op_pcm_total
op_read

sdl

SDL_ShowCursor
SDL_QuitSubSystem
SDL_GetWMInfo
SDL_GetAppState
SDL_WM_IconifyWindow
SDL_ListModes
SDL_JoystickGetAxis
SDL_Init
SDL_JoystickOpen
SDL_JoystickNumAxes
SDL_JoystickClose
SDL_JoystickEventState
SDL_OpenAudio
SDL_PauseAudio
SDL_CloseAudio
SDL_EnableUNICODE
SDL_SetVideoMode
SDL_WM_SetCaption
SDL_GL_SetAttribute
SDL_EventState
SDL_GetVideoInfo
SDL_GetError
SDL_InitSubSystem
SDL_EnableKeyRepeat
SDL_WasInit
SDL_Quit
SDL_GL_SwapBuffers
SDL_GL_GetProcAddress
SDL_WarpMouse
SDL_GetMouseState
SDL_GetRelativeMouseState
SDL_WM_GrabInput
SDL_PollEvent
SDL_GetKeyState

freetype

FT_Get_Kerning
FT_Load_Char
FT_Set_Pixel_Sizes
FT_Get_First_Char
FT_Load_Glyph
FT_Get_Next_Char
FT_New_Face
FT_Init_FreeType

kernel32

GetProcessHeap
SetEndOfFile
CreateFileW
SetEnvironmentVariableA
CompareStringW
CreateFileA
SetStdHandle
WriteConsoleW
LoadLibraryW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
HeapReAlloc
GetStringTypeW
GetTickCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
IsValidCodePage
GetOEMCP
GetACP
GetCurrentDirectoryW
SetFilePointer
ReadFile
GetCurrentDirectoryA
GetConsoleMode
GetConsoleCP
GetStartupInfoW
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetLocaleInfoW
GetModuleFileNameW
GetStdHandle
WriteFile
GetTimeZoneInformation
HeapCreate
ExitProcess
HeapSize
GetProcAddress
GetCurrentThreadId
SetLastError
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
SetCurrentDirectoryA
FlushFileBuffers
IsProcessorFeaturePresent
GetCPInfo
MultiByteToWideChar
LCMapStringW
WideCharToMultiByte
HeapSetInformation
GetCommandLineA
HeapAlloc
GetCurrentProcessId
GetDateFormatA
GetTimeFormatA
MoveFileA
DeleteFileA
GetFullPathNameA
GetDriveTypeW
CreateDirectoryA
GetSystemTimeAsFileTime
HeapFree
GetLastError
RtlUnwind
RaiseException
DecodePointer
EncodePointer
InterlockedDecrement
InterlockedIncrement
FreeConsole
FindNextFileA
InitializeCriticalSection
FindFirstFileA
FindClose
FormatMessageA
DeleteCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
ReleaseSemaphore
CreateSemaphoreA
LeaveCriticalSection
EnterCriticalSection
TryEnterCriticalSection
CloseHandle
Sleep
WaitForSingleObject
CreateThread
OutputDebugStringA
GlobalAlloc
GlobalLock
SetEnvironmentVariableW
GlobalUnlock

Sections

.text
Size: 871KB - Virtual size: 870KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 362KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3ca591a88cf9146ab5ea2ddf505b614

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

ws2_32

shell32

opengl32

glu32

libopusfile-0

sdl

freetype

kernel32

Sections

.text Size: 871KB - Virtual size: 870KB

.rdata Size: 195KB - Virtual size: 195KB

.data Size: 30KB - Virtual size: 1.6MB

.rsrc Size: 362KB - Virtual size: 361KB

.reloc Size: 64KB - Virtual size: 64KB

.text
Size: 871KB - Virtual size: 870KB

.rdata
Size: 195KB - Virtual size: 195KB

.data
Size: 30KB - Virtual size: 1.6MB

.rsrc
Size: 362KB - Virtual size: 361KB

.reloc
Size: 64KB - Virtual size: 64KB