Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-19_75281beb810861973e7eaf280c280450_mafia.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-06-19_75281beb810861973e7eaf280c280450_mafia.exe
Resource
win10v2004-20240611-en
Target
2024-06-19_75281beb810861973e7eaf280c280450_mafia
Size
190KB
MD5
75281beb810861973e7eaf280c280450
SHA1
f7d83ea8fb3926bdb3bac45212858ba88cc068c7
SHA256
e4aa630cf84f353f869b3b2a0183f2e65e91b52c6338315a6cf19f19368f33c8
SHA512
10dfa33aec9682f377d5c9df25834d0c554215007060352ecbb6e40cc4924244d86c72033505839462cb27161ba5d686fb2d9c3e2e8a77aaf88226aac82abb4d
SSDEEP
3072:dylqtcbUxv/AZ7886HejllRvHnphslUtkXjT3uJX9zI0yDS9Ig666666669O/b38:dylqtjHG3Hj5/p+lUWTT3uJX9zIHSGgF
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
G:\Code\Audit\InsideSrc\0801106204_proto_changed\target\release\symbols\server\RzxSvc.pdb
ReadProcessMemory
Process32Next
Process32First
CreateToolhelp32Snapshot
TerminateProcess
GetCurrentProcess
GetExitCodeProcess
CreateProcessA
WTSGetActiveConsoleSessionId
CreateMutexA
GetCommandLineA
CreateThread
GetExitCodeThread
GetCurrentProcessId
GetCurrentThreadId
WideCharToMultiByte
HeapFree
HeapAlloc
GetProcessHeap
ExpandEnvironmentStringsA
GetTempPathA
SetUnhandledExceptionFilter
FreeLibrary
SetErrorMode
GetTickCount
GetWindowsDirectoryA
LocalFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CompareStringW
CreateFileW
SetStdHandle
WriteConsoleW
LoadLibraryW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
HeapReAlloc
GetStringTypeW
IsValidCodePage
GetOEMCP
GetACP
GetTimeZoneInformation
CloseHandle
GetModuleHandleA
GetProcAddress
OpenProcess
RegisterWaitForSingleObject
UnregisterWait
CreateEventA
OpenEventA
WaitForSingleObject
SetEvent
FlushFileBuffers
WriteFile
ReadFile
SetEndOfFile
SetFilePointer
CreateFileA
CopyFileA
GetVersionExA
MoveFileExA
DeleteFileA
GetFileAttributesA
RemoveDirectoryA
CreateDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetPrivateProfileStringA
WritePrivateProfileStringA
GetLastError
GetLocalTime
GetTickCount64
GetSystemDirectoryA
ExitProcess
Sleep
GetModuleFileNameA
OpenMutexA
LoadLibraryA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleMode
GetConsoleCP
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
HeapCreate
GetLocaleInfoW
GetModuleFileNameW
GetStdHandle
HeapSize
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetLastError
GetModuleHandleW
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
RtlUnwind
RaiseException
HeapSetInformation
GetStartupInfoW
GetSystemTimeAsFileTime
LCMapStringW
MultiByteToWideChar
GetCPInfo
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetEnvironmentVariableA
GetSystemMetrics
CloseServiceHandle
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
DuplicateTokenEx
GetTokenInformation
SetTokenInformation
CreateProcessAsUserA
LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges
RegisterServiceCtrlHandlerExA
SetServiceStatus
StartServiceCtrlDispatcherA
CreateServiceA
ChangeServiceConfigA
OpenSCManagerA
OpenServiceA
QueryServiceStatus
StartServiceA
EnumProcessModules
GetModuleFileNameExA
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ