Extended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
402b13fe3a1a0dda2e581c5f047dcb24f03a8385d2e25f499c5f0920be1ce908.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
402b13fe3a1a0dda2e581c5f047dcb24f03a8385d2e25f499c5f0920be1ce908.exe
Resource
win10v2004-20220901-en
Target
402b13fe3a1a0dda2e581c5f047dcb24f03a8385d2e25f499c5f0920be1ce908
Size
631KB
MD5
0ac5898ce04eeedaaf2b697819435f30
SHA1
29d37aa7d43f9a1321c85f03670b2b6956b9abcd
SHA256
402b13fe3a1a0dda2e581c5f047dcb24f03a8385d2e25f499c5f0920be1ce908
SHA512
98492dc2e7d08d39b77a694305116deecad04f6f59b86b5c1966b7640ef56ede172b01630e5e70a28ac19d848305eed313f4e7097e6fabaa0a51533119fb2d08
SSDEEP
12288:d4R1Ta4P20vEg9963l6wXQ641hI4w251cNpvH3RwtVEZi/4m0bvS4:/sZ83l6wXQ641hI4w251cNpvH3RwtVEv
ExtKeyUsageTimeStamping
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
htons
htonl
??H@YA?AVCTXStringW@@PB_WABV0@@Z
?RecordTransBegin@Perf@Util@@YA_JPB_WHH00@Z
??4CTXStringW@@QAEAAV0@PB_W@Z
?RecordTransEnd@Perf@Util@@YAJ_JPB_WHH11H@Z
??H@YA?AVCTXStringW@@ABV0@0@Z
?Format@CTXStringW@@QAAXPB_WZZ
?IsEmpty@CTXBSTR@@QAEHXZ
??ICTXBSTR@@QAEPAPA_WXZ
?EraseTimerCallback@TXTimer@@YAHPAUITXTimerCallback@@I@Z
??4CTXBSTR@@QAEAAV0@PB_W@Z
?SetInterval@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
??8@YA_NPB_WABVCTXBSTR@@@Z
?ClearDeadQueue@Misc@Util@@YAXXZ
?CreateObjectFromDllFile@Com@Util@@YGJPB_WABU_GUID@@1PAPAXPAUIUnknown@@@Z
?GetPlatformCore@Core@Util@@YAHPAPAUITXCore@@@Z
??0CTXStringW@@QAE@PA_W@Z
?Replace@CTXStringW@@QAEHPB_W0@Z
??0CTXBSTR@@QAE@ABVCTXStringW@@@Z
?InitPlatformCoreConfig@Boot@Util@@YAHXZ
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
?InitBugReport@TXBugReport@@YAXPB_W000GGKHHKKP6GHPAUtagBugReportInfo@1@PBD200PAPAXPAKPAX@Z@Z
?SetBugReportUin@TXBugReport@@YAXKPB_W@Z
?ValidateBugReport@TXBugReport@@YAXXZ
?OnExitCoreCenter@Misc@Util@@YAXXZ
?OnExitWinMain@Misc@Util@@YAXXZ
??0CTXBSTR@@QAE@ABV0@@Z
??0CTXBSTR@@QAE@XZ
??0CTXStringW@@QAE@PB_W@Z
??0CTXBSTR@@QAE@PB_W@Z
??BCTXBSTR@@QBEPA_WXZ
??1CTXBSTR@@QAE@XZ
?IsFileExist@FS@@YAHPB_W@Z
?OnUninitCom@Misc@Util@@YAXXZ
?GetParentDir@FS@Util@@YA?AVCTXStringW@@V3@@Z
?InitPlatformI18NConfig@Boot@Util@@YAHXZ
?SetMainAndLogicThreadId@Misc@Util@@YAXKK@Z
?ReleaseBuffer@CTXStringW@@QAEXH@Z
?GetPlatformTpc@CoreCenter@Util@@YAHPAPAUITXDataRead@@@Z
?GetPlatformCore@CoreCenter@Util@@YAHPAPAUITXPlatformCore@@@Z
??8CTXBSTR@@QBE_NPB_W@Z
??4CTXStringW@@QAEAAV0@ABVCTXBSTR@@@Z
??0CTXStringW@@QAE@ABVCTXBSTR@@@Z
?TXAssert@@YAXPB_W0H@Z
?NotifyIdle@TXTimer@@YAXXZ
??4CTXStringW@@QAEAAV0@PA_W@Z
?MakeLower@CTXStringW@@QAEAAV1@XZ
?Find@CTXStringW@@QBEHPB_WH@Z
?IsEmpty@CTXStringW@@QBE_NXZ
??BCTXStringW@@QBEPB_WXZ
?AddFileSystem@FS@@YAJW4FILESYSTEM_TYPE@@PB_W1HHH@Z
??0CTXStringW@@QAE@XZ
?Find@CTXStringW@@QBEH_WH@Z
??0CTXStringW@@QAE@ABV0@@Z
??1CTXStringW@@QAE@XZ
?Mid@CTXStringW@@QBE?AV1@H@Z
??4CTXStringW@@QAEAAV0@ABV0@@Z
?TrimLeft@CTXStringW@@QAEAAV1@XZ
?TrimRight@CTXStringW@@QAEAAV1@XZ
?DelIdleCallback@Window@Util@@YAJPAVVTXMsgLoopIdleCallback@@@Z
?InitPlatformGFConfig@Boot@Util@@YAHXZ
?RemoveFileSystem@FS@@YAHPB_W@Z
?GetLocalePath@TXI18N@@YA?AVCTXStringW@@PB_W@Z
?IsDirectoryExist@FS@@YAHPB_W@Z
?GetLength@CTXStringW@@QBEHXZ
?SplitQNC@FS@@YAHPB_WAAVCTXStringW@@1@Z
?TrimLeft@CTXStringW@@QAEAAV1@PB_W@Z
?GetFileName@FS@Util@@YA?AVCTXStringW@@ABV3@@Z
?GetParentDir@File@Util@@YA?AVCTXStringW@@ABV3@@Z
??YCTXStringW@@QAEAAV0@ABV0@@Z
?InitPlatform@CoreCenter@Util@@YAHPA_W@Z
??M@YA_NABVCTXStringW@@0@Z
?GetBuffer@CTXStringW@@QAEPA_WXZ
?CreateObject@GF@Util@@YAJABU_GUID@@0PAPAX@Z
?SetCustomObjectFactory@GF@Util@@YAXP6AHABU_GUID@@0PAPAX@Z@Z
?RawCreateGFElementByXtml@GF@Util@@YAJPA_WPAPAUIGFElement@@PAU3@0H@Z
DeleteFileW
lstrcmpiW
OpenProcess
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
GetThreadLocale
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
lstrcpynW
MoveFileExW
GetLocaleInfoA
GetSystemDirectoryW
GetACP
MultiByteToWideChar
ReleaseMutex
GetModuleHandleExW
VirtualQuery
GetSystemDefaultLangID
MoveFileW
GetVersionExW
LoadLibraryA
GetLocalTime
OpenEventW
IsBadReadPtr
OpenFileMappingW
InitializeCriticalSection
WriteFile
SwitchToThread
GetCurrentProcessId
SetFilePointer
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
SetLastError
FlushInstructionCache
LocalFree
CompareFileTime
GetLongPathNameW
ExpandEnvironmentStringsW
GetModuleHandleW
CreateFileW
GetFileTime
WideCharToMultiByte
lstrlenW
GetProcAddress
FreeLibrary
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
RaiseException
SetEvent
GetModuleFileNameW
CreateProcessW
LoadLibraryW
GetCommandLineW
SetDllDirectoryW
GetCurrentProcess
GetCurrentThreadId
InterlockedCompareExchange
InterlockedExchange
Sleep
CloseHandle
CreateMutexW
GetLastError
GetTickCount
WaitForSingleObject
CreateEventW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
EnterCriticalSection
GetSystemInfo
GetSystemTimeAsFileTime
PeekMessageW
DispatchMessageW
FindWindowW
RegisterClassExW
UnregisterClassA
GetClassInfoExW
LoadCursorW
SendMessageTimeoutW
MsgWaitForMultipleObjects
IsWindow
GetMessageW
WaitMessage
TranslateMessage
FindWindowA
RegisterWindowMessageW
LoadIconW
GetWindowLongW
CreatePopupMenu
AppendMenuW
GetCursorPos
SetForegroundWindow
TrackPopupMenuEx
DefWindowProcW
CreateWindowExW
DestroyWindow
KillTimer
SetTimer
SetPropW
GetPropW
PostMessageW
CallWindowProcW
SetWindowLongW
IsIconic
IsWindowVisible
LoadImageW
SendMessageW
PostThreadMessageW
MonitorFromRect
GetMonitorInfoW
SystemParametersInfoW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegNotifyChangeKeyValue
RegCreateKeyExW
RegSetValueExW
RegGetKeySecurity
RegSetKeySecurity
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegFlushKey
RegEnumKeyExW
SHChangeNotify
CommandLineToArgvW
Shell_NotifyIconW
SHGetSpecialFolderPathW
OleInitialize
OleUninitialize
CoCreateInstance
IIDFromString
SysStringLen
LoadRegTypeLi
LoadTypeLi
SysFreeString
ord30
ord31
ord58
ord32
ord43
ord44
PathCombineW
PathMakePrettyW
PathStripPathW
PathAppendW
PathFileExistsW
PathRemoveFileSpecW
PathAddBackslashW
StrCmpIW
PathFindFileNameW
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?_Myptr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEPA_WXZ
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?find_last_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIABV12@@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
InitCommonControlsEx
EnumProcessModules
GetModuleBaseNameW
GetModuleFileNameExW
GetProcessMemoryInfo
EnumProcesses
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_invoke_watson
_except_handler3
_controlfp_s
_CIsqrt
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
??3@YAXPAX@Z
memcpy_s
_CxxThrowException
memset
__CxxFrameHandler3
??_V@YAXPAX@Z
_vscwprintf
vswprintf_s
wcslen
swprintf_s
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
memmove_s
_purecall
memcpy
_wtoi
_recalloc
_snwprintf_s
_vsnwprintf_s_l
__argc
__wargv
wcsncpy_s
free
_vsnwprintf_s
towlower
wcsncpy
_wcsicmp
wcsncat_s
strcmp
atol
wcsrchr
_wtol
strrchr
strchr
_memicmp
fflush
_snprintf_s
_vsnprintf_s
wcscpy_s
fclose
strncpy_s
fwrite
_wtoi64
_wsplitpath_s
swscanf_s
malloc
atoi
wcstol
wcsncmp
wcschr
wcsstr
fread
ftell
fseek
_wfopen_s
memmove
realloc
putchar
putwchar
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_except_handler4_common
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
??4_Init_locks@std@@QAEAAV01@ABV01@@Z
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE