Extended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
Behavioral task
behavioral1
Sample
DisReg.exe
Resource
win10-20220223-en
Behavioral task
behavioral2
Sample
DisReg.exe
Resource
win10v2004-20220331-en
Behavioral task
behavioral3
Sample
lib/basichttp.dll
Resource
win10-20220331-en
Behavioral task
behavioral4
Sample
lib/basichttp.dll
Resource
win10v2004-20220331-en
Behavioral task
behavioral5
Sample
lib/elevated.dll
Resource
win10-20220223-en
Behavioral task
behavioral6
Sample
lib/elevated.dll
Resource
win10v2004-20220331-en
Behavioral task
behavioral7
Sample
lib/extensions/AnyCaptchaCallbackHooker_Unpacked/generated/client/client.js
Resource
win10-20220331-en
Behavioral task
behavioral8
Sample
lib/extensions/AnyCaptchaCallbackHooker_Unpacked/generated/client/client.js
Resource
win10v2004-en-20220113
Target
disreg.zip
Size
15.8MB
MD5
399b4d9f0fa79fb7f67dba28e838f1f0
SHA1
20b983c9ac9c7af51925b3dc77e3938e33ac9d5f
SHA256
9b2cd94c1f2989047ac3588c74d4324502dd6dca31314eb9a8c48dda93bab41b
SHA512
62eff6f3bb88e15bba107a096cf1894b6a841af7f3f3d0f00b03d0d89cc399b3500cbbebca55093569ab5e58eec565f5e6a6ebe47f0f26833733cb1179651cfe
SSDEEP
393216:dUkAuMqF1pbl2rrp9RdqrNjLGHp1PAB0uMtRXxnjqMQLHyGM:2kAWH2np9zWOJNuMthxnjqMQLHy3
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
_CorExeMain
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageCertSign
KeyUsageCRLSign
CN=VMware\, Inc.,O=VMware\, Inc.,L=Palo Alto,ST=California,C=US,1.2.840.113549.1.9.1=#0c126e6f7265706c7940766d776172652e636f6d
CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US
CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
_configure_narrow_argv
_initterm_e
_initterm
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit
_errno
_seh_filter_dll
strncmp
memset
_except_handler4_common
__std_type_info_destroy_list
strrchr
memcpy
strchr
GetCurrentThreadId
GetSystemTimeAsFileTime
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
QueryPerformanceCounter
curl_multi_cleanup
curl_multi_info_read
curl_multi_socket_action
curl_multi_socket_all
curl_multi_setopt
curl_easy_init
curl_easy_pause
curl_multi_add_handle
curl_easy_strerror
curl_multi_init
curl_share_cleanup
curl_share_setopt
curl_share_init
curl_multi_remove_handle
curl_slist_free_all
curl_slist_append
curl_global_init
curl_easy_getinfo
curl_easy_cleanup
curl_easy_setopt
curl_global_cleanup
free
_ftime64
atoi
setsockopt
WSAGetLastError
Log
UtilSafeCalloc0
Warning
Panic
HashTable_Alloc
HashTable_Free
HashTable_Insert
HashTable_Delete
HashTable_GetNumElements
HashTable_ForEach
UtilSafeMalloc0
UtilSafeStrdup0
DynBuf_Init
DynBuf_Destroy
DynBuf_Append
Posix_Getenv
Str_Snprintf
Str_Strnstr
Str_Asprintf
Str_SafeAsprintf
StrUtil_GetNextInt64Token
StrUtil_StrToInt64
StrUtil_CaselessStartsWith
HttpURI_InfoInit
HttpURI_InfoRelease
HttpURI_ParseAndDecodeURL
BasicHttp_AddRequestToBandwidthGroup
BasicHttp_AllocMemorySource
BasicHttp_AllocSource
BasicHttp_AllocStringSource
BasicHttp_AppendRangeRequestHeader
BasicHttp_AppendRequestHeader
BasicHttp_CancelRequest
BasicHttp_ChangeBandwidthGroup
BasicHttp_CreateBandwidthGroup
BasicHttp_CreateCookieFile
BasicHttp_CreateCookieJar
BasicHttp_CreateRequest
BasicHttp_CreateRequestEx
BasicHttp_CreateRequestWithSSL
BasicHttp_DeleteBandwidthGroup
BasicHttp_ForbidReuse
BasicHttp_FreeCookieJar
BasicHttp_FreeRequest
BasicHttp_FreeResponse
BasicHttp_FreeSource
BasicHttp_GetEffectiveURL
BasicHttp_GetNumResponseHeaders
BasicHttp_GetRecvContentInfo
BasicHttp_GetResponseCode
BasicHttp_GetResponseHeader
BasicHttp_GetState
BasicHttp_GlobalCleanup
BasicHttp_GlobalInit
BasicHttp_Init
BasicHttp_InitEx
BasicHttp_IsInited
BasicHttp_IsPaused
BasicHttp_KickRecvRequest
BasicHttp_NewCookieSession
BasicHttp_PauseRecvRequest
BasicHttp_PauseSendRequest
BasicHttp_RemoveRequestFromBandwidthGroup
BasicHttp_RewindSource
BasicHttp_SendRequest
BasicHttp_SendRequestEx
BasicHttp_SetConnectTimeout
BasicHttp_SetFreshConnection
BasicHttp_SetInactivityTimeout
BasicHttp_SetInitialCookie
BasicHttp_SetProxy
BasicHttp_SetProxyEx
BasicHttp_SetRequestNameAndPassword
BasicHttp_SetSslCrlFilePath
BasicHttp_SetSslCtxProc
BasicHttp_SetSslManualVerification
BasicHttp_SetUserAgent
BasicHttp_Shutdown
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageCertSign
KeyUsageCRLSign
CN=VMware\, Inc.,O=VMware\, Inc.,L=Palo Alto,ST=California,C=US,1.2.840.113549.1.9.1=#0c126e6f7265706c7940766d776172652e636f6d
CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US
CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Xlength_error@std@@YAXPBD@Z
_cexit
_register_onexit_function
_crt_atexit
_execute_onexit_table
_initterm_e
_invalid_parameter_noinfo
_invalid_parameter_noinfo_noreturn
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
terminate
_initterm
_errno
_callnewh
calloc
_recalloc
malloc
free
wcspbrk
wcsncmp
_wcsdup
memset
wcsncpy_s
wcscpy_s
wcscat_s
_strdup
__stdio_common_vsprintf
_wtoi64
_purecall
wcsstr
__std_type_info_destroy_list
__CxxFrameHandler3
memcpy
__std_exception_copy
__std_exception_destroy
memmove
__current_exception
__current_exception_context
_except_handler4_common
_CxxThrowException
DeleteCriticalSection
FreeLibrary
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
LoadLibraryExW
LoadResource
SizeofResource
FindResourceW
lstrcmpiW
MultiByteToWideChar
GetThreadLocale
SetThreadLocale
CloseHandle
CreateProcessW
CreateFileW
SetLastError
GetSystemTimeAsFileTime
InitializeCriticalSectionEx
InitializeSListHead
LeaveCriticalSection
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
OutputDebugStringW
IsDebuggerPresent
MoveFileExW
LocalFree
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
EncodePointer
DecodePointer
RaiseException
GetLastError
EnterCriticalSection
HeapDestroy
CharNextW
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
LoadTypeLi
VarUI4FromStr
VariantClear
SysStringLen
SysFreeString
SysAllocString
SysAllocStringByteLen
SafeArrayCreateEx
RegisterTypeLi
SafeArrayAccessData
SafeArrayUnaccessData
GetRecordInfoFromGuids
UnRegisterTypeLi
VariantInit
LoadRegTypeLi
SafeArrayDestroy
SysStringByteLen
NetShareDel
NetShareAdd
DiskLib_Open
DiskLib_BottomLinkSpaceUsed
DiskLib_Close
DiskLib_DBGet
DiskLib_DBSet
DiskLib_GetInfo
Licensecheck_EnterNewSerialNumber
Warning
Win32U_LookupSidForAccount
W32Util_StartService
W32Util_StopService
W32Util_UpdateServiceStartType
DiskLib_FreeInfo
DiskLib_FreePartitionList
DiskLib_Create
DiskLib_GetPartitionListFromDevice
KeySafeUserRing_Destroy
KeySafeUserRing_Clone
KeySafeUserRing_AddRing
KeySafeUserRing_AddKey
KeySafeUserRing_Import
KeySafeUserRing_Create
CryptoKey_Free
CryptoKey_Import
Str_Asprintf
Snapshot_CheckMissingFiles
Snapshot_DeleteVM
Unicode_AllocWithLength
W32Util_GetInstalledFilePath64
HostDeviceInfo_FindHostDisks
HostDeviceInfo_FindHostSCSIGenericDevices
HostDeviceInfo_DeviceListGetNext
HostDeviceInfo_DeviceListIsSCSIDevice
HostDeviceInfo_DeviceListGetLongName
HostDeviceInfo_DeviceListGetPath
HostDeviceInfo_DeviceListGetName
Unicode_GetAllocBytes
UtilSafeStrdup0
ProductState_IsProduct
DiskLib_Exit
DiskLib_Init
Panic
DiskLib_Unlink
W32Util_GetInstalledFilePath
VNL_GetVnetAdapterStatus
VNL_SetBridgeState
VNL_GetVnetSubnetAddr
VNL_GetVnetDisplayName
VNL_GetNumberOfVnets
VNL_GetVnetUseNAT
VNL_GetBridgeState
SetSecurityDescriptorDacl
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegSetValueExW
AddAce
CopySid
GetAce
GetAclInformation
GetLengthSid
InitializeAcl
IsValidSid
ConvertStringSidToSidW
GetSecurityInfo
SetSecurityInfo
AddAccessAllowedAce
SetNamedSecurityInfoW
RegCloseKey
InitializeSecurityDescriptor
PathFileExistsW
PathMatchSpecW
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Elevated_Exit
Elevated_Init
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
https://mdbootstrap.com/docs/jquery/
https://mdbootstrap.com/docs/angular/
https://mdbootstrap.com/docs/react/
https://mdbootstrap.com/docs/vue/
https://github.com/mdbootstrap/bootstrap-material-design
https://www.youtube.com/watch?v=cXTThxoywNQ
https://www.facebook.com/mdbootstrap
https://twitter.com/MDBootstrap
https://mdbootstrap.com/docs/jquery/newsletter/
https://mdbootstrap.com/mdb-affiliate-program/
https://mdbootstrap.com/contact
https://www.mdbootstrap.com/
https://mdbootstrap.com/docs/jquery/getting-started/faq/
https://mdbootstrap.com/general/browsers-and-devices/
https://mdbootstrap.com/general/license/
https://mdbootstrap.com/docs/jquery/changelog/
https://mdbootstrap.com/general/privacy-policy/
https://mdbootstrap.com/general/return-refund-policy/
https://mdbootstrap.com/general/mdb-academy/
https://mdbootstrap.com/education/tech-marketing/automated-app-introduction/
https://mdbootstrap.com/freebies/
https://mdbootstrap.com/templates/
https://mdbootstrap.com/education/bootstrap/
https://mdbootstrap.com/education/wordpress/
https://mdbootstrap.com/education/angular/
https://mdbootstrap.com/education/tech-marketing/web-push-introduction/
https://mdbootstrap.com/education/bootstrap/gulp-installation/
https://mdbootstrap.com/mdbootstrap-webpack-tutorial/
https://mdbootstrap.com/general/our-team/
https://mdbootstrap.com/general/contact/
https://mdbootstrap.com/general/press-pack/