Behavioral task
behavioral1
Sample
2024-11-21_52d137bc4eb9f600de58fa090788c422_mafia.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2024-11-21_52d137bc4eb9f600de58fa090788c422_mafia.exe
Resource
win10v2004-20241007-en
General
-
Target
2024-11-21_52d137bc4eb9f600de58fa090788c422_mafia
-
Size
456KB
-
MD5
52d137bc4eb9f600de58fa090788c422
-
SHA1
3cfb031795a1f330ed469ce06458a6d74a9005e1
-
SHA256
5e3561d7bc2f44ede9525cc0814b5ecb3531d8dcc5a901fedf01e0d12fb9f3d3
-
SHA512
b123be3bee5e0ca8a017ab14b2e5d1aaaa5a4e327c6cd1f2918acafeb9300cd4530906965a718a4e41762dd6dc85e738618cbd599896c443091187a09136465f
-
SSDEEP
6144:R8Dqd77UZLwdi3+qiakVFUd83xuR88FvaVWjYwzbkLOUo6YVc5R:RKqdEZLw/7zG83YdFvaVWjJYLAcb
Malware Config
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-11-21_52d137bc4eb9f600de58fa090788c422_mafia
Files
-
2024-11-21_52d137bc4eb9f600de58fa090788c422_mafia.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 273KB - Virtual size: 273KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 64KB - Virtual size: 63KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 23KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ