cbd472f0fd78430e8c2f05c82f941d198299ec9caceb786d28f0436337153c0f

Sharing

Copy URL Twitter E-mail

General

Target

cbd472f0fd78430e8c2f05c82f941d198299ec9caceb786d28f0436337153c0f
Size

568KB
MD5

a21d62a991e6ec8e48c727a93b06b23b
SHA1

310e04c346b72735722531ad2af39b77b619491b
SHA256

cbd472f0fd78430e8c2f05c82f941d198299ec9caceb786d28f0436337153c0f
SHA512

b530de9336450e56fb3e77fa6737901d8a1f4c81fcb6f4e1032d56171883405d295b02f50267a32176501885cea0d9f31cb6adf228444fd4be8ffc1609c67024
SSDEEP

12288:R2r3rk5g8nXHlOpgxgdneJhFG0l+ll2t1RzS8:R2r3w5g8XopvJeJTTc208

Score

N/A

Malware Config

Signatures

Files

cbd472f0fd78430e8c2f05c82f941d198299ec9caceb786d28f0436337153c0f
.exe windows x86

5604e55ce7a40c0c7e98ab2c154c4bf3

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:0f:78:4d:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/08/2007, 00:23

Not After

23/02/2009, 00:33

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:14:2c:a7:00:00:00:00:00:06
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/06/2007, 23:54

Not After

13/06/2012, 00:04

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:27F4-D440-54F3,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:14:2c:a7:00:00:00:00:00:06
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/06/2007, 23:54

Not After

13/06/2012, 00:04

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:27F4-D440-54F3,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b5:5c:99:49:ca:aa:48:a6:92:82:a0:34:7e:41:0d:ee:f8:c2:62:06
Signer

Actual PE Digest

b5:5c:99:49:ca:aa:48:a6:92:82:a0:34:7e:41:0d:ee:f8:c2:62:06

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

11/10/2007, 17:46
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr80

_onexit
_decode_pointer
?terminate@@YAXXZ
_invoke_watson
_controlfp_s
_lock
_crt_debugger_hook
__dllonexit
_unlock
_except_handler4_common
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
memset
memcpy_s
_CxxThrowException
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
vswprintf_s
_vscwprintf
_vsnwprintf_s
memcpy
wcsncmp
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
ceil
_wtoi
iswspace
iswdigit
wcschr
_recalloc
swprintf_s
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
_wcsnicmp
??2@YAPAXI@Z
bsearch
_wcsicmp
_resetstkoflw
??_V@YAXPAX@Z
??_U@YAPAXI@Z
calloc
_purecall
free
malloc
__CxxFrameHandler3
memmove_s
?_type_info_dtor_internal_method@type_info@@QAEXXZ
??3@YAXPAX@Z

msvcp80

??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$allocator@G@std@@QAE@XZ
??0?$allocator@G@std@@QAE@ABV01@@Z
?deallocate@?$allocator@G@std@@QAEXPAGI@Z
?max_size@?$allocator@G@std@@QBEIXZ
?allocate@?$allocator@G@std@@QAEPAGIPBX@Z
?_Copy_s@?$char_traits@G@std@@SAPAGPAGIPBGI@Z
?_Move_s@?$char_traits@G@std@@SAPAGPAGIPBGI@Z
?find@?$char_traits@G@std@@SAPBGPBGIABG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
?eq@?$char_traits@G@std@@SA_NABG0@Z
?assign@?$char_traits@G@std@@SAXAAGABG@Z
?_Xran@_String_base@std@@SAXXZ
?_Xlen@_String_base@std@@SAXXZ
?length@?$char_traits@G@std@@SAIPBG@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?c_str@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEPBGXZ
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBGABV10@@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBG@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?clear@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXXZ
??0?$allocator@D@std@@QAE@ABV01@@Z
?max_size@?$allocator@D@std@@QBEIXZ
?assign@?$char_traits@G@std@@SAPAGPAGIG@Z
?size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?compare@?$char_traits@G@std@@SAHPBG0I@Z
?allocate@?$allocator@D@std@@QAEPADI@Z
?allocate@?$allocator@G@std@@QAEPAGI@Z
??0?$allocator@D@std@@QAE@XZ
?deallocate@?$allocator@D@std@@QAEXPADI@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@0@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
?swap@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXAAV12@@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ

advapi32

InitializeAcl
GetAclInformation
GetSecurityDescriptorControl
MakeAbsoluteSD
CryptSignHashW
CryptGetUserKey
CryptAcquireContextW
CryptCreateHash
CryptReleaseContext
CryptGetProvParam
RegisterEventSourceW
ReportEventW
DeregisterEventSource
CryptSetProvParam
CryptDecrypt
CryptDestroyKey
CryptSetHashParam
OpenProcessToken
GetTokenInformation
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
ConvertStringSidToSidW
LookupAccountSidW
CryptGetHashParam
CryptHashData
CryptDestroyHash
GetSecurityInfo
AdjustTokenPrivileges
GetAce
LookupPrivilegeValueW
GetSidLengthRequired
InitializeSid
GetSidSubAuthority
ImpersonateSelf
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
EqualSid
CopySid
IsValidSid
GetLengthSid
OpenThreadToken
SetThreadToken
RevertToSelf
GetSecurityDescriptorLength
MakeSelfRelativeSD
InitializeSecurityDescriptor
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
AddAce

kernel32

OutputDebugStringW
DebugBreak
SearchPathW
GetSystemDefaultUILanguage
GetVersionExW
LoadLibraryExW
GetThreadLocale
GetLocaleInfoA
GetACP
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
FatalExit
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoW
Sleep
CreateFileW
GetFileType
ExitProcess
GetModuleHandleW
GetModuleFileNameW
LocalAlloc
DuplicateHandle
HeapSetInformation
SetCurrentDirectoryW
GetCommandLineW
GetLocaleInfoW
MultiByteToWideChar
GetStringTypeExW
GetExitCodeThread
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
GetSystemDirectoryW
GetSystemTime
WideCharToMultiByte
RaiseException
FlushInstructionCache
GetCurrentProcess
OpenProcess
RegisterWaitForSingleObject
GetUserDefaultUILanguage
UnregisterWait
SystemTimeToFileTime
CompareFileTime
CompareStringW
VerifyVersionInfoW
VerSetConditionMask
LocalFree
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
FormatMessageW
GetTimeFormatW
GetDateFormatW
SystemTimeToTzSpecificLocalTime
GetLastError
FileTimeToSystemTime
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InterlockedExchange
InterlockedCompareExchange
CreateEventW
FreeLibrary
GetProcAddress
LoadLibraryW
ExpandEnvironmentStringsW
CloseHandle
GetCurrentThread
SetEvent
GetCurrentThreadId
OpenEventW
InterlockedDecrement
TerminateJobObject
WaitForMultipleObjects
CreateThread
SetLastError
TerminateProcess
AssignProcessToJobObject
SetInformationJobObject
CreateJobObjectW
QueueUserWorkItem
WaitForSingleObject
ResetEvent
InterlockedIncrement

gdi32

GetDeviceCaps
DeleteDC
BitBlt
SelectObject
CreateFontIndirectW
CreateCompatibleDC
GetObjectW
SetBkColor
SetTextColor
CreateSolidBrush
CreateICW
GetObjectA
GetBkColor
GetTextColor
GetTextExtentPoint32W
CreateDCW
SetDIBits
GetStockObject
CreateDIBSection
StretchBlt
DeleteObject
SetLayout
CreateRoundRectRgn
SetBkMode
GetDIBits
CreateCompatibleBitmap

user32

GetMonitorInfoW
EnumDisplayMonitors
CreatePopupMenu
DestroyMenu
AppendMenuW
EnableMenuItem
TrackPopupMenuEx
ScreenToClient
IsWindowVisible
GetWindow
SetCursor
PostQuitMessage
IsChild
DialogBoxParamW
GetKeyboardLayout
GetKeyboardLayoutList
IsRectEmpty
SetActiveWindow
IsDialogMessageW
DispatchMessageW
TranslateMessage
GetMessageW
CharNextW
CharUpperW
GetKeyState
GetClassNameW
MsgWaitForMultipleObjects
SetWindowRgn
EnableWindow
GetSysColorBrush
MessageBoxW
ShowWindow
SystemParametersInfoW
GetSystemMetrics
CloseDesktop
MapWindowPoints
GetDlgCtrlID
SetThreadDesktop
UpdateWindow
FillRect
DestroyWindow
LoadStringW
UnregisterClassA
PostMessageW
IsWindow
CreateDesktopW
GetThreadDesktop
GetUserObjectInformationW
OpenInputDesktop
GetDesktopWindow
PeekMessageW
ReleaseDC
GetDC
DestroyIcon
LoadImageW
GetSysColor
CallWindowProcW
SetWindowLongW
SendMessageW
GetClientRect
BeginPaint
EndPaint
InvalidateRect
IsWindowEnabled
GetClassInfoExW
LoadCursorW
DefWindowProcW
SetTimer
KillTimer
EndDialog
GetWindowRect
RegisterClassExW
GetWindowLongW
GetFocus
GetWindowTextW
GetWindowTextLengthW
CopyRect
InflateRect
DrawFocusRect
GetDialogBaseUnits
SetClassLongW
CreateWindowExW
SetWindowTextW
SetWindowPos
GetDlgItem
SwitchDesktop
CreateAcceleratorTableW
DestroyAcceleratorTable
TranslateAcceleratorW
TrackMouseEvent
PtInRect
ClientToScreen
BeginDeferWindowPos
EndDeferWindowPos
SetFocus
GetCaretPos
EqualRect
OffsetRect
DeferWindowPos
SetScrollInfo
GetQueueStatus
GetScrollInfo
SendInput
ScrollWindowEx
MoveWindow
GetParent

comctl32

ImageList_Add
ImageList_Destroy
ImageList_Create

comdlg32

GetOpenFileNameW
GetSaveFileNameW

cryptui

CryptUIDlgViewCertificateW

gdiplus

GdiplusStartup
GdipDeleteGraphics
GdipDeleteFont
GdipCreateFromHDC
GdipCreateFontFromDC
GdipGetDC
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdiplusShutdown
GdipCreateSolidFill
GdipDeleteStringFormat
GdipCreateStringFormat
GdipCloneBrush
GdipCreateRegionPath
GdipCreateRegion
GdipGetClip
GdipSetClipRegion
GdipDrawImageRectRectI
GdipFillRectangleI
GdipSetStringFormatFlags
GdipDrawPath
GdipSetSmoothingMode
GdipGetSmoothingMode
GdipSetInterpolationMode
GdipGetImageGraphicsContext
GdipAddPathArcI
GdipReleaseDC
GdipDrawString
GdipCreatePen2
GdipCreateRegionHrgn
GdipFillRegion
GdipAddPathLineI
GdipClosePathFigure
GdipCreateLineBrushFromRectI
GdipSetImageAttributesColorMatrix
GdipCreateBitmapFromScan0
GdipDeleteRegion
GdipDeletePath
GdipCreatePath
GdipDeletePen
GdipCreatePen1
GdipDeleteBrush
GdipDisposeImageAttributes
GdipDrawLineI
GdipFillRectangle
GdipCreateImageAttributes
GdipCloneImage
GdipDrawImageRectI
GdipDrawRectangle
GdipCreateLineBrush
GdipCreatePath2I
GdipGetStringFormatFlags
GdipDrawLine
GdipCreatePathGradientFromPath
GdipAddPathEllipseI
GdipSetPathGradientSurroundColorsWithCount
GdipGetPathGradientPointCount
GdipSetPathGradientCenterColor
GdipMeasureString
GdipGraphicsClear
GdipDrawRectangleI
GdipGetWorldTransform
GdipScaleWorldTransform
GdipTranslateWorldTransform
GdipSetWorldTransform
GdipCreateMatrix
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromHICON
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImageRawFormat
GdipGetImageHeight
GdipGetImageWidth
GdipSaveImageToStream
GdipDisposeImage
GdipDeleteMatrix
GdipAlloc
GdipFree
GdipGetFontHeight
GdipCreateFontFromLogfontA
GdipSetStringFormatAlign

msimg32

AlphaBlend

ole32

CoTaskMemFree
StgCreateStorageEx
CreateStreamOnHGlobal
CoCreateGuid
StringFromGUID2
CoInitializeEx
CoUninitialize
CoCreateInstance

rpcrt4

NdrServerCall2
RpcStringFreeW
RpcBindingSetAuthInfoExW
RpcBindingFromStringBindingW
RpcStringBindingComposeW
RpcImpersonateClient
RpcRevertToSelfEx
UuidToStringW
UuidCreate
RpcServerListen
RpcMgmtIsServerListening
RpcServerRegisterIf2
RpcServerUseProtseqEpW
RpcServerUnregisterIf
RpcBindingFree
NdrClientCall2

shlwapi

PathFindExtensionW
PathAddBackslashW

uxtheme

DrawThemeParentBackground

crypt32

CertCreateCertificateContext
CertCloseStore
CertDuplicateCertificateContext
CertDuplicateStore
CertFindCertificateInStore
CertStrToNameW
CertOpenStore
CertSerializeCertificateStoreElement
CryptAcquireCertificatePrivateKey
CertOIDToAlgId
CertFreeCertificateContext

userenv

UnloadUserProfile

shell32

CommandLineToArgvW
SHGetFolderPathW
ShellExecuteExW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

wininet

InternetOpenW
InternetReadFile
HttpQueryInfoW
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetCloseHandle
InternetCrackUrlW

Sections

.text
Size: 549KB - Virtual size: 548KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

XOR
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5604e55ce7a40c0c7e98ab2c154c4bf3

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

2e:ab:11:dc:50:ff:5c:9d:cb:c0Certificate

Extended Key Usages

Key Usages

61:0f:78:4d:00:00:00:00:00:03Certificate

Extended Key Usages

Key Usages

61:14:2c:a7:00:00:00:00:00:06Certificate

Extended Key Usages

Key Usages

61:14:2c:a7:00:00:00:00:00:06Certificate

Extended Key Usages

Key Usages

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2Certificate

Extended Key Usages

Key Usages

b5:5c:99:49:ca:aa:48:a6:92:82:a0:34:7e:41:0d:ee:f8:c2:62:06Signer

Signature Validations

Verification

11/10/2007, 17:46 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

msvcr80

msvcp80

advapi32

kernel32

gdi32

user32

comctl32

comdlg32

cryptui

gdiplus

msimg32

ole32

rpcrt4

shlwapi

uxtheme

crypt32

userenv

shell32

version

wininet

Sections

.text Size: 549KB - Virtual size: 548KB

.data Size: 5KB - Virtual size: 6KB

.rsrc Size: 2KB - Virtual size: 1KB

XOR Size: 2KB - Virtual size: 2KB

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

61:0f:78:4d:00:00:00:00:00:03
Certificate

61:14:2c:a7:00:00:00:00:00:06
Certificate

61:14:2c:a7:00:00:00:00:00:06
Certificate

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

b5:5c:99:49:ca:aa:48:a6:92:82:a0:34:7e:41:0d:ee:f8:c2:62:06
Signer

11/10/2007, 17:46
Valid: false

.text
Size: 549KB - Virtual size: 548KB

.data
Size: 5KB - Virtual size: 6KB

.rsrc
Size: 2KB - Virtual size: 1KB

XOR
Size: 2KB - Virtual size: 2KB