Extended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-16_ce07a97b950b2b9a9b5205aa68d96a70_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-16_ce07a97b950b2b9a9b5205aa68d96a70_mafia.exe
Resource
win10v2004-20240412-en
Target
2024-04-16_ce07a97b950b2b9a9b5205aa68d96a70_mafia
Size
339KB
MD5
ce07a97b950b2b9a9b5205aa68d96a70
SHA1
26f0e78a51d0a7d3bea0d43f5ff36f45593db2c1
SHA256
e6caf005cda4ce3bcbbcf63add408e8c3f5f817942782d82601c9d70e96ef5da
SHA512
f5c1beeac9bfb6e8cac62ef3dc88e28c81ea1d49cb92fabd034790914484fd3b5352b25042a72280e50e769636f2b87eac74a0ff0070513b28ba11b0245dc1e1
SSDEEP
6144:c8vsCccZuUeZm7+GdSucunWmOrN/bXq2aNRqqDLuHJpKAj4Y:RvRdecPguZnjOrNjq2aNsqnu6Q
ExtKeyUsageTimeStamping
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
LocalFree
Sleep
CloseHandle
WaitForSingleObject
GetSystemInfo
GetProcAddress
HeapFree
GetProcessHeap
TlsFree
HeapAlloc
TlsAlloc
CreateEventA
SetEvent
GetTickCount
CreateProcessA
SetUnhandledExceptionFilter
GetLastError
GetSystemTimeAsFileTime
LeaveCriticalSection
ExitThread
EnterCriticalSection
InterlockedDecrement
InterlockedIncrement
CreateWaitableTimerA
SetWaitableTimer
WaitForMultipleObjects
ResumeThread
ResetEvent
OpenEventA
ReleaseSemaphore
SetEnvironmentVariableA
CompareStringW
SetEndOfFile
WriteConsoleW
SetStdHandle
CreateFileA
GetConsoleMode
GetConsoleCP
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
FormatMessageA
InterlockedExchange
FindResourceExW
FindResourceW
LoadResource
SizeofResource
CreateFileW
LockResource
DeleteFileW
GetFileSize
SetFilePointer
GetModuleHandleW
WriteFile
ReadFile
FlushFileBuffers
MultiByteToWideChar
WideCharToMultiByte
SystemTimeToFileTime
GetVolumeInformationW
GetStringTypeW
InterlockedCompareExchange
InitializeCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
RaiseException
RtlUnwind
ExitProcess
GetCommandLineA
HeapSetInformation
GetTimeFormatA
GetDateFormatA
HeapReAlloc
LCMapStringW
GetCPInfo
IsProcessorFeaturePresent
TlsGetValue
TlsSetValue
SetLastError
GetCurrentThreadId
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
GetModuleFileNameW
GetLocaleInfoW
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
LoadLibraryW
HeapCreate
HeapDestroy
GetACP
GetOEMCP
IsValidCodePage
HeapSize
CreateThread
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
??0server@proxy@af@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@II0ABV?$vector@HV?$allocator@H@std@@@4@_N0H000021I02II222@Z
?run@server@proxy@af@@QAEXH@Z
?obfuscate@header@proxy@af@@SAXPAEI@Z
?set_proxy_list_idle_grow@server@proxy@af@@QAEXH@Z
?add_header@http_client@proxy@af@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?set_follow_redirect@http_client@proxy@af@@QAEX_N@Z
?set_proxy@http_client@proxy@af@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?upload@http_client@proxy@af@@QAEHABVaf_stringW@@_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?download@http_client@proxy@af@@QAEHABVaf_stringW@@_N@Z
?is_running@http_client@proxy@af@@QAE_NXZ
?get_error_code@http_client@proxy@af@@QAEHXZ
?result@http_client@proxy@af@@QAEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?get_error_msg@http_client@proxy@af@@QAEPBDXZ
?apply@ua_in_filter@proxy@af@@UAEPAVfilter_rule@23@PAVhttp_msg@23@@Z
?apply@in_filter@proxy@af@@UAEPAVfilter_rule@23@PAVhttp_msg@23@@Z
?add_rule@filter_rule_list@proxy@af@@UAEXAAVfilter_rule@23@@Z
??1http_client@proxy@af@@QAE@XZ
??0logger@proxy@af@@QAE@PBDW4log_level_enum@012@_N@Z
??0http_client@proxy@af@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I_N0I@Z
gethostname
WSACleanup
WSAStartup
PathFileExistsW
PathBuildRootW
PathAddBackslashW
GetAdaptersInfo
??0filter@proxy@af@@QAE@XZ
??0in_filter@proxy@af@@QAE@XZ
??0in_filter_base@proxy@af@@QAE@XZ
??0unblock_in_filter@proxy@af@@QAE@XZ
??1filter@proxy@af@@UAE@XZ
??1in_filter@proxy@af@@UAE@XZ
??1in_filter_base@proxy@af@@UAE@XZ
??1localdomain_in_filter@proxy@af@@UAE@XZ
??1localhost_in_filter@proxy@af@@UAE@XZ
??1localip_in_filter@proxy@af@@UAE@XZ
??1ua_in_filter@proxy@af@@UAE@XZ
??1unblock_in_filter@proxy@af@@UAE@XZ
??_Flogger@proxy@af@@QAEXXZ
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ