Extracted

• b69a4e9e9333163e6fdbb22cefd5ce9f.exe.vir

  .exe windows

  a175075d2025e600981ffa302482d3ab

  
  

  Code Sign

  05:5f:93:7a:9d:f7:3d:fd:90:ba:98:89:e4:c5:0a:11

  Certificate

  Issuer

  CN=DigiCert SHA2 High Assurance Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  25/01/2016, 00:00

  Not After

  29/01/2019, 12:00

  Subject

  CN=Notepad\+\+,O=Notepad\+\+,L=Saint Cloud,ST=Ile-de-France,C=FR

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  0b:7e:10:90:3c:38:49:0f:fa:2f:67:9a:87:a1:a7:b9

  Certificate

  Issuer

  CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  22/10/2013, 12:00

  Not After

  22/10/2028, 12:00

  Subject

  CN=DigiCert SHA2 High Assurance Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66

  Certificate

  Issuer

  CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  22/10/2014, 00:00

  Not After

  22/10/2024, 00:00

  Subject

  CN=DigiCert Timestamp Responder,O=DigiCert,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b

  Certificate

  Issuer

  CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  10/11/2006, 00:00

  Not After

  10/11/2021, 00:00

  Subject

  CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

  Extended Key Usages

  ExtKeyUsageServerAuth

  ExtKeyUsageClientAuth

  ExtKeyUsageCodeSigning

  ExtKeyUsageEmailProtection

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  f1:22:3a:a8:4a:92:ea:3d:e1:2b:60:fb:b6:be:d9:e9:27:fd:1d:9e

  Signer

  Actual PE Digest

  f1:22:3a:a8:4a:92:ea:3d:e1:2b:60:fb:b6:be:d9:e9:27:fd:1d:9e

  Digest Algorithm

  sha1

  PE Digest Matches

  false

  Signature Validations

  Trusted

  true

  Verification

  Signing Certificate

  CN=Notepad\+\+,O=Notepad\+\+,L=Saint Cloud,ST=Ile-de-France,C=FR

  21/09/2016, 20:16

  Valid: true

  Chain 1

  CN=Notepad\+\+,O=Notepad\+\+,L=Saint Cloud,ST=Ile-de-France,C=FR

  CN=DigiCert SHA2 High Assurance Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Imports

  comctl32

  ImageList_DragMove

  ImageList_DragEnter

  ImageList_EndDrag

  ImageList_BeginDrag

  ImageList_SetIconSize

  ord17

  InitCommonControlsEx

  ImageList_ReplaceIcon

  ImageList_Destroy

  _TrackMouseEvent

  ImageList_GetImageInfo

  ImageList_Draw

  ImageList_AddMasked

  ImageList_GetImageCount

  ImageList_DragShowNolock

  ImageList_Create

  shlwapi

  PathStripPathW

  PathAddExtensionW

  PathRemoveExtensionW

  PathAppendW

  PathMatchSpecW

  PathIsRelativeW

  PathGetDriveNumberW

  PathCompactPathExW

  PathIsDirectoryW

  PathFindFileNameW

  PathFileExistsW

  PathRemoveFileSpecW

  PathFindExtensionW

  shell32

  ShellExecuteW

  Shell_NotifyIconW

  SHGetSpecialFolderLocation

  DragFinish

  DragQueryPoint

  DragQueryFileW

  SHBrowseForFolderW

  SHGetPathFromIDListW

  SHGetMalloc

  SHFileOperationW

  kernel32

  MoveFileExW

  GlobalLock

  GlobalUnlock

  GlobalAlloc

  GlobalFree

  GetCurrentDirectoryW

  QueueUserAPC

  ReleaseSemaphore

  SleepEx

  WaitForSingleObjectEx

  CreateSemaphoreW

  CancelIo

  CreateFileW

  ReadDirectoryChangesW

  MulDiv

  GetCurrentThreadId

  GetModuleHandleW

  SetCurrentDirectoryW

  FreeLibrary

  CopyFileW

  GetProcAddress

  GetCurrentProcess

  GetCurrentProcessId

  LoadLibraryW

  GlobalSize

  ReleaseMutex

  Sleep

  CreateMutexW

  lstrcpynW

  GetSystemInfo

  ExpandEnvironmentStringsW

  GetVersionExW

  LocalFree

  FormatMessageW

  DeleteFileW

  GetTimeFormatW

  GetDateFormatW

  GetACP

  LockResource

  LoadResource

  SizeofResource

  FindResourceW

  SetLastError

  GetCommandLineW

  GetTempPathW

  GetTimeZoneInformation

  GetCPInfo

  GetOEMCP

  IsValidCodePage

  PeekNamedPipe

  GetFileType

  GetFileInformationByHandle

  FileTimeToLocalFileTime

  GetStartupInfoW

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  TerminateProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  RtlVirtualUnwind

  RtlCaptureContext

  GetCommandLineA

  GetModuleHandleExW

  ExitProcess

  LoadLibraryExW

  ExitThread

  GetSystemTimeAsFileTime

  ReadFile

  FileTimeToSystemTime

  SystemTimeToTzSpecificLocalTime

  GetDriveTypeW

  FindFirstFileExW

  IsProcessorFeaturePresent

  IsDebuggerPresent

  RtlUnwindEx

  RtlLookupFunctionEntry

  RtlPcToFileHeader

  EncodePointer

  SetFileAttributesW

  GetFullPathNameW

  CreateDirectoryW

  OpenEventW

  lstrcmpiW

  WaitForSingleObject

  ResetEvent

  GetLongPathNameW

  CreateEventW

  lstrcpyW

  CloseHandle

  WaitForMultipleObjects

  SetEvent

  GetLastError

  CreateThread

  RaiseException

  GetProcessHeap

  HeapSize

  HeapFree

  HeapReAlloc

  HeapAlloc

  HeapDestroy

  DecodePointer

  FindNextFileW

  FindFirstFileW

  GetFileAttributesW

  lstrlenW

  lstrcatW

  lstrcmpW

  FindClose

  WideCharToMultiByte

  MultiByteToWideChar

  GetModuleFileNameW

  DeleteCriticalSection

  InitializeCriticalSectionAndSpinCount

  LeaveCriticalSection

  EnterCriticalSection

  CompareStringW

  LCMapStringW

  GetLocaleInfoW

  IsValidLocale

  GetUserDefaultLCID

  EnumSystemLocalesW

  GetConsoleMode

  ReadConsoleW

  SetFilePointerEx

  GetStdHandle

  GetStringTypeW

  FlushFileBuffers

  WriteFile

  GetConsoleCP

  SetEnvironmentVariableA

  GetModuleFileNameA

  QueryPerformanceCounter

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  SetStdHandle

  SetEndOfFile

  WriteConsoleW

  OutputDebugStringW

  GetLocalTime

  user32

  DestroyAcceleratorTable

  TranslateAcceleratorW

  GetMenuStringW

  DrawMenuBar

  GetMenuItemCount

  DeleteMenu

  SetForegroundWindow

  CheckMenuRadioItem

  MonitorFromWindow

  GetMonitorInfoW

  RealChildWindowFromPoint

  SetMenu

  IsDialogMessageW

  LoadMenuW

  GetClassNameW

  DrawIcon

  CharUpperW

  CharLowerW

  IsCharAlphaW

  IsCharAlphaNumericW

  IsCharLowerW

  GetClassNameA

  CreateAcceleratorTableW

  FindWindowW

  ReleaseCapture

  CreateDialogIndirectParamW

  SystemParametersInfoW

  TrackMouseEvent

  GetCapture

  DragDetect

  SetRectEmpty

  AppendMenuW

  RegisterWindowMessageW

  ShowCursor

  CreateCursor

  DestroyCursor

  ScrollWindow

  SetPropW

  GetPropW

  RemovePropW

  SetScrollInfo

  InsertMenuItemW

  SetMenuItemInfoW

  LoadStringW

  BeginDeferWindowPos

  DeferWindowPos

  EndDeferWindowPos

  TranslateMessage

  GetMessageW

  MessageBoxA

  GetWindowTextW

  SetCapture

  GetActiveWindow

  GetDlgCtrlID

  IsChild

  CallNextHookEx

  UnhookWindowsHookEx

  SetWindowsHookExW

  SetParent

  SetWindowTextW

  RedrawWindow

  EnableMenuItem

  CheckMenuItem

  CreateMenu

  GetMenuState

  EmptyClipboard

  SetClipboardData

  GetDlgItemTextW

  IsWindow

  GetDlgItemInt

  FrameRect

  FillRect

  DrawFocusRect

  IsZoomed

  SetWindowLongPtrW

  GetWindowLongPtrW

  InflateRect

  GetSysColor

  ClientToScreen

  SetWindowPos

  CallWindowProcW

  IsClipboardFormatAvailable

  RegisterClipboardFormatW

  GetClipboardData

  ChangeClipboardChain

  SetClipboardViewer

  CloseClipboard

  OpenClipboard

  LoadCursorW

  GetParent

  GetWindowLongW

  SetCaretPos

  ShowCaret

  HideCaret

  DestroyCaret

  CreateCaret

  SetCursor

  MessageBeep

  ShowScrollBar

  GetScrollRange

  SetScrollRange

  GetScrollPos

  SetScrollPos

  EndPaint

  BeginPaint

  ReleaseDC

  GetDC

  DrawTextExW

  DrawTextW

  GetMenu

  IsIconic

  ModifyMenuW

  GetMenuItemID

  GetSystemMetrics

  ToAscii

  GetKeyboardState

  GetFocus

  SetWindowPlacement

  GetWindowPlacement

  DestroyWindow

  CreateWindowExW

  RegisterClassW

  DefWindowProcW

  PostMessageW

  DrawFrameControl

  DrawEdge

  LoadBitmapW

  ScreenToClient

  MessageBoxW

  GetWindowRect

  GetClientRect

  InvalidateRect

  UpdateWindow

  TrackPopupMenu

  InsertMenuW

  DestroyMenu

  CreatePopupMenu

  IsWindowVisible

  ShowWindow

  UnregisterClassW

  wsprintfW

  SetFocus

  MoveWindow

  DrawIconEx

  LoadImageW

  EnableWindow

  GetKeyState

  SendDlgItemMessageW

  SetDlgItemTextW

  GetDlgItem

  SendMessageW

  GetSubMenu

  RemoveMenu

  DestroyIcon

  LoadIconW

  GetDesktopWindow

  PtInRect

  WindowFromPoint

  LockWindowUpdate

  GetDCEx

  mouse_event

  SetDlgItemInt

  GetSysColorBrush

  MapWindowPoints

  AdjustWindowRectEx

  EndDialog

  DialogBoxIndirectParamW

  DialogBoxParamW

  FlashWindowEx

  RegisterClassExW

  PostQuitMessage

  CreateDialogParamW

  DispatchMessageW

  GetCursorPos

  gdi32

  GetPixel

  BitBlt

  RestoreDC

  CreateHatchBrush

  GetObjectW

  SetWindowOrgEx

  OffsetWindowOrgEx

  CreateBitmap

  CreatePatternBrush

  PatBlt

  SetBrushOrgEx

  DeleteDC

  GetDeviceCaps

  SetTextAlign

  StartDocW

  EndDoc

  StartPage

  EndPage

  ExtTextOutW

  DPtoLP

  CreateFontIndirectW

  GetTextExtentPointW

  StretchBlt

  CreateCompatibleDC

  CreateCompatibleBitmap

  MoveToEx

  EnumFontFamiliesExW

  LineTo

  SetBkColor

  GetTextMetricsW

  SetTextColor

  SetROP2

  SetBkMode

  SelectObject

  Rectangle

  GetTextExtentPoint32W

  GetStockObject

  GetROP2

  CreateSolidBrush

  CreatePen

  CreateFontW

  SaveDC

  DeleteObject

  comdlg32

  GetSaveFileNameW

  GetOpenFileNameW

  ChooseColorW

  PrintDlgW

  advapi32

  FreeSid

  CheckTokenMembership

  RegCloseKey

  RegCreateKeyExW

  RegDeleteKeyW

  RegDeleteValueW

  RegEnumKeyExW

  RegOpenKeyExW

  RegQueryInfoKeyW

  RegQueryValueExW

  RegSetValueExW

  IsTextUnicode

  AllocateAndInitializeSid

  ole32

  CoInitialize

  CoUninitialize

  Sections

  .text

  Size: 1.4MB - Virtual size: 1.4MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata

  Size: 579KB - Virtual size: 579KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 34KB - Virtual size: 116KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 61KB - Virtual size: 61KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 543KB - Virtual size: 542KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 10KB - Virtual size: 9KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ