microsoft office professional edition 2003[.]zip

Sharing

Copy URL

Twitter E-mail

Reason

too many matches

General

Target

microsoft office professional edition 2003.zip
Size

287.5MB
MD5

f1217cbca4241552427ac3a0d61f3732
SHA1

d9a74379e729fe6def6d07dbe3e7e049839f9c47
SHA256

f891986630332757e0203805a75e0d83e863ae87f31f7a1adc6d1545498198d8
SHA512

70f34479c3b444ffdbb8d9de91d529c6cf690014016abf3435b5a092bc0cb8b9cff6507836fda41ecc69c34a60075f8b21fa3f55997e6626f3a2845e0fa70a9b
SSDEEP

6291456:yxt91cevO9b1duBcYlbLl/zbIEfXx7xAiaxUqUkL8tBrPp46ljkBgJ2:yxt9ARPYJLBhfXxFAXfItBi6ogo

Score

N/A

Malware Config

Signatures

Files

microsoft office professional edition 2003.zip
.zip

Password: 123
MS_Office_2003/A2561405.CAB
.cab

Password: 123
ACCESS.PIP
ACCWIZ.DLL
.dll regsvr32 windows x86

Password: 123

123863dc3effc5fe359f5676e2340efa

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:07:11:43:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/05/2002, 00:55

Not After

25/11/2003, 01:05

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

7f:30:ae:fd:8b:50:16:09:0d:cd:ed:31:53:ff:63:26:9e:82:ac:cc
Signer

Actual PE Digest

7f:30:ae:fd:8b:50:16:09:0d:cd:ed:31:53:ff:63:26:9e:82:ac:cc

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

14/10/2022, 21:49
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysAllocString
LoadTypeLi
VariantInit
VariantChangeType
VariantClear
SysReAllocString
SysAllocStringLen
SysStringLen
SysFreeString
LoadRegTypeLi

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSection
DisableThreadLibraryCalls
DeleteCriticalSection
GlobalAlloc
GlobalLock
GlobalUnlock
GetVersionExA
lstrcpyW
lstrcpynW
lstrcatW
GetTempPathW
GetTempFileNameW
LoadLibraryW
GetWindowsDirectoryW
GetWindowsDirectoryA
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoW
CreateFileW
CreateFileA
LoadLibraryA
GetACP
GetOEMCP
GetLocaleInfoA
InterlockedIncrement
HeapReAlloc
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
HeapFree
GetProcessHeap
HeapAlloc
GetLastError
CloseHandle
FindResourceW
LoadResource
SizeofResource
LockResource
FreeResource
MulDiv
GetStringTypeW
GetSystemDefaultLCID
GetUserDefaultLCID
IsValidCodePage
WideCharToMultiByte
lstrlenW
FreeLibrary
GetSystemDefaultLangID
GetProcAddress
GetVersionExW
GetVersion

user32

SendDlgItemMessageW
SetDlgItemTextA
SetDlgItemTextW
IsWindowVisible
MapWindowPoints
EqualRect
SetWindowRgn
GetActiveWindow
CopyRect
SetCapture
GetWindowDC
ReleaseCapture
DrawFocusRect
wsprintfW
FillRect
InflateRect
WinHelpA
SystemParametersInfoW
SystemParametersInfoA
SetWindowTextW
SetWindowTextA
SetWindowLongW
SetWindowLongA
SendMessageW
RegisterClassW
RegisterClassA
LoadCursorW
FrameRect
GetSysColor
LoadCursorA
LoadBitmapW
LoadBitmapA
LoadAcceleratorsA
GetWindowLongW
GetWindowLongA
GetDlgItem
GetDlgItemTextA
DialogBoxParamW
DialogBoxParamA
CreateWindowExW
CreateWindowExA
CreateDialogParamW
CreateDialogParamA
LoadStringW
LoadStringA
IsChild
SetCursor
SetParent
ShowWindow
GetDC
RedrawWindow
BeginPaint
EndPaint
GetWindowRect
DefWindowProcA
DefWindowProcW
IsWindow
DestroyWindow
SetFocus
GetKeyState
GetKeyboardState
GetFocus
CallWindowProcA
CallWindowProcW
SetWindowPos
GetCapture
ClientToScreen
WindowFromPoint
ScreenToClient
GetParent
PtInRect
InvertRect
GetScrollRange
MoveWindow
IntersectRect
InvalidateRect
GetClientRect
ScrollWindow
UpdateWindow
SetRect
UnregisterClassW
UnregisterClassA
GetDlgItemTextW
WinHelpW
GetSystemMetrics
OffsetRect
EnableScrollBar
SetScrollRange
SetScrollPos
ReleaseDC
GetScrollPos
LoadAcceleratorsW

ole32

CreateDataAdviseHolder
OleSaveToStream
OleLoadFromStream
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
CreateOleAdviseHolder

advapi32

RegCloseKey
RegCreateKeyExA
RegCreateKeyExW
RegDeleteKeyA
RegDeleteKeyW
RegEnumKeyExA
RegEnumKeyExW
RegOpenKeyExA
RegOpenKeyExW
RegSetValueExA
RegSetValueExW

comdlg32

GetOpenFileNameW

gdi32

CreateSolidBrush
GetTextAlign
TextOutW
SelectClipRgn
CreateRectRgnIndirect
GetClipBox
BitBlt
SetBkColor
CreateCompatibleDC
GetCharWidthW
SetBkMode
SetTextColor
DeleteDC
GetTextExtentPoint32W
SetROP2
GetNearestColor
ExcludeClipRect
CreateDIBitmap
TranslateCharsetInfo
CreatePen
CreateDCW
CreateEnhMetaFileA
CreateEnhMetaFileW
CreateFontIndirectA
CreateFontIndirectW
CreateMetaFileA
CreateMetaFileW
GetObjectA
GetObjectW
GetTextMetricsA
GetTextMetricsW
CloseMetaFile
CloseEnhMetaFile
SetWindowExtEx
SetWindowOrgEx
SetViewportOrgEx
SetMapMode
RestoreDC
LPtoDP
SaveDC
SelectObject
MoveToEx
LineTo
SetTextAlign
DeleteObject
GetDeviceCaps
ExtTextOutW
CreateDCA
GetStockObject

shlwapi

wvnsprintfW
wnsprintfW
wnsprintfA

msvcrt

free
_initterm
malloc
_adjust_fdiv
_except_handler3
__dllonexit
_onexit
_XcptFilter

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllRegisterServerEx
DllUnregisterServer

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ACWIZRC.DLL_1033
.dll windows x86

Password: 123

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:07:11:43:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/05/2002, 00:55

Not After

25/11/2003, 01:05

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e2:41:5b:96:3d:c3:2e:fb:08:94:be:7c:f8:ef:b8:25:b2:66:77:a7
Signer

Actual PE Digest

e2:41:5b:96:3d:c3:2e:fb:08:94:be:7c:f8:ef:b8:25:b2:66:77:a7

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

14/10/2022, 21:49
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.rsrc
Size: 351KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ACWZLIB.MDE
CLNTWRAP.HTM
.html .vbs
MSACCESS.EXE
.exe windows x86

Password: 123

a52fae2c27ec8073425abddc246a16a8

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:07:11:43:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/05/2002, 00:55

Not After

25/11/2003, 01:05

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:26:f2:2a:fc:5c:ae:4a:b6:db:f2:6f:27:c7:ab:28:d9:df:18:6e
Signer

Actual PE Digest

e8:26:f2:2a:fc:5c:ae:4a:b6:db:f2:6f:27:c7:ab:28:d9:df:18:6e

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

14/10/2022, 21:49
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_ltow
_wcsicmp
memset
_controlfp
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
_except_handler3
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
?terminate@@YAXXZ
_onexit
__dllonexit
srand
strchr
_ecvt
wcsrchr
atol
wcscspn
_chdir
_clearfp
_statusfp
_fpreset
swscanf
wcstod
_wchmod
_unlink
strrchr
wcstok
strncmp
rand
wcstoul
wcstol
realloc
qsort
atof
memmove
wcschr
_wtol
strstr
wcsncmp
_CxxThrowException
_wcsnicmp
exit
_chdrive
_wchdir
wcsstr
_wsplitpath
_wtoi
wcscmp
malloc
free
__CxxFrameHandler
wcslen

gdi32

GetCharWidthW
EnumFontFamiliesA
CreateFontIndirectA
CopyMetaFileW
CopyEnhMetaFileW
CreateBrushIndirect
CreatePenIndirect
GetViewportExtEx
GetWindowExtEx
SetMapperFlags
GdiComment
EndDoc
EndPage
StartPage
AbortDoc
StartDocW
ExtEscape
CreateDCA
CreateICA
CreateEnhMetaFileW
SetAbortProc
EnumEnhMetaFile
GetNearestPaletteIndex
EnumFontFamiliesExA
GetTextFaceW
FillRgn
PaintRgn
GetTextColor
SetBitmapBits
GetTextAlign
SetTextAlign
GetClipRgn
SelectClipRgn
GetWorldTransform
GetWindowOrgEx
SetWorldTransform
CreateDIBitmap
GetEnhMetaFileHeader
GetDIBits
SetWinMetaFileBits
GetEnhMetaFilePaletteEntries
GetBkColor
CreateMetaFileW
CloseMetaFile
ExtTextOutW
SaveDC
SetMapMode
EnumMetaFile
PlayMetaFile
RestoreDC
CreateBitmap
SetDIBits
GetDCOrgEx
PlayEnhMetaFile
StretchDIBits
GetBkMode
RectInRegion
PtInRegion
CreatePolygonRgn
InvertRgn
CreatePalette
GetObjectType
GetTextExtentExPointW
DeleteObject
CreateFontIndirectW
GetDeviceCaps
GetObjectW
SetTextColor
SetBkColor
SetBkMode
GetTextMetricsW
SelectObject
CreateFontW
CreatePatternBrush
GetStockObject
GetTextExtentPoint32W
BitBlt
PatBlt
LineTo
MoveToEx
RealizePalette
SelectPalette
GetPaletteEntries
CreateSolidBrush
EnumFontFamiliesW
CreateRectRgn
CombineRgn
ExcludeClipRect
GetViewportOrgEx
DeleteDC
CreateCompatibleBitmap
CreateCompatibleDC
GetBitmapBits
RectVisible
IntersectClipRect
CreateRectRgnIndirect
OffsetViewportOrgEx
UnrealizeObject
SetBrushOrgEx
SetViewportOrgEx
SetRectRgn
Polygon
CreatePen
SetROP2
StretchBlt
GetNearestColor
OffsetClipRgn
GetRgnBox
CreateDiscardableBitmap
GetClipBox
TextOutW
OffsetRgn
PlayMetaFileRecord
DeleteMetaFile
SetViewportExtEx
SetWindowExtEx
LPtoDP
Escape
GetTextCharsetInfo
DPtoLP
SetStretchBltMode
PlayEnhMetaFileRecord
SetWindowOrgEx
DeleteEnhMetaFile
Rectangle
CloseEnhMetaFile
GetEnhMetaFileBits
SetPixel
GetWinMetaFileBits
GetEnhMetaFileW
GetROP2
TextOutA
Arc
Pie
Ellipse
EnumFontsW
GetMetaFileBitsEx
SetMetaFileBitsEx
SetEnhMetaFileBits

user32

IsCharAlphaNumericW
DefWindowProcW
GetForegroundWindow
GetDC
ReleaseDC
InvalidateRgn
GetDesktopWindow
DestroyAcceleratorTable
GetClassNameW
CharNextW
CreateAcceleratorTableW
GetWindowTextLengthW
SetParent
GetIconInfo
GetMessageTime
ChildWindowFromPoint
GetKeyboardType
VkKeyScanW
SetRectEmpty
GetPropA
RemovePropA
SetWindowPlacement
UnionRect
LoadImageW
InvertRect
DrawMenuBar
SetMenu
GetMenuItemCount
IsRectEmpty
GetDoubleClickTime
GetUpdateRect
GetUpdateRgn
TrackMouseEvent
ExcludeUpdateRgn
ValidateRect
ScrollWindowEx
CloseClipboard
SetClipboardData
OpenClipboard
GetTabbedTextExtentW
RegisterClipboardFormatA
GetNextDlgTabItem
DrawIconEx
EnumDisplaySettingsA
SetDlgItemInt
CopyRect
FrameRect
ToAsciiEx
ToUnicodeEx
SystemParametersInfoA
ActivateKeyboardLayout
CharNextA
CharLowerBuffW
GetKeyboardLayoutList
GetDialogBaseUnits
IsCharLowerW
GetScrollRange
SetWindowLongA
DestroyCaret
SetCaretPos
CreateCaret
MapVirtualKeyW
CopyAcceleratorTableW
OpenIcon
ShowScrollBar
LoadAcceleratorsW
DeferWindowPos
EnableScrollBar
EndDeferWindowPos
BeginDeferWindowPos
CharPrevW
GetClipboardFormatNameW
CreateIcon
GetWindowWord
SetWindowWord
DrawIcon
CharLowerW
SetClipboardViewer
ChangeClipboardChain
IsClipboardFormatAvailable
PostThreadMessageW
GetMessageW
EmptyClipboard
ScrollDC
GetCaretPos
LoadKeyboardLayoutA
LoadKeyboardLayoutW
GetWindowDC
GetDCEx
CreateDialogParamW
DrawFrameControl
GetSysColorBrush
GetSystemMetrics
DestroyCursor
EnumChildWindows
SetTimer
TranslateMessage
GetKeyboardState
SetKeyboardState
HideCaret
EnableMenuItem
ShowCaret
CreateWindowExW
GetClassInfoExW
RegisterClassExW
GetClassInfoW
RegisterClassW
DestroyIcon
MapDialogRect
CheckRadioButton
RedrawWindow
GetDlgItemInt
FillRect
FindWindowW
RemoveMenu
DefMDIChildProcW
SetClassLongW
GetTopWindow
PostQuitMessage
DefFrameProcW
SetWindowsHookExW
UnhookWindowsHookEx
ReplyMessage
TranslateMDISysAccel
WaitMessage
GetClassNameA
RegisterWindowMessageA
VkKeyScanExW
MsgWaitForMultipleObjects
GetWindowPlacement
KillTimer
FlashWindow
IsChild
PeekMessageA
IsWindowUnicode
IsDialogMessageW
IsDialogMessageA
GetMessagePos
MapWindowPoints
SendMessageA
EqualRect
CharUpperW
GetKeyboardLayout
RegisterClipboardFormatW
CallNextHookEx
GetWindowContextHelpId
InSendMessage
GetAsyncKeyState
SystemParametersInfoW
LoadCursorW
GetSystemMenu
DeleteMenu
MessageBoxW
DialogBoxIndirectParamW
EnumThreadWindows
BeginPaint
EndPaint
GetDlgCtrlID
InflateRect
GetPropW
RemovePropW
IsWindowEnabled
SetPropW
ClientToScreen
WinHelpW
GetClassLongW
LoadIconW
SetWindowPos
SetRect
PtInRect
CallWindowProcW
GetSysColor
DrawFocusRect
ScreenToClient
IsCharAlphaW
DrawTextExW
DrawTextExA
MoveWindow
GetScrollPos
SetScrollRange
SetWindowLongW
IsWindowVisible
BringWindowToTop
ScrollWindow
SetScrollPos
OffsetRect
DdeInitializeW
DdeAddData
DdeKeepStringHandle
SetFocus
DdeGetData
DdeCmpStringHandles
CharUpperA
DdeAccessData
DdeUnaccessData
DestroyWindow
DdeUninitialize
DdeCreateDataHandle
DdeClientTransaction
DdeNameService
DdePostAdvise
IsIconic
SetForegroundWindow
DdeAbandonTransaction
DdeDisconnect
DdeCreateStringHandleW
DdeConnect
DdeFreeStringHandle
DdeGetLastError
DdeQueryStringW
DdeFreeDataHandle
DdeEnableCallback
GetWindowThreadProcessId
GetCursorPos
WindowFromPoint
SetCursor
GetParent
PeekMessageW
IsDlgButtonChecked
CheckDlgButton
InvalidateRect
SetActiveWindow
GetKeyState
GetFocus
CharUpperBuffW
UpdateWindow
PostMessageW
ShowWindow
GetActiveWindow
RegisterWindowMessageW
EnableWindow
GetWindowTextW
GetDlgItem
GetClientRect
SetWindowTextW
SetDlgItemTextW
GetDlgItemTextW
EndDialog
SendDlgItemMessageW
SendMessageW
GetWindow
ShowCursor
GetCapture
ReleaseCapture
SetCapture
GetWindowRect
IntersectRect
IsZoomed
UnregisterClassW
MessageBeep
MessageBoxA
IsWindow
GetWindowLongW
DispatchMessageW

kernel32

GetFullPathNameW
GetTempPathA
GetTempFileNameA
GetUserDefaultLangID
VirtualQuery
ConvertDefaultLocale
GetDateFormatW
GetSystemDefaultLCID
SetErrorMode
GetVersionExA
SetUnhandledExceptionFilter
GetCommandLineW
VirtualAlloc
IsDBCSLeadByte
Sleep
TerminateProcess
CopyFileW
GetCurrentThreadId
GetCurrentProcess
WideCharToMultiByte
GetCurrentProcessId
GlobalReAlloc
GlobalSize
CreateProcessW
FindClose
GetShortPathNameW
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
MulDiv
CreateFileW
CloseHandle
GetSystemDefaultLangID
GetTempPathW
GetTempFileNameW
DeleteFileW
WritePrivateProfileStringW
FreeLibrary
OpenFile
GetUserDefaultLCID
GetLocaleInfoW
WaitForSingleObject
ReleaseMutex
GetTickCount
OutputDebugStringA
GetModuleFileNameW
SetLastError
GetLastError
LoadLibraryW
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersion
GetFileAttributesW
GetProcAddress
GetModuleHandleW
WriteFile
LoadLibraryExA
FormatMessageA
MultiByteToWideChar
ReadFile
GetFileSize
CreateFileA
GetStartupInfoA
QueryPerformanceCounter
UnhandledExceptionFilter
OutputDebugStringW
LoadLibraryExW
SizeofResource
GetModuleFileNameA
SetEndOfFile
GetStringTypeW
LockResource
GetSystemDirectoryW
MoveFileW
lstrcmpA
GetPrivateProfileIntW
GetProcessHeaps
HeapCompact
HeapSize
HeapReAlloc
HeapDestroy
HeapCreate
LCMapStringA
LocalAlloc
LocalFree
GetEnvironmentVariableW
CreateEventW
SetEvent
ResetEvent
CreateThread
SetThreadPriority
ResumeThread
ExitThread
FormatMessageW
LoadLibraryA
FindResourceW
LoadResource
OpenProcess
FreeResource
FindAtomW
CreateMutexW
SearchPathW
DuplicateHandle
GetExitCodeProcess
GetCurrentDirectoryW
CreateDirectoryW
FindNextFileW
VirtualProtect
DeleteFileA
DosDateTimeToFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
FileTimeToSystemTime
GetFileTime
SetFileTime
GetDriveTypeW
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToDosDateTime
GetFileAttributesA
lstrcmpiA
LCMapStringW
GetComputerNameW
CompareStringW
GetLocalTime
InterlockedDecrement
InterlockedIncrement
lstrlenW
FlushInstructionCache
HeapAlloc
GetProcessHeap
HeapFree
LeaveCriticalSection
EnterCriticalSection
RemoveDirectoryW
FindFirstFileW
GetSystemTimeAsFileTime
SetFilePointer
GetModuleHandleA

Exports

Exports

@EnumFree@4
@EnumInit@4
@EnumObject@20
@EnumXlateListSep@8
@EnumXlateOp@12
@Error@4
@FControlNameConflict@8
@FEnumFuncParams@24
@FGetDlgHelp@20
@FIsSubOfObject@4
@FReallocExpBuffer@8
@FreeEnumObject@8
@GetPasteSectionName@12
@GetStringOfId@16
@GetSubControlName@8
@ObjtypFromDwObj@4
AbortHscr@4
AccWizExtTextOutU@32
AccessLoadString@16
ActidOfHscr@4
CargOfActid@4
CloseHscr@4
ComboTypOfActidIarg@8
CreateIExprSrvObj
DllGetLCID
FCommitIMEString@4
FCreateAccessTemplate@12
FDeliverDb@16
FGetHintLogfont@4
FNextHscr@12
FSaveActidHscr@8
FSetMacroVersion@8
FUniqueIndexTableFieldEx@8
FillADT@4
GetHFontDialog@0
GetHyperLinkObject@12
GetLCID@0
IRunCommandIdFromDMIArgs@20
IdsArgNameOfActidIarg@8
IdsComboFillOfActidIarg@8
IsrowOfHscr@4
JETESLoadProjectTypeLib
LGetMacroVersion@4
MSAU_CreateSystemDatabase@20
MSAU_ErrCloseRegKey@4
MSAU_ErrDeleteRegKey@8
MSAU_ErrDeleteRegValue@8
MSAU_ErrGetDbobjList@52
MSAU_ErrGetObjNames@52
MSAU_ErrGetRegKey@20
MSAU_ErrGetRegKeyInfo@16
MSAU_ErrGetRegVal@20
MSAU_ErrGetRegValName@24
MSAU_ErrOpenRegKeyEx@20
MSAU_ErrSortDbobjArray@8
MSAU_ErrSortStringArray@4
MSAU_ErrWriteRegKey@12
MSAU_ErrWriteRegVal@20
MSAU_FRandomPid@8
MSAU_FWordHelpfileCmd@16
MSAU_FillInHashValues@20
MSAU_GetFileLanguage@16
MSAU_GetFileName@8
MSAU_GetPixelDepth@4
MSAU_GetSizeCount@8
MSAU_GetSizeList@12
MSAU_OfficeGetFileName@8
MSAU_OfficeGetTcDIB@12
MidEastSupport@0
ParseHyperlinkC@20
RewindHscr@4
SetEnumIntlView@4
SizeCallback@8
WizChooseColor@8

Sections

.text
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 359KB - Virtual size: 464KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 978KB - Virtual size: 977KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MSAEXP30.DLL
.dll windows x86

Password: 123

2735dc59ddb4c62625903c5ef907c96a

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:07:11:43:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/05/2002, 00:55

Not After

25/11/2003, 01:05

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

dc:9a:3b:1b:7d:be:b4:29:1c:8d:40:ab:87:28:ee:70:47:bd:88:ba
Signer

Actual PE Digest

dc:9a:3b:1b:7d:be:b4:29:1c:8d:40:ab:87:28:ee:70:47:bd:88:ba

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

14/10/2022, 21:49
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyMenu
GetSysColorBrush
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetMenuItemBitmaps
GetMenuItemID
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
ShowWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetSubMenu
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
GetClassInfoA
MessageBoxA
CreateWindowExA
GetClassInfoExA
UnregisterClassA
RegisterClassA
IsWindowVisible
GetClientRect
GetMenu
AdjustWindowRectEx
ScreenToClient
GetDlgCtrlID
CopyRect
SetWindowPos
PtInRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetMenuState
GetMenuItemCount
GetPropA
wsprintfA
LoadCursorA
SetCursor
IsWindowEnabled
GetActiveWindow
SetActiveWindow
PeekMessageA
PeekMessageW
GetKeyState
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
KillTimer
SetTimer
RedrawWindow
UpdateWindow
ReleaseDC
GetDC
PostMessageA
OffsetRect
GetParent
GetSysColor
InvalidateRect
GetWindowRect
SendMessageW
GetSystemMetrics
EnableWindow
GetCaretPos
SendMessageA
DrawFocusRect
SetRect
DefWindowProcW
DefWindowProcA
CallWindowProcW
CallWindowProcA
DispatchMessageA
GetWindowLongW
SetWindowLongA
IsWindow
IsWindowUnicode
GetWindowLongA
SetWindowLongW
SetForegroundWindow

gdi32

SetMapMode
LineTo
MoveToEx
DeleteObject
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
GetTextExtentPoint32A
ExtTextOutW
SetDIBitsToDevice
CreateFontIndirectA
GetDeviceCaps
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
CreateSolidBrush
RestoreDC
SaveDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetTextMetricsA

msaccess.exe

ord15
ord14
ord39
ord93
ord51
ord45
ord38
ord5
ord13
ord2
ord1
ord9
ord6
ord4
ord3
ord86
ord7
ord11
ord8
ord12
ord17

kernel32

LoadResource
FindResourceA
GetProcAddress
LoadLibraryA
GetSystemDefaultLangID
MulDiv
GetCurrentProcess
GlobalAlloc
GlobalLock
LockResource
FormatMessageA
lstrcpynA
LocalFree
InterlockedIncrement
GlobalFlags
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
lstrlenA
lstrcmpiW
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
SizeofResource
GlobalFree
SetLastError
LoadLibraryW
GetModuleHandleA
GetModuleHandleW
GetFileAttributesW
lstrcmpW
FreeLibrary
GetModuleFileNameW
OutputDebugStringA
lstrcatA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
InterlockedDecrement
lstrcpyA
EnumResourceLanguagesA
ConvertDefaultLocale
GetModuleFileNameA
lstrcmpA
GetCurrentThread
CloseHandle
InitializeCriticalSection
DeleteCriticalSection
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalUnlock
GetSystemTimeAsFileTime
SetErrorMode

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

shlwapi

PathFindExtensionA
PathFindFileNameA

oleaut32

VariantInit
VariantChangeType
VariantClear

oleacc

LresultFromObject
CreateStdAccessibleObject

msvcrt

_expand
??1type_info@@UAE@XZ
_XcptFilter
ctime
mktime
gmtime
localtime
time
_adjust_fdiv
_initterm
_onexit
__dllonexit
_vsnprintf
_mbctype
realloc
_mbschr
_msize
_strdup
sscanf
_snprintf
memcmp
memset
_mbscmp
strlen
memcpy
memmove
wcsncmp
iswalnum
isalpha
iswdigit
malloc
free
_except_handler3
wcslen
__CxxFrameHandler
_wcsicmp
_strcmpi
_CxxThrowException
_vsnwprintf
wcschr
iswalpha

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

Exports

Exports

LaunchExpBuilder
_ctime64
_gmtime64
_localtime64
_mktime64
_resetstkoflw
_scprintf
_scwprintf
_time64
_vscprintf
_vscwprintf

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSAIN.DLL_1033
.dll windows x86

Password: 123

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:07:11:43:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/05/2002, 00:55

Not After

25/11/2003, 01:05

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

68:47:7d:f0:4e:10:d1:8c:33:42:b1:05:9d:6c:35:26:82:9e:74:03
Signer

Actual PE Digest

68:47:7d:f0:4e:10:d1:8c:33:42:b1:05:9d:6c:35:26:82:9e:74:03

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

14/10/2022, 21:49
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 512B - Virtual size: 131B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 566KB - Virtual size: 565KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RPT2DAP.XSL
.xml .js
RPT2HTM4.XSL
.xml .js
SERVWRAP.ASP
.vbs
SOA.DLL
.dll windows x86

Password: 123

b233d533c31d19d7d46265cab2a87e3e

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:07:11:43:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/05/2002, 00:55

Not After

25/11/2003, 01:05

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

fe:59:54:75:ef:52:9e:1d:65:88:d8:38:04:c0:10:03:29:b0:a0:4a
Signer

Actual PE Digest

fe:59:54:75:ef:52:9e:1d:65:88:d8:38:04:c0:10:03:29:b0:a0:4a

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

14/10/2022, 21:49
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetModuleHandleW
GetProcAddress
InterlockedExchange
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GetLastError
GetLocaleInfoW
GetVersionExA
MulDiv
LoadLibraryA
GlobalSize
DeleteFileW
CloseHandle
WriteFile
SetEndOfFile
CreateFileA
GetFileAttributesExA
GetComputerNameW
OutputDebugStringW
MultiByteToWideChar
lstrlenW
InterlockedDecrement
InterlockedIncrement
FindClose
FindNextFileA
FindFirstFileA
LCMapStringA
GetUserDefaultLCID
HeapAlloc
HeapCreate
HeapDestroy
HeapReAlloc
HeapFree
HeapSize
GetLocalTime
LocalAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
GetSystemDefaultLCID
FreeLibrary
GetSystemDefaultLangID
GetUserDefaultLangID
GlobalReAlloc
SetFilePointer
GlobalAlloc
GlobalLock
ReadFile
GlobalFree
GlobalUnlock
WideCharToMultiByte
GetCurrentProcess
LocalFree

user32

ReleaseDC
GetSystemMetrics
GetDC

gdi32

GetWindowOrgEx
GetViewportExtEx
GetWindowExtEx
GetViewportOrgEx
SaveDC
SetMapMode
SelectObject
RestoreDC
GetDeviceCaps

advapi32

RegCloseKey

shlwapi

wnsprintfA
wnsprintfW

msvcrt

memset
__CxxFrameHandler
_except_handler3
free
_wcsdup
memmove
_wsplitpath
_wcsupr
iswspace
iswalnum
_CxxThrowException
wcscmp
malloc
realloc
wcslen
_wcsnicmp
wcschr
wcstol
_wcsicmp
wcsncmp
wprintf
_wtol
__dllonexit
_onexit
?terminate@@YAXXZ
_initterm
_adjust_fdiv
_XcptFilter
??1type_info@@UAE@XZ

oleaut32

VariantClear

Exports

Exports

??0ICX@@QAE@ABV0@@Z
??0ICX@@QAE@XZ
??0IParseXML@@QAE@ABV0@@Z
??0IParseXML@@QAE@XZ
??1ICX@@UAE@XZ
??4ICX@@QAEAAV0@ABV0@@Z
??4IParseXML@@QAEAAV0@ABV0@@Z
??_7ICX@@6B@
??_7IParseXML@@6B@
ApplyTransform
ExitParseXML
FreeXMLFormatList
GetXMLFormatList
LpBiff8CxfmtNew
LpBiffCxfmtNew
LpDhtmlCxfmtNew
LpDpCxfmtNew
LpInitParseXML
LpThtmlCxfmtNew
LpThtxCxfmtNew
LpTrtfCxfmtNew
LpTtextCxfmtNew
LpXmlCxfmtNew
SOA_AddStyle
SOA_CchClipWrap
SOA_ChangeOutputFile
SOA_End
SOA_ErrSetColumnWidths
SOA_ErrSetCurCol
SOA_ErrSetNextRowAttrs
SOA_ErrWrite
SOA_ErrWriteFtyp
SOA_GetFilename
SOA_IdBegin
SOA_PrinterSetup
SOA_SetDocInfo
SOA_SetMailOutput
SetSmartTagUtilsC

Sections

.text
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UTILITY.MDA_0001
MS_Office_2003/A3561405.CAB
.cab

Password: 123
ACMAIN10.AW_1033
ACMAIN11.CHM_1033
.chm
ACTIP10.HLP_1033
ACWZMAIN.MDE
ASSETS.GIF
.gif
ASSETS.MDZ_1033
CONTACTS.GIF
.gif
CONTACTS.MDZ_1033
EVTMGMT.GIF
.gif
EVTMGMT.MDZ_1033
EXPENSES.GIF
.gif
EXPENSES.MDZ_1033
INVENTRY.GIF
.gif
INVENTRY.MDZ_1033
LEDGER.GIF
.gif
LEDGER.MDZ_1033
MSCAL.CNT_1033
MSCAL.DEP_1033
MSCAL.HLP_1033
MSCAL.OCX_1033
.dll regsvr32 windows x86

dbc379b041b9fe320a1091374653db6f

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:07:11:43:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/05/2002, 00:55

Not After

25/11/2003, 01:05

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

ef:1f:07:de:35:03:a0:e0:51:fa:0b:e0:83:63:4f:e5:f0:34:c7:24
Signer

Actual PE Digest

ef:1f:07:de:35:03:a0:e0:51:fa:0b:e0:83:63:4f:e5:f0:34:c7:24

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

14/10/2022, 21:49
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysAllocString
LoadTypeLi
SysAllocStringLen
VariantChangeTypeEx
VariantChangeType
VariantCopy
VarDateFromStr
VariantInit
SysFreeString
VariantClear
LoadRegTypeLi

kernel32

InitializeCriticalSection
GetVersion
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DeleteCriticalSection
GlobalAlloc
GlobalLock
GlobalUnlock
InterlockedIncrement
HeapReAlloc
InterlockedDecrement
GetVersionExA
lstrcpyW
lstrcpynW
lstrcatW
GetTempPathW
GetTempFileNameW
LoadLibraryW
GetWindowsDirectoryW
GetWindowsDirectoryA
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoW
GetSystemDefaultLangID
CreateFileW
CreateFileA
LoadLibraryA
GetACP
GetOEMCP
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
HeapFree
GetProcessHeap
HeapAlloc
GetLastError
CloseHandle
GetLocaleInfoA
MulDiv
WideCharToMultiByte
GetProcAddress
FreeLibrary
GetVersionExW
GetUserDefaultLangID
GetUserDefaultLCID
lstrlenW
GetLocalTime
DisableThreadLibraryCalls
GetSystemTimeAsFileTime

user32

GetWindowRect
EqualRect
SetWindowRgn
GetActiveWindow
GetSystemMetrics
CallWindowProcW
CallWindowProcA
GetCapture
ScrollWindowEx
IsDialogMessageW
IsDialogMessageA
GetNextDlgTabItem
IsWindowEnabled
IsChild
MessageBeep
EndDialog
SetWindowPos
SetParent
GetParent
GetSysColor
IntersectRect
CopyRect
EndPaint
DefWindowProcA
DefWindowProcW
DestroyWindow
TranslateAcceleratorW
TranslateAcceleratorA
SetDlgItemTextW
SetDlgItemTextA
RegisterClassExW
RegisterClassExA
SendDlgItemMessageW
UnregisterClassW
WinHelpW
ReleaseCapture
GetFocus
WinHelpA
SystemParametersInfoW
MapWindowPoints
SetWindowTextW
SetWindowTextA
SetWindowLongW
SetWindowLongA
SendMessageW
SendMessageA
RegisterClassW
RegisterClassA
LoadCursorW
LoadCursorA
LoadBitmapW
LoadBitmapA
LoadAcceleratorsW
LoadAcceleratorsA
GetWindowLongW
GetWindowLongA
GetDlgItemTextW
GetDlgItemTextA
CreateWindowExW
CreateWindowExA
CreateDialogParamW
CreateDialogParamA
LoadStringW
LoadStringA
IsDlgButtonChecked
CheckDlgButton
GetDlgItem
IsWindow
MoveWindow
GetDC
OffsetRect
UpdateWindow
ShowWindow
InvalidateRect
SetCapture
GetClientRect
PtInRect
InflateRect
FrameRect
DrawFocusRect
GetWindow
IsWindowVisible
SystemParametersInfoA
BeginPaint
GetWindowDC
ReleaseDC
FillRect
DialogBoxParamW
DialogBoxParamA
GetKeyState
SetFocus
UnregisterClassA

ole32

CreateDataAdviseHolder
CoTaskMemAlloc
OleSetAutoConvert
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CreateOleAdviseHolder

advapi32

RegCloseKey
RegQueryValueExW
RegCreateKeyExA
RegCreateKeyExW
RegDeleteKeyA
RegDeleteKeyW
RegEnumKeyExA
RegEnumKeyExW
RegOpenKeyExA
RegOpenKeyExW
RegSetValueExA
RegSetValueExW

comdlg32

GetOpenFileNameW

gdi32

GetDeviceCaps
CreateCompatibleDC
Polygon
SetTextColor
SetTextAlign
CreateSolidBrush
SetBkMode
DPtoLP
TranslateCharsetInfo
CreateDCA
CreateDCW
CreateEnhMetaFileA
CreateEnhMetaFileW
CreateFontIndirectA
DeleteDC
CreateMetaFileA
CreateMetaFileW
GetObjectA
GetObjectW
GetTextMetricsA
GetTextMetricsW
CloseMetaFile
CloseEnhMetaFile
SetWindowExtEx
SetWindowOrgEx
CreateRectRgnIndirect
SetViewportOrgEx
SetViewportExtEx
SetMapMode
RestoreDC
LPtoDP
SaveDC
ExtTextOutA
GetTextExtentPoint32W
CreatePen
MoveToEx
LineTo
GetStockObject
DeleteObject
SelectObject
CreateFontIndirectW
ExtTextOutW

shlwapi

wvnsprintfW
wnsprintfW
wnsprintfA

msvcrt

_initterm
malloc
_adjust_fdiv
_except_handler3
__dllonexit
_onexit
_XcptFilter
free

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllRegisterServerEx
DllUnregisterServer

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ORDPROC.GIF
.gif
ORDPROC.MDZ_1033
RESOURCE.GIF
.gif
RESOURCE.MDZ_1033
SERVICE.GIF
.gif
SERVICE.MDZ_1033
TIMEBILL.GIF
.gif
TIMEBILL.MDZ_1033
MS_Office_2003/A4561405.CAB
.cab
MS_Office_2003/AV561403.CAB
.cab
MS_Office_2003/CC561401.CAB
.cab
MS_Office_2003/CD561401.CAB
.cab
MS_Office_2003/CF561401.CAB
.cab
MS_Office_2003/CL561401.CAB
.cab
MS_Office_2003/CM561401.CAB
.cab
MS_Office_2003/CP561401.CAB
.cab
MS_Office_2003/CR561401.CAB
.cab
MS_Office_2003/CS561401.CAB
.cab
MS_Office_2003/E2561410.CAB
.cab
MS_Office_2003/E3561405.CAB
.cab
MS_Office_2003/E4561410.CAB
.cab
MS_Office_2003/EV561405.CAB
.cab
MS_Office_2003/G3561403.CAB
.cab
MS_Office_2003/GV561403.CAB
.cab
MS_Office_2003/IJ561401.CAB
.cab
MS_Office_2003/IS561401.CAB
.cab
MS_Office_2003/IU561401.CAB
.cab
MS_Office_2003/Key.txt
MS_Office_2003/L2561403.CAB
.cab
MS_Office_2003/L3561403.CAB
.cab
MS_Office_2003/L4561403.CAB
.cab
MS_Office_2003/L9561403.CAB
.cab
MS_Office_2003/LV561403.CAB
.cab
MS_Office_2003/M2561406.CAB
.cab
MS_Office_2003/M3561404.CAB
.cab
MS_Office_2003/M4561403.CAB
.cab
MS_Office_2003/M9561403.CAB
.cab
MS_Office_2003/MA561403.CAB
.cab
MS_Office_2003/MC561403.CAB
.cab
MS_Office_2003/MG561403.CAB
.cab
MS_Office_2003/MH561401.CAB
.cab
MS_Office_2003/MO561403.CAB
.cab
MS_Office_2003/MT561403.CAB
.cab
MS_Office_2003/O0561401.CAB
.cab
MS_Office_2003/O1561403.CAB
.cab
MS_Office_2003/O9561403.CAB
.cab
MS_Office_2003/OWC10.MSI
.msi
MS_Office_2003/OWC11.MSI
.msi
MS_Office_2003/P2561401.CAB
.cab
MS_Office_2003/P3561401.CAB
.cab
MS_Office_2003/P4561402.CAB
.cab
MS_Office_2003/PA561401.CAB
.cab
MS_Office_2003/PR103368.CAB
.cab
MS_Office_2003/PR103678.CAB
.cab
MS_Office_2003/PR308246.CAB
.cab
MS_Office_2003/PV561401.CAB
.cab
MS_Office_2003/PW561401.CAB
.cab
MS_Office_2003/Q2561405.CAB
.cab
MS_Office_2003/Q3561405.CAB
.cab
MS_Office_2003/Q4561405.CAB
.cab
MS_Office_2003/QV561405.CAB
.cab
MS_Office_2003/SETUP.MSI
.msi
MS_Office_2003/SETUP1.EXE
.exe windows x86

de26c763312295b50f6ad716d08fe2da

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:07:11:43:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/05/2002, 00:55

Not After

25/11/2003, 01:05

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

ed:1d:21:32:1f:c9:48:9f:e3:70:fd:9e:41:e5:13:51:c7:ac:44:65
Signer

Actual PE Digest

ed:1d:21:32:1f:c9:48:9f:e3:70:fd:9e:41:e5:13:51:c7:ac:44:65

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

14/10/2022, 21:49
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

gdi32

GetStockObject

kernel32

LocalFree
lstrlenW
lstrcmpiW
GetLastError
LocalAlloc
LocalReAlloc
FormatMessageW
GetFileAttributesW
FindClose
FindFirstFileW
GetSystemDirectoryW
GetFullPathNameW
ExpandEnvironmentStringsW
CreateDirectoryW
CloseHandle
FindNextFileW
GetTempPathW
HeapFree
HeapAlloc
GetProcessHeap
lstrcmpW
WriteFile
lstrlenA
WideCharToMultiByte
SetFilePointer
CreateFileW
DeleteFileW
FormatMessageA
MultiByteToWideChar
GetProcAddress
GetModuleHandleA
GetPrivateProfileStringW
GetVersionExA
GetCurrentProcess
FreeLibrary
LoadLibraryW
CreateProcessW
GetWindowsDirectoryW
GetPrivateProfileSectionW
GetPrivateProfileIntW
SetCurrentDirectoryW
GetModuleFileNameW
IsValidLocale
CopyFileW
ReleaseMutex
OpenMutexW
CreateMutexW
SetLastError
GlobalFree
GlobalAlloc
GetTimeFormatW
GetDateFormatW
GetCommandLineW
WaitForSingleObject
Sleep
GetDriveTypeW
GetDiskFreeSpaceExW
GetExitCodeProcess
ReadFile
GetVolumeInformationW
GetLogicalDriveStringsW
QueryDosDeviceW
InterlockedDecrement
GetCurrentDirectoryW
InterlockedIncrement
DeviceIoControl
RaiseException
LoadLibraryA
InterlockedExchange
OpenEventW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
HeapSize
HeapReAlloc

ole32

CoInitialize
CoCreateInstance
CoUninitialize
CLSIDFromProgID

oleaut32

SysFreeString
VariantInit
VariantClear
SysAllocString

shell32

ShellExecuteW

user32

KillTimer
MessageBoxW
MessageBeep
MessageBoxIndirectW
LoadIconW
LoadCursorW
RegisterClassExW
CreateWindowExW
UpdateWindow
PostQuitMessage
DefWindowProcW
PeekMessageW
MsgWaitForMultipleObjects
GetWindowLongW
CheckDlgButton
CreateDialogParamW
SetWindowTextW
GetDlgItem
SetDlgItemTextW
SetWindowLongW
DestroyWindow
ShowWindow
SetTimer
CharPrevW
MessageBoxA
LoadStringA
GetMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
SendMessageW
CharNextW
FindWindowW
SetForegroundWindow
GetKeyboardType

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

msvcrt

_adjust_fdiv
memmove
_vsnwprintf
wcschr
iswprint
_vsnprintf
wcsstr
wcstol
_wtoi
_wcsnicmp
wcsncmp
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
exit
_acmdln
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_controlfp
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit

rpcrt4

RpcServerUnregisterIf
RpcMgmtWaitServerListen
RpcMgmtStopServerListening
RpcStringBindingComposeW
NdrClientCall2
NdrServerCall2
RpcBindingFree
RpcStringFreeW
RpcBindingFromStringBindingW

Sections

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MS_Office_2003/SKU011.CAB
.cab
MS_Office_2003/SKU011.XML
MS_Office_2003/SKU026.CAB
.cab
MS_Office_2003/SKU0A4.CAB
.cab
MS_Office_2003/TR103621.CAB
.cab
MS_Office_2003/TR308222.CAB
.cab
MS_Office_2003/Torrent Downloaded From ExtraTorrent.cc.txt
MS_Office_2003/Uploaded by ~~R@JU~~.txt
MS_Office_2003/V3561403.CAB
.cab
MS_Office_2003/W2561405.CAB
.cab
MS_Office_2003/W3561405.CAB
.cab
MS_Office_2003/W4561405.CAB
.cab
MS_Office_2003/WV561405.CAB
.cab
MS_Office_2003/X2561401.CAB
.cab
MS_Office_2003/X3561401.CAB
.cab
MS_Office_2003/YA561403.CAB
.cab
MS_Office_2003/YB561408.CAB
.cab .ps1
MS_Office_2003/YC561403.CAB
.cab
MS_Office_2003/YH561403.CAB
.cab
MS_Office_2003/YI561401.CAB
.cab
MS_Office_2003/YL561402.CAB
.cab
MS_Office_2003/YM561403.CAB
.cab
MS_Office_2003/YO561403.CAB
.cab
MS_Office_2003/YS561401.CAB
.cab
MS_Office_2003/YT561401.CAB
.cab
MS_Office_2003/ZA561401.CAB
.cab
MS_Office_2003/ZC561402.CAB
.cab
MS_Office_2003/ZD561402.CAB
.cab
MS_Office_2003/ZE561406.CAB
.cab
MS_Office_2003/ZF561402.CAB
.cab
MS_Office_2003/ZG561401.CAB
.cab
MS_Office_2003/ZH561403.CAB
.cab
MS_Office_2003/ZI561402.CAB
.cab
MS_Office_2003/ZJ561401.CAB
.cab
MS_Office_2003/ZK561401.CAB
.cab
MS_Office_2003/ZM561401.CAB
.cab
MS_Office_2003/ZN561401.CAB
.cab
MS_Office_2003/ZO561401.CAB
.cab
MS_Office_2003/ZQ561401.CAB
.cab
MS_Office_2003/ZR561403.CAB
.cab
MS_Office_2003/ZS561401.CAB
.cab
MS_Office_2003/ZT561401.CAB
.cab
MS_Office_2003/ZU561401.CAB
.cab
MS_Office_2003/ZV561401.CAB
.cab
MS_Office_2003/ZY561401.CAB
.cab
MS_Office_2003/ZZ561401.CAB
.cab
MS_Office_2003/autorun.ini

Sharing

Errors

General

Malware Config

Signatures

Files

Password: 123

Password: 123

Password: 123

123863dc3effc5fe359f5676e2340efa

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9dCertificate

Extended Key Usages

Key Usages

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6Certificate

Extended Key Usages

Key Usages

61:07:11:43:00:00:00:00:00:34Certificate

Extended Key Usages

Key Usages

7f:30:ae:fd:8b:50:16:09:0d:cd:ed:31:53:ff:63:26:9e:82:ac:ccSigner

Signature Validations

Verification

14/10/2022, 21:49 Valid: false

Headers

File Characteristics

Imports

oleaut32

kernel32

user32

ole32

advapi32

comdlg32

gdi32

shlwapi

msvcrt

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 40KB - Virtual size: 36KB

.reloc Size: 8KB - Virtual size: 6KB

Password: 123

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9dCertificate

Extended Key Usages

Key Usages

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6Certificate

Extended Key Usages

Key Usages

61:07:11:43:00:00:00:00:00:34Certificate

Extended Key Usages

Key Usages

e2:41:5b:96:3d:c3:2e:fb:08:94:be:7c:f8:ef:b8:25:b2:66:77:a7Signer

Signature Validations

Verification

14/10/2022, 21:49 Valid: false

Headers

DLL Characteristics

File Characteristics

Sections

.rsrc Size: 351KB - Virtual size: 352KB

.reloc Size: 512B - Virtual size: 8B

Password: 123

a52fae2c27ec8073425abddc246a16a8

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9dCertificate

Extended Key Usages

Key Usages

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6Certificate

Extended Key Usages

Key Usages

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

61:07:11:43:00:00:00:00:00:34
Certificate

7f:30:ae:fd:8b:50:16:09:0d:cd:ed:31:53:ff:63:26:9e:82:ac:cc
Signer

14/10/2022, 21:49
Valid: false

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 40KB - Virtual size: 36KB

.reloc
Size: 8KB - Virtual size: 6KB

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

61:07:11:43:00:00:00:00:00:34
Certificate

e2:41:5b:96:3d:c3:2e:fb:08:94:be:7c:f8:ef:b8:25:b2:66:77:a7
Signer

14/10/2022, 21:49
Valid: false

.rsrc
Size: 351KB - Virtual size: 352KB

.reloc
Size: 512B - Virtual size: 8B

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

61:07:11:43:00:00:00:00:00:34
Certificate

e8:26:f2:2a:fc:5c:ae:4a:b6:db:f2:6f:27:c7:ab:28:d9:df:18:6e
Signer

14/10/2022, 21:49
Valid: false

.text
Size: 5.0MB - Virtual size: 5.0MB

.data
Size: 359KB - Virtual size: 464KB

.rsrc
Size: 978KB - Virtual size: 977KB

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

61:07:11:43:00:00:00:00:00:34
Certificate

dc:9a:3b:1b:7d:be:b4:29:1c:8d:40:ab:87:28:ee:70:47:bd:88:ba
Signer

14/10/2022, 21:49
Valid: false

.text
Size: 106KB - Virtual size: 106KB

.data
Size: 3KB - Virtual size: 11KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 7KB - Virtual size: 7KB

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate