Extended Key Usages
ExtKeyUsageCodeSigning
Static task
static1
Behavioral task
behavioral1
Sample
a324f24386cddedeaa163b98533b3b03962205bdce1a48cd6630e95aba2379ec.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
a324f24386cddedeaa163b98533b3b03962205bdce1a48cd6630e95aba2379ec.exe
Resource
win10v2004-en-20220113
Target
a324f24386cddedeaa163b98533b3b03962205bdce1a48cd6630e95aba2379ec
Size
3.7MB
MD5
ad813c97f7cd48856a9c2847ad55b90a
SHA1
c16bc7b76e6de3998bacef08f80a6acce3c5cee2
SHA256
a324f24386cddedeaa163b98533b3b03962205bdce1a48cd6630e95aba2379ec
SHA512
4f5cb2049e03ad76910693b96a3465c9ba6e268f0bf1ba7fce7eb374241acfa08ba645829fabe8ef76606289903655480867f314c17c79efc8b242419d46fadb
SSDEEP
98304:rlC4QBL6dQNbMFd6KkEl4ucp7YY+0RJ3ZOITgkAQL:rlChB+Gb6doEl4uS7xPZOILHL
Processes:
resource | yara_rule |
---|---|
sample | themida |
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
SERIALNUMBER=CHE-354.686.492,CN=Proton Technologies AG,O=Proton Technologies AG,STREET=Route de la Galaise 32,L=Plan-les-Ouates,ST=Geneva,C=CH,1.2.840.113549.1.9.1=#0c0f61646d696e4070726f746f6e2e6d65,1.3.6.1.4.1.311.60.2.1.2=#130647656e657661,1.3.6.1.4.1.311.60.2.1.3=#13024348,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e
CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE
CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign
SERIALNUMBER=CHE-354.686.492,CN=Proton Technologies AG,O=Proton Technologies AG,STREET=Route de la Galaise 32,L=Plan-les-Ouates,ST=Geneva,C=CH,1.2.840.113549.1.9.1=#0c0f61646d696e4070726f746f6e2e6d65,1.3.6.1.4.1.311.60.2.1.2=#130647656e657661,1.3.6.1.4.1.311.60.2.1.3=#13024348,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e
CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE
CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign
CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ