Extended Key Usages
ExtKeyUsageCodeSigning
Overview
overview
8Static
static
Sophia_Scr...ns.ps1
windows7-x64
1Sophia_Scr...ns.ps1
windows10-2004-x64
8Sophia_Scr...ia.ps1
windows7-x64
1Sophia_Scr...ia.ps1
windows10-2004-x64
1Sophia_Scr...ia.ps1
windows7-x64
1Sophia_Scr...ia.ps1
windows10-2004-x64
8Sophia_Scr...PO.exe
windows7-x64
1Sophia_Scr...PO.exe
windows10-2004-x64
1Static task
static1
Behavioral task
behavioral1
Sample
Sophia_Script_for_Windows_10_v5.14.6/Functions.ps1
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
Sophia_Script_for_Windows_10_v5.14.6/Functions.ps1
Resource
win10v2004-20220901-en
Behavioral task
behavioral3
Sample
Sophia_Script_for_Windows_10_v5.14.6/Module/Sophia.ps1
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
Sophia_Script_for_Windows_10_v5.14.6/Module/Sophia.ps1
Resource
win10v2004-20221111-en
Behavioral task
behavioral5
Sample
Sophia_Script_for_Windows_10_v5.14.6/Sophia.ps1
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
Sophia_Script_for_Windows_10_v5.14.6/Sophia.ps1
Resource
win10v2004-20220812-en
Behavioral task
behavioral7
Sample
Sophia_Script_for_Windows_10_v5.14.6/bin/LGPO.exe
Resource
win7-20221111-en
Behavioral task
behavioral8
Sample
Sophia_Script_for_Windows_10_v5.14.6/bin/LGPO.exe
Resource
win10v2004-20221111-en
Target
Sophia.Script.for.Windows.10.v5.14.6.zip
Size
487KB
MD5
0c711bcdf2327d53abf01510a07cb550
SHA1
73a108563edb44dfe1ba9864c4c1ac46bbbd33c0
SHA256
167afb6a64fe9ed1237ac98fa8ed03b161c564414d4a268c9d3fd830473d8b1d
SHA512
6ca020ee889b7eaccd0d740cd1e7003c6abce273c30aeb6a3bcdd0437ed94ba77fdcabc0a277ad5cf23a878f319b80960bee5cd6a0ebcbcef6c694bfd070fff9
SSDEEP
12288:NPch++o51gDrZJutQ1UjuZ6RPpz5wryuDn8BqV0cFnSzYfbuYmN:NPch++o52ZUtQOvsL8BqVr1++jg
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
Sleep
GetPrivateProfileStringW
WideCharToMultiByte
lstrlenW
GetSystemTime
CreateFileW
WriteFile
SetLastError
WritePrivateProfileStringW
DeleteFileW
WritePrivateProfileSectionW
GetTempPathW
GetTempFileNameW
GetFileSize
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
HeapFree
InitializeCriticalSectionEx
HeapSize
GetFileAttributesW
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
FormatMessageW
LocalFree
GetComputerNameW
GetCurrentProcess
LoadLibraryW
GetProcAddress
ExpandEnvironmentStringsW
LoadLibraryExW
FreeLibrary
GetModuleFileNameW
GetCommandLineW
GetCommandLineA
WriteConsoleW
SetStdHandle
ReadFile
GetExitCodeProcess
WaitForSingleObject
CloseHandle
CreateProcessW
SetHandleInformation
CreatePipe
GetLastError
CopyFileW
GetSystemDirectoryW
GetFileType
HeapReAlloc
GetFileSizeEx
GetConsoleMode
GetConsoleCP
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
ReadConsoleW
GetStdHandle
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
FlushFileBuffers
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
GetStringTypeW
FindClose
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
SetEndOfFile
SetFilePointerEx
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
EncodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RtlUnwind
SetEnvironmentVariableW
LoadStringW
InitiateSystemShutdownExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
ConvertSidToStringSidW
LookupAccountNameW
RegDeleteValueW
RegCreateKeyExW
RegDeleteTreeW
RegDeleteKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
ord165
CoUninitialize
CoCreateGuid
StringFromGUID2
CLSIDFromString
CoCreateInstance
OleRun
CoInitializeEx
SysFreeString
VariantClear
SysAllocString
SysStringLen
PathCombineW
PathFileExistsW
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ