Extended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
eef9bdadf787f0745e4ac0dca0932a776442bf8b09029f0f9982e095b5492e55.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
eef9bdadf787f0745e4ac0dca0932a776442bf8b09029f0f9982e095b5492e55.exe
Resource
win10v2004-20241007-en
Target
eef9bdadf787f0745e4ac0dca0932a776442bf8b09029f0f9982e095b5492e55
Size
3.8MB
MD5
9228cdfb952140f200fa8decfa68758d
SHA1
6ebda54830531cf552d6cbd307c07417ba809195
SHA256
eef9bdadf787f0745e4ac0dca0932a776442bf8b09029f0f9982e095b5492e55
SHA512
598b35d87a6e1f4bb6ec0205e65547ef157e9d46566684557fc043419986f1e7b66770b2163bc7f0458c43137a624d4822842217c337306e1e3d9ad35bb2486a
SSDEEP
98304:fbMGaWaJi6WN1ZRATW2OsghB6T6szIqVu:DMGaWamN1qWig7LCVu
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageContentCommitment
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageContentCommitment
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
E:\jenkins_workspace\workspace\WindowsAssist_1.0.26.241009\default\Software\WinAssistant\Bin\Release\UnInstall.pdb
GetSystemTimeAsFileTime
EncodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
GetStartupInfoW
InitializeSListHead
GlobalLock
GlobalUnlock
GetFileSize
ReadFile
lstrlenW
LoadLibraryW
GetCurrentDirectoryW
CreateFileW
GetACP
ExitProcess
MulDiv
WriteFile
SetFilePointer
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
CreateDirectoryW
GetFileAttributesW
LocalFree
OpenProcess
GetVersionExW
GlobalAlloc
GetModuleHandleA
GetLocalTime
lstrcpynW
lstrcpyW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
TlsAlloc
MoveFileW
InitializeCriticalSection
FileTimeToSystemTime
GetTempPathW
RemoveDirectoryW
CreateFileA
GetFileAttributesExW
LocalAlloc
GetFileInformationByHandle
GetHandleInformation
GetLogicalDriveStringsW
QueryDosDeviceW
DeviceIoControl
GetSystemDirectoryA
GetSystemDirectoryW
GetLongPathNameW
GetDriveTypeW
VirtualAlloc
VirtualFree
GlobalMemoryStatus
TlsSetValue
SignalObjectAndWait
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetCurrentThread
GetThreadTimes
FreeLibraryAndExitThread
VirtualProtect
DuplicateHandle
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
CreateTimerQueue
RtlUnwind
ExitThread
GetModuleHandleExW
GetTimeZoneInformation
GetStdHandle
GetFileType
GetConsoleCP
GetConsoleMode
SetFilePointerEx
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
SetConsoleCtrlHandler
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle
ReadConsoleW
SetEndOfFile
WriteConsoleW
FlushFileBuffers
SwitchToThread
SetLastError
QueryPerformanceFrequency
GetEnvironmentVariableW
ReadConsoleA
SetConsoleMode
SwitchToFiber
DeleteFiber
CreateFiber
QueryPerformanceCounter
GetStringTypeW
WideCharToMultiByte
FormatMessageW
TryEnterCriticalSection
OutputDebugStringW
IsDebuggerPresent
ConvertFiberToThread
ConvertThreadToFiber
TlsFree
GetFullPathNameW
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
WaitForMultipleObjects
GetEnvironmentVariableA
CompareFileTime
SleepEx
TlsGetValue
FindResourceExW
CreateThread
CopyFileW
MoveFileExW
SetErrorMode
GetModuleFileNameA
LoadLibraryExW
lstrcmpiW
InterlockedIncrement
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
GetModuleHandleW
GetProcAddress
FindResourceW
LoadResource
LockResource
FreeResource
InterlockedDecrement
SizeofResource
GetTickCount
GetModuleFileNameW
GetCommandLineW
GetSystemTime
GetCurrentThreadId
VerifyVersionInfoW
GetCurrentProcessId
VerSetConditionMask
DeleteFileW
Sleep
FindClose
FindNextFileW
FindFirstFileW
CreateProcessW
CloseHandle
ResumeThread
TerminateProcess
ResetEvent
TerminateThread
SetEvent
GetExitCodeThread
CreateEventW
WaitForSingleObject
DeleteCriticalSection
GetProcessHeap
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionAndSpinCount
VirtualQuery
HeapFree
GetPropW
SetPropW
GetSystemMetrics
EnableWindow
ShowWindow
GetClassInfoExW
RegisterClassExW
RegisterClassW
CallWindowProcW
DefWindowProcW
wsprintfW
GetMonitorInfoW
MonitorFromWindow
LoadImageW
GetWindow
GetParent
SetWindowLongW
GetWindowLongW
PtInRect
IsRectEmpty
OffsetRect
UnionRect
IntersectRect
GetSysColor
MapWindowPoints
ShowCaret
GetCursorPos
GetWindowRect
GetClientRect
InvalidateRect
CreateAcceleratorTableW
EndPaint
BeginPaint
ReleaseDC
GetDC
LoadCursorW
SetTimer
ReleaseCapture
SetCapture
GetKeyState
GetFocus
SetCaretPos
GetCaretPos
ClientToScreen
UpdateWindow
PrivateExtractIconsW
DestroyIcon
DrawIconEx
EqualRect
SetWindowTextW
GetActiveWindow
SetFocus
IsZoomed
IsIconic
IsWindowVisible
SetWindowPos
IsWindow
CreateWindowExW
SendMessageW
GetProcessWindowStation
GetWindowTextW
GetWindowTextLengthW
wsprintfA
GetCursor
LoadStringW
SetCursor
InflateRect
SetWindowRgn
MessageBoxW
UpdateLayeredWindow
MoveWindow
IsWindowEnabled
GetWindowRgn
MonitorFromPoint
CharPrevW
DrawTextW
FillRect
SetRect
CreatePopupMenu
DestroyMenu
EnableMenuItem
AppendMenuW
TrackPopupMenu
CreateCaret
GetCaretBlinkTime
GetUserObjectInformationW
GetWindowThreadProcessId
AllowSetForegroundWindow
FindWindowW
GetDesktopWindow
MapVirtualKeyExW
GetKeyNameTextW
KillTimer
GetKeyboardLayout
SetForegroundWindow
GetGUIThreadInfo
HideCaret
ScreenToClient
InvalidateRgn
DestroyWindow
ActivateKeyboardLayout
PostQuitMessage
GetMessageW
DispatchMessageW
PeekMessageW
CharNextW
TranslateMessage
PostMessageW
GetUpdateRect
DrawTextA
CryptCreateHash
RegOpenKeyExA
RegEnumKeyExA
LookupAccountSidW
GetTokenInformation
OpenProcessToken
DeregisterEventSource
RegisterEventSourceW
ReportEventW
RegDeleteValueW
RegOpenKeyExW
GetUserNameW
CryptAcquireContextW
CryptReleaseContext
CryptDestroyKey
CryptSetHashParam
CryptGetProvParam
CryptGetUserKey
CryptExportKey
OpenServiceW
OpenSCManagerW
DeleteService
CryptDecrypt
RegCloseKey
CryptDestroyHash
CryptSignHashW
CryptEnumProvidersW
CryptGenRandom
RegSetKeySecurity
ControlService
CloseServiceHandle
RegQueryValueExW
RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
ShellExecuteW
SHGetFolderPathW
SHGetSpecialFolderPathW
SHGetFileInfoW
DragQueryFileW
DoDragDrop
OleDuplicateData
ReleaseStgMedium
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
OleLockRunning
CoUninitialize
CoInitialize
CoTaskMemRealloc
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
SysFreeString
VarUI4FromStr
VariantInit
VariantClear
SysAllocString
PathCombineW
PathStripToRootW
ord176
PathIsSameRootW
PathFindFileNameW
PathRemoveFileSpecW
SHSetValueW
SHDeleteKeyW
PathIsDirectoryW
PathFileExistsW
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
GetProcessImageFileNameW
EnumProcessModules
GetModuleFileNameExW
MiniDumpWriteDump
ObtainUserAgentString
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBitmap
SetBitmapBits
GetBitmapBits
GetTextExtentPointA
CreatePatternBrush
GdiFlush
TextOutW
MoveToEx
GetObjectA
SetTextColor
SetStretchBltMode
StretchBlt
SetBkMode
SetBkColor
ExtSelectClipRgn
SelectClipRgn
LineTo
GetTextExtentPoint32W
GetClipBox
GetCharABCWidthsW
CreateSolidBrush
CreateRectRgnIndirect
CreatePenIndirect
CombineRgn
CreateDIBSection
PtInRegion
CreateRectRgn
CreateRoundRectRgn
SetWindowOrgEx
GetObjectW
GetTextMetricsW
PlayEnhMetaFile
GetEnhMetaFileHeader
CreateEnhMetaFileW
CloseEnhMetaFile
SelectObject
SaveDC
RestoreDC
Rectangle
RemoveFontMemResourceEx
AddFontMemResourceEx
GetStockObject
GetDeviceCaps
DeleteObject
DeleteDC
CreatePen
CreateFontIndirectW
BitBlt
_TrackMouseEvent
InitCommonControlsEx
ord17
GdipCreateMatrix
GdipDeleteMatrix
GdipTranslateMatrix
ord1
GdipRotateMatrix
GdipDeletePath
GdipCreatePath
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipCloneImage
GdipFree
GdipAlloc
GdiplusShutdown
GdiplusStartup
GdipCloneBrush
GdipDeleteBrush
GdipLoadImageFromStreamICM
GdipCreateSolidFill
GdipCreatePen1
GdipDeletePen
GdipSetPenMode
GdipSetPenDashStyle
GdipLoadImageFromStream
GdipDrawImageI
GdipDrawLine
GdipGetImageGraphicsContext
GdipSetPenEndCap
GdipSetPenStartCap
GdipCreatePen2
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipDrawImageRectI
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipCloneStringFormat
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipMeasureString
GdipDrawString
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDrawImageRectRect
GdipFillPath
GdipFillRectangleI
GdipDrawPath
GdipDrawRectangleI
GdipResetWorldTransform
GdipSetWorldTransform
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipSetSmoothingMode
GdipReleaseDC
GdipDeleteGraphics
GdipCreateFromHDC
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipCreateBitmapFromScan0
GdipGetImageHeight
GdipGetImageWidth
GdipAddPathLine
ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext
CertOpenStore
CertDuplicateCertificateContext
CryptMsgClose
CryptMsgGetParam
CertCloseStore
CertGetEnhancedKeyUsage
CertFreeCertificateContext
CertGetNameStringW
CryptQueryObject
CertEnumCertificatesInStore
CertGetCertificateContextProperty
CertOpenSystemStoreW
CertGetIntendedKeyUsage
CertFindCertificateInStore
WSAEnumNetworkEvents
recvfrom
WSACloseEvent
freeaddrinfo
getaddrinfo
sendto
__WSAFDIsSet
ioctlsocket
listen
htonl
accept
WSACleanup
WSAIoctl
WSASetLastError
socket
setsockopt
ntohs
htons
getsockopt
getsockname
getpeername
connect
bind
WSAGetLastError
getnameinfo
send
recv
closesocket
WSAEventSelect
select
gethostname
WSACreateEvent
shutdown
WSAStartup
gethostbyname
ord133
ord79
ord142
ord167
ord127
ord27
ord26
ord117
ord41
ord208
ord216
ord14
ord46
ord219
ord145
ord147
ord301
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ