Extended Key Usages
ExtKeyUsageCodeSigning
Static task
static1
Behavioral task
behavioral1
Sample
devobj.dll
Resource
win10v2004-20240508-en
Target
devobj.dll
Size
156KB
MD5
7fa0e41800aea901a98dc7390c1314f8
SHA1
8e75732981851c7821e567701e52b034aea48ad2
SHA256
2a18f78a55442031528ab0e1e2e5bb21a43a8355b0507ff48edb429808c40703
SHA512
b4585056c5593a6d2c0c227cae899a070f5b74f7edfac6c56fdd02a4e48142778246619cb2aa55937ebf7792cf6bc992ae80b68565dac2b076438f600cbf9702
SSDEEP
3072:Es0YsFgllt30e+XSxHE7sWsnbJjV5pe3I5xN15sVKEkAupA:QtFgtkvSxHhnbG3Ix1jjAd
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
devobj.pdb
_initterm_e
_initterm
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__purecall
_o__register_onexit_function
_o__resetstkoflw
_o__seh_filter_dll
memmove
_o__wcsicmp
_o_free
_o_memcpy_s
_o_toupper
_except_handler4_common
_o__execute_onexit_table
_o__cexit
_o___stdio_common_vswprintf
_o___stdio_common_vsprintf
_o___std_type_info_destroy_list
wcsrchr
wcschr
_o__crt_atexit
_o__configure_narrow_argv
memcmp
memcpy
memmove_s
memset
RtlGUIDFromString
RtlGetVersion
RtlNtStatusToDosError
RtlFormatCurrentUserKeyPath
RtlFreeUnicodeString
NtCreateKey
NtQueryValueKey
NtSetValueKey
NtDeleteValueKey
NtQuerySystemInformation
RtlInitUnicodeStringEx
NtClose
RtlCompareUnicodeString
NtQueryDirectoryObject
NtQueryObject
NtOpenDirectoryObject
RtlNtStatusToDosErrorNoTeb
RtlInitUnicodeString
EtwTraceMessage
NtOpenKey
NtQueryInformationFile
NtSetInformationFile
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
RaiseException
SetLastError
CreateSemaphoreExW
DeleteCriticalSection
CreateMutexExW
InitializeCriticalSectionEx
EnterCriticalSection
ReleaseSemaphore
ReleaseSRWLockShared
AcquireSRWLockShared
ReleaseSRWLockExclusive
WaitForMultipleObjectsEx
AcquireSRWLockExclusive
SleepEx
OpenSemaphoreW
WaitForSingleObject
CreateEventW
SetEvent
WaitForSingleObjectEx
LeaveCriticalSection
ReleaseMutex
CreateMutexW
CM_Set_Class_Registry_PropertyW
CM_Get_Class_Registry_PropertyW
CM_Set_DevNode_PropertyW
CM_Get_DevNode_PropertyW
CM_Get_Device_IDW
CM_Get_DevNode_Status
CM_MapCrToWin32Err
RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumKeyExW
CloseHandle
Sleep
LoadLibraryExW
GetProcAddress
FreeLibrary
DisableThreadLibraryCalls
GetModuleHandleW
GetModuleFileNameA
GetModuleHandleExW
OutputDebugStringW
DebugBreak
IsDebuggerPresent
GetCurrentThreadId
TerminateProcess
GetCurrentProcess
GetCurrentProcessId
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemWindowsDirectoryW
GetLocalTime
GetTickCount
GetSystemTimeAsFileTime
InitializeSListHead
lstrcmpiW
CM_Set_HW_Prof_Flags_ExW
CM_Connect_MachineW
CM_Enumerate_Classes_Ex
CM_Get_Class_Name_ExW
CM_Disconnect_Machine
CM_Locate_DevNode_ExW
CM_Create_DevNode_ExW
CM_Set_DevNode_Property_ExW
CM_Uninstall_DevNode_Ex
CM_Get_Device_Interface_List_ExW
CM_Get_Device_ID_List_ExW
CM_Get_Device_Interface_List_Size_ExW
CM_Get_Device_ID_List_Size_ExW
CM_Get_Class_Property_ExW
CM_Set_Class_Property_ExW
CM_Get_DevNode_Property_ExW
CM_Get_First_Log_Conf_Ex
CM_Get_Next_Res_Des_Ex
CM_Get_Res_Des_Data_Size_Ex
CM_Get_Res_Des_Data_Ex
CM_Get_Parent_Ex
CM_Free_Res_Des_Handle
CM_Free_Log_Conf_Handle
CM_Get_Device_ID_Size_Ex
CM_Get_Device_ID_ExW
CM_Get_Device_Interface_Alias_ExW
CM_Register_Device_Interface_ExW
CM_Unregister_Device_Interface_ExW
CM_Open_Class_Key_ExW
CM_Set_DevNode_Problem_Ex
CM_Get_DevNode_Status_Ex
CM_Query_And_Remove_SubTree_ExW
CM_Setup_DevNode_Ex
CM_Enable_DevNode_Ex
CM_Get_HW_Prof_Flags_ExW
CM_Disable_DevNode_Ex
CM_Open_DevNode_Key_Ex
CM_Get_DevNode_Registry_Property_ExW
CM_Set_DevNode_Registry_Property_ExW
CM_Get_DevNode_Property_Keys_Ex
CM_Get_Device_Interface_Property_Keys_ExW
CM_Get_Device_Interface_Property_ExW
CM_Set_Device_Interface_Property_ExW
CM_Get_Class_Property_Keys_Ex
CM_Delete_DevNode_Key_Ex
CM_Open_Device_Interface_Key_ExW
CM_Delete_Device_Interface_Key_ExW
DevCloseObjectQuery
DevCreateObjectQuery
GetCommandLineA
ExpandEnvironmentStringsW
LCMapStringW
FormatMessageW
GetThreadLocale
WideCharToMultiByte
CompareStringOrdinal
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
FindNextFileW
SetFileAttributesW
SetEndOfFile
GetFullPathNameW
WriteFile
GetFileAttributesW
CreateDirectoryW
FindFirstFileW
FileTimeToLocalFileTime
FindClose
DeleteFileW
GetFileSize
FlushFileBuffers
SetFilePointer
GetFileInformationByHandle
CreateFileW
FileTimeToSystemTime
MoveFileExW
CreateHardLinkW
HeapAlloc
HeapReAlloc
HeapFree
GetProcessHeap
DeviceIoControl
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CloseThreadpoolTimer
CreateThreadpoolTimer
ResolveDelayLoadedAPI
DelayLoadFailureHook
DevObjBuildClassInfoList
DevObjChangeState
DevObjClassGuidsFromName
DevObjClassNameFromGuid
DevObjCreateClassDeviceInfoList
DevObjCreateDevRegKey
DevObjCreateDeviceInfo
DevObjCreateDeviceInfoList
DevObjCreateDeviceInterface
DevObjCreateDeviceInterfaceRegKey
DevObjDeleteAllInterfacesForDevice
DevObjDeleteDevRegKey
DevObjDeleteDevice
DevObjDeleteDeviceInfo
DevObjDeleteDeviceInterfaceData
DevObjDeleteDeviceInterfaceRegKey
DevObjDestroyDeviceInfoList
DevObjEnumDeviceInfo
DevObjEnumDeviceInterfaces
DevObjGetClassDescription
DevObjGetClassDevs
DevObjGetClassProperty
DevObjGetClassPropertyKeys
DevObjGetClassRegistryProperty
DevObjGetDeviceInfoDetail
DevObjGetDeviceInfoListClass
DevObjGetDeviceInfoListDetail
DevObjGetDeviceInstanceId
DevObjGetDeviceInterfaceAlias
DevObjGetDeviceInterfaceDetail
DevObjGetDeviceInterfaceProperty
DevObjGetDeviceInterfacePropertyKeys
DevObjGetDeviceProperty
DevObjGetDevicePropertyKeys
DevObjGetDeviceRegistryProperty
DevObjLocateDevice
DevObjOpenClassRegKey
DevObjOpenDevRegKey
DevObjOpenDeviceInfo
DevObjOpenDeviceInterface
DevObjOpenDeviceInterfaceRegKey
DevObjRegisterDeviceInfo
DevObjRemoveDeviceInterface
DevObjRestartDevices
DevObjSetClassProperty
DevObjSetClassRegistryProperty
DevObjSetDeviceInfoDetail
DevObjSetDeviceInterfaceDefault
DevObjSetDeviceInterfaceProperty
DevObjSetDeviceProperty
DevObjSetDeviceRegistryProperty
DevObjUninstallDevice
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ