Extended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
Static task
static1
Behavioral task
behavioral1
Sample
2024-12-11_f78ad6bfc87dba49fb7e175c4d5d0bdd_floxif_mafia.exe
Resource
win7-20240903-en
Target
2024-12-11_f78ad6bfc87dba49fb7e175c4d5d0bdd_floxif_mafia
Size
1.7MB
MD5
f78ad6bfc87dba49fb7e175c4d5d0bdd
SHA1
2b1df30b09bba1a96b783b7c4fb74d215ebd68a6
SHA256
1039022336b22aa0e3166393d9f0ae81e5c54be067c0c96edea8497dda9d3778
SHA512
a87ae2e4662504586fb7d9ccb0f793ad4ab502b0da1340accdc83e599c22f088709ce464b71e9b421c58afd3c40e765df2c52c10e960fcd6a6ab294410da90db
SSDEEP
49152:zFxcFAPKUjIYAv09gxyhCubLLLn8r2DTLTqsRFcuA:HgWjhCcni2DS
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageContentCommitment
ExtKeyUsageTimeStamping
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
WTSQueryUserToken
WTSQuerySessionInformationW
WTSFreeMemory
CreateEnvironmentBlock
DestroyEnvironmentBlock
GetProcessImageFileNameW
PathFileExistsW
PathAddBackslashW
PathRemoveFileSpecW
PathIsDirectoryW
inet_addr
WSAGetLastError
inet_ntoa
htonl
getservbyname
htons
gethostbyaddr
WSASetLastError
ntohs
gethostbyname
connect
getsockname
bind
listen
WSAStartup
socket
ioctlsocket
closesocket
__WSAFDIsSet
getsockopt
recv
send
select
getservbyport
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
FindResourceW
FindResourceExW
GetProcAddress
GetModuleHandleW
lstrcmpiW
InterlockedIncrement
InterlockedDecrement
GetVolumeInformationW
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
FreeLibrary
MultiByteToWideChar
LoadLibraryExW
OutputDebugStringW
CloseHandle
ReadFile
CreateFileW
GetDriveTypeW
WritePrivateProfileStringW
SetFileAttributesW
WriteFile
GetFileAttributesW
IsBadStringPtrW
FindClose
FindFirstFileW
FindNextFileW
DeleteFileW
RemoveDirectoryW
GetTickCount
GetWindowsDirectoryW
GetDiskFreeSpaceExW
IsBadWritePtr
WideCharToMultiByte
DefineDosDeviceW
GetSystemDirectoryW
LocalAlloc
LocalFree
GetCurrentProcess
Sleep
GetCurrentDirectoryW
GetFileSizeEx
VerifyVersionInfoW
VerSetConditionMask
WaitForSingleObject
QueryDosDeviceW
GetCurrentThreadId
CreateThread
CreateEventW
SetEvent
SetLastError
DeleteVolumeMountPointW
OpenProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
SetFileTime
GetFileAttributesExW
CopyFileW
GetCommandLineW
HeapFree
GetProcessHeap
HeapAlloc
SystemTimeToFileTime
GetLocalTime
DuplicateHandle
GetCurrentProcessId
LoadResource
ResetEvent
ProcessIdToSessionId
WTSGetActiveConsoleSessionId
GetFullPathNameW
GetFullPathNameA
CreateFileA
GetFileSize
SetFilePointer
MapViewOfFile
UnmapViewOfFile
SetEndOfFile
QueryPerformanceCounter
InterlockedCompareExchange
UnlockFile
LockFile
UnlockFileEx
GetSystemTimeAsFileTime
FormatMessageA
InitializeCriticalSection
FormatMessageW
GetVersionExW
GetFileAttributesA
FlushFileBuffers
GetTempPathW
LockFileEx
GetDiskFreeSpaceW
LoadLibraryA
CreateFileMappingW
GetDiskFreeSpaceA
GetSystemInfo
GetTempPathA
GetSystemTime
AreFileApisANSI
DeleteFileA
GetVolumeNameForVolumeMountPointW
GetVolumePathNamesForVolumeNameW
DeviceIoControl
HeapReAlloc
SetFilePointerEx
IsBadReadPtr
GetCurrentThread
GetFileInformationByHandle
GetModuleFileNameA
GetModuleHandleA
GetVersionExA
CreateMutexA
ReleaseMutex
TlsAlloc
TlsSetValue
TlsGetValue
GetSystemDirectoryA
GetModuleHandleExW
HeapSetInformation
GetStartupInfoW
GetTimeFormatW
GetDateFormatW
GetFileType
GetConsoleCP
GetConsoleMode
FileTimeToSystemTime
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
lstrlenW
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileExA
FindFirstFileExW
ExitThread
ResumeThread
LCMapStringW
GetCPInfo
ExitProcess
GetStdHandle
HeapCreate
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
TlsFree
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoW
IsProcessorFeaturePresent
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetTimeZoneInformation
SetStdHandle
WriteConsoleW
PeekNamedPipe
RtlUnwind
DecodePointer
EncodePointer
GetStringTypeW
InterlockedExchange
HeapSize
HeapDestroy
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
CompareStringW
LoadLibraryW
SetEnvironmentVariableA
CharNextW
CharUpperW
PostThreadMessageW
UnregisterDeviceNotification
KillTimer
LoadStringW
DispatchMessageW
TranslateMessage
GetMessageW
SetTimer
RegisterDeviceNotificationW
RegLoadKeyW
GetTokenInformation
DuplicateTokenEx
ImpersonateLoggedOnUser
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerW
RegisterServiceCtrlHandlerExW
CreateServiceW
DeleteService
ControlService
StartServiceW
RegisterEventSourceW
ReportEventW
DeregisterEventSource
SetServiceStatus
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetFileSecurityW
FreeSid
InitializeAcl
AddAccessAllowedAce
GetAce
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegFlushKey
RegCreateKeyW
RegOpenKeyW
RegQueryValueExW
AllocateAndInitializeSid
SetNamedSecurityInfoW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
QueryServiceStatusEx
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegUnLoadKeyW
OpenThreadToken
ImpersonateSelf
IsTextUnicode
CreateProcessAsUserW
ShellExecuteExW
SHGetFolderPathW
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoInitialize
CoUninitialize
CoRevokeClassObject
CoRegisterClassObject
CoInitializeSecurity
StringFromGUID2
CoCreateInstance
CoAddRefServerProcess
CoReleaseServerProcess
CoInitializeEx
CoSetProxyBlanket
SafeArrayPutElement
VariantClear
VariantInit
SafeArrayGetElement
SafeArrayRedim
SafeArrayCopyData
SafeArrayCreate
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayGetVartype
RegisterTypeLi
UnRegisterTypeLi
SysAllocString
LoadTypeLi
LoadRegTypeLi
SysStringLen
VarUI4FromStr
SysFreeString
GetLibXmlInterface
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.