da3a5a6a48706666af1113805b819dee7914eeb7f717fed1a8822026fe6503e4

Sharing

Copy URL Twitter E-mail

General

Target

da3a5a6a48706666af1113805b819dee7914eeb7f717fed1a8822026fe6503e4
Size

1.0MB
MD5

17aaa6cf844151d13fd776fc2023cbc0
SHA1

07326e1eb18fb006b9fbd32faf1fcf32c3cdf47d
SHA256

da3a5a6a48706666af1113805b819dee7914eeb7f717fed1a8822026fe6503e4
SHA512

88da862a6e9baaddf04cd3afa2947abf7f13be017c38ea116d529c3f708bf236f11dd2d29bcfc87ebd7fda4e55aa32b713577ce6e530f9462955e8f83c20370a
SSDEEP

24576:Y/GY3EL+fTZH/pN1VSVJFd6LXHZcycf/li0f/liRU:Y/GY3EL+fTp/pN1VSVJLMX5cycf/Ff/J

Score

N/A

Malware Config

Signatures

Files

da3a5a6a48706666af1113805b819dee7914eeb7f717fed1a8822026fe6503e4
.exe windows x86

5999971ba27a5ccabbbc8aa3aa375a26

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:40:5c:1f:0e:d2:58:88:2b:e5:4d:86:86:ba:11:ea:45
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

23/08/2013, 00:00

Not After

23/09/2024, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G1,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:65:97:19:56:9b:e0:7b:77:5a:1b:22:75:e2:d8:3a
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

27/02/2012, 00:00

Not After

26/02/2015, 23:59

Subject

CN=Beijing baidu Netcom science and technology co.ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Beijing baidu Netcom science and technology co.ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
lstrlenW
GetCurrentProcess
FlushInstructionCache
LockResource
MultiByteToWideChar
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
EncodePointer
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
DecodePointer
ReleaseSemaphore
CreateSemaphoreW
FindResourceW
VerSetConditionMask
WriteFile
CreateDirectoryW
ReadFile
FindClose
FindNextFileW
FindFirstFileW
GetLocalTime
OutputDebugStringW
WaitForMultipleObjects
Process32NextW
GetModuleHandleW
GetModuleFileNameW
LoadLibraryExW
LoadLibraryW
lstrcmpiW
SizeofResource
LoadResource
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
RaiseException
FreeLibrary
InterlockedDecrement
InterlockedIncrement
GetVersionExW
MoveFileW
CopyFileW
DeleteFileW
GetFileAttributesW
SetFileAttributesW
GetTempFileNameW
GetModuleHandleExW
CreateMutexW
CloseHandle
WaitForSingleObject
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
SetLastError
GetLastError
TerminateProcess
Process32FirstW
CreateToolhelp32Snapshot
HeapFree
GetProcessHeap
HeapAlloc
OpenProcess
CreateProcessW
SetErrorMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTempPathW
WideCharToMultiByte
TerminateThread
GetFileSize
ExpandEnvironmentStringsW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
RemoveDirectoryW
MoveFileExW
LocalFree
LocalAlloc
GetProcAddress
GetPrivateProfileIntW
GetPrivateProfileStringW
GetTickCount
CreateThread
FreeLibraryAndExitThread
WaitNamedPipeW
CreateFileW
WriteFileEx
ReadFileEx
DisconnectNamedPipe
CancelIo
ConnectNamedPipe
CreateNamedPipeW
GetOverlappedResult
ResetEvent
CreateEventW
Sleep
OpenThread
GetCurrentProcessId
SetEvent
InterlockedCompareExchange
VerifyVersionInfoW
InterlockedExchange

user32

ToAscii
AllowSetForegroundWindow
GetKeyboardState
DestroyWindow
GetMonitorInfoW
MonitorFromWindow
SystemParametersInfoW
LoadImageW
LoadCursorW
LoadBitmapW
GetWindow
GetClassNameW
GetParent
SetWindowLongW
GetWindowLongW
PtInRect
OffsetRect
SetRectEmpty
FillRect
DrawFocusRect
GetSysColor
MapWindowPoints
ScreenToClient
GetCursorPos
SetCursor
GetWindowRect
GetClientRect
GetWindowTextLengthW
GetClassInfoExW
RegisterClassExW
PostMessageW
FindWindowExW
GetWindowThreadProcessId
SendMessageTimeoutW
RegisterWindowMessageW
MsgWaitForMultipleObjectsEx
PeekMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
GetClassInfoW
RegisterClassW
MsgWaitForMultipleObjects
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsClipboardFormatAvailable
GetClipboardData
GetKeyState
SendInput
LoadKeyboardLayoutW
PostThreadMessageW
SetTimer
KillTimer
OpenDesktopW
CloseDesktop
LoadStringW
UnregisterClassW
GetWindowTextW
SetWindowTextW
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
UpdateWindow
DrawTextW
GetSystemMetrics
IsWindowEnabled
ReleaseCapture
SetCapture
GetCapture
GetFocus
GetActiveWindow
SetFocus
GetDlgCtrlID
SendDlgItemMessageW
GetDlgItem
EndDialog
DialogBoxParamW
BringWindowToTop
SetWindowPos
ShowWindow
IsWindow
CreateWindowExW
CallWindowProcW
DefWindowProcW
SendMessageW
CharNextW

gdi32

DeleteObject
GetStockObject
SelectObject
DeleteDC
CreateFontIndirectW
GetObjectW
CreateSolidBrush
SetBkMode
SetTextColor

advapi32

RegQueryValueExA
ConvertStringSidToSidW
SetTokenInformation
GetLengthSid
CreateProcessAsUserW
RegQueryValueExW
RegSetValueW
RegCreateKeyW
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetEntriesInAclW
GetSecurityDescriptorSacl
SetSecurityDescriptorSacl
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
FreeSid
AllocateAndInitializeSid
ConvertSidToStringSidW
GetNamedSecurityInfoW
BuildExplicitAccessWithNameW
SetNamedSecurityInfoW
IsValidSid
GetSidIdentifierAuthority
GetAce
GetSidLengthRequired
InitializeAcl
DuplicateTokenEx
InitializeSid
OpenProcessToken
GetTokenInformation
RegOpenKeyW
RegEnumKeyW
RegEnumValueW
GetSidSubAuthorityCount
GetSidSubAuthority
LookupAccountSidW
GetAclInformation
GetSecurityDescriptorDacl
AdjustTokenPrivileges
LookupPrivilegeValueW
AccessCheck
MapGenericMask
DuplicateToken
GetFileSecurityW
AddAce

shell32

ord165
SHChangeNotify
SHGetFolderPathW
ShellExecuteW
CommandLineToArgvW

ole32

CoInitialize
CoUninitialize
StringFromIID
IIDFromString
CoCreateGuid
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance

oleaut32

SysFreeString
VarUI4FromStr

shlwapi

PathRemoveFileSpecW
PathFileExistsW
PathFindExtensionW
PathFindFileNameW
SHDeleteKeyW
PathAppendW

comctl32

InitCommonControlsEx
_TrackMouseEvent

msvcp110

?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
?gptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?pptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?setg@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z
?pbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W0@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?_Add_vtordisp2@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?_Add_vtordisp1@?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_N_N@Z
?_Add_vtordisp1@?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Add_vtordisp2@?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?_BADOFF@std@@3_JB
?id@?$ctype@_W@std@@2V0locale@2@A
?widen@?$ctype@_W@std@@QBE_WD@Z
??0id@locale@std@@QAE@I@Z
?_Winerror_map@std@@YAPBDH@Z
?_Xbad_function_call@std@@YAXXZ
?_4@placeholders@std@@3V?$_Ph@$03@2@A
?_3@placeholders@std@@3V?$_Ph@$02@2@A
?_2@placeholders@std@@3V?$_Ph@$01@2@A
?_1@placeholders@std@@3V?$_Ph@$00@2@A
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?_Add_vtordisp1@?$basic_ios@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Add_vtordisp2@?$basic_ostream@DU?$char_traits@D@std@@@std@@UAEXXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
?_Add_vtordisp1@?$basic_istream@DU?$char_traits@D@std@@@std@@UAEXXZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
?rdstate@ios_base@std@@QBEHXZ
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WXZ
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z
?epptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?egptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?pbase@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?eback@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?uncaught_exception@std@@YA_NXZ
?_Orphan_all@_Container_base0@std@@QAEXXZ
?_Swap_all@_Container_base0@std@@QAEXAAU12@@Z
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
??Bid@locale@std@@QAEIXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?is@?$ctype@_W@std@@QBE_NF_W@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Syserror_map@std@@YAPBDH@Z
?good@ios_base@std@@QBE_NXZ
?eof@ios_base@std@@QBE_NXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBE_JXZ
?width@ios_base@std@@QAE_J_J@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ

imm32

ImmDisableIME

msvcr110

_recalloc
??_V@YAXPAX@Z
memcpy_s
wcsncpy_s
wcsstr
calloc
_wtoi
wcscpy_s
memchr
_libm_sse2_log_precise
vswprintf_s
wcsrchr
_waccess_s
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
_wcsicmp
rand
vsprintf_s
_vsnwprintf
swscanf_s
srand
_time64
_wfindfirst64i32
_wfindnext64i32
_findclose
_itow_s
_vsnwprintf_s
_wsplitpath_s
_wcslwr_s
swprintf_s
wcspbrk
wcschr
_vscwprintf
_vscprintf
_vsnprintf
_wcsnicmp
wcsspn
wcscspn
wcstoul
memmove_s
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
malloc
__crtUnhandledException
__crtTerminateProcess
?terminate@@YAXXZ
_XcptFilter
__crtGetShowWindowMode
_amsg_exit
__wgetmainargs
__set_app_type
exit
_exit
_cexit
_configthreadlocale
__setusermatherr
_initterm_e
_initterm
_wcmdln
_fmode
_commode
_except_handler4_common
__crtSetUnhandledExceptionFilter
_invoke_watson
_controlfp_s
free
fseek
fread
fgetpos
fclose
_wfopen_s
memset
memcpy
__RTDynamicCast
__CxxFrameHandler3
_CxxThrowException
??1bad_cast@std@@UAE@XZ
??0exception@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
_waccess
memmove
??2@YAPAXI@Z
_purecall
??3@YAXPAX@Z
wcscat_s
_crt_debugger_hook

Sections

.text
Size: 592KB - Virtual size: 592KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 246KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5999971ba27a5ccabbbc8aa3aa375a26

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7Certificate

Key Usages

11:21:40:5c:1f:0e:d2:58:88:2b:e5:4d:86:86:ba:11:ea:45Certificate

Extended Key Usages

Key Usages

56:65:97:19:56:9b:e0:7b:77:5a:1b:22:75:e2:d8:3aCertificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msvcp110

imm32

msvcr110

Sections

.text Size: 592KB - Virtual size: 592KB

.rdata Size: 121KB - Virtual size: 120KB

.data Size: 18KB - Virtual size: 29KB

.rsrc Size: 246KB - Virtual size: 245KB

.reloc Size: 81KB - Virtual size: 81KB

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

11:21:40:5c:1f:0e:d2:58:88:2b:e5:4d:86:86:ba:11:ea:45
Certificate

56:65:97:19:56:9b:e0:7b:77:5a:1b:22:75:e2:d8:3a
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

.text
Size: 592KB - Virtual size: 592KB

.rdata
Size: 121KB - Virtual size: 120KB

.data
Size: 18KB - Virtual size: 29KB

.rsrc
Size: 246KB - Virtual size: 245KB

.reloc
Size: 81KB - Virtual size: 81KB