Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
Defender.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral2
Sample
Defender.exe
Resource
win11-20240709-en
Target
Defender.exe
Size
2.9MB
MD5
e46107f84a7157b0167be9223775e31a
SHA1
b2e68b412dd82be02350de4c83d72623426b21b7
SHA256
3a157e439b3c4601463022f2165358ebfc9f80dd2d33c9a6afc5467c3f858567
SHA512
721ce321d79121fbef0fa03bfff48a140bba06e5ce1a38431afa0117ef34eec3a1493551e3549ce6094dcd5a6bb66ab2732bee223170ac48cc72736c80ae41ef
SSDEEP
49152:gEaBS9YjZBoKPww1EdsS2lNZp3drAoAM7BV83Xlux0Wd+:7EaJR2DZfJ7bcXMJ+
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
D:\Work\Defender\app\Defender\x64\Release\Defender.pdb
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
LeaveCriticalSection
LocalAlloc
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
GlobalFlags
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
VirtualProtect
GetFileAttributesW
GetFileTime
SetErrorMode
GetCurrentDirectoryW
GetTickCount
GetTempFileNameW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
GetThreadLocale
MoveFileW
DuplicateHandle
UnlockFile
LockFile
GetFullPathNameW
GetFileSize
lstrcmpA
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetCurrentThreadId
EncodePointer
GetCurrentProcessId
MulDiv
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GetModuleHandleExW
OutputDebugStringA
GetACP
ExpandEnvironmentStringsA
LoadLibraryExA
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
EnterCriticalSection
HeapReAlloc
HeapAlloc
RaiseException
DecodePointer
lstrlenW
lstrcatW
SetFilePointerEx
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
WaitForMultipleObjects
RtlUnwindEx
RtlPcToFileHeader
GetCommandLineA
HeapQueryInformation
SetStdHandle
GetFileType
GetSystemInfo
VirtualAlloc
VirtualQuery
GetStdHandle
ExitProcess
LCMapStringW
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
ReadConsoleW
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
lstrcpyW
MultiByteToWideChar
GlobalFree
TerminateThread
GetLocaleInfoW
SetVolumeMountPointW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
LoadLibraryW
GetProcAddress
GetModuleFileNameW
FreeLibrary
GetSystemDirectoryW
CreateProcessW
SetThreadPriority
GetCurrentThread
GetCurrentProcess
Sleep
CreateEventW
CreateMutexW
SetEvent
GetVolumePathNamesForVolumeNameW
GetLogicalDrives
DeleteVolumeMountPointW
GetCommandLineW
CopyFileW
FormatMessageW
FreeEnvironmentStringsW
SetEnvironmentVariableA
LocalFree
LocalLock
GetVersionExW
HeapFree
GetExitCodeThread
CreateThread
WaitForSingleObject
ResumeThread
SuspendThread
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
FindResourceW
SizeofResource
LockResource
LoadResource
GetModuleHandleW
WideCharToMultiByte
SystemTimeToFileTime
GetWindowsDirectoryW
GetSystemTime
DeviceIoControl
SetLastError
GetLastError
CloseHandle
OutputDebugStringW
GetVolumeNameForVolumeMountPointW
WriteFile
SetFileTime
SetFilePointer
SetFileAttributesW
SetEndOfFile
RemoveDirectoryW
ReadFile
GetVolumeInformationW
GetFileSizeEx
GetFileAttributesExW
GetDriveTypeW
GetDiskFreeSpaceW
FlushFileBuffers
FindVolumeClose
FindNextVolumeW
FindNextFileW
FindFirstVolumeW
FindFirstFileW
FindClose
DeleteFileW
CreateFileW
CreateDirectoryW
WriteConsoleW
RealChildWindowFromPoint
GetSysColorBrush
DestroyMenu
MapDialogRect
SetWindowContextHelpId
GetMessageW
WindowFromPoint
GetCursorPos
CharUpperW
IntersectRect
GetDesktopWindow
GetActiveWindow
EndDialog
CreateDialogIndirectParamW
IsDialogMessageW
SetWindowTextW
MoveWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
CallNextHookEx
SetWindowsHookExW
GetTopWindow
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextW
RemovePropW
GetPropW
SetPropW
GetScrollPos
ValidateRect
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPos
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
PostThreadMessageW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
CharNextW
CopyAcceleratorTableW
InvalidateRgn
SetRect
IsRectEmpty
GetNextDlgGroupItem
RegisterClipboardFormatW
GetWindowTextLengthW
GetMessagePos
PeekMessageW
RegisterWindowMessageW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
UnhookWindowsHookEx
GetLastActivePopup
GetWindowThreadProcessId
IsWindowEnabled
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetMenuItemCount
GetMenuItemID
SetRectEmpty
SendDlgItemMessageA
ModifyMenuW
GetSubMenu
LoadMenuW
UnregisterClassW
GetWindow
DrawIconEx
GetClipboardData
CloseClipboard
OpenClipboard
DispatchMessageW
TranslateMessage
CopyIcon
LoadCursorW
SetWindowLongW
SetCursor
MessageBeep
RedrawWindow
ReleaseDC
GetDC
IsWindow
GetWindowRect
DrawIcon
GetSystemMetrics
KillTimer
SetTimer
SetFocus
GetNextDlgTabItem
IsIconic
IsWindowVisible
PostQuitMessage
FindWindowW
MessageBoxW
SetForegroundWindow
SetActiveWindow
UpdateWindow
ShowWindow
ExitWindowsEx
LoadIconW
GetWindowLongW
InflateRect
GetKeyState
GetFocus
GetClassNameW
PostMessageW
GetParent
PtInRect
OffsetRect
GetClientRect
ReleaseCapture
SetCapture
SendMessageW
LoadBitmapW
CopyRect
GetSysColor
InvalidateRect
EnableWindow
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
GetMapMode
OffsetViewportOrgEx
GetTextColor
GetRgnBox
SetMapMode
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
GetBkColor
SetBkColor
ExtSelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetClipBox
Escape
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontW
CreateSolidBrush
DeleteDC
DeleteObject
GetPixel
GetTextExtentPoint32W
Pie
SelectObject
SetBkMode
SetTextColor
TextOutW
StretchBlt
GetObjectW
CreateFontIndirectW
GetDeviceCaps
GetStockObject
CreatePen
RoundRect
CreateBitmap
TransparentBlt
AlphaBlend
ClosePrinter
OpenPrinterW
DocumentPropertiesW
RegQueryValueExA
AdjustTokenPrivileges
RegFlushKey
GetTokenInformation
LookupPrivilegeValueW
RegEnumValueW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
OpenProcessToken
RegOpenKeyExA
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyW
RegEnumKeyW
RegQueryValueW
RegOpenKeyExW
RegCloseKey
ConvertSidToStringSidW
SHChangeNotify
CommandLineToArgvW
ShellExecuteW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
DragFinish
DragQueryFileW
ord17
ImageList_ReplaceIcon
PathFindFileNameW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathAppendW
PathFileExistsW
PathSetDlgItemPathW
SHSetValueW
SHGetValueW
SHDeleteValueW
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoInitializeEx
StgCreateDocfileOnILockBytes
CoTaskMemAlloc
CreateStreamOnHGlobal
CoInitialize
CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity
CoUninitialize
CoFreeUnusedLibraries
StgOpenStorageOnILockBytes
OleInitialize
OleUninitialize
CoRevokeClassObject
OleFlushClipboard
CoGetClassObject
CreateILockBytesOnHGlobal
CoTaskMemFree
CoRegisterMessageFilter
OleIsCurrentClipboard
OleCreateFontIndirect
SysAllocString
SysFreeString
VariantInit
VariantClear
OleLoadPicture
SysAllocStringLen
VariantChangeType
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
OleUIBusyW
LresultFromObject
CreateStdAccessibleObject
InternetOpenW
InternetCloseHandle
InternetConnectW
InternetReadFile
InternetSetFilePointer
InternetWriteFile
InternetQueryDataAvailable
InternetSetStatusCallbackW
HttpOpenRequestW
HttpSendRequestW
HttpQueryInfoW
InternetGetLastResponseInfoW
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE