Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Static task
static1
Behavioral task
behavioral1
Sample
43d6454a7d488b910da7d3da60b92616.exe
Resource
win7-20231201-en
Behavioral task
behavioral2
Sample
43d6454a7d488b910da7d3da60b92616.exe
Resource
win10v2004-20231201-en
Target
43d6454a7d488b910da7d3da60b92616
Size
4.8MB
MD5
43d6454a7d488b910da7d3da60b92616
SHA1
603598f5174285f63495661e5cc27e9aceb3c304
SHA256
31c4bd4df6764d267d3eab9b503d7c7148e07ddd78930f3633603cff72fd1744
SHA512
ddec275c8caed7c7abbc8cba2b9b7e8761dbf69606a0563fd66f3ed4c7d5b44915fc070d082d5e756a171ec0951885b8a8cfec69979132a87c51f9d9ca7cc31e
SSDEEP
98304:0asAw07rHCPx4J+2AdPuOdcRt6qEbmfA8sAqRrA7CpjJJmikQQj/D02:2Abru1PLcRQ6fALAyrAIlJrEM2
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
LoadLibraryW
VirtualQuery
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress
SHGetFolderPathW
WTSSendMessageW
GetProcessWindowStation
GetProcessWindowStation
GetUserObjectInformationW
�����4�b�>hw{�y��W��� ���Ljw؝�V���% ��7���}�����̀��SІ2��w��^3:"�J�v��"%V7�[z��(.֜�!�8C16��������Aؠ֤�`@L]���l�'���2ɼ\�..Q s�̕ 3-��e���oi��<��%b�%z&d�s�R��t���K���@|��b��m���z�����"�����1S&p�x�$�p*Z��\s���c�ō�Pk��fL�Or-4JizvBr}H-א�����)���]��A�����E>�v�w4�~v)�|~W��S��HR��S<���x��Y��d��m�������ⵗ����A�ӹj� ���J���/���N=��/� ��%�=RT���Ј&�JO�y�_����Eh.]r#�p�f���1.�p:X�G��a�ud��i���&�ՂS���L�%Zπ���B'!��qƂTb3����pmj�N7�>w�RCs����K+�����C~����(�%��ӈ��jܤ3F� |��}�o[�5=4"�ۋ�����k��5�+ S����9����1�įk��n��2��x�$�o�i���;s�Qq����*8$�9�Д~7M������:,3�2&��k�����bO��}A���>���G�AJ�HQsy �j��$�L�:��}�Z:^h@�hFw���ܫkΎ���4Y��?G�M��G��8�pxz�!T�����REfjᐣ�G����!�]�k-"iv~�����u�C`\���Y�$�E�p�~��_E|�dxb�����~�s� RY��o�704S��j��Pq˓֯��z��\���d�:�B�z�w����- #�E�%^nF<�)")+X��T% ]��^�B �X�W�,��W� <@����>��s.�A�9��p��硣�t_P���e���5Nb�7�%Tc�U��� �dW�I�����jk�@�OʍT�Ʃ���4x�X�zm�nB��!R�6LL?V>�r9�b,K�1�GF U)���ZGW���i3a��`3�� �WO}s^�������p��ѡt8�ڞ&^��}�ە;8�6r�8������m'L[���^��JL�gE� �|l�����쵽�w�oUXt��oǜt�"y���n�^w��d�����KHC��`�����n�9�lu� *�g5Щ�Ud�h)��CnC^:u����Mu���ۤ�h"�������]�YɅ�>��}Q�"a%߱-8�ܹRG�=q�@<+����@��o�j?�a�|�x&/�������������\LV��Y��MjY�fpt�Zh�����N����Q�d�~���j���d�a`��rU����lV�4��q:�Yjҹ���M��Rgw������q������:��� V֭�G� j�fI�6&�]�������.[e�E�z��������{�VH|ߠ�V���}�ܷ�@5p��1eF�:�Y+5UPN5���O��)8S��+����3�n$H�R�P��J��!��Y����o2A�������,������}#�b���i�1פ:�óz<�A��e�"�J�c��c����D-3[&�vbl^#�:�q�����o0�����+����٨���b�X���@�X���k�ngp�xercH�h�LB]b4�����/t`V�i}O�L�}_;�m���3�8l[yV��B���LA �>�˷��'��+Ԥ� �p���)]e�萠m#��_�_�F su�ʏ��9�˪5�Q�@p9��j�y�;G�Hka��(���"b��/���ɠ&v�%�%f`��gd/�;�o~;���Z��ru�����:�;`8-�_�R�u�s��∇g��#�@��Ձ��ӋhM��p�=u�Y�х����!��3�^g�'�{m��6���+#���YK��nDy�)�����f�V[/v�h{xѳ�,�'5#�ho4�h��������]o(T�-������u�5_ag�|�1h���ټY�i���:%b6���%jdI�uF���<$5nf۩���Y�T���o�:f>6]�)GLJ^[a�֭����"_��t!�����U�N��,h��hdi�(v�ߗJnpN���F[�1��n�<Z�StV������t�6&����d����z�e��m"�Z^L�2���|�Q���k��F�;�ʞD�ch*��֓�"A�FA1}���4KOt h/�%IYr�}�L���@�,�����U��j���V��)"?z������ ��J��k>5����۷;1��� F�:h��˧>��F�@�W�eG�2��^�A^�k_�5��Ї�B9��1��E��/�]>C:��Jy:\����2�xd����ܛ��ǩ� ������0����D�ߦsӘ$�����e] r"�٩�i�/VZ�A����Km��&Ԭ��}L�Ϧ��|��&��;��ny��ʷ�����j���g.{f���v�E���.��$�0������������36WVĴMFP�;�����$Î�W�gO�ír�a�9!���2��|# �s������]�՛1���ȡ�(���~��$!����%"�b���p��+�n�����˘�t��[N�h�e���8�rb_v��#Y�>�+n]ăw9`0m���e���Ӭ�%f�sȝ��l6G�zZ��d�I$�L����<�2̪vX���` (�,U!e��w��[̙gTbyq牍��:�)���E�,����gyF�'ۄ��ڕ�e�#h���ق]+�me� f�ƨ:��P1[b��d��!>`��ϵ3ͮx���q��Hv��J/���E�z�y �~�Y �P�.�(�5�M�iCm�J=��_��ݎ&��GŴ�B�毇k��,�/j���sb#$�����r�W�+ ��S�A^{�6ٰ��di5j?v�O�m����1yc�8q������FA�z]�f��� �2ݹc���oj�e"��#E��E�oԖ��[�ī�s�>t�DLTn�����a���>�80��A�qe��#6�o�����8>6�Y>=�lA{,l8��dt���
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ