Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
2024-08-17_8fdca6676257a5a89c7bffd4760979a5_avoslocker_cobalt-strike.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
2024-08-17_8fdca6676257a5a89c7bffd4760979a5_avoslocker_cobalt-strike.exe
Resource
win10v2004-20240802-en
Target
2024-08-17_8fdca6676257a5a89c7bffd4760979a5_avoslocker_cobalt-strike
Size
929KB
MD5
8fdca6676257a5a89c7bffd4760979a5
SHA1
833d2ab9cfa93d47f286d0b88d590ec1676aa27f
SHA256
7db8c03823a42b844a515a09131037e06b787372a50b3da15e9efab8e95b8c34
SHA512
c17fc33af9ab8ec822c10e3d1e4b6b0ce918cf0f8d906e3be7862c1ca60920ab26722fb348ad9581041c06c5010a47a30383fa3d9de84b55f40d43978ca579cb
SSDEEP
12288:Q5y9B/0XeILMtIZY0BwT6DNQCfrN3Q2TAzPN42evhBYOFpD1kx+FvZIp0ot6q0Be:diXezmuPN2vhrf9Y0oMqnrer7mmO9
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageContentCommitment
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
c:\jenkinswork\workspace\CC_CI_Compile_ArcClientQt_PQA\src\Bin\Pdb\ArcDepends.pdb
GetSystemInfo
IsWow64Process
RtlUnwind
InitializeSListHead
GetFileAttributesW
CreateFileW
GetModuleFileNameW
OutputDebugStringA
GetLocalTime
OutputDebugStringW
TlsAlloc
GetSystemTimeAsFileTime
GetCurrentThreadId
Sleep
TlsSetValue
TlsFree
LoadLibraryExW
GetDriveTypeW
GetFileInformationByHandle
SystemTimeToTzSpecificLocalTime
WriteConsoleW
HeapSize
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetPrivateProfileStringW
GetVersionExW
lstrcpynW
GetCurrentProcess
WritePrivateProfileStringW
GetModuleHandleW
DeleteCriticalSection
GetProcAddress
DecodePointer
RaiseException
GetSystemDirectoryW
InitializeCriticalSectionEx
WideCharToMultiByte
MultiByteToWideChar
CloseHandle
DeleteFileW
TlsGetValue
GetLastError
FindClose
GetFullPathNameW
GetCurrentDirectoryW
SetEndOfFile
SetStdHandle
GetFileAttributesExW
FlushFileBuffers
GetTimeZoneInformation
HeapReAlloc
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
HeapFree
HeapAlloc
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
GetCommandLineW
GetCommandLineA
WriteFile
ExitProcess
GetCurrentProcessId
SetFilePointerEx
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
EnterCriticalSection
LeaveCriticalSection
EncodePointer
LCMapStringEx
GetStringTypeW
GetCPInfo
SetLastError
FormatMessageW
SleepEx
QueryPerformanceFrequency
GetSystemDirectoryA
FreeLibrary
GetModuleHandleA
LoadLibraryA
QueryPerformanceCounter
GetTickCount
MoveFileExA
WaitForSingleObjectEx
GetEnvironmentVariableA
GetStdHandle
GetFileType
ReadFile
PeekNamedPipe
WaitForMultipleObjects
VerSetConditionMask
VerifyVersionInfoW
CreateFileA
GetFileSizeEx
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
FileTimeToSystemTime
GetSystemMetrics
CryptEncrypt
CryptAcquireContextA
CryptReleaseContext
CryptGetHashParam
CryptGenRandom
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptDestroyKey
RegDeleteKeyW
CryptImportKey
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
SHFileOperationW
ord217
ord46
ord211
ord60
ord45
ord50
ord41
ord22
ord26
ord27
ord32
ord33
ord35
ord79
ord30
ord200
ord301
ord143
CertOpenStore
CertFreeCertificateChain
CertGetCertificateChain
CertFreeCertificateChainEngine
CertCreateCertificateChainEngine
CryptQueryObject
CertGetNameStringA
CertFindExtension
CertAddCertificateContextToStore
CryptDecodeObjectEx
PFXImportCertStore
CryptStringToBinaryA
CertFreeCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
getsockname
getpeername
connect
bind
recv
WSAGetLastError
closesocket
htons
getaddrinfo
WSAResetEvent
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
send
getsockopt
ntohs
setsockopt
socket
WSASetLastError
WSAIoctl
WSAStartup
WSACleanup
__WSAFDIsSet
select
accept
htonl
listen
freeaddrinfo
recvfrom
sendto
ioctlsocket
gethostname
WSAWaitForMultipleEvents
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ