Extended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-10_ea911b01616923f5e23c135a35ef5caa_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-10_ea911b01616923f5e23c135a35ef5caa_mafia.exe
Resource
win10v2004-20240226-en
Target
2024-03-10_ea911b01616923f5e23c135a35ef5caa_mafia
Size
662KB
MD5
ea911b01616923f5e23c135a35ef5caa
SHA1
fa7300e35f7999e1b5d168608f20f92597f1889c
SHA256
3dfecfa1d59ea9f39e925e9517c2b60d97ecda915fbed46ce2878213798d280e
SHA512
62a037b224792e4185ca84e386ef365f8612eff0eba8d502ceb12d9761c43e2c53090ba8c635eca4c96a6d2b12b49da7ac85833bc078c1ce7731721063c8937b
SSDEEP
12288:JWP+aG3YHu1225hVXgok1MmmFTalMq8sY9TaWx1YKU0aje5:Jku1225hVXzyMmm8KF59Ta+Baje5
ExtKeyUsageTimeStamping
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
SymCleanup
SymInitialize
SymGetSymFromAddr
SymFunctionTableAccess
SymGetModuleBase
StackWalk
ord155
SHGetPathFromIDListW
ShellExecuteExW
ShellExecuteW
SHGetFolderLocation
GetLocalTime
lstrcatA
VirtualQuery
lstrlenA
GetCurrentProcess
GetCurrentThread
LoadLibraryW
GetLastError
OutputDebugStringW
GetProcAddress
FreeLibrary
Sleep
WideCharToMultiByte
MultiByteToWideChar
GetTickCount
OutputDebugStringA
lstrlenW
DeleteFileA
CloseHandle
WTSGetActiveConsoleSessionId
CreateFileA
GetModuleHandleExW
LocalFree
GetModuleFileNameW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
OpenProcess
TerminateProcess
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
GetModuleHandleW
CreateMutexW
GetCurrentProcessId
ResumeThread
TerminateThread
ExitProcess
CreateThread
CreateFileW
SetFileAttributesW
GetFileAttributesW
WriteFile
SetFilePointer
ReadFile
FindClose
FindFirstFileW
lstrcpyA
MoveFileExW
MoveFileW
DeleteFileW
FindNextFileW
CreateDirectoryW
CopyFileW
ExpandEnvironmentStringsA
GetTempPathW
GetVersionExW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ReleaseMutex
GlobalFree
SetEvent
CreateEventW
SetLastError
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
GetStringTypeW
EncodePointer
DecodePointer
HeapFree
GetCommandLineW
HeapSetInformation
RtlUnwind
RaiseException
HeapAlloc
GetSystemTimeAsFileTime
HeapReAlloc
WriteConsoleW
GetFileType
GetStdHandle
LCMapStringW
GetCPInfo
UnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
IsProcessorFeaturePresent
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStartupInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
FlushFileBuffers
HeapSize
GetTimeZoneInformation
GetLocaleInfoW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetStdHandle
SetEndOfFile
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
SetUnhandledExceptionFilter
SetErrorMode
GetModuleFileNameA
DeviceIoControl
SetPriorityClass
GetDriveTypeW
wsprintfW
MessageBoxA
FindWindowW
PostMessageW
GetWindowThreadProcessId
GetWindowTextW
EnumWindows
RegCloseKey
AllocateAndInitializeSid
RegQueryValueExW
RegOpenKeyExW
FreeSid
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorSacl
SetSecurityDescriptorSacl
OpenProcessToken
GetTokenInformation
CheckTokenMembership
LookupAccountSidW
CoCreateInstance
CoTaskMemFree
CoInitialize
CoSetProxyBlanket
CoInitializeSecurity
CoUninitialize
PathFileExistsW
GetModuleFileNameExW
WTSQueryUserToken
WinHttpSendRequest
WinHttpAddRequestHeaders
WinHttpSetOption
WinHttpOpenRequest
WinHttpConnect
WinHttpCrackUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpOpen
WinHttpQueryDataAvailable
WinHttpGetProxyForUrl
WinHttpWriteData
WinHttpReadData
WinHttpCloseHandle
WinHttpReceiveResponse
WinHttpSetTimeouts
WinHttpQueryHeaders
SysAllocString
SysFreeString
VariantInit
VariantClear
GetAdaptersInfo
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ