Extracted

• 2b77d1a84b988d7648580aa4348c2416c485508941b6e60a31b17fe42915beed.exe

  .exe windows:4 windows x86 arch:x86

  08b67a9663d3a8c9505f3b2561bbdd1c

  
  

  Code Sign

  33:00:00:04:39:f6:1f:7a:67:6d:a0:00:af:00:00:00:00:04:39

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  02-09-2021 18:25

  Not After

  01-09-2022 18:25

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0c:52:4c:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  06-07-2010 20:40

  Not After

  06-07-2025 20:50

  Subject

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  33:00:00:02:55:18:1d:a4:2e:e0:86:fc:15:00:00:00:00:02:55

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  02-09-2021 18:33

  Not After

  01-09-2022 18:33

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0e:90:d2:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  08-07-2011 20:59

  Not After

  08-07-2026 21:09

  Subject

  CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  27:28:b5:68:91:5d:5d:35:7b:44:eb:dd:70:ea:37:bf:38:73:04:de:fa:1b:6b:2c:8d:44:c9:14:35:5f:81:41

  Signer

  Actual PE Digest

  27:28:b5:68:91:5d:5d:35:7b:44:eb:dd:70:ea:37:bf:38:73:04:de:fa:1b:6b:2c:8d:44:c9:14:35:5f:81:41

  Digest Algorithm

  sha256

  PE Digest Matches

  false

  27:28:b5:68:91:5d:5d:35:7b:44:eb:dd:70:ea:37:bf:38:73:04:de:fa:1b:6b:2c:8d:44:c9:14:35:5f:81:41

  Signer

  Actual PE Digest

  27:28:b5:68:91:5d:5d:35:7b:44:eb:dd:70:ea:37:bf:38:73:04:de:fa:1b:6b:2c:8d:44:c9:14:35:5f:81:41

  Digest Algorithm

  sha256

  PE Digest Matches

  false

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  wininet

  HttpSendRequestW

  InternetConnectW

  HttpOpenRequestW

  InternetSetPerSiteCookieDecisionW

  InternetOpenUrlW

  InternetAttemptConnect

  InternetOpenW

  InternetReadFile

  InternetClearAllPerSiteCookieDecisions

  InternetCloseHandle

  InternetQueryDataAvailable

  InternetSetOptionW

  shlwapi

  StrStrIW

  PathMatchSpecW

  PathCombineW

  wvnsprintfW

  StrStrIA

  PathRemoveFileSpecW

  kernel32

  TerminateProcess

  GetCurrentProcess

  UnhandledExceptionFilter

  IsDebuggerPresent

  GetVersionExA

  HeapReAlloc

  RtlUnwind

  WideCharToMultiByte

  MultiByteToWideChar

  HeapCreate

  CopyFileW

  CreateThread

  WaitForMultipleObjects

  GetTickCount

  DeleteFileW

  CreateProcessW

  SetUnhandledExceptionFilter

  ExitProcess

  GetLastError

  LoadLibraryW

  GetProcAddress

  Sleep

  VirtualProtect

  GetPrivateProfileIntW

  ExpandEnvironmentStringsW

  GetPrivateProfileStringW

  FindFirstFileW

  SetFilePointer

  SetEndOfFile

  GetVersionExW

  HeapAlloc

  SetWaitableTimer

  SystemTimeToFileTime

  CreateWaitableTimerW

  FindNextFileW

  HeapFree

  ReadFile

  GetModuleFileNameW

  GetFileTime

  WaitForSingleObject

  GetTimeZoneInformation

  CreateFileW

  CloseHandle

  GetFileSizeEx

  VirtualFree

  GetProcessHeap

  GetCurrentDirectoryW

  VirtualAlloc

  VirtualQuery

  GetSystemTime

  GetFileSize

  FindClose

  WriteFile

  GetLocalTime

  GetModuleHandleW

  GetCommandLineW

  user32

  GetWindowLongW

  DispatchMessageW

  GetForegroundWindow

  CharLowerW

  CreateWindowExW

  FindWindowW

  PeekMessageW

  SetForegroundWindow

  GetSystemMetrics

  MessageBoxW

  SetWindowPos

  SetWindowLongW

  SetParent

  advapi32

  RegOpenKeyExW

  RegEnumKeyExW

  RegQueryValueExW

  RegSetValueExW

  RegCreateKeyExW

  RegCloseKey

  shell32

  SHGetFolderPathW

  ole32

  CoCreateInstance

  OleInitialize

  CoInitialize

  oleaut32

  SysFreeString

  VariantInit

  SysAllocString

  VariantClear

  Sections

  .text

  Size: 51KB - Virtual size: 51KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 8KB - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 92KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE