Static task
static1
Behavioral task
behavioral1
Sample
baddab7d688ecb16b0863c0e5e80eb13ff0b9be1883280b0b046807b2663d116.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral2
Sample
baddab7d688ecb16b0863c0e5e80eb13ff0b9be1883280b0b046807b2663d116.exe
Resource
win10v2004-20220901-en
windows10-2004-x64
Target
baddab7d688ecb16b0863c0e5e80eb13ff0b9be1883280b0b046807b2663d116
Size
3.3MB
MD5
2bcc8f4a01e4ec68b5b0ccbf33db46aa
SHA1
ba56186c885c9ae0091d7f739da0b1375937f99d
SHA256
baddab7d688ecb16b0863c0e5e80eb13ff0b9be1883280b0b046807b2663d116
SHA512
5a5ffbae769c04068f83617303edfeafbcfc3ee52ec9931af380eac558686a5178455c6a55037a2c73a63f80c951f0b8e027f547fadee730d6594bfe98048adc
SSDEEP
49152:1qbQHxf+aWhyeuwg1vqeqfm5umrPTCfUNv1ibV2jjeIXB6kC0RRRAGjqf:1c+xf+aWXg1SeqfNmrgsx6iRRRAGg
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
CN=iFLYTEK Co.\,Ltd.,OU=云计算研究院,O=iFLYTEK Co.\,Ltd.,L=Hefei,ST=Anhui,C=CN
CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE
CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign
CN=iFLYTEK Co.\,Ltd.,OU=云计算研究院,O=iFLYTEK Co.\,Ltd.,L=Hefei,ST=Anhui,C=CN
CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE
CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign
CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
ImmDisableIME
GetModuleFileNameExW
timeGetTime
PathFindFileNameW
PathRemoveExtensionW
WriteFile
GetModuleHandleA
LoadLibraryA
FormatMessageW
InterlockedExchangeAdd
ResumeThread
GetSystemTimeAsFileTime
GetSystemInfo
VirtualQueryEx
AllocConsole
QueryPerformanceCounter
QueryPerformanceFrequency
InterlockedCompareExchange
SystemTimeToFileTime
DeleteFileW
SetFilePointer
OutputDebugStringA
FormatMessageA
IsDebuggerPresent
TlsGetValue
TlsSetValue
GetNativeSystemInfo
GetLocalTime
GetWindowsDirectoryW
GetCurrentDirectoryW
GetTempPathW
MapViewOfFile
UnmapViewOfFile
CopyFileW
SetLastError
CreateProcessW
OpenProcess
CreateToolhelp32Snapshot
GetCurrentProcess
GetComputerNameW
CreateFileMappingW
CreateEventW
CreateMutexW
OpenMutexW
LocalFree
CreateDirectoryW
GetCurrentProcessId
ReleaseMutex
WaitForSingleObject
CreateFileA
WideCharToMultiByte
FindResourceW
LoadLibraryW
lstrcmpiW
SizeofResource
LockResource
LoadResource
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetModuleFileNameA
FreeLibrary
FindResourceExW
GetVersionExW
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
ReadProcessMemory
GetThreadSelectorEntry
GetThreadContext
Thread32Next
SuspendThread
OpenThread
Thread32First
GetFileSizeEx
FlushViewOfFile
FreeConsole
CreateDirectoryA
GetPrivateProfileStringA
CreateMutexA
InitializeCriticalSection
IsProcessorFeaturePresent
EncodePointer
OutputDebugStringW
EnterCriticalSection
SetUnhandledExceptionFilter
GetFileAttributesA
SetCurrentDirectoryA
MultiByteToWideChar
lstrcpyW
GetSystemTime
CreateFileW
GetFileAttributesW
GetFileSize
ReadFile
DecodePointer
CloseHandle
RaiseException
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetTickCount
GetCurrentThreadId
Sleep
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
GetSystemDirectoryW
MessageBoxA
LoadIconW
GetWindowThreadProcessId
FindWindowW
GetCursorPos
GetWindowRect
SetForegroundWindow
GetForegroundWindow
MapVirtualKeyW
SendInput
keybd_event
GetFocus
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
IsWindowVisible
SetWindowPos
ShowWindow
PostQuitMessage
AttachThreadInput
PostMessageW
UnregisterHotKey
RegisterHotKey
MessageBoxW
MonitorFromPoint
MonitorFromWindow
GetMonitorInfoW
RegisterClassExW
CreateWindowExW
ChangeWindowMessageFilterEx
FindWindowExW
DefWindowProcW
CharNextW
GetAsyncKeyState
IsWindow
RegOpenKeyExA
SetSecurityDescriptorDacl
SetSecurityDescriptorSacl
InitializeSecurityDescriptor
RegQueryValueExA
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetNamedSecurityInfoW
SetEntriesInAclW
BuildExplicitAccessWithNameW
GetNamedSecurityInfoW
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
SHGetSpecialFolderPathW
SHGetFolderPathW
Shell_NotifyIconW
ShellExecuteW
StringFromGUID2
CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoInitialize
CoCreateGuid
SysAllocStringLen
SysFreeString
SysStringLen
VarUI4FromStr
SysAllocString
LoadTypeLi
LoadRegTypeLi
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?id@?$codecvt@DDH@std@@2V0locale@2@A
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?classic@locale@std@@SAABV12@XZ
?exceptions@ios_base@std@@QAEXH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ
?overflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHH@Z
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHH@Z
?underflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
_FInf
_FNan
?id@?$numpunct@D@std@@2V0locale@2@A
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
_Nan
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_K@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?tellp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z
_Xtime_get_ticks
?_Xruntime_error@std@@YAXPBD@Z
??0_Locinfo@std@@QAE@HPBD@Z
??1_Locinfo@std@@QAE@XZ
?_New_Locimp@_Locimp@locale@std@@CAPAV123@_N@Z
?_Makeloc@_Locimp@locale@std@@CAPAV123@ABV_Locinfo@3@HPAV123@PBV23@@Z
?global@locale@std@@SA?AV12@ABV12@@Z
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?_Orphan_all@_Container_base0@std@@QAEXXZ
_Getcvt
_Mbrtowc
??0_Locinfo@std@@QAE@PBD@Z
?_Getfalse@_Locinfo@std@@QBEPBDXZ
?_Gettrue@_Locinfo@std@@QBEPBDXZ
??1_Facet_base@std@@UAE@XZ
??Bid@locale@std@@QAEIXZ
??0facet@locale@std@@IAE@I@Z
??1facet@locale@std@@MAE@XZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?widen@?$ctype@_W@std@@QBE_WD@Z
?widen@?$ctype@_W@std@@QBEPBDPBD0PA_W@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??1ios_base@std@@UAE@XZ
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UAEXXZ
??_7_Facet_base@std@@6B@
??_7facet@locale@std@@6B@
?id@?$ctype@_W@std@@2V0locale@2@A
??_7ios_base@std@@6B@
?id@?$numpunct@_W@std@@2V0locale@2@A
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
?_Swap_all@_Container_base0@std@@QAEXAAU12@@Z
?good@ios_base@std@@QBE_NXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBE_JXZ
?width@ios_base@std@@QAE_J_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??0_Container_base12@std@@QAE@XZ
??1_Container_base12@std@@QAE@XZ
?_Orphan_all@_Container_base12@std@@QAEXXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?_BADOFF@std@@3_JB
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEDD@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
toupper
_libm_sse2_log_precise
_libm_sse2_exp_precise
_libm_sse2_log10_precise
strtok
_close
exp2
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBDH@Z
feof
_fpclass
??0exception@std@@QAE@XZ
strerror
?_open@@YAHPBDHH@Z
_lseeki64
_filelengthi64
_chsize_s
_get_osfhandle
??1exception@std@@UAE@XZ
islower
isupper
_aligned_malloc
??3@YAXPAX@Z
_purecall
??2@YAPAXI@Z
_vswprintf
atoi
rand
strtol
free
memchr
memmove
strchr
strncat
??_V@YAXPAX@Z
_CxxThrowException
__CxxFrameHandler3
memcpy
memset
memcpy_s
strrchr
wcsnlen
wcsncpy_s
wcsstr
malloc
_recalloc
_wtoi
_wfopen
wmemcpy_s
fclose
fread
srand
strcspn
swprintf_s
printf
sprintf_s
round
??0bad_cast@std@@QAE@PBD@Z
localeconv
??0bad_cast@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
_libm_sse2_cos_precise
_libm_sse2_pow_precise
_libm_sse2_sqrt_precise
floor
fopen
sprintf
fwrite
ftell
fseek
rename
wcsncpy
memmove_s
_wcslwr_s
vswprintf_s
_vscwprintf
wcsncat
wcschr
mbstowcs_s
wcsrchr
strstr
strlen
memcmp
ceil
abort
wcslen
__iob_func
_fileno
freopen
setvbuf
_exit
realloc
ldiv
_finite
isspace
wcscat_s
fflush
fprintf
_localtime64_s
_time64
_write
_vsprintf_p
_vscprintf_p
_errno
tolower
_fsopen
_wfullpath
strncmp
isalpha
fgetc
fgetpos
fputc
fsetpos
_fseeki64
ungetc
_lock_file
_unlock_file
_chsize
_fdopen
?terminate@@YAXXZ
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
??1type_info@@UAE@XZ
_except_handler4_common
_XcptFilter
__crtGetShowWindowMode
_amsg_exit
__getmainargs
__set_app_type
exit
_cexit
_ismbblead
_configthreadlocale
__setusermatherr
_initterm_e
_initterm
_acmdln
_fmode
_commode
_except1
__crtSetUnhandledExceptionFilter
_invoke_watson
_controlfp_s
_aligned_free
_wassert
__RTDynamicCast
strtod
_stricmp
_unlink
_itoa
vsprintf_s
_snprintf
wcscpy_s
_stat64i32
_findnext64i32
_findfirst64i32
_findclose
_localtime64
strftime
setlocale
strcpy_s
wprintf
fputws
vsprintf
rewind
fputs
wcstombs
mbstowcs
calloc
strncpy
SymLoadModule64
SymGetLineFromAddr
MiniDumpWriteDump
SymCleanup
SymFromAddr
SymUnloadModule64
SymSetOptions
SymGetModuleBase
SymInitialize
GetFileVersionInfoA
VerQueryValueW
GetFileVersionInfoSizeW
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ