Static task
static1
Behavioral task
behavioral1
Sample
saBSI.exe
Resource
win10v2004-20230220-es
windows10-2004-x64
Target
saBSI.exe
Size
1.2MB
MD5
2c5cc4fed6ef0d07e8a855ea52b7c108
SHA1
6db652c54c0e712f1db740fc8535791bf7845dcc
SHA256
60410875199ad0bf34cd8402e0cc9151caf919fe98eeffd7056285e7239a3474
SHA512
cd8622cc38270caaf90ba61058a80d5554700dcfbb05ee921dde9aba7a1d6a068f24e73535baf3bbf4d2cc63d84cfe362cfa67df201b401d52b5af490610b0cc
SSDEEP
24576:TduIeHkczjODN4IKsxQ+MbLI6mpwDuk4Dex9kr5NIhixZIQnyDqUSQ0eLIIQ6:TxcoFX4epwDuk4DejkMhixaYdC0eLIj6
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
CN=McAfee\, LLC,OU=Engineering,O=McAfee\, LLC,POSTALCODE=95054,STREET=2821 Mission College Blvd,L=Santa Clara,ST=California,C=US
CN=McAfee Code Signing CA 2,O=McAfee\, Inc.,L=Santa Clara,ST=CA,C=US
CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US
CN=McAfee\, LLC,O=McAfee\, LLC,L=Santa Clara,ST=California,C=US
CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE
CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign
CN=McAfee\, LLC,O=McAfee\, LLC,L=Santa Clara,ST=California,C=US
CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE
CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign
CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
DeviceIoControl
LocalAlloc
CreateFileW
GetCurrentThreadId
GetModuleHandleA
GetCurrentDirectoryW
GetProcAddress
FreeLibrary
FormatMessageA
LoadLibraryExW
GetModuleHandleW
lstrlenW
VerSetConditionMask
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
VerifyVersionInfoW
GlobalAlloc
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
GetTickCount
DeleteFileW
WriteFile
LoadLibraryW
GetEnvironmentVariableW
GetExitCodeProcess
CreateProcessW
GetFileSize
CreateFileMappingW
MapViewOfFileEx
UnmapViewOfFile
SetEvent
GetModuleHandleExW
CreateSemaphoreW
ReleaseSemaphore
WaitForMultipleObjects
SetLastError
GetCurrentProcess
WritePrivateProfileStructW
TerminateProcess
QueryFullProcessImageNameW
K32EnumProcesses
OpenProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
WTSGetActiveConsoleSessionId
OutputDebugStringW
MoveFileExW
CreateDirectoryW
FindNextFileW
GetFileAttributesW
LocalFree
FindClose
GetLongPathNameW
ReleaseMutex
CreateMutexW
GetCurrentProcessId
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
WritePrivateProfileStringW
ReadConsoleW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileSizeEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetTimeZoneInformation
ExitProcess
ExitThread
WriteConsoleW
GetFileType
HeapDestroy
GetModuleFileNameW
WaitForSingleObject
CloseHandle
DecodePointer
DeleteCriticalSection
InitializeCriticalSectionEx
GetLastError
RaiseException
GlobalFree
MultiByteToWideChar
CreateEventW
WideCharToMultiByte
GetSystemInfo
VirtualProtect
VirtualQuery
LoadLibraryExA
GetStringTypeW
TryEnterCriticalSection
QueryPerformanceCounter
InitOnceBeginInitialize
InitOnceComplete
FindFirstFileExW
RemoveDirectoryW
SetEndOfFile
SetFilePointerEx
AreFileApisANSI
WaitForSingleObjectEx
Sleep
SwitchToThread
GetExitCodeThread
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
ResetEvent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
CreateTimerQueue
SignalObjectAndWait
CreateThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetCurrentThread
GetThreadTimes
FreeLibraryAndExitThread
GetVersionExW
VirtualAlloc
VirtualFree
DuplicateHandle
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
RtlUnwind
GetStdHandle
RegFlushKey
RegQueryValueExA
RegCreateKeyExW
RegCloseKey
RegSetValueExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorDacl
SetNamedSecurityInfoW
CryptReleaseContext
RegQueryValueExW
CryptGetHashParam
RegOpenKeyExW
CryptDestroyHash
RegDeleteTreeW
RegDeleteKeyValueW
RegQueryInfoKeyW
RegEnumValueW
RegSetKeySecurity
RegNotifyChangeKeyValue
RegGetKeySecurity
RegSetValueExA
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
FreeSid
CryptAcquireContextW
CryptCreateHash
CryptHashData
SHGetSpecialFolderPathW
CommandLineToArgvW
SHGetKnownFolderPath
StringFromCLSID
CoCreateGuid
StringFromGUID2
CoTaskMemFree
CoInitializeEx
CLSIDFromString
CoUninitialize
SysAllocString
SystemTimeToVariantTime
VariantClear
SysFreeString
VarUdateFromDate
VariantTimeToSystemTime
WinVerifyTrust
SHDeleteKeyW
PathFindExtensionW
PathFileExistsW
StrRChrW
CryptDecodeObject
CryptMsgClose
CryptMsgGetParam
CertCloseStore
CertGetSubjectCertificateFromStore
CertFreeCertificateContext
CertGetCertificateContextProperty
CertGetNameStringW
CryptQueryObject
CertGetCertificateChain
CertFreeCertificateChain
CertVerifyCertificateChainPolicy
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ