Extracted

• 97d0844ce9928e32b11706e06bf2c4426204d998cb39964dd3c3de6c5223fff0

  .dll windows x86

  8537ecbd7502464f075fea2668650b1e

  
  

  Code Sign

  01

  Certificate

  Issuer

  CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Not Before

  01/01/2004, 00:00

  Not After

  31/12/2028, 23:59

  Subject

  CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16

  Certificate

  Issuer

  CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Not Before

  25/05/2021, 00:00

  Not After

  31/12/2028, 23:59

  Subject

  CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a

  Certificate

  Issuer

  CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  01/08/2022, 00:00

  Not After

  09/11/2031, 23:59

  Subject

  CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a

  Certificate

  Issuer

  CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

  Not Before

  22/03/2021, 00:00

  Not After

  21/03/2036, 23:59

  Subject

  CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  7d:27:33:2c:3c:b3:a3:82:a4:fd:23:2c:5c:66:a2

  Certificate

  Issuer

  CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

  Not Before

  17/06/2022, 00:00

  Not After

  17/06/2023, 23:59

  Subject

  CN=MALVINA RECRUITMENT LIMITED,O=MALVINA RECRUITMENT LIMITED,ST=London,C=GB

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b

  Certificate

  Issuer

  CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  23/03/2022, 00:00

  Not After

  22/03/2037, 23:59

  Subject

  CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a

  Certificate

  Issuer

  CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

  Not Before

  21/09/2022, 00:00

  Not After

  21/11/2033, 23:59

  Subject

  CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  d2:1b:a6:a9:f6:46:9a:31:b1:d7:cc:76:17:8a:3a:5e:10:4b:40:86

  Signer

  Actual PE Digest

  d2:1b:a6:a9:f6:46:9a:31:b1:d7:cc:76:17:8a:3a:5e:10:4b:40:86

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Signature Validations

  Trusted

  true

  Verification

  Signing Certificate

  CN=MALVINA RECRUITMENT LIMITED,O=MALVINA RECRUITMENT LIMITED,ST=London,C=GB

  05/10/2022, 09:20

  Valid: true

  Chain 1

  CN=MALVINA RECRUITMENT LIMITED,O=MALVINA RECRUITMENT LIMITED,ST=London,C=GB

  CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

  CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

  CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetEnvironmentVariableW

  CreateDirectoryA

  CreateFileA

  DeleteFileA

  FindFirstVolumeW

  GetShortPathNameW

  OutputDebugStringW

  EncodeSystemPointer

  DecodeSystemPointer

  GetLastError

  AddVectoredExceptionHandler

  DisconnectNamedPipe

  HeapCompact

  CancelSynchronousIo

  InitOnceInitialize

  WaitForSingleObject

  CreateMutexA

  CreateEventW

  GetCurrentProcess

  GetCurrentProcessId

  CreateThread

  SuspendThread

  CreateProcessA

  UpdateProcThreadAttribute

  OpenProcess

  GetSystemDirectoryA

  GetComputerNameExA

  VirtualAlloc

  VirtualProtect

  GetSystemFileCacheSize

  VirtualAllocExNuma

  IsWow64Process

  GetSystemWow64DirectoryA

  DisableThreadLibraryCalls

  FreeResource

  GetModuleHandleExW

  GetProcAddress

  LocalCompact

  GetShortPathNameA

  GlobalDeleteAtom

  GetCommModemStatus

  PurgeComm

  TransmitCommChar

  WaitCommEvent

  EraseTape

  DosDateTimeToFileTime

  CreateMailslotW

  lstrcpynA

  lstrcpynW

  lstrcatA

  UpdateResourceA

  GetPrivateProfileStringA

  WritePrivateProfileStringA

  CreateDirectoryExA

  CreateFileTransactedW

  ReOpenFile

  CheckNameLegalDOS8Dot3A

  MoveFileTransactedA

  GetNamedPipeHandleStateA

  UnregisterWait

  CreatePrivateNamespaceA

  FindActCtxSectionStringA

  FindActCtxSectionGuid

  FreeEnvironmentStringsA

  CreateSymbolicLinkA

  GetTimeFormatEx

  GetDateFormatEx

  CompareStringOrdinal

  MultiByteToWideChar

  GetACP

  CompareStringA

  FindNLSString

  GetCurrencyFormatW

  EnumDateFormatsExW

  IsValidLocale

  GetLocaleInfoEx

  GetNLSVersionEx

  WriteConsoleInputW

  WriteConsoleOutputW

  WriteFile

  OutputDebugStringA

  VerSetConditionMask

  FindFirstFileA

  GetSystemInfo

  GetVersionExA

  GetModuleHandleA

  GetModuleHandleW

  VerifyVersionInfoW

  VirtualFree

  GlobalFree

  LocalFree

  Process32First

  Process32Next

  CreateProcessW

  Wow64DisableWow64FsRedirection

  Wow64RevertWow64FsRedirection

  UnhandledExceptionFilter

  IsDebuggerPresent

  IsProcessorFeaturePresent

  DecodePointer

  WriteConsoleW

  SetFilePointerEx

  HeapReAlloc

  HeapSize

  SetStdHandle

  GetConsoleMode

  GetConsoleCP

  FlushFileBuffers

  GetStringTypeW

  GetProcessHeap

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetCommandLineW

  GetCommandLineA

  GetCPInfo

  GetOEMCP

  IsValidCodePage

  GetStartupInfoW

  FindNextFileA

  FindFirstFileExA

  DeleteFileW

  GetFileType

  lstrlenA

  lstrcpyA

  GlobalAlloc

  Process32NextW

  Process32FirstW

  CreateToolhelp32Snapshot

  lstrlenW

  lstrcatW

  lstrcpyW

  lstrcmpW

  LoadLibraryA

  GetSystemWow64DirectoryW

  GetSystemDirectoryW

  ExitProcess

  CloseHandle

  Sleep

  ReadFile

  GetFileSize

  FindFirstFileW

  FindClose

  GetNumaNodeProcessorMask

  CreateFileW

  GetStdHandle

  LCMapStringW

  HeapAlloc

  HeapFree

  WideCharToMultiByte

  QueryPerformanceCounter

  GetCurrentThreadId

  GetSystemTimeAsFileTime

  InitializeSListHead

  TerminateProcess

  GetModuleFileNameA

  LoadLibraryExW

  FreeLibrary

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  InitializeCriticalSectionAndSpinCount

  DeleteCriticalSection

  LeaveCriticalSection

  EnterCriticalSection

  EncodePointer

  SetLastError

  InterlockedFlushSList

  RtlUnwind

  RaiseException

  SetUnhandledExceptionFilter

  user32

  SendMessageA

  PostMessageA

  BeginDeferWindowPos

  IsIconic

  IsDlgButtonChecked

  EnumClipboardFormats

  GetMessagePos

  IsCharLowerA

  GetMenu

  GetMenuItemID

  wsprintfA

  GetMenuCheckMarkDimensions

  TabbedTextOutA

  GetMessageA

  IsClipboardFormatAvailable

  RegisterWindowMessageA

  GetScrollRange

  RemovePropA

  GetDesktopWindow

  FindWindowA

  LoadBitmapA

  CharUpperA

  GetSystemMetrics

  FindWindowW

  CharUpperBuffW

  GetTopWindow

  wsprintfW

  AppendMenuA

  ReleaseDC

  GetDC

  gdi32

  SetStretchBltMode

  StretchBlt

  SelectObject

  GetDIBits

  DeleteObject

  DeleteDC

  CreateCompatibleDC

  CreateCompatibleBitmap

  Pie

  GetBkMode

  ExtFloodFill

  CreateICA

  CreateEllipticRgnIndirect

  CreateBitmap

  GetObjectA

  advapi32

  RegOpenKeyExW

  RegDeleteValueW

  RegDeleteValueA

  GetUserNameW

  RegUnLoadKeyW

  shell32

  ShellExecuteW

  ShellExecuteA

  SHGetSpecialFolderPathA

  SHGetSpecialFolderPathW

  ole32

  CoCreateGuid

  CoInitialize

  CoCreateInstance

  CoInitializeSecurity

  CoInitializeEx

  CoUninitialize

  oleaut32

  SysAllocString

  SysFreeString

  VariantInit

  VariantClear

  shlwapi

  StrChrA

  StrStrA

  ws2_32

  WSAStartup

  WSACleanup

  gethostbyname

  socket

  send

  recv

  htons

  closesocket

  connect

  gdiplus

  GdipDisposeImage

  GdipSaveImageToFile

  GdipGetImageEncodersSize

  GdipGetImageEncoders

  GdipCloneImage

  GdipAlloc

  GdipFree

  GdiplusStartup

  GdipLoadImageFromFile

  netapi32

  NetApiBufferFree

  NetWkstaGetInfo

  Exports

  Exports

  ChkdskExs

  Sections

  .text

  Size: 256KB - Virtual size: 255KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 36KB - Virtual size: 35KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 3KB - Virtual size: 13KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .gfids

  Size: 512B - Virtual size: 288B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 29KB - Virtual size: 28KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 21KB - Virtual size: 21KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ