Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
Scribe.exe
Resource
win7-20220414-en
Target
Scribe.exe
Size
2.0MB
MD5
a0fc62c608603f02cae7a7103625cbca
SHA1
2c6961b447b9b20aca8da625923568e79f40066f
SHA256
152cd4630ca5b31679f9af5b5226869962d0631276a3b9ab3af71bbe5c87ab46
SHA512
9a441c607ef833632e37db705d03c5cec147659b07548eb2c2f46f047d3425110787b9675e91eb5196897e32eedecdc5bf96f5fd681e5d6ed86831ed3af54a5f
SSDEEP
24576:voaxr53vZ0lTCsHNKOgE+qXVqBxbsEN4UuFMx3N03qDDXlPdRCmlat75a:Jr53vZ0llAs+q8vsK4UzNNcqfXjJlGE
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
FileTimeToLocalFileTime
ExitProcess
GetLastError
CancelIo
GetLogicalDriveStringsW
HeapAlloc
UnmapViewOfFile
HeapFree
LocalFree
GetPrivateProfileSectionNamesW
GetUserDefaultLCID
GetLocaleInfoW
OpenFileMappingW
GetDriveTypeW
GetCurrentDirectoryW
SetFilePointer
DuplicateHandle
GetCurrentProcessId
SetEndOfFile
Process32NextW
GetEnvironmentVariableW
ProcessIdToSessionId
GlobalFree
SetLastError
MultiByteToWideChar
SetFileTime
GlobalLock
CreateNamedPipeW
SetFileAttributesW
lstrcpyW
ResumeThread
GetDiskFreeSpaceExW
GlobalSize
CreateThread
GetSystemInfo
GetPrivateProfileStringW
InterlockedExchange
ResetEvent
InitializeCriticalSection
WriteFile
GetComputerNameW
WideCharToMultiByte
GetThreadPriority
VerifyVersionInfoW
DeleteCriticalSection
InterlockedExchangeAdd
CreateEventW
GetTempPathW
FlushFileBuffers
CreateFileW
CreateDirectoryW
OpenProcess
FreeLibrary
FindFirstFileW
SetThreadPriority
LoadLibraryA
GlobalMemoryStatusEx
MoveFileExW
GetCurrentThread
GetVersionExW
VerSetConditionMask
LoadLibraryW
MulDiv
GetTickCount
InterlockedDecrement
CopyFileW
MoveFileW
DisconnectNamedPipe
Sleep
SetErrorMode
FindClose
GetTimeZoneInformation
WaitForSingleObject
InterlockedIncrement
GetFileAttributesW
GetVersionExA
LeaveCriticalSection
EnterCriticalSection
GetProcAddress
SetEvent
GetFileSizeEx
SetFilePointerEx
DeleteFileW
CloseHandle
GetCurrentProcess
GetACP
TerminateProcess
lstrlenA
CreateMutexW
GetStdHandle
PeekNamedPipe
ReleaseMutex
GetShortPathNameW
GlobalAlloc
DeviceIoControl
GetProcessHeap
MapViewOfFile
WaitNamedPipeW
GetFileSize
SystemTimeToTzSpecificLocalTime
GetModuleFileNameA
Process32FirstW
FileTimeToSystemTime
SetCurrentDirectoryW
LockResource
GetOverlappedResult
SizeofResource
CreatePipe
GetCommModemStatus
GetUserDefaultUILanguage
GlobalUnlock
QueryPerformanceCounter
WaitForMultipleObjects
GetExitCodeProcess
SetEnvironmentVariableW
VirtualQuery
GetUserDefaultLangID
GetCommandLineW
ConnectNamedPipe
GetStartupInfoW
FreeResource
QueryPerformanceFrequency
CreateToolhelp32Snapshot
GlobalHandle
LoadResource
GetSystemTime
LoadLibraryExW
FindResourceW
SetUnhandledExceptionFilter
GetPrivateProfileIntW
GetModuleFileNameW
FindNextFileW
LocalAlloc
GetCurrentThreadId
CreateProcessW
GetFileTime
ReadFile
RemoveDirectoryW
GetModuleHandleW
GetSystemTimeAsFileTime
GetCommandLineA
GetStartupInfoA
UnhandledExceptionFilter
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
RtlUnwind
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
IsDebuggerPresent
HeapSize
HeapReAlloc
RaiseException
VirtualFree
GetLocaleInfoA
HeapCreate
HeapDestroy
VirtualAlloc
RegEnumKeyW
RegCloseKey
GetSidSubAuthority
GetAce
RegSetValueExW
SetSecurityDescriptorDacl
CryptAcquireContextW
InitializeSecurityDescriptor
RegSetKeySecurity
CryptEncrypt
RegDeleteValueW
RegEnumKeyExW
OpenProcessToken
AddAccessAllowedAce
GetSidLengthRequired
RegQueryValueExW
CryptDuplicateKey
InitializeSid
RegOpenKeyW
CryptDestroyHash
CryptDestroyKey
CryptCreateHash
SetFileSecurityW
CryptDecrypt
GetUserNameW
RegQueryInfoKeyW
RegCreateKeyExW
InitializeAcl
DuplicateTokenEx
RegEnumValueW
RegDeleteKeyW
CryptDeriveKey
CryptHashData
RegOpenKeyExW
TextOutW
SetViewportExtEx
CreateFontW
ExtFloodFill
PatBlt
PolyPolyline
SetBrushOrgEx
SetWindowExtEx
GetStockObject
SetBkColor
GetViewportExtEx
GetTextExtentPoint32W
CreateDIBitmap
CreateDIBSection
CreateBitmap
SetStretchBltMode
GetDIBits
CreatePatternBrush
GetWindowExtEx
StretchBlt
SelectObject
SetDIBits
LineTo
SetBkMode
SetTextColor
CreateCompatibleBitmap
CreateFontIndirectW
CreateSolidBrush
MoveToEx
CreatePen
GetDeviceCaps
DeleteObject
BitBlt
CreateCompatibleDC
GetCurrentObject
GetObjectW
DeleteDC
CreateRoundRectRgn
CoInitialize
CoTaskMemFree
CoCreateInstance
IIDFromString
CreateStreamOnHGlobal
CoSetProxyBlanket
CoInitializeSecurity
CoUninitialize
CoTaskMemAlloc
SysStringByteLen
OleLoadPicture
OleLoadPicturePath
SysAllocString
VariantInit
SysAllocStringByteLen
SysAllocStringLen
VariantClear
SysFreeString
DragQueryFileW
SHGetFolderPathW
SHChangeNotify
ShellExecuteExW
ShellExecuteW
SHGetDesktopFolder
CommandLineToArgvW
SHParseDisplayName
DuplicateIcon
ShellExecuteA
DragAcceptFiles
SHGetFileInfoW
Shell_NotifyIconW
SHCreateShellItem
ord680
SHGetPathFromIDListW
SHGetMalloc
SHBrowseForFolderW
DragFinish
ord155
SetMenuDefaultItem
CheckDlgButton
DialogBoxParamW
SendDlgItemMessageW
IsWindowVisible
EndPaint
GetSystemMetrics
LoadCursorW
PostMessageW
SetWindowPos
MonitorFromWindow
GetFocus
SetCursor
RegisterClassW
SystemParametersInfoW
GetCursorInfo
MoveWindow
GetDC
BeginPaint
GetScrollInfo
DestroyWindow
DeleteMenu
IsWindowEnabled
CreateWindowExW
WaitForInputIdle
CloseClipboard
UnhookWindowsHookEx
GetClientRect
CreateDialogParamW
CheckMenuRadioItem
IsZoomed
SetWindowLongW
CheckMenuItem
GetWindowRect
RedrawWindow
SetForegroundWindow
ScreenToClient
EmptyClipboard
CallWindowProcW
ScrollWindowEx
FindWindowExW
wsprintfW
FindWindowW
keybd_event
GetWindowTextW
PostQuitMessage
UnregisterHotKey
InsertMenuW
IsClipboardFormatAvailable
DrawStateW
MsgWaitForMultipleObjects
RemovePropW
GetWindowTextLengthW
GetCapture
SetClipboardData
InflateRect
GetWindowDC
GetDlgCtrlID
EnableWindow
DrawIconEx
GetSysColorBrush
IsDialogMessageW
UpdateWindow
LoadStringW
InsertMenuItemW
PeekMessageW
SetFocus
SetWindowPlacement
GetScrollBarInfo
AllowSetForegroundWindow
ReleaseCapture
GetMenuInfo
WindowFromDC
GetWindow
GetKeyboardState
MapWindowPoints
CreateDialogIndirectParamW
FlashWindowEx
SetScrollInfo
GetClassNameA
GetKeyNameTextW
GetActiveWindow
WindowFromPoint
SetWindowRgn
GetMenuItemCount
GetSubMenu
AttachThreadInput
SetMenuItemBitmaps
SetCapture
GetWindowThreadProcessId
GetIconInfo
CallNextHookEx
MonitorFromPoint
MapDialogRect
MapVirtualKeyW
DrawMenuBar
ClientToScreen
GetPropW
TranslateMessage
GetWindowWord
SetClassLongW
DispatchMessageW
GetMessageW
GetAncestor
IsCharAlphaW
DrawFocusRect
SetMenuInfo
GetForegroundWindow
DialogBoxIndirectParamW
RegisterHotKey
SetMenuItemInfoW
EndMenu
GetDlgItemTextW
GetSysColor
SetWindowWord
DrawEdge
EndDialog
GetClipboardData
DestroyMenu
GetDlgItemInt
FrameRect
InvalidateRect
SetDlgItemTextW
DestroyIcon
LoadImageW
GetKeyState
SetWindowsHookExW
SetTimer
FillRect
MessageBoxW
GetDlgItem
ShowWindow
IsDlgButtonChecked
GetDesktopWindow
GetCursor
GetClassNameW
SendMessageW
SetWindowTextW
GetParent
ReleaseDC
IsWindow
SetDlgItemInt
SetMenu
DrawTextW
GetWindowLongW
RegisterWindowMessageW
KillTimer
SetActiveWindow
GetWindowPlacement
AppendMenuW
EnableMenuItem
CreatePopupMenu
DefWindowProcW
GetAsyncKeyState
IsIconic
MonitorFromRect
OpenClipboard
GetMenu
SetPropW
GetMonitorInfoW
TrackPopupMenu
GdipCreateBitmapFromScan0
GdipSetSmoothingMode
GdipDeleteGraphics
GdiplusShutdown
GdipImageSelectActiveFrame
GdipSetPageUnit
GdipImageGetFrameCount
GdipCreateBitmapFromStream
GdipCloneImage
GdipGetPropertyItem
GdipDeleteRegion
GdipDisposeImageAttributes
GdipCreateFontFromDC
GdipBitmapUnlockBits
GdipDrawImageRectRect
GdipGetImageVerticalResolution
GdipGetImageGraphicsContext
GdipSetSolidFillColor
GdipSetImageAttributesColorMatrix
GdipGetImageHeight
GdiplusStartup
GdipImageGetFrameDimensionsCount
GdipGetPropertyCount
GdipSetImageAttributesWrapMode
GdipCreateImageAttributes
GdipSetTextRenderingHint
GdipDeleteMatrix
GdipGetPropertyIdList
GdipGetDC
GdipDeleteFont
GdipBitmapLockBits
GdipGraphicsClear
GdipGetPropertyItemSize
GdipGetImageHorizontalResolution
GdipGetImageEncoders
GdipImageGetFrameDimensionsList
GdipGetImagePixelFormat
GdipReleaseDC
GdipGetImageWidth
GdipSetInterpolationMode
GdipDisposeImage
GdipDeleteBrush
GdipCreateSolidFill
GdipCloneBrush
GdipGetImageEncodersSize
CertCloseStore
CertVerifySubjectCertificateContext
CryptQueryObject
CertFindCertificateInStore
CertFreeCertificateContext
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ