Extended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
Static task
static1
Behavioral task
behavioral1
Sample
a1e1984bb7916b8d7a00573663e36dbd.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a1e1984bb7916b8d7a00573663e36dbd.exe
Resource
win10v2004-20240221-en
Target
a1e1984bb7916b8d7a00573663e36dbd
Size
1.1MB
MD5
a1e1984bb7916b8d7a00573663e36dbd
SHA1
723afcc9553963fb061257e82ab6220a80571ecf
SHA256
8b006f1453316d7534ec2f79676b19e07131160448737fdad9e67888b768b2ab
SHA512
596c9bb918a54833d2d80f7e4341c745a6af602a56447e0b07f377545620abd0a011f0292534bd219b68d6d93b800748a1c3701d4f20c2f820e05d883c38e9f5
SSDEEP
24576:JlO/GEoCYHU7oh/Dz59f6lhvtTfRPR5anQvHWwM:UH+aoh/59GlTJZ2w
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageContentCommitment
ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
StrStrIW
SHSetValueA
wvnsprintfW
SHGetValueA
PathIsRootW
StrCmpIW
PathFindFileNameW
SHGetValueW
PathCombineW
PathRemoveFileSpecW
PathFileExistsW
PathIsDirectoryW
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
CloseHandle
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
GetExitCodeThread
ResumeThread
FindNextFileW
SetLastError
GetFullPathNameW
FindFirstFileW
FindClose
GetCommandLineW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetModuleFileNameW
FreeLibrary
GetProcAddress
LoadLibraryW
lstrcpyW
DebugBreak
OutputDebugStringW
lstrlenA
SetFilePointer
ReadFile
DeviceIoControl
CreateFileW
FlushInstructionCache
GetCurrentProcess
GetTempPathW
WriteFile
GetFileSize
FreeResource
GlobalUnlock
LockResource
GetCurrentProcessId
LoadResource
FindResourceW
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
CreateMutexW
GetLastError
GetModuleHandleW
GetDiskFreeSpaceExW
GetLongPathNameW
OpenProcess
GlobalFree
GlobalLock
GlobalAlloc
GetFileSizeEx
GetPrivateProfileIntW
GetPrivateProfileStringW
GetExitCodeProcess
GetFileAttributesExW
TerminateProcess
GetSystemDirectoryW
CopyFileW
MultiByteToWideChar
WideCharToMultiByte
GetVersion
MulDiv
WaitForSingleObject
CreateThread
CreateEventW
SetEvent
TlsSetValue
TlsGetValue
TlsAlloc
GetFileType
GetTempFileNameW
GetTickCount
RemoveDirectoryW
SetErrorMode
SetUnhandledExceptionFilter
Sleep
DeleteFileW
MoveFileExW
InterlockedIncrement
GetVersionExW
lstrlenW
ResetEvent
SizeofResource
InterlockedDecrement
FlushFileBuffers
LocalFree
GetSystemTime
FormatMessageW
GetLocalTime
SetFilePointerEx
SetEndOfFile
CreateFileA
GetSystemTimeAsFileTime
GetStartupInfoW
lstrcmpiA
lstrcmpA
GetModuleHandleA
QueryPerformanceFrequency
QueryPerformanceCounter
LocalFileTimeToFileTime
InterlockedExchangeAdd
CreateWaitableTimerW
SetWaitableTimer
CreateSemaphoreW
MoveFileW
GetThreadTimes
WaitForMultipleObjects
ReleaseSemaphore
GetCurrentThread
OpenThread
GetProcessHeap
HeapAlloc
ReleaseMutex
TlsFree
HeapFree
FindAtomW
DeleteAtom
AddAtomW
GetAtomNameW
SystemTimeToFileTime
SetWindowPos
EndDialog
DestroyWindow
DefWindowProcW
SetWindowLongW
wvsprintfW
GetDlgItemTextW
IsDlgButtonChecked
SetWindowsHookExW
CharUpperW
PostMessageW
SendMessageW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
SetForegroundWindow
ShowWindow
BeginPaint
EndPaint
SetCursor
GetSysColor
MapWindowPoints
GetDC
ReleaseDC
GetWindowTextW
GetScrollInfo
MoveWindow
GetScrollRange
GetActiveWindow
DialogBoxParamW
LoadStringW
CheckDlgButton
UnhookWindowsHookEx
CallNextHookEx
CharNextW
MessageBoxW
GetScrollPos
SetScrollPos
SetFocus
SetScrollInfo
ShowScrollBar
GetCursorPos
ScreenToClient
DrawTextW
GetClientRect
SystemParametersInfoW
IsWindowEnabled
GetWindowRect
LoadImageW
GetSystemMetrics
SetWindowTextW
GetParent
GetWindowLongW
GetWindow
CreateDialogParamW
GetSystemMenu
EnableMenuItem
DestroyMenu
GetWindowPlacement
BringWindowToTop
LoadIconW
FindWindowExW
UpdateWindow
PostQuitMessage
IsDialogMessageW
KillTimer
CreateWindowExW
CallWindowProcW
InvalidateRect
RedrawWindow
GetClassInfoExW
LoadCursorW
wsprintfW
RegisterClassExW
IsWindow
IsWindowVisible
IsIconic
ExitWindowsEx
EnableWindow
OffsetRect
GetDlgItem
PtInRect
CopyRect
SetDlgItemTextW
SetTimer
CharLowerW
UnregisterClassW
BitBlt
GetDeviceCaps
SetBkColor
ExtTextOutW
GetTextMetricsW
CreateFontIndirectW
DeleteObject
SetTextColor
SelectObject
SetBkMode
DeleteDC
CreateCompatibleBitmap
CreateCompatibleDC
RegOpenKeyExA
RegEnumKeyExW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegEnumKeyExA
RegSetValueExW
RegCloseKey
RegQueryValueExA
RegQueryValueExW
RegOpenKeyExW
SHCreateDirectoryExW
ShellExecuteW
ShellExecuteExW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
Shell_NotifyIconW
SHBrowseForFolderW
SHGetSpecialFolderPathW
CoTaskMemFree
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoCreateInstance
CLSIDFromProgID
OleRun
SafeArrayPutElement
SafeArrayCreate
SafeArrayDestroy
OleLoadPicture
VariantClear
SysAllocString
VariantChangeType
SysFreeString
VariantInit
GetErrorInfo
InitCommonControlsEx
TransparentBlt
?substr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE?AV12@II@Z
?find_first_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGII@Z
??9std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBGABV10@@Z
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGII@Z
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?_Xran@std@@YAXXZ
?_Split@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXXZ
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
??Mstd@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
?_Xlen@std@@YAXXZ
?_Eos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
?max_size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?nothrow@std@@3Unothrow_t@1@B
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@D@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@DABV10@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??_7out_of_range@std@@6B@
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??1_Winit@std@@QAE@XZ
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
?_Copy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??8std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
?_Grow@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAE_NI_N@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0out_of_range@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1out_of_range@std@@UAE@XZ
??0out_of_range@std@@QAE@ABV01@@Z
??0logic_error@std@@QAE@ABV01@@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?c_str@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEPBGXZ
gethostname
WSACleanup
WSAStartup
htons
htonl
ntohs
ntohl
inet_addr
inet_ntoa
gethostbyname
WSAGetLastError
recv
send
setsockopt
closesocket
connect
socket
bind
WSAAsyncSelect
WSASetLastError
WSAAsyncGetHostByName
WSACancelAsyncRequest
recvfrom
sendto
getpeername
shutdown
listen
accept
ioctlsocket
SetupIterateCabinetW
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
InternetOpenW
InternetOpenUrlW
InternetErrorDlg
HttpQueryInfoW
InternetCloseHandle
_endthreadex
strncpy
strtol
strchr
calloc
strncmp
memchr
_strnicmp
isspace
_atoi64
_wtoi64
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
_strlwr
strncat
isprint
__dllonexit
_onexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_exit
_XcptFilter
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_wcsupr
_itoa
ctime
_callnewh
fprintf
fwprintf
fflush
setlocale
toupper
tolower
atoi
_CIpow
_wstat
_except_handler3
swscanf
sprintf
_vsnwprintf
strerror
_vsnprintf
_errno
isdigit
__RTDynamicCast
wprintf
_purecall
_ftol
_wfopen
fread
fclose
_CxxThrowException
??0exception@@QAE@ABV0@@Z
wcsncmp
wcstok
_wcsnicmp
printf
exit
malloc
wcscmp
wcschr
_wsplitpath
time
srand
rand
_wtoi
iswdigit
realloc
_wcsicmp
wcsstr
__CxxFrameHandler
??2@YAPAXI@Z
memmove
iswspace
wcsncpy
wcsncat
_beginthreadex
wcslen
_snwprintf
wcscpy
wcsrchr
swprintf
free
wcscat
EnumProcessModules
GetModuleFileNameExW
GetNetworkParams
GetAdaptersInfo
Netbios
AcquireCredentialsHandleA
InitializeSecurityContextA
FreeCredentialsHandle
WinHttpGetIEProxyConfigForCurrentUser
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ