Extracted

Extracted

• a2fb014defc27eb2f5bd77c6f2cea17cbcd153cc565b550b67ef0510b48a88a5

  .exe windows:6 windows x64 arch:x64

  74a352b7be38be736b4f1e0d51b66e8c

  
  

  Code Sign

  33:00:00:03:4e:b5:3c:7a:c1:84:6f:eb:2b:00:00:00:00:03:4e

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  16/03/2023, 18:43

  Not After

  14/03/2024, 18:43

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0e:90:d2:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  08/07/2011, 20:59

  Not After

  08/07/2026, 21:09

  Subject

  CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  9e:dd:1e:bc:ec:24:5c:f6:53:f5:af:76:d9:8f:70:da:01:01:f3:90:a3:10:38:b7:e6:7b:0e:ab:35:35:3c:3e

  Signer

  Actual PE Digest

  9e:dd:1e:bc:ec:24:5c:f6:53:f5:af:76:d9:8f:70:da:01:01:f3:90:a3:10:38:b7:e6:7b:0e:ab:35:35:3c:3e

  Digest Algorithm

  sha256

  PE Digest Matches

  false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Imports

  shlwapi

  PathIsNetworkPathW

  StrCmpIW

  SHAutoComplete

  ColorHLSToRGB

  ColorRGBToHLS

  StrStrIW

  ord176

  UrlUnescapeW

  iphlpapi

  GetExtendedTcpTable

  GetExtendedUdpTable

  ws2_32

  WSAStartup

  ntohs

  ntohl

  gethostbyaddr

  htons

  htonl

  getservbyport

  mpr

  WNetGetConnectionW

  comctl32

  ImageList_ReplaceIcon

  ImageList_Add

  InitCommonControlsEx

  ImageList_Destroy

  ImageList_DrawEx

  ImageList_GetIconSize

  ImageList_Create

  ImageList_AddMasked

  ImageList_BeginDrag

  ImageList_EndDrag

  ImageList_DragEnter

  ImageList_DragLeave

  ImageList_DragMove

  CreateStatusWindowW

  ImageList_DragShowNolock

  ord17

  PropertySheetW

  ord413

  CreatePropertySheetPageW

  ImageList_GetIcon

  ord410

  version

  GetFileVersionInfoW

  GetFileVersionInfoSizeW

  VerQueryValueW

  credui

  CredUIPromptForCredentialsW

  setupapi

  SetupDiGetDeviceInterfaceDetailW

  SetupDiEnumDeviceInterfaces

  SetupDiGetClassDevsW

  SetupDiDestroyDeviceInfoList

  crypt32

  CertGetNameStringW

  CertDuplicateCertificateContext

  aclui

  ord1

  powrprof

  SetSuspendState

  IsPwrSuspendAllowed

  IsPwrHibernateAllowed

  wtsapi32

  WTSLogoffSession

  WTSFreeMemory

  WTSEnumerateSessionsW

  WTSQuerySessionInformationW

  WTSDisconnectSession

  WTSSendMessageW

  uxtheme

  OpenThemeData

  CloseThemeData

  DrawThemeBackground

  GetThemePartSize

  SetWindowTheme

  EnableThemeDialogTexture

  ntdll

  NtQuerySymbolicLinkObject

  NtQueryObject

  NtOpenSymbolicLinkObject

  NtQuerySystemInformation

  NtSetInformationProcess

  VerSetConditionMask

  NtLoadDriver

  NtCreateKey

  NtOpenKey

  NtQuerySemaphore

  NtSuspendThread

  RtlCaptureContext

  RtlLookupFunctionEntry

  RtlUnwind

  RtlPcToFileHeader

  RtlUnwindEx

  NtResumeThread

  NtResumeProcess

  NtOpenThread

  RtlCreateQueryDebugBuffer

  RtlQueryProcessDebugInformation

  RtlDestroyQueryDebugBuffer

  NtQueryEvent

  NtQueryInformationThread

  NtQuerySection

  NtQueryInformationProcess

  NtQueryMutant

  NtSuspendProcess

  RtlVirtualUnwind

  gdi32

  CreateSolidBrush

  DeleteDC

  GetBkColor

  GetBkMode

  GetDeviceCaps

  GetStockObject

  CreateRectRgnIndirect

  RectInRegion

  SelectClipRgn

  SelectObject

  SetBkColor

  SetDCPenColor

  SetBkMode

  SetTextColor

  GetTextMetricsW

  MoveToEx

  Polyline

  ExtTextOutW

  SetViewportOrgEx

  CreateFontIndirectW

  GetTextExtentPoint32W

  Rectangle

  SetTextAlign

  TextOutW

  SetMapMode

  StartDocW

  EndDoc

  StartPage

  EndPage

  CreateBitmap

  CreatePatternBrush

  ExcludeClipRect

  GetCurrentObject

  PatBlt

  Polygon

  GetTextExtentExPointW

  RestoreDC

  SaveDC

  SetROP2

  CreatePen

  CreateCompatibleDC

  CreateCompatibleBitmap

  BitBlt

  DeleteObject

  GetObjectW

  CreateDIBSection

  LineTo

  comdlg32

  PrintDlgW

  ChooseFontW

  CommDlgExtendedError

  GetOpenFileNameW

  GetSaveFileNameW

  ChooseColorW

  FindTextW

  kernel32

  FileTimeToLocalFileTime

  GetFileSize

  GetFileTime

  GetFullPathNameW

  GetLongPathNameW

  WriteFile

  CloseHandle

  GetLastError

  SetErrorMode

  InitializeCriticalSection

  Sleep

  GetCurrentProcess

  ExitThread

  TlsAlloc

  TlsSetValue

  CreateProcessW

  OpenProcess

  GetVersion

  GetSystemWindowsDirectoryW

  CreateFileMappingW

  MapViewOfFile

  UnmapViewOfFile

  IsWow64Process

  GetSystemWow64DirectoryW

  GetModuleFileNameW

  GetModuleHandleW

  GetProcAddress

  LocalFree

  FormatMessageA

  lstrlenW

  FileTimeToSystemTime

  GetDateFormatW

  GetTimeFormatW

  GetLocaleInfoW

  GetNumberFormatW

  CreateToolhelp32Snapshot

  Process32FirstW

  Process32NextW

  FindFirstFileW

  GetFileAttributesW

  VirtualQuery

  FreeLibrary

  LoadLibraryExW

  ReadFile

  MultiByteToWideChar

  FindClose

  FindNextFileW

  EnterCriticalSection

  LeaveCriticalSection

  SetEvent

  WaitForSingleObject

  CreateEventW

  WaitForMultipleObjects

  GetCurrentThread

  HeapDestroy

  HeapAlloc

  HeapReAlloc

  HeapFree

  HeapSize

  GetProcessHeap

  CreateThread

  GetExitCodeThread

  FindResourceExW

  LoadResource

  LockResource

  SizeofResource

  FindResourceW

  SetLastError

  GetVersionExW

  GetFileSizeEx

  LoadLibraryW

  GetTickCount

  MulDiv

  GlobalAddAtomW

  GlobalAlloc

  GlobalUnlock

  ExpandEnvironmentStringsW

  GetPrivateProfileIntW

  RaiseException

  InitializeCriticalSectionEx

  DeleteCriticalSection

  GetCurrentThreadId

  DeleteFileW

  GetTempFileNameW

  GetTempPathW

  GetThreadId

  FormatMessageW

  GetCommandLineW

  GetFileType

  LocalAlloc

  TerminateThread

  GlobalReAlloc

  Module32FirstW

  Module32NextW

  GetSystemTime

  GetSystemTimeAsFileTime

  SystemTimeToFileTime

  IsBadStringPtrW

  OpenEventW

  VerifyVersionInfoW

  GetEnvironmentVariableW

  ReadProcessMemory

  lstrcmpiW

  GetSystemDirectoryW

  SearchPathW

  SetFilePointer

  GetCurrentProcessId

  VirtualQueryEx

  OpenThread

  SuspendThread

  ResumeThread

  GetThreadContext

  Thread32First

  Thread32Next

  QueryPerformanceCounter

  QueryPerformanceFrequency

  ResetEvent

  IsBadReadPtr

  TerminateProcess

  SetPriorityClass

  ProcessIdToSessionId

  GetProcessId

  GlobalMemoryStatusEx

  GetLogicalProcessorInformation

  SetProcessWorkingSetSize

  GlobalFree

  PulseEvent

  GetComputerNameW

  WTSGetActiveConsoleSessionId

  GetCurrentDirectoryW

  GetDriveTypeW

  OutputDebugStringW

  DuplicateHandle

  DeviceIoControl

  VirtualAlloc

  VirtualFree

  GetProcessWorkingSetSize

  TrySubmitThreadpoolCallback

  IsProcessInJob

  CreateJobObjectW

  QueryInformationJobObject

  GetThreadGroupAffinity

  SetThreadGroupAffinity

  GlobalMemoryStatus

  GetProcessAffinityMask

  SetProcessAffinityMask

  GetActiveProcessorGroupCount

  GetActiveProcessorCount

  WideCharToMultiByte

  K32GetModuleFileNameExW

  K32GetMappedFileNameW

  K32QueryWorkingSet

  DecodePointer

  GetStartupInfoW

  GetThreadIdealProcessorEx

  GetTickCount64

  QueryThreadCycleTime

  SystemTimeToTzSpecificLocalTime

  GetNativeSystemInfo

  CompareStringW

  FlsFree

  FlsSetValue

  FlsGetValue

  FlsAlloc

  LCMapStringEx

  GetStringTypeW

  TryAcquireSRWLockExclusive

  AcquireSRWLockExclusive

  ReleaseSRWLockExclusive

  InitializeSRWLock

  LoadLibraryExA

  FlushInstructionCache

  InterlockedPushEntrySList

  InterlockedPopEntrySList

  InitializeSListHead

  EncodePointer

  IsDebuggerPresent

  LCMapStringW

  IsValidLocale

  GetUserDefaultLCID

  EnumSystemLocalesW

  SetFilePointerEx

  FlushFileBuffers

  GetConsoleOutputCP

  GetConsoleMode

  SetConsoleMode

  ReadConsoleInputW

  SetEnvironmentVariableW

  GetStdHandle

  TlsGetValue

  ReadConsoleW

  GetTimeZoneInformation

  FindFirstFileExW

  IsValidCodePage

  GetACP

  GetCPInfo

  InitializeCriticalSectionAndSpinCount

  WaitForSingleObjectEx

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsProcessorFeaturePresent

  TlsFree

  FreeLibraryAndExitThread

  GetModuleHandleExW

  ExitProcess

  GetConsoleCP

  GetSystemInfo

  GetOEMCP

  GetCommandLineA

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  SetStdHandle

  SetEndOfFile

  WriteConsoleW

  CreateFileW

  GlobalLock

  VirtualProtect

  GetPrivateProfileStringW

  user32

  GetDesktopWindow

  GetWindow

  CheckMenuRadioItem

  MonitorFromPoint

  GetWindowPlacement

  CheckDlgButton

  IsDlgButtonChecked

  EnableWindow

  ModifyMenuW

  TrackPopupMenu

  SetMenuInfo

  InvalidateRgn

  SetClassLongW

  EnumWindows

  CopyAcceleratorTableW

  TranslateAcceleratorW

  DrawMenuBar

  IsDialogMessageW

  GetMenuBarInfo

  ShowWindowAsync

  IsIconic

  EndTask

  RegisterWindowMessageW

  GetMessageW

  TranslateMessage

  DispatchMessageW

  ExitWindowsEx

  SetLayeredWindowAttributes

  CreateDialogParamW

  GetDlgItemTextW

  CreateMenu

  GetMenuInfo

  EndMenu

  LoadIconW

  LockWorkStation

  IsHungAppWindow

  SendMessageTimeoutW

  SetDlgItemInt

  CheckRadioButton

  MsgWaitForMultipleObjects

  GetGuiResources

  CharNextW

  SetRectEmpty

  WindowFromPoint

  ClientToScreen

  SetCursorPos

  MessageBeep

  AdjustWindowRectEx

  AllowSetForegroundWindow

  SetMenuDefaultItem

  GetMenuItemInfoW

  TrackPopupMenuEx

  RemoveMenu

  AppendMenuW

  GetMenuItemCount

  GetMenuItemID

  EnableMenuItem

  CreatePopupMenu

  GetMenuStringW

  LoadMenuW

  LoadAcceleratorsW

  GetDlgCtrlID

  SetWindowPlacement

  IsWindow

  PostQuitMessage

  GetMessagePos

  PeekMessageW

  DrawEdge

  TrackMouseEvent

  LoadStringA

  DefMDIChildProcW

  DefFrameProcW

  DefDlgProcW

  CreateIconIndirect

  DestroyWindow

  EnumChildWindows

  UnionRect

  EndDeferWindowPos

  DeferWindowPos

  BeginDeferWindowPos

  DrawFrameControl

  DialogBoxParamW

  GetDlgItem

  EndDialog

  DialogBoxIndirectParamW

  GetAncestor

  GetWindowModuleFileNameW

  GetMonitorInfoW

  MonitorFromWindow

  SystemParametersInfoW

  CallNextHookEx

  UnhookWindowsHookEx

  SetWindowsHookExW

  GetClassNameW

  SetClassLongPtrW

  SetWindowLongW

  GetWindowLongW

  PtInRect

  FrameRect

  DrawFocusRect

  ScreenToClient

  ShowScrollBar

  SetScrollPos

  RedrawWindow

  GetWindowDC

  IsWindowEnabled

  IsZoomed

  IsWindowVisible

  MoveWindow

  IsChild

  GetSysColorBrush

  GetWindowTextLengthW

  GetWindowTextW

  SetWindowTextW

  KillTimer

  GetClassInfoExW

  UnregisterClassW

  DrawIconEx

  GetSysColor

  SetMenuItemInfoW

  DestroyMenu

  EmptyClipboard

  SetClipboardData

  CloseClipboard

  OpenClipboard

  GetScrollInfo

  SetScrollInfo

  GetClassLongPtrW

  SetWindowLongPtrW

  GetWindowLongPtrW

  OffsetRect

  IntersectRect

  InflateRect

  CopyRect

  SetRect

  FillRect

  MapWindowPoints

  SendMessageW

  WaitForInputIdle

  ShowWindow

  SetFocus

  GetSystemMetrics

  GetMenu

  CheckMenuItem

  GetSubMenu

  InsertMenuW

  DeleteMenu

  SetForegroundWindow

  GetCursorPos

  GetWindowRect

  GetClientRect

  GetPropW

  SetPropW

  ScrollWindowEx

  InvalidateRect

  EndPaint

  BeginPaint

  UpdateWindow

  DrawTextW

  SetTimer

  ReleaseCapture

  SetCapture

  GetCapture

  GetKeyState

  GetFocus

  SetWindowPos

  CreateWindowExW

  MessageBoxW

  SetCursor

  FindWindowW

  FindWindowExW

  GetWindowThreadProcessId

  LoadCursorW

  DestroyIcon

  LoadImageW

  EnumDisplaySettingsW

  GetDC

  ReleaseDC

  LoadStringW

  PostMessageW

  SetDlgItemTextW

  GetParent

  DefWindowProcW

  CallWindowProcW

  RegisterClassExW

  ValidateRect

  advapi32

  AdjustTokenPrivileges

  AllocateAndInitializeSid

  DuplicateTokenEx

  EqualSid

  FreeSid

  GetTokenInformation

  ImpersonateLoggedOnUser

  CreateRestrictedToken

  GetAce

  GetSidIdentifierAuthority

  RevertToSelf

  GetSidSubAuthority

  GetSidSubAuthorityCount

  InitializeAcl

  IsValidSid

  SetTokenInformation

  GetSecurityInfo

  SetSecurityInfo

  LookupAccountSidW

  LookupAccountNameW

  LsaFreeMemory

  LsaClose

  LsaOpenPolicy

  LsaEnumerateAccountRights

  ConvertSidToStringSidW

  FlushTraceW

  RegConnectRegistryW

  CreateProcessAsUserW

  GetKernelObjectSecurity

  OpenProcessToken

  LookupPrivilegeNameW

  EnumServicesStatusExW

  RegEnumKeyExW

  AddAccessAllowedAce

  QueryServiceConfigW

  GetLengthSid

  CopySid

  CloseTrace

  ProcessTrace

  OpenTraceW

  ControlTraceW

  StartTraceW

  SetServiceObjectSecurity

  QueryServiceObjectSecurity

  MapGenericMask

  RegGetValueW

  RegCreateKeyW

  StartServiceW

  LookupPrivilegeValueW

  RegCreateKeyExW

  RegDeleteKeyW

  RegEnumKeyW

  RegEnumValueW

  QueryServiceStatus

  ControlService

  QueryServiceConfig2W

  OpenServiceW

  OpenSCManagerW

  GetServiceDisplayNameW

  CloseServiceHandle

  SetKernelObjectSecurity

  RegCloseKey

  RegDeleteValueW

  CryptDestroyHash

  RegLoadKeyW

  RegOpenKeyW

  RegOpenKeyExW

  CryptHashData

  CryptCreateHash

  CryptGetHashParam

  CryptReleaseContext

  CryptAcquireContextW

  RegQueryValueW

  RegUnLoadKeyW

  RegSetValueExW

  RegQueryValueExW

  RegQueryInfoKeyW

  AddAce

  shell32

  Shell_NotifyIconW

  SHGetMalloc

  SHGetPathFromIDListW

  SHGetSpecialFolderLocation

  ShellExecuteExW

  ExtractAssociatedIconW

  ShellExecuteW

  SHBrowseForFolderW

  ExtractIconExW

  SHGetStockIconInfo

  SHGetFolderPathW

  SHGetFileInfoW

  ole32

  CoCreateInstance

  CoUninitialize

  CoTaskMemFree

  CoMarshalInterThreadInterfaceInStream

  CoInitializeEx

  CoSetProxyBlanket

  CoInitialize

  CoTaskMemAlloc

  CoTaskMemRealloc

  CoGetInterfaceAndReleaseStream

  oleaut32

  SafeArrayGetElement

  VarUI4FromStr

  SysAllocStringLen

  SafeArrayUnaccessData

  SafeArrayAccessData

  SafeArrayGetLBound

  SysAllocString

  SysFreeString

  SysStringLen

  SysAllocStringByteLen

  VariantInit

  SafeArrayGetUBound

  VariantClear

  VariantChangeType

  SafeArrayDestroy

  msimg32

  GradientFill

  dwmapi

  DwmDefWindowProc

  DwmSetWindowAttribute

  winhttp

  WinHttpQueryDataAvailable

  WinHttpWriteData

  WinHttpReadData

  WinHttpConnect

  WinHttpCloseHandle

  WinHttpOpen

  WinHttpQueryHeaders

  WinHttpReceiveResponse

  WinHttpSendRequest

  WinHttpSetOption

  WinHttpOpenRequest

  WinHttpGetProxyForUrl

  Sections

  .text

  Size: 1.1MB - Virtual size: 1.1MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 306KB - Virtual size: 305KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 53KB - Virtual size: 259KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 40KB - Virtual size: 39KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  _RDATA

  Size: 512B - Virtual size: 348B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 792KB - Virtual size: 791KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 6KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ