2024-06-28_8d09f8d46f26e93f088f0bf4ff7844ef_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-28_8d09f8d46f26e93f088f0bf4ff7844ef_mafia
Size

660KB
MD5

8d09f8d46f26e93f088f0bf4ff7844ef
SHA1

603a3b1176ce5189529105116f8724192e892e29
SHA256

57264ba863122da2036994873f01f2887f7a01fd87ecb4f618a0adcedb0472fd
SHA512

ad15617173dffdcc1fe50bdc73a8143be5eabd273b5b7b90173424608241818c66919ff8b74c97f4a6e32fa13c13def7269569d287e6d66b934858ee483ac078
SSDEEP

6144:RGSCllVeVeUvX2Myfty7/e6duLwh5fA35x0Xg457GcmPxq9tOojnEL/UDc2OiqRF:kLlbeV3vX2MyfD6MMh5fAJx0XP5Ecqf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-28_8d09f8d46f26e93f088f0bf4ff7844ef_mafia

Files

2024-06-28_8d09f8d46f26e93f088f0bf4ff7844ef_mafia
.exe windows:5 windows x86 arch:x86

4ee1654d2379091ffbe1ab3b779d9036

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\s.minami\Documents\Almight Viewer for Windows\Release\almight.pdb

Imports

libcef

cef_string_multimap_key
cef_string_multimap_size
cef_string_list_copy
cef_string_map_free
cef_string_list_alloc
cef_string_list_free
cef_command_line_get_global
cef_command_line_create
cef_browser_host_create_browser
cef_string_userfree_utf16_free
cef_visit_web_plugin_info
cef_register_extension
cef_post_task
cef_register_scheme_handler_factory
cef_string_multimap_value
cef_get_path
cef_initialize
cef_build_revision
cef_execute_process
cef_currently_on
cef_run_message_loop
cef_shutdown
cef_string_map_size
cef_string_map_key
cef_string_map_value
cef_string_list_size
cef_string_list_value
cef_string_multimap_append
cef_string_map_append
cef_string_list_append
cef_v8context_get_current_context
cef_cookie_manager_get_global_manager
cef_v8value_create_array
cef_v8value_create_string
cef_v8value_create_double
cef_string_map_alloc
cef_v8value_create_int
cef_v8value_create_bool
cef_v8value_create_null
cef_list_value_create
cef_process_message_create
cef_request_create
cef_string_multimap_alloc
cef_string_multimap_free
cef_post_data_element_create
cef_post_data_create
cef_stream_reader_create_for_handler
cef_stream_reader_create_for_data
cef_launch_process
cef_string_utf16_cmp
cef_string_utf16_to_utf8
cef_string_utf8_clear
cef_string_utf16_set
cef_string_utf8_to_utf16
cef_string_utf16_clear

kernel32

CreateFileW
GetProcessHeap
SetEndOfFile
WriteConsoleW
CreateFileA
FlushFileBuffers
SetStdHandle
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCommandLineW
LockResource
SizeofResource
LoadResource
FindResourceW
GetConsoleMode
GetConsoleCP
SetFilePointer
LoadLibraryW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
HeapReAlloc
HeapSize
IsValidCodePage
GetOEMCP
GetACP
CloseHandle
GetCurrentDirectoryW
GetLocaleInfoW
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleW
HeapAlloc
RtlUnwind
GetCPInfo
LCMapStringW
GetFullPathNameA
GetDriveTypeW
HeapFree
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
HeapSetInformation
DecodePointer
EncodePointer
Sleep
MultiByteToWideChar
InterlockedCompareExchange
GetStringTypeW
WideCharToMultiByte
RaiseException
LoadLibraryA
GetLastError
InterlockedExchange
FreeLibrary
GetProcAddress
LocalAlloc
ReadFile

user32

UpdateWindow
CreateWindowExW
GetSystemMetrics
EndDialog
DefWindowProcW
MessageBoxW
DialogBoxParamW
DestroyWindow
EndPaint
BeginPaint
PostQuitMessage
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
PostMessageW
SetWindowLongW
GetWindowLongW
GetClientRect
CallWindowProcW
SendMessageW
RegisterClassExW
LoadCursorW
LoadIconW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
LoadAcceleratorsW
LoadStringW
MoveWindow
EnableWindow
SetWindowTextW
GetParent
ShowWindow

Sections

.text
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ee1654d2379091ffbe1ab3b779d9036

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

libcef

kernel32

user32

Sections

.text Size: 240KB - Virtual size: 240KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 5KB - Virtual size: 14KB

.rsrc Size: 363KB - Virtual size: 363KB

.reloc Size: 20KB - Virtual size: 20KB

.text
Size: 240KB - Virtual size: 240KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 5KB - Virtual size: 14KB

.rsrc
Size: 363KB - Virtual size: 363KB

.reloc
Size: 20KB - Virtual size: 20KB