76c82fc4442220a448de38d87c2e3539c20b4dec87973d1f68ab5504149ce82d

Sharing

Copy URL

Twitter E-mail

General

Target

76c82fc4442220a448de38d87c2e3539c20b4dec87973d1f68ab5504149ce82d
Size

568KB
MD5

a2c1d973bc419c91d056634925d73b30
SHA1

e243e81487c4a91532cc525fb3c71a8abc25b410
SHA256

76c82fc4442220a448de38d87c2e3539c20b4dec87973d1f68ab5504149ce82d
SHA512

0dcf96455d616b15f7a3af7779da75b33e91fba6409d926488bd84259670e6b438697f0e1f905d8317bcac08f9e836ea6db45980221252c037033df7bd4b035a
SSDEEP

12288:R2r3rk5g8nXHlOpgxgdneJhFG0l+ll2t1RzSY:R2r3w5g8XopvJeJTTc20Y

Score

N/A

Malware Config

Signatures

Files

76c82fc4442220a448de38d87c2e3539c20b4dec87973d1f68ab5504149ce82d
.exe windows x86

5604e55ce7a40c0c7e98ab2c154c4bf3

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10-01-1997 07:00

Not After

31-12-2020 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10-01-1997 07:00

Not After

31-12-2020 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22-08-2007 22:31

Not After

25-08-2012 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:0f:78:4d:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23-08-2007 00:23

Not After

23-02-2009 00:33

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:14:2c:a7:00:00:00:00:00:06
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12-06-2007 23:54

Not After

13-06-2012 00:04

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:27F4-D440-54F3,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:14:2c:a7:00:00:00:00:00:06
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12-06-2007 23:54

Not After

13-06-2012 00:04

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:27F4-D440-54F3,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16-09-2006 01:04

Not After

15-09-2019 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

34:31:43:c2:89:ab:35:c6:34:54:5e:a4:3d:5e:4d:1e:47:ac:af:53
Signer

Actual PE Digest

34:31:43:c2:89:ab:35:c6:34:54:5e:a4:3d:5e:4d:1e:47:ac:af:53

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

11-10-2007 17:46
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr80

_onexit
_decode_pointer
?terminate@@YAXXZ
_invoke_watson
_controlfp_s
_lock
_crt_debugger_hook
__dllonexit
_unlock
_except_handler4_common
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
memset
memcpy_s
_CxxThrowException
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
vswprintf_s
_vscwprintf
_vsnwprintf_s
memcpy
wcsncmp
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
ceil
_wtoi
iswspace
iswdigit
wcschr
_recalloc
swprintf_s
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
_wcsnicmp
??2@YAPAXI@Z
bsearch
_wcsicmp
_resetstkoflw
??_V@YAXPAX@Z
??_U@YAPAXI@Z
calloc
_purecall
free
malloc
__CxxFrameHandler3
memmove_s
?_type_info_dtor_internal_method@type_info@@QAEXXZ
??3@YAXPAX@Z

msvcp80

??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$allocator@G@std@@QAE@XZ
??0?$allocator@G@std@@QAE@ABV01@@Z
?deallocate@?$allocator@G@std@@QAEXPAGI@Z
?max_size@?$allocator@G@std@@QBEIXZ
?allocate@?$allocator@G@std@@QAEPAGIPBX@Z
?_Copy_s@?$char_traits@G@std@@SAPAGPAGIPBGI@Z
?_Move_s@?$char_traits@G@std@@SAPAGPAGIPBGI@Z
?find@?$char_traits@G@std@@SAPBGPBGIABG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
?eq@?$char_traits@G@std@@SA_NABG0@Z
?assign@?$char_traits@G@std@@SAXAAGABG@Z
?_Xran@_String_base@std@@SAXXZ
?_Xlen@_String_base@std@@SAXXZ
?length@?$char_traits@G@std@@SAIPBG@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?c_str@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEPBGXZ
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBGABV10@@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBG@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?clear@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXXZ
??0?$allocator@D@std@@QAE@ABV01@@Z
?max_size@?$allocator@D@std@@QBEIXZ
?assign@?$char_traits@G@std@@SAPAGPAGIG@Z
?size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?compare@?$char_traits@G@std@@SAHPBG0I@Z
?allocate@?$allocator@D@std@@QAEPADI@Z
?allocate@?$allocator@G@std@@QAEPAGI@Z
??0?$allocator@D@std@@QAE@XZ
?deallocate@?$allocator@D@std@@QAEXPADI@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@0@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
?swap@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXAAV12@@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ

advapi32

InitializeAcl
GetAclInformation
GetSecurityDescriptorControl
MakeAbsoluteSD
CryptSignHashW
CryptGetUserKey
CryptAcquireContextW
CryptCreateHash
CryptReleaseContext
CryptGetProvParam
RegisterEventSourceW
ReportEventW
DeregisterEventSource
CryptSetProvParam
CryptDecrypt
CryptDestroyKey
CryptSetHashParam
OpenProcessToken
GetTokenInformation
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
ConvertStringSidToSidW
LookupAccountSidW
CryptGetHashParam
CryptHashData
CryptDestroyHash
GetSecurityInfo
AdjustTokenPrivileges
GetAce
LookupPrivilegeValueW
GetSidLengthRequired
InitializeSid
GetSidSubAuthority
ImpersonateSelf
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
EqualSid
CopySid
IsValidSid
GetLengthSid
OpenThreadToken
SetThreadToken
RevertToSelf
GetSecurityDescriptorLength
MakeSelfRelativeSD
InitializeSecurityDescriptor
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
AddAce

kernel32

OutputDebugStringW
DebugBreak
SearchPathW
GetSystemDefaultUILanguage
GetVersionExW
LoadLibraryExW
GetThreadLocale
GetLocaleInfoA
GetACP
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
FatalExit
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoW
Sleep
CreateFileW
GetFileType
ExitProcess
GetModuleHandleW
GetModuleFileNameW
LocalAlloc
DuplicateHandle
HeapSetInformation
SetCurrentDirectoryW
GetCommandLineW
GetLocaleInfoW
MultiByteToWideChar
GetStringTypeExW
GetExitCodeThread
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
GetSystemDirectoryW
GetSystemTime
WideCharToMultiByte
RaiseException
FlushInstructionCache
GetCurrentProcess
OpenProcess
RegisterWaitForSingleObject
GetUserDefaultUILanguage
UnregisterWait
SystemTimeToFileTime
CompareFileTime
CompareStringW
VerifyVersionInfoW
VerSetConditionMask
LocalFree
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
FormatMessageW
GetTimeFormatW
GetDateFormatW
SystemTimeToTzSpecificLocalTime
GetLastError
FileTimeToSystemTime
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InterlockedExchange
InterlockedCompareExchange
CreateEventW
FreeLibrary
GetProcAddress
LoadLibraryW
ExpandEnvironmentStringsW
CloseHandle
GetCurrentThread
SetEvent
GetCurrentThreadId
OpenEventW
InterlockedDecrement
TerminateJobObject
WaitForMultipleObjects
CreateThread
SetLastError
TerminateProcess
AssignProcessToJobObject
SetInformationJobObject
CreateJobObjectW
QueueUserWorkItem
WaitForSingleObject
ResetEvent
InterlockedIncrement

gdi32

GetDeviceCaps
DeleteDC
BitBlt
SelectObject
CreateFontIndirectW
CreateCompatibleDC
GetObjectW
SetBkColor
SetTextColor
CreateSolidBrush
CreateICW
GetObjectA
GetBkColor
GetTextColor
GetTextExtentPoint32W
CreateDCW
SetDIBits
GetStockObject
CreateDIBSection
StretchBlt
DeleteObject
SetLayout
CreateRoundRectRgn
SetBkMode
GetDIBits
CreateCompatibleBitmap

user32

GetMonitorInfoW
EnumDisplayMonitors
CreatePopupMenu
DestroyMenu
AppendMenuW
EnableMenuItem
TrackPopupMenuEx
ScreenToClient
IsWindowVisible
GetWindow
SetCursor
PostQuitMessage
IsChild
DialogBoxParamW
GetKeyboardLayout
GetKeyboardLayoutList
IsRectEmpty
SetActiveWindow
IsDialogMessageW
DispatchMessageW
TranslateMessage
GetMessageW
CharNextW
CharUpperW
GetKeyState
GetClassNameW
MsgWaitForMultipleObjects
SetWindowRgn
EnableWindow
GetSysColorBrush
MessageBoxW
ShowWindow
SystemParametersInfoW
GetSystemMetrics
CloseDesktop
MapWindowPoints
GetDlgCtrlID
SetThreadDesktop
UpdateWindow
FillRect
DestroyWindow
LoadStringW
UnregisterClassA
PostMessageW
IsWindow
CreateDesktopW
GetThreadDesktop
GetUserObjectInformationW
OpenInputDesktop
GetDesktopWindow
PeekMessageW
ReleaseDC
GetDC
DestroyIcon
LoadImageW
GetSysColor
CallWindowProcW
SetWindowLongW
SendMessageW
GetClientRect
BeginPaint
EndPaint
InvalidateRect
IsWindowEnabled
GetClassInfoExW
LoadCursorW
DefWindowProcW
SetTimer
KillTimer
EndDialog
GetWindowRect
RegisterClassExW
GetWindowLongW
GetFocus
GetWindowTextW
GetWindowTextLengthW
CopyRect
InflateRect
DrawFocusRect
GetDialogBaseUnits
SetClassLongW
CreateWindowExW
SetWindowTextW
SetWindowPos
GetDlgItem
SwitchDesktop
CreateAcceleratorTableW
DestroyAcceleratorTable
TranslateAcceleratorW
TrackMouseEvent
PtInRect
ClientToScreen
BeginDeferWindowPos
EndDeferWindowPos
SetFocus
GetCaretPos
EqualRect
OffsetRect
DeferWindowPos
SetScrollInfo
GetQueueStatus
GetScrollInfo
SendInput
ScrollWindowEx
MoveWindow
GetParent

comctl32

ImageList_Add
ImageList_Destroy
ImageList_Create

comdlg32

GetOpenFileNameW
GetSaveFileNameW

cryptui

CryptUIDlgViewCertificateW

gdiplus

GdiplusStartup
GdipDeleteGraphics
GdipDeleteFont
GdipCreateFromHDC
GdipCreateFontFromDC
GdipGetDC
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdiplusShutdown
GdipCreateSolidFill
GdipDeleteStringFormat
GdipCreateStringFormat
GdipCloneBrush
GdipCreateRegionPath
GdipCreateRegion
GdipGetClip
GdipSetClipRegion
GdipDrawImageRectRectI
GdipFillRectangleI
GdipSetStringFormatFlags
GdipDrawPath
GdipSetSmoothingMode
GdipGetSmoothingMode
GdipSetInterpolationMode
GdipGetImageGraphicsContext
GdipAddPathArcI
GdipReleaseDC
GdipDrawString
GdipCreatePen2
GdipCreateRegionHrgn
GdipFillRegion
GdipAddPathLineI
GdipClosePathFigure
GdipCreateLineBrushFromRectI
GdipSetImageAttributesColorMatrix
GdipCreateBitmapFromScan0
GdipDeleteRegion
GdipDeletePath
GdipCreatePath
GdipDeletePen
GdipCreatePen1
GdipDeleteBrush
GdipDisposeImageAttributes
GdipDrawLineI
GdipFillRectangle
GdipCreateImageAttributes
GdipCloneImage
GdipDrawImageRectI
GdipDrawRectangle
GdipCreateLineBrush
GdipCreatePath2I
GdipGetStringFormatFlags
GdipDrawLine
GdipCreatePathGradientFromPath
GdipAddPathEllipseI
GdipSetPathGradientSurroundColorsWithCount
GdipGetPathGradientPointCount
GdipSetPathGradientCenterColor
GdipMeasureString
GdipGraphicsClear
GdipDrawRectangleI
GdipGetWorldTransform
GdipScaleWorldTransform
GdipTranslateWorldTransform
GdipSetWorldTransform
GdipCreateMatrix
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromHICON
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImageRawFormat
GdipGetImageHeight
GdipGetImageWidth
GdipSaveImageToStream
GdipDisposeImage
GdipDeleteMatrix
GdipAlloc
GdipFree
GdipGetFontHeight
GdipCreateFontFromLogfontA
GdipSetStringFormatAlign

msimg32

AlphaBlend

ole32

CoTaskMemFree
StgCreateStorageEx
CreateStreamOnHGlobal
CoCreateGuid
StringFromGUID2
CoInitializeEx
CoUninitialize
CoCreateInstance

rpcrt4

NdrServerCall2
RpcStringFreeW
RpcBindingSetAuthInfoExW
RpcBindingFromStringBindingW
RpcStringBindingComposeW
RpcImpersonateClient
RpcRevertToSelfEx
UuidToStringW
UuidCreate
RpcServerListen
RpcMgmtIsServerListening
RpcServerRegisterIf2
RpcServerUseProtseqEpW
RpcServerUnregisterIf
RpcBindingFree
NdrClientCall2

shlwapi

PathFindExtensionW
PathAddBackslashW

uxtheme

DrawThemeParentBackground

crypt32

CertCreateCertificateContext
CertCloseStore
CertDuplicateCertificateContext
CertDuplicateStore
CertFindCertificateInStore
CertStrToNameW
CertOpenStore
CertSerializeCertificateStoreElement
CryptAcquireCertificatePrivateKey
CertOIDToAlgId
CertFreeCertificateContext

userenv

UnloadUserProfile

shell32

CommandLineToArgvW
SHGetFolderPathW
ShellExecuteExW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

wininet

InternetOpenW
InternetReadFile
HttpQueryInfoW
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetCloseHandle
InternetCrackUrlW

Sections

.text
Size: 549KB - Virtual size: 548KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

XOR
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5604e55ce7a40c0c7e98ab2c154c4bf3

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

2e:ab:11:dc:50:ff:5c:9d:cb:c0Certificate

Extended Key Usages

Key Usages

61:0f:78:4d:00:00:00:00:00:03Certificate

Extended Key Usages

Key Usages

61:14:2c:a7:00:00:00:00:00:06Certificate

Extended Key Usages

Key Usages

61:14:2c:a7:00:00:00:00:00:06Certificate

Extended Key Usages

Key Usages

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2Certificate

Extended Key Usages

Key Usages

34:31:43:c2:89:ab:35:c6:34:54:5e:a4:3d:5e:4d:1e:47:ac:af:53Signer

Signature Validations

Verification

11-10-2007 17:46 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

msvcr80

msvcp80

advapi32

kernel32

gdi32

user32

comctl32

comdlg32

cryptui

gdiplus

msimg32

ole32

rpcrt4

shlwapi

uxtheme

crypt32

userenv

shell32

version

wininet

Sections

.text Size: 549KB - Virtual size: 548KB

.data Size: 5KB - Virtual size: 6KB

.rsrc Size: 2KB - Virtual size: 1KB

XOR Size: 2KB - Virtual size: 2KB

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

61:0f:78:4d:00:00:00:00:00:03
Certificate

61:14:2c:a7:00:00:00:00:00:06
Certificate

61:14:2c:a7:00:00:00:00:00:06
Certificate

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

34:31:43:c2:89:ab:35:c6:34:54:5e:a4:3d:5e:4d:1e:47:ac:af:53
Signer

11-10-2007 17:46
Valid: false

.text
Size: 549KB - Virtual size: 548KB

.data
Size: 5KB - Virtual size: 6KB

.rsrc
Size: 2KB - Virtual size: 1KB

XOR
Size: 2KB - Virtual size: 2KB