orj-[.]dll | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

orj-.dll
Size

1.9MB
MD5

7f12ae1a5792da395f44728d797c7abd
SHA1

8bd7c1fa137b07566d253d78d55f18068a265bb7
SHA256

ccdef228d9d781d337b784a84726052c97105fa1d80051e74962f707ae09de62
SHA512

cf835bf3957f7860df219e2fbe8ec8944eb523455310e04f204c2045fcb7d31b1764ed05b182895413b19b5e00b14dc0468e3f0168d266c59fbacfbe50f41aec
SSDEEP

49152:8HMPGyS+DEKleCwQ7bwvpWW4ApN5jZTq8XBRfR6w:uyp+Npf

Score

N/A

Malware Config

Signatures

Files

orj-.dll
.dll regsvr32 windows x64

71f54326f07e1ae047b670bff2628dd3

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19-09-2018 00:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28-07-2020 00:00

Not After

18-03-2029 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7e:cf:3f:d8:90:39:53:2a:e3:65:e4:df
Certificate

Issuer

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

26-03-2021 14:21

Not After

25-05-2023 15:19

Subject

CN=HHD SOFTWARE LIMITED,O=HHD SOFTWARE LIMITED,L=London,ST=London,C=GB,1.2.840.113549.1.9.1=#0c17636f6e7461637440686864736f6674776172652e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1d
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06-04-2022 07:44

Not After

08-05-2033 07:44

Subject

CN=Globalsign TSA for Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

20-02-2019 00:00

Not After

18-03-2029 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18-03-2009 10:00

Not After

18-03-2029 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

b9:21:f0:82:59:28:6c:6f:a9:b9:78:6c:2c:9b:ca:ab:df:44:cf:2a:e2:cb:82:26:85:24:67:ed:b7:eb:ad:f7
Signer

Actual PE Digest

b9:21:f0:82:59:28:6c:6f:a9:b9:78:6c:2c:9b:ca:ab:df:44:cf:2a:e2:cb:82:26:85:24:67:ed:b7:eb:ad:f7

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=HHD SOFTWARE LIMITED,O=HHD SOFTWARE LIMITED,L=London,ST=London,C=GB,1.2.840.113549.1.9.1=#0c17636f6e7461637440686864736f6674776172652e636f6d

06-09-2022 07:06
Valid: true

Chain 1

CN=HHD SOFTWARE LIMITED,O=HHD SOFTWARE LIMITED,L=London,ST=London,C=GB,1.2.840.113549.1.9.1=#0c17636f6e7461637440686864736f6674776172652e636f6d

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Chain 2

CN=HHD SOFTWARE LIMITED,O=HHD SOFTWARE LIMITED,L=London,ST=London,C=GB,1.2.840.113549.1.9.1=#0c17636f6e7461637440686864736f6674776172652e636f6d

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

psapi

GetModuleFileNameExW

rpcrt4

UuidCreate

dbghelp

ImageNtHeader

gdiplus

GdipCreateFromHDC
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHICON
GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipCreateHICONFromBitmap
GdipDrawImageRectI
GdipGetImageGraphicsContext

chakracore

JsCreateFunction
JsGetProperty
JsStringToPointer
JsSetObjectBeforeCollectCallback
JsConstructObject
JsSetException
JsCreateRangeError
JsBooleanToBool
JsNumberToInt
JsCreateError
JsGetUndefinedValue
JsGetCurrentContext
JsAddRef
JsRelease
JsPointerToString
JsDoubleToNumber
JsIntToNumber
JsBoolToBoolean
JsGetNullValue
JsCreateArray
JsCallFunction
JsGetFalseValue
JsGetAndClearException
JsGetGlobalObject
JsCreateObject
JsCreateExternalObject
JsConvertValueToString
JsSetIndexedProperty
JsGetPropertyIdFromName
JsSetProperty
JsDefineProperty
JsNumberToDouble

kernel32

HeapFree
HeapAlloc
GetProcessHeap
MultiByteToWideChar
WideCharToMultiByte
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
CloseHandle
AcquireSRWLockShared
ReleaseSRWLockShared
GetLastError
UnmapViewOfFile
MapViewOfFileEx
CreateFileMappingW
GetFileSize
CreateEventW
EnterCriticalSection
LeaveCriticalSection
VirtualQueryEx
WriteProcessMemory
VirtualFree
VirtualAlloc
ReadFile
GetOverlappedResult
WriteFile
DeviceIoControl
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
DuplicateHandle
GetCurrentProcess
SetFilePointer
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetTempPathW
GetTempFileNameW
CreateFileW
GetProcAddress
GetModuleHandleW
SetEndOfFile
LoadLibraryW
FreeLibrary
HeapSize
SleepConditionVariableSRW
WakeConditionVariable
CloseThreadpoolTimer
SetThreadpoolTimer
CreateThreadpoolTimer
GetCurrentThreadId
ReadDirectoryChangesW
CancelIo
SleepEx
SetEvent
GetCurrentThread
ResetEvent
GetVolumePathNameW
GetVolumeNameForVolumeMountPointW
OutputDebugStringW
FormatMessageW
IsDebuggerPresent
GetModuleFileNameW
LocalFree
GetHandleInformation
GetFileInformationByHandleEx
lstrcmpiW
LoadLibraryExW
InitializeCriticalSectionEx
DeleteCriticalSection
GetFileSizeEx
SetFilePointerEx
InitializeCriticalSection
DeleteFileW
OpenProcess
GlobalSize
SetLastError
RaiseException
QueryPerformanceFrequency
QueryPerformanceCounter
GetFullPathNameW
ReplaceFileW
MoveFileW
ReadProcessMemory
HeapCreate
lstrcpyW
WaitForMultipleObjects
TrySubmitThreadpoolCallback
SetThreadExecutionState
CallbackMayRunLong
GetDiskFreeSpaceExW
WaitForThreadpoolTimerCallbacks
CreateMutexW
GetThreadLocale
SetThreadLocale
DecodePointer
GetSystemTimeAsFileTime
GetModuleFileNameA
CreateSemaphoreExW
ReleaseSemaphore
GetModuleHandleExW
ReleaseMutex
WaitForSingleObjectEx
OpenSemaphoreW
GetSystemInfo
CreateMutexExW
GetCurrentProcessId
DebugBreak
ExpandEnvironmentStringsA
LoadLibraryExA
EncodePointer
HeapDestroy
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetLocaleInfoEx
FormatMessageA
GetFileAttributesExW
GetFileAttributesW
InitializeCriticalSectionAndSpinCount
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
HeapReAlloc
FindFirstFileW
FindClose
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
WaitForSingleObject
FlushInstructionCache
AreFileApisANSI

user32

CharLowerW
CharUpperW
MapDialogRect
GetDesktopWindow
CharLowerA
CharUpperA
EndPaint
BeginPaint
SetWindowLongPtrW
CreateDialogParamW
UnregisterClassW
DestroyWindow
EndDialog
IsClipboardFormatAvailable
CharNextW
GetActiveWindow
MessageBoxW
DispatchMessageW
TranslateMessage
GetSysColor
DestroyIcon
MsgWaitForMultipleObjectsEx
PeekMessageW
PostThreadMessageW
RegisterWindowMessageW
FlashWindowEx
RegisterClipboardFormatW
CharUpperBuffA
DialogBoxParamW
CharLowerBuffW
DeferWindowPos
DrawTextW
SetFocus
MessageBeep
GetWindow
SetWindowPos
GetParent
GetWindowLongW
BeginDeferWindowPos
EqualRect
EndDeferWindowPos
SetDlgItemTextW
ClientToScreen
ChildWindowFromPointEx
EnumChildWindows
GetClassNameW
ScreenToClient
CreateWindowExW
SendMessageW
GetKeyState
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
MoveWindow
ShowWindow
ReleaseDC
GetDC
GetWindowRect
GetDlgItem
EnableWindow
GetClientRect
GetSystemMetrics
GetFocus
IsWindow
CharLowerBuffA
CharUpperBuffW

gdi32

BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SetViewportOrgEx
ExtTextOutW
SetBkColor
GetCurrentObject
GetTextMetricsW
GetTextExtentPoint32W
DeleteObject
SelectObject
DeleteDC

shell32

DuplicateIcon
SHGetFileInfoW
DragQueryFileW
ShellExecuteW

ole32

OleSetClipboard
OleInitialize
StringFromCLSID
CoTaskMemFree
OleIsCurrentClipboard
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
ReleaseStgMedium
OleGetClipboard
CreateDataAdviseHolder
OleUninitialize
StringFromGUID2

oleaut32

SafeArrayLock
SafeArrayUnlock
SafeArrayGetVartype
SafeArrayGetLBound
SafeArrayGetUBound
SysAllocString
UnRegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SysStringLen
VariantChangeType
VariantClear
VariantInit
SysFreeString
VarUI4FromStr
RegisterTypeLi
SysAllocStringLen

crypt32

CryptUnprotectData
CryptProtectData

api-ms-win-core-memory-l1-1-0

VirtualProtect
VirtualQuery

msvcp140

?_W_Gettnames@_Locinfo@std@@QEBA?AV_Timevec@2@XZ
??1_Timevec@std@@QEAA@XZ
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@_N@Z
??0_Locinfo@std@@QEAA@HPEBD@Z
?_Getname@_Locinfo@std@@QEBAPEBDXZ
?_Makeloc@_Locimp@locale@std@@CAPEAV123@AEBV_Locinfo@3@HPEAV123@PEBV23@@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
??Bid@locale@std@@QEAA_KXZ
?id@?$ctype@_W@std@@2V0locale@2@A
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
??0facet@locale@std@@IEAA@_K@Z
??1facet@locale@std@@MEAA@XZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
??0_Lockit@std@@QEAA@H@Z
?_Xruntime_error@std@@YAXPEBD@Z
??0_Locinfo@std@@QEAA@PEBD@Z
??1_Lockit@std@@QEAA@XZ
??1_Locinfo@std@@QEAA@XZ
?is@?$ctype@_W@std@@QEBA_NF_W@Z
_Mbrtowc
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Incref@facet@locale@std@@UEAAXXZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?setstate@ios_base@std@@QEAAXH@Z
?narrow@?$ctype@_W@std@@QEBAD_WD@Z
?_Xbad_function_call@std@@YAXXZ
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?__ExceptionPtrToBool@@YA_NPEBX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
_Mtx_destroy_in_situ
_Mtx_init_in_situ
?toupper@?$ctype@_W@std@@QEBA_W_W@Z
_Cnd_do_broadcast_at_thread_exit
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Winerror_map@std@@YAHH@Z
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ
?id@?$numpunct@_W@std@@2V0locale@2@A
?id@?$numpunct@D@std@@2V0locale@2@A
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
_Xtime_get_ticks
_Thrd_id
_Thrd_join
?_Throw_Cpp_error@std@@YAXH@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
_Mtx_lock
?_Throw_C_error@std@@YAXH@Z
_Mtx_unlock
?__ExceptionPtrCreate@@YAXPEAX@Z
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Syserror_map@std@@YAPEBDH@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z

msvcp140_1

_Aligned_get_default_resource

msvcp140_atomic_wait

__std_atomic_wait_direct
__std_atomic_notify_one_direct

comctl32

ord412
ord413
ord410

etwproviders

ETWEnd
ETWBegin

vcruntime140_1

__CxxFrameHandler4

vcruntime140

_purecall
wcsstr
wcsrchr
memset
memcpy
memmove
__current_exception
__current_exception_context
_CxxThrowException
__std_type_info_destroy_list
memcmp
__C_specific_handler
__std_exception_destroy
__std_exception_copy
__std_terminate
memchr

api-ms-win-crt-runtime-l1-1-0

_cexit
_initterm
_initterm_e
_errno
abort
_crt_atexit
terminate
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_beginthreadex
_resetstkoflw
_invalid_parameter_noinfo

api-ms-win-crt-string-l1-1-0

wcscat_s
wcsncpy_s
towlower
toupper
tolower
towupper
wcscpy_s
wmemcpy_s
wcsnlen
_wcsicmp
iswctype
_isctype

api-ms-win-crt-heap-l1-1-0

_recalloc
free
realloc
_aligned_free
_aligned_malloc
malloc
_callnewh
calloc

api-ms-win-crt-time-l1-1-0

_Wcsftime
_localtime64_s

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsnprintf_s
__stdio_common_vswprintf
__stdio_common_vsprintf_s

api-ms-win-crt-math-l1-1-0

roundf
_isnan
powf

api-ms-win-crt-convert-l1-1-0

_ecvt_s
strtol
btowc
wcstol

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func

api-ms-win-core-synch-l1-1-0

CreateEventA
OpenEventA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllGetClassObject3
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71f54326f07e1ae047b670bff2628dd3

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate

Key Usages

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

7e:cf:3f:d8:90:39:53:2a:e3:65:e4:dfCertificate

Extended Key Usages

Key Usages

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47Certificate

Extended Key Usages

Key Usages

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1dCertificate

Extended Key Usages

Key Usages

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate

Key Usages

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fcCertificate

Key Usages

04:00:00:00:00:01:21:58:53:08:a2Certificate

Key Usages

b9:21:f0:82:59:28:6c:6f:a9:b9:78:6c:2c:9b:ca:ab:df:44:cf:2a:e2:cb:82:26:85:24:67:ed:b7:eb:ad:f7Signer

Signature Validations

Verification

06-09-2022 07:06 Valid: true

Chain 1

Chain 2

Headers

DLL Characteristics

File Characteristics

Imports

psapi

rpcrt4

dbghelp

gdiplus

chakracore

kernel32

user32

gdi32

shell32

ole32

oleaut32

crypt32

api-ms-win-core-memory-l1-1-0

msvcp140

msvcp140_1

msvcp140_atomic_wait

comctl32

etwproviders

vcruntime140_1

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-core-synch-l1-1-0

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 303KB - Virtual size: 302KB

.data Size: 142KB - Virtual size: 145KB

.pdata Size: 56KB - Virtual size: 55KB

.rsrc Size: 48KB - Virtual size: 48KB

.reloc Size: 8KB - Virtual size: 8KB

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

7e:cf:3f:d8:90:39:53:2a:e3:65:e4:df
Certificate

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47
Certificate

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1d
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

04:00:00:00:00:01:21:58:53:08:a2
Certificate

b9:21:f0:82:59:28:6c:6f:a9:b9:78:6c:2c:9b:ca:ab:df:44:cf:2a:e2:cb:82:26:85:24:67:ed:b7:eb:ad:f7
Signer

06-09-2022 07:06
Valid: true

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 303KB - Virtual size: 302KB

.data
Size: 142KB - Virtual size: 145KB

.pdata
Size: 56KB - Virtual size: 55KB

.rsrc
Size: 48KB - Virtual size: 48KB

.reloc
Size: 8KB - Virtual size: 8KB