Extended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
tdsskiller (2).exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
tdsskiller (2).exe
Resource
win10v2004-20230220-en
Target
tdsskiller (2).zip
Size
4.7MB
MD5
8755196bdac3673f3e9d7f9000b6234b
SHA1
380acc078a9947a8084502e60f1390354370777b
SHA256
d400553d919483b94a5ca0cc60ba6e21fec73934e5559ba0eaabca07bf4dca80
SHA512
217d3e6d67f5c67bbb977062b970793317b5e1adb3aee65eb1934622dff35c29f6a3e9406a1185057d9435b3ad14642cdac9f1cf37f636c8eabeb7af12c4a966
SSDEEP
98304:WnPGEAME+vCQg65ei5xEwBvSUFhzRfBwaHH3kB369RR8vmRHW:4AMJvCQg65eirEny8q04H8GHW
ExtKeyUsageTimeStamping
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
SERIALNUMBER=1027739867473,CN=Kaspersky Lab,O=Kaspersky Lab,POSTALCODE=125212,STREET=39A/2 Leningradskoe shosse,L=Moscow,C=RU,1.3.6.1.4.1.311.60.2.1.2=#13064d6f73636f77,1.3.6.1.4.1.311.60.2.1.3=#13025255,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e
CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US
CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
UuidCreate
Sleep
LockResource
DeleteFileW
CloseHandle
GetModuleHandleA
FindResourceW
GetProcAddress
MoveFileExW
CreateProcessW
CreateFileW
WaitForSingleObject
GetTempPathW
RemoveDirectoryW
WriteFile
GetCurrentProcess
SizeofResource
CreateDirectoryW
WriteConsoleW
LoadResource
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
EncodePointer
RaiseException
GetLastError
GetModuleFileNameW
SetLastError
RtlUnwind
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetStdHandle
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
GetModuleHandleExW
GetACP
HeapFree
HeapAlloc
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
SetStdHandle
GetStringTypeW
GetProcessHeap
HeapSize
HeapReAlloc
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
DecodePointer
SystemFunction036
SetSecurityDescriptorDacl
CreateWellKnownSid
SetSecurityDescriptorSacl
OpenProcessToken
InitializeSecurityDescriptor
InitializeAcl
GetLengthSid
AddAccessAllowedAce
GetTokenInformation
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ