Static task
static1
Behavioral task
behavioral1
Sample
drweb-livedisk-900-usb.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral2
Sample
drweb-livedisk-900-usb.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
Target
drweb-livedisk-900-usb.exe
Size
835.7MB
MD5
e1342fcbd0c1f4548dce48bd2b5e9b45
SHA1
4367ecf41b96a0a254bb53af307ab1f3685d8497
SHA256
a8bf6c6cf0437ad8162713d0ea0735c583d54d129b06589c19b5627ca07fe613
SHA512
b16b33eb566051a08daffaf7674e3f001abaa6cadbf53d6e8106423cfbccc488635b0dafb9958a1ce1b5fa9ec44c889aed0f953f7c937f7056a41a9646d69fea
SSDEEP
25165824:R1FYp4TC8T1KRcCe6RQpqG96OWJr0JwEerEo:R1FYiC8T12pemG96OWJwJwEerEo
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
CN=Doctor Web Ltd.,O=Doctor Web Ltd.,L=Moscow,C=RU
CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US
CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
ShellExecuteW
GetModuleFileNameExW
FlushInstructionCache
GetTempPathW
RaiseException
GetFileSizeEx
GetProcAddress
EnterCriticalSection
lstrcmpiW
GetCurrentThreadId
GetDiskFreeSpaceExW
FormatMessageW
LocalFree
GetFileSize
SetFilePointer
MapViewOfFile
UnmapViewOfFile
ReadFile
CreateFileMappingW
GetCommandLineW
GetEnvironmentVariableW
FreeLibrary
LoadLibraryW
SetThreadLocale
GetLogicalDriveStringsW
DeviceIoControl
GetVolumeInformationW
CreateMutexW
SetErrorMode
LoadLibraryExW
InterlockedIncrement
SizeofResource
SetLastError
DeleteCriticalSection
ReleaseMutex
GetVersionExW
DosDateTimeToFileTime
SystemTimeToFileTime
GetFileType
GetCurrentDirectoryA
DuplicateHandle
RemoveDirectoryW
GetFileAttributesExW
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
DeleteFileW
CreateDirectoryW
SetEnvironmentVariableA
CompareStringW
FlushFileBuffers
WriteConsoleW
SetStdHandle
UnregisterWait
GetThreadPriority
SetFilePointerEx
GetConsoleMode
GetConsoleCP
InterlockedExchange
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetTimeFormatW
GetDateFormatW
WideCharToMultiByte
GetTimeZoneInformation
GetStringTypeW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
CreateSemaphoreW
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RegisterWaitForSingleObject
GetNumaHighestNodeNumber
ChangeTimerQueueTimer
UnregisterWaitEx
TlsFree
TlsAlloc
ReleaseSemaphore
VirtualProtect
GetTickCount
SetThreadPriority
CreateEventW
SetEvent
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
CreateThread
SwitchToThread
CreateFileW
LeaveCriticalSection
GetCurrentProcess
ExitThread
lstrlenA
GetModuleFileNameW
GetModuleHandleW
GetTempFileNameW
CloseHandle
CreatePipe
TerminateProcess
GetExitCodeProcess
WriteFile
WaitForSingleObject
CreateProcessW
LockResource
GetLastError
lstrlenW
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
LoadResource
FindResourceW
OutputDebugStringW
SetThreadAffinityMask
GetProcessAffinityMask
DeleteTimerQueueTimer
RtlUnwind
GetCurrentThread
GetStdHandle
FormatMessageA
SignalObjectAndWait
HeapAlloc
HeapFree
GetProcessHeap
InterlockedCompareExchange
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
DecodePointer
EncodePointer
Sleep
TlsGetValue
CreateTimerQueueTimer
CreateTimerQueue
InterlockedFlushSList
QueryDepthSList
TlsSetValue
GetSystemTimeAsFileTime
IsDebuggerPresent
GetCommandLineA
HeapReAlloc
HeapSize
ExitProcess
GetModuleHandleExW
AreFileApisANSI
ReleaseDC
GetMessageW
SetForegroundWindow
FindWindowW
TranslateMessage
PeekMessageW
CreateDialogParamW
DispatchMessageW
EndPaint
SetCursor
SetCapture
GetFocus
SetRectEmpty
BeginPaint
PtInRect
GetCapture
DrawFocusRect
InvalidateRect
GetSysColor
GetCursorPos
ReleaseCapture
UpdateWindow
GetDlgCtrlID
CallWindowProcW
DefWindowProcW
DestroyWindow
GetWindowTextLengthW
PostQuitMessage
CharNextW
DrawTextW
DialogBoxParamW
LoadCursorW
SetFocus
GetDC
UnregisterClassW
GetWindowTextW
SystemParametersInfoW
GetClassNameW
LoadIconW
ShowWindow
LoadBitmapW
GetActiveWindow
CreateWindowExW
MessageBoxW
EnableWindow
DestroyIcon
PostMessageW
ClientToScreen
ScreenToClient
GetWindowRect
FillRect
GetParent
IsWindowEnabled
GetClientRect
IsDialogMessageW
OffsetRect
GetWindowLongW
MonitorFromWindow
GetDlgItem
SetWindowLongW
EndDialog
SendDlgItemMessageW
SetWindowPos
LoadStringW
IsWindow
IsWindowVisible
SendMessageW
MapWindowPoints
SetWindowTextW
GetDialogBaseUnits
GetMonitorInfoW
GetWindow
SetBkMode
SelectObject
GetObjectW
GetStockObject
SetTextColor
SetBkColor
DeleteObject
CreateSolidBrush
CreateFontIndirectW
RegQueryInfoKeyW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW
RegCreateKeyExW
CheckTokenMembership
FreeSid
AllocateAndInitializeSid
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
VarUI4FromStr
ord17
_TrackMouseEvent
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ