Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
c5e71ca1dcfe7975449a25d339036f3720b0b72aa52d8794b024442216487a4d.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
c5e71ca1dcfe7975449a25d339036f3720b0b72aa52d8794b024442216487a4d.exe
Resource
win10-20231215-en
Target
c5e71ca1dcfe7975449a25d339036f3720b0b72aa52d8794b024442216487a4d
Size
1.4MB
MD5
9e1d9449d92d69c51a605225410f46f9
SHA1
f6e4d110f48bb4264097dd3101ef791f2c3d01b0
SHA256
c5e71ca1dcfe7975449a25d339036f3720b0b72aa52d8794b024442216487a4d
SHA512
000904eeacc9cc086a9f666dc8cca356e4d1a0ec0fc79dd9032c1b37399a8d75585d4a9b874ca161a38675afe69fceb817482afba75f0e09fc11169fdf16227c
SSDEEP
24576:N8tYzPKod2UyOtEIh85b6vBIFPocvBlcjPPdoCmNIqS2IR0QQPyMzMZB84D:N8tOPKjp017vBIRvBluPdoCmNM2y08CU
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
U:\rout\x64\release\5bC\a2j\llq.pdb
InitCommonControlsEx
GetLogicalProcessorInformationEx
GetNumaHighestNodeNumber
RtlUnwind
OutputDebugStringW
GetVersionExW
GetCurrentProcess
GetExitCodeProcess
GetFileTime
GetSystemTimeAsFileTime
CloseHandle
MultiByteToWideChar
GetFileAttributesW
CreateFileW
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
ExitProcess
LoadLibraryW
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
FindResourceW
LoadResource
FindResourceExW
GetSystemInfo
HeapReAlloc
LockResource
GetLastError
HeapSize
InitializeCriticalSectionEx
GetActiveProcessorGroupCount
HeapFree
IsBadWritePtr
SizeofResource
GetActiveProcessorCount
WriteConsoleW
ReadConsoleW
GetConsoleMode
GetUserDefaultUILanguage
FreeLibrary
LocalFree
FormatMessageW
VerSetConditionMask
VerifyVersionInfoW
GetShortPathNameW
GetLongPathNameW
GetModuleFileNameW
GetFileSize
GetStartupInfoW
CreateProcessW
ProcessIdToSessionId
OpenEventW
GetCurrentProcessId
OpenProcess
SetLastError
GetProcAddress
WinExec
GetVolumeNameForVolumeMountPointW
MoveFileW
RemoveDirectoryW
CopyFileW
DeleteFileW
CreateDirectoryW
GetSystemDirectoryW
GetSystemWow64DirectoryW
GlobalAlloc
GlobalLock
GlobalUnlock
WideCharToMultiByte
ReadFile
GetHandleInformation
WaitForMultipleObjects
EnterCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
Sleep
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentThreadId
InitializeSListHead
RaiseException
TryAcquireSRWLockExclusive
QueryPerformanceFrequency
FormatMessageA
SetFileInformationByHandle
GetTempPathW
InitOnceExecuteOnce
CreateEventExW
CreateSemaphoreExW
FlushProcessWriteBuffers
GetCurrentProcessorNumber
GetTickCount64
FreeLibraryWhenCallbackReturns
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWait
GetFileInformationByHandleEx
CreateSymbolicLinkW
GetLocaleInfoEx
RtlUnwindEx
RtlPcToFileHeader
InterlockedPushEntrySList
InterlockedFlushSList
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetModuleHandleExW
GetStdHandle
WriteFile
GetCurrentThread
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
SetConsoleCtrlHandler
SetStdHandle
GetStringTypeW
GetFileSizeEx
SetFilePointerEx
FlushFileBuffers
GetConsoleOutputCP
CloseClipboard
GetIconInfo
InvalidateRect
GetSystemMetrics
UnregisterClassW
LoadStringW
MessageBoxW
GetDlgItem
GetClientRect
FindWindowW
SetClipboardData
EmptyClipboard
GetWindowThreadProcessId
GetWindowTextW
OpenClipboard
ReleaseDC
GetWindowLongW
PostMessageW
EndDialog
SetWindowTextW
ShowWindow
wvsprintfW
ExitWindowsEx
SetDlgItemTextW
IsDlgButtonChecked
CheckDlgButton
DialogBoxParamW
EnableWindow
CreateWindowExW
SendMessageW
GetDC
SetWindowLongW
RegSetValueExW
StartServiceW
ConvertStringSidToSidW
ControlService
QueryServiceStatus
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegEnumValueW
RegEnumKeyW
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
DuplicateTokenEx
NotifyBootConfigStatus
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCloseKey
EnumServicesStatusExW
OpenProcessToken
RegOpenKeyExW
RegQueryValueExW
SetTokenInformation
GetLengthSid
CreateProcessAsUserW
GetUserNameW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
QueryServiceConfigW
ChangeServiceConfigW
SHGetKnownFolderPath
SHGetStockIconInfo
SHChangeNotify
SHGetSpecialFolderPathW
SHCreateDirectoryExW
ShellExecuteExW
ShellExecuteW
CLSIDFromString
CoTaskMemFree
SysAllocString
SysFreeString
InternetReadFile
InternetCloseHandle
InternetOpenUrlW
InternetOpenW
InternetCanonicalizeUrlW
WTSFreeMemory
WTSQuerySessionInformationW
SHDeleteKeyW
GetTextExtentPoint32W
GetObjectW
DeleteObject
SelectObject
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ