e42da7ec9c32e2c598e2f6fbdaf11faec0b4b44eb0bb5fcbe3b426cd9a0bd76d

Sharing

Copy URL

Twitter E-mail

General

Target

e42da7ec9c32e2c598e2f6fbdaf11faec0b4b44eb0bb5fcbe3b426cd9a0bd76d
Size

5.4MB
MD5

418296db362338f2d7db274850b1af98
SHA1

4d3656fdca21c51ce7a6a07f448903b879163f2e
SHA256

e42da7ec9c32e2c598e2f6fbdaf11faec0b4b44eb0bb5fcbe3b426cd9a0bd76d
SHA512

2559c3ebe510ccab7122ec57592c925586d7a6dcf22c039b810022674512c20ddde96e2208aa12d8ebe4263ee4dc54c8fdcae5f8b00be8b5268557749097462e
SSDEEP

98304:Ux87jlM0vUjUSOA4wjgs3rjlqzeI/nUmlB:n7jvTNwjgs3rjlqaI/

Score

N/A

Malware Config

Signatures

Files

e42da7ec9c32e2c598e2f6fbdaf11faec0b4b44eb0bb5fcbe3b426cd9a0bd76d
.dll windows x86

768efccad903e7c0fcf362ab579c06cd

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:f5:1b:61:d9:7d:b2:8c:df:fd:e6:ba:2d:15:90:4a
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

13/08/2010, 00:00

Not After

12/08/2013, 23:59

Subject

CN=T.E.C Solutions (G.Z.)Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=T.E.C Solutions (G.Z.)Limited,L=Guangzhou,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

bd:a7:51:3a:d7:35:25:aa:d2:5b:cc:bd:1b:25:f6:17:eb:ae:ca:74
Signer

Actual PE Digest

bd:a7:51:3a:d7:35:25:aa:d2:5b:cc:bd:1b:25:f6:17:eb:ae:ca:74

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=T.E.C Solutions (G.Z.)Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=T.E.C Solutions (G.Z.)Limited,L=Guangzhou,ST=Guangdong,C=CN

01/07/2013, 12:12
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

ntohl
WSACloseEvent
WSACreateEvent
WSAGetLastError
inet_ntoa
gethostname
gethostbyname
inet_addr
WSACleanup
setsockopt
recvfrom
sendto
recv
send
WSAStartup
getsockopt
getsockname
getpeername
ntohs
listen
shutdown
closesocket
connect
socket
WSAIoctl
htons
bind
htonl
accept

version

VerQueryValueW
GetFileVersionInfoSizeW
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerLanguageNameA
GetFileVersionInfoW

netapi32

Netbios
NetUserEnum
NetLocalGroupGetMembers
NetApiBufferFree
NetLocalGroupEnum

rpcrt4

UuidToStringW
UuidCreate
RpcStringFreeA
UuidToStringA
RpcStringFreeW
UuidFromStringA

kernel32

FileTimeToDosDateTime
FileTimeToLocalFileTime
SetFileTime
LocalFileTimeToFileTime
GetCurrentDirectoryA
GetFileTime
CreateMutexW
OutputDebugStringW
FreeConsole
WriteConsoleA
GetStdHandle
AllocConsole
SetEndOfFile
LockFile
UnlockFile
FindResourceA
CompareFileTime
CreateSemaphoreA
ReleaseSemaphore
lstrcpyA
GlobalUnlock
GlobalLock
FileTimeToSystemTime
lstrcmpiA
GlobalDeleteAtom
GlobalAlloc
ResumeThread
SetThreadPriority
SuspendThread
DuplicateHandle
FlushFileBuffers
lstrcpynA
GetFullPathNameA
GetStringTypeExA
GetThreadLocale
GetShortPathNameA
SystemTimeToFileTime
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
TlsAlloc
GlobalFree
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
MulDiv
GlobalSize
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
RtlUnwind
FindNextChangeNotification
HeapAlloc
RaiseException
GetTimeZoneInformation
GetSystemTime
HeapReAlloc
GetFileType
ExitProcess
ExitThread
SetStdHandle
HeapSize
FatalAppExitA
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
CompareStringA
CompareStringW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
UnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetConsoleCtrlHandler
GetLocaleInfoW
SetEnvironmentVariableA
FindFirstChangeNotificationA
FindCloseChangeNotification
GetLongPathNameA
GetSystemDirectoryW
GetPrivateProfileIntA
GetWindowsDirectoryW
GetPriorityClass
ExpandEnvironmentStringsW
OpenEventW
CreateEventW
SetSystemPowerState
DeleteFileW
MoveFileW
MoveFileExW
GetPrivateProfileStringA
WritePrivateProfileStringA
SetLastError
lstrlenW
GetVersion
LoadLibraryExW
EnumResourceLanguagesA
FindResourceExA
SizeofResource
LoadResource
LockResource
QueryDosDeviceW
DefineDosDeviceW
lstrlenA
CreateThread
GetFileInformationByHandle
GetLogicalDriveStringsW
GetVolumeInformationW
SetFileAttributesW
GetDiskFreeSpaceExW
OpenFileMappingA
CreateFileMappingA
FormatMessageW
GetCurrentDirectoryW
SetThreadLocale
InterlockedCompareExchange
SetNamedPipeHandleState
WaitNamedPipeA
ConnectNamedPipe
CreateNamedPipeA
GetOverlappedResult
CancelIo
CreateIoCompletionPort
DisconnectNamedPipe
PostQueuedCompletionStatus
GetQueuedCompletionStatus
OpenSemaphoreA
QueryPerformanceCounter
GetTempPathA
GetTempPathW
GetEnvironmentVariableW
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
EnumResourceNamesA
FormatMessageA
GetDiskFreeSpaceA
GetLogicalDrives
GetDiskFreeSpaceExA
DefineDosDeviceA
LocalAlloc
LocalFree
GetSystemPowerStatus
GetLogicalDriveStringsA
CreateFileW
OutputDebugStringA
GetDriveTypeA
GetExitCodeProcess
SetPriorityClass
GetModuleFileNameW
GetFileAttributesW
CreateDirectoryW
GetLocalTime
FindFirstFileW
lstrcmpW
FindNextFileW
TerminateThread
GetExitCodeThread
WideCharToMultiByte
GetWindowsDirectoryA
MoveFileExA
GetProfileIntA
CreateMutexA
lstrcmpA
GetSystemInfo
GetModuleHandleW
SetCurrentDirectoryA
SetFilePointer
WriteFile
GetACP
SetProcessShutdownParameters
OpenEventA
CreateProcessA
OpenProcess
GetComputerNameW
GetVolumeInformationA
RemoveDirectoryA
GetProfileStringA
WriteProfileStringA
LoadLibraryW
DosDateTimeToFileTime
GlobalMemoryStatus
GetThreadSelectorEntry
InterlockedExchange
SetEvent
CopyFileA
GetComputerNameA
FindFirstFileA
FindNextFileA
FindClose
ExpandEnvironmentStringsA
MoveFileA
GetFileSize
ReadFile
GetFileAttributesA
SetFileAttributesA
DeleteFileA
CreateDirectoryA
QueryDosDeviceA
GetDriveTypeW
GetModuleFileNameA
GetCommandLineA
OpenMutexA
GetLastError
InterlockedDecrement
InterlockedIncrement
CopyFileW
RemoveDirectoryW
CreateProcessW
GetThreadPriority
ReadProcessMemory
VirtualQueryEx
GetThreadContext
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionA
EnumResourceTypesA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
VirtualProtect
FlushInstructionCache
SetThreadContext
WriteProcessMemory
VirtualProtectEx
VirtualFreeEx
SetErrorMode
SetUnhandledExceptionFilter
GetModuleHandleA
FreeLibraryAndExitThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
TerminateProcess
WaitForMultipleObjects
ResetEvent
CreateEventA
Sleep
lstrcatA
LoadLibraryExA
GetSystemDirectoryA
FreeLibrary
MultiByteToWideChar
GetVersionExA
LoadLibraryA
GetProcAddress
CreateFileA
CloseHandle
DeviceIoControl
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
GetTickCount
DeleteCriticalSection
InitializeCriticalSection
VirtualAllocEx
VirtualQuery
SetVolumeLabelA
HeapFree

user32

CheckRadioButton
CheckDlgButton
DeleteMenu
wvsprintfA
SetWindowTextA
PtInRect
RemoveMenu
GetMenuStringA
AppendMenuA
InsertMenuA
LoadStringA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
UnregisterClassA
LoadIconA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetDlgCtrlID
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
SetForegroundWindow
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CharUpperA
CopyRect
GetClientRect
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetActiveWindow
CallNextHookEx
GetDlgItemInt
GetCursorPos
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
EnableWindow
ShowOwnedPopups
PostQuitMessage
GetWindowTextLengthA
OemToCharA
CharToOemA
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageA
MoveWindow
GetSysColorBrush
MsgWaitForMultipleObjects
IsWindow
GetForegroundWindow
GetWindow
GetDlgItem
DefWindowProcA
RegisterClassA
CreateWindowExA
SetWindowLongA
DestroyWindow
CloseWindow
RegisterWindowMessageA
ShowWindow
SetActiveWindow
GetClassNameA
FindWindowExA
EqualRect
SetRect
IsRectEmpty
UnionRect
ExitWindowsEx
CreateDesktopA
wsprintfW
wsprintfA
GetWindowTextW
GetWindowTextA
GetDesktopWindow
EnumChildWindows
EnumWindows
IsWindowVisible
GetParent
GetWindowLongA
GetWindowThreadProcessId
EnumDesktopWindows
MessageBoxW
MessageBoxA
OpenWindowStationA
SetProcessWindowStation
CloseWindowStation
GetProcessWindowStation
GetUserObjectInformationA
OpenInputDesktop
OpenDesktopA
GetThreadDesktop
SetThreadDesktop
CloseDesktop
LoadImageA
GetClassLongA
CopyIcon
GetIconInfo
DestroyIcon
GetDC
ReleaseDC
LoadCursorA
SetCursor
SendMessageTimeoutA
EnumDisplaySettingsA
GetSystemMetrics
SendMessageA
PostThreadMessageA
PostMessageA
FindWindowA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
GetUserObjectInformationW
OemToCharBuffA
CharToOemBuffA
InflateRect
DestroyMenu
ValidateRect
EnumWindowStationsA
EnumDesktopsA
GetKeyState

gdi32

DPtoLP
CreateFontIndirectA
SetRectRgn
GetMapMode
CreateDCA
CopyMetaFileA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateDIBPatternBrushPt
CreatePatternBrush
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePen
GetWindowExtEx
GetViewportExtEx
DeleteDC
DeleteObject
SetPixel
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetDeviceCaps
GetPaletteEntries
CreateDIBSection
GetStockObject
GdiFlush
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
PolylineTo
StretchBlt
SetStretchBltMode
BitBlt
SetColorAdjustment
PolyBezierTo
GetClipRgn
SelectClipPath
ExtSelectClipRgn
GetBitmapBits
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
SetDIBits
GetDIBits
GetObjectA
CombineRgn
CreateRectRgnIndirect
CreateRectRgn
GetRegionData
CreateBitmap
PatBlt
GetDCOrgEx
GetClipBox
SetTextColor
SetBkColor
StartDocA
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetDIBColorTable

comdlg32

GetFileTitleA

winspool.drv

FreePrinterNotifyInfo
FindNextPrinterChangeNotification
FindFirstPrinterChangeNotification
FindClosePrinterChangeNotification
EnumPortsA
EnumJobsA
EnumPrintersA
OpenPrinterW
GetPrinterW
GetJobA
AddPrinterA
DeletePrinter
OpenPrinterA
DocumentPropertiesA
ClosePrinter
GetPrinterA

advapi32

OpenServiceA
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
LookupAccountSidW
LookupAccountNameW
QueryServiceStatus
RegisterEventSourceA
ReportEventA
RegEnumKeyA
RegConnectRegistryA
RegCreateKeyW
RegOpenKeyW
RegSetValueExW
SetFileSecurityA
GetUserNameA
RegOpenKeyA
RegisterEventSourceW
RegSetValueA
RegCreateKeyExA
RegSetKeySecurity
GetLengthSid
InitializeSecurityDescriptor
InitializeAcl
AddAccessAllowedAce
GetAce
SetSecurityDescriptorDacl
LookupAccountNameA
ControlService
StartServiceA
DeleteService
LockServiceDatabase
CreateServiceA
UnlockServiceDatabase
RegFlushKey
RegUnLoadKeyA
RegLoadKeyA
EnumServicesStatusA
RegUnLoadKeyW
RegLoadKeyW
RegQueryInfoKeyA
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
InitiateSystemShutdownA
RegSetValueExA
GetTokenInformation
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyA
OpenEventLogA
GetOldestEventLogRecord
GetNumberOfEventLogRecords
ReadEventLogA
CloseEventLog
LookupAccountSidA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegNotifyChangeKeyValue
CloseServiceHandle
ChangeServiceConfigA
QueryServiceConfigA
ReportEventW
OpenSCManagerA
DeregisterEventSource
RegQueryValueA

shell32

SHChangeNotify
DragAcceptFiles
SHFileOperationA
SHGetSpecialFolderLocation
SHFileOperationW
SHGetFileInfoA
SHGetPathFromIDListA

comctl32

ImageList_GetImageCount
ord13
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge
ImageList_Read
ImageList_Write
ord17

ole32

CoInitializeEx
CoInitialize
CoCreateInstance
CoCreateGuid
CoSetProxyBlanket
CoTaskMemFree
CLSIDFromProgID
OleRun
OleDuplicateData
CoTaskMemAlloc
CreateBindCtx
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
ReleaseStgMedium
CoDisconnectObject
CoUninitialize

oleaut32

SysStringLen
VariantChangeType
VariantCopy
VariantClear
SysAllocString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
SysAllocStringByteLen
SysAllocStringLen
VarCyFromStr
VarBstrFromCy
VarDateFromStr
VarBstrFromDate
SafeArrayCreateVector
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SysFreeString
VariantInit
GetErrorInfo
SetErrorInfo
CreateErrorInfo
SysStringByteLen
SafeArrayCopy
SafeArrayDestroyDescriptor
SysReAllocStringLen

setupapi

SetupInstallFileA

shlwapi

PathFileExistsA

mpr

WNetGetConnectionA

Exports

Exports

AddDbgStr
AddDbgThread
DelDbgThread
InjectAgent32
RunAgent32

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 412KB - Virtual size: 411KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 724KB - Virtual size: 895KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 284KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

768efccad903e7c0fcf362ab579c06cd

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

56:f5:1b:61:d9:7d:b2:8c:df:fd:e6:ba:2d:15:90:4aCertificate

Extended Key Usages

Key Usages

bd:a7:51:3a:d7:35:25:aa:d2:5b:cc:bd:1b:25:f6:17:eb:ae:ca:74Signer

Signature Validations

Verification

01/07/2013, 12:12 Valid: false

Headers

File Characteristics

Imports

ws2_32

version

netapi32

rpcrt4

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

setupapi

shlwapi

mpr

Exports

Exports

Sections

.text Size: 4.0MB - Virtual size: 4.0MB

.rdata Size: 412KB - Virtual size: 411KB

.data Size: 724KB - Virtual size: 895KB

.rsrc Size: 12KB - Virtual size: 8KB

.reloc Size: 284KB - Virtual size: 280KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

56:f5:1b:61:d9:7d:b2:8c:df:fd:e6:ba:2d:15:90:4a
Certificate

bd:a7:51:3a:d7:35:25:aa:d2:5b:cc:bd:1b:25:f6:17:eb:ae:ca:74
Signer

01/07/2013, 12:12
Valid: false

.text
Size: 4.0MB - Virtual size: 4.0MB

.rdata
Size: 412KB - Virtual size: 411KB

.data
Size: 724KB - Virtual size: 895KB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 284KB - Virtual size: 280KB