Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Static task
static1
Behavioral task
behavioral1
Sample
2025-07-02_e5baf237110a4d67ad508c059bb6f1f4_elex_neshta_rhadamanthys_stop.exe
Resource
win10v2004-20250502-en
Target
2025-07-02_e5baf237110a4d67ad508c059bb6f1f4_elex_neshta_rhadamanthys_stop
Size
300KB
MD5
e5baf237110a4d67ad508c059bb6f1f4
SHA1
b58f06573d6305d45c221b7f2534e20cc00ed84c
SHA256
3f704800f5c17fcaf05a3b5695877faf77e52d0ba8f2a7d6b06f164566379e2a
SHA512
e0cfc3f48aabc133d8bb5194fc7ee40342cd359cbf1dba3ab7a475ba507ed58d34fa1a83d463cb745688242b724611fadb5e1b2c1c83e2e0738a6957b63c129b
SSDEEP
6144:j99X/EI1iCBy5NM8L/nAHm8j8ctSRYnqB0V3r60G3yh:d1icy5NMm/nRZ3yh
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
d:\Recent\ATKRelation\ATK Media\DMedia\release\DMedia.pdb
SetEvent
ResetEvent
CreateProcessA
CreateEventA
CreateThread
WaitForMultipleObjects
OpenProcess
Sleep
GetWindowsDirectoryA
GetTickCount
GetCurrentThreadId
SearchPathA
WinExec
GetEnvironmentVariableA
GetVersionExA
LoadLibraryA
FreeLibrary
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
WaitForSingleObject
RtlUnwind
InitializeCriticalSection
GetConsoleMode
GetConsoleCP
SetFilePointer
HeapReAlloc
VirtualAlloc
HeapSize
GetLocaleInfoA
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
OpenEventA
ExpandEnvironmentStringsA
CreateMutexA
OpenMutexA
CloseHandle
CreateFileA
GetLastError
DeviceIoControl
GetCurrentProcess
GetModuleHandleA
GetProcAddress
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
IsWindow
FindWindowA
TranslateMessage
DispatchMessageA
LoadIconA
LoadCursorA
GetMessageA
TranslateAcceleratorA
PostQuitMessage
ShowWindow
IsIconic
wsprintfA
keybd_event
GetThreadDesktop
GetUserObjectInformationA
PeekMessageA
EnumWindows
GetWindowLongA
KillTimer
SetTimer
GetWindowTextA
IsWindowVisible
FindWindowExA
SetFocus
SetForegroundWindow
GetWindowThreadProcessId
GetForegroundWindow
PostMessageA
GetClassNameA
GetSystemMetrics
SendMessageA
DefWindowProcA
RegisterWindowMessageA
CreateWindowExA
RegisterClassExA
CreateWellKnownSid
GetTokenInformation
OpenProcessToken
RegQueryValueExW
RegOpenKeyExW
RegQueryValueExA
RegEnumKeyExA
RegNotifyChangeKeyValue
RegCloseKey
RegOpenKeyExA
CheckTokenMembership
ShellExecuteA
ord680
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitializeEx
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdA
SetupDiDestroyDeviceInfoList
WTSUnRegisterSessionNotification
WTSRegisterSessionNotification
StrRStrIA
PlaySoundA
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ