Static task
static1
Behavioral task
behavioral1
Sample
814f9c37bf110763dcc5a5ca4ba1e734df1ebcdd1b2fae2ae53f1168ef18e241.exe
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral2
Sample
814f9c37bf110763dcc5a5ca4ba1e734df1ebcdd1b2fae2ae53f1168ef18e241.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
Target
814f9c37bf110763dcc5a5ca4ba1e734df1ebcdd1b2fae2ae53f1168ef18e241
Size
6.5MB
MD5
f721bed686936c4c3fc19d270e1090ad
SHA1
756d3d74b15598939ea9deee1a67da06001099b3
SHA256
814f9c37bf110763dcc5a5ca4ba1e734df1ebcdd1b2fae2ae53f1168ef18e241
SHA512
c740a9bdc0f560f21218c7249d721fc123686a389260d5d781fdf73542fdf3f6047033221c39fd189437f13e7df0eebd59aac873273a75a58f42fb15827ee92b
SSDEEP
98304:2I+JpwtJUxUxYVYdT/0iUNC5IQlGFMmfr9IVP+C:r4OtJUi8YhciU3QlAvfr9QP+
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
C:\LEET\ac\out\build\esportal-updater.pdb
AcquireSRWLockExclusive
AreFileApisANSI
CloseHandle
CompareFileTime
CompareStringEx
CompareStringW
ConvertFiberToThread
ConvertThreadToFiber
CopyFileTransactedW
CopyFileW
CreateDirectoryW
CreateEventW
CreateFiber
CreateFileTransactedW
CreateFileW
CreateMutexExW
CreateNamedPipeW
CreateProcessW
CreateSemaphoreExW
CreateThread
CreateToolhelp32Snapshot
DebugBreak
DecodePointer
DeleteCriticalSection
DeleteFiber
DeleteFileTransactedW
DeleteFileW
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExitThread
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindFirstFileW
FindNextFileW
FindResourceW
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushFileBuffers
FormatMessageA
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetDynamicTimeZoneInformation
GetEnvironmentStringsW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileInformationByHandleEx
GetFileSizeEx
GetFileTime
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoEx
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemTime
GetSystemTimeAsFileTime
GetTempPathW
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLocaleName
GetVersion
GlobalAlloc
GlobalFree
GlobalLock
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitOnceBeginInitialize
InitOnceComplete
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringEx
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalFree
LockFileEx
LockResource
MoveFileExW
MultiByteToWideChar
OpenProcess
OpenSemaphoreW
OutputDebugStringW
PeekNamedPipe
Process32FirstW
Process32NextW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleA
ReadConsoleW
ReadFile
ReleaseMutex
ReleaseSRWLockExclusive
ReleaseSemaphore
RemoveDirectoryTransactedW
RemoveDirectoryW
ResetEvent
SetConsoleCtrlHandler
SetConsoleMode
SetConsoleTextAttribute
SetEndOfFile
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEvent
SetFileInformationByHandle
SetFilePointerEx
SetLastError
SetNamedPipeHandleState
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
Sleep
SleepConditionVariableSRW
SleepEx
SwitchToFiber
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransactNamedPipe
TryAcquireSRWLockExclusive
UnhandledExceptionFilter
UnlockFileEx
VerifyVersionInfoW
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WaitNamedPipeW
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
BuildExplicitAccessWithNameW
BuildSecurityDescriptorW
BuildTrusteeWithSidW
CloseServiceHandle
ControlService
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertStringSidToSidW
CryptAcquireContextW
CryptCreateHash
CryptDecrypt
CryptDestroyHash
CryptDestroyKey
CryptEnumProvidersW
CryptExportKey
CryptGetHashParam
CryptGetProvParam
CryptGetUserKey
CryptHashData
CryptReleaseContext
CryptSetHashParam
CryptSignHashW
DeleteService
DeregisterEventSource
EnumServicesStatusExW
GetTokenInformation
InitializeSecurityDescriptor
OpenProcessToken
OpenSCManagerW
OpenServiceW
QueryServiceConfigW
QueryServiceStatus
RegCloseKey
RegCreateKeyExW
RegCreateKeyTransactedW
RegCreateKeyW
RegDeleteKeyW
RegGetValueA
RegGetValueW
RegOpenKeyW
RegSetKeyValueW
RegSetValueExW
RegisterEventSourceW
ReportEventW
SetEntriesInAclW
SetFileSecurityW
SetSecurityDescriptorDacl
SystemFunction036
WaitServiceState
GdipAlloc
GdipCloneBrush
GdipCloneImage
GdipCloneStringFormat
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipCreateFont
GdipCreateFontFamilyFromName
GdipCreateFromHDC
GdipCreateMatrix
GdipCreateSolidFill
GdipDeleteBrush
GdipDeleteFont
GdipDeleteFontFamily
GdipDeleteGraphics
GdipDeleteMatrix
GdipDeleteStringFormat
GdipDisposeImage
GdipDrawImageI
GdipDrawImageRectI
GdipDrawString
GdipFillRectangle
GdipFillRectangleI
GdipFree
GdipGetGenericFontFamilySansSerif
GdipGetImageGraphicsContext
GdipGetWorldTransform
GdipMeasureString
GdipResetClip
GdipScaleWorldTransform
GdipSetClipRect
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipSetStringFormatLineAlign
GdipSetWorldTransform
GdipStringFormatGetGenericDefault
GdipStringFormatGetGenericTypographic
GdipTranslateWorldTransform
GdiplusStartup
CoCreateGuid
CoCreateInstance
CoInitializeEx
CoInitializeSecurity
CoTaskMemFree
CoUninitialize
CreateStreamOnHGlobal
CommandLineToArgvW
SHGetKnownFolderPath
ShellExecuteW
BeginPaint
CreateWindowExW
DefWindowProcW
DestroyCursor
DestroyWindow
DispatchMessageW
EndPaint
GetDpiForWindow
GetMessageW
GetProcessWindowStation
GetSystemMetricsForDpi
GetUserObjectInformationW
GetWindowRect
InvalidateRect
LoadCursorW
MessageBoxW
PostMessageW
RegisterClassW
SendMessageW
SetCursor
SetWindowPos
ShowWindow
NtCreateUserProcess
NtQuerySystemInformation
RtlAllocateHeap
RtlCaptureContext
RtlCreateProcessParametersEx
RtlDestroyProcessParameters
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
VerSetConditionMask
ord413
ord410
SysAllocString
SysFreeString
VariantClear
VariantInit
CommitTransaction
CreateTransaction
WSACleanup
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAGetLastError
WSAIoctl
WSAResetEvent
WSASetLastError
WSAStartup
WSAWaitForMultipleEvents
__WSAFDIsSet
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostname
getpeername
getsockname
getsockopt
htonl
htons
inet_ntop
inet_pton
ioctlsocket
listen
ntohs
recv
recvfrom
select
send
sendto
setsockopt
socket
BCryptGenRandom
CertAddCertificateContextToStore
CertCloseStore
CertCreateCertificateChainEngine
CertDuplicateCertificateContext
CertEnumCertificatesInStore
CertFindCertificateInStore
CertFindExtension
CertFreeCertificateChain
CertFreeCertificateChainEngine
CertFreeCertificateContext
CertGetCertificateChain
CertGetCertificateContextProperty
CertGetEnhancedKeyUsage
CertGetIntendedKeyUsage
CertGetNameStringW
CertOpenStore
CertOpenSystemStoreW
CryptDecodeObjectEx
CryptQueryObject
CryptStringToBinaryW
PFXImportCertStore
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ