Extended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
2024-07-09_3b7cc6c6bad4fb3cf13784aaee79b3b1_mafia.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
2024-07-09_3b7cc6c6bad4fb3cf13784aaee79b3b1_mafia.exe
Resource
win10v2004-20240704-en
Target
2024-07-09_3b7cc6c6bad4fb3cf13784aaee79b3b1_mafia
Size
1.5MB
MD5
3b7cc6c6bad4fb3cf13784aaee79b3b1
SHA1
80143c0786f640725a10f217cb9666564675f64b
SHA256
975390e122cbc1b8b2f0e0e2eb248df8df04042de82f001b05375fcb66f43071
SHA512
586ca579dc3e0b471d1487d2df4f01f8ab957e7304b7665f05ecaca8ae7813ade329c9af3a407df58ac98513af3f9984002581e8a6cf2195325f94ff4210bb20
SSDEEP
24576:qkSNlNoQD1PMN3h7xa/c4kSPtUs4xZyzm3VMpzX+nlW/V2tVEcy58tg9T2+Hkoq6:kfhc7mFpT+nlrVEcy58tKTrE2d
ExtKeyUsageTimeStamping
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
KeyUsageDigitalSignature
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
GetDriveTypeW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
TerminateProcess
WaitForSingleObject
CreateProcessW
GetModuleHandleExW
LocalFree
FormatMessageW
GetCurrentProcessId
VirtualAlloc
ReadFile
GetFileSize
CreateFileW
WriteFile
SetFilePointer
FindClose
FindFirstFileW
CreateDirectoryW
GetTickCount
FindNextFileW
RemoveDirectoryW
SetFileAttributesW
GetFileAttributesW
DeleteFileW
CopyFileW
SetFileTime
FileTimeToSystemTime
MoveFileExW
MoveFileW
GetLocalTime
SetLocalTime
SystemTimeToFileTime
GlobalFree
InitializeCriticalSection
Sleep
GetCommandLineW
ExpandEnvironmentStringsW
GetVersionExW
InterlockedPushEntrySList
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
InterlockedPopEntrySList
GetStringTypeW
InterlockedCompareExchange
SetPriorityClass
DeviceIoControl
SetEnvironmentVariableA
CompareStringW
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetACP
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetLocaleInfoW
HeapSize
TlsFree
HeapDestroy
HeapCreate
IsDebuggerPresent
UnhandledExceptionFilter
FileTimeToLocalFileTime
FindFirstFileExW
GetCPInfo
LCMapStringW
HeapReAlloc
GetStdHandle
GetFileType
ExpandEnvironmentStringsA
GetTempPathW
OutputDebugStringA
WideCharToMultiByte
CreateFileA
WTSGetActiveConsoleSessionId
DeleteFileA
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
GetProcAddress
lstrlenW
FreeLibrary
SetErrorMode
SetUnhandledExceptionFilter
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
CreateMutexW
GetLastError
OpenProcess
ReleaseMutex
CloseHandle
GetModuleFileNameW
GetExitCodeProcess
ExitProcess
SetLastError
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
WriteConsoleW
MoveFileA
GetStartupInfoW
HeapSetInformation
RtlUnwind
GetSystemTime
GetTempPathA
TlsAlloc
LockFileEx
FlushFileBuffers
GetFileAttributesA
TlsSetValue
GetSystemTimeAsFileTime
LockFile
InterlockedExchange
EncodePointer
DecodePointer
UnlockFile
SetEndOfFile
TlsGetValue
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetFullPathNameA
GetFullPathNameW
LockResource
GetPrivateProfileStringA
FindResourceExW
lstrlenA
GetMessageW
PeekMessageW
CreateDialogParamW
wsprintfW
CharNextW
DestroyWindow
DefWindowProcW
EndDialog
GetWindowLongW
GetDlgItem
IsDialogMessageW
SetWindowPos
IsWindow
EnumThreadWindows
FindWindowExW
GetWindowThreadProcessId
GetWindowTextW
GetClassNameW
MessageBoxA
UnregisterClassA
MapWindowPoints
GetClientRect
GetMonitorInfoW
MonitorFromWindow
GetWindowRect
GetWindow
GetParent
SetWindowTextW
SendMessageW
EnableWindow
ReleaseDC
GetDC
LoadImageW
PostQuitMessage
DialogBoxParamW
GetActiveWindow
GetSystemMetrics
FindWindowW
PostMessageW
ScreenToClient
SetCursor
LoadCursorW
BeginPaint
EndPaint
MoveWindow
UpdateLayeredWindow
InvalidateRect
SetForegroundWindow
SendInput
TranslateMessage
DispatchMessageW
ShowWindow
SetWindowLongW
GetTextExtentExPointW
GetObjectA
BitBlt
CreateCompatibleDC
SelectObject
DeleteDC
GetDeviceCaps
CreateFontW
DeleteObject
CreateCompatibleBitmap
RegCloseKey
GetLengthSid
SetTokenInformation
QueryServiceStatus
CloseServiceHandle
RegQueryValueExW
OpenProcessToken
GetTokenInformation
LookupAccountSidW
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
CreateProcessAsUserW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
DuplicateTokenEx
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
SHCreateDirectoryExW
SHGetFolderPathA
SHGetFolderPathW
ShellExecuteExW
ShellExecuteW
ord155
SHGetPathFromIDListW
SHGetFolderLocation
SHFileOperationW
CoSetProxyBlanket
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitialize
CoInitializeSecurity
SysFreeString
VarUI4FromStr
VariantClear
VariantInit
SysAllocString
SHCreateStreamOnFileEx
PathFileExistsW
_TrackMouseEvent
InitCommonControlsEx
GdipCreateBitmapFromFile
GdipDeleteMatrix
GdipReleaseDC
GdipCreateFromHDC
GdipGetImageHeight
GdipDeletePath
GdipDeleteFont
GdipCreateBitmapFromGraphics
GdipCreateMatrix
GdipCloneImage
GdipRotateMatrix
GdipTranslateMatrix
GdipGetImageWidth
GdipDisposeImage
GdiplusStartup
GdipLoadImageFromFile
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCreateSolidFill
GdipDrawImageRectI
GdipCreateMatrix2
GdipTransformPath
GdipGetImageGraphicsContext
GdipSetTextRenderingHint
GdipSetStringFormatAlign
GdipAddPathRectangleI
GdiplusShutdown
GdipSetSmoothingMode
GdipCreatePath
GdipDeleteStringFormat
GdipCreateStringFormat
GdipCloneBrush
GdipGetFontHeight
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDrawImageRectRectI
GdipDrawImagePointRectI
GdipMeasureString
GdipDeletePen
GdipCreatePen1
GdipDrawString
GdipDrawLineI
GdipSetWorldTransform
GdipSetInterpolationMode
GdipDeleteBrush
GetModuleFileNameExW
WTSQueryUserToken
WinHttpCloseHandle
WinHttpReadData
WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpWriteData
WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpSendRequest
WinHttpAddRequestHeaders
WinHttpSetOption
WinHttpOpenRequest
WinHttpConnect
WinHttpCrackUrl
WinHttpSetTimeouts
WinHttpOpen
WinHttpQueryDataAvailable
GetAdaptersInfo
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ