Extended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
Static task
static1
Behavioral task
behavioral1
Sample
82a9d9c1059c316bdb5f1a0cd7f844bed95654811807fe2bbfdd6f40166deff9.dll
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
82a9d9c1059c316bdb5f1a0cd7f844bed95654811807fe2bbfdd6f40166deff9.dll
Resource
win10v2004-20231020-en
Target
82a9d9c1059c316bdb5f1a0cd7f844bed95654811807fe2bbfdd6f40166deff9
Size
1.0MB
MD5
0cea544fafaf4e553aaab46e2455c0fa
SHA1
d1af556d78244600cb30227091eab09406be1747
SHA256
82a9d9c1059c316bdb5f1a0cd7f844bed95654811807fe2bbfdd6f40166deff9
SHA512
602bbe74fe5b6cb5c7e0c6874e09f023facf68e3717722033430f1a508ecc1b16834169fb7dbc45e6fd763e754f94520d951877df670eb0ac047a0477eb4748b
SSDEEP
24576:tgy4h+gnyETpQ6dSNdFs1RSgIVb0TPnq3oRoFQVgB9m:teCETpQaQdFs1RSgO4znq3oRulm
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
InterlockedCompareExchange
ExpandEnvironmentStringsW
GetModuleFileNameW
VirtualQuery
GetTickCount
Sleep
GetLastError
lstrlenA
VirtualFree
VirtualAlloc
RaiseException
FreeLibrary
GetModuleHandleExW
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
LoadLibraryExW
GetCommandLineW
GetVersion
DeviceIoControl
CreateEventW
CreateSemaphoreW
SetEvent
ReleaseSemaphore
ReadProcessMemory
GetCurrentThreadId
GetSystemDirectoryW
GetSystemWindowsDirectoryW
CreateDirectoryW
Module32NextW
Module32FirstW
GlobalFree
SystemTimeToFileTime
GetSystemTime
GlobalAlloc
GetSystemTimeAsFileTime
GetProcessTimes
CopyFileW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
OpenEventW
CreateMutexW
WriteFile
GetFileType
DuplicateHandle
GetCurrentProcess
MoveFileExW
OpenMutexW
ReadFile
GetCurrentProcessId
GetFileSize
ResetEvent
TerminateProcess
FindClose
FindNextFileW
FindFirstFileW
GlobalUnlock
GlobalLock
GetFileAttributesExW
GetExitCodeProcess
GetPrivateProfileSectionW
WritePrivateProfileSectionW
IsBadReadPtr
DisconnectNamedPipe
ConnectNamedPipe
InterlockedExchange
CreateNamedPipeW
GetOverlappedResult
WaitForSingleObjectEx
WriteFileEx
IsWow64Process
SetFilePointer
SetLastError
QueryDosDeviceW
FileTimeToSystemTime
RemoveDirectoryW
LocalAlloc
GetFileAttributesW
GetShortPathNameW
GlobalMemoryStatusEx
GetSystemInfo
VerifyVersionInfoW
VerSetConditionMask
GetVersionExW
ProcessIdToSessionId
QueryPerformanceCounter
QueryPerformanceFrequency
FreeResource
FileTimeToLocalFileTime
GetLongPathNameW
SearchPathW
SetFileAttributesW
GetEnvironmentVariableW
WTSGetActiveConsoleSessionId
GlobalSize
LoadLibraryA
GetFullPathNameW
GetTempPathW
GetDriveTypeW
GetFileSizeEx
GlobalGetAtomNameW
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
lstrlenW
WideCharToMultiByte
CreateThread
DeleteFileW
CreateProcessW
WaitForSingleObject
GetPrivateProfileIntW
CreateFileW
OpenProcess
OpenThread
EnterCriticalSection
GetThreadContext
GetModuleHandleW
LoadLibraryW
GetProcAddress
HeapFree
GetProcessHeap
HeapAlloc
LocalFree
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CloseHandle
MultiByteToWideChar
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
ReadFileEx
FreeEnvironmentStringsA
GetModuleHandleA
GetTimeZoneInformation
GetStartupInfoA
SetHandleCount
GetModuleFileNameA
GetStdHandle
IsValidCodePage
GetOEMCP
GetACP
ExitProcess
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
HeapCreate
GetCPInfo
LCMapStringW
LCMapStringA
GetCommandLineA
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapSize
HeapReAlloc
HeapDestroy
WaitForInputIdle
SendMessageW
ShowWindow
SetWindowPos
GetWindowRect
SetWindowLongW
GetWindowLongW
CharNextW
PostMessageW
FindWindowW
RegisterWindowMessageW
GetClassNameW
AttachThreadInput
SendMessageTimeoutW
InternalGetWindowText
IsWindowVisible
EnumWindows
GetWindowThreadProcessId
EnumChildWindows
GetForegroundWindow
GetDesktopWindow
GetPrinterDriverDirectoryW
GetPrintProcessorDirectoryW
LookupAccountSidW
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegSetValueExA
RegOpenKeyExA
OpenProcessToken
GetTokenInformation
ConvertStringSidToSidW
RegEnumValueW
RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegCloseKey
SHFileOperationW
SHGetFolderPathW
SHGetSpecialFolderPathW
ShellExecuteW
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
GetHGlobalFromStream
CreateStreamOnHGlobal
CLSIDFromString
CoUninitialize
CoTaskMemAlloc
CoInitialize
VariantClear
VariantInit
SysAllocString
SysAllocStringByteLen
SysAllocStringLen
VariantChangeType
SysStringLen
SysFreeString
VarUI4FromStr
SysStringByteLen
VariantCopy
PathFindNextComponentW
PathIsDirectoryW
StrStrW
PathRemoveBackslashW
PathIsRootW
PathRemoveArgsW
SHRegCreateUSKeyW
SHRegCloseUSKey
StrRChrW
PathRemoveBlanksW
StrToInt64ExW
SHGetValueA
PathGetArgsW
PathStripToRootW
PathRemoveFileSpecW
StrCpyNW
PathAppendW
PathFindExtensionW
StrStrIW
PathCombineW
PathFileExistsW
StrCmpNIW
StrStrIA
StrRStrIW
StrChrIW
StrDupW
StrToIntW
PathRemoveExtensionW
StrCmpW
PathFindFileNameW
StrCmpIW
SHDeleteValueW
SHSetValueW
SHGetValueW
StrChrW
StrCmpNW
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
NetApiBufferFree
DsGetDcNameW
NdrAsyncServerCall
RpcAsyncCompleteCall
RpcServerRegisterIfEx
RpcServerListen
RpcServerUseProtseqEpW
RpcMgmtStopServerListening
RpcServerUnregisterIf
RtlInitUnicodeString
RtlUnwind
NtCreateFile
WNetGetConnectionW
htons
inet_ntoa
EnumProcessModules
GetModuleFileNameExW
WTSEnumerateSessionsW
WTSQuerySessionInformationW
WTSFreeMemory
ADEnumProcessInfoFromSnapShot
ADForceStop
ADFreeSnapShot
ADGetActiveProcessSnapShot
CreateTrayClient
GetExtInfo
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ