Extended Key Usages
ExtKeyUsageCodeSigning
Static task
static1
Behavioral task
behavioral1
Sample
AppResolver.dll
Resource
win10v2004-20240508-en
Target
AppResolver.dll
Size
477KB
MD5
37059f272096da4fd39648f50a9c9eba
SHA1
fd967592eb15fd98a01968f5cc90079444022901
SHA256
7042d18f5b5eafd2b1bbcef8353539421f50093119a196c04009167bed3fdcef
SHA512
8fc95897a995d8f103903eed0fedad40cddd4fe189d8a29c71bfa171a2b13880231a9be9c58908aeae5edbe2b59fadb6ba7a75dfcc8117cb58c634df90a1b241
SSDEEP
12288:RBeBhuBoggz6ePJfOMY5xpH8MLL4ElSS6zVQqRuZBtxDXqAh:RACBoggzhPpjY5rH/LL4ElSS6RQqkxGc
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
AppResolver.pdb
_initterm_e
_initterm
_o__get_errno
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__itow_s
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o__set_errno
_o__ui64tow_s
memmove
_o__wcstoui64
_o__wtoi
_o_ceil
_o_free
_o_malloc
_o_towupper
_o__configure_narrow_argv
_except_handler4_common
_o__cexit
_o__callnewh
_o___stdio_common_vswscanf
_o___stdio_common_vswprintf
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
wcschr
wcsrchr
_CxxThrowException
_o__crt_atexit
_o__execute_onexit_table
_o__errno
__std_terminate
__CxxFrameHandler3
memcmp
memcpy
wcsspn
memset
DisableThreadLibraryCalls
GetModuleHandleW
GetModuleFileNameA
GetModuleHandleExW
GetModuleFileNameW
FreeLibrary
GetProcAddress
InitOnceExecuteOnce
InitOnceComplete
InitOnceBeginInitialize
CreateSemaphoreExW
ReleaseSemaphore
WaitForSingleObject
ReleaseMutex
CreateEventW
OpenEventW
ResetEvent
SetEvent
CreateEventExW
InitializeSRWLock
InitializeCriticalSection
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
OpenSemaphoreW
ReleaseSRWLockShared
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
AcquireSRWLockShared
WaitForSingleObjectEx
CreateMutexExW
HeapFree
GetProcessHeap
HeapReAlloc
HeapAlloc
SetLastError
GetLastError
UnhandledExceptionFilter
RaiseException
SetUnhandledExceptionFilter
EventRegister
EventSetInformation
EventWriteTransfer
EventActivityIdControl
EventUnregister
EncodePointer
DecodePointer
GetCurrentProcessId
TlsGetValue
ProcessIdToSessionId
TlsFree
GetCurrentProcess
TerminateProcess
GetProcessTimes
GetCurrentThreadId
TlsSetValue
OpenThreadToken
GetCurrentThread
OpenProcessToken
TlsAlloc
GetUserGeoID
FormatMessageW
GetThreadPreferredUILanguages
GetUserDefaultLCID
IsDebuggerPresent
OutputDebugStringW
DebugBreak
CloseHandle
IsProcessorFeaturePresent
OpenProcess
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
SHStrDupW
IUnknown_GetSite
ord130
ord192
SHTaskPoolGetUniqueContext
IUnknown_Set
IStream_Size
IStream_Read
IUnknown_QueryService
SHTaskPoolQueueTask
SHQueryValueExW
GetScaleFactorForDevice
ord141
ord109
ord122
SHSetValueW
SHGetValueW
ord123
ord170
SHAnsiToUnicode
ord145
ord193
ord190
ord188
ord942
ord946
SHGetDesktopFolder
SHGetKnownFolderPath
SHOpenFolderAndSelectItems
RtlFreeHeap
RtlPublishWnfStateData
RtlReleaseSRWLockExclusive
VerSetConditionMask
RtlNtStatusToDosError
RtlInitUnicodeString
NtQueryInformationToken
RtlUnsubscribeWnfNotificationWaitForCompletion
RtlNtStatusToDosErrorNoTeb
NtQueryWnfStateData
NtQueryInformationProcess
RtlSubscribeWnfStateChangeNotification
RtlAllocateHeap
RtlAcquireSRWLockExclusive
RtlCompareUnicodeString
?_Xlength_error@std@@YAXPBD@Z
PathCchRemoveBackslash
PathCchRemoveExtension
PathAllocCombine
PathCchAppend
PathCchFindExtension
PathCchRemoveFileSpec
PathCchCombine
CompareStringOrdinal
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
SetThreadpoolTimer
CreateThreadpoolTimer
CompareFileTime
GetFileSizeEx
GetLongPathNameW
CreateDirectoryW
CreateFileW
DeleteFileW
LocalFree
LocalAlloc
LocalReAlloc
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
ReadProcessMemory
PrefetchVirtualMemory
lstrlenW
GetTempPathW
CopyFileW
MulDiv
QueryFullProcessImageNameW
RegDeleteValueW
RegCreateKeyExW
RegQueryValueExW
RegGetValueW
RegCloseKey
RegQueryInfoKeyW
RegSetValueExW
RegEnumValueW
RegOpenKeyExW
GetUserDefaultUILanguage
RegSetKeyValueW
ExpandEnvironmentStringsW
VerifyVersionInfoW
GetSidSubAuthority
DuplicateTokenEx
GetFileSecurityW
GetSecurityDescriptorSacl
GetTokenInformation
GetAce
ResolveDelayLoadedAPI
DelayLoadFailureHook
DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ