Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Static task
static1
Behavioral task
behavioral1
Sample
FiveM.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
FiveM.exe
Resource
win10v2004-20221111-en
Target
FiveM.exe
Size
4.9MB
MD5
4a036dffd4eba55a9a5bdebd5cfa01b5
SHA1
f3e232cd319f2dc310fd2816f388a87db354ae04
SHA256
223789990716c446bd1175f4bc74ad01393d90014b1581b23c8b73bb265df78f
SHA512
eab762da142332f0ac7bf75793ceb839c2607e8689090f44d832f7583502cb9964024b70a64d56cf8cddb2a0c7079aaf5dc903ab33657c6dfa2dc731a123879a
SSDEEP
49152:pOjPWgEPD9u3+aM9toyPnDe8VjoitsVyNKUVOjhxwkhHC0u0iVJtfSJQiUzvgaQp:1Dlri8loPVlMRFSn/5rFXjPSm+m
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageContentCommitment
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
ord344
InitCommonControlsEx
ord345
CertGetEnhancedKeyUsage
CertFreeCertificateContext
CertEnumCertificatesInStore
CertCloseStore
CertGetIntendedKeyUsage
CertOpenSystemStoreW
CryptUnprotectData
CertOpenSystemStoreA
CreateDirectoryW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
CreateMutexW
OpenMutexW
CreateThread
GetCurrentThread
GetCurrentThreadId
GetSystemTime
GetTickCount64
SystemTimeToFileTime
GetModuleHandleA
GetPrivateProfileIntW
OpenProcess
K32GetProcessImageFileNameW
WriteFile
VerSetConditionMask
OpenThread
SuspendThread
ResumeThread
GetThreadContext
SetThreadContext
VerifyVersionInfoW
LoadLibraryA
FindClose
FindFirstFileW
FindNextFileW
GetFileSizeEx
GetPrivateProfileStringW
WritePrivateProfileStringW
GetFullPathNameW
SetFileTime
GetSystemTimeAsFileTime
GetEnvironmentVariableW
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
SetEvent
WaitForSingleObject
CreateEventW
GetExitCodeProcess
GetSystemDirectoryW
IsProcessInJob
CreateJobObjectW
AssignProcessToJobObject
SetInformationJobObject
SetDllDirectoryW
GetFileAttributesExW
ResetEvent
K32EnumProcessModules
GetExitCodeThread
GetProcessId
VirtualAllocEx
ReadProcessMemory
WriteProcessMemory
QueryFullProcessImageNameW
K32GetModuleFileNameExW
MultiByteToWideChar
ReadFile
GetOverlappedResult
EncodePointer
DecodePointer
ReleaseSRWLockShared
AcquireSRWLockShared
InitOnceExecuteOnce
FreeLibrary
LoadResource
LockResource
SizeofResource
FindResourceW
MulDiv
RtlUnwind
Sleep
GetLastError
CloseHandle
GetFileAttributesW
DeleteFileW
CreateFileW
HeapSize
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
GetACP
GetTimeZoneInformation
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
OutputDebugStringW
GetConsoleOutputCP
SetConsoleCtrlHandler
SetStdHandle
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
VirtualProtect
GetStartupInfoW
ExitProcess
GetCurrentProcessId
CreateRemoteThread
GetCommandLineW
LoadLibraryW
GetProcAddress
GetModuleHandleW
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
MoveFileW
CopyFileW
GetDriveTypeW
FreeLibraryAndExitThread
ExitThread
LoadLibraryExW
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwindEx
RtlPcToFileHeader
LoadLibraryExA
RaiseException
LocalFree
GetModuleFileNameW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
K32GetModuleInformation
CreateProcessW
IsProcessorFeaturePresent
UnhandledExceptionFilter
InitializeSListHead
GetLocaleInfoEx
HeapCreate
HeapAlloc
HeapReAlloc
HeapFree
FlushInstructionCache
CreateToolhelp32Snapshot
Thread32First
Thread32Next
GetSystemInfo
VirtualAlloc
VirtualFree
VirtualQuery
WriteConsoleW
OutputDebugStringA
QueryPerformanceCounter
WideCharToMultiByte
SetFilePointer
FormatMessageA
FormatMessageW
CreateEventA
WaitForSingleObjectEx
FoldStringW
LCMapStringW
CompareStringW
GetDateFormatW
GetTimeFormatW
GetLocaleInfoW
GetCurrencyFormatW
GetLocaleInfoA
EnumSystemLocalesA
IsValidCodePage
IsDBCSLeadByteEx
DuplicateHandle
SetNamedPipeHandleState
TransactNamedPipe
WaitNamedPipeW
WaitForMultipleObjects
SetUnhandledExceptionFilter
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ReleaseSemaphore
CreateSemaphoreW
VirtualQueryEx
GetProcessTimes
UnregisterWaitEx
UnregisterWait
ConnectNamedPipe
DisconnectNamedPipe
CreateNamedPipeW
ReleaseMutex
RegisterWaitForSingleObject
GetStdHandle
GetFileType
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
SwitchToFiber
DeleteFiber
CreateFiber
ConvertFiberToThread
ConvertThreadToFiber
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
InitializeCriticalSectionEx
SleepEx
QueryPerformanceFrequency
GetTickCount
CompareFileTime
GetEnvironmentVariableA
MoveFileExW
GetStringTypeW
FindFirstFileExW
GetFileInformationByHandle
SetEndOfFile
SetFileInformationByHandle
SetFilePointerEx
AreFileApisANSI
GetFileInformationByHandleEx
InitializeSRWLock
TryEnterCriticalSection
LCMapStringEx
CompareStringEx
GetCPInfo
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
DispatchMessageW
TranslateMessage
SetWindowTextW
PeekMessageW
MsgWaitForMultipleObjects
MonitorFromPoint
LoadIconW
LoadCursorW
FindWindowExW
GetDesktopWindow
SetWindowLongW
GetWindowLongW
GetSysColorBrush
GetSysColor
SendMessageW
EndPaint
BeginPaint
ReleaseDC
GetDC
AllowSetForegroundWindow
SetTimer
SetWindowPos
MoveWindow
GetProcessWindowStation
GetUserObjectInformationW
ShowWindow
DestroyWindow
CreateWindowExW
RegisterClassExW
DefWindowProcW
RegisterWindowMessageW
MessageBoxW
SetBkMode
GetDeviceCaps
CreateFontIndirectW
SetTextColor
RegDeleteValueW
RegisterEventSourceW
DeregisterEventSource
RegOpenKeyW
RegEnumValueW
RegCloseKey
GetTokenInformation
OpenProcessToken
RegDeleteKeyW
RegGetValueW
RegSetKeyValueW
ReportEventW
SHParseDisplayName
ShellExecuteW
SHCreateItemFromParsingName
SHGetKnownFolderPath
SetCurrentProcessExplicitAppUserModelID
ord709
SHSetLocalizedName
CommandLineToArgvW
SHBindToParent
RtlCaptureContext
RtlVirtualUnwind
NtQueryInformationProcess
RtlLookupFunctionEntry
SysAllocString
SysFreeString
SysStringLen
GetErrorInfo
SetErrorInfo
AmdPowerXpressRequestHighPerformance
AsyncTrace
BeforeTerminateHandler
DllGetActivationFactory
EarlyInitializeExceptionHandler
GetErrorData
InitializeExceptionHandler
NvOptimusEnablement
RemoteExceptionFunc
TerminateForException
free
malloc
realloc
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ