2b6e793ea5ba8cc6dd1a47d26b3453846dcc48ecfb5a64d713de6d7e1fe394ef

Sharing

Copy URL Twitter E-mail

General

Target

2b6e793ea5ba8cc6dd1a47d26b3453846dcc48ecfb5a64d713de6d7e1fe394ef
Size

16.4MB
MD5

0239a2e34a7a9364b7a4257efd5fb29d
SHA1

77509b0ed559cbf709824cd3de74a68227e00ddc
SHA256

2b6e793ea5ba8cc6dd1a47d26b3453846dcc48ecfb5a64d713de6d7e1fe394ef
SHA512

aade5574a64abd34ca524ff4683d2ab23776258fd81cee05eaa0cea4c48355ea1f956ac2e536b36f85c4f6ea57cf53fb5382879f6ee686b2cb73d9767d917197
SSDEEP

393216:vlVpXvswVlwEyDs12/WWOgoFFYXfccaqrbLWBNjZzPfYMbT:vlVpfsi1mZWVgCcaCa/pgMbT

Score

N/A

Malware Config

Signatures

Files

2b6e793ea5ba8cc6dd1a47d26b3453846dcc48ecfb5a64d713de6d7e1fe394ef
.rar
FD3_0全码全能版/FD V3.0.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 436KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.mackt
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
FD3_0全码全能版/FDv3.0使用说明.doc
.doc windows office2003
FD3_0全码全能版/language.ini
FD3_0全码全能版/mscomm32.ocx
.dll regsvr32 windows x86

981c4b05d92d1681a5f459ad4e52b1b8

Code Sign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCommModemStatus
WriteFile
GetCommProperties
ResetEvent
GetOverlappedResult
IsBadWritePtr
MultiByteToWideChar
Sleep
ReadFile
SetCommState
GetCommState
ClearCommError
lstrcpynA
lstrlenA
CreateThread
WaitCommEvent
GlobalUnlock
GlobalLock
GlobalAlloc
ClearCommBreak
SetCommBreak
GetVersion
GetFileAttributesA
lstrcatA
GetModuleFileNameA
GetWindowsDirectoryA
LoadLibraryA
GetLocaleInfoA
GetProcAddress
InterlockedIncrement
InterlockedDecrement
HeapReAlloc
lstrcmpiA
LockResource
LoadResource
FindResourceA
CompareStringA
CompareStringW
lstrcmpA
CreateEventA
CreateFileA
GetLastError
SetupComm
SetCommTimeouts
SetCommMask
WaitForSingleObject
DisableThreadLibraryCalls
GlobalFree
IsDBCSLeadByte
LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
HeapAlloc
InitializeCriticalSection
EnterCriticalSection
GetProcessHeap
CloseHandle
lstrcpyA
EscapeCommFunction
PurgeComm

user32

ShowWindow
SetWindowRgn
PtInRect
IsDialogMessageA
GetWindowLongA
IsWindowEnabled
IsChild
GetKeyState
OffsetRect
IntersectRect
DrawIcon
LoadCursorA
RegisterClassA
DestroyIcon
DestroyWindow
GetSystemMetrics
GetDlgItemInt
GetDlgItemTextA
GetDlgItem
SendMessageA
SetDlgItemInt
SetDlgItemTextA
DialogBoxParamA
wsprintfA
CreateWindowExA
SetWindowLongA
DefWindowProcA
EqualRect
GetWindowRect
GetParent
ClientToScreen
MoveWindow
GetActiveWindow
GetWindow
GetClientRect
SetFocus
BeginPaint
IsWindowVisible
EndPaint
SetParent
CheckDlgButton
SetWindowPos
CharNextA
EndDialog
LoadIconA
DrawEdge
CreateDialogIndirectParamA
PostMessageA
WinHelpA
GetNextDlgTabItem
LoadStringA
UnregisterClassA
ReleaseDC
GetDC
IsDlgButtonChecked
MessageBoxA
RegisterClipboardFormatA

ole32

CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
ReleaseStgMedium

advapi32

RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

OleCreatePropertyFrame
VariantChangeType
SetErrorInfo
UnRegisterTypeLi
LoadTypeLi
LoadTypeLibEx
OleLoadPicture
GetErrorInfo
RegisterTypeLi
SafeArrayCreate
SafeArrayPutElement
LoadRegTypeLi
SafeArrayGetDim
SysStringLen
SysAllocStringLen
SafeArrayGetUBound
SafeArrayGetElement
SafeArrayGetLBound
VariantClear
SysFreeString
VariantInit
SysAllocString
CreateErrorInfo

gdi32

DeleteDC
GetWindowExtEx
GetViewportExtEx
LPtoDP
SetMapMode
CreateDCA
SetWindowOrgEx
SetViewportOrgEx
SetWindowExtEx
SetViewportExtEx
GetDeviceCaps
CreateRectRgnIndirect

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SIMMAX读卡器驱动/SIMMAX/data1.cab
SIMMAX读卡器驱动/SIMMAX/data1.hdr
SIMMAX读卡器驱动/SIMMAX/data2.cab
SIMMAX读卡器驱动/SIMMAX/engine32.cab
.cab
SIMMAX读卡器驱动/SIMMAX/layout.bin
SIMMAX读卡器驱动/SIMMAX/setup.exe
.exe windows x86

b9d2a93cf19ca49f2a88ab66d2e71f6f

Code Sign

01
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

01/08/1996, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

1f:9a:e0
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

16/02/2004, 18:24

Not After

11/02/2005, 00:05

Subject

CN=InstallShield Software Corporation,OU=Research and Development,O=InstallShield Software Corporation,L=Schaumburg,ST=Illinois,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA
VerInstallFileA

kernel32

LoadResource
FindResourceA
GetModuleHandleA
SetErrorMode
CreateDirectoryA
GetModuleFileNameA
CreateFileA
InterlockedIncrement
InterlockedDecrement
QueryPerformanceFrequency
CreateEventA
CloseHandle
WriteFile
Sleep
ReadFile
FreeLibrary
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
lstrcmpA
FindFirstFileA
GetTempPathA
LeaveCriticalSection
EnterCriticalSection
CreateThread
GetWindowsDirectoryA
GetTickCount
GetFileAttributesA
GetTempFileNameA
CreateMutexA
WaitForSingleObject
ReleaseMutex
InitializeCriticalSection
DeleteCriticalSection
lstrlenW
SetEvent
LockResource
GetDriveTypeA
OpenEventA
CreateProcessA
CopyFileA
GetShortPathNameA
GetCurrentThreadId
HeapAlloc
GetSystemInfo
HeapCreate
GetFileSize
lstrcpynA
lstrcatA
WritePrivateProfileStringA
GetProcAddress
LoadLibraryA
HeapDestroy
GetSystemDefaultLangID
MoveFileA
FindResourceExA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SizeofResource
GetVersion
GetStartupInfoA
ExitProcess
GetCommandLineA
DebugBreak
HeapReAlloc
HeapFree
VirtualQuery
VirtualProtect
SearchPathA
ResetEvent
QueryPerformanceCounter
SystemTimeToFileTime
GetCurrentProcess
GetCurrentThread
RtlUnwind
lstrcpyA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
GetVersionExA
CompareStringW
CompareStringA
WideCharToMultiByte
lstrlenA
GetLastError
SetLastError
lstrcmpiA
GetPrivateProfileIntA
GetPrivateProfileStringA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
SetFilePointer
IsBadReadPtr

user32

MoveWindow
KillTimer
DestroyWindow
GetWindowTextA
SetTimer
SetWindowRgn
GetDesktopWindow
DialogBoxIndirectParamA
SetActiveWindow
LoadStringA
SetWindowTextA
GetDlgItem
SendMessageA
SetDlgItemTextA
LoadIconA
GetWindowRect
SystemParametersInfoA
SetWindowPos
wsprintfA
MsgWaitForMultipleObjects
PeekMessageA
CharLowerBuffA
MessageBoxA
EndDialog
CharNextA
CharUpperA
PostThreadMessageA
CreateDialogIndirectParamA
SetForegroundWindow
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
GetDC
ReleaseDC
ShowWindow
ScreenToClient

gdi32

GetTextExtentPoint32A
LPtoDP
DeleteObject
CreateFontIndirectA
GetObjectA

advapi32

RegCreateKeyExA
GetTokenInformation
AllocateAndInitializeSid
OpenThreadToken
EqualSid
FreeSid
RegCloseKey
RegOpenKeyExA
RegSetValueExA
OpenProcessToken
RegDeleteKeyA
RegEnumKeyExA
RegQueryValueExA
RegOpenKeyA
RegQueryValueA

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

ole32

CoCreateGuid
CoCreateInstance
CoRevokeClassObject
CoRegisterClassObject
StringFromCLSID
CoTaskMemFree
StringFromGUID2
GetRunningObjectTable
CoTaskMemAlloc
CoMarshalInterThreadInterfaceInStream
CoReleaseMarshalData
CoInitialize
CoGetInterfaceAndReleaseStream
CoUninitialize

oleaut32

RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SysFreeString
VariantCopy
SysAllocStringLen
SysAllocString
SysStringLen
VariantClear

lz32

LZOpenFileA
LZCopy
LZClose

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SIMMAX读卡器驱动/SIMMAX/setup.ibt
SIMMAX读卡器驱动/SIMMAX/setup.ini
SIMMAX读卡器驱动/SIMMAX/setup.inx
SimonScan3.0/SimScan3.0.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

EPE0
Size: - Virtual size: 6.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

EPE1
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SimonScan3.0/SimScan3.0.exe.log
SimonScan3.0/破解软件.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.CUG
Size: 512B - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CUG
Size: 148KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SimonScan3.0/运行前一定要看我.txt
dump_dat_black-xstar.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

LoadLi
Size: 4KB - Virtual size: 1830.1MB

Size: 1.3MB - Virtual size: 4B

��
Size: - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
write_ki2dat_black-xstar.exe
.exe windows x86

dd1c40601b712c35527a1cd353701a8e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

InitializeCriticalSection
GetProcAddress
LocalFree
RaiseException
LocalAlloc
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
ResumeThread
WriteProcessMemory
GetPrivateProfileSectionA
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW

user32

DefWindowProcA
AdjustWindowRectEx

Sections

0
Size: 319KB - Virtual size: 616KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: 38KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

6
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

7
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

8
Size: 44KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

9
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

10
Size: 7KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
使用说明.txt
绿盟.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

Size: 436KB - Virtual size: 2.0MB

.rsrc Size: 9KB - Virtual size: 9KB

.vmp0 Size: 243KB - Virtual size: 243KB

.mackt Size: 8KB - Virtual size: 8KB

981c4b05d92d1681a5f459ad4e52b1b8

Code Sign

Signer

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

oleaut32

gdi32

Exports

Exports

Sections

.text Size: 59KB - Virtual size: 58KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 27KB - Virtual size: 26KB

.reloc Size: 5KB - Virtual size: 4KB

b9d2a93cf19ca49f2a88ab66d2e71f6f

Code Sign

01Certificate

1f:9a:e0Certificate

Extended Key Usages

0aCertificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

lz32

Sections

.text Size: 66KB - Virtual size: 66KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 31KB - Virtual size: 31KB

Headers

File Characteristics

Sections

EPE0 Size: - Virtual size: 6.6MB

EPE1 Size: 5.1MB - Virtual size: 5.1MB

.rsrc Size: 8KB - Virtual size: 7KB

Headers

File Characteristics

Sections

.CUG Size: 512B - Virtual size: 176KB

.CUG Size: 148KB - Virtual size: 162KB

Headers

File Characteristics

Sections

LoadLi Size: 4KB - Virtual size: 1830.1MB

Size: 1.3MB - Virtual size: 4B

���� Size: - Virtual size:

.rsrc
Size: 9KB - Virtual size: 9KB

.vmp0
Size: 243KB - Virtual size: 243KB

.mackt
Size: 8KB - Virtual size: 8KB

.text
Size: 59KB - Virtual size: 58KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 27KB - Virtual size: 26KB

.reloc
Size: 5KB - Virtual size: 4KB

01
Certificate

1f:9a:e0
Certificate

0a
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

.text
Size: 66KB - Virtual size: 66KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 31KB - Virtual size: 31KB

EPE0
Size: - Virtual size: 6.6MB

EPE1
Size: 5.1MB - Virtual size: 5.1MB

.rsrc
Size: 8KB - Virtual size: 7KB

.CUG
Size: 512B - Virtual size: 176KB

.CUG
Size: 148KB - Virtual size: 162KB

LoadLi
Size: 4KB - Virtual size: 1830.1MB

��
Size: - Virtual size:

0
Size: 319KB - Virtual size: 616KB

1
Size: 38KB - Virtual size: 60KB

2
Size: 512B - Virtual size: 4KB

3
Size: 512B - Virtual size: 4KB

4
Size: 3KB - Virtual size: 12KB

5
Size: 512B - Virtual size: 4KB

6
Size: 77KB - Virtual size: 80KB

7
Size: - Virtual size: 40KB

8
Size: 44KB - Virtual size: 69KB

9
Size: 3KB - Virtual size: 3KB

10
Size: 7KB - Virtual size: 28KB