Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Static task
static1
Behavioral task
behavioral1
Sample
Uninstall.exe
Resource
win10-20230703-en
Target
Uninstall.exe
Size
338KB
MD5
15924de456cc1c4ac9b80d4e838583e3
SHA1
33b687a77e3c187cf617ed1eca452b90b0d29e5f
SHA256
35553d705335e1b12ff5995eb3f33209457639fab67645603d55c1ad99d1c07c
SHA512
b01a1c563bdec6b2dc0f482d20b393299ca4212cdff54bd2c15ce910fd0be36378fbf386b5604a83a4961466a95e5693c17c7950b3b8edc31edbf0160b64d349
SSDEEP
6144:GAnWbyEmkKV7e26N5+YV88WJlyJUZhCpAOZauLRI4V2iz3:LWgNV7HK5jwJlyJUZhCpzan4V2W
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
TerminateProcess
GetEnvironmentVariableW
GetFileAttributesW
OpenProcess
CreateToolhelp32Snapshot
Process32NextW
DeleteFileW
Process32FirstW
GlobalFree
CloseHandle
MoveFileExW
WideCharToMultiByte
FindResourceW
LoadResource
FindResourceExW
RaiseException
HeapReAlloc
GlobalAlloc
LockResource
GetLastError
HeapSize
GetCurrentThreadId
LeaveCriticalSection
CreateFileW
WriteConsoleW
InitializeCriticalSectionAndSpinCount
SetFilePointerEx
GetConsoleMode
GetConsoleCP
SetStdHandle
GlobalHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetFileType
GetACP
WriteFile
GetStdHandle
GetModuleHandleExW
ExitProcess
LoadLibraryExW
FreeLibrary
RtlUnwind
MulDiv
lstrcmpW
GlobalUnlock
InterlockedIncrement
GetProcessHeap
DeleteCriticalSection
GlobalLock
HeapDestroy
DecodePointer
HeapAlloc
GetModuleFileNameW
InterlockedDecrement
EnterCriticalSection
SetLastError
HeapFree
FlushFileBuffers
SizeofResource
QueryPerformanceCounter
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
SetEvent
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleW
GetCurrentProcessId
LocalFree
GetProcAddress
SetCurrentDirectoryW
FormatMessageW
MultiByteToWideChar
SetFileAttributesW
TlsAlloc
CreateEventW
GetLocaleInfoW
LCMapStringW
CompareStringW
GetCPInfo
GetStringTypeW
OutputDebugStringW
IsDebuggerPresent
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
FindFirstFileW
FindNextFileW
GetCurrentProcess
RemoveDirectoryW
FindClose
MapDialogRect
SetWindowLongW
GetClientRect
GetDlgItem
GetDesktopWindow
FillRect
SetCapture
GetWindowTextW
EndPaint
BeginPaint
ReleaseDC
InvalidateRect
ReleaseCapture
RegisterWindowMessageW
GetParent
GetClassNameW
MessageBoxW
GetActiveWindow
DialogBoxIndirectParamW
GetWindowLongW
GetWindowTextLengthW
DefWindowProcW
CallWindowProcW
GetWindow
GetFocus
DestroyWindow
GetDC
SetWindowPos
LoadCursorW
CreateWindowExW
ScreenToClient
SendMessageW
EndDialog
UnregisterClassW
SetWindowTextW
RegisterClassExW
IsWindow
InvalidateRgn
RedrawWindow
ClientToScreen
DestroyAcceleratorTable
IsChild
GetSysColor
MoveWindow
CreateAcceleratorTableW
SetFocus
CharNextW
SetWindowContextHelpId
GetClassInfoExW
BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GetStockObject
GetDeviceCaps
DeleteDC
GetObjectW
DeleteObject
CreateSolidBrush
RegCloseKey
RegDeleteKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegEnumKeyW
CoGetClassObject
OleUninitialize
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance
CLSIDFromProgID
CoTaskMemFree
CreateStreamOnHGlobal
OleInitialize
CLSIDFromString
OleLockRunning
CoCreateGuid
CoInitialize
CoUninitialize
SysFreeString
OleCreateFontIndirect
VariantInit
SysStringLen
SysAllocStringLen
VariantClear
SysAllocString
LoadTypeLi
LoadRegTypeLi
PathFileExistsW
PathIsDirectoryW
PathIsSystemFolderW
PathRemoveFileSpecW
UrlEscapeW
UrlUnescapeW
PathAppendW
PathAddBackslashW
HttpOpenRequestW
InternetOpenW
InternetCrackUrlW
HttpSendRequestW
InternetCloseHandle
InternetConnectW
SHGetFolderPathW
ShellExecuteW
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ