Extended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
Static task
static1
Behavioral task
behavioral1
Sample
22a5605356c2548b868f1267042d1484c89370b1fc8a2b79684f845e63da57fd.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
22a5605356c2548b868f1267042d1484c89370b1fc8a2b79684f845e63da57fd.exe
Resource
win10v2004-20220812-en
Target
22a5605356c2548b868f1267042d1484c89370b1fc8a2b79684f845e63da57fd
Size
110KB
MD5
50c997326ef1678f3b4ab9dd8aa20386
SHA1
7ac427578fa072e99f6b04476856864c443b0c74
SHA256
22a5605356c2548b868f1267042d1484c89370b1fc8a2b79684f845e63da57fd
SHA512
36c6f923470fc5fd1a45ac4049b569835621fea1d25f5c8f4bf05fc89bc032cd22d8aa746256ecfdc1873141caa8639aa9c37c296fd2a96ef09949bf2e9a3058
SSDEEP
1536:HmqHY9i5bPpclrbfJcPTVCNyXC3Owhwp50IPeA:GaY9i5ly/fJcPwNyS3Owhwp50u
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageContentCommitment
ExtKeyUsageTimeStamping
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
?Log@CDiagnostic@@SAXPBD0@Z
?Initialize@CDiagnostic@@SAXPBDH00@Z
?DelayDiagsUntilInit@CDiagnostic@@SAXH@Z
?Logf@CDiagnostic@@SAXPBD0ZZ
??0CBaseRpcServerProvider@@QAE@XZ
?GetBaseServer@CBaseRpcServerProvider@@QAEPAVCBaseRpcServer@@XZ
?TrackMemoryToFree@CRpcMemoryHelper@@QAEXPAX@Z
??1CBaseRpcServerProvider@@UAE@XZ
?ReleaseServer@CBaseRpcServerProvider@@QAEXPAVCBaseRpcServer@@@Z
?DeleteObject@CSharedHandle@@AAEXXZ
?Release@CClientContext@@QAEXXZ
?GetDestroyEvent@CClientContext@@QAEHPAPAVCSharedHandle@@@Z
?SetRundownMode@CClientContext@@QAEXW4tagRUNDOWN_MODE@@@Z
?RemoveContext@CContextRpcServer@@QAEHPAX@Z
?ReleaseRef@CBaseRpcServer@@QAEJXZ
?GetContext@CContextRpcServer@@QAEKPAXPAPAVCClientContext@@@Z
?AddContext@CContextRpcServer@@QAEKPAX00P6GX0@ZPAVCClientContext@@@Z
?GetContextHandleCount@CContextRpcServer@@QAEKXZ
?FreeObject@CRpcMemoryHelper@@SAXPAV1@@Z
?ClearTrackedMemory@CRpcMemoryHelper@@QAEXXZ
?AllocateObject@CRpcMemoryHelper@@SAPAV1@P6GXPAX@Z@Z
??0CContextRpcServer@@QAE@PAXP6GJ00@Z@Z
?CheckTokenAccess@CBaseRpcServer@@UAEKPAX@Z
?StopRpcServer@CContextRpcServer@@UAEHXZ
?StartRpcServer@CContextRpcServer@@UAEKXZ
?DoManualWin2kContextHandleRundown@CBaseRpcServer@@MAEHXZ
??1CContextRpcServer@@UAE@XZ
?Logf@CClientContext@@QAAXKPBDZZ
?OnPreDelete@CClientContext@@UAEXXZ
?QueryClientPID@CBaseRpcServer@@QAEKPAK@Z
?Initialize@CClientContext@@UAEKXZ
?OnClose@CClientContext@@UAEXXZ
?OnInitialize@CClientContext@@UAEKXZ
?OnPostSetRundownMode@CClientContext@@UAEXW4tagRUNDOWN_MODE@@@Z
?Initialize@CBaseRpcServerProvider@@QAEKXZ
?OnPreSetRundownMode@CClientContext@@UAEXW4tagRUNDOWN_MODE@@@Z
?OnOpenComplete@CClientContext@@UAEXK@Z
??0CClientContext@@QAE@PAVCBaseRpcServer@@@Z
?SetLogFlags@CClientContext@@QAEKK@Z
??1CClientContext@@UAE@XZ
?SetLogFlags@CBaseRpcServer@@QAEKK@Z
?LocalQueryRpcClientToken@CBaseRpcServer@@QAEKPAPAX@Z
?UnInitialize@CBaseRpcServerProvider@@QAEHXZ
?Logf@CBaseRpcServer@@QAAXKPBDZZ
?AddEndpointInfo@CBaseRpcServer@@QAEKKPBD0QAX@Z
NdrServerCall2
RpcServerInqDefaultPrincNameA
RpcStringFreeA
RpcServerRegisterAuthInfoA
IpReleaseAddress
CM_Get_DevNode_Status
SetupDiDestroyDeviceInfoList
SetupDiDeleteDeviceInfo
SetupDiChangeState
SetupDiSetClassInstallParamsA
SetupDiClassGuidsFromNameW
SetupDiOpenDeviceInfoW
SetupDiCreateDeviceInfoList
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
GetLocaleInfoA
GetThreadLocale
RaiseException
HeapDestroy
SetUnhandledExceptionFilter
HeapFree
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
HeapReAlloc
CreateMutexA
CreateEventA
GetCurrentThread
FormatMessageA
SetEvent
GetProcessHeap
HeapSize
HeapAlloc
InterlockedCompareExchange
GetModuleFileNameA
GetVersionExA
GetCurrentProcess
GetModuleHandleA
InitializeCriticalSection
CloseHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
SetLastError
FlushFileBuffers
SetEndOfFile
WriteFile
SetFilePointer
CreateFileA
SetFileAttributesA
GetFileAttributesA
GetSystemDirectoryA
GetCurrentThreadId
GetLocalTime
LocalFree
DuplicateHandle
LocalAlloc
InterlockedDecrement
WaitForSingleObject
InterlockedIncrement
InterlockedExchange
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
Sleep
ReleaseMutex
LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
LoadIconA
LoadCursorA
RegisterClassExA
DefWindowProcA
DestroyWindow
DialogBoxParamA
BeginPaint
EndPaint
MessageBoxA
EndDialog
CreateWindowExA
ShowWindow
UpdateWindow
PostQuitMessage
UnregisterClassA
OpenSCManagerA
DuplicateTokenEx
CreateWellKnownSid
SetEntriesInAclA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetServiceObjectSecurity
GetSecurityDescriptorDacl
QueryServiceObjectSecurity
CloseServiceHandle
ControlService
QueryServiceStatus
OpenServiceA
DeleteService
SetServiceStatus
ChangeServiceConfig2A
CreateServiceA
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
__set_app_type
_cexit
__getmainargs
_amsg_exit
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_except_handler4_common
__argc
_stricmp
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s
_exit
__argv
_splitpath
vsprintf_s
memcpy_s
_mbschr
_mbsinc
??_V@YAXPAX@Z
memmove_s
_CxxThrowException
_vscprintf
_snprintf
_vsnprintf
free
??2@YAPAXI@Z
??_U@YAPAXI@Z
malloc
??3@YAXPAX@Z
wcsncpy
memset
__CxxFrameHandler3
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ