Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
Behavioral task
behavioral1
Sample
095d29a8a5c7fae8365910f10ec2720bcb72980ca9e555de7a0502650d9bcbd6.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
095d29a8a5c7fae8365910f10ec2720bcb72980ca9e555de7a0502650d9bcbd6.exe
Resource
win10v2004-20220812-en
Target
095d29a8a5c7fae8365910f10ec2720bcb72980ca9e555de7a0502650d9bcbd6
Size
2.0MB
MD5
63aee2834752151a059c66064ac61780
SHA1
99849466ee5ff3184ca8f747a42c25c4e08afa1b
SHA256
095d29a8a5c7fae8365910f10ec2720bcb72980ca9e555de7a0502650d9bcbd6
SHA512
82debdefcd51ebb36e81091fe3a8891aa189060f8c0ee603233a6dd8989380c711bd46310d09a38f9c3dabb00a1d60eafedf15dc39fcd41c8fa1d283fb67466b
SSDEEP
49152:EA4YLU/CXq5PHcHve7NNL36tyxsKi9nxRVWc106NLdoFA:Eam6qtLTL367K4RVWc106NLdoFA
Processes:
resource | yara_rule |
---|---|
sample | vmprotect |
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
CN=Lenovo (Beijing) Co.\, Ltd.,OU=G07,O=Lenovo (Beijing) Co.\, Ltd.,ST=Beijing,C=CN
CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US
CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US
CN=Lenovo (Beijing) Co.\, Ltd.,OU=G07,O=Lenovo (Beijing) Co.\, Ltd.,ST=Beijing,C=CN
CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US
CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US
CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
ord14137
EnumResourceTypesW
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess
InflateRect
CreateFontIndirectW
ImageList_AddMasked
VariantClear
_except_handler4_common
_set_new_mode
wcscpy_s
_exit
__setusermatherr
_set_fmode
_configthreadlocale
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ