0058b4f69b0e6b9fc2eaca10a9bfb41e72e6cd72a827f8740fefde876194bade

Sharing

Copy URL

Twitter E-mail

General

Target

0058b4f69b0e6b9fc2eaca10a9bfb41e72e6cd72a827f8740fefde876194bade
Size

3.5MB
MD5

74b90774a0caa6fcbf64b07b49282bb5
SHA1

b6dcc5cd9b2723f3e0832508c90f902fbf6dc53e
SHA256

0058b4f69b0e6b9fc2eaca10a9bfb41e72e6cd72a827f8740fefde876194bade
SHA512

eccefe262b4602647a4359ef1696afdfe377d932ed4f279c5dc1481a8a9622fce3fa3c797a244af1f915fc5f3eb26ed9c80fb80fdce8b163af4dfba82cf03b98
SSDEEP

98304:RzSYmyLDZiCrihiaTNuIhvy06Q/0P8X7FM4jpFVO:8YmyLDe5NuIhvZ6w0P4RFjpFU

Score

N/A

Malware Config

Signatures

Files

0058b4f69b0e6b9fc2eaca10a9bfb41e72e6cd72a827f8740fefde876194bade
.7z
PowerISO/423Down.url
.url
PowerISO/App/AppInfo/AppInfo.ini
PowerISO/App/AppInfo/Launcher/Custom.nsh
PowerISO/App/AppInfo/Launcher/PowerISOPortable.ini
PowerISO/App/DefaultData/settings/PowerISO.reg
PowerISO/App/DefaultData/settings/scdemu.sys
.exe windows x86

126620b149c9cfb6b8f0dbcc0cf6de08

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

07-11-2021 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23-05-2006 17:01

Not After

23-05-2016 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

22:7e:fd:f2:28:25:ba:27:05:30:fb:09:d5:2b:32:f8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

27-03-2014 00:00

Not After

25-06-2017 23:59

Subject

CN=Power Software Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Power Software Limited,L=Hong Kong,ST=Hong Kong,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

07-11-2021 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2e:3b:3d:03:63:ac:ec:80:69:9f:4c:bf:1a:5f:09:dd
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

18-12-2015 00:00

Not After

25-06-2017 23:59

Subject

CN=Power Software Limited,O=Power Software Limited,L=Hong Kong,ST=Hong Kong,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23-05-2006 17:01

Not After

23-05-2016 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02-01-2017 00:00

Not After

01-04-2028 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

80:e1:36:45:fa:78:45:e3:8e:1a:55:33:ee:ad:ad:0c:1e:d9:dc:0b:f0:e0:e1:5e:e2:a5:5c:bc:21:b6:ee:a7
Signer

Actual PE Digest

80:e1:36:45:fa:78:45:e3:8e:1a:55:33:ee:ad:ad:0c:1e:d9:dc:0b:f0:e0:e1:5e:e2:a5:5c:bc:21:b6:ee:a7

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Power Software Limited,O=Power Software Limited,L=Hong Kong,ST=Hong Kong,C=HK

07-06-2017 00:36
Valid: false

2e:45:8f:50:53:8d:24:6f:d2:d6:ec:2f:5e:93:ec:54:9f:6d:d4:82
Signer

Actual PE Digest

2e:45:8f:50:53:8d:24:6f:d2:d6:ec:2f:5e:93:ec:54:9f:6d:d4:82

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Power Software Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Power Software Limited,L=Hong Kong,ST=Hong Kong,C=HK

07-06-2017 00:36
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ZwClose
ZwMakeTemporaryObject
ZwCreateDirectoryObject
RtlInitUnicodeString
KeSetEvent
ObReferenceObjectByHandle
PsCreateSystemThread
KeInitializeEvent
KeInitializeSpinLock
IoDeleteDevice
IoCreateSymbolicLink
IoCreateDevice
swprintf
IoDeleteSymbolicLink
ExFreePool
SeTokenType
ObfDereferenceObject
KeWaitForSingleObject
IofCompleteRequest
ExfInterlockedInsertTailList
SeCreateClientSecurity
KeGetCurrentThread
ExAllocatePoolWithTag
MmMapLockedPagesSpecifyCache
PsRevertToSelf
SeImpersonateClient
ExfInterlockedRemoveHeadList
PsTerminateSystemThread
KeSetPriorityThread
KeQueryPriorityThread
_alldiv
_allshr
_aullshr
ZwDeleteKey
ZwEnumerateKey
ZwEnumerateValueKey
ZwOpenKey
RtlWriteRegistryValue
RtlDeleteRegistryValue
RtlCreateRegistryKey
wcschr
wcsstr
wcslen
ZwQueryInformationFile
ZwCreateFile
_allmul
ZwReadFile
_allrem
KeTickCount
wcscpy
_wcsicmp
strncmp
wcscat
wcsrchr
wcscmp
_wcslwr
_aulldiv
_allshl

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 288B - Virtual size: 286B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PowerISO/App/DefaultData/settings/scdemu64.sys
.exe windows x64

8cc86026769dacc3439639a1321b72f8

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

07-11-2021 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23-05-2006 17:01

Not After

23-05-2016 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

22:7e:fd:f2:28:25:ba:27:05:30:fb:09:d5:2b:32:f8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

27-03-2014 00:00

Not After

25-06-2017 23:59

Subject

CN=Power Software Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Power Software Limited,L=Hong Kong,ST=Hong Kong,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

07-11-2021 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2e:3b:3d:03:63:ac:ec:80:69:9f:4c:bf:1a:5f:09:dd
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

18-12-2015 00:00

Not After

25-06-2017 23:59

Subject

CN=Power Software Limited,O=Power Software Limited,L=Hong Kong,ST=Hong Kong,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23-05-2006 17:01

Not After

23-05-2016 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02-01-2017 00:00

Not After

01-04-2028 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

ce:2b:8e:70:8d:7d:3e:3c:43:a2:96:1f:ac:31:2b:c3:a1:e9:f1:53:d1:3a:00:ac:d8:20:5a:03:5e:55:36:09
Signer

Actual PE Digest

ce:2b:8e:70:8d:7d:3e:3c:43:a2:96:1f:ac:31:2b:c3:a1:e9:f1:53:d1:3a:00:ac:d8:20:5a:03:5e:55:36:09

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Power Software Limited,O=Power Software Limited,L=Hong Kong,ST=Hong Kong,C=HK

07-06-2017 00:36
Valid: false

5f:3b:82:84:ec:7f:8e:3e:1d:ce:7e:1d:dc:9e:3d:64:0e:45:32:16
Signer

Actual PE Digest

5f:3b:82:84:ec:7f:8e:3e:1d:ce:7e:1d:dc:9e:3d:64:0e:45:32:16

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Power Software Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Power Software Limited,L=Hong Kong,ST=Hong Kong,C=HK

07-06-2017 00:36
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntoskrnl.exe

IoDeleteDevice
IoDeleteSymbolicLink
RtlInitUnicodeString
swprintf
ExFreePoolWithTag
SeTokenType
ObfDereferenceObject
KeWaitForSingleObject
KeSetEvent
IofCompleteRequest
ExInterlockedInsertTailList
MmMapLockedPagesSpecifyCache
ZwClose
SeCreateClientSecurity
ExAllocatePoolWithTag
PsRevertToSelf
SeImpersonateClient
ExInterlockedRemoveHeadList
PsTerminateSystemThread
KeSetPriorityThread
KeQueryPriorityThread
ObReferenceObjectByHandle
PsCreateSystemThread
KeInitializeEvent
IoCreateSymbolicLink
IoCreateDevice
ZwMakeTemporaryObject
ZwCreateDirectoryObject
ZwDeleteKey
ZwEnumerateKey
ZwEnumerateValueKey
ZwOpenKey
RtlWriteRegistryValue
RtlDeleteRegistryValue
RtlCreateRegistryKey
wcschr
wcsstr
ZwQueryInformationFile
ZwCreateFile
ZwReadFile
_wcsicmp
strncmp
wcsrchr
_wcslwr
KeBugCheckEx

Sections

.text
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PowerISO/App/PowerISO64/7z-x64.dll
.dll windows x64

4a683d6f78cddf7c7cda44d5a4669025

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

oleaut32

SysStringLen
VariantClear
VariantCopy
SysAllocString
SysAllocStringByteLen
SysFreeString
SysAllocStringLen

user32

CharUpperW
CharPrevExA

advapi32

SystemFunction036

msvcrt

strcat
strcpy
realloc
memset
free
malloc
__CxxFrameHandler
strlen
strchr
strstr
wcscmp
strcmp
memmove
_CxxThrowException
memcpy
memcmp
_purecall
exit
__C_specific_handler
_beginthreadex
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
__dllonexit
_onexit
_initterm

kernel32

InitializeCriticalSection
ReleaseSemaphore
CreateSemaphoreW
ResetEvent
Sleep
CreateEventW
SetThreadAffinityMask
ResumeThread
WaitForSingleObject
SetEvent
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
QueryPerformanceCounter
GetOEMCP
DeleteCriticalSection
LocalFileTimeToFileTime
WaitForMultipleObjects
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
FileTimeToDosDateTime
DosDateTimeToFileTime
GlobalMemoryStatusEx
GetSystemInfo
GetCurrentProcess
GetProcessAffinityMask
FileTimeToLocalFileTime
FileTimeToSystemTime
CompareFileTime
GetLastError
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
GetProcAddress
GetModuleHandleW
GetCurrentProcessId
GetTickCount
GetCurrentThreadId
GetModuleHandleA

Exports

Exports

CreateDecoder
CreateEncoder
CreateObject
GetHandlerProperty
GetHandlerProperty2
GetHashers
GetIsArc
GetMethodProperty
GetNumberOfFormats
GetNumberOfMethods
SetCaseSensitive
SetCodecs
SetLargePageMode

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 340KB - Virtual size: 339KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PowerISO/App/PowerISO64/Lang/Arabic.lng
PowerISO/App/PowerISO64/Lang/Armenian.lng
PowerISO/App/PowerISO64/Lang/Azerbaijani.lng
PowerISO/App/PowerISO64/Lang/Belarusian.lng
PowerISO/App/PowerISO64/Lang/Bosnian.lng
PowerISO/App/PowerISO64/Lang/Dutch.lng
PowerISO/App/PowerISO64/Lang/Farsi.lng
PowerISO/App/PowerISO64/Lang/Finnish.lng
PowerISO/App/PowerISO64/Lang/Greek.lng
PowerISO/App/PowerISO64/Lang/Hungarian.lng
PowerISO/App/PowerISO64/Lang/Indonesian.lng
PowerISO/App/PowerISO64/Lang/Japanese.lng
PowerISO/App/PowerISO64/Lang/Korean.lng
PowerISO/App/PowerISO64/Lang/Lithuanian.lng
PowerISO/App/PowerISO64/Lang/Romanian.lng
PowerISO/App/PowerISO64/Lang/Russian.lng
PowerISO/App/PowerISO64/Lang/Serbian(cyrl).lng
PowerISO/App/PowerISO64/Lang/SimpChinese.lng
PowerISO/App/PowerISO64/Lang/Slovak.lng
PowerISO/App/PowerISO64/Lang/Swedish.lng
PowerISO/App/PowerISO64/Lang/Thai.lng
PowerISO/App/PowerISO64/Lang/Turkish.lng
PowerISO/App/PowerISO64/Lang/Ukrainian.lng
PowerISO/App/PowerISO64/Lang/Urdu(Pakistan).lng
PowerISO/App/PowerISO64/Lang/Vietnamese.lng
PowerISO/App/PowerISO64/Lang/croatian.lng
PowerISO/App/PowerISO64/Lang/danish.lng
PowerISO/App/PowerISO64/Lang/french.lng
PowerISO/App/PowerISO64/Lang/kazakh.lng
PowerISO/App/PowerISO64/Lang/slovenian.lng
PowerISO/App/PowerISO64/MACDll.DLL
.dll windows x64

5173b83356153baed25f36114d9e31a2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

Sleep
CloseHandle
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
GetFileSize
CreateFileW
DeleteFileW
WideCharToMultiByte
MultiByteToWideChar
FlushFileBuffers
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlUnwindEx
RaiseException
RtlPcToFileHeader
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitProcess
HeapSetInformation
HeapCreate
HeapDestroy
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetACP
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
InitializeCriticalSection
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
LCMapStringA
LCMapStringW
LoadLibraryA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetStdHandle

user32

DispatchMessageW
PeekMessageW
TranslateMessage

Exports

Exports

CompressFile
CompressFileW
ConvertFile
ConvertFileW
DecompressFile
DecompressFileW
FillWaveFormatEx
FillWaveHeader
GetChecksum
GetFieldTagW
GetID3Tag
GetInterfaceCompatibility
GetVersionNumber
RemoveTag
SetFieldTagW
ShowFileInfoDialog
TagFileSimple
VerifyFile
VerifyFileW
c_APECompress_AddData
c_APECompress_Create
c_APECompress_Destroy
c_APECompress_Finish
c_APECompress_GetBufferBytesAvailable
c_APECompress_Kill
c_APECompress_LockBuffer
c_APECompress_Start
c_APECompress_StartW
c_APECompress_UnlockBuffer
c_APEDecompress_Create
c_APEDecompress_CreateW
c_APEDecompress_Destroy
c_APEDecompress_GetData
c_APEDecompress_GetInfo
c_APEDecompress_Seek

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PowerISO/App/PowerISO64/PWRISOSH.dll
.dll regsvr32 windows x64

a4d287b9303de7d98f4f607103a2e826

Code Sign

19:ea:4d:af:08:95:70:86:14:08:e9:f0:5e:fd:9b:89
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

20-01-2020 00:00

Not After

15-03-2023 23:59

Subject

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23-12-2017 00:00

Not After

22-03-2029 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

19:ea:4d:af:08:95:70:86:14:08:e9:f0:5e:fd:9b:89
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

20-01-2020 00:00

Not After

15-03-2023 23:59

Subject

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23-12-2017 00:00

Not After

22-03-2029 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

cf:4d:99:19:66:96:0b:22:b1:19:d2:64:22:db:a7:85:5f:d7:de:8f:5d:f6:6d:94:0d:1f:c7:60:e2:fe:09:16
Signer

Actual PE Digest

cf:4d:99:19:66:96:0b:22:b1:19:d2:64:22:db:a7:85:5f:d7:de:8f:5d:f6:6d:94:0d:1f:c7:60:e2:fe:09:16

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

01-09-2022 09:10
Valid: false

d8:d3:1a:3b:2a:de:b2:92:f2:52:9d:26:68:86:3a:e2:26:c8:61:4d
Signer

Actual PE Digest

d8:d3:1a:3b:2a:de:b2:92:f2:52:9d:26:68:86:3a:e2:26:c8:61:4d

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

01-09-2022 09:10
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

ExitProcess
GetLogicalDrives
DeviceIoControl
DefineDosDeviceW
QueryDosDeviceW
GetLastError
GetVolumeInformationW
GetDriveTypeW
ReadFile
GetFileSize
GetSystemDefaultLangID
lstrcpynW
lstrlenW
lstrcpyW
GetTempPathW
GetTempFileNameW
DeleteFileW
GetModuleHandleW
GetCurrentProcess
GetVersionExW
GetProcessHeap
HeapAlloc
HeapFree
GetModuleFileNameW
GetFileAttributesW
MultiByteToWideChar
WideCharToMultiByte
GetTickCount
CreateEventW
CreateProcessW
Sleep
WaitForSingleObject
CreateFileW
LoadLibraryW
GetProcAddress
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
WriteFile
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GlobalDeleteAtom
GlobalAlloc
lstrcmpW
GlobalLock
GetCurrentThread
SetLastError
lstrlenA
GetModuleHandleA
GlobalUnlock
LocalFree
FreeResource
LockResource
LoadResource
FindResourceW
GlobalFree
GetVersionExA
lstrcatW
FreeLibrary
GlobalFindAtomW
GlobalAddAtomW
GetVersion
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
SetErrorMode
WritePrivateProfileStringW
GlobalFlags
GetProcessVersion
FlushFileBuffers
RtlUnwindEx
GetCommandLineA
RaiseException
RtlPcToFileHeader
HeapSize
HeapReAlloc
LCMapStringA
LCMapStringW
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSetInformation
HeapCreate
HeapDestroy
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetACP
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
SetFilePointer
CloseHandle
CreateThread
lstrcmpiW
MulDiv
FindFirstFileW
FindNextFileW
UnhandledExceptionFilter
FindClose
LoadLibraryA

user32

SetWindowsHookExW
GetMenuCheckMarkDimensions
EnableMenuItem
GetMenuState
ModifyMenuW
GetNextDlgTabItem
GetFocus
UnhookWindowsHookEx
TabbedTextOutW
GrayStringW
BeginPaint
EndPaint
CopyRect
IsWindow
EndDialog
GetDlgItem
DestroyWindow
CreateDialogIndirectParamW
SetActiveWindow
SendDlgItemMessageW
IsDialogMessageW
SetWindowTextW
GetWindowTextW
GetDlgCtrlID
MoveWindow
ShowWindow
SetFocus
SetWindowPos
GetWindow
GetWindowPlacement
IsIconic
SystemParametersInfoA
CallWindowProcW
DefWindowProcW
RegisterClassW
GetClassInfoW
GetMenuItemID
GetSubMenu
CallNextHookEx
AdjustWindowRectEx
GetMenu
UpdateWindow
MapWindowPoints
GetForegroundWindow
GetTopWindow
SetWindowLongPtrW
GetMessagePos
GetMessageTime
GetWindowLongPtrW
SendDlgItemMessageA
RemovePropW
GetPropW
SetPropW
CreateWindowExW
WinHelpW
GetCapture
RegisterWindowMessageW
UnregisterClassW
GetSysColorBrush
LoadCursorW
LoadStringW
DestroyMenu
ValidateRect
GetActiveWindow
GetMessageW
PeekMessageW
GetCursorPos
MessageBoxW
GetLastActivePopup
IsWindowEnabled
SetCursor
PostMessageW
PostQuitMessage
MessageBoxA
SetForegroundWindow
GetWindowLongW
GetParent
MessageBoxIndirectW
ReleaseDC
DrawTextW
GetDC
TranslateMessage
DispatchMessageW
GetKeyState
wsprintfW
LoadIconW
CreateMenu
InsertMenuW
DeleteMenu
SetMenuItemBitmaps
InsertMenuItemW
GetMenuItemCount
GetMenuStringW
LoadBitmapW
GetSystemMetrics
SetRect
DrawIconEx
DestroyIcon
GetIconInfo
SendMessageW
KillTimer
SetTimer
EnableWindow
GetClassNameW
GetSysColor
IsWindowVisible
GetClientRect
PtInRect
SetMenuItemInfoW
CheckMenuItem
BroadcastSystemMessage
FindWindowW
ScreenToClient
ClientToScreen
GetDesktopWindow
GetWindowRect

advapi32

RegQueryValueExA
RegCreateKeyExA
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegCloseKey

shell32

ShellExecuteExW
DragQueryFileW
SHChangeNotify

ole32

StringFromIID
CoGetMalloc
ReleaseStgMedium

gdi32

CreateBitmap
RestoreDC
SetBkColor
SetBkMode
SetTextColor
SaveDC
SetMapMode
GetClipBox
GetBitmapBits
SetBitmapBits
SelectObject
GetDIBits
GetObjectW
CreateDIBSection
GetStockObject
CreateSolidBrush
DeleteObject
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetDeviceCaps
DeleteDC
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap

comdlg32

GetOpenFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

comctl32

ord17

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PowerISO/App/PowerISO64/PWRISOSH64.dll
.dll regsvr32 windows x64

a4d287b9303de7d98f4f607103a2e826

Code Sign

19:ea:4d:af:08:95:70:86:14:08:e9:f0:5e:fd:9b:89
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

20-01-2020 00:00

Not After

15-03-2023 23:59

Subject

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23-12-2017 00:00

Not After

22-03-2029 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

19:ea:4d:af:08:95:70:86:14:08:e9:f0:5e:fd:9b:89
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

20-01-2020 00:00

Not After

15-03-2023 23:59

Subject

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23-12-2017 00:00

Not After

22-03-2029 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

cf:4d:99:19:66:96:0b:22:b1:19:d2:64:22:db:a7:85:5f:d7:de:8f:5d:f6:6d:94:0d:1f:c7:60:e2:fe:09:16
Signer

Actual PE Digest

cf:4d:99:19:66:96:0b:22:b1:19:d2:64:22:db:a7:85:5f:d7:de:8f:5d:f6:6d:94:0d:1f:c7:60:e2:fe:09:16

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

01-09-2022 09:10
Valid: false

d8:d3:1a:3b:2a:de:b2:92:f2:52:9d:26:68:86:3a:e2:26:c8:61:4d
Signer

Actual PE Digest

d8:d3:1a:3b:2a:de:b2:92:f2:52:9d:26:68:86:3a:e2:26:c8:61:4d

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

01-09-2022 09:10
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

ExitProcess
GetLogicalDrives
DeviceIoControl
DefineDosDeviceW
QueryDosDeviceW
GetLastError
GetVolumeInformationW
GetDriveTypeW
ReadFile
GetFileSize
GetSystemDefaultLangID
lstrcpynW
lstrlenW
lstrcpyW
GetTempPathW
GetTempFileNameW
DeleteFileW
GetModuleHandleW
GetCurrentProcess
GetVersionExW
GetProcessHeap
HeapAlloc
HeapFree
GetModuleFileNameW
GetFileAttributesW
MultiByteToWideChar
WideCharToMultiByte
GetTickCount
CreateEventW
CreateProcessW
Sleep
WaitForSingleObject
CreateFileW
LoadLibraryW
GetProcAddress
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
WriteFile
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GlobalDeleteAtom
GlobalAlloc
lstrcmpW
GlobalLock
GetCurrentThread
SetLastError
lstrlenA
GetModuleHandleA
GlobalUnlock
LocalFree
FreeResource
LockResource
LoadResource
FindResourceW
GlobalFree
GetVersionExA
lstrcatW
FreeLibrary
GlobalFindAtomW
GlobalAddAtomW
GetVersion
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
SetErrorMode
WritePrivateProfileStringW
GlobalFlags
GetProcessVersion
FlushFileBuffers
RtlUnwindEx
GetCommandLineA
RaiseException
RtlPcToFileHeader
HeapSize
HeapReAlloc
LCMapStringA
LCMapStringW
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSetInformation
HeapCreate
HeapDestroy
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetACP
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
SetFilePointer
CloseHandle
CreateThread
lstrcmpiW
MulDiv
FindFirstFileW
FindNextFileW
UnhandledExceptionFilter
FindClose
LoadLibraryA

user32

SetWindowsHookExW
GetMenuCheckMarkDimensions
EnableMenuItem
GetMenuState
ModifyMenuW
GetNextDlgTabItem
GetFocus
UnhookWindowsHookEx
TabbedTextOutW
GrayStringW
BeginPaint
EndPaint
CopyRect
IsWindow
EndDialog
GetDlgItem
DestroyWindow
CreateDialogIndirectParamW
SetActiveWindow
SendDlgItemMessageW
IsDialogMessageW
SetWindowTextW
GetWindowTextW
GetDlgCtrlID
MoveWindow
ShowWindow
SetFocus
SetWindowPos
GetWindow
GetWindowPlacement
IsIconic
SystemParametersInfoA
CallWindowProcW
DefWindowProcW
RegisterClassW
GetClassInfoW
GetMenuItemID
GetSubMenu
CallNextHookEx
AdjustWindowRectEx
GetMenu
UpdateWindow
MapWindowPoints
GetForegroundWindow
GetTopWindow
SetWindowLongPtrW
GetMessagePos
GetMessageTime
GetWindowLongPtrW
SendDlgItemMessageA
RemovePropW
GetPropW
SetPropW
CreateWindowExW
WinHelpW
GetCapture
RegisterWindowMessageW
UnregisterClassW
GetSysColorBrush
LoadCursorW
LoadStringW
DestroyMenu
ValidateRect
GetActiveWindow
GetMessageW
PeekMessageW
GetCursorPos
MessageBoxW
GetLastActivePopup
IsWindowEnabled
SetCursor
PostMessageW
PostQuitMessage
MessageBoxA
SetForegroundWindow
GetWindowLongW
GetParent
MessageBoxIndirectW
ReleaseDC
DrawTextW
GetDC
TranslateMessage
DispatchMessageW
GetKeyState
wsprintfW
LoadIconW
CreateMenu
InsertMenuW
DeleteMenu
SetMenuItemBitmaps
InsertMenuItemW
GetMenuItemCount
GetMenuStringW
LoadBitmapW
GetSystemMetrics
SetRect
DrawIconEx
DestroyIcon
GetIconInfo
SendMessageW
KillTimer
SetTimer
EnableWindow
GetClassNameW
GetSysColor
IsWindowVisible
GetClientRect
PtInRect
SetMenuItemInfoW
CheckMenuItem
BroadcastSystemMessage
FindWindowW
ScreenToClient
ClientToScreen
GetDesktopWindow
GetWindowRect

advapi32

RegQueryValueExA
RegCreateKeyExA
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegCloseKey

shell32

ShellExecuteExW
DragQueryFileW
SHChangeNotify

ole32

StringFromIID
CoGetMalloc
ReleaseStgMedium

gdi32

CreateBitmap
RestoreDC
SetBkColor
SetBkMode
SetTextColor
SaveDC
SetMapMode
GetClipBox
GetBitmapBits
SetBitmapBits
SelectObject
GetDIBits
GetObjectW
CreateDIBSection
GetStockObject
CreateSolidBrush
DeleteObject
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetDeviceCaps
DeleteDC
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap

comdlg32

GetOpenFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

comctl32

ord17

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PowerISO/App/PowerISO64/PWRISOVM.exe
.exe windows x64

022c402ae019a280b7ab516c9cca994a

Code Sign

19:ea:4d:af:08:95:70:86:14:08:e9:f0:5e:fd:9b:89
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

20-01-2020 00:00

Not After

15-03-2023 23:59

Subject

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23-12-2017 00:00

Not After

22-03-2029 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

19:ea:4d:af:08:95:70:86:14:08:e9:f0:5e:fd:9b:89
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

20-01-2020 00:00

Not After

15-03-2023 23:59

Subject

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23-12-2017 00:00

Not After

22-03-2029 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

5a:0e:9a:2d:80:e1:81:e5:fb:78:97:13:4a:7d:b1:36:b7:35:27:83:81:55:bf:36:8b:66:15:af:98:77:95:fc
Signer

Actual PE Digest

5a:0e:9a:2d:80:e1:81:e5:fb:78:97:13:4a:7d:b1:36:b7:35:27:83:81:55:bf:36:8b:66:15:af:98:77:95:fc

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

01-09-2022 09:10
Valid: false

25:46:a9:ac:20:4f:75:7d:42:02:4e:c1:af:d5:bd:84:cc:01:01:2e
Signer

Actual PE Digest

25:46:a9:ac:20:4f:75:7d:42:02:4e:c1:af:d5:bd:84:cc:01:01:2e

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

01-09-2022 09:10
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetPrivateProfileIntW
DeleteFileW
GetPrivateProfileStringW
FormatMessageW
LocalFree
MulDiv
FindNextFileW
FindClose
GetSystemDefaultLangID
GetModuleHandleW
GetCurrentProcess
GetVersionExW
GetModuleFileNameW
FindFirstFileW
ReadFile
WriteFile
GetFileSize
SetFilePointer
CloseHandle
CreateThread
lstrcmpiW
GetLastError
QueryDosDeviceW
DefineDosDeviceW
DeviceIoControl
GetLogicalDrives
lstrcpynW
CreateDirectoryW
GetFileAttributesW
SetLastError
MultiByteToWideChar
WideCharToMultiByte
CreateEventW
CreateProcessW
Sleep
WaitForSingleObject
CreateFileW
GetVersion
LoadLibraryW
GetProcAddress
GetTickCount
ExitProcess
LoadLibraryA
SetStdHandle
GetStringTypeW
GetStringTypeA
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GlobalDeleteAtom
GlobalAlloc
lstrcmpW
GlobalLock
lstrlenW
GetCurrentThread
lstrlenA
GetVersionExA
lstrcatW
FreeLibrary
GetModuleHandleA
GlobalFindAtomW
GlobalAddAtomW
FreeResource
LockResource
LoadResource
FindResourceW
GlobalUnlock
GlobalFree
WritePrivateProfileStringW
lstrcpyW
GlobalFlags
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GetProcessVersion
SetErrorMode
FlushFileBuffers
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
RtlUnwindEx
RaiseException
RtlPcToFileHeader
HeapReAlloc
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapSetInformation
HeapCreate
LCMapStringA
LCMapStringW
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetACP
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetLocaleInfoA

user32

UnhookWindowsHookEx
SetCursor
IsWindowEnabled
GetLastActivePopup
MessageBoxW
PeekMessageW
ValidateRect
GetKeyState
DispatchMessageW
TranslateMessage
GetMessageW
GetActiveWindow
CallNextHookEx
SetWindowsHookExW
LoadBitmapW
GetMenuCheckMarkDimensions
GetMenuState
GetNextDlgTabItem
GetFocus
SetMenuItemBitmaps
GetWindow
GetWindowPlacement
IsIconic
SystemParametersInfoA
SetWindowPos
CallWindowProcW
GetDlgCtrlID
GetWindowTextLengthW
GetDlgItem
RegisterClassW
GetClassInfoW
wsprintfW
AdjustWindowRectEx
GetMenu
UpdateWindow
MapWindowPoints
SetActiveWindow
GetForegroundWindow
DestroyWindow
TrackPopupMenu
GetTopWindow
SetWindowLongPtrW
PostQuitMessage
GetMessageTime
GetWindowLongPtrW
SetFocus
IsWindow
SendDlgItemMessageA
SendDlgItemMessageW
RemovePropW
GetPropW
SetPropW
CreateWindowExW
WinHelpW
GetCapture
TabbedTextOutW
GrayStringW
BeginPaint
EndPaint
DestroyMenu
EndDialog
CreateDialogIndirectParamW
GetSubMenu
IsDialogMessageW
MoveWindow
ShowWindow
LoadStringW
GetSysColorBrush
InsertMenuW
GetMenuItemInfoW
GetMenuStringW
GetMenuItemID
GetMenuItemCount
ModifyMenuW
LoadCursorW
LoadIconW
MessageBoxA
DefWindowProcW
PostMessageW
FindWindowW
CopyRect
UnregisterClassW
GetDC
GetMessagePos
GetWindowTextW
SetWindowTextW
SendMessageW
KillTimer
SetTimer
GetClassNameW
IsWindowVisible
GetClientRect
PtInRect
BroadcastSystemMessage
SetMenuItemInfoW
EnableMenuItem
CreatePopupMenu
RegisterWindowMessageW
DestroyIcon
GetSystemMetrics
LoadImageW
GetCursorPos
EnableWindow
CheckMenuItem
ScreenToClient
ClientToScreen
GetDesktopWindow
GetWindowRect
DrawTextW
SystemParametersInfoW
MessageBoxIndirectW
EnumWindows
GetParent
GetWindowLongW
SetForegroundWindow
GetSysColor
LoadMenuW
RemoveMenu
ReleaseDC

advapi32

RegEnumValueW
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegSetValueExW

shell32

SHGetSpecialFolderPathW
Shell_NotifyIconW
SHChangeNotify
ShellExecuteExW

gdi32

DeleteDC
GetStockObject
CreateCompatibleBitmap
DeleteObject
GetTextExtentPoint32W
Rectangle
CreateSolidBrush
CreatePen
SetStretchBltMode
BitBlt
StretchBlt
SetPixel
GetPixel
SelectObject
CreateCompatibleDC
CreateBitmap
GetDeviceCaps
SetBkMode
SetMapMode
RestoreDC
SaveDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
MoveToEx
LineTo
GetObjectW
SetBkColor
SetTextColor
GetClipBox

comdlg32

GetOpenFileNameW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

comctl32

ord17

wininet

InternetConnectW
InternetOpenW
InternetCloseHandle
HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetReadFile
HttpQueryInfoW
InternetAttemptConnect

Sections

.text
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 194KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PowerISO/App/PowerISO64/PowerISO.exe
.exe windows x64

22d95d4d242bb315a227f99d7c5d2fdd

Code Sign

19:ea:4d:af:08:95:70:86:14:08:e9:f0:5e:fd:9b:89
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

20-01-2020 00:00

Not After

15-03-2023 23:59

Subject

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23-12-2017 00:00

Not After

22-03-2029 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

19:ea:4d:af:08:95:70:86:14:08:e9:f0:5e:fd:9b:89
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

20-01-2020 00:00

Not After

15-03-2023 23:59

Subject

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23-12-2017 00:00

Not After

22-03-2029 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

d1:16:25:df:a1:2a:5d:1d:ca:4c:b2:d4:6d:c4:04:cf:da:13:67:96:fb:c5:4b:d9:10:1d:db:b3:b2:59:d9:b8
Signer

Actual PE Digest

d1:16:25:df:a1:2a:5d:1d:ca:4c:b2:d4:6d:c4:04:cf:da:13:67:96:fb:c5:4b:d9:10:1d:db:b3:b2:59:d9:b8

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

01-09-2022 09:10
Valid: false

16:8b:88:02:92:70:bf:ef:5b:f6:39:6e:07:34:96:0b:2a:b3:f9:09
Signer

Actual PE Digest

16:8b:88:02:92:70:bf:ef:5b:f6:39:6e:07:34:96:0b:2a:b3:f9:09

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

01-09-2022 09:10
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

LCMapStringW
LCMapStringA
HeapCreate
HeapSetInformation
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
HeapSize
GetFileType
RtlPcToFileHeader
RaiseException
GetCurrentDirectoryA
HeapReAlloc
RtlUnwindEx
GetStartupInfoW
GetProcessHeap
HeapAlloc
HeapFree
VirtualQuery
GetSystemInfo
VirtualAlloc
SetErrorMode
FindResourceExW
GetTimeZoneInformation
TlsFree
LocalReAlloc
GlobalReAlloc
GlobalFlags
GetProfileIntW
GlobalGetAtomNameW
lstrcpyW
UnlockFile
LockFile
VirtualProtect
GlobalAddAtomW
GlobalFindAtomW
GetModuleHandleA
lstrcatW
GetVersionExA
FreeResource
WritePrivateProfileStringW
lstrlenA
lstrcmpW
GlobalDeleteAtom
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetDateFormatA
GetTimeFormatA
GetStringTypeA
GetStringTypeW
SetStdHandle
GetACP
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetDriveTypeA
CompareStringA
CompareStringW
lstrlenW
GetFileInformationByHandle
MoveFileExW
TlsAlloc
DosDateTimeToFileTime
TlsSetValue
TlsGetValue
GetModuleHandleW
GetVersionExW
RemoveDirectoryW
GetSystemDirectoryW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
WinExec
CopyFileW
GetTempPathW
CreatePipe
DuplicateHandle
GetCurrentDirectoryW
GetModuleFileNameW
GetPrivateProfileIntW
GetPrivateProfileStringW
GlobalSize
SetCurrentDirectoryW
GetCurrentProcessId
OpenEventW
GetLongPathNameW
GetSystemWindowsDirectoryW
ExitThread
CreateProcessW
GetExitCodeProcess
QueryPerformanceFrequency
QueryPerformanceCounter
GetFileTime
GlobalHandle
LoadLibraryExW
LoadLibraryA
FormatMessageW
GetCurrentProcess
GetVersion
GetFullPathNameW
DefineDosDeviceW
SetFileTime
ResetEvent
WriteFile
FlushFileBuffers
QueryDosDeviceW
CreateDirectoryW
SetFileAttributesW
CloseHandle
MoveFileW
SuspendThread
ResumeThread
lstrcmpiW
FreeLibrary
lstrcpynW
GetWindowsDirectoryW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetFileAttributesW
GetThreadPriority
GetFileAttributesExW
GetLogicalDriveStringsW
GetTempFileNameW
SetThreadExecutionState
GetLogicalDrives
LocalAlloc
LocalFree
CreateEventA
DeviceIoControl
GetOverlappedResult
CreateEventW
CreateThread
SetEvent
EnterCriticalSection
LeaveCriticalSection
FindResourceW
LoadResource
LockResource
SizeofResource
MulDiv
GetSystemDefaultLangID
SetFilePointer
GetFileSize
GetCurrentThread
SetThreadPriority
SetEndOfFile
GetTickCount
GetLastError
SetLastError
ReadFile
MultiByteToWideChar
WideCharToMultiByte
FindNextFileW
WaitForSingleObject
Sleep
GetLocaleInfoW
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
LocalFileTimeToFileTime
FindFirstFileW
GetDriveTypeW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLocalTime
FindClose
DeleteFileW
CreateFileW
GetCurrentThreadId
ExitProcess
InitializeCriticalSection
LoadLibraryW
GetProcAddress
CreateMutexW
GetVolumeInformationW
GetDiskFreeSpaceExW
DeleteCriticalSection
GetProcessVersion
SetEnvironmentVariableA

user32

OffsetRect
DrawStateW
CreateIconIndirect
GetClassNameW
OpenClipboard
CloseClipboard
GetDCEx
BeginDeferWindowPos
GetKeyState
GetCapture
GetDesktopWindow
WindowFromPoint
TrackPopupMenuEx
DrawEdge
GetMessagePos
RegisterClipboardFormatW
IsZoomed
SetMenu
GetKeyboardLayout
IsRectEmpty
IntersectRect
CreateCaret
SetCaretPos
HideCaret
ShowCaret
DestroyCaret
DrawIconEx
MessageBoxIndirectW
CharUpperW
GetWindowDC
LoadImageW
ShowScrollBar
FindWindowW
InsertMenuW
RemoveMenu
BroadcastSystemMessage
GetSystemMenu
GetClipboardData
IsClipboardFormatAvailable
EqualRect
ModifyMenuW
EndDeferWindowPos
UnregisterClassW
LoadStringW
SetRect
SetParent
UnpackDDElParam
EmptyClipboard
SetClipboardData
GetIconInfo
ShowWindow
SetFocus
GrayStringW
TabbedTextOutW
DestroyIcon
SystemParametersInfoW
GetScrollInfo
IsWindow
PtInRect
ReleaseCapture
GetFocus
SetCapture
SetMenuDefaultItem
ClientToScreen
CheckMenuRadioItem
GetMenuItemID
EnableMenuItem
CreatePopupMenu
SetWindowsHookExW
CallNextHookEx
SetDlgItemTextW
GetWindowPlacement
MessageBoxW
CopyRect
UnhookWindowsHookEx
MoveWindow
GetClassInfoExW
RegisterClassExW
CreateWindowExW
SetPropW
SetWindowLongPtrW
RemovePropW
GetDlgItem
SetWindowPos
GetParent
InflateRect
DrawFrameControl
GetSysColorBrush
FrameRect
DrawTextW
DrawFocusRect
GetWindowLongPtrW
GetPropW
CallWindowProcW
InvalidateRgn
DefWindowProcW
SetForegroundWindow
PostMessageW
MessageBeep
IsWindowVisible
GetClientRect
IsIconic
DrawIcon
GetSystemMetrics
LockWindowUpdate
GetSysColor
RedrawWindow
LoadBitmapW
FillRect
GetWindowLongW
SetWindowLongW
GetCursorPos
ScreenToClient
SetCursor
LoadCursorW
KillTimer
SetTimer
EnableWindow
GetWindowRect
LoadMenuW
GetMenuStringW
GetMenuItemInfoW
SetMenuItemInfoW
GetDlgCtrlID
SetWindowTextW
EnumChildWindows
GetWindowTextW
InvalidateRect
GetSubMenu
GetMenuItemCount
CheckMenuItem
ReleaseDC
LoadIconW
SendMessageW
UpdateWindow
GetDC
MessageBoxA
PostThreadMessageW
PostQuitMessage
ShowOwnedPopups
IsWindowEnabled
GetLastActivePopup
PeekMessageW
ValidateRect
DispatchMessageW
TranslateMessage
GetMessageW
GetActiveWindow
GetMenuCheckMarkDimensions
GetMenuState
GetNextDlgTabItem
SetMenuItemBitmaps
CheckRadioButton
SendDlgItemMessageW
IsDlgButtonChecked
IsDialogMessageW
GetWindowTextLengthW
wsprintfW
EndDialog
DestroyWindow
CreateDialogIndirectParamW
SetActiveWindow
DestroyMenu
GetWindow
SystemParametersInfoA
RegisterClassW
GetClassInfoW
SetScrollInfo
DeferWindowPos
AdjustWindowRectEx
GetMenu
MapWindowPoints
GetForegroundWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
TrackPopupMenu
GetTopWindow
ScrollWindow
GetMessageTime
IsChild
SendDlgItemMessageA
WinHelpW
RegisterWindowMessageW
BeginPaint
EndPaint
wvsprintfW
SetRectEmpty
GetAsyncKeyState
MapDialogRect
SetCursorPos
DestroyCursor
TranslateAcceleratorW
BringWindowToTop
LoadAcceleratorsW
ReuseDDElParam

advapi32

RegLoadKeyW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
GetTokenInformation
OpenProcessToken
RegSetValueW
LookupAccountNameW
AdjustTokenPrivileges
LookupPrivilegeValueW
SetNamedSecurityInfoW
SetEntriesInAclW
BuildExplicitAccessWithNameW
GetNamedSecurityInfoW
DeleteAce
EqualSid
GetAce
GetAclInformation
RegEnumKeyExW
RegUnLoadKeyW

shell32

SHChangeNotify
ShellExecuteExW
SHGetMalloc
SHGetDesktopFolder
DragQueryFileW
DragFinish
Shell_NotifyIconW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
DragAcceptFiles

gdi32

GetBkColor
GetTextColor
SetBkColor
SetTextColor
ExtTextOutW
CreateSolidBrush
CreateDIBSection
GetObjectW
CreateCompatibleBitmap
StretchBlt
BitBlt
SelectObject
CreateCompatibleDC
DeleteObject
CreateICW
DeleteDC
CreateFontIndirectW
GetDeviceCaps
EnumFontFamiliesExW
ScaleWindowExtEx
GetStockObject
GetTextExtentPoint32W
CreateBitmap
Ellipse
CreateRectRgn
RoundRect
PtVisible
RectVisible
TextOutW
Escape
SetDIBits
GetDIBits
CreateDIBitmap
LineTo
MoveToEx
CreateRectRgnIndirect
SetRectRgn
TranslateCharsetInfo
SetBoundsRect
CopyMetaFileW
LPtoDP
CombineRgn
CreateFontW
GetCharWidthW
StretchDIBits
CreatePatternBrush
GetPixel
SetPixel
SetStretchBltMode
PatBlt
CreatePen
GetTextMetricsW
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetClipBox
Rectangle

comdlg32

GetOpenFileNameW
GetSaveFileNameW
GetFileTitleW
ChooseFontW

winmm

mciSendCommandW
mciGetErrorStringW
waveOutOpen
waveOutGetDevCapsW
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutReset
mixerGetDevCapsW
mixerOpen
mixerGetNumDevs
mixerClose
mixerGetLineControlsW
mixerGetLineInfoW
mixerGetControlDetailsW
mixerSetControlDetails
waveOutClose

rpcrt4

UuidFromStringW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

comctl32

ImageList_Add
CreatePropertySheetPageW
DestroyPropertySheetPage
PropertySheetW
ord17
ImageList_AddMasked
_TrackMouseEvent
ImageList_Create
ImageList_Destroy
ImageList_SetBkColor
ImageList_ReplaceIcon

oledlg

OleUIBusyW

ole32

CoTaskMemFree
OleGetClipboard
CoRevokeClassObject
CoFreeUnusedLibraries
OleUninitialize
PropVariantClear
CoCreateGuid
ReleaseStgMedium
CreateStreamOnHGlobal
CoCreateInstance
CoUninitialize
CoInitialize
OleSetClipboard
OleIsCurrentClipboard
CoLockObjectExternal
RevokeDragDrop
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemAlloc
OleDuplicateData
DoDragDrop
RegisterDragDrop
OleInitialize

oleaut32

OleLoadPicture
SysStringByteLen
VariantClear
SysFreeString
SysAllocString

wininet

HttpQueryInfoW
InternetReadFile
HttpOpenRequestW
HttpAddRequestHeadersW
HttpSendRequestW
InternetCloseHandle
InternetOpenW
InternetConnectW
InternetAttemptConnect

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

TEXT
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 773KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 540KB - Virtual size: 539KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PowerISO/App/PowerISO64/UnRAR64.dll
.dll windows x64

88b50645a872d5c8ec79ac8ab9e6d41f

Code Sign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15-06-2016 00:00

Not After

15-06-2024 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

73:1d:40:ae:3f:3a:1f:b2:bc:3d:83:95
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

25-08-2020 13:42

Not After

26-08-2023 13:42

Subject

CN=win.rar GmbH,O=win.rar GmbH,L=Berlin,ST=Berlin,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-01-2021 00:00

Not After

06-01-2031 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15-06-2016 00:00

Not After

15-06-2024 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

73:1d:40:ae:3f:3a:1f:b2:bc:3d:83:95
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

25-08-2020 13:42

Not After

26-08-2023 13:42

Subject

CN=win.rar GmbH,O=win.rar GmbH,L=Berlin,ST=Berlin,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:00:46:69:50:a6:04:a9:d9:70:e8:1d:d2:4d:41:9f
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

27-05-2021 09:55

Not After

28-06-2032 09:55

Subject

CN=Globalsign TSA for Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

20-02-2019 00:00

Not After

18-03-2029 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18-03-2009 10:00

Not After

18-03-2029 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:48:e0:d5:98:4f:10:d2:d3:8d:36:d1:e1:69:1b:25:51:af:8d:c9:b0:55:62:28:15:11:1d:a3:ad:52:21:a7
Signer

Actual PE Digest

7b:48:e0:d5:98:4f:10:d2:d3:8d:36:d1:e1:69:1b:25:51:af:8d:c9:b0:55:62:28:15:11:1d:a3:ad:52:21:a7

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=win.rar GmbH,O=win.rar GmbH,L=Berlin,ST=Berlin,C=DE

03-03-2022 13:18
Valid: true

Chain 1

CN=win.rar GmbH,O=win.rar GmbH,L=Berlin,ST=Berlin,C=DE

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

45:c8:8d:aa:3e:89:3a:a7:05:c3:2e:f4:49:76:9e:db:f2:74:81:6b
Signer

Actual PE Digest

45:c8:8d:aa:3e:89:3a:a7:05:c3:2e:f4:49:76:9e:db:f2:74:81:6b

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=win.rar GmbH,O=win.rar GmbH,L=Berlin,ST=Berlin,C=DE

03-03-2022 13:18
Valid: true

Chain 1

CN=win.rar GmbH,O=win.rar GmbH,L=Berlin,ST=Berlin,C=DE

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

RemoveDirectoryW
CreateFileW
DeleteFileW
CreateHardLinkW
GetShortPathNameW
GetLongPathNameW
MoveFileW
WriteFile
ReadFile
FlushFileBuffers
SetEndOfFile
SetFilePointer
SetFileAttributesW
GetFileAttributesW
FindClose
FindFirstFileW
FindNextFileW
GetVersionExW
GetCurrentDirectoryW
GetFullPathNameW
FoldStringW
FreeLibrary
GetProcAddress
GetCurrentProcessId
SetThreadPriority
SetThreadExecutionState
CreateEventW
LoadLibraryW
CreateDirectoryW
GetSystemDirectoryW
GetProcessAffinityMask
CreateThread
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreW
GetSystemTime
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
FileTimeToSystemTime
GetCPInfo
IsDBCSLeadByte
MultiByteToWideChar
WideCharToMultiByte
CompareStringW
WriteConsoleW
SetFilePointerEx
HeapSize
GetConsoleCP
GetProcessHeap
CloseHandle
SetFileTime
DeviceIoControl
GetCurrentProcess
GetCommandLineW
Sleep
SetLastError
GetLastError
AreFileApisANSI
GetConsoleMode
GetStdHandle
GetFileType
GetModuleHandleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
SetStdHandle
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
WaitForSingleObjectEx
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
LocalFree
RtlUnwindEx
RtlPcToFileHeader
RaiseException
InterlockedFlushSList
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
QueryPerformanceFrequency
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
HeapFree
HeapAlloc
HeapReAlloc
GetACP
GetStringTypeW
LCMapStringW

user32

OemToCharBuffA
CharLowerW
CharUpperW
CharToOemA
CharToOemBuffW
OemToCharA

advapi32

SetFileSecurityW
CheckTokenMembership
FreeSid
AllocateAndInitializeSid
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken

ole32

CoCreateInstance
CoSetProxyBlanket

oleaut32

VariantClear
SysFreeString
SysAllocString

Exports

Exports

RARCloseArchive
RARGetDllVersion
RAROpenArchive
RAROpenArchiveEx
RARProcessFile
RARProcessFileW
RARReadHeader
RARReadHeaderEx
RARSetCallback
RARSetChangeVolProc
RARSetPassword
RARSetProcessDataProc

Sections

.text
Size: 229KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PowerISO/App/PowerISO64/devcon.exe
.exe windows x64

24129f939da41cc56515e833be608d60

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

__set_app_type
_fmode
_commode
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
exit
_cexit
_exit
_c_exit
_XcptFilter
__C_specific_handler
memset
wprintf
__argc
__wargv
_itow
wcsrchr
_wcsicmp
_wcsnicmp
iswalpha
towupper
towlower
wcschr
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
_iob
fputs
fputws

advapi32

RegQueryValueExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCreateKeyExW
RegDeleteValueW
CloseServiceHandle
OpenServiceW
OpenSCManagerW
RegSetValueExW

kernel32

GetFullPathNameW
GetFileAttributesW
LoadLibraryW
GetProcAddress
FreeLibrary
lstrcpynW
FileTimeToSystemTime
GetTickCount
lstrcpyW
lstrlenW
GetLastError
GetCurrentProcess
CloseHandle
FormatMessageW
LocalFree
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
QueryPerformanceCounter
GetStartupInfoW
GetDateFormatW

user32

LoadStringW
CharNextW
ExitWindowsEx
CharPrevW

setupapi

CM_Get_Res_Des_Data_Size_Ex
CM_Free_Res_Des_Handle
CM_Get_Next_Res_Des_Ex
CM_Free_Log_Conf_Handle
CM_Get_First_Log_Conf_Ex
SetupDiDestroyDriverInfoList
SetupDiGetDriverInfoDetailW
SetupDiOpenDevRegKey
SetupDiEnumDriverInfoW
SetupDiBuildDriverInfoList
SetupDiSetDeviceInstallParamsW
SetupDiGetDeviceInstallParamsW
SetupCloseFileQueue
SetupScanFileQueueW
SetupDiCallClassInstaller
SetupOpenFileQueue
SetupDiSetSelectedDriverW
SetupDiGetDriverInstallParamsW
SetupDiOpenClassRegKeyExW
SetupDiGetClassDescriptionExW
SetupDiClassNameFromGuidExW
SetupDiBuildClassInfoListExW
SetupDiSetClassInstallParamsW
SetupDiSetDeviceRegistryPropertyW
SetupDiCreateDeviceInfoW
SetupDiCreateDeviceInfoList
SetupDiGetINFClassW
CM_Disconnect_Machine
CM_Reenumerate_DevNode_Ex
CM_Locate_DevNode_ExW
CM_Connect_MachineW
CM_Get_Res_Des_Data_Ex
CM_Get_DevNode_Status_Ex
SetupDiClassGuidsFromNameExW
SetupDiCreateDeviceInfoListExW
SetupDiGetClassDevsExW
SetupDiOpenDeviceInfoW
SetupDiGetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList
CM_Get_Device_ID_ExW
SetupDiEnumDeviceInfo
SetupDiGetDeviceInfoListDetailW

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PowerISO/App/PowerISO64/lame_enc.dll
.dll windows x64

f7bb0cc37ee70cbc4854a501494922c5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetPrivateProfileIntA
GetModuleFileNameA
OutputDebugStringA
HeapAlloc
HeapFree
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetProcAddress
GetModuleHandleA
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
HeapSetInformation
HeapCreate
HeapDestroy
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
SetFilePointer
RtlUnwindEx
CloseHandle
WriteFile
GetStdHandle
FlushFileBuffers
DeleteCriticalSection
SetHandleCount
GetFileType
GetStartupInfoA
Sleep
ReadFile
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
GetCPInfo
GetLocaleInfoA
UnhandledExceptionFilter
GetACP
GetOEMCP
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetStdHandle
LoadLibraryA
InitializeCriticalSection
CreateFileW
CreateFileA
SetEndOfFile
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RaiseException

Exports

Exports

beCloseStream
beDeinitStream
beEncodeChunk
beEncodeChunkFloatS16NI
beFlushNoGap
beInitStream
beVersion
beWriteInfoTag
beWriteInfoTagW
beWriteVBRHeader
beWriteVBRHeaderW
id3tag_add_v2
id3tag_init
id3tag_set_album
id3tag_set_artist
id3tag_set_comment
id3tag_set_genre
id3tag_set_title
id3tag_set_track
id3tag_set_year
id3tag_v1_only
id3tag_v2_only
lame_init_bitstream
lame_set_bWriteVbrTag

Sections

.text
Size: 270KB - Virtual size: 269KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

TEXT
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PowerISO/App/PowerISO64/libFLAC.DLL
.dll windows x64

1252f49ffdf6fd762d6afd028aeac45a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
HeapAlloc
HeapFree
HeapReAlloc
GetLastError
MoveFileA
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
GetVersionExA
GetProcessHeap
HeapSetInformation
HeapCreate
HeapDestroy
RtlUnwindEx
RaiseException
SetFilePointer
ReadFile
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
WriteFile
CloseHandle
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
Sleep
ExitProcess
SetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
FlushFileBuffers
GetACP
GetOEMCP
GetCPInfo
CreateFileA
InitializeCriticalSection
CreateFileW
LoadLibraryA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
SetEndOfFile
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA
DeleteFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileAttributesA
GetFileAttributesA
GetFileInformationByHandle
PeekNamedPipe
GetFullPathNameA
GetCurrentDirectoryA

Exports

Exports

FLAC_API_SUPPORTS_OGG_FLAC
FLAC__ChannelAssignmentString
FLAC__ENTROPY_CODING_METHOD_PARTITIONED_RICE2_ESCAPE_PARAMETER
FLAC__ENTROPY_CODING_METHOD_PARTITIONED_RICE2_PARAMETER_LEN
FLAC__ENTROPY_CODING_METHOD_PARTITIONED_RICE_ESCAPE_PARAMETER
FLAC__ENTROPY_CODING_METHOD_PARTITIONED_RICE_ORDER_LEN
FLAC__ENTROPY_CODING_METHOD_PARTITIONED_RICE_PARAMETER_LEN
FLAC__ENTROPY_CODING_METHOD_PARTITIONED_RICE_RAW_LEN
FLAC__ENTROPY_CODING_METHOD_TYPE_LEN
FLAC__EntropyCodingMethodTypeString
FLAC__FRAME_FOOTER_CRC_LEN
FLAC__FRAME_HEADER_BITS_PER_SAMPLE_LEN
FLAC__FRAME_HEADER_BLOCKING_STRATEGY_LEN
FLAC__FRAME_HEADER_BLOCK_SIZE_LEN
FLAC__FRAME_HEADER_CHANNEL_ASSIGNMENT_LEN
FLAC__FRAME_HEADER_CRC_LEN
FLAC__FRAME_HEADER_RESERVED_LEN
FLAC__FRAME_HEADER_SAMPLE_RATE_LEN
FLAC__FRAME_HEADER_SYNC
FLAC__FRAME_HEADER_SYNC_LEN
FLAC__FRAME_HEADER_ZERO_PAD_LEN
FLAC__FrameNumberTypeString
FLAC__MetadataTypeString
FLAC__Metadata_ChainStatusString
FLAC__Metadata_SimpleIteratorStatusString
FLAC__STREAM_METADATA_APPLICATION_ID_LEN
FLAC__STREAM_METADATA_CUESHEET_INDEX_NUMBER_LEN
FLAC__STREAM_METADATA_CUESHEET_INDEX_OFFSET_LEN
FLAC__STREAM_METADATA_CUESHEET_INDEX_RESERVED_LEN
FLAC__STREAM_METADATA_CUESHEET_IS_CD_LEN
FLAC__STREAM_METADATA_CUESHEET_LEAD_IN_LEN
FLAC__STREAM_METADATA_CUESHEET_MEDIA_CATALOG_NUMBER_LEN
FLAC__STREAM_METADATA_CUESHEET_NUM_TRACKS_LEN
FLAC__STREAM_METADATA_CUESHEET_RESERVED_LEN
FLAC__STREAM_METADATA_CUESHEET_TRACK_ISRC_LEN
FLAC__STREAM_METADATA_CUESHEET_TRACK_NUMBER_LEN
FLAC__STREAM_METADATA_CUESHEET_TRACK_NUM_INDICES_LEN
FLAC__STREAM_METADATA_CUESHEET_TRACK_OFFSET_LEN
FLAC__STREAM_METADATA_CUESHEET_TRACK_PRE_EMPHASIS_LEN
FLAC__STREAM_METADATA_CUESHEET_TRACK_RESERVED_LEN
FLAC__STREAM_METADATA_CUESHEET_TRACK_TYPE_LEN
FLAC__STREAM_METADATA_IS_LAST_LEN
FLAC__STREAM_METADATA_LENGTH_LEN
FLAC__STREAM_METADATA_PICTURE_COLORS_LEN
FLAC__STREAM_METADATA_PICTURE_DATA_LENGTH_LEN
FLAC__STREAM_METADATA_PICTURE_DEPTH_LEN
FLAC__STREAM_METADATA_PICTURE_DESCRIPTION_LENGTH_LEN
FLAC__STREAM_METADATA_PICTURE_HEIGHT_LEN
FLAC__STREAM_METADATA_PICTURE_MIME_TYPE_LENGTH_LEN
FLAC__STREAM_METADATA_PICTURE_TYPE_LEN
FLAC__STREAM_METADATA_PICTURE_WIDTH_LEN
FLAC__STREAM_METADATA_SEEKPOINT_FRAME_SAMPLES_LEN
FLAC__STREAM_METADATA_SEEKPOINT_PLACEHOLDER
FLAC__STREAM_METADATA_SEEKPOINT_SAMPLE_NUMBER_LEN
FLAC__STREAM_METADATA_SEEKPOINT_STREAM_OFFSET_LEN
FLAC__STREAM_METADATA_STREAMINFO_BITS_PER_SAMPLE_LEN
FLAC__STREAM_METADATA_STREAMINFO_CHANNELS_LEN
FLAC__STREAM_METADATA_STREAMINFO_MAX_BLOCK_SIZE_LEN
FLAC__STREAM_METADATA_STREAMINFO_MAX_FRAME_SIZE_LEN
FLAC__STREAM_METADATA_STREAMINFO_MD5SUM_LEN
FLAC__STREAM_METADATA_STREAMINFO_MIN_BLOCK_SIZE_LEN
FLAC__STREAM_METADATA_STREAMINFO_MIN_FRAME_SIZE_LEN
FLAC__STREAM_METADATA_STREAMINFO_SAMPLE_RATE_LEN
FLAC__STREAM_METADATA_STREAMINFO_TOTAL_SAMPLES_LEN
FLAC__STREAM_METADATA_TYPE_LEN
FLAC__STREAM_METADATA_VORBIS_COMMENT_ENTRY_LENGTH_LEN
FLAC__STREAM_METADATA_VORBIS_COMMENT_NUM_COMMENTS_LEN
FLAC__STREAM_SYNC
FLAC__STREAM_SYNC_LEN
FLAC__STREAM_SYNC_STRING
FLAC__SUBFRAME_LPC_QLP_COEFF_PRECISION_LEN
FLAC__SUBFRAME_LPC_QLP_SHIFT_LEN
FLAC__SUBFRAME_TYPE_CONSTANT_BYTE_ALIGNED_MASK
FLAC__SUBFRAME_TYPE_FIXED_BYTE_ALIGNED_MASK
FLAC__SUBFRAME_TYPE_LEN
FLAC__SUBFRAME_TYPE_LPC_BYTE_ALIGNED_MASK
FLAC__SUBFRAME_TYPE_VERBATIM_BYTE_ALIGNED_MASK
FLAC__SUBFRAME_WASTED_BITS_FLAG_LEN
FLAC__SUBFRAME_ZERO_PAD_LEN
FLAC__StreamDecoderErrorStatusString
FLAC__StreamDecoderInitStatusString
FLAC__StreamDecoderLengthStatusString
FLAC__StreamDecoderReadStatusString
FLAC__StreamDecoderSeekStatusString
FLAC__StreamDecoderStateString
FLAC__StreamDecoderTellStatusString
FLAC__StreamDecoderWriteStatusString
FLAC__StreamEncoderInitStatusString
FLAC__StreamEncoderSeekStatusString
FLAC__StreamEncoderStateString
FLAC__StreamEncoderTellStatusString
FLAC__StreamEncoderWriteStatusString
FLAC__StreamMetadata_Picture_TypeString
FLAC__SubframeTypeString
FLAC__VENDOR_STRING
FLAC__VERSION_STRING
FLAC__format_cuesheet_is_legal
FLAC__format_picture_is_legal
FLAC__format_sample_rate_is_subset
FLAC__format_sample_rate_is_valid
FLAC__format_seektable_is_legal
FLAC__format_seektable_sort
FLAC__format_vorbiscomment_entry_is_legal
FLAC__format_vorbiscomment_entry_name_is_legal
FLAC__format_vorbiscomment_entry_value_is_legal
FLAC__metadata_chain_check_if_tempfile_needed
FLAC__metadata_chain_delete
FLAC__metadata_chain_merge_padding
FLAC__metadata_chain_new
FLAC__metadata_chain_read
FLAC__metadata_chain_read_ogg
FLAC__metadata_chain_read_ogg_with_callbacks
FLAC__metadata_chain_read_with_callbacks
FLAC__metadata_chain_sort_padding
FLAC__metadata_chain_status
FLAC__metadata_chain_write
FLAC__metadata_chain_write_with_callbacks
FLAC__metadata_chain_write_with_callbacks_and_tempfile
FLAC__metadata_get_cuesheet
FLAC__metadata_get_picture
FLAC__metadata_get_streaminfo
FLAC__metadata_get_tags
FLAC__metadata_get_tagsW
FLAC__metadata_iterator_delete
FLAC__metadata_iterator_delete_block
FLAC__metadata_iterator_get_block
FLAC__metadata_iterator_get_block_type
FLAC__metadata_iterator_init
FLAC__metadata_iterator_insert_block_after
FLAC__metadata_iterator_insert_block_before
FLAC__metadata_iterator_new
FLAC__metadata_iterator_next
FLAC__metadata_iterator_prev
FLAC__metadata_iterator_set_block
FLAC__metadata_object_application_set_data
FLAC__metadata_object_clone
FLAC__metadata_object_cuesheet_calculate_cddb_id
FLAC__metadata_object_cuesheet_delete_track
FLAC__metadata_object_cuesheet_insert_blank_track
FLAC__metadata_object_cuesheet_insert_track
FLAC__metadata_object_cuesheet_is_legal
FLAC__metadata_object_cuesheet_resize_tracks
FLAC__metadata_object_cuesheet_set_track
FLAC__metadata_object_cuesheet_track_clone
FLAC__metadata_object_cuesheet_track_delete
FLAC__metadata_object_cuesheet_track_delete_index
FLAC__metadata_object_cuesheet_track_insert_blank_index
FLAC__metadata_object_cuesheet_track_insert_index
FLAC__metadata_object_cuesheet_track_new
FLAC__metadata_object_cuesheet_track_resize_indices
FLAC__metadata_object_delete
FLAC__metadata_object_is_equal
FLAC__metadata_object_new
FLAC__metadata_object_picture_is_legal
FLAC__metadata_object_picture_set_data
FLAC__metadata_object_picture_set_description
FLAC__metadata_object_picture_set_mime_type
FLAC__metadata_object_seektable_delete_point
FLAC__metadata_object_seektable_insert_point
FLAC__metadata_object_seektable_is_legal
FLAC__metadata_object_seektable_resize_points
FLAC__metadata_object_seektable_set_point
FLAC__metadata_object_seektable_template_append_placeholders
FLAC__metadata_object_seektable_template_append_point
FLAC__metadata_object_seektable_template_append_points
FLAC__metadata_object_seektable_template_append_spaced_points
FLAC__metadata_object_seektable_template_append_spaced_points_by_samples
FLAC__metadata_object_seektable_template_sort
FLAC__metadata_object_vorbiscomment_append_comment
FLAC__metadata_object_vorbiscomment_delete_comment
FLAC__metadata_object_vorbiscomment_entry_from_name_value_pair
FLAC__metadata_object_vorbiscomment_entry_matches
FLAC__metadata_object_vorbiscomment_entry_to_name_value_pair
FLAC__metadata_object_vorbiscomment_find_entry_from
FLAC__metadata_object_vorbiscomment_insert_comment
FLAC__metadata_object_vorbiscomment_remove_entries_matching
FLAC__metadata_object_vorbiscomment_remove_entry_matching
FLAC__metadata_object_vorbiscomment_replace_comment
FLAC__metadata_object_vorbiscomment_resize_comments
FLAC__metadata_object_vorbiscomment_set_comment
FLAC__metadata_object_vorbiscomment_set_vendor_string
FLAC__metadata_simple_iterator_delete
FLAC__metadata_simple_iterator_delete_block
FLAC__metadata_simple_iterator_get_application_id
FLAC__metadata_simple_iterator_get_block
FLAC__metadata_simple_iterator_get_block_length
FLAC__metadata_simple_iterator_get_block_offset
FLAC__metadata_simple_iterator_get_block_type
FLAC__metadata_simple_iterator_init
FLAC__metadata_simple_iterator_insert_block_after
FLAC__metadata_simple_iterator_is_last
FLAC__metadata_simple_iterator_is_writable
FLAC__metadata_simple_iterator_new
FLAC__metadata_simple_iterator_next
FLAC__metadata_simple_iterator_prev
FLAC__metadata_simple_iterator_set_block
FLAC__metadata_simple_iterator_status
FLAC__stream_decoder_delete
FLAC__stream_decoder_finish
FLAC__stream_decoder_flush
FLAC__stream_decoder_get_bits_per_sample
FLAC__stream_decoder_get_blocksize
FLAC__stream_decoder_get_channel_assignment
FLAC__stream_decoder_get_channels
FLAC__stream_decoder_get_decode_position
FLAC__stream_decoder_get_md5_checking
FLAC__stream_decoder_get_resolved_state_string
FLAC__stream_decoder_get_sample_rate
FLAC__stream_decoder_get_state
FLAC__stream_decoder_get_total_samples
FLAC__stream_decoder_init_FILE
FLAC__stream_decoder_init_file
FLAC__stream_decoder_init_fileW
FLAC__stream_decoder_init_ogg_FILE
FLAC__stream_decoder_init_ogg_file
FLAC__stream_decoder_init_ogg_stream
FLAC__stream_decoder_init_stream
FLAC__stream_decoder_new
FLAC__stream_decoder_process_single
FLAC__stream_decoder_process_until_end_of_metadata
FLAC__stream_decoder_process_until_end_of_stream
FLAC__stream_decoder_reset
FLAC__stream_decoder_seek_absolute
FLAC__stream_decoder_set_md5_checking
FLAC__stream_decoder_set_metadata_ignore
FLAC__stream_decoder_set_metadata_ignore_all
FLAC__stream_decoder_set_metadata_ignore_application
FLAC__stream_decoder_set_metadata_respond
FLAC__stream_decoder_set_metadata_respond_all
FLAC__stream_decoder_set_metadata_respond_application
FLAC__stream_decoder_set_ogg_serial_number
FLAC__stream_decoder_skip_single_frame
FLAC__stream_encoder_delete
FLAC__stream_encoder_disable_constant_subframes
FLAC__stream_encoder_disable_fixed_subframes
FLAC__stream_encoder_disable_verbatim_subframes
FLAC__stream_encoder_finish
FLAC__stream_encoder_get_bits_per_sample
FLAC__stream_encoder_get_blocksize
FLAC__stream_encoder_get_channels
FLAC__stream_encoder_get_do_escape_coding
FLAC__stream_encoder_get_do_exhaustive_model_search
FLAC__stream_encoder_get_do_md5
FLAC__stream_encoder_get_do_mid_side_stereo
FLAC__stream_encoder_get_do_qlp_coeff_prec_search
FLAC__stream_encoder_get_loose_mid_side_stereo
FLAC__stream_encoder_get_max_lpc_order
FLAC__stream_encoder_get_max_residual_partition_order
FLAC__stream_encoder_get_min_residual_partition_order
FLAC__stream_encoder_get_qlp_coeff_precision
FLAC__stream_encoder_get_resolved_state_string
FLAC__stream_encoder_get_rice_parameter_search_dist
FLAC__stream_encoder_get_sample_rate
FLAC__stream_encoder_get_state
FLAC__stream_encoder_get_streamable_subset
FLAC__stream_encoder_get_total_samples_estimate
FLAC__stream_encoder_get_verify
FLAC__stream_encoder_get_verify_decoder_error_stats
FLAC__stream_encoder_get_verify_decoder_state
FLAC__stream_encoder_init_FILE
FLAC__stream_encoder_init_file
FLAC__stream_encoder_init_fileW
FLAC__stream_encoder_init_ogg_FILE
FLAC__stream_encoder_init_ogg_file
FLAC__stream_encoder_init_ogg_stream
FLAC__stream_encoder_init_stream
FLAC__stream_encoder_new
FLAC__stream_encoder_process
FLAC__stream_encoder_process_interleaved
FLAC__stream_encoder_set_apodization
FLAC__stream_encoder_set_bits_per_sample
FLAC__stream_encoder_set_blocksize
FLAC__stream_encoder_set_channels
FLAC__stream_encoder_set_compression_level
FLAC__stream_encoder_set_do_escape_coding
FLAC__stream_encoder_set_do_exhaustive_model_search
FLAC__stream_encoder_set_do_md5
FLAC__stream_encoder_set_do_mid_side_stereo
FLAC__stream_encoder_set_do_qlp_coeff_prec_search
FLAC__stream_encoder_set_loose_mid_side_stereo
FLAC__stream_encoder_set_max_lpc_order
FLAC__stream_encoder_set_max_residual_partition_order
FLAC__stream_encoder_set_metadata
FLAC__stream_encoder_set_min_residual_partition_order
FLAC__stream_encoder_set_ogg_serial_number
FLAC__stream_encoder_set_qlp_coeff_precision
FLAC__stream_encoder_set_rice_parameter_search_dist
FLAC__stream_encoder_set_sample_rate
FLAC__stream_encoder_set_streamable_subset
FLAC__stream_encoder_set_total_samples_estimate
FLAC__stream_encoder_set_verify
FLAC__treamEncoderReadStatusString

Sections

.text
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PowerISO/App/PowerISO64/libvorbis.DLL
.dll windows x64

fcc5e6e50eca35124d15b1ab0b3d5015

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
HeapAlloc
HeapFree
HeapReAlloc
ExitProcess
GetProcAddress
GetModuleHandleA
GetCommandLineA
GetVersionExA
GetProcessHeap
HeapSetInformation
HeapCreate
HeapDestroy
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
RtlUnwindEx
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
GetLastError
LCMapStringW
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
RaiseException
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
CloseHandle
ReadFile
Sleep
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WriteFile
InitializeCriticalSection
GetLocaleInfoA
GetCPInfo
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
SetStdHandle
FlushFileBuffers
CreateFileA
CreateFileW
LoadLibraryA
SetEndOfFile

Exports

Exports

_floor_P
_mapping_P
_residue_P
ogg_packet_clear
ogg_page_bos
ogg_page_checksum_set
ogg_page_continued
ogg_page_eos
ogg_page_granulepos
ogg_page_packets
ogg_page_pageno
ogg_page_serialno
ogg_page_version
ogg_stream_clear
ogg_stream_destroy
ogg_stream_eos
ogg_stream_flush
ogg_stream_init
ogg_stream_packetin
ogg_stream_packetout
ogg_stream_packetpeek
ogg_stream_pagein
ogg_stream_pageout
ogg_stream_reset
ogg_stream_reset_serialno
ogg_sync_buffer
ogg_sync_clear
ogg_sync_destroy
ogg_sync_init
ogg_sync_pageout
ogg_sync_pageseek
ogg_sync_reset
ogg_sync_wrote
oggpackB_adv
oggpackB_adv1
oggpackB_bits
oggpackB_bytes
oggpackB_get_buffer
oggpackB_look
oggpackB_look1
oggpackB_read
oggpackB_read1
oggpackB_readinit
oggpackB_reset
oggpackB_write
oggpackB_writealign
oggpackB_writeclear
oggpackB_writecopy
oggpackB_writeinit
oggpackB_writetrunc
oggpack_adv
oggpack_adv1
oggpack_bits
oggpack_bytes
oggpack_get_buffer
oggpack_look
oggpack_look1
oggpack_read
oggpack_read1
oggpack_readinit
oggpack_reset
oggpack_write
oggpack_writealign
oggpack_writeclear
oggpack_writecopy
oggpack_writeinit
oggpack_writetrunc
ov_bitrate
ov_bitrate_instant
ov_clear
ov_comment
ov_crosslap
ov_fopen
ov_fopenW
ov_halfrate
ov_halfrate_p
ov_info
ov_open
ov_open_callbacks
ov_pcm_seek
ov_pcm_seek_lap
ov_pcm_seek_page
ov_pcm_seek_page_lap
ov_pcm_tell
ov_pcm_total
ov_raw_seek
ov_raw_seek_lap
ov_raw_tell
ov_raw_total
ov_read
ov_read_float
ov_seekable
ov_serialnumber
ov_streams
ov_test
ov_test_callbacks
ov_test_open
ov_time_seek
ov_time_seek_lap
ov_time_seek_page
ov_time_seek_page_lap
ov_time_tell
ov_time_total
vorbis_analysis
vorbis_analysis_blockout
vorbis_analysis_buffer
vorbis_analysis_headerout
vorbis_analysis_init
vorbis_analysis_wrote
vorbis_bitrate_addblock
vorbis_bitrate_flushpacket
vorbis_block_clear
vorbis_block_init
vorbis_comment_add
vorbis_comment_add_tag
vorbis_comment_clear
vorbis_comment_init
vorbis_comment_query
vorbis_comment_query_count
vorbis_commentheader_out
vorbis_dsp_clear
vorbis_encode_ctl
vorbis_encode_init
vorbis_encode_init_vbr
vorbis_encode_setup_init
vorbis_encode_setup_managed
vorbis_encode_setup_vbr
vorbis_granule_time
vorbis_info_blocksize
vorbis_info_clear
vorbis_info_init
vorbis_packet_blocksize
vorbis_synthesis
vorbis_synthesis_blockin
vorbis_synthesis_halfrate
vorbis_synthesis_halfrate_p
vorbis_synthesis_headerin
vorbis_synthesis_idheader
vorbis_synthesis_init
vorbis_synthesis_lapout
vorbis_synthesis_pcmout
vorbis_synthesis_read
vorbis_synthesis_restart
vorbis_synthesis_trackonly
vorbis_version_string
vorbis_window

Sections

.text
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

TEXT
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PowerISO/App/PowerISO64/piso.exe
.exe windows x86

4818d48c3807fc5303b8c1c43730d4fa

Code Sign

19:ea:4d:af:08:95:70:86:14:08:e9:f0:5e:fd:9b:89
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

20-01-2020 00:00

Not After

15-03-2023 23:59

Subject

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23-12-2017 00:00

Not After

22-03-2029 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

19:ea:4d:af:08:95:70:86:14:08:e9:f0:5e:fd:9b:89
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

20-01-2020 00:00

Not After

15-03-2023 23:59

Subject

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23-12-2017 00:00

Not After

22-03-2029 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

a2:d8:2a:b0:2d:dc:6d:c1:a0:54:75:46:4f:ec:9a:00:59:63:04:79:36:df:b3:28:4a:11:d3:94:2c:3b:90:47
Signer

Actual PE Digest

a2:d8:2a:b0:2d:dc:6d:c1:a0:54:75:46:4f:ec:9a:00:59:63:04:79:36:df:b3:28:4a:11:d3:94:2c:3b:90:47

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

01-09-2022 09:10
Valid: false

54:d8:9f:7d:58:2d:5f:30:42:49:ec:d9:d0:19:ca:80:85:45:69:1b
Signer

Actual PE Digest

54:d8:9f:7d:58:2d:5f:30:42:49:ec:d9:d0:19:ca:80:85:45:69:1b

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

01-09-2022 09:10
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcirt

??6ostream@@QAEAAV0@PBD@Z
?cout@@3Vostream_withassign@@A
?cerr@@3Vostream_withassign@@A
?flush@@YAAAVostream@@AAV1@@Z

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
_splitpath
strchr
printf
sprintf

kernel32

GetConsoleMode
CreateMutexA
CreateNamedPipeA
CloseHandle
GetCurrentDirectoryA
CreateProcessA
ResumeThread
WaitForSingleObject
Sleep
GetExitCodeProcess
GetStdHandle
WriteFile
ConnectNamedPipe
ReadFile
CreateThread
SetConsoleMode

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PowerISO/App/PowerISO64/setup64.exe
.exe windows x64

f40095f40192b72a4724ee8f537ca1d9

Code Sign

19:ea:4d:af:08:95:70:86:14:08:e9:f0:5e:fd:9b:89
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

20-01-2020 00:00

Not After

15-03-2023 23:59

Subject

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23-12-2017 00:00

Not After

22-03-2029 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

19:ea:4d:af:08:95:70:86:14:08:e9:f0:5e:fd:9b:89
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

20-01-2020 00:00

Not After

15-03-2023 23:59

Subject

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23-12-2017 00:00

Not After

22-03-2029 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

ea:05:53:36:f9:3f:2e:4a:dc:d0:c3:70:57:62:b3:cc:af:4f:c8:b8:8c:21:81:bc:9c:fe:de:0d:b5:b2:6a:bd
Signer

Actual PE Digest

ea:05:53:36:f9:3f:2e:4a:dc:d0:c3:70:57:62:b3:cc:af:4f:c8:b8:8c:21:81:bc:9c:fe:de:0d:b5:b2:6a:bd

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

01-09-2022 09:10
Valid: false

e8:1e:fc:88:b6:29:84:35:95:e1:0f:1e:be:93:d7:14:6f:6d:ef:da
Signer

Actual PE Digest

e8:1e:fc:88:b6:29:84:35:95:e1:0f:1e:be:93:d7:14:6f:6d:ef:da

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

01-09-2022 09:10
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

ExitProcess
MoveFileExA
DeleteFileA
GetTempFileNameA
CopyFileA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PowerISO/PWRISOVMPortable.exe
.exe windows x86

32f3282581436269b3a75b6675fe3e08

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
CloseHandle
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpA
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
lstrlenA
MulDiv
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcpynA

user32

GetAsyncKeyState
IsDlgButtonChecked
ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
wvsprintfW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
FindWindowExW

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 415KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 516KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PowerISO/PowerISOPortable.exe
.exe windows x86

32f3282581436269b3a75b6675fe3e08

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
CloseHandle
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpA
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
lstrlenA
MulDiv
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcpynA

user32

GetAsyncKeyState
IsDlgButtonChecked
ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
wvsprintfW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
FindWindowExW

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 415KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PowerISO/PowerISOPortable.ini

Sharing

General

Malware Config

Signatures

Files

126620b149c9cfb6b8f0dbcc0cf6de08

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fdCertificate

Extended Key Usages

Key Usages

61:0c:12:06:00:00:00:00:00:1bCertificate

Key Usages

22:7e:fd:f2:28:25:ba:27:05:30:fb:09:d5:2b:32:f8Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fdCertificate

Extended Key Usages

Key Usages

2e:3b:3d:03:63:ac:ec:80:69:9f:4c:bf:1a:5f:09:ddCertificate

Extended Key Usages

Key Usages

61:0c:12:06:00:00:00:00:00:1bCertificate

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6Certificate

Extended Key Usages

Key Usages

80:e1:36:45:fa:78:45:e3:8e:1a:55:33:ee:ad:ad:0c:1e:d9:dc:0b:f0:e0:e1:5e:e2:a5:5c:bc:21:b6:ee:a7Signer

Signature Validations

Verification

07-06-2017 00:36 Valid: false

2e:45:8f:50:53:8d:24:6f:d2:d6:ec:2f:5e:93:ec:54:9f:6d:d4:82Signer

Signature Validations

Verification

07-06-2017 00:36 Valid: false

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 66KB - Virtual size: 66KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 23KB - Virtual size: 23KB

PAGE Size: 288B - Virtual size: 286B

INIT Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 1016B

.reloc Size: 2KB - Virtual size: 2KB

8cc86026769dacc3439639a1321b72f8

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fdCertificate

Extended Key Usages

Key Usages

61:0c:12:06:00:00:00:00:00:1bCertificate

Key Usages

22:7e:fd:f2:28:25:ba:27:05:30:fb:09:d5:2b:32:f8Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

61:0c:12:06:00:00:00:00:00:1b
Certificate

22:7e:fd:f2:28:25:ba:27:05:30:fb:09:d5:2b:32:f8
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

2e:3b:3d:03:63:ac:ec:80:69:9f:4c:bf:1a:5f:09:dd
Certificate

61:0c:12:06:00:00:00:00:00:1b
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

80:e1:36:45:fa:78:45:e3:8e:1a:55:33:ee:ad:ad:0c:1e:d9:dc:0b:f0:e0:e1:5e:e2:a5:5c:bc:21:b6:ee:a7
Signer

07-06-2017 00:36
Valid: false

2e:45:8f:50:53:8d:24:6f:d2:d6:ec:2f:5e:93:ec:54:9f:6d:d4:82
Signer

07-06-2017 00:36
Valid: false

.text
Size: 66KB - Virtual size: 66KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 23KB - Virtual size: 23KB

PAGE
Size: 288B - Virtual size: 286B

INIT
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 1016B

.reloc
Size: 2KB - Virtual size: 2KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

61:0c:12:06:00:00:00:00:00:1b
Certificate

22:7e:fd:f2:28:25:ba:27:05:30:fb:09:d5:2b:32:f8
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

2e:3b:3d:03:63:ac:ec:80:69:9f:4c:bf:1a:5f:09:dd
Certificate

61:0c:12:06:00:00:00:00:00:1b
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

ce:2b:8e:70:8d:7d:3e:3c:43:a2:96:1f:ac:31:2b:c3:a1:e9:f1:53:d1:3a:00:ac:d8:20:5a:03:5e:55:36:09
Signer

07-06-2017 00:36
Valid: false

5f:3b:82:84:ec:7f:8e:3e:1d:ce:7e:1d:dc:9e:3d:64:0e:45:32:16
Signer

07-06-2017 00:36
Valid: false

.text
Size: 91KB - Virtual size: 90KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 23KB

.pdata
Size: 4KB - Virtual size: 4KB

PAGE
Size: 512B - Virtual size: 448B

INIT
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 1016B

.reloc
Size: 512B - Virtual size: 264B

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 340KB - Virtual size: 339KB

.data
Size: 1KB - Virtual size: 35KB

.pdata
Size: 76KB - Virtual size: 75KB

.rsrc
Size: 99KB - Virtual size: 98KB

.reloc
Size: 13KB - Virtual size: 13KB

.text
Size: 111KB - Virtual size: 111KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 5KB - Virtual size: 13KB

.pdata
Size: 8KB - Virtual size: 8KB