kangle[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

kangle.exe
Size

1.1MB
MD5

00ec276e713356705b9f47b9195423d7
SHA1

0c7ec35818418bd8e171ab9fffaa68338c1a488c
SHA256

795c9105f8ac1318e68ba98edc06883bbe4cd70ef97943e70edb905c2643b02e
SHA512

1e3c18c595a65203aabd6e5f0eaa7d2766f01814af20d59c6a8726596e741dd062627f2052559c253afc2fcc6af5f5372d639ca30d65ff5843d4212a426bd770
SSDEEP

24576:4X32o52CnXBPb2/5/VqHCUhYm8og6Uaw8N/xgj3w:bo5dUNocmHg6UavN/xgj3w

Score

N/A

Malware Config

Signatures

Files

kangle.exe
.exe windows x86

c0c8957f38999a317af99c5e934eb6cb

Code Sign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

10:3c:ed:80:b6:9a:50:1b:2d:57:d0:a6:23:52:30:7a
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

08/09/2020, 00:00

Not After

07/11/2022, 23:59

Subject

CN=江苏云学堂网络科技有限公司,O=江苏云学堂网络科技有限公司,L=苏州市,ST=江苏省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

10:3c:ed:80:b6:9a:50:1b:2d:57:d0:a6:23:52:30:7a
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

08/09/2020, 00:00

Not After

07/11/2022, 23:59

Subject

CN=江苏云学堂网络科技有限公司,O=江苏云学堂网络科技有限公司,L=苏州市,ST=江苏省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c6:d5:f7:59:6c:e0:82:95:b3:3a:eb:69:d9:71:a1:36:94:6f:25:cc:f7:a3:d5:71:28:b4:33:59:d9:00:d2:89
Signer

Actual PE Digest

c6:d5:f7:59:6c:e0:82:95:b3:3a:eb:69:d9:71:a1:36:94:6f:25:cc:f7:a3:d5:71:28:b4:33:59:d9:00:d2:89

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=江苏云学堂网络科技有限公司,O=江苏云学堂网络科技有限公司,L=苏州市,ST=江苏省,C=CN

24/02/2021, 08:06
Valid: false

a1:8e:ab:51:b8:0a:0a:f5:51:23:a9:c9:de:d7:4f:fb:94:a7:e8:83
Signer

Actual PE Digest

a1:8e:ab:51:b8:0a:0a:f5:51:23:a9:c9:de:d7:4f:fb:94:a7:e8:83

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=江苏云学堂网络科技有限公司,O=江苏云学堂网络科技有限公司,L=苏州市,ST=江苏省,C=CN

24/02/2021, 08:06
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ssleay32

ord58
ord96
ord8
ord78
ord290
ord291
ord82
ord243
ord158
ord15
ord231
ord6
ord151
ord112
ord125
ord75
ord222
ord87
ord5
ord24
ord12
ord108
ord128
ord61
ord167
ord49
ord169
ord127
ord183
ord74
ord48

libeay32

ord181
ord185
ord227
ord196
ord1804
ord197
ord183
ord2
ord815
ord66
ord89
ord653
ord585
ord656
ord78
ord52
ord641
ord95
ord188
ord657
ord223

libiconv2

ord5
ord7
ord6

ws2_32

htonl
WSAGetLastError
setsockopt
htons
ntohl
ntohs
shutdown
closesocket
WSASend
WSARecv
socket
ioctlsocket
bind
recv
getsockname
select
getaddrinfo
WSAStartup
connect
WSAIoctl
getpeername
accept
freeaddrinfo
listen
send
getnameinfo

zlib1

deflateInit2_
deflate
inflateEnd
inflate
inflateInit2_
deflateEnd
crc32

pcre

pcre_free
pcre_study
pcre_free_study
pcre_exec
pcre_compile
pcre_fullinfo
pcre_version

kernel32

GetTickCount
GetSystemTimeAsFileTime
UnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
InterlockedExchange
ResetEvent
GetExitCodeProcess
ResumeThread
LocalFree
LocalAlloc
GetProcessHeap
HeapFree
HeapAlloc
WaitForMultipleObjects
SetConsoleCtrlHandler
GetStartupInfoA
CreateProcessA
OpenProcess
ConnectNamedPipe
SetUnhandledExceptionFilter
FlushFileBuffers
CreateFileW
LockFileEx
GetCurrentThreadId
GetSystemInfo
GetProcessId
TerminateProcess
CreatePipe
CreateNamedPipeA
GetModuleHandleA
PostQueuedCompletionStatus
GetLocalTime
GetQueuedCompletionStatus
CancelIo
GetCurrentProcessId
GetCurrentProcess
MoveFileExA
GetFileInformationByHandle
SetFilePointer
SetHandleInformation
WriteFile
CreateFileA
CreateIoCompletionPort
ReadFile
CreateEventA
LoadLibraryA
GetProcAddress
SetDllDirectoryA
FreeLibrary
CreateMutexA
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
SetLastError
MultiByteToWideChar
SetEvent
CloseHandle
Sleep
FindNextFileA
FindClose
GetLastError
FindFirstFileA
GetModuleFileNameA
ReleaseMutex
WaitForSingleObject

user32

SetProcessWindowStation
OpenWindowStationA
SetUserObjectSecurity
GetUserObjectSecurity
GetProcessWindowStation
CloseWindowStation
OpenDesktopA
CloseDesktop

advapi32

RegCloseKey
ControlService
OpenSCManagerA
SetServiceStatus
ReportEventA
RegCreateKeyExA
StartServiceA
OpenProcessToken
ImpersonateLoggedOnUser
LogonUserA
StartServiceCtrlDispatcherA
CreateProcessAsUserA
LookupAccountNameA
RegDeleteKeyA
CreateServiceA
RegisterServiceCtrlHandlerA
RegSetValueExA
ChangeServiceConfig2A
DeleteService
RegisterEventSourceA
CloseServiceHandle
OpenServiceA
GetSecurityDescriptorDacl
AdjustTokenPrivileges
GetLengthSid
AddAce
AddAccessAllowedAce
InitializeAcl
GetAce
LookupPrivilegeValueA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
CopySid
GetAclInformation
RevertToSelf

ole32

CoInitializeEx

msvcp90

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@D@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?uncaught_exception@std@@YA_NXZ
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z

msvcr90

memset
memcpy
__CxxFrameHandler3
_CxxThrowException
_except_handler3
atoi
strchr
_crt_debugger_hook
_controlfp_s
_invoke_watson
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__initenv
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_vsnprintf
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_invalid_parameter_noinfo
fopen
fwrite
fclose
_time64
??0exception@std@@QAE@XZ
strrchr
_unlink
malloc
_unlock
?terminate@@YAXXZ
vsprintf
srand
__timezone
isxdigit
isupper
_beginthread
strftime
_gmtime64
_localtime64
vfprintf
_mktime64
strpbrk
_heapmin
sscanf
_wstat64
_environ
getenv
_stat64
strtol
rename
exit
_setmaxstdio
_mkdir
isspace
memmove_s
fscanf
??_V@YAXPAX@Z
printf
_errno
strerror
toupper
isdigit
strcmp
_atoi64
strncpy
_purecall
tolower
memchr
_strnicmp
rand
fprintf
sprintf
__iob_func
_snprintf
fread
_stricmp
free
??3@YAXPAX@Z
_strdup
??2@YAPAXI@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
strncmp
strstr

sqlite3

sqlite3_bind_blob
sqlite3_busy_handler
sqlite3_open
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_finalize
sqlite3_step
sqlite3_bind_int
sqlite3_exec
sqlite3_bind_int64
sqlite3_prepare
sqlite3_bind_text
sqlite3_free
sqlite3_close
sqlite3_column_text

dbghelp

MiniDumpWriteDump

Exports

Exports

?Whm_GetExtensionVersion@@YGHPAU_HSE_VERSION_INFO@@@Z
?Whm_HttpExtensionProc@@YGKPAU_EXTENSION_CONTROL_BLOCK@@@Z
?Whm_TerminateExtension@@YGHK@Z
_GetWhmVersion@4

Sections

.text
Size: 862KB - Virtual size: 861KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0c8957f38999a317af99c5e934eb6cb

Code Sign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78Certificate

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

10:3c:ed:80:b6:9a:50:1b:2d:57:d0:a6:23:52:30:7aCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78Certificate

Key Usages

10:3c:ed:80:b6:9a:50:1b:2d:57:d0:a6:23:52:30:7aCertificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

c6:d5:f7:59:6c:e0:82:95:b3:3a:eb:69:d9:71:a1:36:94:6f:25:cc:f7:a3:d5:71:28:b4:33:59:d9:00:d2:89Signer

Signature Validations

Verification

24/02/2021, 08:06 Valid: false

a1:8e:ab:51:b8:0a:0a:f5:51:23:a9:c9:de:d7:4f:fb:94:a7:e8:83Signer

Signature Validations

Verification

24/02/2021, 08:06 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

ssleay32

libeay32

libiconv2

ws2_32

zlib1

pcre

kernel32

user32

advapi32

ole32

msvcp90

msvcr90

sqlite3

dbghelp

Exports

Exports

Sections

.text Size: 862KB - Virtual size: 861KB

.rdata Size: 166KB - Virtual size: 166KB

.data Size: 11KB - Virtual size: 60KB

.rsrc Size: 1024B - Virtual size: 688B

.reloc Size: 102KB - Virtual size: 102KB

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

10:3c:ed:80:b6:9a:50:1b:2d:57:d0:a6:23:52:30:7a
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

10:3c:ed:80:b6:9a:50:1b:2d:57:d0:a6:23:52:30:7a
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

c6:d5:f7:59:6c:e0:82:95:b3:3a:eb:69:d9:71:a1:36:94:6f:25:cc:f7:a3:d5:71:28:b4:33:59:d9:00:d2:89
Signer

24/02/2021, 08:06
Valid: false

a1:8e:ab:51:b8:0a:0a:f5:51:23:a9:c9:de:d7:4f:fb:94:a7:e8:83
Signer

24/02/2021, 08:06
Valid: false

.text
Size: 862KB - Virtual size: 861KB

.rdata
Size: 166KB - Virtual size: 166KB

.data
Size: 11KB - Virtual size: 60KB

.rsrc
Size: 1024B - Virtual size: 688B

.reloc
Size: 102KB - Virtual size: 102KB