Static task
static1
Behavioral task
behavioral1
Sample
b053b4d86d46e3fe1d1562ac41b9bf9573daa46421d03c1d3d7a95fa6766a9ab.dll
Resource
win7-20220901-en
windows7-x64
Behavioral task
behavioral2
Sample
b053b4d86d46e3fe1d1562ac41b9bf9573daa46421d03c1d3d7a95fa6766a9ab.dll
Resource
win10v2004-20221111-en
windows10-2004-x64
Target
b053b4d86d46e3fe1d1562ac41b9bf9573daa46421d03c1d3d7a95fa6766a9ab
Size
835KB
MD5
fa23c87df8752921980210e4fe53a681
SHA1
3baa22188dd3dfed818a5691847767d1a12e6683
SHA256
b053b4d86d46e3fe1d1562ac41b9bf9573daa46421d03c1d3d7a95fa6766a9ab
SHA512
f1ec199614a6b8baa69df945e752ad5a1d6b84bdebf83f0e67a4c63f4fac946a6941f5825e295adae8a3adfeb3961f5746e7ec768984c63dc1cd508b7a03b65b
SSDEEP
24576:uNqwktBLPrt0fCmydcPZCkRQz3jeQEWgr:LwktBLPrwRydcBCklQE3
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageCertSign
KeyUsageCRLSign
CN=McAfee\, LLC,OU=Engineering,O=McAfee\, LLC,POSTALCODE=95054,STREET=2821 Mission College Blvd,L=Santa Clara,ST=California,C=US
CN=McAfee Code Signing CA 2,O=McAfee\, Inc.,L=Santa Clara,ST=CA,C=US
CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US
CN=McAfee\, LLC,O=McAfee\, LLC,L=Santa Clara,ST=California,C=US
CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE
CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign
CN=McAfee\, LLC,O=McAfee\, LLC,L=Santa Clara,ST=California,C=US
CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE
CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign
CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
CertVerifyCertificateChainPolicy
CertFreeCertificateChain
CertGetCertificateChain
CryptQueryObject
CertGetNameStringW
CertGetCertificateContextProperty
CertFreeCertificateContext
CertGetSubjectCertificateFromStore
CertCloseStore
CryptMsgGetParam
CryptMsgClose
CryptDecodeObject
CryptMsgUpdate
CryptMsgOpenToDecode
WinVerifyTrust
GetEnvironmentVariableW
SetLastError
LoadLibraryW
GetModuleHandleExW
RtlCaptureContext
CloseHandle
RaiseFailFastException
WaitForSingleObject
GetCurrentProcess
GetCurrentProcessId
TerminateProcess
GetExitCodeProcess
CreateProcessW
ProcessIdToSessionId
GetProcessId
OpenProcess
WTSGetActiveConsoleSessionId
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
VerSetConditionMask
GetSystemTime
CreateFileW
DeleteFileW
FindClose
FindFirstFileW
GetFileAttributesW
RemoveDirectoryW
SetFilePointer
WriteFile
OutputDebugStringW
ReleaseMutex
CreateMutexW
GetCurrentThreadId
GetLocalTime
InitializeCriticalSectionAndSpinCount
VirtualQuery
FormatMessageW
GetCurrentDirectoryW
CreateDirectoryW
FindNextFileW
SetFileAttributesW
WritePrivateProfileStringW
WritePrivateProfileStructW
LocalAlloc
LocalFree
lstrlenW
GetFinalPathNameByHandleW
GetDateFormatW
SystemTimeToTzSpecificLocalTime
LockResource
WideCharToMultiByte
LoadLibraryExW
lstrcmpiW
FreeLibrary
GetModuleHandleW
GetProcessHeap
DeleteCriticalSection
GetProcAddress
HeapDestroy
DecodePointer
HeapAlloc
FindResourceW
LoadResource
RaiseException
HeapReAlloc
GetLastError
MultiByteToWideChar
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EncodePointer
GetThreadLocale
GetModuleFileNameW
EnterCriticalSection
HeapFree
SetThreadLocale
SizeofResource
FindResourceExW
VerifyVersionInfoW
GetTempFileNameA
GetTempPathA
SetFileAttributesA
DeleteFileA
ReplaceFileW
MoveFileExW
CopyFileW
GlobalAddAtomW
UnlockFileEx
LockFileEx
SystemTimeToFileTime
GlobalFindAtomW
GetWindowsDirectoryW
AcquireSRWLockShared
ReleaseSRWLockShared
QueryFullProcessImageNameW
ReadDirectoryChangesW
MoveFileW
SleepEx
CancelIoEx
GetLongPathNameW
OpenEventW
QueryUnbiasedInterruptTime
WriteConsoleW
SetEndOfFile
ReadConsoleW
ReadFile
GetConsoleMode
RtlUnwind
GetConsoleOutputCP
FlushFileBuffers
SetEnvironmentVariableW
FreeEnvironmentStringsW
IsDebuggerPresent
InitOnceBeginInitialize
InitOnceComplete
QueryPerformanceCounter
QueryPerformanceFrequency
RtlPcToFileHeader
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryEnterCriticalSection
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
FormatMessageA
GetStringTypeW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetSystemTimeAsFileTime
GetTickCount64
WaitForSingleObjectEx
CompareStringEx
GetCPInfo
LCMapStringEx
SetEvent
ResetEvent
CreateEventW
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
InitializeSListHead
RtlUnwindEx
InterlockedFlushSList
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemInfo
VirtualAlloc
VirtualProtect
GetDriveTypeW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
FileTimeToSystemTime
CreateThread
ExitProcess
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetFullPathNameW
SetStdHandle
GetFileSizeEx
SetFilePointerEx
GetTimeZoneInformation
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
LoadImageW
CharNextW
LoadIconW
LoadBitmapW
LoadStringW
EventRegister
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyW
CreateProcessAsUserW
OpenProcessToken
RegSetKeySecurity
RegQueryValueExW
RegNotifyChangeKeyValue
RegGetKeySecurity
RegFlushKey
FreeSid
RegSetValueExA
EventWriteTransfer
EventUnregister
RegDeleteValueW
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
UnregisterTraceGuids
RegisterTraceGuidsW
TraceEvent
LookupPrivilegeValueW
AdjustTokenPrivileges
SHGetKnownFolderPath
SHCreateDirectoryExW
SHGetFolderPathW
CLSIDFromString
CoTaskMemRealloc
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
CoTaskMemFree
VarUI4FromStr
SHDeleteKeyW
PathRemoveFileSpecA
PathRemoveExtensionA
PathFindFileNameA
PathFileExistsA
SHSetValueW
PathRemoveFileSpecW
PathStripToRootW
PathFindExtensionW
PathFileExistsW
PathFindFileNameW
SHGetValueW
PathAppendW
PathQuoteSpacesW
PathAddExtensionA
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
CreateEnvironmentBlock
DestroyEnvironmentBlock
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
SetInstallDate
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ