Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
Acronis True Image 2020 v24 Patch.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
Acronis True Image 2020 v24 Patch.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
Acronis True Image crack/AcronisTrueImage2020.exe
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
Acronis True Image crack/AcronisTrueImage2020.exe
Resource
win10v2004-20220812-en
Target
Acronis True Image crack.rar
Size
588.6MB
MD5
6bdb8355f09ecd8b22ad4a0e3f63edef
SHA1
6a92a1ae8d122e7847f2c51cab61e3d307d9898d
SHA256
f13d66b05b2368cee67cfbf63daa0deb3db76d93dbe83e49635506324d91e75c
SHA512
ad71d931e5caf1d498373166cc99b13affb2108066d7725dbf7a8232a39c4e6ca3d6a80aa3d4cdbc0b9230277e6e670d72b0bdb3f9d30400210c48257c56134e
SSDEEP
12582912:6Ig+kMPXWCcPipkvTVugRosAEiWofUWC5DeQWu50DH:HPXWCWipkvkgRWEiWX5De+2
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
DeleteFileA
ExitProcess
FindResourceA
FreeLibrary
GetModuleHandleA
GetProcAddress
GetTempPathA
LoadLibraryA
LoadResource
RtlMoveMemory
SizeofResource
VirtualAlloc
lstrcatA
CloseHandle
CreateFileA
FlushFileBuffers
WriteFile
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
SERIALNUMBER=CHE-113.666.835,CN=Acronis International GmbH,O=Acronis International GmbH,STREET=Rheinweg 9,L=Schaffhausen,ST=Schaffhausen,C=CH,1.3.6.1.4.1.311.60.2.1.2=#130c53636861666668617573656e,1.3.6.1.4.1.311.60.2.1.3=#13024348,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e
CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE
CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign
SERIALNUMBER=CHE-113.666.835,CN=Acronis International GmbH,O=Acronis International GmbH,STREET=Rheinweg 9,L=Schaffhausen,ST=Schaffhausen,C=CH,1.3.6.1.4.1.311.60.2.1.2=#130c53636861666668617573656e,1.3.6.1.4.1.311.60.2.1.3=#13024348,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e
CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE
CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign
CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE
SERIALNUMBER=CHE-113.666.835,CN=Acronis International GmbH,O=Acronis International GmbH,STREET=Rheinweg 9,L=Schaffhausen,ST=Schaffhausen,C=CH,1.3.6.1.4.1.311.60.2.1.2=#130c53636861666668617573656e,1.3.6.1.4.1.311.60.2.1.3=#13024348,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e
CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE
CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign
SERIALNUMBER=CHE-113.666.835,CN=Acronis International GmbH,O=Acronis International GmbH,STREET=Rheinweg 9,L=Schaffhausen,ST=Schaffhausen,C=CH,1.3.6.1.4.1.311.60.2.1.2=#130c53636861666668617573656e,1.3.6.1.4.1.311.60.2.1.3=#13024348,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e
CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE
CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign
CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
GdipLoadImageFromStream
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDrawString
GdipDeleteFont
GdipCreateFont
GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipFillRectangleI
GdipDrawRectangleI
GdipDeleteGraphics
GdipCreateFromHDC
GdipGetImageHeight
GdipGetImageWidth
GdipDeletePen
GdipCreatePen1
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipFree
GdipAlloc
GdipCloneImage
GdipDrawImageRectRectI
GdipDisposeImage
GdiplusShutdown
GdiplusStartup
AllocateAndInitializeSid
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
EncryptFileW
DecryptFileW
GetSecurityDescriptorOwner
SetFileSecurityW
GetFileSecurityW
RevertToSelf
SetThreadToken
OpenThreadToken
ImpersonateLoggedOnUser
OpenEncryptedFileRawW
ReadEncryptedFileRaw
WriteEncryptedFileRaw
CloseEncryptedFileRaw
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegOpenKeyExA
InitiateSystemShutdownA
RegEnumValueW
RegQueryInfoKeyA
RegSetKeySecurity
SetSecurityInfo
GetTokenInformation
IsValidSid
FreeSid
GetSidIdentifierAuthority
GetSidSubAuthority
GetSidSubAuthorityCount
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SystemFunction036
lstrcmpiW
CreateMutexW
LoadLibraryExW
GetModuleFileNameW
GetModuleHandleW
FindResourceW
CopyFileW
VerifyVersionInfoW
MultiByteToWideChar
SetLastError
SetErrorMode
SetEvent
Sleep
CreateEventA
GetVersion
GetCurrentProcessId
LocalFree
FormatMessageA
FormatMessageW
GetModuleHandleA
InitializeCriticalSection
GetTempPathW
RemoveDirectoryW
DeleteFileW
MoveFileExW
SetCurrentDirectoryW
GetCurrentDirectoryW
CloseHandle
LoadLibraryW
LockResource
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetLogicalDrives
FindClose
GetDriveTypeA
GetWindowsDirectoryW
GetProcessWorkingSetSize
SetProcessWorkingSetSize
GetCurrentProcess
LockFileEx
UnlockFileEx
WriteFile
ReadFile
FlushFileBuffers
DeviceIoControl
SetEndOfFile
SetFilePointer
SetFileTime
GetFileInformationByHandle
GetDriveTypeW
GetDiskFreeSpaceW
GetDiskFreeSpaceExW
CreateDirectoryW
CreateFileW
SetFileAttributesW
GetCompressedFileSizeW
FindFirstFileW
FindNextFileW
MoveFileW
CreateHardLinkW
GetVolumeInformationW
FindFirstChangeNotificationW
GetVolumeNameForVolumeMountPointW
GetVolumePathNameW
CompareStringW
GetCurrentThreadId
ResetEvent
WaitForMultipleObjects
FindNextChangeNotification
FindCloseChangeNotification
GetCurrentThread
ExitThread
LoadLibraryA
FreeEnvironmentStringsW
FindResourceExW
EnumResourceNamesW
EnumResourceLanguagesW
QueryDosDeviceA
GetSystemDefaultLangID
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetFileTime
BackupRead
BackupSeek
BackupWrite
GetFileAttributesW
GetFileAttributesExW
GetLocaleInfoA
GetUserDefaultUILanguage
LocalAlloc
WideCharToMultiByte
GetStartupInfoW
GetFileType
GetStdHandle
GetModuleHandleExW
ExitProcess
CreateThread
RtlUnwind
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
GetCommandLineW
SizeofResource
LoadResource
WaitForSingleObject
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetLastError
RaiseException
GetExitCodeProcess
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
GetProcAddress
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
FreeLibrary
InterlockedDecrement
InterlockedIncrement
DecodePointer
VerSetConditionMask
QueryPerformanceCounter
GetEnvironmentStringsW
MulDiv
ExpandEnvironmentStringsW
TlsFree
IsValidCodePage
GetACP
GetOEMCP
OutputDebugStringA
LoadLibraryExA
InterlockedExchange
TerminateThread
GetThreadPriority
SetThreadPriority
CreateSemaphoreA
GetCPInfo
GetStringTypeW
OutputDebugStringW
LCMapStringW
ReleaseSemaphore
LCMapStringA
ReadConsoleW
GetConsoleCP
GetConsoleMode
WriteConsoleW
SetStdHandle
SetFilePointerEx
wsprintfW
CreateWindowExA
RegisterClassExA
DefWindowProcA
DispatchMessageA
GetMessageA
CharUpperBuffW
SetWindowLongW
GetWindowLongW
AdjustWindowRectEx
GetWindowRect
UpdateWindow
SetWindowPos
PostMessageW
DispatchMessageW
TranslateMessage
GetMessageW
ReleaseDC
GetDC
LoadImageW
LoadIconW
LoadCursorW
MessageBoxW
GetSystemMetrics
CharNextW
SetLayeredWindowAttributes
ShowWindow
DestroyWindow
CreateWindowExW
DefWindowProcW
RegisterClassExW
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
DeleteObject
SelectObject
GetDeviceCaps
SetViewportOrgEx
ShellExecuteExW
ShellExecuteW
SHGetMalloc
SHGetDesktopFolder
SHGetFolderPathW
SHGetPathFromIDListW
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoInitializeEx
CoUninitialize
CoInitialize
SafeArrayAccessData
VarUI4FromStr
SafeArrayUnaccessData
VariantChangeType
VariantClear
VariantInit
PathAppendW
PathAddBackslashW
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ