HP_Only[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

HP_Only.rar
Size

9.0MB
MD5

df466c73d63c870bb4e7740b9a37db2d
SHA1

36030301b18550c34d022a6041d6181f4300a94b
SHA256

b686b8264bc890a35c8b2c3ca473b9284b2fea355158992b12eb4a247170e4a5
SHA512

4a14dcc3bc71a54e300e9e9fc21cf9d54d9c7f2e28510e99cc24b0130685aac45cde9f0e294a902e070738559d795eef36f0820b3bad1a7424a9b22390f7c0b2
SSDEEP

196608:LzhtkWZ348zNi1pWY9+RuJ9sSFkVc8dNDKg1AT6RXAeDVbxRKBgSAKiPeBLX:Rt/ZI8zgpWNR6mZa2x9ZVbxoBg2L

Score

4^/10

pdf link

Malware Config

Signatures

HTTP links in PDF interactive object 1 IoCs

Detects HTTP links in interactive objects within PDF files.

pdf link

resource	yara_rule
static1/unpack001/HP Only/Get MPM State/ToolDocs/BIOS_Configuration_Utility_User_Guide.pdf	pdf_with_link_action

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/HP Only/MPM Unlock/EFI/Boot/bootx64.efi
unpack001/HP Only/MPM Unlock/MPM.efi

Office document contains embedded OLE objects 2 IoCs

Detected embedded OLE objects in Office documents.

resource	yara_rule
static1/unpack001/HP Only/Get MPM State/ToolDocs/BCU BEAM-UserGuide.docx	office_ole_embedded
static1/unpack001/HP Only/Get MPM State/ToolDocs/BCU Functional spec.docx	office_ole_embedded

Files

HP_Only.rar
.rar
HP Only/GUIDE.txt
HP Only/Get MPM State/BCUsignature32.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:56:15:c1:91:2b:63:53:ed:cd:ef:d5:f9:32:3e:d7
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

11/03/2022, 00:00

Not After

11/03/2023, 23:59

Subject

CN=HP Inc.,OU=HP Cybersecurity,O=HP Inc.,L=Palo Alto,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8d:1c:e1:26:02:17:13:36:06:cf:ec:c5:ed:a0:5e:35:08:5b:11:c8:3e:ab:57:c6:43:5c:8e:6c:68:95:c8:6e
Signer

Actual PE Digest

8d:1c:e1:26:02:17:13:36:06:cf:ec:c5:ed:a0:5e:35:08:5b:11:c8:3e:ab:57:c6:43:5c:8e:6c:68:95:c8:6e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Exports

Exports

GetClass

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 83B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HP Only/Get MPM State/BCUsignature64.dll
.dll windows:4 windows x64 arch:x64

dae02f32a21e03ce65412f6e56942daa

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:56:15:c1:91:2b:63:53:ed:cd:ef:d5:f9:32:3e:d7
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

11/03/2022, 00:00

Not After

11/03/2023, 23:59

Subject

CN=HP Inc.,OU=HP Cybersecurity,O=HP Inc.,L=Palo Alto,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

19:7b:dc:1a:5e:99:a8:53:68:8d:ca:29:1a:14:a4:65:23:46:0e:1f:35:7a:7d:5c:a9:e6:ae:5f:3b:ab:ad:d1
Signer

Actual PE Digest

19:7b:dc:1a:5e:99:a8:53:68:8d:ca:29:1a:14:a4:65:23:46:0e:1f:35:7a:7d:5c:a9:e6:ae:5f:3b:ab:ad:d1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Exports

Exports

GetClass

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 87B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HP Only/Get MPM State/BIOS Configuration Utility User's Guide.url
HP Only/Get MPM State/BiosConfigUtility.exe
.exe windows:6 windows x86 arch:x86

d2d0da222f8100d5dde05645ee3bf388

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:56:15:c1:91:2b:63:53:ed:cd:ef:d5:f9:32:3e:d7
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

11/03/2022, 00:00

Not After

11/03/2023, 23:59

Subject

CN=HP Inc.,OU=HP Cybersecurity,O=HP Inc.,L=Palo Alto,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7e:08:46:a8:6f:e0:a6:24:61:15:b0:ed:f1:6f:18:06:d5:e7:71:dc:d2:ba:bb:d9:40:0f:07:a5:d6:3c:54:9d
Signer

Actual PE Digest

7e:08:46:a8:6f:e0:a6:24:61:15:b0:ed:f1:6f:18:06:d5:e7:71:dc:d2:ba:bb:d9:40:0f:07:a5:d6:3c:54:9d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\PROG\bcu\Release\BiosConfigUtility.pdb

Imports

kernel32

FindResourceW
GetStdHandle
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
LocalFree
LoadLibraryW
GetProcAddress
CopyFileW
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
LoadResource
LockResource
SizeofResource
GetThreadTimes
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
EncodePointer
GetCPInfo
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
CompareStringW
LCMapStringW
GetLocaleInfoW
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
GetEnvironmentVariableW
CreateDirectoryW
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
FindResourceExW
GetModuleHandleW
CreateEventA
GetSystemDefaultLangID
DeviceIoControl
CreateSemaphoreA
WaitForMultipleObjectsEx
ReleaseSemaphore
GetModuleHandleA
DuplicateHandle
FormatMessageA
GetCurrentDirectoryW
FindClose
FindFirstFileW
FindNextFileW
GetDiskFreeSpaceExW
GetFileAttributesW
GetFileAttributesExW
GetFileInformationByHandle
GetFileTime
GetFullPathNameW
RemoveDirectoryW
SetEndOfFile
SetFilePointerEx
MoveFileExW
AreFileApisANSI
OpenEventA
SetWaitableTimer
CreateWaitableTimerA
SystemTimeToFileTime
InterlockedPushEntrySList
RtlUnwind
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
WriteFile
GetCommandLineA
GetACP
GetCurrentThread
GetFileType
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadFile
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
ReadConsoleW
WriteConsoleW
GetLocaleInfoA
IsDBCSLeadByteEx
EnumSystemLocalesA
FoldStringW
GetCurrencyFormatW
GetModuleFileNameW
DeleteFileW
CloseHandle
CreateFileW
GetPrivateProfileStringW
GetComputerNameW
GetCommandLineW
LocalAlloc
FormatMessageW
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
MoveFileW
InitializeCriticalSectionEx

advapi32

CryptDecrypt
CryptImportKey
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW

ole32

CoUninitialize
CoInitialize
CoInitializeEx
CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity

shell32

SHCreateDirectoryExW

oleaut32

VariantClear
SysAllocString
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
VariantCopy
GetErrorInfo
SysFreeString
VariantInit
VariantChangeType

shlwapi

PathFileExistsW

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 245KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HP Only/Get MPM State/BiosConfigUtility64.exe
.exe windows:6 windows x64 arch:x64

e3a466ca7b545a049ee99d5602f871eb

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:56:15:c1:91:2b:63:53:ed:cd:ef:d5:f9:32:3e:d7
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

11/03/2022, 00:00

Not After

11/03/2023, 23:59

Subject

CN=HP Inc.,OU=HP Cybersecurity,O=HP Inc.,L=Palo Alto,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ea:d6:bd:3b:f6:70:e6:78:00:a0:9a:ff:f3:39:1c:3c:88:d4:6f:15:1e:9a:e8:f2:d8:21:6c:26:ec:c7:a6:4d
Signer

Actual PE Digest

ea:d6:bd:3b:f6:70:e6:78:00:a0:9a:ff:f3:39:1c:3c:88:d4:6f:15:1e:9a:e8:f2:d8:21:6c:26:ec:c7:a6:4d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\PROG\bcu\x64\Release\BiosConfigUtility64.pdb

Imports

kernel32

FindResourceW
GetStdHandle
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
LocalFree
LoadLibraryW
GetProcAddress
CopyFileW
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
LoadResource
LockResource
SizeofResource
GetThreadTimes
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
EncodePointer
GetCPInfo
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
CompareStringW
LCMapStringW
GetLocaleInfoW
SetEvent
ResetEvent
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
CreateEventA
CreateDirectoryW
MoveFileW
GetEnvironmentVariableW
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
GetModuleHandleW
GetProcessHeap
FindResourceExW
GetSystemDefaultLangID
DeviceIoControl
CreateSemaphoreA
WaitForMultipleObjectsEx
ReleaseSemaphore
GetModuleHandleA
DuplicateHandle
FormatMessageA
GetCurrentDirectoryW
FindClose
FindFirstFileW
FindNextFileW
GetDiskFreeSpaceExW
GetFileAttributesW
GetFileAttributesExW
GetFileInformationByHandle
GetFileTime
GetFullPathNameW
RemoveDirectoryW
SetEndOfFile
SetFilePointerEx
MoveFileExW
AreFileApisANSI
OpenEventA
SetWaitableTimer
CreateWaitableTimerA
SystemTimeToFileTime
RtlPcToFileHeader
InterlockedPushEntrySList
RtlUnwindEx
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
WriteFile
GetCommandLineA
GetACP
GetCurrentThread
GetFileType
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadFile
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
ReadConsoleW
WriteConsoleW
GetLocaleInfoA
IsDBCSLeadByteEx
EnumSystemLocalesA
FoldStringW
GetCurrencyFormatW
GetModuleFileNameW
DeleteFileW
CloseHandle
CreateFileW
GetPrivateProfileStringW
GetComputerNameW
GetCommandLineW
LocalAlloc
FormatMessageW
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
HeapAlloc
InitializeCriticalSectionEx

advapi32

CryptDecrypt
CryptImportKey
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW

ole32

CoUninitialize
CoInitialize
CoInitializeEx
CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity

shell32

SHCreateDirectoryExW

oleaut32

VariantClear
SysAllocString
SafeArrayAccessData
SafeArrayUnaccessData
VariantCopy
SafeArrayCreate
GetErrorInfo
SysFreeString
VariantInit
VariantChangeType

shlwapi

PathFileExistsW

setupapi

SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 551KB - Virtual size: 551KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HP Only/Get MPM State/GET CONFIG.bat
HP Only/Get MPM State/HPQPswd.exe
.exe windows:6 windows x86 arch:x86

73600be92fd3634f0922aec96dd29528

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:56:15:c1:91:2b:63:53:ed:cd:ef:d5:f9:32:3e:d7
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

11/03/2022, 00:00

Not After

11/03/2023, 23:59

Subject

CN=HP Inc.,OU=HP Cybersecurity,O=HP Inc.,L=Palo Alto,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d3:eb:ed:8c:69:08:7a:3e:22:11:8b:93:d3:71:43:c9:2d:7e:ca:cf:ad:a6:1c:4f:b1:ad:c0:b5:45:23:ae:86
Signer

Actual PE Digest

d3:eb:ed:8c:69:08:7a:3e:22:11:8b:93:d3:71:43:c9:2d:7e:ca:cf:ad:a6:1c:4f:b1:ad:c0:b5:45:23:ae:86

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\PROG\HPBiosUpdate\Release\HpqPswd.pdb

Imports

kernel32

FindResourceW
DeleteFileW
GetModuleFileNameW
HeapFree
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
GetDriveTypeW
GetStringTypeW
EnumSystemLocalesW
LoadResource
LCMapStringW
GetACP
ExitProcess
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
RtlUnwind
OutputDebugStringW
LockResource
SizeofResource
IsValidLocale
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
HeapSize
GetLastError
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
OutputDebugStringA
EncodePointer
SetLastError
GetCurrentThreadId
GetSystemDirectoryW
FreeLibrary
FreeResource
GetModuleHandleA
GetModuleHandleW
GetProcAddress
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
LoadLibraryA
LoadLibraryW
GlobalAddAtomW
GlobalFindAtomW
MultiByteToWideChar
WideCharToMultiByte
GlobalAlloc
GlobalSize
GlobalLock
GlobalUnlock
GlobalFree
LocalFree
MulDiv
FormatMessageW
CopyFileW
GetCurrentThread
GetVersionExW
lstrcmpA
CloseHandle
SetEvent
WaitForSingleObject
CreateEventW
SetThreadPriority
ResumeThread
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetCurrentProcessId
EnterCriticalSection
LeaveCriticalSection
Beep
FileTimeToLocalFileTime
FindClose
FindFirstFileW
FindNextFileW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GlobalGetAtomNameW
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
VirtualProtect
GetCurrentDirectoryW
CreateFileW
FlushFileBuffers
GetFileSize
GetFullPathNameW
GetVolumeInformationW
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
GetCurrentProcess
lstrcmpiW
lstrcpyW
FindResourceExW
SetErrorMode
GetFileAttributesW
GetFileAttributesExW
GetFileSizeEx
GetFileTime
GetWindowsDirectoryW
VerSetConditionMask
VerifyVersionInfoW
GetTempFileNameW
GetTempPathW
GetTickCount
GetProfileIntW
SearchPathW
Sleep
GetUserDefaultLCID
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW

user32

SetClassLongW
EnumDisplayMonitors
SetLayeredWindowAttributes
GetKeyNameTextW
MapVirtualKeyW
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
DrawIconEx
IsRectEmpty
DrawFocusRect
GetNextDlgGroupItem
GetMenuDefaultItem
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
CreatePopupMenu
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
IntersectRect
TrackMouseEvent
CharUpperW
DestroyIcon
InvalidateRect
KillTimer
SetTimer
DeleteMenu
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
MapDialogRect
GetAsyncKeyState
RealChildWindowFromPoint
LoadCursorW
GetSysColorBrush
CopyImage
FillRect
ClientToScreen
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
SystemParametersInfoW
InflateRect
GetMenuItemInfoW
DestroyMenu
OffsetRect
SetRectEmpty
SetWindowRgn
GetWindowThreadProcessId
SetCursor
ShowOwnedPopups
GetCursorPos
TranslateMessage
GetMessageW
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
PostQuitMessage
RemoveMenu
InsertMenuW
GetMenuState
GetMenuStringW
LoadMenuW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
CreateAcceleratorTableW
IsWindowEnabled
CheckDlgButton
DestroyAcceleratorTable
CopyAcceleratorTableW
SetRect
GetClassInfoW
GetClassInfoExW
CreateWindowExW
IsWindow
IsMenu
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateW
DrawEdge
DrawFrameControl
IsZoomed
SetCursorPos
CopyIcon
FrameRect
UnionRect
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
PostThreadMessageW
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
SendDlgItemMessageA
GetKeyboardState
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
GetDlgItem
RegisterClassW
GetDlgCtrlID
SetFocus
GetFocus
GetCapture
GetMenu
SetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
TrackPopupMenu
UpdateWindow
SetActiveWindow
GetForegroundWindow
SetForegroundWindow
BeginPaint
EndPaint
ValidateRect
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropW
GetPropW
RemovePropW
GetWindowTextW
GetWindowTextLengthW
GetWindowRect
AdjustWindowRectEx
MessageBoxW
ScreenToClient
MapWindowPoints
GetSysColor
CopyRect
EqualRect
PtInRect
GetWindowLongW
SetWindowLongW
GetClassLongW
GetParent
LockWindowUpdate
EnableWindow
GetKeyState
SendMessageW
MessageBeep
LoadIconW
GetSystemMenu
AppendMenuW
LoadImageW
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
UnregisterClassW
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
GetMessagePos
GetMessageTime
PostMessageW
DefWindowProcW
CallWindowProcW
DestroyCursor
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffW
RegisterClipboardFormatW
ModifyMenuW
GetDoubleClickTime
SetWindowTextW
SetMenuDefaultItem

gdi32

GetTextFaceW
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
SetPaletteEntries
ExtFloodFill
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
RoundRect
OffsetRgn
GetRgnBox
Rectangle
LPtoDP
CreateRoundRectRgn
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
CreateEllipticRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
GetBkColor
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
CreateCompatibleBitmap
EnumFontFamiliesExW
DPtoLP
SetRectRgn
PatBlt
CreateRectRgnIndirect
CombineRgn
GetTextMetricsW
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
TextOutW
MoveToEx
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
ExtTextOutW
GetTextExtentPoint32W
CreateFontIndirectW
CreateCompatibleDC
BitBlt
DeleteDC
GetDeviceCaps
CreateDCW
CopyMetaFileW
CreateBitmap
GetObjectW
SetTextColor
SetBkColor

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

CryptEncrypt
CryptImportKey
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHBrowseForFolderW
SHGetFileInfoW
DragQueryFileW
DragFinish
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHAppBarMessage
SHGetDesktopFolder

shlwapi

PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
StrCmpW
StrFormatKBSizeW

uxtheme

GetWindowTheme
GetThemeSysColor
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
IsAppThemed

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoDisconnectObject
CoInitializeEx
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

SysAllocStringLen
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantInit
VariantCopy
VarBstrFromDate
LoadTypeLi
VariantClear
VariantChangeType
SysFreeString
SysAllocString

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 350KB - Virtual size: 349KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HP Only/Get MPM State/HpqPswd64.exe
.exe windows:6 windows x64 arch:x64

2ae714419b2a40038ad79df0772b0504

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:56:15:c1:91:2b:63:53:ed:cd:ef:d5:f9:32:3e:d7
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

11/03/2022, 00:00

Not After

11/03/2023, 23:59

Subject

CN=HP Inc.,OU=HP Cybersecurity,O=HP Inc.,L=Palo Alto,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

70:6b:d8:6e:f9:23:75:30:70:cb:7d:24:e7:2e:2a:4c:b2:e4:b3:fb:9f:c8:79:d9:f0:b5:45:88:ed:37:f8:cc
Signer

Actual PE Digest

70:6b:d8:6e:f9:23:75:30:70:cb:7d:24:e7:2e:2a:4c:b2:e4:b3:fb:9f:c8:79:d9:f0:b5:45:88:ed:37:f8:cc

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\PROG\HPBiosUpdate\x64\Release\HpqPswd64.pdb

Imports

kernel32

FindResourceW
DeleteFileW
GetModuleFileNameW
HeapFree
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
GetDriveTypeW
GetStringTypeW
EnumSystemLocalesW
LoadResource
LCMapStringW
GetACP
ExitProcess
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
RtlUnwindEx
RtlPcToFileHeader
OutputDebugStringW
LockResource
SizeofResource
IsValidLocale
FileTimeToLocalFileTime
InitializeCriticalSectionEx
HeapSize
GetLastError
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
OutputDebugStringA
EncodePointer
SetLastError
GetCurrentThreadId
GetSystemDirectoryW
FreeLibrary
FreeResource
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
LoadLibraryW
GlobalAddAtomW
GlobalFindAtomW
CreateActCtxW
ActivateActCtx
DeactivateActCtx
FindActCtxSectionStringW
QueryActCtxW
MultiByteToWideChar
WideCharToMultiByte
GlobalAlloc
GlobalSize
GlobalLock
GlobalUnlock
GlobalFree
LocalFree
MulDiv
FormatMessageW
CopyFileW
GetCurrentThread
GetVersionExW
lstrcmpA
CloseHandle
SetEvent
WaitForSingleObject
CreateEventW
SetThreadPriority
ResumeThread
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetCurrentProcessId
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
Beep
FindClose
FindFirstFileW
FindNextFileW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GlobalGetAtomNameW
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
VirtualProtect
GetCurrentDirectoryW
CreateFileW
FlushFileBuffers
GetFileSize
GetFullPathNameW
GetVolumeInformationW
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
GetCurrentProcess
lstrcmpiW
lstrcpyW
FindResourceExW
SetErrorMode
GetFileAttributesW
GetFileAttributesExW
GetFileSizeEx
GetFileTime
GetWindowsDirectoryW
VerSetConditionMask
VerifyVersionInfoW
GetTempFileNameW
GetTempPathW
GetTickCount
GetProfileIntW
SearchPathW
Sleep
GetUserDefaultLCID
ResetEvent
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW

user32

HideCaret
EnableScrollBar
GetIconInfo
DrawIconEx
IsRectEmpty
DrawFocusRect
GetNextDlgGroupItem
GetMenuDefaultItem
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
CreatePopupMenu
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
IntersectRect
TrackMouseEvent
CharUpperW
DestroyIcon
InvalidateRect
KillTimer
SetTimer
DeleteMenu
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
MapDialogRect
GetAsyncKeyState
RealChildWindowFromPoint
LoadCursorW
GetSysColorBrush
CopyImage
FillRect
ClientToScreen
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
SystemParametersInfoW
InflateRect
GetMenuItemInfoW
DestroyMenu
OffsetRect
SetRectEmpty
SendDlgItemMessageA
GetWindowThreadProcessId
SetCursor
ShowOwnedPopups
GetCursorPos
TranslateMessage
GetMessageW
GetDesktopWindow
InvertRect
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
PostQuitMessage
RemoveMenu
InsertMenuW
GetMenuState
GetMenuStringW
LoadMenuW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
GetComboBoxInfo
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
PostThreadMessageW
GetKeyboardLayout
IsCharLowerW
PeekMessageW
GetMessagePos
GetMessageTime
PostMessageW
DefWindowProcW
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetParent
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
GetWindowLongW
PtInRect
EqualRect
CopyRect
NotifyWinEvent
MapVirtualKeyW
GetKeyNameTextW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongPtrW
SetWindowRgn
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateW
DrawEdge
DrawFrameControl
IsZoomed
SetCursorPos
CopyIcon
FrameRect
UnionRect
UpdateLayeredWindow
GetActiveWindow
MonitorFromPoint
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
IsWindow
IsMenu
IsChild
DestroyWindow
DispatchMessageW
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
GetDlgItem
GetDlgCtrlID
SetFocus
GetFocus
GetCapture
GetMenu
SetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
TrackPopupMenu
UpdateWindow
SetActiveWindow
GetForegroundWindow
SetForegroundWindow
BeginPaint
EndPaint
ValidateRect
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropW
GetPropW
RemovePropW
GetWindowTextW
GetWindowTextLengthW
GetWindowRect
AdjustWindowRectEx
MessageBoxW
ScreenToClient
MapWindowPoints
GetSysColor
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
EnableWindow
GetKeyState
SendMessageW
MessageBeep
LoadIconW
GetSystemMenu
AppendMenuW
LoadImageW
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
UnregisterClassW
RegisterWindowMessageW
DestroyCursor
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffW
RegisterClipboardFormatW
ModifyMenuW
GetDoubleClickTime
SetMenuDefaultItem
LockWindowUpdate
SetRect

gdi32

GetTextFaceW
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
SetPaletteEntries
ExtFloodFill
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
RoundRect
OffsetRgn
GetRgnBox
Rectangle
LPtoDP
CreateRoundRectRgn
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
CreateEllipticRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
GetBkColor
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
CreateCompatibleBitmap
EnumFontFamiliesExW
DPtoLP
SetRectRgn
PatBlt
CreateRectRgnIndirect
CombineRgn
GetTextMetricsW
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
TextOutW
MoveToEx
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
ExtTextOutW
GetTextExtentPoint32W
CreateFontIndirectW
CreateCompatibleDC
BitBlt
DeleteDC
GetDeviceCaps
CreateDCW
CopyMetaFileW
CreateBitmap
GetObjectW
SetTextColor
SetBkColor

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

CryptEncrypt
CryptImportKey
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHBrowseForFolderW
SHGetFileInfoW
DragQueryFileW
DragFinish
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHAppBarMessage
SHGetDesktopFolder

shlwapi

PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
StrCmpW
StrFormatKBSizeW

uxtheme

IsAppThemed
GetThemeSysColor
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
GetWindowTheme

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoDisconnectObject
CoInitializeEx
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

SysAllocStringLen
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantInit
VariantCopy
VarBstrFromDate
LoadTypeLi
VariantClear
VariantChangeType
SysFreeString
SysAllocString

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 684KB - Virtual size: 684KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HP Only/Get MPM State/Setup.exe
.exe windows:5 windows x86 arch:x86

d4fe8eec31ba44b37546499596e74621

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:56:15:c1:91:2b:63:53:ed:cd:ef:d5:f9:32:3e:d7
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

11/03/2022, 00:00

Not After

11/03/2023, 23:59

Subject

CN=HP Inc.,OU=HP Cybersecurity,O=HP Inc.,L=Palo Alto,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8f:b5:9a:64:b9:3e:cc:83:30:49:78:8b:40:a2:1d:c7:94:41:67:ba:b1:2d:94:21:29:8e:15:0a:e1:41:87:32
Signer

Actual PE Digest

8f:b5:9a:64:b9:3e:cc:83:30:49:78:8b:40:a2:1d:c7:94:41:67:ba:b1:2d:94:21:29:8e:15:0a:e1:41:87:32

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\CodeBases\isdev\redist\Language Independent\i386\setup.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

comctl32

ord17

kernel32

LoadLibraryW
GetModuleHandleW
lstrcmpW
lstrcmpiW
GetSystemDefaultLangID
GetUserDefaultLangID
VerLanguageNameW
CompareFileTime
CreateDirectoryW
FindClose
FindFirstFileW
FindNextFileW
SetFileAttributesW
GetSystemTimeAsFileTime
GetPrivateProfileStringW
MoveFileW
LocalFree
FormatMessageW
GetSystemInfo
MulDiv
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LoadLibraryExW
GetVersion
GetLocalTime
IsValidLocale
GetCommandLineW
GetFileAttributesW
FlushFileBuffers
SetEndOfFile
VirtualQuery
lstrcpyA
IsBadReadPtr
GetDiskFreeSpaceW
GetDriveTypeW
GetExitCodeProcess
GetCurrentThread
GetLocaleInfoW
InterlockedExchange
LoadLibraryExA
GetProcAddress
FreeLibrary
CompareStringA
CompareStringW
lstrcatW
GetVersionExW
InterlockedDecrement
InterlockedIncrement
CreateEventW
QueryPerformanceFrequency
ReadConsoleW
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetTempFileNameW
SetConsoleCtrlHandler
OutputDebugStringW
EnumSystemLocalesW
GetUserDefaultLCID
FatalAppExitA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetFileType
HeapReAlloc
CreateSemaphoreW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStringTypeW
GetCPInfo
GetOEMCP
IsValidCodePage
GetCurrentThreadId
HeapSize
AreFileApisANSI
GetModuleHandleExW
GetStdHandle
GetACP
IsProcessorFeaturePresent
IsDebuggerPresent
RtlUnwind
lstrcpynA
LocalAlloc
QueryPerformanceCounter
SearchPathW
lstrcmpA
SystemTimeToFileTime
ResetEvent
SetEvent
VirtualProtect
GetCurrentProcessId
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetDateFormatW
GetTimeFormatW
GetCurrentDirectoryW
FindResourceExW
GetLastError
CopyFileW
GetTickCount
GetExitCodeThread
CreateThread
FindResourceW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
SizeofResource
LockResource
LoadResource
lstrcpyW
GetWindowsDirectoryW
SetErrorMode
GetTempPathW
ExpandEnvironmentStringsW
MoveFileExW
WriteProcessMemory
VirtualProtectEx
GetSystemDirectoryW
FlushInstructionCache
SetThreadContext
GetThreadContext
CreateProcessW
ResumeThread
TerminateProcess
ExitProcess
GetCurrentProcess
Sleep
WaitForSingleObject
DuplicateHandle
RemoveDirectoryW
DeleteFileW
SetCurrentDirectoryW
lstrlenW
lstrcpynW
GetModuleFileNameW
GetProcessHeap
HeapFree
HeapAlloc
WriteFile
SetFilePointer
ReadFile
WideCharToMultiByte
GetEnvironmentVariableW
SetFileTime
GetFileTime
OpenProcess
GetProcessTimes
LCMapStringW
DecodePointer
EncodePointer
MultiByteToWideChar
lstrlenA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
CloseHandle
GetFileSize
CreateFileW
SetLastError
GetConsoleCP

user32

DefWindowProcW
PostMessageW
DispatchMessageW
PostQuitMessage
RegisterClassW
TranslateMessage
GetMessageW
CharUpperW
KillTimer
SetTimer
GetDC
CharPrevW
SendDlgItemMessageW
wvsprintfW
LoadImageW
CreateDialogParamW
MoveWindow
SetCursor
GetWindow
GetDlgItemTextW
SetFocus
EnableWindow
SetForegroundWindow
SetActiveWindow
SetDlgItemTextW
IsDialogMessageW
FindWindowW
SubtractRect
IntersectRect
SetRect
FillRect
GetSysColorBrush
GetSysColor
GetWindowRect
ExitWindowsEx
GetSystemMetrics
GetDlgCtrlID
CreateDialogIndirectParamW
DestroyWindow
IsWindow
SendMessageW
MessageBoxW
CharNextW
WaitForInputIdle
SetWindowLongW
GetWindowLongW
GetClientRect
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
SetWindowPos
SetWindowTextW
GetDlgItem
EndDialog
DialogBoxIndirectParamW
ShowWindow
GetDesktopWindow
MsgWaitForMultipleObjects
PeekMessageW
wsprintfW
LoadIconW
LoadCursorW
CreateWindowExW

gdi32

GetObjectW
SetTextColor
SetBkMode
GetDeviceCaps
CreateFontW
CreateFontIndirectW
SetStretchBltMode
StretchBlt
SelectObject
DeleteDC
CreateDIBitmap
CreateCompatibleDC
BitBlt
DeleteObject
GetStockObject
CreatePalette
GetSystemPaletteEntries
RealizePalette
SelectPalette
GetDIBColorTable
CreateHalftonePalette
UnrealizeObject
TranslateCharsetInfo
CreateSolidBrush

advapi32

RegCloseKey
CryptSignHashW
CryptHashData
CryptCreateHash
CryptAcquireContextW
RegOpenKeyW
RegEnumKeyW
RegCreateKeyW
LookupPrivilegeValueW
AdjustTokenPrivileges
CryptVerifySignatureW
RegOpenKeyExW
RegQueryValueExW
RegDeleteValueW
RegCreateKeyExW
RegEnumValueW
GetTokenInformation
FreeSid
EqualSid
AllocateAndInitializeSid
OpenThreadToken
OpenProcessToken
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteKeyW
RegSetValueExW

shell32

SHGetSpecialFolderLocation
ShellExecuteW
SHBrowseForFolderW
SHGetPathFromIDListW
CommandLineToArgvW
ShellExecuteExW
SHGetMalloc

ole32

CoCreateInstance
StringFromGUID2
CoCreateGuid
CreateItemMoniker
GetRunningObjectTable
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
ProgIDFromCLSID
CoUninitialize
CoInitializeSecurity
CoInitialize

oleaut32

LoadTypeLi
SysAllocStringLen
SysFreeString
SysReAllocStringLen
SysStringLen
SysAllocString
SysStringByteLen
SysAllocStringByteLen
VarBstrCat
VarBstrFromDate
VariantClear
VariantChangeType
GetErrorInfo
VarUI4FromStr
SystemTimeToVariantTime
RegisterTypeLi
SetErrorInfo
CreateErrorInfo

crypt32

CryptAcquireCertificatePrivateKey
CryptImportPublicKeyInfo
PFXImportCertStore
CertSaveStore
CertOpenStore
CertFindCertificateInStore
CertCompareCertificate
CertOpenSystemStoreW
CertGetIssuerCertificateFromStore
CertSetCertificateContextProperty
CertGetCertificateContextProperty
CertAddCertificateContextToStore
CertEnumCertificatesInStore

rpcrt4

UuidCreate
UuidToStringW
UuidFromStringW
RpcStringFreeW

Sections

.text
Size: 717KB - Virtual size: 717KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 217KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 317KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HP Only/Get MPM State/ToolDocs/BCU BEAM-UserGuide.docx
.docx office2007
HP Only/Get MPM State/ToolDocs/BCU Functional spec.docx
.docx office2007
HP Only/Get MPM State/ToolDocs/BCU Workflow.vsd
HP Only/Get MPM State/ToolDocs/BIOS_Configuration_Utility_User_Guide.docx
.docx office2007
HP Only/Get MPM State/ToolDocs/BIOS_Configuration_Utility_User_Guide.pdf
.pdf
- http://www.hp.com/go/clientmanagement
- http://www.hp.com/go/clientmanagement.
HP Only/Get MPM State/ToolDocs/FAQ.docx
.docx office2007
HP Only/Get MPM State/ToolDocs/Release.docx
.docx office2007
HP Only/Get MPM State/ToolDocs/packageinfo.cfg
HP Only/MPM Unlock/EFI/Boot/bootx64.efi
.dll windows:0 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.text
Size: 398KB - Virtual size: 398KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 498KB - Virtual size: 497KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.xdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HP Only/MPM Unlock/MPM.efi
.dll windows:0 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 896B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 96B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HP Only/MPM Unlock/startup.nsh

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

02:56:15:c1:91:2b:63:53:ed:cd:ef:d5:f9:32:3e:d7Certificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

8d:1c:e1:26:02:17:13:36:06:cf:ec:c5:ed:a0:5e:35:08:5b:11:c8:3e:ab:57:c6:43:5c:8e:6c:68:95:c8:6eSigner

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.sdata Size: 512B - Virtual size: 83B

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

02:56:15:c1:91:2b:63:53:ed:cd:ef:d5:f9:32:3e:d7Certificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

19:7b:dc:1a:5e:99:a8:53:68:8d:ca:29:1a:14:a4:65:23:46:0e:1f:35:7a:7d:5c:a9:e6:ae:5f:3b:ab:ad:d1Signer

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.sdata Size: 512B - Virtual size: 87B

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 512B - Virtual size: 12B

d2d0da222f8100d5dde05645ee3bf388

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

02:56:15:c1:91:2b:63:53:ed:cd:ef:d5:f9:32:3e:d7Certificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

7e:08:46:a8:6f:e0:a6:24:61:15:b0:ed:f1:6f:18:06:d5:e7:71:dc:d2:ba:bb:d9:40:0f:07:a5:d6:3c:54:9dSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

02:56:15:c1:91:2b:63:53:ed:cd:ef:d5:f9:32:3e:d7
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

8d:1c:e1:26:02:17:13:36:06:cf:ec:c5:ed:a0:5e:35:08:5b:11:c8:3e:ab:57:c6:43:5c:8e:6c:68:95:c8:6e
Signer

.text
Size: 4KB - Virtual size: 3KB

.sdata
Size: 512B - Virtual size: 83B

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 512B - Virtual size: 12B

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

02:56:15:c1:91:2b:63:53:ed:cd:ef:d5:f9:32:3e:d7
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

19:7b:dc:1a:5e:99:a8:53:68:8d:ca:29:1a:14:a4:65:23:46:0e:1f:35:7a:7d:5c:a9:e6:ae:5f:3b:ab:ad:d1
Signer

.text
Size: 4KB - Virtual size: 3KB

.sdata
Size: 512B - Virtual size: 87B

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 512B - Virtual size: 12B

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

02:56:15:c1:91:2b:63:53:ed:cd:ef:d5:f9:32:3e:d7
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

7e:08:46:a8:6f:e0:a6:24:61:15:b0:ed:f1:6f:18:06:d5:e7:71:dc:d2:ba:bb:d9:40:0f:07:a5:d6:3c:54:9d
Signer

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 245KB - Virtual size: 245KB

.data
Size: 37KB - Virtual size: 45KB

.gfids
Size: 2KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 135KB - Virtual size: 134KB

.reloc
Size: 70KB - Virtual size: 69KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

02:56:15:c1:91:2b:63:53:ed:cd:ef:d5:f9:32:3e:d7
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

ea:d6:bd:3b:f6:70:e6:78:00:a0:9a:ff:f3:39:1c:3c:88:d4:6f:15:1e:9a:e8:f2:d8:21:6c:26:ec:c7:a6:4d
Signer

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 551KB - Virtual size: 551KB

.data
Size: 43KB - Virtual size: 57KB

.pdata
Size: 69KB - Virtual size: 69KB

.gfids
Size: 2KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 135KB - Virtual size: 134KB

.reloc
Size: 11KB - Virtual size: 10KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

02:56:15:c1:91:2b:63:53:ed:cd:ef:d5:f9:32:3e:d7
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

d3:eb:ed:8c:69:08:7a:3e:22:11:8b:93:d3:71:43:c9:2d:7e:ca:cf:ad:a6:1c:4f:b1:ad:c0:b5:45:23:ae:86
Signer