Extended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-12_a8df9c9029a913a7d2b976fbb30436a1_floxif_mafia.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-06-12_a8df9c9029a913a7d2b976fbb30436a1_floxif_mafia.exe
Resource
win10v2004-20240508-en
Target
2024-06-12_a8df9c9029a913a7d2b976fbb30436a1_floxif_mafia
Size
205KB
MD5
a8df9c9029a913a7d2b976fbb30436a1
SHA1
41e7ddad251608ad4d1152f6431b04486d7a79e8
SHA256
4e2f5c2526c6122627289489f13a783f4abb58ca2d51cb867fb6c3f0ffd8793a
SHA512
2952eca64c91fe1c31052eedcc026066c4de2fcf85463feff304eae5a110997dfac6131ddb329ae1ed9486f534d8119e93defe506d785b0e3384151584155d40
SSDEEP
6144:BgWWf+vqzCUSIlmiysBV+UdvrEFp7hKn2:OWWf+vESIlgsBjvrEH7V
ExtKeyUsageTimeStamping
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
C:\WORK\hotkey\KBSW.1\R0DVU06W\windows\src\Ella\SRC\tphksvc\obj\tphksvc.pdb
lstrcmpiW
LocalAlloc
LocalReAlloc
LocalSize
ReadFile
WriteFile
GetCurrentProcessId
WaitNamedPipeW
FreeLibrary
LoadLibraryW
GetSystemDirectoryW
lstrlenW
CreateEventW
CreateThread
WaitForMultipleObjects
ExitThread
FindFirstFileW
FindClose
SetThreadPriority
GetExitCodeThread
SetEvent
GetModuleHandleW
GetProcAddress
CreateFileW
DeviceIoControl
GetCommandLineW
GlobalFree
OpenFileMappingW
GetModuleFileNameW
GetShortPathNameW
GetCurrentProcess
WTSGetActiveConsoleSessionId
SetLastError
GetVersionExW
Sleep
GetLastError
OpenEventW
WaitForSingleObject
HeapSize
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
HeapReAlloc
HeapAlloc
FlushFileBuffers
LCMapStringW
WriteConsoleW
SetStdHandle
RtlUnwind
GetLocaleInfoW
InterlockedExchange
SetConsoleCtrlHandler
FatalAppExitA
GetStringTypeW
MultiByteToWideChar
CloseHandle
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
LocalFree
HeapFree
IsValidCodePage
GetCommandLineA
HeapSetInformation
GetStartupInfoW
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
IsProcessorFeaturePresent
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
AllocateAndInitializeSid
SetNamedSecurityInfoW
SetEntriesInAclW
SetServiceStatus
RegCloseKey
RegNotifyChangeKeyValue
RegOpenKeyExW
StartServiceCtrlDispatcherW
RegQueryValueExW
OpenSCManagerW
OpenServiceW
QueryServiceStatus
ControlService
CloseServiceHandle
RegisterServiceCtrlHandlerExW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
DuplicateTokenEx
SetTokenInformation
ImpersonateLoggedOnUser
CreateProcessAsUserW
RevertToSelf
RegCreateKeyExW
RegSetValueExW
FreeSid
WTSQueryUserToken
WTSFreeMemory
WTSQuerySessionInformationW
CommandLineToArgvW
LoadUserProfileW
CreateEnvironmentBlock
UnloadUserProfile
DestroyEnvironmentBlock
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
WinVerifyTrust
CertFindCertificateInStore
CryptQueryObject
CertFreeCertificateContext
CertCloseStore
StrRChrW
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ