Extended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
Static task
static1
Behavioral task
behavioral1
Sample
0c199cc57de80aaf6f4bcc6b6f1eb0e7.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
0c199cc57de80aaf6f4bcc6b6f1eb0e7.dll
Resource
win10v2004-20231215-en
Target
0c199cc57de80aaf6f4bcc6b6f1eb0e7
Size
145KB
MD5
0c199cc57de80aaf6f4bcc6b6f1eb0e7
SHA1
50043e8def33797596b0f2684ac7e06bd9a4b97a
SHA256
e7a0bed7145e6268153737f27a62f2c5be2ccf9c6734d30c9951e0fa5e637d45
SHA512
93b339d7dfc7e12c27c20143c69b4a905127d90eeb0f25d2e3832703a4a20fbb2e7c356a130bb5d4f7ba5f2a3b21e03885b79700ae2cb6a757e7c6a564023933
SSDEEP
3072:/Owos4Xmuexh7e7AGoOhcVwxzduEr+NOAaeEQuTzbI:/Ozs4Poh7eUGolwxonNOAae30nI
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageContentCommitment
ExtKeyUsageTimeStamping
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
?CreateFileW@FS@@YAHPB_WKPAPAUITXFile@@@Z
??BCTXStringA@@QBEPBDXZ
?UnicodeToGBK@Convert@Util@@YA_NAAVCTXStringA@@PB_WH@Z
??0CTXStringA@@QAE@XZ
??H@YA?AVCTXStringW@@ABV0@0@Z
??8@YA_NABVCTXStringW@@PB_W@Z
?Format@CTXStringW@@QAAXPB_WZZ
?Delete@CTXStringW@@QAEHHH@Z
?GetAt@CTXStringW@@QBE_WH@Z
?GetLength@CTXStringW@@QBEHXZ
?DecodeUrl@Encode@Util@@YA?AVCTXStringW@@ABV3@_N@Z
??4CTXStringW@@QAEAAV0@ABV0@@Z
??0CTXStringW@@QAE@XZ
??H@YA?AVCTXStringW@@PB_WABV0@@Z
?Download@CTXHttpDownload@@QAEHPB_WPAU_SYSTEMTIME@@0@Z
?AddInfo@CTXHttpDownload@@QAEHABVCTXStringW@@0@Z
wcslcpy
wcslcat
??9CTXBSTR@@QBE_NPB_W@Z
??4CTXBSTR@@QAEAAV0@PB_W@Z
?LoadXmlByName@FS@Util@@YAHPB_WPAPAUIXMLDOMDocument@@@Z
??1CTXHttpDownloadSink@@UAE@XZ
?CancelDownload@CTXHttpDownload@@QAEXXZ
?OnConnecting@CTXHttpDownloadSink@@UAEXPAVCTXHttpDownload@@PB_W@Z
?OnConnected@CTXHttpDownloadSink@@UAEXPAVCTXHttpDownload@@@Z
?OnDownloadStart@CTXHttpDownloadSink@@UAEXPAVCTXHttpDownload@@KK@Z
?OnProgress@CTXHttpDownloadSink@@UAEXPAVCTXHttpDownload@@KK@Z
?OnRedirected@CTXHttpDownloadSink@@UAEXPAVCTXHttpDownload@@PB_W@Z
?OnError@CTXHttpDownloadSink@@UAEXPAVCTXHttpDownload@@K@Z
?SetUIInterface@CTXHttpDownload@@QAEXPAVCTXHttpDownloadSink@@@Z
??1CTXStringA@@QAE@XZ
??0CTXHttpDownloadSink@@IAE@XZ
?IsFileExist@FS@@YAHPB_W@Z
?MoveDownloadFile@CTXHttpDownload@@QAEHPB_WH@Z
?GetResponseFileName@CTXHttpDownload@@QAEHAAVCTXStringW@@@Z
ord33
?QueryInfo@CTXHttpDownload@@QAEHABVCTXStringW@@AAV2@H@Z
?CompareNoCase@CTXStringW@@QBEHPB_W@Z
?StringToXml@Convert@Util@@YA?AVCTXStringW@@ABV3@@Z
?EncodeUrl@Encode@Util@@YA?AVCTXStringW@@ABV3@_N1@Z
?DeleteFileW@FS@@YAHPB_W@Z
?UploadFile@CTXHttpUploadStandard@@QAEHABVCTXStringW@@0@Z
??1CTXHttpUploadStandard@@UAE@XZ
??0CTXHttpUploadStandard@@QAE@XZ
??1CTXBSTR@@QAE@XZ
?IsEmpty@CTXStringW@@QBE_NXZ
??4CTXStringW@@QAEAAV0@PB_W@Z
??4CTXStringW@@QAEAAV0@PA_W@Z
ord37
?CreateTXBuffer@Data@Util@@YAHPAPAUITXBuffer@@@Z
??8CTXBSTR@@QBE_NPB_W@Z
?DoFormat@CFmtString@@QAEPB_WPB_W@Z
??0CTXStringW@@QAE@PB_W@Z
??0CTXStringW@@QAE@ABV0@@Z
??0CTXBSTR@@QAE@PB_W@Z
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
??1CTXStringW@@QAE@XZ
??BCTXStringW@@QBEPB_WXZ
?LoadStringW@TXStringBundle@@YAPB_WPB_W@Z
??0CTXBSTR@@QAE@XZ
??ICTXBSTR@@QAEPAPA_WXZ
??0CTXHttpDownload@@QAE@XZ
?CreateDirectoryW@FS@@YAHPB_W@Z
??BCTXBSTR@@QBEPA_WXZ
??0CTXStringW@@QAE@PA_W@Z
??1CTXHttpDownload@@UAE@XZ
?RawCreateGFElementByXtml@GF@Util@@YAJPA_WPAPAUIGFElement@@PAU3@VCTXStringW@@@Z
?CodecTLV@CTXDataReportCodecBase@@UAGJKPAUITXData@@PAPAUITXBuffer@@@Z
?UnRegisterCodec@DataReport@Util@@YAJPAUITXDataReportCodecExt@@@Z
?IsFlagValid@Contact@Util@@YAHKK@Z
?GetSelfUin@Contact@Util@@YAKXZ
?GetSignFmt@URL@Util@@YAXAAVCFmtString@@@Z
?OpenUrlWithDefault@URL@Util@@YAXABVCTXStringW@@W4URLMODIFYLEVEL@12@0@Z
?RegisterCodec@DataReport@Util@@YAJKKPAUITXDataReportCodecExt@@@Z
?GetMinorVer@Version@@YAEXZ
?GetMajorVer@Version@@YAEXZ
?Get32ByteValueAddedSign@Misc@Util@@YA?AVCTXStringW@@XZ
?IncHelper@DataReport@Util@@YAJKPB_WK@Z
?CodeWord@CTXDataReportCodecBase@@IAEXEPB_W@Z
??1CTXDataReportCodecBase@@UAE@XZ
??0CTXDataReportCodecBase@@QAE@XZ
?OpenUrlWithWnd@URL@Util@@YAPAUHWND__@@ABVCTXStringW@@W4URLMODIFYLEVEL@12@0HHPB_WPAPAUIGFStandardWin@@HV4@H@Z
InterlockedDecrement
SetThreadLocale
GetThreadLocale
RaiseException
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
GetLastError
lstrlenW
lstrcmpiW
GetModuleHandleW
GetModuleFileNameW
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
GetFileAttributesW
ExpandEnvironmentStringsW
FindClose
InterlockedIncrement
GetPrivateProfileStringW
FindFirstFileW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetVersionExA
InterlockedExchange
GetACP
GetLocaleInfoA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
Sleep
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
FindNextFileW
DeleteCriticalSection
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetDesktopWindow
CharNextW
UnregisterClassA
RegQueryValueExW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteKeyW
RegOpenKeyW
SHGetSpecialFolderPathW
ShellExecuteW
SHGetFileInfoW
CoTaskMemFree
CoCreateInstance
StringFromCLSID
LoadTypeLi
LoadRegTypeLi
SysStringLen
SysFreeString
VarUI4FromStr
ord22
ord15
ord64
ord23
ord61
ord58
ord31
ord32
ord18
ord30
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
??3@YAXPAX@Z
_CxxThrowException
_recalloc
__CxxFrameHandler3
memcpy_s
malloc
free
wcscpy_s
wcsncpy_s
??_V@YAXPAX@Z
memmove_s
_purecall
??2@YAPAXI@Z
memset
_invalid_parameter_noinfo
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABV01@@Z
_snwprintf
_time64
_except_handler4_common
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ