Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-29_63ace7932ad17ec3d5f525810286d918_mafia_sedreco.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-03-29_63ace7932ad17ec3d5f525810286d918_mafia_sedreco.exe
Resource
win10v2004-20240226-en
Target
2024-03-29_63ace7932ad17ec3d5f525810286d918_mafia_sedreco
Size
2.0MB
MD5
63ace7932ad17ec3d5f525810286d918
SHA1
8b10620f29ddcb88cc136352cc57835e6584076b
SHA256
a6bf21e1a15a1a84f528db8ee99e72fa11fe1f9d5b51412f11555c16af1f5680
SHA512
43cc2da25e17d1e7bd6a849df3543bd5c0aa34448f43cb703a81ad60c4d2aa00b2849a13e5f1950f58c29afd8c613d36f2faa08deb6f64f87891959e741d6a81
SSDEEP
49152:zXSidT45mbrZ+ZkSR+JFsAD4GTZ2wP14IRCMkLmhedC1Wqp/tVkF6z9PHIBhmTuP:zfwmbrNJFslGF2wP1Z4LmheeHtGF6z9+
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
D:\projects\bitmaster\client\Production\bitmaster.pdb
ord1
CreateThread
MulDiv
InitializeCriticalSection
Sleep
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
CreateFileA
GetModuleHandleA
LoadLibraryA
LoadLibraryW
GetVersionExW
lstrcpynA
lstrlenA
lstrcpynW
LocalFree
FindClose
FindNextFileW
FindFirstFileW
GetUserDefaultLCID
GetModuleFileNameA
GetLocaleInfoA
WaitForSingleObject
CopyFileW
GetTickCount
SleepEx
FormatMessageA
PeekNamedPipe
WaitForMultipleObjects
GetFileType
GetStdHandle
ExpandEnvironmentStringsA
GetVersion
QueryPerformanceCounter
GlobalMemoryStatus
GetVersionExA
FlushConsoleInputBuffer
GetFileAttributesA
SetFileAttributesA
FindFirstFileExA
GetDriveTypeA
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
ExitThread
HeapReAlloc
HeapSetInformation
GetCommandLineW
GetSystemTimeAsFileTime
RtlUnwind
GetExitCodeThread
EncodePointer
InterlockedExchange
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedPushEntrySList
InterlockedCompareExchange
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
GetTimeZoneInformation
LCMapStringW
GetCPInfo
HeapCreate
HeapDestroy
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThread
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetConsoleCP
SetStdHandle
GetFullPathNameA
SetUnhandledExceptionFilter
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
FreeLibrary
GetStringTypeW
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
SetConsoleCtrlHandler
CompareStringW
SetEnvironmentVariableA
GetDriveTypeW
FindNextFileA
FindFirstFileA
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
GetProcAddress
GetCurrentProcessId
GetEnvironmentVariableW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
GetModuleFileNameW
SetLastError
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
FatalAppExitA
LeaveCriticalSection
EnterCriticalSection
RaiseException
GlobalFree
SetEndOfFile
SetFilePointer
GetStartupInfoW
CreateProcessW
GetCurrentDirectoryW
WideCharToMultiByte
RemoveDirectoryW
DeleteFileW
MoveFileW
GetFileAttributesW
CreateDirectoryW
SetCurrentDirectoryW
GetLocalTime
MultiByteToWideChar
GetFileSize
GlobalAlloc
GlobalLock
ReadFile
GlobalUnlock
lstrlenW
CreateFileW
WriteFile
CloseHandle
ExitProcess
DecodePointer
FlushFileBuffers
TrackPopupMenuEx
SetWindowPos
GetForegroundWindow
GetWindowThreadProcessId
MessageBeep
GetClipboardData
LoadAcceleratorsW
LoadMenuW
SystemParametersInfoW
EqualRect
UnionRect
AttachThreadInput
LoadStringA
SetFocus
LoadStringW
IsWindowVisible
MapWindowPoints
BringWindowToTop
IsZoomed
GetMenuItemInfoW
EnumWindows
MessageBoxA
AnimateWindow
SetCursor
GetProcessWindowStation
RemoveMenu
GetMenuItemCount
TranslateAcceleratorW
PostMessageW
PostQuitMessage
GetWindowPlacement
wvsprintfW
SetClipboardViewer
ChangeClipboardChain
KillTimer
SetTimer
SetWindowTextW
MessageBoxW
EndPaint
BeginPaint
FillRect
DrawTextW
PtInRect
InvalidateRect
TrackMouseEvent
CharNextW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
FindWindowW
GetSystemMetrics
CreateWindowExW
RegisterClassExW
CallWindowProcW
GetWindowLongW
DefWindowProcW
DestroyWindow
LoadCursorW
GetClassInfoExW
IsWindow
ShowWindow
GetClientRect
MoveWindow
SetWindowLongW
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
GetCursorPos
SetForegroundWindow
TrackPopupMenu
MonitorFromPoint
GetMonitorInfoW
SetMenuDefaultItem
AppendMenuW
DestroyMenu
CreatePopupMenu
LoadIconW
LoadImageW
GetDesktopWindow
GetWindowRect
SendMessageW
GetDC
ReleaseDC
UnregisterClassA
UpdateWindow
GetUserObjectInformationW
GetObjectW
DeleteDC
GetDIBits
CreateDIBSection
SetDIBitsToDevice
SetStretchBltMode
StretchDIBits
SetDIBits
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
CreatePen
CreateSolidBrush
CreateFontIndirectA
GetDeviceCaps
SetTextColor
SetBkMode
GetTextExtentPoint32W
LineTo
MoveToEx
SetViewportOrgEx
GetBitmapBits
GetObjectA
CreateDCA
DeleteObject
GetOpenFileNameW
LookupAccountNameA
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegDeleteKeyW
RegisterEventSourceA
ReportEventA
DeregisterEventSource
GetUserNameA
RegCloseKey
ConvertSidToStringSidA
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteValueW
SHGetFolderPathW
Shell_NotifyIconW
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteW
CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateGuid
CreateStreamOnHGlobal
VarUI4FromStr
SysFreeString
OleLoadPicture
SHDeleteKeyW
ImageList_Create
ImageList_Destroy
ImageList_Add
ImageList_Draw
InitCommonControlsEx
MiniDumpWriteDump
gethostname
ioctlsocket
select
__WSAFDIsSet
listen
accept
recvfrom
sendto
getaddrinfo
freeaddrinfo
WSASetLastError
connect
socket
closesocket
getpeername
getsockopt
htons
bind
ntohs
getsockname
setsockopt
send
recv
WSAGetLastError
WSAStartup
WSACleanup
shutdown
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ