Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
b498487e769e87a29d3daaaf5b24ee549d8e5e7701355ff26bd268dd4eb5fafe.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b498487e769e87a29d3daaaf5b24ee549d8e5e7701355ff26bd268dd4eb5fafe.exe
Resource
win10v2004-20240412-en
Target
b498487e769e87a29d3daaaf5b24ee549d8e5e7701355ff26bd268dd4eb5fafe
Size
2.7MB
MD5
b667e7dcbd4788af1a14b4686b6e3460
SHA1
68ce266914f1d992440a91a180a517bf446a76b6
SHA256
b498487e769e87a29d3daaaf5b24ee549d8e5e7701355ff26bd268dd4eb5fafe
SHA512
a55265faaa0e476f261cb07aa714b4201f8b4923ca065b4f997f0a9d13ae77a12b10447e95cb5d37622831f1d963966f1eb2c7dab4850c8b318be638f4bf0f1d
SSDEEP
49152:zcqeD+D9OCBkx/EVeHw+UQ/cpC8kuXme/3groIZr/By6BbGMzdU56:4qD9OCeEQJfuPQdtAf0l
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
ChromeRecoveryProbe_unsigned.pdb
RegDeleteValueW
RegOpenCurrentUser
SystemFunction036
ImpersonateLoggedOnUser
TraceEvent
GetTraceLoggerHandle
GetTraceEnableFlags
GetTraceEnableLevel
RegisterTraceGuidsW
UnregisterTraceGuids
RevertToSelf
ConvertSidToStringSidW
DuplicateTokenEx
LookupPrivilegeValueW
AdjustTokenPrivileges
CreateProcessAsUserW
GetSidSubAuthorityCount
AllocateAndInitializeSid
GetTokenInformation
SetSecurityDescriptorGroup
MakeAbsoluteSD
MakeSelfRelativeSD
GetSecurityDescriptorLength
GetLengthSid
InitializeAcl
InitializeSecurityDescriptor
OpenProcessToken
AddAce
IsValidSid
GetSecurityDescriptorOwner
InitializeSid
CopySid
GetSecurityDescriptorControl
SetNamedSecurityInfoW
GetSidLengthRequired
GetSidSubAuthority
GetSecurityDescriptorGroup
EqualSid
GetAce
SetSecurityDescriptorOwner
GetAclInformation
GetSecurityDescriptorDacl
SetSecurityDescriptorDacl
GetSecurityDescriptorSacl
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
OpenThreadToken
RegEnumValueW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
GetSidIdentifierAuthority
CheckTokenMembership
FreeSid
GetSecurityInfo
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetTickCount
RtlUnwind
FreeLibrary
LoadLibraryExW
EncodePointer
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetStdHandle
GetCurrentThread
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileType
SetStdHandle
GetStringTypeW
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
GetFileSizeEx
ReadFile
WriteConsoleW
lstrlenW
SetFilePointer
SetFileAttributesW
GetFileAttributesExW
FileTimeToSystemTime
MoveFileExW
GetFileSize
WaitForMultipleObjects
GetEnvironmentVariableW
GetFileAttributesW
ReleaseMutex
FormatMessageW
LoadLibraryW
LocalFree
GetPrivateProfileIntW
GetCurrentThreadId
Sleep
GetFileInformationByHandle
GetLocalTime
lstrcmpW
GetTempPathW
GetSystemDirectoryW
VirtualQuery
SystemTimeToFileTime
GetVersionExW
VerSetConditionMask
VerifyVersionInfoW
ResetEvent
LocalAlloc
OpenProcess
SetLastError
GlobalMemoryStatusEx
CreateProcessW
GetLongPathNameW
TryEnterCriticalSection
InitializeCriticalSection
CreateMutexW
SetEvent
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
ReadProcessMemory
lstrcpynW
QueryDosDeviceW
GetLogicalDriveStringsW
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
DeviceIoControl
GetComputerNameExW
GetStringTypeExW
GetUserDefaultLangID
GetSystemDefaultLangID
CreateThread
lstrcmpA
GetThreadLocale
GetStringTypeExA
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SizeofResource
FindFirstFileW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringW
IsDebuggerPresent
HeapFree
FindNextFileW
InitializeCriticalSectionAndSpinCount
FindClose
HeapSize
GetLastError
LockResource
HeapReAlloc
RaiseException
FindResourceExW
LoadResource
FindResourceW
HeapAlloc
DecodePointer
HeapDestroy
DeleteCriticalSection
GetProcessHeap
lstrcmpiW
CreateDirectoryW
WriteFile
RemoveDirectoryW
WaitForSingleObject
CreateFileW
DeleteFileW
CloseHandle
SetFilePointerEx
GetTempFileNameW
GetExitCodeProcess
GetCommandLineW
GetProcAddress
GetModuleHandleW
InitializeSListHead
GetSystemInfo
VirtualAlloc
VirtualProtect
ProcessIdToSessionId
GetSystemTimeAsFileTime
WaitNamedPipeW
TransactNamedPipe
SetNamedPipeHandleState
VirtualQueryEx
CreateSemaphoreW
GetProcessId
ReleaseSemaphore
RtlCaptureContext
OutputDebugStringA
OleSaveToStream
ReadClassStm
WriteClassStm
IIDFromString
CoCreateInstance
StringFromGUID2
CoCreateGuid
CoUninitialize
CoInitializeEx
SysStringLen
SysAllocString
LoadTypeLi
SafeArrayLock
VariantInit
VariantChangeType
SysAllocStringByteLen
SysStringByteLen
LoadRegTypeLi
SysAllocStringLen
VariantClear
VarBstrCmp
SafeArrayGetVartype
SafeArrayCopy
SafeArrayGetLBound
SafeArrayUnlock
SafeArrayGetUBound
SafeArrayDestroy
SafeArrayRedim
SysFreeString
SafeArrayCreate
ord680
SHGetFolderPathW
CommandLineToArgvW
CharNextA
CharLowerBuffA
OpenClipboard
CloseClipboard
EmptyClipboard
SetClipboardData
GetWindowThreadProcessId
IsWindowVisible
EnumWindows
MessageBoxW
wvsprintfW
wsprintfW
CharUpperW
CharLowerW
CharLowerBuffW
NetWkstaGetInfo
NetApiBufferFree
NetGetJoinInformation
PathFindFileNameW
PathCommonPrefixW
PathRemoveExtensionW
PathRemoveFileSpecW
SHQueryValueExW
PathCreateFromUrlW
PathCanonicalizeW
PathAppendW
PathStripPathW
UrlIsW
GetIfTable
EnumProcessModules
GetModuleFileNameExW
EnumProcesses
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
EnterCriticalPolicySection
LeaveCriticalPolicySection
UnloadUserProfile
WTSEnumerateSessionsW
WTSQuerySessionInformationW
WTSFreeMemory
CryptProtectData
CryptUnprotectData
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ