2024-09-04_7acc8eadaaef22d26a7cc65824419776_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-04_7acc8eadaaef22d26a7cc65824419776_mafia
Size

801KB
MD5

7acc8eadaaef22d26a7cc65824419776
SHA1

3ecb208204906f99ba4f4b6914a64a6a296c3082
SHA256

c0f0b83e28b1420e6aee059d81ed56f805db6ff04cfc7ec4da89b08c4fe0c3e4
SHA512

a735c3af1e57591de272bb2b20ba9c509febfded68403c5e238ad2c4f90d6982b1d313b5dee6948146efbaa19ed6ddb6a13c2f407a6a64f57a709c621ec2fc54
SSDEEP

24576:d2WIelj66BlW2D+Fencp7jYRdWI4e9W7JHShtMeSh2ddfI:cCV66BSencpvI4e9W7JHEMeSh2/I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-04_7acc8eadaaef22d26a7cc65824419776_mafia

Files

2024-09-04_7acc8eadaaef22d26a7cc65824419776_mafia
.exe windows:5 windows x86 arch:x86

1e99dd77ca2189f7df88b1b26f18154b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetTokenInformation
DuplicateTokenEx

userenv

DestroyEnvironmentBlock

wtsapi32

WTSQueryUserToken
WTSEnumerateSessionsW
WTSFreeMemory

kernel32

CompareStringW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
WriteConsoleW
Sleep
GetLastError
GetProcAddress
LoadLibraryW
CloseHandle
WideCharToMultiByte
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
FlushViewOfFile
InterlockedCompareExchange
GetProcessHeap
OutputDebugStringW
OutputDebugStringA
WaitForSingleObjectEx
WaitForSingleObject
WriteFile
UnmapViewOfFile
UnlockFileEx
UnlockFile
SystemTimeToFileTime
SetFilePointer
SetEndOfFile
ReadFile
QueryPerformanceCounter
MultiByteToWideChar
MapViewOfFile
LockFileEx
LockFile
LocalFree
LoadLibraryA
HeapCompact
HeapValidate
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GetVersionExW
GetVersionExA
GetTickCount
GetTempPathW
GetTempPathA
GetSystemTimeAsFileTime
GetSystemTime
GetSystemInfo
GetFullPathNameW
GetFullPathNameA
GetFileSize
GetFileAttributesExW
GetFileAttributesW
GetFileAttributesA
GetDiskFreeSpaceW
GetDiskFreeSpaceA
GetCurrentProcessId
FreeLibrary
FormatMessageW
FormatMessageA
FlushFileBuffers
DeleteFileW
DeleteFileA
CreateMutexW
CreateFileMappingW
CreateFileMappingA
CreateFileW
CreateFileA
AreFileApisANSI
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
SetStdHandle
GetStringTypeW
LCMapStringW
GetLocaleInfoW
InterlockedExchange
SetConsoleCtrlHandler
GetConsoleMode
RaiseException
InitializeCriticalSectionAndSpinCount
RtlUnwind
EncodePointer
DecodePointer
ExitThread
CreateThread
GetCommandLineW
HeapSetInformation
GetStartupInfoW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
InterlockedDecrement
GetCurrentThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
ExitProcess
GetTimeZoneInformation
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
SetEnvironmentVariableA

wininet

InternetReadFile
InternetConnectA
InternetOpenA
InternetCloseHandle

winhttp

WinHttpCrackUrl

Sections

.text
Size: 716KB - Virtual size: 716KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e99dd77ca2189f7df88b1b26f18154b

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

userenv

wtsapi32

kernel32

wininet

winhttp

Sections

.text Size: 716KB - Virtual size: 716KB

.rdata Size: 58KB - Virtual size: 57KB

.data Size: 9KB - Virtual size: 18KB

.reloc Size: 16KB - Virtual size: 15KB

.text
Size: 716KB - Virtual size: 716KB

.rdata
Size: 58KB - Virtual size: 57KB

.data
Size: 9KB - Virtual size: 18KB

.reloc
Size: 16KB - Virtual size: 15KB