Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
Evon_646689.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Evon_646689.exe
Resource
win10v2004-20240426-en
Target
Evon_646689.exe
Size
22.6MB
MD5
08ea1813d6b205c446e6ae655c4e6715
SHA1
76f4d2af1c04ec157fc8a270da5980ee6bcb5def
SHA256
12288224d26607b30d026a32faf2ac7b49fc32acc8950eeaf60b933f2e39f48f
SHA512
a900bd2c4f33dc915fa27911620fafad76139da7c3d58ce3f40b7c2a1dcb11e893dc5b0cde7a74f93d6f1f5dc2ff949141b20f9c7d09a8bc3b9517f861c361e1
SSDEEP
393216:m8bMktzgHgxUv/1n6b121UnyuecRZndSk9bGWqCgu5op+wiCYCr2sfqisfU:m8bMkM1n6b121UnyuLEkTqA5a+Nc2sf6
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageContentCommitment
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
GetCurrentThread
InitializeCriticalSectionAndSpinCount
GetDateFormatW
SleepEx
DeleteTimerQueueTimer
GetModuleHandleA
GetModuleHandleExW
GetCurrentProcessId
FileTimeToSystemTime
GetVersionExW
GetModuleHandleW
SetFileTime
ReadFile
VirtualProtect
SetFileAttributesW
GlobalMemoryStatus
LocalFree
GetFileAttributesExW
lstrcatA
GetConsoleMode
CreateThread
GetEnvironmentVariableA
LoadLibraryExW
CompareFileTime
EnterCriticalSection
GetCPInfo
CreateEventW
CompareStringW
TlsAlloc
GetTimeZoneInformation
GetSystemDirectoryW
ReadConsoleW
UnregisterWait
DeleteCriticalSection
GetFileType
GetCommandLineW
GetUserDefaultLCID
GetStartupInfoW
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapSize
UnhandledExceptionFilter
WriteConsoleW
WriteFile
RtlUnwind
CreateDirectoryW
GlobalFree
GetSystemTimeAsFileTime
RaiseException
QueryPerformanceCounter
SetFilePointerEx
WaitForMultipleObjects
GetFileSizeEx
UnregisterWaitEx
GetThreadPriority
GetFullPathNameW
FindClose
DeleteFileW
QueryDepthSList
RemoveDirectoryW
GetProcessHeap
TryEnterCriticalSection
MultiByteToWideChar
FreeEnvironmentStringsW
GetACP
WaitForSingleObjectEx
GetFileAttributesW
TerminateProcess
EncodePointer
GetEnvironmentStringsW
VerifyVersionInfoW
DecodePointer
SystemTimeToTzSpecificLocalTime
SetEvent
GetThreadTimes
GetCommandLineA
FormatMessageW
GetLastError
GlobalAlloc
VerSetConditionMask
ReleaseSemaphore
LeaveCriticalSection
DuplicateHandle
InitializeCriticalSection
LoadLibraryW
ExitProcess
GetProcessAffinityMask
InitializeSListHead
GetVersion
GetProcAddress
HeapFree
GetCurrentDirectoryW
GetSystemInfo
SetEnvironmentVariableW
RegisterWaitForSingleObject
FlushFileBuffers
PeekNamedPipe
FreeLibraryAndExitThread
GetTimeFormatW
SetLastError
HeapReAlloc
FindFirstFileExW
Sleep
LCMapStringW
FreeLibrary
SignalObjectAndWait
SetEndOfFile
GetCurrentProcess
CreateFileW
EnumSystemLocalesW
GetDriveTypeW
QueryPerformanceFrequency
InterlockedPopEntrySList
SetThreadPriority
CreateTimerQueueTimer
VirtualAlloc
SetThreadAffinityMask
GetCurrentThreadId
GetStringTypeW
GetLocaleInfoW
SetFilePointer
WideCharToMultiByte
ResetEvent
GetLogicalProcessorInformation
GetNumaHighestNodeNumber
GlobalUnlock
MoveFileExW
IsValidCodePage
AcquireSRWLockExclusive
InterlockedFlushSList
GetConsoleOutputCP
IsValidLocale
CloseHandle
InterlockedPushEntrySList
GetOEMCP
VirtualFree
GetTickCount64
CreateSemaphoreW
CreateTimerQueue
InitializeCriticalSectionEx
SetPriorityClass
ChangeTimerQueueTimer
lstrlenA
TlsSetValue
IsProcessorFeaturePresent
GetFileInformationByHandle
FindNextFileW
GetFileSize
MoveFileW
GlobalLock
FileTimeToLocalFileTime
GetLogicalDriveStringsW
FindFirstFileW
TlsGetValue
WaitForSingleObject
HeapAlloc
GetTickCount
GetStdHandle
ExitThread
SetStdHandle
ReleaseSRWLockExclusive
TlsFree
GetModuleFileNameW
SwitchToThread
KillTimer
GetWindowRect
IsDlgButtonChecked
SetTimer
MapDialogRect
CheckDlgButton
GetWindowTextLengthW
LoadCursorW
SystemParametersInfoW
SetDlgItemTextW
GetWindowTextW
GetWindowLongW
OpenClipboard
CloseClipboard
MessageBoxA
MonitorFromWindow
EmptyClipboard
GetParent
SetClipboardData
SetFocus
PostMessageW
GetDlgItem
LoadIconW
CharUpperW
LoadStringW
GetKeyState
SetWindowLongW
DialogBoxParamW
ScreenToClient
InvalidateRect
MessageBoxW
EnableWindow
EndDialog
SetWindowTextW
SetCursor
GetFocus
wsprintfA
SendMessageW
GetMonitorInfoA
MoveWindow
ShowWindow
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CloseServiceHandle
CryptImportKey
CryptDestroyKey
CryptReleaseContext
CryptDestroyHash
CryptEncrypt
SHGetPathFromIDListW
SHGetFileInfoW
SHGetSpecialFolderPathW
SHBrowseForFolderW
OleInitialize
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoInitialize
SysAllocString
SysFreeString
VariantClear
SysAllocStringLen
SysStringLen
BCryptGenRandom
CertAddCertificateContextToStore
CryptDecodeObjectEx
CertOpenStore
CryptStringToBinaryW
CertFindCertificateInStore
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CertGetCertificateChain
CertFreeCertificateContext
PFXImportCertStore
CertFreeCertificateChain
CertCloseStore
CertEnumCertificatesInStore
CertGetNameStringW
CryptQueryObject
CertFindExtension
ord73
ord301
ord147
ord133
ord79
ord142
ord167
ord127
ord145
ord219
ord46
ord14
ord216
ord208
ord41
ord117
ord26
ord27
recvfrom
sendto
getpeername
ioctlsocket
gethostname
WSAWaitForMultipleEvents
getaddrinfo
getsockopt
send
WSAResetEvent
WSAEnumNetworkEvents
WSACreateEvent
socket
WSAEventSelect
WSAIoctl
closesocket
WSAGetLastError
ntohs
WSASetLastError
WSAStartup
WSACleanup
htons
setsockopt
WSACloseEvent
__WSAFDIsSet
select
accept
bind
connect
getsockname
htonl
listen
recv
freeaddrinfo
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ