0916后门x2[.]7z

Sharing

Copy URL Twitter E-mail

General

Target

0916后门x2.7z
Size

1.7MB
MD5

f2e364d071ba2e50194ce26375965017
SHA1

2b2cb48c989cd918d11904505d32477d93b4ff38
SHA256

fd24ab4a166b45addf500ca36d9debdacbbed6c45c041cb4fb452aaee778b153
SHA512

c89deaae0d4ba1cb1b8116443218538fc99db8792f032fa3afb6477d4a4f66e1ed0230d91230bff92b271c78624bb8873400c2ada52d06ad5334ca15b95d3437
SSDEEP

49152:LboVZIYhcx+3uOoSS93G68iJTm1E/Wzep7Hcd+celSo:HoVrhAhSSE68iJA3MHc0cef

Score

N/A

Malware Config

Signatures

Files

0916后门x2.7z
.7z

Password: infected
点击安装(飞机)简体中文语言包_v34.exe
.exe windows x64

Password: infected

b43c27dfb1422a5cbd36865ca02432ae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetTimeZoneInformation
LCMapStringW
ExitProcess
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
GetConsoleMode
FindNextFileW
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
GetCommandLineW
GetCommandLineA
RtlPcToFileHeader
RtlUnwindEx
RaiseException
OutputDebugStringW
GetConsoleOutputCP
SetFilePointerEx
VirtualQuery
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
WriteConsoleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
FindFirstFileExW
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
ResetEvent
FindResourceExW
GetTempFileNameW
GetWindowsDirectoryW
SearchPathW
GetProfileIntW
GetTickCount64
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
FileTimeToSystemTime
GlobalGetAtomNameW
GetTempPathW
SetFilePointer
GetFileSize
GetFileAttributesW
CreateFileW
GetThreadLocale
DeleteFileW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
CompareStringW
GlobalFindAtomW
GetSystemDirectoryW
EncodePointer
GlobalAddAtomW
ResumeThread
SetThreadPriority
CreateEventW
SetEvent
CloseHandle
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalSize
GetCurrentProcessId
VerifyVersionInfoW
VerSetConditionMask
GlobalUnlock
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetModuleHandleW
GetProcAddress
lstrcpyW
GlobalFree
WideCharToMultiByte
MultiByteToWideChar
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryW
LoadLibraryExW
GetModuleHandleExW
FreeLibrary
GetVersionExW
GetCurrentThreadId
GetCurrentThread
SetLastError
OutputDebugStringA
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
FindResourceW
LoadResource
LockResource
VirtualAlloc
SizeofResource
Sleep
GetLastError
GetModuleFileNameW
VirtualFree
WaitForSingleObject
CreateThread
VirtualProtect
GetSystemInfo

user32

GetNextDlgGroupItem
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableW
CharNextW
KillTimer
SetTimer
RealChildWindowFromPoint
DeleteMenu
CopyImage
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
EqualRect
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
GetClassNameW
InvalidateRect
UpdateWindow
SetCursor
ShowOwnedPopups
ValidateRect
GetKeyState
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
PtInRect
GetCursorPos
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
RemoveMenu
OpenClipboard
CloseClipboard
SetClipboardData
GetKeyboardLayout
LoadIconW
SendMessageW
IsIconic
GetSystemMetrics
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
GetLastActivePopup
GetWindowThreadProcessId
MessageBoxW
EnumDisplayMonitors
GetMonitorInfoW
SystemParametersInfoW
LoadCursorW
CopyRect
SetRectEmpty
SetLayeredWindowAttributes
GetClassInfoW
EmptyClipboard
DestroyIcon
LoadImageW
SetParent
MonitorFromPoint
TrackMouseEvent
IsZoomed
CharUpperW
GetAsyncKeyState
LoadMenuW
GetSystemMenu
NotifyWinEvent
SetCursorPos
UnionRect
DefWindowProcW
GetDesktopWindow
BringWindowToTop
CreatePopupMenu
LockWindowUpdate
DestroyMenu
EnableScrollBar
GetDoubleClickTime
GetIconInfo
MessageBeep
GetClientRect
DrawIcon
EnableWindow
UnregisterClassW
PostMessageW
PostQuitMessage
SetWindowPos
SetWindowContextHelpId
GetParent
GetWindow
MapDialogRect
RegisterWindowMessageW
DrawEdge
DrawFrameControl
IsWindowVisible
GetFocus
DrawStateW
SetWindowRgn
RedrawWindow
GetWindowRect
MapWindowPoints
GetSysColor
GetSysColorBrush
DrawFocusRect
FillRect
InflateRect
OffsetRect
IsRectEmpty
DrawIconEx
IsWindow
DestroyWindow
ToUnicodeEx
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongW
GetKeyboardState
MapVirtualKeyW
LoadAcceleratorsW
CreateAcceleratorTableW
UpdateLayeredWindow
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatW
GetKeyNameTextW
SubtractRect
CharUpperBuffW
FrameRect
IsClipboardFormatAvailable
PostThreadMessageW
IsCharLowerW
MapVirtualKeyExW
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetComboBoxInfo
CreateMenu
DestroyCursor
GetWindowRgn
HideCaret
InvertRect
SendDlgItemMessageA
GetUpdateRect
SetClassLongPtrW
DestroyAcceleratorTable
ModifyMenuW
SetMenuDefaultItem
GetMenuDefaultItem
GetMenuItemInfoW
CopyIcon

gdi32

CreateFontIndirectW
CreatePen
CreatePatternBrush
DeleteObject
EnumFontFamiliesW
GetDeviceCaps
GetStockObject
GetTextCharsetInfo
GetObjectW
CopyMetaFileW
CreateDCW
CreateBitmap
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
CreateDIBitmap
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetRgnBox
GetMapMode
SetRectRgn
DPtoLP
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
Rectangle
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
SetPixelV
GetTextFaceW
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetTextMetricsW
Polyline
Polygon
CreatePolygonRgn
ExtTextOutW
PatBlt
GetTextExtentPoint32W
GetBkColor
Ellipse
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreateHatchBrush
CreateEllipticRgn
CombineRgn
MoveToEx
GetTextColor
DeleteDC

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegSetValueExW
CheckTokenMembership
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
AllocateAndInitializeSid
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
FreeSid

shell32

ShellExecuteExW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
ShellExecuteW
DragFinish
DragQueryFileW
SHGetFileInfoW
SHAppBarMessage
SHGetDesktopFolder

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW
PathIsUNCW
PathRemoveFileSpecW
PathStripToRootW
StrFormatKBSizeW
PathFindExtensionW

uxtheme

GetThemePartSize
OpenThemeData
CloseThemeData
GetThemeSysColor
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
DrawThemeParentBackground
IsAppThemed
DrawThemeText
GetWindowTheme
IsThemeBackgroundPartiallyTransparent

ole32

DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleIsCurrentClipboard
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoInitializeEx
CoRevokeClassObject
CoRegisterMessageFilter
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoDisconnectObject
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
OleFlushClipboard

oleaut32

VarBstrFromDate
VariantCopy
LoadTypeLi
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
VariantChangeType
VariantClear
VariantInit
SysStringLen
SysAllocStringLen
SysFreeString
SysAllocString
SafeArrayDestroy

oledlg

OleUIBusyW

gdiplus

GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipSetInterpolationMode
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipCreateBitmapFromStream
GdipDrawImageRectI
GdiplusShutdown
GdipAlloc
GdipBitmapLockBits

wininet

HttpOpenRequestA
HttpSendRequestW
InternetOpenA
InternetReadFile
InternetCloseHandle
InternetConnectA

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 550KB - Virtual size: 549KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
点击此处安装简体中文语言包.exe
.exe windows x86

Password: infected

fa61c6a6133de14d2f9f9520b498203f

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2a:02:bb:47:a2:e8:33:a4:67:32:db:16:c5:23:58:d9
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

23/05/2007, 00:00

Not After

06/06/2009, 23:59

Subject

CN=Avira GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Avira GmbH,L=Tettnang,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
LoadLibraryA
GetProcAddress
CreateDirectoryA
Sleep
MultiByteToWideChar
SetLastError
GetLastError
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
InitializeCriticalSectionEx
RaiseException
DecodePointer
DeleteCriticalSection
ReadConsoleW
ReadFile
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetFilePointerEx
GetFileSizeEx
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
HeapQueryInformation
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
GetModuleHandleW
CloseHandle
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
GetCurrentProcess
TerminateProcess
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
EncodePointer
FreeLibrary
LoadLibraryExW
GetModuleFileNameW
GetModuleHandleExW
ExitProcess
HeapValidate
GetSystemInfo
GetStdHandle
WriteFile
GetFileType
WriteConsoleW
SetConsoleCtrlHandler
GetCurrentThread
GetTempPathW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
MoveFileExW
CreateFileW

user32

EndDialog
PostQuitMessage
EndPaint
BeginPaint
DefWindowProcA
DestroyWindow
DialogBoxParamA
UpdateWindow
ShowWindow
UnregisterClassA
RegisterClassExA
LoadCursorA
LoadIconA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
LoadStringA
CreateWindowExA

Sections

.text
Size: 589KB - Virtual size: 588KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.msvcjmc
Size: 512B - Virtual size: 141B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

b43c27dfb1422a5cbd36865ca02432ae

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

wininet

oleacc

imm32

winmm

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 550KB - Virtual size: 549KB

.data Size: 31KB - Virtual size: 60KB

.pdata Size: 85KB - Virtual size: 84KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 60KB - Virtual size: 59KB

Password: infected

fa61c6a6133de14d2f9f9520b498203f

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

2a:02:bb:47:a2:e8:33:a4:67:32:db:16:c5:23:58:d9Certificate

Extended Key Usages

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 589KB - Virtual size: 588KB

.rdata Size: 144KB - Virtual size: 144KB

.data Size: 3KB - Virtual size: 16KB

.msvcjmc Size: 512B - Virtual size: 141B

.rsrc Size: 25KB - Virtual size: 28KB

.reloc Size: 24KB - Virtual size: 23KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 550KB - Virtual size: 549KB

.data
Size: 31KB - Virtual size: 60KB

.pdata
Size: 85KB - Virtual size: 84KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 60KB - Virtual size: 59KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

2a:02:bb:47:a2:e8:33:a4:67:32:db:16:c5:23:58:d9
Certificate

.text
Size: 589KB - Virtual size: 588KB

.rdata
Size: 144KB - Virtual size: 144KB

.data
Size: 3KB - Virtual size: 16KB

.msvcjmc
Size: 512B - Virtual size: 141B

.rsrc
Size: 25KB - Virtual size: 28KB

.reloc
Size: 24KB - Virtual size: 23KB