Extended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-15_3f578601bf69dcef3ada278473dd875b_mafia.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-06-15_3f578601bf69dcef3ada278473dd875b_mafia.exe
Resource
win10v2004-20240508-en
Target
2024-06-15_3f578601bf69dcef3ada278473dd875b_mafia
Size
1003KB
MD5
3f578601bf69dcef3ada278473dd875b
SHA1
459046e601e6fdd6fe663440c51f0eda6318377a
SHA256
784358512ca2bc828e531b0eef7078f23c0c4343a4b0132c7c45bb8e9ff04e3a
SHA512
4d98ca110b1bcd368e6927d27fff5f456e1bddc0fd6f05a110f5d01d749a98a1d5a43cb4c49df84fe775c4201f4fd5baaf6126e8b8bf5c2d600c018b7ca45477
SSDEEP
24576:qCF3zBpmk05EUvYzr/AqR9b+R2gLUddfss1QaH1bIe3K07oJ4cTz+kQeS/:lhzBpmkIEIqRhd0aVbIev7oJ4cTCkQee
ExtKeyUsageTimeStamping
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
SetEndOfFile
UnlockFile
LockFile
GetSystemTimeAsFileTime
TlsSetValue
GetVersionExW
GetFileAttributesA
GetFileAttributesW
MultiByteToWideChar
FlushFileBuffers
LockFileEx
TlsAlloc
GetTempPathA
GetSystemTime
DeleteFileA
CreateEventW
OutputDebugStringW
WaitForSingleObject
SetEvent
WTSGetActiveConsoleSessionId
GetLocalTime
OutputDebugStringA
GetModuleFileNameW
GetDriveTypeW
FindFirstFileW
FindClose
CreateDirectoryW
SetFileAttributesW
FindNextFileW
FileTimeToSystemTime
MoveFileW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
OpenProcess
TerminateProcess
CreateProcessW
GetModuleHandleExW
LocalFree
FreeLibrary
ResumeThread
TlsGetValue
GetCurrentProcess
GetCurrentProcessId
CreateMutexW
ExpandEnvironmentStringsA
TerminateThread
ExitProcess
InterlockedDecrement
DeviceIoControl
SetPriorityClass
GlobalFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
ReleaseMutex
LeaveCriticalSection
lstrlenA
SetEnvironmentVariableA
CompareStringW
GetProcessHeap
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetFileSize
CreateFileA
GetFullPathNameA
GetFullPathNameW
GetTempPathW
SetFilePointer
WriteFile
CopyFileW
MoveFileExW
CloseHandle
ReadFile
DeleteFileW
CreateFileW
GetLastError
GetTickCount
GetPrivateProfileStringA
GetModuleHandleW
GetProcAddress
lstrlenW
WideCharToMultiByte
Sleep
GetUserDefaultLCID
GetLocaleInfoW
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetACP
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStartupInfoW
InitializeCriticalSectionAndSpinCount
SetHandleCount
HeapSize
GetCurrentThreadId
SetLastError
TlsFree
IsProcessorFeaturePresent
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
CreateThread
LoadLibraryW
UnhandledExceptionFilter
RaiseException
GetCPInfo
LCMapStringW
RtlUnwind
GetStdHandle
GetFileType
WriteConsoleW
HeapReAlloc
HeapAlloc
FileTimeToLocalFileTime
FindFirstFileExW
HeapSetInformation
GetCommandLineW
HeapFree
DecodePointer
EncodePointer
GetStringTypeW
InterlockedExchange
InterlockedCompareExchange
InterlockedIncrement
MessageBoxA
KillTimer
DispatchMessageW
SetTimer
wsprintfW
GetMessageW
AllocateAndInitializeSid
RegCreateKeyExW
SetSecurityDescriptorSacl
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
LookupAccountSidW
GetTokenInformation
OpenProcessToken
FreeSid
CheckTokenMembership
CreateProcessAsUserW
RegSetValueExW
RegQueryValueExW
RegEnumKeyExW
RegCloseKey
RegOpenKeyExW
SHGetFolderPathA
SHGetFolderPathW
SHGetFolderLocation
SHGetPathFromIDListW
ord155
CoInitializeSecurity
CoUninitialize
CoInitialize
CoSetProxyBlanket
CoCreateInstance
CoTaskMemFree
SysAllocString
SysFreeString
VariantInit
VariantClear
PathFileExistsW
GetAdaptersInfo
GetModuleFileNameExW
WTSQueryUserToken
DestroyEnvironmentBlock
CreateEnvironmentBlock
WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpWriteData
WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpSendRequest
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpCloseHandle
WinHttpOpen
WinHttpSetTimeouts
WinHttpCrackUrl
WinHttpConnect
WinHttpOpenRequest
WinHttpSetOption
WinHttpAddRequestHeaders
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ