Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
Malicious_1afa0bdf1dda537129e435ac361f6333e5c0f4640db278ed2598c274babe5791.exe
Resource
win7-20230712-en
Target
Malicious_1afa0bdf1dda537129e435ac361f6333e5c0f4640db278ed2598c274babe5791.dontrunthis
Size
2.6MB
MD5
6a6b50832f0fd4d909c5a29be1ace1e6
SHA1
00b85d6b4b49d694bbc61b75c3e9c9d60e362f78
SHA256
528d1fc3d9d2cba918dbc0b2b735c286caf844c51da3be3dece7891f09ebcdc6
SHA512
d3cd734f01c9cf8efec31513588dbcb107913fbc30524a150b145731049f441291b8a06e171480cefec8c1920ea6db37e31c0af2e527b23d3a6367dbd19dff83
SSDEEP
49152:hSBrpYL3+HzziPX0imuldpMnlRe+eWyocsVuponN5RT7YE7:CpYSz2PdInl0+eMcxoB
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
recv
WSAIoctl
setsockopt
getsockname
ntohs
bind
htons
getsockopt
getpeername
socket
connect
WSASetLastError
freeaddrinfo
getaddrinfo
accept
listen
htonl
sendto
recvfrom
select
__WSAFDIsSet
ioctlsocket
inet_ntoa
getnameinfo
WSACleanup
WSAGetLastError
send
closesocket
WSAStartup
gethostbyname
gethostname
shutdown
ord79
ord33
ord301
ord35
ord46
ord60
ord143
ord32
ord200
ord30
ord26
ord217
ord211
ord22
ord27
ord50
ord41
SetFileAttributesW
WriteFile
CloseHandle
DisconnectNamedPipe
GetLastError
CreateNamedPipeW
SetEvent
ReadFile
ResetEvent
WaitForSingleObject
CreateEventW
ConnectNamedPipe
CreateFileW
RaiseException
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
InitializeCriticalSection
DeleteCriticalSection
lstrcmpW
MulDiv
SetLastError
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcmpiW
FreeLibrary
LoadLibraryExW
GetModuleHandleW
GlobalFree
GlobalHandle
CreateMutexW
SetEndOfFile
SetFilePointer
WideCharToMultiByte
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
CreateProcessW
GetFileAttributesW
RemoveDirectoryW
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
GetTempPathW
TerminateProcess
LocalFree
FormatMessageW
CreateDirectoryW
OpenProcess
GetCurrentProcessId
GetExitCodeProcess
SetErrorMode
GetFileSizeEx
lstrlenA
GetDiskFreeSpaceExW
GetCommandLineW
ReleaseSemaphore
WaitNamedPipeW
WaitForMultipleObjects
TransactNamedPipe
VirtualQuery
SetNamedPipeHandleState
ExitProcess
SetUnhandledExceptionFilter
GetProcAddress
LoadLibraryW
CreateSemaphoreW
GetSystemDefaultUILanguage
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
LoadLibraryA
GetModuleHandleA
QueryPerformanceFrequency
SleepEx
QueryPerformanceCounter
GetEnvironmentVariableA
PeekNamedPipe
GetFileType
GetStdHandle
FormatMessageA
MoveFileExA
GetEnvironmentVariableW
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
GetSystemTimeAsFileTime
GetVersion
DeleteFiber
SwitchToFiber
CreateFiber
GlobalMemoryStatus
ConvertFiberToThread
ConvertThreadToFiber
SystemTimeToFileTime
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InterlockedExchange
GetStartupInfoW
UnhandledExceptionFilter
IsDebuggerPresent
Sleep
GetTickCount
CreateThread
GetVersionExW
GetSystemTime
InterlockedDecrement
lstrlenW
FlushInstructionCache
GetCurrentProcess
GetCurrentThreadId
InterlockedIncrement
IsBadWritePtr
MultiByteToWideChar
TerminateThread
LockResource
LoadResource
SizeofResource
FindResourceW
InterlockedCompareExchange
FillRect
SetCursor
OffsetRect
FrameRect
CopyRect
PeekMessageW
SendMessageW
SetForegroundWindow
AllowSetForegroundWindow
InflateRect
UnregisterClassA
DrawStateW
DrawFocusRect
DrawTextW
CallWindowProcW
SetWindowLongW
GetWindowLongW
CreateWindowExW
GetWindowTextW
GetWindowTextLengthW
GetWindowRect
GetClientRect
ClientToScreen
ScreenToClient
InvalidateRect
RedrawWindow
SetCapture
GetParent
GetProcessWindowStation
GetUserObjectInformationW
EnumWindows
GetWindowThreadProcessId
MessageBoxW
CreateDialogIndirectParamW
GetMessageW
TranslateMessage
DispatchMessageW
MapDialogRect
SetWindowContextHelpId
RegisterWindowMessageW
CreateAcceleratorTableW
DrawIconEx
RegisterClassExW
LoadCursorW
GetClassInfoExW
GetFocus
SetFocus
DestroyAcceleratorTable
GetDesktopWindow
GetClassNameW
IsChild
InvalidateRgn
MoveWindow
CharNextW
EndPaint
BeginPaint
TrackPopupMenu
PostQuitMessage
MonitorFromPoint
DestroyMenu
GetWindow
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
SetWindowRgn
AppendMenuW
CreatePopupMenu
IsDialogMessageW
GetDlgItem
DestroyWindow
KillTimer
ShowWindow
SetWindowTextW
LoadBitmapW
PostThreadMessageW
ReleaseDC
GetDC
GetCursorPos
GetActiveWindow
GetCapture
WindowFromPoint
DefWindowProcW
ReleaseCapture
DestroyCursor
LoadImageW
GetSysColor
LoadStringW
SetWindowPos
IsWindow
GetDlgCtrlID
GetObjectW
ChoosePixelFormat
SetPixelFormat
CreateFontW
GetDeviceCaps
StretchBlt
CreateRoundRectRgn
GetStockObject
CreateCompatibleBitmap
ExtTextOutW
DeleteObject
CreatePen
CreateSolidBrush
LineTo
MoveToEx
SetBkMode
CreateBitmap
CreateCompatibleDC
SelectObject
SetBkColor
BitBlt
SetTextColor
DeleteDC
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegQueryValueExW
CryptGenRandom
CryptDecrypt
CryptSetHashParam
CryptSignHashW
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptDestroyKey
CryptEnumProvidersW
RegisterEventSourceW
ReportEventW
DeregisterEventSource
CryptAcquireContextW
CryptCreateHash
CryptReleaseContext
CryptHashData
CryptDestroyHash
CryptGetHashParam
RegEnumValueW
RegEnumKeyW
RegDeleteKeyW
SHGetPathFromIDListW
SHGetSpecialFolderPathW
ShellExecuteExW
ord680
ShellExecuteW
SHBrowseForFolderW
SHGetSpecialFolderLocation
CommandLineToArgvW
Shell_NotifyIconW
OleRun
CoTaskMemFree
CoTaskMemRealloc
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoTaskMemAlloc
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
CoInitialize
CoUninitialize
LoadTypeLi
SysFreeString
VariantInit
VariantClear
VariantChangeType
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
SysStringLen
SysAllocString
DispCallFunc
LoadRegTypeLi
OleCreateFontIndirect
VarUI4FromStr
GetErrorInfo
AssocQueryStringW
InitCommonControlsEx
wglDeleteContext
wglCreateContext
wglMakeCurrent
glGetString
InternetCloseHandle
HttpQueryInfoW
HttpSendRequestW
InternetSetOptionW
InternetQueryOptionW
HttpOpenRequestW
InternetConnectW
InternetOpenW
InternetReadFile
GetProcessImageFileNameW
GetModuleBaseNameW
EnumProcesses
GetModuleFileNameExW
strerror_s
_setmode
isxdigit
getenv
_wfopen
signal
_stat64i32
_fileno
_fstat64i32
setbuf
_gmtime64
__sys_nerr
fgets
strspn
_lseeki64
_fstat64
_getpid
strpbrk
fflush
setvbuf
_beginthreadex
fputc
fputs
qsort
feof
_stat64
strrchr
strchr
strerror
strncpy
fopen
fseek
ftell
fclose
strstr
_mbspbrk
fwrite
fread
calloc
strncmp
_strtoi64
strtoul
_errno
isspace
isdigit
strcat_s
sscanf
atoi
memmove
_snwprintf_s
exit
_set_invalid_parameter_handler
_set_purecall_handler
__iob_func
fprintf
mbstowcs
sprintf
_strdup
_vsnwprintf
_vsnprintf
_exit
raise
_strnicmp
_stricmp
isupper
abort
__crtLCMapStringA
__pctype_func
___lc_codepage_func
___lc_handle_func
_calloc_crt
setlocale
rand
islower
__uncaught_exception
wcsncpy
btowc
wcscmp
_controlfp_s
tolower
strtol
wcstombs
strcmp
wcslen
wcsncpy_s
wcsstr
wcscpy
_except_handler4_common
malloc
swprintf_s
_invoke_watson
_recalloc
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
_XcptFilter
_cexit
__wgetmainargs
_amsg_exit
_decode_pointer
_onexit
wcscat
memcpy
_time64
srand
sprintf_s
strcspn
??0bad_cast@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
??0exception@std@@QAE@XZ
memchr
localeconv
memset
_invalid_parameter_noinfo
??_V@YAXPAX@Z
_free_locale
_access
_read
_write
_unlink
_close
_open
?terminate@@YAXXZ
ferror
_lock
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??2@YAPAXI@Z
__CxxFrameHandler3
free
realloc
__RTDynamicCast
_purecall
memmove_s
memcpy_s
strlen
memcmp
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??3@YAXPAX@Z
_unlock
__dllonexit
_encode_pointer
CertFreeCertificateContext
CertGetCertificateContextProperty
CertOpenStore
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
CertDuplicateCertificateContext
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ