Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
0cf06c833517acebaebf18e5b36edccb4903a112117dbee1a19f9b76c7a7b36f.exe
Resource
win7-20240903-en
Target
0cf06c833517acebaebf18e5b36edccb4903a112117dbee1a19f9b76c7a7b36f.exe
Size
2.1MB
MD5
de2b7ec32d3a5c530e5a1aa6f2b27b16
SHA1
83c3c02a1c5746882094939ed4f1ab61954ff8f0
SHA256
0cf06c833517acebaebf18e5b36edccb4903a112117dbee1a19f9b76c7a7b36f
SHA512
e76d643dc5fad7de78172bafe3b33da231bbce76fb2c46235338e811112f32775dfd20acf770141808ee00c0e9527829933d9ec1ee04c776b774eff80168bee8
SSDEEP
24576:S/BARUsXRaTX3P/drZ6p7Ut2Qcbgn5DFIOG+N3mYm8hz8UQn652/BJOD:i2HXRWXdrEDQ0gn5xfG+8H8hz8rdm
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Copyright_Infringement_Evidence.pdb
WakeByAddressAll
WaitOnAddress
WakeByAddressSingle
ProcessPrng
GetCurrentProcess
DuplicateHandle
SetHandleInformation
CreateIoCompletionPort
GetQueuedCompletionStatusEx
PostQueuedCompletionStatus
ReadFile
GetOverlappedResult
SetFileCompletionNotificationModes
Sleep
GetModuleHandleA
GetProcAddress
FreeEnvironmentStringsW
DeleteProcThreadAttributeList
CompareStringOrdinal
GetLastError
AddVectoredExceptionHandler
SetThreadStackGuarantee
GetCurrentThread
SwitchToThread
CreateWaitableTimerExW
SetWaitableTimer
WaitForSingleObject
QueryPerformanceCounter
GetSystemInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetLastError
GetCurrentDirectoryW
GetEnvironmentStringsW
GetEnvironmentVariableW
SetFileInformationByHandle
GetStdHandle
GetCurrentProcessId
WriteFileEx
SleepEx
GetExitCodeProcess
QueryPerformanceFrequency
HeapFree
HeapReAlloc
lstrlenW
ReleaseMutex
GetProcessHeap
HeapAlloc
FindClose
CreateFileW
GetFileInformationByHandle
GetFileInformationByHandleEx
CreateDirectoryW
FindFirstFileW
GetFinalPathNameByHandleW
CreateEventW
CancelIo
GetConsoleMode
GetModuleHandleW
FormatMessageW
GetModuleFileNameW
CreateNamedPipeW
ReadFileEx
WaitForMultipleObjects
GetFullPathNameW
GetSystemDirectoryW
GetWindowsDirectoryW
CreateProcessW
GetFileAttributesW
InitializeProcThreadAttributeList
UpdateProcThreadAttribute
MultiByteToWideChar
WriteConsoleW
WideCharToMultiByte
CreateThread
WaitForSingleObjectEx
LoadLibraryA
CreateMutexA
InitializeSListHead
GetSystemTimeAsFileTime
IsDebuggerPresent
CloseHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentThreadId
IsProcessorFeaturePresent
BCryptGenRandom
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
SystemFunction036
EncryptMessage
DeleteSecurityContext
DecryptMessage
QueryContextAttributesW
FreeContextBuffer
InitializeSecurityContextW
AcquireCredentialsHandleA
FreeCredentialsHandle
ApplyControlToken
AcceptSecurityContext
freeaddrinfo
WSAGetLastError
WSAIoctl
setsockopt
WSAStartup
WSASend
send
getaddrinfo
recv
shutdown
getsockopt
ioctlsocket
connect
bind
WSASocketW
getsockname
getpeername
WSACleanup
closesocket
CertOpenStore
CertEnumCertificatesInStore
CertCloseStore
CertFreeCertificateChain
CertDuplicateCertificateChain
CertFreeCertificateContext
CertDuplicateCertificateContext
CertVerifyCertificateChainPolicy
CertDuplicateStore
CertAddCertificateContextToStore
CertGetCertificateChain
NtCreateFile
RtlNtStatusToDosError
NtCancelIoFileEx
NtReadFile
NtDeviceIoControlFile
NtWriteFile
memset
memcmp
memmove
__current_exception_context
__CxxFrameHandler3
__current_exception
__C_specific_handler
memcpy
__setusermatherr
pow
exit
_exit
__p___argc
__p___argv
_cexit
_c_exit
_initialize_narrow_environment
_initterm_e
_get_initial_narrow_environment
_configure_narrow_argv
_initialize_onexit_table
_register_onexit_function
_crt_atexit
terminate
_initterm
_seh_filter_exe
_set_app_type
_register_thread_local_exe_atexit_callback
__p__commode
_set_fmode
_configthreadlocale
_set_new_mode
free
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ