Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
tmp.exe
Resource
win10v2004-20220901-en
Target
tmp
Size
7.6MB
MD5
e610bac731d0029ddb8bca438a1d27c0
SHA1
4780c7f716e4c5d4b23bce2efff4369ff8bd4400
SHA256
1440482b6876daa466ef14bbf5222aad713afaac08f5bdd11488f07d8b03c668
SHA512
fa53f1eb583efe418aef2955bc00249acae10dec51c6b4b7d5b617ccf7354c0ed5de9ab45a66130432348b5cfacaca05bc1a29f215d02949eb5904fe3d87388f
SSDEEP
196608:TSznq29CXKVdprWMZIV671zTQg5Pe22zxvwluuTc:TSOvUrGV671zUg5gzxeuj
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
SERIALNUMBER=91110105397625067T,CN=Beijing Qianxin Technology Co.\, Ltd.,OU=运维中心,O=Beijing Qianxin Technology Co.\, Ltd.,L=beijing,ST=beijing,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#13074265696a696e67,1.3.6.1.4.1.311.60.2.1.2=#131058696368656e67204469737472696374,1.3.6.1.4.1.311.60.2.1.3=#1302434e
CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US
CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
GetFileAttributesA
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileInformationByHandle
GetLastError
HeapFree
HeapAlloc
GetProcessHeap
CopyFileA
GetSystemTime
MoveFileExA
lstrcmpiW
LockResource
LoadResource
FindResourceA
LoadLibraryExA
RemoveDirectoryA
DosDateTimeToFileTime
FindNextFileA
FindFirstFileA
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetTimeZoneInformation
GetFileTime
GetVersionExA
OutputDebugStringA
MultiByteToWideChar
ExpandEnvironmentStringsA
SetEndOfFile
SetFilePointer
GetLocalTime
lstrcmpiA
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesA
lstrcpynA
lstrcpyA
lstrcatA
FreeLibrary
GetTempPathA
CreateDirectoryA
LoadLibraryA
GetProcAddress
Sleep
GetModuleFileNameA
GlobalFree
lstrlenA
DeleteFileA
WriteFile
CreateFileA
GetFileSize
CloseHandle
GlobalAlloc
GetStartupInfoA
GetModuleHandleA
ReadFile
FindClose
RegDeleteValueA
SetFileSecurityA
AddAccessAllowedAce
RegSetKeySecurity
RegEnumKeyExA
RegDeleteKeyA
RegEnumKeyA
RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAceEx
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
StrCmpNIA
StrTrimA
VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA
strrchr
atoi
strncat
strncpy
_strrev
_access
_open
_CxxThrowException
_read
_write
memmove
_close
_lseek
??2@YAPAXI@Z
??3@YAXPAX@Z
strchr
sprintf
_errno
remove
_snprintf
__CxxFrameHandler
strstr
fopen
free
malloc
ftell
fseek
_vsnprintf
iscntrl
_fileno
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_stricmp
fclose
__dllonexit
SetupIterateCabinetA
??0Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
WTHelperProvDataFromStateData
WTHelperGetProvSignerFromChain
WTHelperGetProvCertFromChain
WinVerifyTrust
CertGetNameStringA
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ