Extended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
Static task
static1
Behavioral task
behavioral1
Sample
vsdagent.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
vsdagent.exe
Resource
win10v2004-20240419-en
Target
vsdagent.exe
Size
52KB
MD5
dedf3f8a9200a3d5ea8961ff9fd83ca5
SHA1
65333ff29bfd9311bf6cea3e5f5dd480287dad0d
SHA256
0580de050594bf8207e105c7423f378d00e0bf01e6b301364fbfcd5ddf43ce3a
SHA512
5e461399945498c18702201b3c85e9abdd142c44e79f511f8ce5860e7fbfbf29b7c13c57c106b3c64032d3a3709115277f119f9927491a7cce66f871829eeeaa
SSDEEP
768:5CtlikqOgCNM0/lDa4x/Ud6XgJdRtFRf3MmoiB+Mh1MI3Op1lVh:QlJqM209J/I6XKbRf3bB+dI+p1l
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Module32First
LocalFree
TerminateProcess
GetModuleHandleW
VirtualQuery
GetEnvironmentVariableA
HeapFree
HeapAlloc
Module32Next
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
GetSystemWindowsDirectoryA
GetCurrentProcessId
CopyFileW
GetCurrentThread
CreateProcessA
LoadLibraryA
ProcessIdToSessionId
GetExitCodeProcess
FreeLibrary
GetStartupInfoA
Process32FirstW
Process32NextW
OpenProcess
GetLogicalDriveStringsA
QueryDosDeviceA
GetLastError
CreateToolhelp32Snapshot
Sleep
Process32First
lstrcmpiA
Process32Next
GetCurrentProcess
GetModuleHandleA
GetProcAddress
GetSystemInfo
GetVersionExA
GetLocalTime
OutputDebugStringA
CreateFileA
SetFilePointer
SetEndOfFile
WriteFile
CloseHandle
CopyFileA
DeleteFileA
GetCommandLineW
GetProcessHeap
GetWindowTextA
GetClassNameA
CloseClipboard
EmptyClipboard
PostMessageA
OpenClipboard
EnumWindows
GetWindowThreadProcessId
ExitWindowsEx
CreateDesktopA
CloseDesktop
SetUserObjectInformationA
GetThreadDesktop
SendMessageTimeoutA
EnumDesktopWindows
OpenDesktopA
SwitchDesktop
GetUserObjectInformationA
OpenInputDesktop
RegCloseKey
AdjustTokenPrivileges
OpenSCManagerA
CloseServiceHandle
LookupPrivilegeNameA
OpenThreadToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
DuplicateTokenEx
SetTokenInformation
OpenProcessToken
CreateProcessAsUserA
LookupAccountSidA
ConvertSidToStringSidA
LookupAccountNameA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumValueA
RegEnumKeyA
RegDeleteKeyA
RegEnumKeyExA
RegSetKeySecurity
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAce
InitializeAcl
GetLengthSid
RegDeleteValueA
LookupPrivilegeValueA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
CommandLineToArgvW
ShellExecuteA
SHGetFileInfoA
CoCreateInstance
OleUninitialize
OleInitialize
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIPBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Grow@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAE_NI_N@Z
?_Eos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
GetModuleFileNameExA
GetProcessImageFileNameA
GetTcpTable
SetTcpEntry
StrTrimA
strstr
malloc
free
__CxxFrameHandler
iscntrl
??2@YAPAXI@Z
_snprintf
_vsnprintf
strchr
strrchr
wcscat
wcscpy
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_strnicmp
_except_handler3
_controlfp
_wcsicmp
strncat
strncpy
wcscmp
wcslen
atoi
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ