Extended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.6f5957309bafb6946f47e39313b9e100.exe
Resource
win7-20231025-en
Behavioral task
behavioral2
Sample
NEAS.6f5957309bafb6946f47e39313b9e100.exe
Resource
win10v2004-20231023-en
Target
NEAS.6f5957309bafb6946f47e39313b9e100.exe
Size
840KB
MD5
6f5957309bafb6946f47e39313b9e100
SHA1
980c439d2a39ffafd6caccde8658b20fe5d4f30d
SHA256
fcd13232c9c050eadd7a8745db288951240c74b01f50fcfb7a6064d807446765
SHA512
fdd4920396f710d94b9d77c153696f1478de7822b49ae86a8f6a824c68256986126315ad678f9a13dba4de61381ed025f25b27ccf7c95ed3bef2375f3f15140c
SSDEEP
24576:RDi2zO1nlNzN0IblqlpcwvABkkG5e7cmP:RBzO1npXlqlpcwI2Be7cmP
ExtKeyUsageTimeStamping
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
NtQueryInformationFile
RtlUnwind
RtlNtStatusToDosError
GetAdaptersInfo
GetVolumePathNameW
GetFileAttributesW
FindFirstFileW
GetVolumeInformationW
lstrcmpW
GetSystemDirectoryW
CreateMutexW
ReleaseMutex
GetVolumeNameForVolumeMountPointW
GetDiskFreeSpaceW
LocalFree
TerminateThread
FindVolumeClose
FindNextVolumeW
FindVolumeMountPointClose
FindNextVolumeMountPointW
FindFirstVolumeMountPointW
FindFirstVolumeW
GetTickCount
InterlockedExchange
InterlockedCompareExchange
GetDiskFreeSpaceExW
FreeResource
GetCurrentThread
GetCompressedFileSizeW
SetEndOfFile
SetFilePointerEx
GetSystemTimeAsFileTime
OpenEventW
ConnectNamedPipe
CreateNamedPipeW
DisconnectNamedPipe
GetEnvironmentVariableW
DuplicateHandle
GetFileSizeEx
ReleaseSemaphore
QueueUserWorkItem
ReadFileEx
SleepEx
CancelIo
WaitForMultipleObjectsEx
IsProcessorFeaturePresent
VirtualAlloc
SetEnvironmentVariableA
CompareStringW
WriteConsoleW
SetStdHandle
GetStringTypeW
GetConsoleMode
FindClose
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetFileSize
ReadFile
GetTimeZoneInformation
WriteFile
GetDriveTypeW
GetLogicalDrives
DeleteFileW
GetTempPathW
GetTempFileNameW
FlushFileBuffers
SetFilePointer
DeviceIoControl
lstrlenA
WideCharToMultiByte
InterlockedIncrement
CreateFileW
GetCommandLineW
VirtualFree
SetCurrentDirectoryW
LoadLibraryExW
MultiByteToWideChar
LoadLibraryW
FreeLibrary
InterlockedDecrement
SetLastError
SetEvent
CreateEventW
GetCurrentThreadId
GetVersionExW
GetModuleFileNameW
GetCurrentProcess
FlushInstructionCache
lstrcmpiW
GetModuleHandleW
GetProcAddress
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
RaiseException
lstrlenW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
EnterCriticalSection
CreateThread
SetThreadPriority
ResumeThread
Sleep
WaitForSingleObject
CloseHandle
GetLastError
GetConsoleCP
FindNextFileW
InterlockedPopEntrySList
EncodePointer
CreateSemaphoreW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapCreate
GetStdHandle
ExitProcess
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
InterlockedPushEntrySList
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
VirtualProtect
GetSystemInfo
VirtualQuery
ExitThread
HeapSetInformation
DecodePointer
PeekMessageW
BroadcastSystemMessageW
DefWindowProcW
CallWindowProcW
GetWindowLongW
LoadStringW
UnregisterClassA
CharNextW
CharUpperW
DestroyWindow
PostThreadMessageW
TranslateMessage
DispatchMessageW
GetMessageW
SetWindowLongW
GetClassInfoExW
LoadCursorW
IsWindow
MessageBoxW
CreateWindowExW
RegisterClassExW
ControlService
SetNamedSecurityInfoW
ConvertStringSidToSidW
MakeSelfRelativeSD
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
MakeAbsoluteSD
GetSecurityDescriptorControl
GetAclInformation
InitializeAcl
AddAce
GetTokenInformation
OpenThreadToken
GetSecurityDescriptorLength
EnumServicesStatusW
QueryServiceConfigW
ChangeServiceConfigW
QueryServiceStatus
StartServiceW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
GetSidLengthRequired
InitializeSid
GetSidSubAuthority
IsValidSid
GetLengthSid
CopySid
RegFlushKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
InitiateSystemShutdownW
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerW
DeleteService
CreateServiceW
RegEnumKeyExW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
RegQueryInfoKeyW
SetServiceStatus
RegisterEventSourceW
ReportEventW
DeregisterEventSource
RegSetValueExW
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
CoUninitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoInitializeSecurity
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoResumeClassObjects
CoAddRefServerProcess
CoReleaseServerProcess
CoRevertToSelf
CoImpersonateClient
CoCreateGuid
CoInitializeEx
SafeArrayDestroy
SafeArrayRedim
SafeArrayCreate
SysAllocStringByteLen
SysStringByteLen
SafeArrayGetVartype
VariantInit
SysAllocStringLen
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
LoadRegTypeLi
VariantCopy
VariantClear
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysStringLen
SysAllocString
SysFreeString
SafeArrayCopy
UnloadUserProfile
NetShareEnum
NetApiBufferFree
NetShareAdd
NetShareDel
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ