7fc7864915fa9c81f9b3d2cfbeab7eedcd14d17847880382879e41a8e0b3d67a

Sharing

Copy URL Twitter E-mail

General

Target

7fc7864915fa9c81f9b3d2cfbeab7eedcd14d17847880382879e41a8e0b3d67a
Size

848KB
MD5

27bb28832dc20254b74d9d99caf6635a
SHA1

44257226a1a9042554806c7ed43f98d7f7b6db74
SHA256

7fc7864915fa9c81f9b3d2cfbeab7eedcd14d17847880382879e41a8e0b3d67a
SHA512

d9d092608f266615c1cd18f2e5d24c6966c0e1e731d39f54fa7812a7bb08c7128232098dde4bed08a62c0d6d6393016b4d8f74e51189b6f8261f8dc5909f2feb
SSDEEP

12288:iFgPAyJc7z0z8MWghgcTEkFF3Ai0XDts6mVxe9u6+LzuXh3NzddpQV:SgPA9Ez2yLEymiIDtexe9KzuXpldcV

Score

N/A

Malware Config

Signatures

Files

7fc7864915fa9c81f9b3d2cfbeab7eedcd14d17847880382879e41a8e0b3d67a
.exe windows x86

8d44268635f970dd169de32dc2f8726b

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

81:53:c1:d6:95:bb:4a:ac:0a:94:5d:ea:72:15:e8:bb
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

27/07/2015, 00:00

Not After

26/07/2016, 23:59

Subject

CN=UNIX,O=UNIX,POSTALCODE=394036,STREET=6A Sredne-Moskovskaya ul.,L=Voronezh,ST=Voronezh Region,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:fa:68:a6:4c:06:2d:12:f2:19:9b:39:3f:73:94:57:4e:7a:72:f2
Signer

Actual PE Digest

52:fa:68:a6:4c:06:2d:12:f2:19:9b:39:3f:73:94:57:4e:7a:72:f2

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=UNIX,O=UNIX,POSTALCODE=394036,STREET=6A Sredne-Moskovskaya ul.,L=Voronezh,ST=Voronezh Region,C=RU

04/11/2022, 15:41
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcatA
SetCommMask
GetStringTypeA
AddAtomA
FatalAppExitA
GetConsoleHardwareState
EnumResourceLanguagesW
HeapSize
WaitForSingleObjectEx
lstrcpyA
EnumResourceTypesA
CreateMailslotW
FormatMessageA
OpenEventW
SetEvent
LocalReAlloc
GetCPInfoExA
SetDefaultCommConfigA
ExitThread
LockFileEx
UpdateResourceA
GetEnvironmentStringsA
GetExitCodeThread
ReadConsoleOutputA
FindFirstVolumeMountPointA
ReplaceFileA
GetConsoleDisplayMode
CopyFileA
TlsFree
CreateDirectoryW
PeekConsoleInputA
IsBadWritePtr
SetLastConsoleEventActive
ResetWriteWatch
GetDiskFreeSpaceA
CreateDirectoryExA
GetSystemTime
RtlZeroMemory
VirtualUnlock
WritePrivateProfileStructW
WritePrivateProfileSectionA
CopyFileExA
GetCPInfo
IsProcessorFeaturePresent
ClearCommBreak
GetSystemDefaultUILanguage
CreateJobObjectA
EnumSystemLanguageGroupsW
GetProcessIoCounters
GetPrivateProfileStructA
RaiseException
CreateNamedPipeA
EnterCriticalSection
SetInformationJobObject
LocalAlloc
OpenSemaphoreA
CreateConsoleScreenBuffer
GetProcessHeap
SetErrorMode
SetLocaleInfoA
GlobalFix
GetPrivateProfileSectionW
GlobalGetAtomNameA
RtlFillMemory
GetDiskFreeSpaceW
HeapUnlock
UnlockFile
UnmapViewOfFile
DosDateTimeToFileTime
SetFileApisToANSI
SetThreadPriority
ConsoleMenuControl
CommConfigDialogA
WaitForSingleObject
Heap32ListFirst
HeapCreate
BeginUpdateResourceA
CreateFileMappingA
GetVolumePathNameW
LocalFileTimeToFileTime
DefineDosDeviceA
GetAtomNameA
CreateWaitableTimerW
QueryPerformanceCounter
GetConsoleKeyboardLayoutNameA
ReadConsoleOutputAttribute
FindVolumeMountPointClose
SearchPathW
EnumResourceNamesA
FindActCtxSectionStringW
SetUserGeoID
EnumLanguageGroupLocalesW
AttachConsole
RemoveDirectoryW
IsProcessInJob
GetVersion
GetCompressedFileSizeA
LocalUnlock
EnumDateFormatsExW
VerLanguageNameA
CreateHardLinkA
GetProcessAffinityMask
AddConsoleAliasA
SetFileApisToOEM
IsDBCSLeadByte
SetNamedPipeHandleState
CreateTimerQueueTimer
WriteProfileSectionW
VerLanguageNameW
InterlockedExchange
lstrlenW
WriteConsoleOutputCharacterW
SetVolumeLabelW
InterlockedDecrement
CreateSemaphoreW
GlobalMemoryStatus
FatalExit
GetBinaryTypeW
LZClose
Beep
GetFileSizeEx
FindNextFileW
GetStartupInfoW
SuspendThread
GetMailslotInfo
GetModuleFileNameW
ReadFileEx
CreateEventW
SetThreadExecutionState
HeapWalk
GetPrivateProfileIntA
GetTapeParameters
GetCurrentDirectoryW
GetHandleInformation
CreateEventA
GetConsoleAliasesA
GetBinaryTypeA
SetMailslotInfo
LocalFlags
GetProfileSectionW
SetTapePosition
HeapAlloc
GetWriteWatch
SetCalendarInfoW
EraseTape
TlsSetValue
EnumCalendarInfoW
ReadConsoleInputW
WritePrivateProfileSectionW
GetPrivateProfileStructW
LocalFree
GetTempPathW
FindFirstFileExW
SleepEx
DeleteTimerQueueTimer
GlobalHandle
InterlockedIncrement
SetFileAttributesW
SetStdHandle
SetProcessAffinityMask
GlobalReAlloc
ConnectNamedPipe
GetSystemTimeAsFileTime
SetLocalTime
GlobalUnlock
GetThreadContext
FindNextVolumeW
SetLastError
SetVolumeMountPointA
CreateFileA
SetCommBreak
GetCPInfoExW
GetCompressedFileSizeW
GetHandleContext
VirtualLock
SetFilePointerEx
GetPrivateProfileSectionNamesW
WriteFile
GetTempPathA
FileTimeToSystemTime
GetComPlusPackageInstallStatus
CreateProcessInternalA
GetLastError
GetCommandLineA
GetPrivateProfileStringA
GetTickCount
InitializeCriticalSection
QueryMemoryResourceNotification
DeleteFileW
GetLogicalDrives
GetNumberOfConsoleInputEvents
GetStartupInfoA
GetDefaultCommConfigW
GetCommModemStatus
FreeEnvironmentStringsW
WaitNamedPipeA
SetThreadPriorityBoost
BackupSeek
WriteProfileStringW
lstrcpynA
SetTapeParameters
CopyLZFile
OpenFile
GetLargestConsoleWindowSize
GetConsoleWindow
SystemTimeToTzSpecificLocalTime
GetEnvironmentStrings
lstrcpyW
EndUpdateResourceW
LZStart
GetExitCodeProcess
AssignProcessToJobObject
MoveFileWithProgressA
GetVersionExA
SetFileAttributesA
SetFileTime
WideCharToMultiByte
SetVolumeMountPointW
lstrcatW
AddVectoredExceptionHandler
GetTimeZoneInformation
FindResourceExA
GetVolumePathNamesForVolumeNameA
InvalidateConsoleDIBits
VirtualFreeEx
GetConsoleCursorInfo
FillConsoleOutputCharacterA
UnhandledExceptionFilter
SetHandleCount
LeaveCriticalSection
GetFileAttributesExW
OpenSemaphoreW
PeekConsoleInputW
LocalSize
GetStdHandle
GetVolumePathNameA
IsValidLanguageGroup
GetExpandedNameW
SetFileValidData
GetPrivateProfileStringW
RegisterWaitForInputIdle
GetTimeFormatA
GetConsoleProcessList
UnlockFileEx
SetComputerNameExW
CreateMailslotA
PeekNamedPipe
GetEnvironmentVariableW
GetShortPathNameW
ReleaseSemaphore
CompareStringW
WaitForDebugEvent
EnumTimeFormatsW
GetProcessShutdownParameters
GetProcessHeaps
GetProcessVersion
SetCurrentDirectoryA
QueryInformationJobObject
GetDriveTypeA
FileTimeToDosDateTime
GlobalMemoryStatusEx
GetVolumeNameForVolumeMountPointA
GetNumberFormatA
GetModuleHandleW
LCMapStringW
BuildCommDCBAndTimeoutsA
GetOverlappedResult
GetSystemDefaultLangID
SetComputerNameW
GetVersionExW
FindActCtxSectionStringA
HeapReAlloc
GetVolumeInformationW
FindNextFileA
FindResourceExW
QueryDosDeviceA
GetCalendarInfoA
DebugBreak
EnumSystemLocalesW
GetComputerNameA
GetDefaultCommConfigA
BackupRead
FindFirstChangeNotificationA
CompareStringA
OpenWaitableTimerA
GetProfileStringA
GetUserDefaultUILanguage
GlobalUnfix
LZSeek
FindVolumeClose
lstrlenA
EndUpdateResourceA
lstrcpy
GlobalFree
FindActCtxSectionGuid
ExitProcess
DeleteTimerQueueEx
SetThreadLocale
EnumCalendarInfoExA
GetConsoleSelectionInfo
CreateActCtxA
EnumTimeFormatsA
FindNextVolumeMountPointA
lstrcpynW
GetCurrentThread
SetComPlusPackageInstallStatus
GetDateFormatW
SearchPathA
GetProfileIntA
Heap32First
DeleteAtom
GetTapePosition
AddConsoleAliasW
LocalCompact
GetConsoleCP
FindFirstFileExA
FindAtomW
FindFirstFileW
GetConsoleMode
Sleep
RequestDeviceWakeup
SetThreadAffinityMask
GlobalAlloc
GetModuleFileNameA
lstrcmpA
GetFullPathNameA
GetNumberFormatW
CallNamedPipeW
GetThreadTimes
GetCommMask
CancelTimerQueueTimer
GenerateConsoleCtrlEvent
CancelDeviceWakeupRequest
EnumUILanguagesA
LZOpenFileW
ResetEvent
CreateActCtxW
CreateMemoryResourceNotification
IsValidLocale
EnumSystemLocalesA
WritePrivateProfileStringW
FindFirstVolumeMountPointW
GetPrivateProfileIntW
WriteProfileStringA
FindNextChangeNotification
HeapDestroy
FormatMessageW
FindFirstFileA
GetCurrencyFormatW
PrepareTape
ReadConsoleW
RtlCaptureContext
OpenMutexA
GetVolumeInformationA
GetProcessWorkingSetSize
SetTimeZoneInformation
CreateTimerQueue
SetFileShortNameA
GlobalFindAtomA
FindNextVolumeA
GetThreadSelectorEntry
EnumCalendarInfoA
GetSystemPowerStatus
GetThreadPriority
CopyFileExW
GetThreadLocale
LoadLibraryExA
LocalAlloc
GetCurrentThreadId
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess
GetModuleFileNameW

shlwapi

PathBuildRootW
StrRStrIA
StrStrNW
PathIsLFNFileSpecW
SHRegWriteUSValueW
PathIsSystemFolderA
PathRelativePathToW
StrRChrW
PathIsPrefixA
PathUnExpandEnvStringsA
StrStrIA
PathRemoveBlanksW
StrFormatKBSizeW
SHRegisterValidateTemplate
StrCSpnA
PathMakePrettyA
PathStripPathA
SHRegGetBoolUSValueW
SHRegQueryInfoUSKeyW
StrToInt64ExW
SHGetInverseCMAP
StrStrNIW
UrlIsNoHistoryW
PathCompactPathW
IntlStrEqWorkerW
UrlIsW
StrChrIA
SHCreateStreamOnFileW
UrlGetPartW
PathUnExpandEnvStringsW
StrToIntA
DllGetVersion
SHRegEnumUSKeyW
StrFormatByteSize64A
PathIsDirectoryA
StrIsIntlEqualA
ChrCmpIA
PathIsURLW
SHCreateStreamOnFileEx
PathCompactPathA
SHRegEnumUSValueW
PathIsContentTypeA
ColorRGBToHLS
HashData
PathQuoteSpacesW
StrChrNIW
StrCSpnW
PathIsNetworkPathW
PathUnquoteSpacesA
StrRetToBufA
SHRegEnumUSValueA
StrNCatA
PathIsUNCA
SHDeleteKeyA
SHSetThreadRef
StrRetToBSTR
AssocCreate
PathGetCharTypeA
UrlEscapeW
PathRemoveArgsW
StrFormatKBSizeA
UrlUnescapeW
PathGetCharTypeW
IntlStrEqWorkerA
SHSetValueW
SHRegCloseUSKey
StrRetToStrA
PathFindOnPathW
StrPBrkA
PathMakePrettyW
PathCreateFromUrlA
SHEnumKeyExW
PathIsUNCServerW
StrCmpLogicalW
AssocQueryStringW
wvnsprintfA
SHRegWriteUSValueA
wvnsprintfW
StrFromTimeIntervalA
StrToInt64ExA
SHRegQueryUSValueW
StrCpyNW
SHStrDupW
SHCreateShellPalette
SHCreateThread

ole32

WriteFmtUserTypeStg
OleSetContainedObject
CoCreateFreeThreadedMarshaler
CoTaskMemFree
OleCreateEmbeddingHelper
CoReleaseMarshalData
OleRegGetMiscStatus
CoDisableCallCancellation
CoInvalidateRemoteMachineBindings
HDC_UserSize
CoCancelCall
CoRegisterMessageFilter
FreePropVariantArray
CreateGenericComposite
CoSetCancelObject
MonikerRelativePathTo
StgConvertPropertyToVariant
StgConvertVariantToProperty
OleGetIconOfClass
HPALETTE_UserMarshal
CoInstall
CoGetApartmentID
ReadStringStream
IsValidPtrOut
UtConvertDvtd16toDvtd32
CreateItemMoniker
StgOpenStorage
ReadClassStm
OleCreateFromDataEx
PropStgNameToFmtId
OleIsCurrentClipboard
DllDebugObjectRPCHook
HBITMAP_UserSize
OleSave
CoImpersonateClient
HPALETTE_UserSize
CoRevokeMallocSpy
CoRetireServer
CoGetCurrentProcess
CoReleaseServerProcess
OleGetAutoConvert
CoQueryReleaseObject
CoDisconnectObject
CoRevertToSelf
HICON_UserFree

comdlg32

PrintDlgA
LoadAlterBitmap
GetOpenFileNameW
CommDlgExtendedError
PageSetupDlgA
ReplaceTextW
ChooseColorW
dwOKSubclass
PrintDlgW
ChooseColorA
GetFileTitleW
FindTextA
ChooseFontA
GetOpenFileNameA
GetFileTitleA
ReplaceTextA
FindTextW
PageSetupDlgW
dwLBSubclass
GetSaveFileNameW
ChooseFontW
PrintDlgExA

oleaut32

VarI4FromDisp
SysAllocString
GetActiveObject
VarUI4FromDisp
VarNeg
VarUI4FromR8
VarCyFromR8
SafeArrayUnaccessData
VarUI2FromI2
VarR4FromI4
VarR4FromDec
SafeArrayDestroyDescriptor
VarI8FromStr
VarI2FromDate
VarUI1FromUI8
VarDecSub
SafeArrayGetRecordInfo
VarCyFromDisp
VarDateFromR8
VarR8FromI4
VariantInit
UnRegisterTypeLib
VarBstrCat
VarDateFromBool
QueryPathOfRegTypeLib
VarI4FromI2
VarDecFromR8
VarR8Pow
VarFix
VarBstrFromUI4
VariantChangeTypeEx
VarParseNumFromStr
GetAltMonthNames
VarBstrFromUI2
VarI8FromUI1
VarUI2FromCy
VarAdd
VarNumFromParseNum
LPSAFEARRAY_UserUnmarshal
CreateErrorInfo
VarUI2FromR4
VARIANT_UserSize
ClearCustData
VarBoolFromR4
BSTR_UserUnmarshal
GetRecordInfoFromTypeInfo
VarI1FromR8
VarDecFromDisp
VarDecFromI2
VarCyMulI8
VarXor
VarUI1FromDec
VarDecCmpR8
CreateStdDispatch
VarWeekdayName
VarUI4FromUI8
VariantCopy
VarI8FromDisp
VarBstrFromDec
VarCyFromBool
SetVarConversionLocaleSetting
OACreateTypeLib2
VarCyFix
LHashValOfNameSys
VarI1FromI4
VarBoolFromR8
VarUI1FromUI4
VarEqv
VarDateFromUI4
VarI8FromCy
VarCyNeg
VarUI8FromI8
VarI2FromUI2
VarUI2FromBool
VarDecRound
VarBoolFromUI2
VarFormatNumber
VarI2FromBool
DosDateTimeToVariantTime
VarBoolFromDisp
VarDecDiv
VarOr
VarCmp
VarAbs
VarCyFromUI1
VarUI2FromDec
SafeArrayAllocData
GetErrorInfo
VarBstrFromUI1
VarFormatPercent

shell32

StrNCmpW
StrCmpNIA
SHBrowseForFolderA
ShellHookProc
Control_RunDLLA
SHGetPathFromIDListA
DragQueryFile
SHParseDisplayName
SHGetPathFromIDList
ExtractIconEx
SHBindToParent
Options_RunDLLW
SHCreateDirectoryExA
SHGetNewLinkInfoW
SHGetFolderPathW
SHCreateDirectoryExW
SHFreeNameMappings
StrChrIW
DragQueryPoint
SHGetFolderPathA
DllGetClassObject
Shell_NotifyIconA
RealShellExecuteW
ShellExec_RunDLLA
SHFileOperationW
SHGetDataFromIDListW
StrChrIA
SHGetDiskFreeSpaceExA
Options_RunDLLA
CheckEscapesW
SHUpdateRecycleBinIcon
StrRChrA
ExtractAssociatedIconA
DragQueryFileW
StrRStrIW
SHInvokePrinterCommandA
DoEnvironmentSubstA
SHEmptyRecycleBinA
ExtractAssociatedIconExA
ShellExecuteA
DllGetVersion
OpenAs_RunDLL
StrChrW
SHInvokePrinterCommandW
SHFileOperation
SHHelpShortcuts_RunDLLW
SHLoadInProc
ExtractAssociatedIconExW
ShellExecuteExW
DragQueryFileA
ExtractAssociatedIconW
SHExtractIconsW
ShellAboutW
Shell_NotifyIconW
StrRStrA
SHGetIconOverlayIndexW
DragFinish
StrNCmpA
SHGetIconOverlayIndexA
ShellExecuteEx
StrStrA
Options_RunDLL
SHHelpShortcuts_RunDLL
StrStrIA
SHFormatDrive
SHGetUnreadMailCountW
DoEnvironmentSubstW
RealShellExecuteExA
WOWShellExecute
ExtractIconA
RealShellExecuteExW
ShellExecuteW
SHAddToRecentDocs

comctl32

FlatSB_SetScrollInfo
ImageList_DragShowNolock
ImageList_GetImageCount
ImageList_GetDragImage
ImageList_DragLeave
FlatSB_SetScrollProp
ImageList_DrawIndirect
CreateToolbar
ImageList_GetFlags
ImageList_BeginDrag
ImageList_Draw

user32

SetMenuContextHelpId
SetWindowWord

Sections

CODE
Size: 455KB - Virtual size: 456KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 211KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d44268635f970dd169de32dc2f8726b

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22Certificate

Key Usages

01Certificate

Key Usages

81:53:c1:d6:95:bb:4a:ac:0a:94:5d:ea:72:15:e8:bbCertificate

Extended Key Usages

Key Usages

52:fa:68:a6:4c:06:2d:12:f2:19:9b:39:3f:73:94:57:4e:7a:72:f2Signer

Signature Validations

Verification

04/11/2022, 15:41 Valid: false

Headers

File Characteristics

Imports

kernel32

shlwapi

ole32

comdlg32

oleaut32

shell32

comctl32

user32

Sections

CODE Size: 455KB - Virtual size: 456KB

DATA Size: 10KB - Virtual size: 16KB

.idata Size: 16KB - Virtual size: 20KB

.text Size: 60KB - Virtual size: 60KB

.tls Size: 512B - Virtual size: 4KB

.text Size: 77KB - Virtual size: 80KB

.reloc Size: 11KB - Virtual size: 12KB

.rsrc Size: 211KB - Virtual size: 210KB

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

01
Certificate

81:53:c1:d6:95:bb:4a:ac:0a:94:5d:ea:72:15:e8:bb
Certificate

52:fa:68:a6:4c:06:2d:12:f2:19:9b:39:3f:73:94:57:4e:7a:72:f2
Signer

04/11/2022, 15:41
Valid: false

CODE
Size: 455KB - Virtual size: 456KB

DATA
Size: 10KB - Virtual size: 16KB

.idata
Size: 16KB - Virtual size: 20KB

.text
Size: 60KB - Virtual size: 60KB

.tls
Size: 512B - Virtual size: 4KB

.text
Size: 77KB - Virtual size: 80KB

.reloc
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 211KB - Virtual size: 210KB