2025-01-19_f9b9fca8d0582074c127358a01079b93_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2025-01-19_f9b9fca8d0582074c127358a01079b93_mafia
Size

225KB
MD5

f9b9fca8d0582074c127358a01079b93
SHA1

b8e4f0e7b4389ab5aff7f89444f915c6b59f65fd
SHA256

650d7baf827dcb92f8209d003892b068f1cbf615e5149b9c27da88166b6f44e3
SHA512

bab1f20ef5199986966d0d55e5c91a213c595a060f8b0b7ae359163b3a72253da7cd434efd91300353e38b40a72ff6e6c4638c7d4a0e1ad66d4b8e449d05e520
SSDEEP

3072:9kR7Gqi0YCmfua54i3Yk44qpW6FNplXFbP6BBNzN9nGb08z8E2oySq3SpZ5+JC+:9kl0Ga5uk41pW6Nl1Gn5ngV2fS+Sp2B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-01-19_f9b9fca8d0582074c127358a01079b93_mafia

Files

2025-01-19_f9b9fca8d0582074c127358a01079b93_mafia
.exe windows:5 windows x86 arch:x86

b369312cb84b3dbdbee0e945e8eb7160

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FillConsoleOutputCharacterA
GetCPInfo
WriteConsoleOutputCharacterA
GetTickCount
GlobalAlloc
GetSystemTimeAdjustment
TerminateProcess
GetACP
GetStartupInfoA
SetLastError
GetProcAddress
GetModuleHandleA
GetProcessShutdownParameters
VirtualProtect
CloseHandle
CreateFileW
WriteConsoleW
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
LoadLibraryW
HeapReAlloc
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
HeapSize
GetLocaleInfoW
GetStringTypeW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
MultiByteToWideChar
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
GetCommandLineW
HeapSetInformation
GetStartupInfoW
RaiseException
RtlUnwind
HeapAlloc
LCMapStringW
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
ExitProcess
IsProcessorFeaturePresent
HeapCreate
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
WriteFile
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
FlushFileBuffers

user32

EndPaint
GetMessageA
CloseClipboard
TranslateAcceleratorW
GetNextDlgTabItem
GetAltTabInfoA
PeekMessageW
GetRawInputDeviceInfoW
DispatchMessageA
SetMenuDefaultItem
DefDlgProcA
OpenClipboard
UpdateWindow
GetDialogBaseUnits
ValidateRect
CallMsgFilterA
GetRegisteredRawInputDevices

shell32

ShellAboutW
DragAcceptFiles
FindExecutableW
DragQueryFileA

msimg32

TransparentBlt

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b369312cb84b3dbdbee0e945e8eb7160

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

msimg32

Sections

.text Size: 109KB - Virtual size: 108KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 13KB - Virtual size: 24KB

.rsrc Size: 66KB - Virtual size: 65KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 109KB - Virtual size: 108KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 13KB - Virtual size: 24KB

.rsrc
Size: 66KB - Virtual size: 65KB

.reloc
Size: 8KB - Virtual size: 8KB