Extended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
LZMA.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
LZMA.exe
Resource
win10-20240214-en
Behavioral task
behavioral3
Sample
LZMA.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral4
Sample
LZMA.exe
Resource
win11-20240214-en
Behavioral task
behavioral5
Sample
expatai.dll
Resource
win7-20231215-en
Behavioral task
behavioral6
Sample
expatai.dll
Resource
win10-20240214-en
Behavioral task
behavioral7
Sample
expatai.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral8
Sample
expatai.dll
Resource
win11-20240214-en
Target
CryptSvcser.rar
Size
565KB
MD5
8e890ab137242043a339446f9ecf1695
SHA1
ba9561ae47b0ca404a3052b9f0aabe3060f2b7f4
SHA256
9ff40de5a55aa6b5cf34c61acd52a26f77c6eb5cf1d464e0e651a046227a7b78
SHA512
cecbdf582740bb299dbd238a53392433aafa4da3cdba5592cff445e385047de3d71e52324b256b34dbfaafc15605b329b4267048b15abb024b2eaebdcf65f15e
SSDEEP
12288:DnwcgaxRWDaNVnu8QHwVvzUHeFDx3r5hBTOFqhtPcU+oNZW9u8Zm:YwRWDqn5QWYHeP1hp9cU/N09I
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
C:\JobRelease\win\Release\bin\x86\LZMA.pdb
DeleteCriticalSection
GetCurrentThreadId
DecodePointer
LocalFree
SetConsoleTitleW
GetCurrentProcessId
GetCommandLineW
LoadLibraryW
CloseHandle
CreateFileW
FindFirstFileW
GetLastError
EnterCriticalSection
RaiseException
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
FreeLibrary
lstrcmpiW
GetConsoleWindow
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
FindClose
FindNextFileW
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
InitializeCriticalSectionAndSpinCount
LoadLibraryExW
LeaveCriticalSection
MultiByteToWideChar
WriteConsoleW
ReadConsoleW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetFileType
GetCommandLineA
GetModuleHandleExW
ExitProcess
RtlUnwind
InitializeSListHead
QueryPerformanceCounter
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
SetEvent
GetCPInfo
GetLocaleInfoW
LCMapStringW
HeapSize
HeapDestroy
ReadFile
GetFullPathNameW
SetLastError
SetConsoleTextAttribute
GetStdHandle
GetConsoleScreenBufferInfo
InitializeCriticalSection
GetConsoleOutputCP
SetConsoleOutputCP
WriteFile
FlushFileBuffers
RemoveDirectoryW
CreateDirectoryW
WideCharToMultiByte
SetUnhandledExceptionFilter
GetStringTypeW
FormatMessageW
LoadLibraryA
GetModuleFileNameA
GetCurrentProcess
GetCurrentThread
GetEnvironmentStringsW
MulDiv
IsDebuggerPresent
OutputDebugStringW
EncodePointer
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
CompareStringW
SetWindowTextW
IsWindowVisible
CharNextW
DefWindowProcW
DestroyWindow
SendMessageW
DialogBoxIndirectParamW
ShowWindow
GetClientRect
GetWindowTextW
GetWindowTextLengthW
GetDC
EndDialog
wsprintfW
GetWindow
GetParent
GetWindowLongW
LoadImageW
GetSystemMetrics
LoadStringW
IsWindow
SetWindowLongW
GetWindowRect
RedrawWindow
GetDlgItem
IsRectEmpty
SetWindowPos
MapWindowPoints
RegSetValueExW
RegQueryValueExW
CryptAcquireContextW
CryptCreateHash
CryptReleaseContext
CryptDecrypt
RegDeleteValueW
RegCreateKeyExW
CryptDestroyKey
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
CryptHashData
CryptDestroyHash
CryptDeriveKey
CoInitializeEx
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
CoUninitialize
VarUI4FromStr
SysFreeString
SysStringLen
StackWalk
SymGetModuleBase
SymFunctionTableAccess
SymSetOptions
SymInitialize
SymCleanup
SymSetSearchPath
SymGetLineFromAddr
ord21
ord44
ord26
ord24
ord25
ord31
ord11
ord10
ord12
ord50
ord2
ord7
ord17
ord18
ord52
ord53
ord65
PathIsUNCW
PathFileExistsW
InitCommonControlsEx
GetDeviceCaps
DeleteObject
CreateFontW
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CreateFileW
GetProcAddress
VirtualAlloc
DisableThreadLibraryCalls
LoadLibraryA
GetModuleHandleA
VirtualProtect
OutputDebugStringA
CloseHandle
lstrcpyW
SetEndOfFile
GetLastError
SetLastError
QueryPerformanceCounter
EncodePointer
DecodePointer
GetCommandLineA
GetCurrentThreadId
RaiseException
RtlUnwind
HeapFree
HeapAlloc
MultiByteToWideChar
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
ExitProcess
GetModuleHandleExW
AreFileApisANSI
HeapSize
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
ReadFile
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
WriteFile
GetModuleFileNameW
HeapReAlloc
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
LoadLibraryExW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
OutputDebugStringW
GetStringTypeW
SetStdHandle
WriteConsoleW
ReadConsoleW
GetConsoleWindow
FreeConsole
GetCurrentProcessId
Sleep
ShowWindow
XML_DefaultCurrent
XML_ErrorString
XML_ExpatVersion
XML_ExpatVersionInfo
XML_ExternalEntityParserCreate
XML_FreeContentModel
XML_GetBase
XML_GetBuffer
XML_GetCurrentByteCount
XML_GetCurrentByteIndex
XML_GetCurrentColumnNumber
XML_GetCurrentLineNumber
XML_GetErrorCode
XML_GetFeatureList
XML_GetIdAttributeIndex
XML_GetInputContext
XML_GetParsingStatus
XML_GetSpecifiedAttributeCount
XML_MemFree
XML_MemMalloc
XML_MemRealloc
XML_Parse
XML_ParseBuffer
XML_ParserCreate
XML_ParserCreateNS
XML_ParserCreate_MM
XML_ParserFree
XML_ParserReset
XML_ResumeParser
XML_SetAttlistDeclHandler
XML_SetBase
XML_SetCdataSectionHandler
XML_SetCharacterDataHandler
XML_SetCommentHandler
XML_SetDefaultHandler
XML_SetDefaultHandlerExpand
XML_SetDoctypeDeclHandler
XML_SetElementDeclHandler
XML_SetElementHandler
XML_SetEncoding
XML_SetEndCdataSectionHandler
XML_SetEndDoctypeDeclHandler
XML_SetEndElementHandler
XML_SetEndNamespaceDeclHandler
XML_SetEntityDeclHandler
XML_SetExternalEntityRefHandler
XML_SetExternalEntityRefHandlerArg
XML_SetNamespaceDeclHandler
XML_SetNotStandaloneHandler
XML_SetNotationDeclHandler
XML_SetParamEntityParsing
XML_SetProcessingInstructionHandler
XML_SetReturnNSTriplet
XML_SetSkippedEntityHandler
XML_SetStartCdataSectionHandler
XML_SetStartDoctypeDeclHandler
XML_SetStartElementHandler
XML_SetStartNamespaceDeclHandler
XML_SetUnknownEncodingHandler
XML_SetUnparsedEntityDeclHandler
XML_SetUserData
XML_SetXmlDeclHandler
XML_StopParser
XML_UseForeignDTD
XML_UseParserAsHandlerArg
output
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ