Extended Key Usages
ExtKeyUsageTimeStamping
Static task
static1
Behavioral task
behavioral1
Sample
Integrator.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
Integrator.exe
Resource
win10v2004-20231023-en
Target
Integrator.exe
Size
3.1MB
MD5
852f1cf4df811dec388d0e61107559c0
SHA1
7a1180673c3290119f8334d0c18fc1b5251cffc4
SHA256
dcd148c1f045cc381f1e24ea2d05b8e2bea2e62aee334e5d608f8a5a1fbc0289
SHA512
a54654f324cc44af63386b0097b422914bb484f49af809510a24632c5c0f2c6b5264a422f4e66d2863ff891667ce69f413bfb810ec6317060d837f9e8e972ef9
SSDEEP
98304:BeSW+JZhPSEXsVTXjQrkkCoRQV1riisXLmQ:YSvJJ8VTMRRZv
ExtKeyUsageTimeStamping
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
EventWrite
EventWriteTransfer
EventRegister
EventUnregister
RegGetValueW
RegDeleteValueW
RegDeleteKeyW
RegDeleteTreeW
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
FreeSid
EqualSid
CreateWellKnownSid
IsValidSid
GetSidSubAuthorityCount
GetSidSubAuthority
RevertToSelf
OpenThreadToken
ConvertStringSecurityDescriptorToSecurityDescriptorW
OpenSCManagerW
CloseServiceHandle
OpenServiceW
QueryServiceStatusEx
StartServiceW
ControlService
EnumDependentServicesW
GetLengthSid
CopySid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
GetSecurityDescriptorDacl
ConvertSidToStringSidA
CheckTokenMembership
RegNotifyChangeKeyValue
SetNamedSecurityInfoW
GetSecurityDescriptorControl
SetEntriesInAclW
BuildTrusteeWithSidW
GetNamedSecurityInfoW
ConvertStringSecurityDescriptorToSecurityDescriptorA
FindFirstFileW
FindNextFileW
DeviceIoControl
RemoveDirectoryW
SetEndOfFile
CreateFileW
GetModuleHandleA
GetDiskFreeSpaceExW
CloseHandle
GetProcAddress
SetFilePointerEx
CopyFileW
WideCharToMultiByte
FindNextFileA
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
Sleep
GetStringTypeExW
GetUserDefaultLCID
LCMapStringW
FreeLibrary
LocalFree
FormatMessageA
GetCurrentThreadId
FlsAlloc
TlsAlloc
FlsFree
TlsFree
FlsGetValue
TlsGetValue
FlsSetValue
TlsSetValue
GetTickCount64
GetModuleHandleExW
K32GetProcessMemoryInfo
GlobalMemoryStatusEx
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
ReleaseSRWLockShared
AcquireSRWLockShared
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeSRWLock
GetCurrentProcessId
FileTimeToSystemTime
GetUserDefaultLocaleName
IsValidCodePage
SetLastError
GetSystemTime
SystemTimeToFileTime
GetCPInfoExW
CreateEventExW
GetStringTypeW
RaiseException
LoadLibraryExW
GetModuleHandleW
VerSetConditionMask
VerifyVersionInfoW
GetVersionExW
TerminateProcess
GetModuleFileNameA
GetShortPathNameA
K32GetModuleFileNameExW
CreateProcessW
FindResourceW
SizeofResource
LoadResource
OpenProcess
SetErrorMode
GetComputerNameW
FormatMessageW
GetLogicalProcessorInformation
GetNativeSystemInfo
GetSystemDirectoryW
ReleaseMutex
OpenMutexW
WaitForSingleObjectEx
lstrlenW
GetPriorityClass
GetExitCodeProcess
CreateDirectoryW
WaitForMultipleObjectsEx
SignalObjectAndWait
GetProcessAffinityMask
CreateWaitableTimerW
SetWaitableTimerEx
CancelWaitableTimer
QueryDepthSList
TryEnterCriticalSection
InitializeSListHead
InterlockedPushEntrySList
InterlockedPopEntrySList
ProcessIdToSessionId
GetExitCodeThread
WaitForMultipleObjects
HeapFree
GetProcessHeap
WriteFile
ReadFile
GetFileSizeEx
GetTempPathW
GetTempFileNameW
GetTickCount
SetEvent
ReleaseSemaphore
lstrcmpW
OpenEventA
CreateEventA
OpenMutexA
CreateMutexA
OpenSemaphoreA
CreateSemaphoreA
OpenFileMappingA
GlobalAlloc
GlobalFree
LocalAlloc
HeapAlloc
GetCommandLineW
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
IsValidLocale
QueryUnbiasedInterruptTime
LCMapStringEx
CreateThread
CreateEventW
LoadLibraryW
OutputDebugStringA
CloseThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CreateThreadpoolTimer
CloseThreadpoolWait
SetThreadpoolWait
WaitForThreadpoolWaitCallbacks
CreateThreadpoolWait
CreateThreadpoolWork
SubmitThreadpoolWork
WaitForSingleObject
GetLongPathNameW
ResetEvent
GetOverlappedResult
FlushFileBuffers
CancelIoEx
GetFileType
SetFileInformationByHandle
GetFileInformationByHandleEx
LockResource
LCIDToLocaleName
LocaleNameToLCID
GetSystemDefaultLCID
WerRegisterMemoryBlock
WerUnregisterMemoryBlock
QueryFullProcessImageNameW
SetThreadAffinityMask
IsProcessorFeaturePresent
CreateIoCompletionPort
PostQueuedCompletionStatus
GetThreadIOPendingFlag
GetQueuedCompletionStatus
RtlCaptureStackBackTrace
IsDebuggerPresent
CreateMemoryResourceNotification
GetSystemPowerStatus
IsSystemResumeAutomatic
OutputDebugStringW
VirtualFree
VirtualAlloc
GetProductInfo
LoadLibraryExA
VirtualQuery
GetSystemInfo
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
FindFirstFileExA
GetOEMCP
WriteConsoleW
SetStdHandle
EnumSystemLocalesW
GetTimeFormatW
GetDateFormatW
GetCommandLineA
ExitProcess
GetStdHandle
HeapReAlloc
GetACP
HeapSize
GetConsoleCP
GetConsoleMode
UnregisterWaitEx
VirtualProtect
FreeLibraryAndExitThread
UnregisterWait
RegisterWaitForSingleObject
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetThreadPriority
SetThreadPriority
SwitchToThread
CreateTimerQueue
InterlockedFlushSList
RtlUnwind
GetStartupInfoW
SetUnhandledExceptionFilter
GetThreadTimes
GetCurrentThread
GetProcessTimes
QueryPerformanceCounter
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetLocaleInfoW
CompareStringW
GetCPInfo
InitializeCriticalSectionAndSpinCount
EncodePointer
DuplicateHandle
DecodePointer
GetUserGeoID
QueryPerformanceFrequency
FindFirstFileExW
FindClose
SetFileAttributesW
DeleteFileW
GetFileAttributesExW
ExpandEnvironmentStringsW
GetModuleFileNameW
MultiByteToWideChar
IsWow64Process
CompareStringEx
GetLastError
GetCurrentProcess
GetLocalTime
CoTaskMemAlloc
CoCreateFreeThreadedMarshaler
CreateStreamOnHGlobal
IIDFromString
CoCreateInstance
CoSetProxyBlanket
CLSIDFromString
StringFromGUID2
CoCreateGuid
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoRevokeInitializeSpy
CoRegisterInitializeSpy
VariantInit
VariantClear
SysAllocString
SysFreeString
WintrustRemoveActionID
WintrustAddActionID
GetDeviceCaps
InstallPrinterDriverFromPackageW
ClosePrinter
XcvDataW
DeletePrinter
OpenPrinterW
AddPrinterW
DeletePrinterDriverExW
UploadPrinterDriverPackageW
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ