2024-07-11_bb217ff3400e4a48ede659e29ab3ec07_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-07-11_bb217ff3400e4a48ede659e29ab3ec07_mafia
Size

359KB
MD5

bb217ff3400e4a48ede659e29ab3ec07
SHA1

9744a57f1e1bb3d59fe550a41b1ce21be2e41d3a
SHA256

031cf3e376e432f06ee11311f75ad9125d85db11c95cc4f121437bfdc1f05684
SHA512

b900f4a664285edfb8955a9b7a381bfbfb92f269343cc2c7d726d743f292d64471c794bef647446a72798bf3c6bd7d8d8b913bacb3591eb8dd3556f757f7171f
SSDEEP

6144:LVTZx0QIa83TXI4Is+jzW3UMVZmmhmJbAqDmY9H:BTZx0rXDm38UMDk9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-11_bb217ff3400e4a48ede659e29ab3ec07_mafia

Files

2024-07-11_bb217ff3400e4a48ede659e29ab3ec07_mafia
.exe windows:5 windows x86 arch:x86

99f79fb5fa3a550775422923b9cbd97c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Ekim\documents\visual studio 2010\Projects\Hacı Dayı Windows\Debug\Hacı Dayı Windows.pdb

Imports

allegro-5.1.7-monolith-md-debug

al_install_system
al_init_image_addon
al_install_mouse
al_install_keyboard
al_init_font_addon
al_init_ttf_addon
al_install_audio
al_init_acodec_addon
al_reserve_samples
al_create_timer
al_set_new_display_option
al_get_num_display_modes
al_get_display_mode
al_set_new_display_flags
al_create_display
al_create_event_queue
al_get_keyboard_event_source
al_register_event_source
al_get_display_event_source
al_get_timer_event_source
al_get_mouse_event_source
al_map_rgb
al_clear_to_color
al_flip_display
al_start_timer
al_load_ttf_font
al_load_bitmap
al_wait_for_event
al_is_event_queue_empty
al_draw_scaled_bitmap
al_draw_text
al_draw_textf
al_map_rgb_f
al_destroy_timer
al_destroy_display
al_destroy_event_queue

kernel32

TlsSetValue
SetEndOfFile
CreateFileW
CreateFileA
SetStdHandle
WriteConsoleW
VirtualQuery
GetProcessHeap
FreeLibrary
SetConsoleCtrlHandler
HeapReAlloc
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetACP
GetLocaleInfoW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
HeapDestroy
HeapCreate
CloseHandle
FlushFileBuffers
SetFilePointer
ReadFile
GetConsoleMode
GetConsoleCP
WriteFile
InterlockedIncrement
InterlockedDecrement
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
EncodePointer
DecodePointer
RtlUnwind
RaiseException
GetLastError
HeapFree
GetCommandLineA
HeapSetInformation
HeapAlloc
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
GetCPInfo
TlsAlloc
TlsGetValue
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThreadId
GetCurrentThread
GetProcAddress
HeapSize
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
lstrlenA
LoadLibraryW
IsProcessorFeaturePresent
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
FatalAppExitA

Sections

.textbss
Size: - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 289KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99f79fb5fa3a550775422923b9cbd97c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

allegro-5.1.7-monolith-md-debug

kernel32

Sections

.textbss Size: - Virtual size: 131KB

.text Size: 289KB - Virtual size: 289KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 8KB - Virtual size: 18KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 15KB - Virtual size: 14KB

.textbss
Size: - Virtual size: 131KB

.text
Size: 289KB - Virtual size: 289KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 8KB - Virtual size: 18KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 15KB - Virtual size: 14KB