Extracted

Extracted

• c49539ee447dc62919692553b3bc288d6d934e95000f4a1ce45a63d97911f5c1

  .exe windows x86

  205fcd40c9562970436b9e64ad20e789

  
  

  Code Sign

  2e:ab:11:dc:50:ff:5c:9d:cb:c0

  Certificate

  Issuer

  CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

  Not Before

  22/08/2007, 22:31

  Not After

  25/08/2012, 07:00

  Subject

  CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  61:01:cf:3e:00:00:00:00:00:0f

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  07/12/2009, 22:40

  Not After

  07/03/2011, 22:40

  Subject

  CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2

  Certificate

  Issuer

  CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

  Not Before

  16/09/2006, 01:04

  Not After

  15/09/2019, 07:00

  Subject

  CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  61:05:a2:30:00:00:00:00:00:08

  Certificate

  Issuer

  CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  25/07/2008, 19:01

  Not After

  25/07/2013, 19:11

  Subject

  CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  40:7b:42:cc:d6:dc:54:50:91:39:e6:94:16:db:14:f3:37:b8:3f:65

  Signer

  Actual PE Digest

  40:7b:42:cc:d6:dc:54:50:91:39:e6:94:16:db:14:f3:37:b8:3f:65

  Digest Algorithm

  sha1

  PE Digest Matches

  false

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  17/08/2010, 15:05

  Valid: false

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  advapi32

  RegCloseKey

  RegCreateKeyA

  RegSetValueExA

  RegOpenKeyA

  RegQueryValueExA

  RegDeleteKeyA

  RegEnumKeyA

  comctl32

  ord14

  ord15

  ord17

  ord13

  comdlg32

  GetOpenFileNameA

  ChooseFontA

  ChooseColorA

  GetSaveFileNameA

  gdi32

  CreateBitmap

  IntersectClipRect

  ExcludeClipRect

  UpdateColors

  DeleteDC

  GetTextExtentPoint32A

  CreateCompatibleDC

  DeleteObject

  TextOutA

  SetBkColor

  SetTextColor

  Rectangle

  CreateSolidBrush

  GetStockObject

  SelectObject

  CreateFontIndirectA

  GetTextExtentExPointA

  SetMapMode

  GetDeviceCaps

  RealizePalette

  SelectPalette

  CreatePalette

  ExtTextOutA

  GetCharacterPlacementW

  ExtTextOutW

  GetPixel

  SetBkMode

  SetTextAlign

  CreateCompatibleBitmap

  TranslateCharsetInfo

  GetObjectA

  GetTextMetricsA

  CreateFontA

  LineTo

  MoveToEx

  CreatePen

  SetPixel

  Polyline

  GetCharWidthW

  GetCharWidth32W

  GetCharWidthA

  GetCharWidth32A

  SetPaletteEntries

  UnrealizeObject

  imm32

  ImmReleaseContext

  ImmGetCompositionStringW

  ImmSetCompositionFontA

  ImmGetContext

  ImmSetCompositionWindow

  shell32

  ShellExecuteA

  user32

  DestroyCaret

  HideCaret

  ShowCaret

  CreateCaret

  IsWindow

  MsgWaitForMultipleObjects

  PeekMessageA

  TranslateMessage

  GetForegroundWindow

  SetForegroundWindow

  CreateMenu

  GetDoubleClickTime

  WinHelpA

  MessageBoxIndirectA

  UpdateWindow

  EnableMenuItem

  DefWindowProcA

  InvalidateRect

  SetWindowPos

  EndPaint

  GetWindowTextA

  GetWindowTextLengthA

  GetClientRect

  BeginPaint

  SetWindowTextA

  GetCursorPos

  TrackPopupMenu

  GetKeyboardLayout

  SetKeyboardState

  ToAsciiEx

  SetScrollInfo

  GetMessageTime

  PostMessageA

  GetSystemMenu

  CheckMenuItem

  IsZoomed

  FlashWindow

  GetClipboardData

  RegisterClipboardFormatA

  OpenClipboard

  EmptyClipboard

  SetClipboardData

  CloseClipboard

  SetCaretPos

  SetTimer

  GetKeyboardState

  SetClassLongA

  SetCursor

  ShowCursor

  CreatePopupMenu

  InsertMenuA

  DeleteMenu

  AppendMenuA

  IsIconic

  GetSystemMetrics

  GetCapture

  ReleaseCapture

  LoadIconA

  GetDesktopWindow

  MoveWindow

  DefDlgProcA

  LoadCursorA

  CreateDialogParamA

  GetMessageA

  GetWindowLongA

  IsDialogMessageA

  DispatchMessageA

  PostQuitMessage

  EnableWindow

  DialogBoxParamA

  EndDialog

  GetParent

  SetActiveWindow

  GetWindowPlacement

  SetWindowPlacement

  RegisterWindowMessageA

  DrawEdge

  SetCapture

  MessageBoxA

  SetFocus

  GetDlgItem

  GetDlgItemTextA

  SetDlgItemTextA

  CheckDlgButton

  IsDlgButtonChecked

  CheckRadioButton

  SetWindowLongA

  MessageBeep

  SendDlgItemMessageA

  GetDC

  ReleaseDC

  SendMessageA

  MapDialogRect

  GetCaretBlinkTime

  DestroyWindow

  RegisterClassA

  GetSysColor

  SystemParametersInfoA

  GetWindowRect

  CreateWindowExA

  ShowWindow

  KillTimer

  winmm

  PlaySoundA

  winspool.drv

  StartDocPrinterA

  WritePrinter

  EndDocPrinter

  ClosePrinter

  EnumPrintersA

  EndPagePrinter

  StartPagePrinter

  OpenPrinterA

  kernel32

  SetEnvironmentVariableA

  CompareStringW

  CompareStringA

  HeapSize

  SetEndOfFile

  InterlockedExchange

  RtlUnwind

  SetStdHandle

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  GetCurrentThreadId

  QueryPerformanceCounter

  SetFilePointer

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetEnvironmentStrings

  FreeEnvironmentStringsA

  UnhandledExceptionFilter

  VirtualFree

  HeapCreate

  HeapDestroy

  LCMapStringW

  LCMapStringA

  GetFileType

  GetStdHandle

  SetHandleCount

  VirtualQuery

  GetSystemInfo

  VirtualAlloc

  VirtualProtect

  GetTimeZoneInformation

  FlushFileBuffers

  GetStringTypeW

  GetStringTypeA

  GetCommandLineA

  GetStartupInfoA

  DeleteFileA

  GetCurrentProcess

  TerminateProcess

  ExitProcess

  HeapFree

  HeapReAlloc

  HeapAlloc

  GetDateFormatA

  GetTimeFormatA

  GetCurrentDirectoryA

  SetCurrentDirectoryA

  GetACP

  GetLocalTime

  GetEnvironmentVariableA

  GetWindowsDirectoryA

  SetCommBreak

  CreateFileA

  GetCommState

  SetCommState

  SetCommTimeouts

  ClearCommBreak

  CreatePipe

  SetHandleInformation

  FreeLibrary

  CreateThread

  WriteFile

  CreateEventA

  ReadFile

  GetLastError

  WaitForSingleObject

  GetOverlappedResult

  SetEvent

  CreateFileMappingA

  MapViewOfFile

  UnmapViewOfFile

  GetModuleFileNameA

  CreateProcessA

  CloseHandle

  Beep

  LoadLibraryA

  WideCharToMultiByte

  GlobalAlloc

  GlobalLock

  GlobalUnlock

  GlobalFree

  MultiByteToWideChar

  IsDBCSLeadByteEx

  GetLocaleInfoA

  GetOEMCP

  GetCPInfo

  lstrcpynA

  GetModuleHandleA

  GetProcAddress

  GetVersionExA

  MulDiv

  GetTickCount

  Sections

  .text

  Size: 200KB - Virtual size: 196KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 64KB - Virtual size: 62KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 4KB - Virtual size: 26KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 16KB - Virtual size: 14KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ