Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
Essential Mod Installer (3).exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
Essential Mod Installer (3).exe
Resource
win10v2004-20240709-en
Target
Essential Mod Installer (3).exe
Size
9.4MB
MD5
56a56b1d2ff754722fb0c95d55683e62
SHA1
e1dfdb5654d8e98a43a6d385cb5dc5a2b317865f
SHA256
07721b32b333bb894f484314cd56348cf973bd2f4a7ab91235d0a9bcfd6bcd16
SHA512
0e48d5cb94dce5a8130b6b5e4f2d728be2e73b5bbcf58ca64adf8ce068530b072a8859cf744cabb69113f12547198fa170f81798e14ac083efb1732ca65a8799
SSDEEP
98304:NTNrr65GwiQ8f28SpIxu80VbTmiXUd1hex0X4eSCHz3k2Ny:9tf2Ty1hcSPNy
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
WaitOnAddress
WakeByAddressAll
WakeByAddressSingle
ProcessPrng
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
SystemFunction036
GetTokenInformation
OpenProcessToken
D3DCompile
DwmEnableBlurBehindWindow
DeleteObject
GetDeviceCaps
CreateRectRgn
GetConsoleOutputCP
HeapSize
SetFilePointerEx
FlushFileBuffers
HeapFree
FreeLibrary
HeapReAlloc
GlobalFree
GetLastError
GlobalUnlock
GetProcAddress
SetThreadErrorMode
LoadLibraryExW
QueryPerformanceCounter
CloseHandle
SwitchToThread
RemoveVectoredExceptionHandler
GetCurrentThreadId
AddVectoredExceptionHandler
SetThreadStackGuarantee
GetModuleHandleW
GetCurrentProcess
WaitForSingleObject
WaitForMultipleObjects
GetOverlappedResult
GetExitCodeProcess
GetSystemInfo
UnmapViewOfFile
GetQueuedCompletionStatusEx
CreateIoCompletionPort
SetFileCompletionNotificationModes
SetLastError
GetFinalPathNameByHandleW
Sleep
GetModuleHandleA
PostQueuedCompletionStatus
SetHandleInformation
GetCurrentThread
GetStdHandle
GetConsoleMode
MultiByteToWideChar
WriteConsoleW
QueryPerformanceFrequency
FormatMessageW
GetCurrentDirectoryW
WaitForSingleObjectEx
LoadLibraryA
lstrlenW
GetCurrentProcessId
CreateMutexA
ReleaseMutex
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
GetEnvironmentVariableW
GetTempPathW
CreateFileW
SetFileInformationByHandle
GetFileInformationByHandle
GetFileInformationByHandleEx
GetFullPathNameW
FindFirstFileW
FindClose
GetEnvironmentStringsW
FreeEnvironmentStringsW
CompareStringOrdinal
GetModuleFileNameW
GetSystemDirectoryW
GetWindowsDirectoryW
CreateProcessW
GetFileAttributesW
DuplicateHandle
InitializeProcThreadAttributeList
UpdateProcThreadAttribute
DeleteProcThreadAttributeList
CreateNamedPipeW
CreateThread
ReadFileEx
SleepEx
WriteFileEx
CreateEventW
CancelIo
ReadFile
ExitProcess
HeapAlloc
GetProcessHeap
CreateFileMappingW
MapViewOfFile
VirtualProtect
CreateEventA
GlobalLock
GlobalSize
WideCharToMultiByte
GlobalAlloc
InitializeSListHead
LCMapStringW
CompareStringW
FlsFree
FlsSetValue
FlsGetValue
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
RtlUnwindEx
RtlPcToFileHeader
RaiseException
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
WriteFile
TerminateProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetEnvironmentVariableW
SetStdHandle
GetFileType
GetStringTypeW
FlsAlloc
GetSystemTimeAsFileTime
CoInitializeEx
RevokeDragDrop
CoCreateInstance
CoUninitialize
OleInitialize
RegisterDragDrop
DragQueryFileW
DragFinish
ClientToScreen
GetCursorPos
MapVirtualKeyW
SendInput
SetForegroundWindow
GetClipboardData
CloseClipboard
OpenClipboard
EmptyClipboard
SetClipboardData
RegisterWindowMessageA
SystemParametersInfoA
GetDC
IsProcessDPIAware
ShowWindow
SendMessageW
SetWindowLongW
GetActiveWindow
ShowCursor
GetClipCursor
ClipCursor
GetKeyboardLayout
ToUnicodeEx
GetKeyState
GetKeyboardState
GetMenu
AdjustWindowRectEx
ReleaseCapture
SetCapture
MonitorFromRect
DestroyWindow
CloseTouchInputHandle
RegisterRawInputDevices
CreateWindowExW
RegisterClassExW
DestroyIcon
MsgWaitForMultipleObjectsEx
GetMessageW
InvalidateRgn
SetWindowPos
GetWindowPlacement
SetWindowPlacement
ChangeDisplaySettingsExW
RegisterTouchWindow
GetSystemMetrics
DispatchMessageW
TranslateMessage
MapVirtualKeyA
GetUpdateRect
PeekMessageW
PostThreadMessageW
ValidateRect
GetRawInputData
SetWindowLongPtrW
DefWindowProcW
GetWindowLongPtrW
SetCursor
LoadCursorW
PostMessageW
MonitorFromWindow
SetWindowTextW
GetClientRect
RedrawWindow
GetMonitorInfoW
GetWindowLongW
GetTouchInputInfo
ScreenToClient
MonitorFromPoint
TrackMouseEvent
SetWindowTheme
timeBeginPeriod
timeEndPeriod
timeGetDevCaps
BCryptGenRandom
NtReadFile
NtWriteFile
RtlNtStatusToDosError
NtDeviceIoControlFile
NtCreateFile
NtCancelIoFileEx
WSAGetLastError
getsockname
WSASocketW
ioctlsocket
WSAIoctl
bind
closesocket
connect
getsockopt
getpeername
shutdown
send
recv
WSACleanup
WSAStartup
freeaddrinfo
getaddrinfo
WSASend
setsockopt
CertOpenStore
CertDuplicateCertificateChain
CertFreeCertificateContext
CertVerifyCertificateChainPolicy
CertFreeCertificateChain
CertGetCertificateChain
CertAddCertificateContextToStore
CertEnumCertificatesInStore
CertCloseStore
CertDuplicateCertificateContext
CertDuplicateStore
EncryptMessage
AcquireCredentialsHandleA
FreeCredentialsHandle
ApplyControlToken
DeleteSecurityContext
AcceptSecurityContext
InitializeSecurityContextW
QueryContextAttributesW
DecryptMessage
FreeContextBuffer
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ