Extended Key Usages
ExtKeyUsageCodeSigning
Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
tmp.exe
Resource
win10v2004-20230220-en
Target
tmp
Size
173KB
MD5
2116190ae866163ed485c4fd3e13d03b
SHA1
664654a40696f13dc8e23bd2df32ba55a6e0da20
SHA256
608af8aef15ba4f75996d46249a428ebbff1551de06f6eb6a053c2c330da6965
SHA512
d1215853879de73aa469563c4ba85c40e0b3fb09cc32e56a8eb70fb003bb62625291857fb51b9d9a16da8b977075aa1c96a154437b06065c672fa04d7f2c48c6
SSDEEP
3072:0JF8t4lZdHOg4IDGxdHga52NaB44nDIXKGyc5VoJe3+Vcv2JxQQBBEB3Befnj0zD:2F8t4lZdHFDGxdHgXNaBlnDIaGGzMZam
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
_initterm
_exit
__setusermatherr
_cexit
_wsetlocale
__C_specific_handler
_XcptFilter
swprintf_s
_commode
?terminate@@YAXXZ
memcpy
memcmp
wcscat_s
_wfullpath
wcschr
_wcsnicmp
exit
_fmode
_amsg_exit
wcscpy_s
_ltow_s
_ultow_s
wcsstr
memmove
_vsnwprintf
swscanf_s
wcsnlen
memset
__wgetmainargs
memcpy_s
wcstok_s
malloc
free
wcsncat_s
bsearch
wcsncmp
_wcsicmp
__set_app_type
wcsrchr
wcscmp
CM_Get_DevNode_PropertyW
CM_Get_Device_ID_ListW
CM_Get_Device_ID_List_SizeW
CM_Locate_DevNodeW
CM_MapCrToWin32Err
EventSetInformation
EventRegister
EventUnregister
EventWriteTransfer
GetSystemDirectoryW
GlobalMemoryStatusEx
GetSystemTimeAsFileTime
GetVersionExW
GetTickCount
CreateFileW
GetFileAttributesW
GetFileType
WriteFile
GetLastError
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ExpandEnvironmentStringsW
SearchPathW
GetStdHandle
SetStdHandle
CloseHandle
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
WideCharToMultiByte
MultiByteToWideChar
RtlCheckRegistryKey
RtlWriteRegistryValue
RtlAllocateHeap
RtlGetPersistedStateLocation
DbgPrint
NtQuerySystemInformation
RtlStringFromGUID
NtClose
NtDelayExecution
RtlTimeToTimeFields
RtlSystemTimeToLocalTime
RtlCreateRegistryKey
RtlEqualUnicodeString
RtlNtStatusToDosError
RtlAppendUnicodeToString
RtlQueryRegistryValuesEx
RtlDeleteRegistryValue
RtlCreateUnicodeString
RtlRandomEx
RtlCopyUnicodeString
RtlTestBit
RtlInitUnicodeString
NtSetSystemInformation
RtlUnicodeStringToInteger
NtQueryInformationToken
NtOpenProcessToken
NtAdjustPrivilegesToken
RtlSetAllBits
RtlSetBit
RtlInitializeBitMap
RtlCompareUnicodeString
RtlFreeUnicodeString
RtlFreeHeap
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
LookupPrivilegeValueA
GetCurrentProcessId
GetCurrentThreadId
TerminateProcess
GetCurrentProcess
OpenProcessToken
AdjustTokenPrivileges
ConvertStringSecurityDescriptorToSecurityDescriptorW
LocalFree
RegOpenKeyExW
RegSetValueExW
RegDeleteValueW
RegSetKeySecurity
RegCloseKey
RegCreateKeyExW
RegQueryValueExW
FormatMessageW
GetLocaleInfoW
GetProcAddress
FindResourceExW
LoadLibraryExW
GetModuleFileNameW
GetModuleHandleW
LoadResource
FreeLibrary
Sleep
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
QueryPerformanceCounter
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
DeviceIoControl
ResolveDelayLoadedAPI
DelayLoadFailureHook
ApiSetQueryApiSetPresence
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ