Extended Key Usages
ExtKeyUsageCodeSigning
Static task
static1
Behavioral task
behavioral1
Sample
d2d2dc62aef0f9cfdb5e80f7890a7744ca75b8d248794c1411e0d5e035693da4.exe
Resource
win10v2004-20240802-en
Target
d2d2dc62aef0f9cfdb5e80f7890a7744ca75b8d248794c1411e0d5e035693da4
Size
689KB
MD5
2a136561a6613280ed6514b6d4a05a57
SHA1
57b8b35465cb749edf73796506b07ac473165457
SHA256
d2d2dc62aef0f9cfdb5e80f7890a7744ca75b8d248794c1411e0d5e035693da4
SHA512
759600b809eb1cf0c35cfca5353b22fc73b35293b55f2c8fce90ed76a41bfecc92af7705710a0cf0cae4c5b8a11705d8307971ed3ead4487781d44c967e89f37
SSDEEP
12288:R0YvLN0PM5BtwWELOgpZ3GoPQdyc+yb+mpsbZst8tuzbGytqkH:Kg0k5BCna02oXmxqtibGyt5H
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
GamingRepairTool.pdb
_cexit
_initialize_onexit_table
_register_onexit_function
__p___wargv
_invalid_parameter_noinfo_noreturn
_crt_atexit
_c_exit
__p___argc
exit
_register_thread_local_exe_atexit_callback
_exit
abort
_seh_filter_exe
_set_app_type
_configure_wide_argv
_initialize_wide_environment
_beginthreadex
_initterm_e
terminate
_get_initial_wide_environment
_initterm
_errno
_invalid_parameter_noinfo
__stdio_common_vsprintf_s
_setmode
_fileno
__acrt_iob_func
__stdio_common_vswscanf
__stdio_common_vswprintf_s
fclose
fputwc
ungetwc
fgetc
fgetwc
fwrite
fgetpos
setvbuf
ungetc
fsetpos
__p__commode
_fseeki64
__stdio_common_vsprintf
getchar
__stdio_common_vswprintf
_set_fmode
__stdio_common_vsnprintf_s
fflush
strncmp
wcscpy_s
wcsnlen
_wcsnicmp
wcsncpy_s
_stricmp
strcspn
strcpy_s
_wcsdup
isupper
_wcsicmp
isspace
tolower
islower
__strncnt
strcmp
RtlGetVersion
NtQueryInformationProcess
DbgPrintEx
RtlPcToFileHeader
RtlUnwindEx
RtlLookupFunctionEntry
NtQueryMutant
FreeLibrary
GetModuleHandleExW
GetModuleFileNameW
GetProcAddress
GetModuleHandleW
GetModuleFileNameA
LoadLibraryExW
LoadStringW
ReleaseSemaphore
ResetEvent
AcquireSRWLockShared
SetWaitableTimer
ReleaseSRWLockShared
CreateEventW
TryAcquireSRWLockExclusive
InitializeSRWLock
AcquireSRWLockExclusive
EnterCriticalSection
CreateEventExW
LeaveCriticalSection
InitializeCriticalSectionEx
SetEvent
DeleteCriticalSection
ReleaseSRWLockExclusive
CreateMutexExW
CreateSemaphoreExW
WaitForSingleObject
ReleaseMutex
WaitForSingleObjectEx
OpenSemaphoreW
HeapFree
HeapAlloc
GetProcessHeap
SetLastError
RaiseException
GetLastError
CreateProcessA
GetExitCodeThread
OpenThreadToken
GetCurrentThread
GetExitCodeProcess
OpenProcessToken
GetCurrentProcessId
GetCurrentProcess
ResumeThread
CreateProcessW
GetCurrentThreadId
CreateProcessAsUserW
CreateThread
GetLocaleInfoEx
LCMapStringEx
FormatMessageW
GetCPInfo
DebugBreak
IsDebuggerPresent
OutputDebugStringW
CloseHandle
SetHandleInformation
GetNativeSystemInfo
GetSystemTimePreciseAsFileTime
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
GetTickCount64
GetSystemDirectoryW
InitializeSListHead
RoGetActivationFactory
RoActivateInstance
RoUninitialize
RoInitialize
FlsFree
FlsGetValue
FlsSetValue
FlsAlloc
EncodePointer
DecodePointer
DiUninstallDevice
SetupGetInfInformationA
SetupDiDestroyDeviceInfoList
SetupQueryInfVersionInformationA
SetupDiCreateDeviceInfoList
SetupDiOpenDeviceInfoW
__pctype_func
_configthreadlocale
___lc_locale_name_func
localeconv
setlocale
___mb_cur_max_func
___lc_codepage_func
___lc_collate_cp_func
_lock_locales
_unlock_locales
_malloc_base
_set_new_mode
free
malloc
_callnewh
_free_base
_realloc_base
_calloc_base
calloc
strtod
strtof
_unlock_file
_lock_file
frexp
ldexp
pow
powf
_Strftime
_W_Getmonths
_W_Getdays
_Getdays
_Wcsftime
_Getmonths
_Gettnames
_W_Gettnames
WaitForMultipleObjects
CreateWaitableTimerW
WakeAllConditionVariable
SleepConditionVariableSRW
Sleep
WakeConditionVariable
InitializeConditionVariable
RegOpenKeyExW
RegQueryInfoKeyW
RegEnumValueW
RegDeleteValueW
RegDeleteTreeW
RegCreateKeyExW
RegGetValueW
RegCloseKey
FindFirstFileW
SetFileTime
GetFileAttributesW
CreateFileW
ReadFile
DeleteFileW
SetFileAttributesW
FindNextFileW
RemoveDirectoryW
GetFileTime
CreateDirectoryW
FindClose
WindowsGetStringRawBuffer
WindowsCreateString
WindowsConcatString
WindowsDuplicateString
WindowsDeleteString
WindowsCreateStringReference
RegDeleteKeyValueW
RegSetKeyValueW
EventSetInformation
EventUnregister
EventWriteTransfer
EventRegister
OpenProcess
K32GetModuleFileNameExW
K32GetProcessImageFileNameW
CoInitializeEx
CoTaskMemFree
CoWaitForMultipleHandles
CoCreateFreeThreadedMarshaler
CoUninitialize
LocalAlloc
LocalFree
GetTokenInformation
ImpersonateLoggedOnUser
RevertToSelf
AdjustTokenPrivileges
DuplicateTokenEx
ConvertSidToStringSidW
CreatePipe
PeekNamedPipe
GetTempPathW
ExpandEnvironmentStringsA
GetCommandLineW
ExpandEnvironmentStringsW
GetStdHandle
StartTraceW
ControlTraceW
EnableTraceEx2
MoveFileExW
SetRestrictedErrorInfo
RoGetMatchingRestrictedErrorInfo
PathCchRemoveFileSpec
MultiByteToWideChar
CompareStringEx
GetStringTypeW
WideCharToMultiByte
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
StartServiceW
OpenServiceW
ControlServiceExW
OpenSCManagerW
CloseServiceHandle
QueryServiceConfigW
ChangeServiceConfigW
QueryServiceStatusEx
NotifyServiceStatusChangeW
CopyFileW
ResolveDelayLoadedAPI
DelayLoadFailureHook
RegDeleteKeyW
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ