Extended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-21_91d741d12a007ead9dfb4a47fc4bcedf_mafia.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-21_91d741d12a007ead9dfb4a47fc4bcedf_mafia.exe
Resource
win10v2004-20231215-en
Target
2024-02-21_91d741d12a007ead9dfb4a47fc4bcedf_mafia
Size
308KB
MD5
91d741d12a007ead9dfb4a47fc4bcedf
SHA1
f89d8d5a7dabc4b8b967dbfe8ccd1c64941168d5
SHA256
ac1fc92527bd5a31ad47321add2b49153369d0d663baa04e9ca09ce279a24d75
SHA512
70b125a5c55abc9bada6425b2cb9bbd729276e3721b66f4350285abd2ea5e2f0a1c548ec4a145b46cd46cac0358ea60a2566781870ba3e403bf5dea11a985c81
SSDEEP
6144:syh6Ky0DgsJLqQrfDFuD4o/DSGRt+CAjiTQIVgksmEWJOTZFxa:syh6Ky0ftffDFuDLSGRrmiTQIVgksmEY
ExtKeyUsageTimeStamping
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
D:\baiduplayer_4.2.0\build\Release\bin\vcservice.pdb
FindResourceW
FindResourceExW
DeviceIoControl
CreateProcessW
WTSGetActiveConsoleSessionId
CreateToolhelp32Snapshot
Process32FirstW
ProcessIdToSessionId
Process32NextW
HeapAlloc
GetProcessHeap
HeapFree
OpenProcess
InterlockedDecrement
LoadResource
LockResource
SizeofResource
GetVolumeInformationA
WideCharToMultiByte
FreeLibrary
LoadLibraryExW
SetErrorMode
SetPriorityClass
CreateMutexW
Sleep
LocalFree
GetModuleHandleW
GetSystemTimeAsFileTime
SetLastError
GetPrivateProfileStringW
GetLastError
MultiByteToWideChar
RaiseException
GetCommandLineW
GetCurrentProcess
GetCurrentThreadId
GetCurrentProcessId
GetProcAddress
LoadLibraryW
SetUnhandledExceptionFilter
CreateDirectoryW
ResumeThread
GetTempPathW
ReadFile
GetFileSize
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
CloseHandle
WriteFile
SetEndOfFile
FlushFileBuffers
SetEnvironmentVariableA
CompareStringW
WriteConsoleW
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
CreateFileW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapCreate
GetLocaleInfoW
GetStdHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
GetTimeZoneInformation
GetFileAttributesW
GetModuleFileNameW
IsProcessorFeaturePresent
ExitProcess
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
LCMapStringW
GetCPInfo
RtlUnwind
GetStartupInfoW
HeapSetInformation
CreateThread
ExitThread
HeapDestroy
HeapReAlloc
HeapSize
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InterlockedIncrement
InterlockedCompareExchange
InterlockedExchange
GetStringTypeW
InitializeCriticalSection
EncodePointer
DecodePointer
GetVersionExW
GetTimeFormatW
GetDateFormatW
PostThreadMessageW
PeekMessageW
CreateWindowExW
KillTimer
TranslateMessage
wsprintfW
CharLowerBuffW
DefWindowProcW
LoadCursorW
LoadIconW
RegisterClassExW
SetTimer
GetMessageW
DispatchMessageW
CryptCreateHash
RegCreateKeyExW
RevertToSelf
ImpersonateLoggedOnUser
StartServiceW
QueryServiceStatus
DeleteService
ControlService
ChangeServiceConfig2W
CreateServiceW
CloseServiceHandle
OpenServiceW
OpenSCManagerW
OpenProcessToken
CreateProcessAsUserW
DuplicateTokenEx
LookupAccountSidW
GetTokenInformation
CryptReleaseContext
CryptDestroyHash
CryptDestroyKey
CryptEncrypt
CryptDeriveKey
CryptHashData
CryptAcquireContextW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerW
SetServiceStatus
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
SHGetSpecialFolderPathW
CommandLineToArgvW
ShellExecuteW
CoCreateInstance
CoUninitialize
CoInitialize
SysFreeString
SysAllocString
SysStringLen
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
VarBstrCmp
VariantInit
VariantClear
IsNetworkAlive
InternetOpenUrlW
InternetCloseHandle
InternetGetConnectedState
InternetOpenW
WTSQueryUserToken
CreateEnvironmentBlock
DestroyEnvironmentBlock
CryptBinaryToStringW
PathFileExistsW
PathRemoveFileSpecW
PathFindFileNameW
PathAppendW
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
connect
getsockopt
send
setsockopt
inet_addr
gethostbyname
closesocket
socket
ioctlsocket
recv
WSAGetLastError
select
__WSAFDIsSet
htons
GetAdaptersInfo
WinHttpOpen
WinHttpCrackUrl
WinHttpConnect
WinHttpReceiveResponse
WinHttpSendRequest
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpCloseHandle
WinHttpOpenRequest
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ