Static task
static1
Target
TiWorker.exe
Size
263KB
MD5
6c9a7e436a9f8805ec6c7d0f67247aec
SHA1
99bf5030a015c2f5bea0ab7196b925f6b8d959f9
SHA256
32375c229191bed9c301606aa7d3abe6c8a368417dddc82e59622957084aa942
SHA512
c37e8acca1c0b8ea913b998176e2b7593089bc2a6b34066db6648bc6ee74be2356aa8d004702d76154ae9d8a24b619af072415000bf68b0441558f45a6fe299f
SSDEEP
6144:r9LQAfRpQSDaChrhg2jFN6XQKym+4nSiVMHxM8cNxEmSoY7:r5DvGChrhgMFNO+4rVMHxMzS3
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
_initterm
_c_exit
_register_thread_local_exe_atexit_callback
_initterm_e
_o__get_initial_wide_environment
_o__initialize_onexit_table
_o__initialize_wide_environment
_o__invalid_parameter_noinfo
_o__purecall
_o__register_onexit_function
_o__seh_filter_exe
_o__set_app_type
_o__set_fmode
_o__set_new_mode
memmove
_o_exit
_o_free
_o_malloc
_o_terminate
_o_toupper
_o_wcstoul
__C_specific_handler
_o__crt_atexit
_o__configure_wide_argv
_o__configthreadlocale
_o__cexit
_o__callnewh
wcsrchr
__CxxFrameHandler3
__std_terminate
_o___stdio_common_vswprintf
_o___stdio_common_vsprintf
_o__exit
_o__errno
_o___p__commode
_o___p___wargv
_o___p___argc
memcmp
memcpy
memset
strcmp
FormatMessageW
GetCurrentProcessId
GetCurrentProcess
GetThreadPriority
OpenProcessToken
TerminateProcess
SetThreadPriority
GetCurrentThread
GetCurrentThreadId
HeapSetInformation
HeapAlloc
HeapFree
GetProcessHeap
GetProcAddress
GetModuleHandleW
GetModuleFileNameA
FreeLibrary
GetModuleHandleExW
LoadLibraryExW
GetModuleFileNameW
IsDebuggerPresent
OutputDebugStringW
DebugBreak
OutputDebugStringA
UnhandledExceptionFilter
SetLastError
GetLastError
SetUnhandledExceptionFilter
OpenSemaphoreW
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
AcquireSRWLockShared
InitializeCriticalSection
TryEnterCriticalSection
ReleaseSRWLockShared
CreateSemaphoreExW
LeaveCriticalSection
CreateMutexExW
CreateEventW
SetEvent
WaitForMultipleObjectsEx
ReleaseMutex
WaitForSingleObject
DeleteCriticalSection
InitializeCriticalSectionEx
EnterCriticalSection
WaitForSingleObjectEx
ReleaseSemaphore
CloseHandle
DuplicateHandle
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
SetThreadpoolTimer
CreateThreadpoolTimer
StringFromGUID2
CoCreateGuid
CoGetMalloc
CoSuspendClassObjects
CoUninitialize
CoInitializeSecurity
CoCreateInstance
CoDisconnectContext
CoRevokeClassObject
CoResumeClassObjects
CoRegisterClassObject
CoInitializeEx
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegGetKeySecurity
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
LoadLibraryW
GetSystemWindowsDirectoryW
GetSystemTime
GetWindowsDirectoryW
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetTickCount
GetVersionExW
GetOsSafeBootMode
IsProcessorFeaturePresent
OpenProcess
RegDeleteKeyW
RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry
QueryPerformanceCounter
InitializeSListHead
NtQueryInformationThread
NtQueryObject
NtSetInformationThread
NtClose
FindNextFileW
FindFirstFileW
FindClose
DeleteFileW
CreateDirectoryW
CompareFileTime
GetFileAttributesExW
GetFileAttributesW
CreateFileW
SetFileInformationByHandle
GetEnvironmentVariableW
GetFileInformationByHandleEx
MoveFileExW
DeviceIoControl
Sleep
LocalFree
LocalAlloc
CheckTokenMembership
AdjustTokenPrivileges
ConvertSecurityDescriptorToStringSecurityDescriptorW
ConvertStringSidToSidW
RegisterTraceGuidsW
GetTraceEnableFlags
GetTraceLoggerHandle
UnregisterTraceGuids
GetTraceEnableLevel
EventWriteTransfer
EventUnregister
EventRegister
EventSetInformation
EventProviderEnabled
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ