Static task
static1
Behavioral task
behavioral1
Sample
d06a68a69816159fc133a0580bbdffa259650c9eb7242c217881484a474d0f7d.exe
Resource
win7-20220901-en
windows7-x64
Behavioral task
behavioral2
Sample
d06a68a69816159fc133a0580bbdffa259650c9eb7242c217881484a474d0f7d.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
Target
d06a68a69816159fc133a0580bbdffa259650c9eb7242c217881484a474d0f7d
Size
646KB
MD5
0583b33a923efab2f499001373b6e83b
SHA1
02806b098cbe7888828d12dc747a5507186bbf9b
SHA256
d06a68a69816159fc133a0580bbdffa259650c9eb7242c217881484a474d0f7d
SHA512
f88027817f03cf3df10c15d8b142ac36d0548411ef7b8f218e02c032d3cd454ed9936fbcbbb4382c1fa8346ec885c7446b94c68a06d8fb42fe6894c104b42f68
SSDEEP
12288:+Bp4XQMBGfNyyFBytdUOgZSTkAX1/+tA1HQeNFtnAL04OnjK5xE8:JXWfIdURLAAO9TFhthm5xE8
ExtKeyUsageCodeSigning
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
GetTickCount
GetThreadLocale
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
VirtualAlloc
ReadConsoleOutputAttribute
GetBinaryTypeA
GetBinaryType
SetProcessAffinityMask
GetExitCodeProcess
WriteTapemark
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
CopyFileExA
SetUnhandledExceptionFilter
GetFileInformationByHandle
RequestWakeupLatency
LocalLock
FindResourceExW
GetComputerNameA
Thread32Next
CreateDirectoryExW
GetProcessAffinityMask
ReadConsoleOutputW
Thread32First
GetMailslotInfo
ConvertDefaultLocale
GetModuleFileNameA
CreateTimerQueue
DisconnectNamedPipe
lstrcpyW
OpenSemaphoreW
CompareStringW
OpenFileMappingW
ExpandEnvironmentStringsA
FillConsoleOutputCharacterW
VerLanguageNameA
GlobalDeleteAtom
CreateTimerQueueTimer
LCMapStringA
DeleteCriticalSection
FindCloseChangeNotification
GetConsoleFontSize
GlobalHandle
GetComputerNameExA
FlushFileBuffers
BackupRead
VerSetConditionMask
GetLongPathNameW
FindAtomA
GetCurrencyFormatW
SetCommConfig
DeleteAtom
GetFileType
EndUpdateResourceW
EnumSystemLocalesW
WritePrivateProfileStructW
GlobalFree
ExitThread
EnumSystemCodePagesA
SetCommMask
SetConsoleActiveScreenBuffer
PurgeComm
MoveFileExA
DosDateTimeToFileTime
GetUserDefaultLangID
GetPrivateProfileSectionNamesA
IsBadReadPtr
CreateRemoteThread
ReadConsoleA
GetCommConfig
GetLogicalDriveStringsW
DebugActiveProcess
SetComputerNameExA
SetLocaleInfoA
IsDBCSLeadByteEx
SetTimeZoneInformation
GetProcessVersion
ScrollConsoleScreenBufferA
GetCalendarInfoW
FindNextFileA
lstrcat
TlsAlloc
FindFirstVolumeMountPointA
SetWaitableTimer
EnumResourceTypesW
Heap32Next
GetProfileStringA
EnumResourceTypesA
PeekConsoleInputA
CreateNamedPipeA
GetWriteWatch
DeleteTimerQueueEx
WriteConsoleOutputA
GetSystemWindowsDirectoryW
EnumDateFormatsW
GetFileAttributesA
WriteFileEx
IsValidLanguageGroup
GetCurrentDirectoryA
SetHandleCount
HeapFree
CreatePipe
GetProcAddress
WriteConsoleInputW
FindFirstVolumeMountPointW
GetProcessWorkingSetSize
GetEnvironmentVariableA
GetNumberOfConsoleInputEvents
SetVolumeMountPointA
GetProfileStringW
GetShortPathNameW
SystemTimeToFileTime
GetTapeParameters
SetTapeParameters
VirtualLock
lstrcatW
GetStringTypeExW
ReadConsoleInputA
GetConsoleWindow
WriteFile
FlushConsoleInputBuffer
EnumSystemLocalesA
GetFileTime
SetConsoleTitleA
GenerateConsoleCtrlEvent
MoveFileWithProgressW
HeapCompact
GetSystemInfo
SearchPathA
ReadFileEx
UnhandledExceptionFilter
Process32Next
GetShortPathNameA
WideCharToMultiByte
CloseHandle
WaitForMultipleObjectsEx
GetDriveTypeW
FindVolumeMountPointClose
GlobalGetAtomNameA
Beep
DeviceIoControl
GetSystemDefaultLCID
SetSystemTime
CreateWaitableTimerW
EnumDateFormatsExA
QueryPerformanceCounter
QueryDosDeviceW
GetDiskFreeSpaceExW
GetComputerNameW
GetFileAttributesExW
ExpandEnvironmentStringsW
GlobalAddAtomA
WaitNamedPipeW
GetCommMask
GetNamedPipeHandleStateW
MapUserPhysicalPages
GetStringTypeExA
FindFirstFileA
SetNamedPipeHandleState
FreeResource
WaitForSingleObjectEx
CreateSemaphoreW
EnumLanguageGroupLocalesA
GetDateFormatA
GetCPInfoExA
GetStdHandle
CreateJobObjectW
EnterCriticalSection
BeginUpdateResourceW
FatalAppExitW
SetVolumeLabelW
DeleteFiber
SetFilePointer
CancelIo
SetThreadExecutionState
lstrcmpi
GetSystemDirectoryA
RtlFillMemory
ReadConsoleOutputCharacterA
DeleteVolumeMountPointW
EndUpdateResourceA
CompareFileTime
InitAtomTable
WritePrivateProfileSectionW
UnlockFileEx
GetLogicalDrives
LoadLibraryExW
SuspendThread
BuildCommDCBAndTimeoutsW
BackupSeek
GetAtomNameA
GetTempFileNameW
ReleaseSemaphore
HeapWalk
EnumUILanguagesA
TryEnterCriticalSection
AreFileApisANSI
FoldStringA
ResetEvent
GetVolumeInformationA
GetProcessTimes
_hwrite
CreateConsoleScreenBuffer
DefineDosDeviceA
HeapCreate
GetDevicePowerState
SignalObjectAndWait
CreateTapePartition
Toolhelp32ReadProcessMemory
FormatMessageW
GetCurrentProcessId
AllocConsole
GetPrivateProfileIntA
ReadConsoleW
GetConsoleAliasExesA
FindFirstVolumeW
GetLocalTime
GetConsoleAliasesA
GlobalFlags
EnumCalendarInfoExW
SetFileAttributesA
ScrollConsoleScreenBufferW
FillConsoleOutputCharacterA
PeekNamedPipe
GetNamedPipeHandleStateA
LoadModule
WritePrivateProfileStructA
WaitCommEvent
FindClose
_lcreat
WaitNamedPipeA
GetLastError
lstrlen
GetConsoleAliasesW
ResumeThread
LoadLibraryW
GetConsoleDisplayMode
GetConsoleScreenBufferInfo
Process32FirstW
ReadDirectoryChangesW
GetCurrentProcess
OpenEventW
SetTimer
CharNextW
CharUpperW
GetCursorPos
IMPSetIMEW
PeekMessageW
CharToOemBuffW
CallMsgFilter
HideCaret
DdeGetData
DdeInitializeA
SetPropA
GetClassWord
OpenIcon
SetWindowsHookA
InvalidateRgn
LoadCursorA
DrawTextExW
DefMDIChildProcW
PostThreadMessageA
VkKeyScanW
SendMessageCallbackA
CreateCursor
CopyAcceleratorTableA
WinHelpA
CreateWindowExW
RegisterClassExA
PaintDesktop
ShowWindowAsync
AnyPopup
DdeInitializeW
GetGUIThreadInfo
MenuItemFromPoint
CharNextExA
LoadImageW
EnableScrollBar
SetWindowsHookExA
TranslateAcceleratorW
CountClipboardFormats
DdeReconnect
EditWndProc
GetAncestor
RealGetWindowClassA
GetMenuItemCount
RegisterClassW
EnumChildWindows
RealChildWindowFromPoint
ModifyMenuA
wsprintfW
ValidateRgn
MapVirtualKeyA
DrawIconEx
GetDlgItemInt
SetClassLongA
SetCaretPos
GetWindowModuleFileNameW
GetMessageW
BroadcastSystemMessageW
MoveWindow
SetDlgItemTextA
GetPropA
IsWindow
DdeSetUserHandle
GrayStringA
MonitorFromWindow
SetWindowTextW
GetProcessDefaultLayout
TrackPopupMenuEx
GetIconInfo
RemovePropW
DrawFrameControl
CreateMDIWindowW
SwitchDesktop
InsertMenuItemA
SetRect
PostQuitMessage
MapDialogRect
wsprintfA
SetCapture
SetScrollInfo
BringWindowToTop
LookupIconIdFromDirectoryEx
GetScrollRange
UnregisterDeviceNotification
GrayStringW
MessageBoxIndirectA
GetMessageA
GetSystemMetrics
CharUpperA
DlgDirListComboBoxA
LoadIconA
PostThreadMessageW
DestroyCaret
TrackPopupMenu
EnumPropsExA
UnregisterClassA
CloseWindow
ScrollWindow
SetSystemCursor
GetClipboardFormatNameA
GetPropW
SetWindowPlacement
CopyAcceleratorTableW
FindWindowA
DdeCreateStringHandleW
ReplyMessage
DrawEdge
GetLastActivePopup
SetCursorPos
BroadcastSystemMessageA
GetClassLongA
SendNotifyMessageA
OpenWindowStationA
ChildWindowFromPointEx
GetListBoxInfo
IsCharAlphaNumericA
GetAltTabInfo
LockWorkStation
TileWindows
CascadeChildWindows
LoadKeyboardLayoutW
RegisterDeviceNotificationW
UserHandleGrantAccess
GetWindowTextLengthW
GetProcessWindowStation
EnumClipboardFormats
LoadCursorFromFileA
SetParent
EnumPropsW
GetUpdateRect
SetClassWord
WindowFromPoint
DdeAddData
GetKBCodePage
SetScrollRange
SetMenuItemInfoW
DdeDisconnect
DdeUnaccessData
GetInputState
IMPQueryIMEW
SubtractRect
GetClassInfoA
GetKeyNameTextW
MessageBoxExA
DdeCreateStringHandleA
GetCaretBlinkTime
CreateDesktopW
GetWindowModuleFileNameA
GetDCEx
CreateAcceleratorTableW
GetMenuItemRect
GetTabbedTextExtentA
FrameRect
MapVirtualKeyW
LoadMenuIndirectW
SetProcessWindowStation
CharPrevExA
MapVirtualKeyExA
GetUserObjectSecurity
GetMenuDefaultItem
GetDlgCtrlID
GetCursorInfo
EnumPropsA
ChangeClipboardChain
DrawTextExA
AllowSetForegroundWindow
TranslateAcceleratorA
SetDoubleClickTime
CloseClipboard
DrawFocusRect
MsgWaitForMultipleObjects
OpenDesktopA
SetDlgItemInt
RegOpenKeyExW
SetServiceStatus
ConvertAccessToSecurityDescriptorW
SetNamedSecurityInfoW
RegReplaceKeyA
OpenThreadToken
ConvertSidToStringSidW
OpenServiceA
SystemFunction016
AreAnyAccessesGranted
SystemFunction004
EnumDependentServicesA
SetTraceCallback
ClearEventLogA
GetAuditedPermissionsFromAclW
EnumServicesStatusExW
SystemFunction029
QueryServiceConfig2W
GetTrusteeNameW
SetSecurityDescriptorGroup
CryptSetProviderExW
CommandLineFromMsiDescriptor
GetEventLogInformation
ElfDeregisterEventSource
DuplicateTokenEx
GetMultipleTrusteeA
GetNumberOfEventLogRecords
CreateProcessAsUserA
GetEffectiveRightsFromAclW
RemoveTraceCallback
CryptDecrypt
CryptVerifySignatureW
OpenEventLogW
SetSecurityInfo
ImpersonateSelf
LsaGetQuotasForAccount
LsaCreateSecret
BuildTrusteeWithNameW
SetTokenInformation
AddAccessDeniedAceEx
IsValidSid
BackupEventLogW
GetTrusteeTypeA
QueryServiceConfigW
ChangeServiceConfig2W
OpenServiceW
LsaEnumeratePrivileges
SetServiceObjectSecurity
AddAuditAccessAceEx
EnumServicesStatusExA
AdjustTokenPrivileges
GetTrusteeTypeW
ChangeServiceConfig2A
ElfOpenBackupEventLogW
RegSaveKeyA
LsaOpenSecret
GetOldestEventLogRecord
GetSecurityDescriptorLength
ElfChangeNotify
LsaEnumerateTrustedDomainsEx
DecryptFileA
RegSetValueExA
GetTrusteeFormW
GetUserNameW
PrivilegedServiceAuditAlarmA
OpenBackupEventLogA
LsaSetSecurityObject
GetServiceDisplayNameA
GetCurrentHwProfileA
ChangeServiceConfigA
RegEnumValueA
CryptVerifySignatureA
LockServiceDatabase
LsaStorePrivateData
SetNamedSecurityInfoA
AddAccessDeniedAce
ControlTraceA
AccessCheckByTypeAndAuditAlarmW
LsaNtStatusToWinError
GetSecurityDescriptorDacl
SystemFunction034
LookupSecurityDescriptorPartsA
ObjectPrivilegeAuditAlarmW
GetExplicitEntriesFromAclW
AccessCheckByTypeResultListAndAuditAlarmW
RegOpenUserClassesRoot
RegQueryValueExA
ConvertToAutoInheritPrivateObjectSecurity
AbortSystemShutdownW
NotifyChangeEventLog
OpenEncryptedFileRawA
SystemFunction012
CreateServiceA
InitiateSystemShutdownA
GetFileSecurityA
SystemFunction032
RegGetKeySecurity
RegEnumKeyExA
LsaQueryInformationPolicy
QueryAllTracesA
RegDisablePredefinedCache
DecryptFileW
CryptContextAddRef
TraceEventInstance
CryptSignHashW
GetSidIdentifierAuthority
LsaCreateTrustedDomain
BuildTrusteeWithObjectsAndSidA
LsaRemovePrivilegesFromAccount
BuildImpersonateExplicitAccessWithNameA
LsaLookupPrivilegeDisplayName
CryptAcquireContextW
ElfBackupEventLogFileW
QueryServiceObjectSecurity
LsaEnumerateTrustedDomains
ReadEventLogA
BuildImpersonateExplicitAccessWithNameW
UnregisterTraceGuids
LsaDelete
NotifyBootConfigStatus
IsTextUnicode
AccessCheckByTypeResultList
CryptEnumProviderTypesW
RegisterEventSourceA
GetTrusteeNameA
LsaLookupSids
CreateServiceW
ObjectDeleteAuditAlarmA
RegisterServiceCtrlHandlerExW
ClearEventLogW
FreeEncryptionCertificateHashList
CloseEncryptedFileRaw
MakeAbsoluteSD2
LookupPrivilegeDisplayNameA
RegSetValueA
LsaQueryInfoTrustedDomain
CryptSetProviderA
ObjectOpenAuditAlarmA
SetSecurityDescriptorDacl
ReportEventW
RegCreateKeyW
CryptSetProvParam
ConvertSDToStringSDRootDomainW
SetEntriesInAuditListW
ConvertStringSDToSDRootDomainA
DuplicateEncryptionInfoFile
CryptGetProvParam
LookupPrivilegeNameW
CryptSetKeyParam
LsaICLookupNames
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityInfo
ProcessTrace
EncryptFileW
SetSecurityInfoExA
LsaEnumerateAccountsWithUserRight
LsaClearAuditLog
SystemFunction018
GetOverlappedAccessResults
InitiateSystemShutdownExA
SystemFunction014
AccessCheckByType
CryptEnumProvidersW
ObjectCloseAuditAlarmA
CreatePrivateObjectSecurity
SHBindToParent
SHCreateDirectoryExA
ShellExecuteEx
ExtractIconExW
Shell_NotifyIconA
SHGetDiskFreeSpaceExW
SHInvokePrinterCommandA
ExtractIconExA
ExtractIconEx
FindExecutableW
SHGetSpecialFolderPathW
SHLoadNonloadedIconOverlayIdentifiers
ExtractAssociatedIconW
SHGetPathFromIDList
SHAppBarMessage
SHQueryRecycleBinA
SHPathPrepareForWriteA
SHGetInstanceExplorer
SHPathPrepareForWriteW
SHBrowseForFolder
WOWShellExecute
ExtractAssociatedIconA
ExtractAssociatedIconExA
DragAcceptFiles
SHInvokePrinterCommandW
DoEnvironmentSubstA
SHAddToRecentDocs
SHLoadInProc
SHGetIconOverlayIndexA
SHGetDesktopFolder
DragQueryFileAorW
DragQueryFile
SHGetFolderPathW
ShellAboutA
ExtractAssociatedIconExW
SHGetDataFromIDListA
SHGetSettings
SHBrowseForFolderW
ShellExecuteW
SHGetPathFromIDListW
SHGetFolderPathA
SHGetFileInfoW
ExtractIconA
SHGetDiskFreeSpaceA
SHFormatDrive
ExtractIconW
SHGetFolderLocation
SHGetIconOverlayIndexW
SHCreateProcessAsUserW
ShellExecuteExA
SHBrowseForFolderA
SHFileOperation
SHGetMalloc
SHChangeNotify
DragQueryFileW
SHEmptyRecycleBinW
ShellHookProc
ShellAboutW
SHGetFileInfoA
CommandLineToArgvW
CheckEscapesW
ShellExecuteExW
DragQueryPoint
DragFinish
SHFreeNameMappings
SHQueryRecycleBinW
DragQueryFileA
SHGetSpecialFolderLocation
DuplicateIcon
Shell_NotifyIcon
SHIsFileAvailableOffline
StrRChrIW
StrRChrA
StrStrIA
StrCmpNIW
StrStrW
StrRChrIA
StrStrA
StrChrIW
StrCmpNW
StrStrIW
StrChrW
StrCmpNIA
StrChrIA
StrRChrW
StrChrA
StrRStrIW
ImageList_SetOverlayImage
PropertySheet
ImageList_DragShowNolock
ImageList_ReplaceIcon
ord15
ord7
ord13
ImageList_GetDragImage
FlatSB_SetScrollInfo
CreatePropertySheetPageW
ImageList_LoadImageW
ImageList_Copy
FlatSB_GetScrollRange
FlatSB_GetScrollPos
ord4
InitMUILanguage
ImageList_BeginDrag
ImageList_EndDrag
ImageList_SetImageCount
ImageList_Write
GetMUILanguage
FlatSB_SetScrollRange
ImageList_GetIconSize
FlatSB_SetScrollProp
ord3
ImageList_GetImageCount
InitCommonControlsEx
ImageList_LoadImageA
ImageList_SetFilter
ImageList_SetDragCursorImage
ImageList_Read
DestroyPropertySheetPage
_TrackMouseEvent
ImageList_GetImageRect
ord17
ImageList_Merge
UninitializeFlatSB
ImageList_AddMasked
ImageList_Add
ImageList_SetIconSize
ImageList_DragMove
FlatSB_GetScrollProp
ord6
ImageList_Replace
ord5
ImageList_Create
InitializeFlatSB
ImageList_DragEnter
ImageList_GetIcon
ImageList_DrawIndirect
ord8
ImageList_GetBkColor
PropertySheetW
FlatSB_EnableScrollBar
CreateToolbarEx
CreateStatusWindow
PropertySheetA
ImageList_LoadImage
DrawStatusText
ImageList_GetImageInfo
ImageList_AddIcon
DrawStatusTextW
ImageList_Remove
ImageList_Draw
ImageList_Destroy
CreatePropertySheetPage
ImageList_Duplicate
FlatSB_GetScrollInfo
ImageList_DragLeave
CreatePropertySheetPageA
ImageList_DrawEx
CreateStatusWindowW
FlatSB_ShowScrollBar
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ