Static task
static1
Behavioral task
behavioral1
Sample
b04280bed53a759df4193708d4f5c7168d4eeae32cc20835d1d526f0398d9b4c.dll
Resource
win7-20221111-en
windows7-x64
Behavioral task
behavioral2
Sample
b04280bed53a759df4193708d4f5c7168d4eeae32cc20835d1d526f0398d9b4c.dll
Resource
win10v2004-20221111-en
windows10-2004-x64
Target
b04280bed53a759df4193708d4f5c7168d4eeae32cc20835d1d526f0398d9b4c
Size
3.7MB
MD5
726fb768165604f0cd54feb955dda2b3
SHA1
67ea34734770f50768d6ef7850ad5fe2f4f5b622
SHA256
b04280bed53a759df4193708d4f5c7168d4eeae32cc20835d1d526f0398d9b4c
SHA512
71313169e4220d9811d59c0ed1665640a234896c6370d9a4f4dccd74ec4efc7b0e4d46d38c897f88d125e432c27f718fe58582f8fdb8a2f07af8927d00e0efc8
SSDEEP
49152:QenXxgmoHaAn3LpeF/WJrN3N8wX3TUj8RSxRi+RaObeTmmbqt272HnCSK/ypBd8u:QhpJG3K/yFBRR
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageCertSign
KeyUsageCRLSign
CN=McAfee\, LLC,O=McAfee\, LLC,L=Santa Clara,ST=California,C=US
CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE
CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
CertGetSubjectCertificateFromStore
CryptMsgGetParam
CryptMsgClose
CryptQueryObject
CertFreeCertificateChain
CertGetNameStringW
CertVerifyCertificateChainPolicy
CertGetCertificateChain
CertGetCertificateContextProperty
CryptDecodeObject
CertFreeCertificateContext
CertCloseStore
WTSGetActiveConsoleSessionId
CreateWaitableTimerW
SetWaitableTimer
ProcessIdToSessionId
GetCurrentProcessId
OpenProcess
lstrcmpiW
K32EnumProcesses
QueryFullProcessImageNameW
TerminateProcess
GetCurrentProcess
MultiByteToWideChar
GetProcAddress
GetModuleHandleW
FindResourceW
LoadResource
LockResource
FreeLibrary
VerifyVersionInfoW
VerSetConditionMask
UnmapViewOfFile
CreateFileW
GetFileSize
CreateFileMappingW
MapViewOfFileEx
GetSystemInfo
CreateIoCompletionPort
GetQueuedCompletionStatus
Sleep
CreateMutexA
ReleaseMutex
GetOverlappedResult
CreateNamedPipeW
ConnectNamedPipe
GetNamedPipeClientProcessId
WaitNamedPipeW
GetNamedPipeServerProcessId
GetCurrentThreadId
CancelIoEx
WriteFile
ReadFile
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleExA
LoadLibraryA
FormatMessageA
RtlUnwindEx
SetLastError
VirtualFree
VirtualQuery
VirtualAlloc
VirtualProtect
FindResourceExW
MoveFileExW
LocalAlloc
lstrlenW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryExW
DeleteFileW
GetUserDefaultLangID
GetUserDefaultUILanguage
SetFilePointer
GetTempFileNameW
ReplaceFileW
GetSystemTimeAsFileTime
GetSystemDirectoryW
GetComputerNameW
GetVolumeInformationW
GetPrivateProfileStringW
CopyFileW
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
GetFullPathNameW
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
InitializeCriticalSection
GetFullPathNameA
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
HeapValidate
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
FlushViewOfFile
CreateFileA
WaitForSingleObjectEx
DeleteFileA
LoadLibraryW
HeapCompact
UnlockFile
LockFileEx
SystemTimeToFileTime
GetSystemTime
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
CreateDirectoryA
FindFirstFileA
FindNextFileA
GetFileAttributesExA
GetFileSizeEx
RemoveDirectoryA
SetFilePointerEx
GetLocalTime
CreateFileMappingA
MoveFileA
ReplaceFileA
FindNextFileW
GetFileAttributesW
WriteConsoleW
CreateDirectoryW
GetModuleFileNameW
FindFirstFileW
LocalFree
FindClose
ReleaseSemaphore
WaitForMultipleObjects
ResetEvent
CreateSemaphoreW
CreateEventW
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
WaitForSingleObject
SetEvent
DecodePointer
DeleteCriticalSection
InitializeCriticalSectionEx
GetLastError
RaiseException
WideCharToMultiByte
CloseHandle
OutputDebugStringW
SizeofResource
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
SetStdHandle
CreatePipe
GetExitCodeProcess
GetTimeZoneInformation
GetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
LoadLibraryExA
SwitchToThread
GetExitCodeThread
GetStringTypeW
RtlPcToFileHeader
QueryPerformanceFrequency
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
GetCPInfo
CompareStringW
LCMapStringW
GetLocaleInfoW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
CreateTimerQueue
SignalObjectAndWait
CreateThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetCurrentThread
GetThreadTimes
FreeLibraryAndExitThread
GetVersionExW
DuplicateHandle
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
ExitThread
GetModuleHandleExW
CreateProcessW
ExitProcess
SetEnvironmentVariableW
GetFileType
GetConsoleMode
ReadConsoleW
GetConsoleCP
RtlUnwind
CharLowerBuffA
RegDeleteValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
OpenProcessToken
GetTokenInformation
ConvertSidToStringSidW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
ConvertSidToStringSidA
LookupAccountNameW
RegSetValueExW
RegSetKeySecurity
RegNotifyChangeKeyValue
RegGetKeySecurity
RegFlushKey
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
FreeSid
RegSetValueExA
RegQueryValueExA
RegEnumValueW
SHGetKnownFolderPath
SHGetSpecialFolderPathW
CLSIDFromString
CoTaskMemFree
StringFromGUID2
CoCreateGuid
SysFreeString
StrRChrW
PathFileExistsW
PathIsRelativeW
PathCombineW
SHDeleteKeyW
CreateModule
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ