Extended Key Usages
ExtKeyUsageCodeSigning
Static task
static1
Behavioral task
behavioral1
Sample
version.dll
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
version.dll
Resource
win10v2004-20240226-en
Target
version.dll
Size
570KB
MD5
4a231b7fe78a606307a038ca3140a19b
SHA1
5cf5a440c67a3c7e265bad6f01f486c1a02813de
SHA256
7e0d0f77fe1dcb1e7a0a0a2fc0c25a68eee551c7045935449ae64dcbd1310958
SHA512
d7d71b9268d2cc3051c16766d5e5a8c835e4c4c27fec7056f7331e8664caf4bd32348e027e4aed68c578f7d2cd843427b21d155f042438528b69fba9fda749ff
SSDEEP
12288:0qgXafAGMEnhyYl0ZY0UlaZ4w2H4YkKldf/nGHaBCVUyWvmW:0VEnMxGC4wY4YkKLGHaBSUyWvmW
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
accept
select
__WSAFDIsSet
socket
htons
WSAIoctl
setsockopt
WSACleanup
WSAStartup
WSASetLastError
ntohs
getsockname
bind
WSACloseEvent
WSACreateEvent
htonl
listen
recv
getaddrinfo
freeaddrinfo
recvfrom
sendto
getpeername
ioctlsocket
gethostname
send
connect
WSAEnumNetworkEvents
WSAEventSelect
WSAResetEvent
WSAWaitForMultipleEvents
closesocket
WSAGetLastError
getsockopt
ord217
ord143
ord211
ord60
ord45
ord50
ord41
ord22
ord26
ord27
ord32
ord79
ord30
ord200
ord33
ord46
ord301
ord35
PFXImportCertStore
CryptDecodeObjectEx
CertAddCertificateContextToStore
CertFindExtension
CertGetNameStringA
CryptQueryObject
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CertGetCertificateChain
CertFreeCertificateChain
CryptStringToBinaryA
CertFreeCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
CertOpenStore
IdnToAscii
WaitForMultipleObjects
PeekNamedPipe
ReadFile
GetCurrentProcessId
GetStdHandle
GetEnvironmentVariableA
WaitForSingleObjectEx
CloseHandle
MoveFileExA
FormatMessageW
SetLastError
GetLastError
WideCharToMultiByte
MultiByteToWideChar
Sleep
FreeLibrary
GetSystemDirectoryA
QueryPerformanceFrequency
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
SleepEx
VerSetConditionMask
VerifyVersionInfoW
CreateFileA
GetFileSizeEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetFileType
GetTickCount
QueryPerformanceCounter
GetFullPathNameA
GetVolumeInformationA
GetModuleHandleA
CopyFileA
GetFileAttributesA
GetBinaryTypeA
LoadLibraryA
GetNativeSystemInfo
FreeConsole
CreateThread
GetProcAddress
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey
CryptAcquireContextA
CryptReleaseContext
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptEncrypt
CryptImportKey
CryptDestroyKey
ShellExecuteA
BCryptGenRandom
_except_handler4_common
strchr
memset
memcpy
strrchr
memmove
memchr
__std_type_info_destroy_list
strstr
_lseeki64
fgets
_open
fputc
fflush
feof
fclose
__stdio_common_vsscanf
fputs
fopen
ftell
fread
__acrt_iob_func
fseek
_read
_write
fwrite
_close
__stdio_common_vsprintf_s
__stdio_common_vsprintf
_time64
strftime
clock
_gmtime64
_initialize_onexit_table
perror
_initialize_narrow_environment
__sys_errlist
_errno
_initterm_e
_configure_narrow_argv
_beginthreadex
_seh_filter_dll
_cexit
__sys_nerr
_initterm
_execute_onexit_table
_mkdir
_fstat64
_stat64
_access
remove
_unlink
strncpy
_strdup
_stricmp
strcspn
strncmp
strspn
strpbrk
realloc
calloc
malloc
free
getenv
qsort
strtoll
wcstombs
atoi
strtoul
strtol
_fdopen
GetDateFromSystem
GetFileVersionInfoA
GetFileVersionInfoByHandle
GetFileVersionInfoExA
GetFileVersionInfoExW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeExA
GetFileVersionInfoSizeExW
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerFindFileA
VerFindFileW
VerInstallFileA
VerInstallFileW
VerLanguageNameA
VerLanguageNameW
VerQueryValueA
VerQueryValueW
_VerQueryDateA@0
_VerQueryTimeW@0
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ