Adobe2023[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Adobe2023.zip
Size

471.0MB
MD5

96c8fc4156f84c33b56ddf8782b1f5c7
SHA1

fd11478eda85f1e102c3d58ce0d8b6af10d25d59
SHA256

aad8d1f6793e6684a4506a4372a2c4fca7aebe6823bee3be69f400c10a42e2e7
SHA512

a4197aca4809f59de4accc5fc0cc8af89c8a10fb0fc81e6e12b49058ab3728509bd65da3b3cf6051574a7b26939c324d403fc1666dab1bf44f3032d01e11c00c
SSDEEP

12582912:K276MxULma0tRrJsVWZgReCWLk7+hN2cEWD1VqU1n/vbAd4:KLMyLma0tRrmVWaRF2k7+hN2a3qInbI4

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/Adobe 2023/Adobe 2023/Set-up.exe	upx

Files

Adobe2023.zip
.zip
Adobe 2023/Adobe 2023/Set-up.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 2.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 893KB - Virtual size: 896KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Adobe 2023/Adobe 2023/packages/AAM/IPC/IPC.pima
.zip
AdobeIPCBroker.exe
.exe windows x86

b78757e60c78fbd8d0549e7a1e0d29a1

Code Sign

0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2f
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/10/2018, 00:00

Not After

03/11/2021, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Adobe Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

ac:7d:c4:d6:78:b5:cd:0d:da:54:a6:bd:90:ba:4d:9e:d0:98:05:62:5d:95:08:08:69:0a:ff:f1:ac:cd:d5:43
Signer

Actual PE Digest

ac:7d:c4:d6:78:b5:cd:0d:da:54:a6:bd:90:ba:4d:9e:d0:98:05:62:5d:95:08:08:69:0a:ff:f1:ac:cd:d5:43

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Adobe Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

04/12/2018, 12:01
Valid: true

Chain 1

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Adobe Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

htonl
getsockopt
ioctlsocket
connect
closesocket
listen
getsockname
bind
WSAGetLastError
WSASetLastError
WSAStartup
getservbyname
getservbyport
gethostbyname
gethostbyaddr
socket
send
select
recv
ntohs
inet_ntoa
inet_addr
htons
__WSAFDIsSet

kernel32

GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
GetLastError
DeleteCriticalSection
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreW
FindFirstFileW
FindNextFileW
InitializeCriticalSectionEx
FindClose
RaiseException
DecodePointer
ReleaseMutex
CreateMutexA
Sleep
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetVersionExA
GetModuleHandleA
GetModuleFileNameA
GetSystemDirectoryA
CreateMutexW
FreeLibrary
CreateProcessW
GetProcAddress
CloseHandle
LoadLibraryA
MultiByteToWideChar
GetStdHandle
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
InitializeCriticalSection
GetThreadPriority
HeapSize
HeapFree
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
GetOEMCP
IsValidCodePage
FindNextFileA
SwitchToThread
FreeEnvironmentStringsW
GetCommandLineW
GetEnvironmentVariableW
GetCurrentProcessId
ReadFile
WriteFile
ConnectNamedPipe
GetOverlappedResult
OpenProcess
QueryFullProcessImageNameW
GetNamedPipeServerProcessId
GetLocalTime
GetCurrentThread
GetTickCount
GetEnvironmentStringsW
SetStdHandle
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateFileW
FlushFileBuffers
GetFileAttributesExW
GetFileSizeEx
GetFullPathNameW
LockFileEx
SetEndOfFile
SetFilePointerEx
UnlockFile
GetTempPathW
DuplicateHandle
PeekNamedPipe
CreateNamedPipeW
SetEvent
ResetEvent
CreateEventW
GetCurrentProcess
SetThreadPriority
HeapReAlloc
VirtualAlloc
VirtualFree
GetModuleHandleExW
LoadLibraryExW
WaitForMultipleObjects
GetNamedPipeInfo
LocalAlloc
LocalReAlloc
LocalFree
FormatMessageW
LCMapStringW
SetFilePointer
RtlCaptureStackBackTrace
TerminateProcess
GlobalAlloc
GlobalFree
GetSystemTimeAsFileTime
WaitForSingleObjectEx
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
QueryPerformanceCounter
IsDebuggerPresent
GetStartupInfoW
WideCharToMultiByte
EncodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
CompareStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
OutputDebugStringW
RtlUnwind
InterlockedPushEntrySList
GetDriveTypeW
GetFileType
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
CreateThread
ExitThread
FreeLibraryAndExitThread
GetTimeZoneInformation
ExitProcess
GetCommandLineA
GetACP
GetConsoleMode
ReadConsoleW
GetConsoleCP
GetFullPathNameA
HeapAlloc
FindFirstFileExA

user32

SetWindowLongW
RegisterClassW
CreateWindowExW
SetTimer
KillTimer
TranslateMessage
DispatchMessageW
PostMessageW
PostQuitMessage
DestroyWindow
MsgWaitForMultipleObjectsEx
GetWindowLongW
GetShellWindow
EnumWindows
GetWindowThreadProcessId
DefWindowProcW
PeekMessageW

advapi32

GetUserNameW
RegCloseKey
CreateProcessWithTokenW
LookupPrivilegeValueW
GetTokenInformation
FreeSid
EqualSid
DuplicateTokenEx
AllocateAndInitializeSid
AdjustTokenPrivileges
OpenProcessToken
RegOpenKeyExW
RegQueryValueExW

ole32

CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
OleRun
CoUninitialize

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

shell32

ShellExecuteExW
SHCreateDirectoryExW
CommandLineToArgvW

Sections

.text
Size: 748KB - Virtual size: 747KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
customhook/AdobeIPCBrokerCustomHook.exe
.exe windows x86

85aa1a3ec9a324deb93be1db280c6b57

Code Sign

0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2f
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/10/2018, 00:00

Not After

03/11/2021, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Adobe Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

45:89:c1:a8:6a:c2:59:11:0f:f3:d0:dd:de:2c:9f:61:14:dd:37:fb:38:82:82:1c:83:5d:79:6e:28:bc:74:54
Signer

Actual PE Digest

45:89:c1:a8:6a:c2:59:11:0f:f3:d0:dd:de:2c:9f:61:14:dd:37:fb:38:82:82:1c:83:5d:79:6e:28:bc:74:54

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Adobe Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

04/12/2018, 12:01
Valid: true

Chain 1

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Adobe Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAppendW

kernel32

RaiseException
HeapSize
TerminateProcess
GetTempPathW
OpenProcess
CreateToolhelp32Snapshot
Sleep
Process32NextW
Process32FirstW
CloseHandle
CreateFileW
ReadConsoleW
WriteConsoleW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RtlUnwind
SetEndOfFile
GetLastError
FreeLibrary
LoadLibraryExW
HeapAlloc
HeapReAlloc
HeapFree
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
GetACP
GetFileType
FlushFileBuffers
GetConsoleCP
GetConsoleMode
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadFile
SetFilePointerEx
GetProcessHeap
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle

user32

FindWindowExW
PostMessageW

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Adobe 2023/Adobe 2023/packages/AAM/IPC/IPC.pimx
Adobe 2023/Adobe 2023/packages/AAM/IPC/IPC.sig
.xml
Adobe 2023/Adobe 2023/packages/ACC/ACCC/ACCC.pima
.zip
Adobe 2023/Adobe 2023/packages/ACC/ACCC/ACCC.pimx
.xml
Adobe 2023/Adobe 2023/packages/ACC/ACCC/ACCC.sig
.xml
Adobe 2023/Adobe 2023/packages/ACC/Utils/Utils.pima
.zip
Adobe 2023/Adobe 2023/packages/ACC/Utils/Utils.pimx
.xml
Adobe 2023/Adobe 2023/packages/ACC/Utils/Utils.sig
.xml
Adobe 2023/Adobe 2023/packages/ACC64/3DI/3DI.pima
.zip
Adobe 2023/Adobe 2023/packages/ACC64/3DI/3DI.pimx
.xml
Adobe 2023/Adobe 2023/packages/ACC64/3DI/3DI.sig
.xml
Adobe 2023/Adobe 2023/packages/ACC64/ACCC64/ACCC64.pima
.zip
Adobe 2023/Adobe 2023/packages/ACC64/ACCC64/ACCC64.pimx
.xml
Adobe 2023/Adobe 2023/packages/ACC64/ACCC64/ACCC64.sig
.xml
Adobe 2023/Adobe 2023/packages/ACC64/Apps/Apps.pima
.zip
Adobe 2023/Adobe 2023/packages/ACC64/Apps/Apps.pimx
.xml
Adobe 2023/Adobe 2023/packages/ACC64/Apps/Apps.sig
.xml
Adobe 2023/Adobe 2023/packages/ACC64/Assets/Assets.pima
.zip
Adobe 2023/Adobe 2023/packages/ACC64/Assets/Assets.pimx
.xml
Adobe 2023/Adobe 2023/packages/ACC64/Assets/Assets.sig
.xml
Adobe 2023/Adobe 2023/packages/ACC64/CCDContainer/CCDContainer.pima
.zip
Adobe 2023/Adobe 2023/packages/ACC64/CCDContainer/CCDContainer.pimx
.xml
Adobe 2023/Adobe 2023/packages/ACC64/CCDContainer/CCDContainer.sig
.xml
Adobe 2023/Adobe 2023/packages/ACC64/CCDContainerJS/CCDContainerJS.pima
.zip
Adobe 2023/Adobe 2023/packages/ACC64/CCDContainerJS/CCDContainerJS.pimx
.xml
Adobe 2023/Adobe 2023/packages/ACC64/CCDContainerJS/CCDContainerJS.sig
.xml
Adobe 2023/Adobe 2023/packages/ACC64/CCExpress/CCExpress.pima
.zip
Adobe 2023/Adobe 2023/packages/ACC64/CCExpress/CCExpress.pimx
.xml
Adobe 2023/Adobe 2023/packages/ACC64/CCExpress/CCExpress.sig
.xml
Adobe 2023/Adobe 2023/packages/ACC64/CCLibs/CCLibs.pima
.zip
Adobe 2023/Adobe 2023/packages/ACC64/CCLibs/CCLibs.pimx
.xml
Adobe 2023/Adobe 2023/packages/ACC64/CCLibs/CCLibs.sig
.xml
Adobe 2023/Adobe 2023/packages/ACC64/CloudDocs/CloudDocs.pima
.zip
Adobe 2023/Adobe 2023/packages/ACC64/CloudDocs/CloudDocs.pimx
.xml
Adobe 2023/Adobe 2023/packages/ACC64/CloudDocs/CloudDocs.sig
.xml
Adobe 2023/Adobe 2023/packages/ACC64/CloudSync/CloudSync.pima
.zip
Adobe 2023/Adobe 2023/packages/ACC64/CloudSync/CloudSync.pimx
.xml
Adobe 2023/Adobe 2023/packages/ACC64/CloudSync/CloudSync.sig
.xml
Adobe 2023/Adobe 2023/packages/ACC64/Discover/Discover.pima
.zip
Adobe 2023/Adobe 2023/packages/ACC64/Discover/Discover.pimx
.xml
Adobe 2023/Adobe 2023/packages/ACC64/Discover/Discover.sig
.xml
Adobe 2023/Adobe 2023/packages/ACC64/Fonts/Fonts.pima
.zip
Adobe 2023/Adobe 2023/packages/ACC64/Fonts/Fonts.pimx
.xml
Adobe 2023/Adobe 2023/packages/ACC64/Fonts/Fonts.sig
.xml
Adobe 2023/Adobe 2023/packages/ACC64/Home/Home.pima
.zip
Adobe 2023/Adobe 2023/packages/ACC64/Home/Home.pimx
.xml
Adobe 2023/Adobe 2023/packages/ACC64/Home/Home.sig
.xml
Adobe 2023/Adobe 2023/packages/ACC64/OneUp/OneUp.pima
.zip
Adobe 2023/Adobe 2023/packages/ACC64/OneUp/OneUp.pimx
.xml
Adobe 2023/Adobe 2023/packages/ACC64/OneUp/OneUp.sig
.xml
Adobe 2023/Adobe 2023/packages/ACC64/Plugins/Plugins.pima
.zip
Adobe 2023/Adobe 2023/packages/ACC64/Plugins/Plugins.pimx
.xml
Adobe 2023/Adobe 2023/packages/ACC64/Plugins/Plugins.sig
.xml
Adobe 2023/Adobe 2023/packages/ACC64/SAM/SAM.pima
.zip
Adobe 2023/Adobe 2023/packages/ACC64/SAM/SAM.pimx
.xml
Adobe 2023/Adobe 2023/packages/ACC64/SAM/SAM.sig
.xml
Adobe 2023/Adobe 2023/packages/ACC64/Search/Search.pima
.zip
Adobe 2023/Adobe 2023/packages/ACC64/Search/Search.pimx
.xml
Adobe 2023/Adobe 2023/packages/ACC64/Search/Search.sig
.xml
Adobe 2023/Adobe 2023/packages/ACC64/ShareSheet/ShareSheet.pima
.zip
Adobe 2023/Adobe 2023/packages/ACC64/ShareSheet/ShareSheet.pimx
.xml
Adobe 2023/Adobe 2023/packages/ACC64/ShareSheet/ShareSheet.sig
.xml
Adobe 2023/Adobe 2023/packages/ACC64/Spaces/Spaces.pima
.zip
Adobe 2023/Adobe 2023/packages/ACC64/Spaces/Spaces.pimx
.xml
Adobe 2023/Adobe 2023/packages/ACC64/Spaces/Spaces.sig
.xml
Adobe 2023/Adobe 2023/packages/ACC64/StarterLibs/StarterLibs.pima
.zip
Adobe 2023/Adobe 2023/packages/ACC64/StarterLibs/StarterLibs.pimx
.xml
Adobe 2023/Adobe 2023/packages/ACC64/StarterLibs/StarterLibs.sig
.xml
Adobe 2023/Adobe 2023/packages/ACC64/Stock/Stock.pima
.zip
Adobe 2023/Adobe 2023/packages/ACC64/Stock/Stock.pimx
.xml
Adobe 2023/Adobe 2023/packages/ACC64/Stock/Stock.sig
.xml
Adobe 2023/Adobe 2023/packages/ACC64/UAB/UAB.pima
.zip
Adobe 2023/Adobe 2023/packages/ACC64/UAB/UAB.pimx
.xml
Adobe 2023/Adobe 2023/packages/ACC64/UAB/UAB.sig
.xml
Adobe 2023/Adobe 2023/packages/ACC64/WebFS/WebFS.pima
.zip
Adobe 2023/Adobe 2023/packages/ACC64/WebFS/WebFS.pimx
.xml
Adobe 2023/Adobe 2023/packages/ACC64/WebFS/WebFS.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC/ADS/ADS.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC/ADS/ADS.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC/ADS/ADS.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC/AdobeGenuineClient/AdobeGenuineClient.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC/AdobeGenuineClient/AdobeGenuineClient.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC/AdobeGenuineClient/AdobeGenuineClient.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC/AppsPanel/AppsPanel.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC/AppsPanel/AppsPanel.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC/AppsPanel/AppsPanel.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC/Core/Core.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC/Core/Core.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC/Core/Core.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC/CoreExt/CoreExt.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC/CoreExt/CoreExt.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC/CoreExt/CoreExt.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC/DEBox/DEBox.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC/DEBox/DEBox.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC/DEBox/DEBox.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC/ElevationManager/ElevationManager.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC/ElevationManager/ElevationManager.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC/ElevationManager/ElevationManager.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC/FilesPanel/FilesPanel.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC/FilesPanel/FilesPanel.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC/FilesPanel/FilesPanel.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC/FontsPanel/FontsPanel.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC/FontsPanel/FontsPanel.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC/FontsPanel/FontsPanel.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC/HDBox/HDBox.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC/HDBox/HDBox.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC/HDBox/HDBox.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC/IPCBox/IPCBox.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC/IPCBox/IPCBox.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC/IPCBox/IPCBox.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC/LCC/LCC.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC/LCC/LCC.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC/LCC/LCC.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC/NHEX/NHEX.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC/NHEX/NHEX.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC/NHEX/NHEX.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC/Notifications/Notifications.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC/Notifications/Notifications.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC/Notifications/Notifications.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC/Runtime/Runtime.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC/Runtime/Runtime.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC/Runtime/Runtime.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC/TCC/TCC.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC/TCC/TCC.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC/TCC/TCC.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC64/ADBox/ADBox.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC64/ADBox/ADBox.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC64/ADBox/ADBox.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC64/CEF64/CEF64.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC64/CEF64/CEF64.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC64/CEF64/CEF64.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC64/Core64/Core64.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC64/Core64/Core64.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC64/Core64/Core64.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC64/CoreExt64/CoreExt64.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC64/CoreExt64/CoreExt64.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC64/CoreExt64/CoreExt64.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC64/HEX64/HEX64.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC64/HEX64/HEX64.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC64/HEX64/HEX64.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC64/NGL/NGL.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC64/NGL/NGL.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC64/NGL/NGL.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC64/NVP/NVP.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC64/NVP/NVP.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC64/NVP/NVP.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC64/RemoteCoreExts/RemoteCoreExts.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC64/RemoteCoreExts/RemoteCoreExts.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC64/RemoteCoreExts/RemoteCoreExts.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC64/TCC64/TCC64.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC64/TCC64/TCC64.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC64/TCC64/TCC64.sig
.xml
Adobe 2023/Adobe 2023/packages/ADC64/UPI64/UPI64.pima
.zip
Adobe 2023/Adobe 2023/packages/ADC64/UPI64/UPI64.pimx
.xml
Adobe 2023/Adobe 2023/packages/ADC64/UPI64/UPI64.sig
.xml
Adobe 2023/Adobe 2023/packages/ApplicationInfo.xml
.xml
Adobe 2023/Adobe 2023/packages/setup.exe
.exe windows x64

6d9c27ca5008bc63e9fbc102659734db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

comctl32

ord17

shell32

ShellExecuteW
SHBrowseForFolderW
ShellExecuteExW
SHGetPathFromIDListW
SHGetFileInfoW
SHGetSpecialFolderPathW
SHGetMalloc

gdi32

CreateCompatibleDC
CreateFontIndirectW
DeleteObject
DeleteDC
GetCurrentObject
StretchBlt
GetDeviceCaps
CreateCompatibleBitmap
SelectObject
SetStretchBltMode
GetObjectW

advapi32

FreeSid
AllocateAndInitializeSid
CheckTokenMembership

user32

GetSystemMenu
EnableMenuItem
EnableWindow
MessageBeep
LoadIconW
LoadImageW
SetWindowsHookExW
PtInRect
CallNextHookEx
DefWindowProcW
CallWindowProcW
DrawIconEx
DialogBoxIndirectParamW
GetWindow
ClientToScreen
GetDC
DrawTextW
SystemParametersInfoW
SetFocus
UnhookWindowsHookEx
GetWindowLongPtrW
SetWindowLongPtrW
GetSystemMetrics
GetClientRect
GetDlgItem
IsWindow
CreateWindowExA
MessageBoxA
DestroyWindow
GetSysColor
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
wsprintfA
GetClassNameA
GetWindowLongW
GetMenu
GetWindowDC
ReleaseDC
CopyImage
GetParent
ScreenToClient
CreateWindowExW
GetDesktopWindow
wvsprintfW
SetWindowPos
SetTimer
GetMessageW
DispatchMessageW
GetWindowRect
CharUpperW
SendMessageW
ShowWindow
BringWindowToTop
wsprintfW
MessageBoxW
EndDialog
SetWindowLongW
GetKeyState
KillTimer

ole32

CreateStreamOnHGlobal
CoInitialize
CoCreateInstance

oleaut32

SysFreeString
VariantClear
SysAllocStringLen
OleLoadPicture
SysAllocString

kernel32

ReadFile
SetFileTime
SetEndOfFile
VirtualAlloc
VirtualFree
GetFileInformationByHandle
WaitForMultipleObjects
SetFilePointer
GetFileSize
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
FormatMessageW
lstrcpyW
LocalFree
IsBadReadPtr
GetSystemDirectoryW
GetCurrentThreadId
SuspendThread
TerminateThread
InitializeCriticalSection
ResetEvent
SetEvent
CreateEventW
GetVersionExW
GetModuleFileNameW
GetCurrentProcess
SetProcessWorkingSetSize
SetEnvironmentVariableW
GetDriveTypeW
CreateFileW
LoadLibraryA
SetThreadLocale
GetSystemTimeAsFileTime
ExpandEnvironmentStringsW
CompareFileTime
WideCharToMultiByte
GetTempPathW
GetCurrentDirectoryW
GetEnvironmentVariableW
lstrcmpiW
GetLocaleInfoW
MultiByteToWideChar
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetSystemDefaultLCID
lstrcmpiA
GlobalAlloc
GlobalFree
MulDiv
FindResourceExA
SizeofResource
LoadResource
LockResource
GetProcAddress
GetModuleHandleW
FindFirstFileW
lstrcmpW
DeleteFileW
FindNextFileW
FindClose
RemoveDirectoryW
GetStdHandle
WriteFile
lstrlenA
CreateDirectoryW
GetFileAttributesW
SetCurrentDirectoryW
GetLocalTime
SystemTimeToFileTime
CreateThread
GetExitCodeThread
Sleep
SetFileAttributesW
GetDiskFreeSpaceExW
SetLastError
GetCommandLineW
GetStartupInfoW
GetTickCount
lstrlenW
ExitProcess
lstrcatW
AddVectoredExceptionHandler
RemoveVectoredExceptionHandler
CloseHandle
WaitForSingleObject
GetExitCodeProcess
GetQueuedCompletionStatus
ResumeThread
SetInformationJobObject
CreateIoCompletionPort
AssignProcessToJobObject
CreateJobObjectW
GetLastError
CreateProcessW
GetStartupInfoA

msvcrt

free
__set_app_type
??3@YAXPEAX@Z
_purecall
??2@YAPEAX_K@Z
_wtol
__CxxFrameHandler
memset
memmove
memcpy
_wcsnicmp
memcmp
strncpy
wcsncpy
wcsncmp
strncmp
?_set_new_handler@@YAP6AH_K@ZP6AH0@Z@Z
_beginthreadex
_CxxThrowException
wcsstr
_fmode
realloc
malloc
__dllonexit
_onexit
??1type_info@@UEAA@XZ
__C_specific_handler
_XcptFilter
_c_exit
_exit
_cexit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_commode
?terminate@@YAXXZ

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Adobe 2023/Adobe 2023/products/ACAI/application.json
Adobe 2023/Adobe 2023/products/ACAI/cai-helper.zip
.zip
Adobe 2023/Adobe 2023/products/CCXP/CCX-Process-mul-win7.zip
.zip
Adobe 2023/Adobe 2023/products/CCXP/CCX-Process-mul-x64.zip
.zip
Adobe 2023/Adobe 2023/products/CCXP/CCX-Process-mul-x86.zip
.zip
Adobe 2023/Adobe 2023/products/CCXP/CCXProcess-Components.zip
.zip
Adobe 2023/Adobe 2023/products/CCXP/CCXProcess-LaunchAgent.zip
.zip
Adobe 2023/Adobe 2023/products/CCXP/application.json
.js
Adobe 2023/Adobe 2023/products/CCXP/com.adobe.ccx.fnft-3.5.0-manifest.zip
.zip
Adobe 2023/Adobe 2023/products/CCXP/com.adobe.ccx.fnft-3.5.0.zip
.zip
Adobe 2023/Adobe 2023/products/CCXP/com.adobe.ccx.start-2.16.0-manifest.zip
.zip
Adobe 2023/Adobe 2023/products/CCXP/com.adobe.ccx.start-2.16.0.zip
.zip
Adobe 2023/Adobe 2023/products/CCXP/com.adobe.ccx.start-2.7.2-manifest.zip
.zip
Adobe 2023/Adobe 2023/products/CCXP/com.adobe.ccx.start-2.7.2.zip
.zip
Adobe 2023/Adobe 2023/products/CCXP/com.adobe.ccx.start-6.4.0-manifest.zip
.zip
Adobe 2023/Adobe 2023/products/CCXP/com.adobe.ccx.start-6.4.0.zip
.zip
Adobe 2023/Adobe 2023/products/COCM/AdobeColorCommonSetCMYK_1_0-mul.zip
.zip
Adobe 2023/Adobe 2023/products/COCM/application.json
Adobe 2023/Adobe 2023/products/COPS/AdobeColor_Photoshop_1_0-mul.zip
.zip
Adobe 2023/Adobe 2023/products/COPS/AdobeColor_VideoProfilesCS_1_0-mul.zip
.zip
Adobe 2023/Adobe 2023/products/COPS/application.json
Adobe 2023/Adobe 2023/products/CORE/AdobeColorEU_ExtraSettings_1_0-mul.zip
.zip
Adobe 2023/Adobe 2023/products/CORE/AdobeColorEU_Recommended_1_0-mul.zip
.zip
Adobe 2023/Adobe 2023/products/CORE/AdobeColorJA_ExtraSettings_1_0-mul.zip
.zip
Adobe 2023/Adobe 2023/products/CORE/AdobeColorJA_Recommended_1_0-mul.zip
.zip
Adobe 2023/Adobe 2023/products/CORE/AdobeColorNA_ExtraSettings_1_0-mul.zip
.zip
Adobe 2023/Adobe 2023/products/CORE/AdobeColorNA_Recommended_1_0-mul.zip
.zip
Adobe 2023/Adobe 2023/products/CORE/application.json
Adobe 2023/Adobe 2023/products/CORG/AdobeColorCommonSetRGB_1_0-mul.zip
.zip
Adobe 2023/Adobe 2023/products/CORG/application.json
Adobe 2023/Adobe 2023/products/COSY/CoreSyncExtensionInstaller.zip
.zip
Adobe 2023/Adobe 2023/products/COSY/CoreSyncExtensionUninstaller.zip
.zip
Adobe 2023/Adobe 2023/products/COSY/CoreSyncInstaller.zip
.zip
Adobe 2023/Adobe 2023/products/COSY/CoreSyncUninstaller.zip
.zip
Adobe 2023/Adobe 2023/products/COSY/ExchangePlugin.zip
.zip
Adobe 2023/Adobe 2023/products/COSY/LiveType.zip
.zip
Adobe 2023/Adobe 2023/products/COSY/application.json
Adobe 2023/Adobe 2023/products/LIBS/CC-Library-Panel-3_13_164.zip
.zip
Adobe 2023/Adobe 2023/products/LIBS/CC-Library-Panel-3_21_13.zip
.zip
Adobe 2023/Adobe 2023/products/LIBS/CC-Library-Panel-3_8_299.zip
.zip
Adobe 2023/Adobe 2023/products/LIBS/CC-Library-mul-x64.zip
.zip
Adobe 2023/Adobe 2023/products/LIBS/CC-Library-mul-x86.zip
.zip
Adobe 2023/Adobe 2023/products/LIBS/application.json
.js
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-Support.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-cs_CZ_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-da_DK_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-de_DE_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-en_AE_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-en_GB_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-en_IL_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-en_US_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-es_ES_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-es_MX_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-fi_FI_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-fr_CA_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-fr_FR_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-fr_MA_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-hu_HU_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-it_IT_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-ja_JP_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-ko_KR_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-nb_NO_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-nl_NL_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-pl_PL_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-pt_BR_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-ru_RU_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-sv_SE_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-tr_TR_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-uk_UA_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-zh_CN_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/AdobePhotoshop24-zh_TW_x64.zip
.zip
Adobe 2023/Adobe 2023/products/PHSP/application.json
.js
Adobe 2023/Adobe 2023/products/UXPW/AdobeUXPWebViewSupport_x64-mul.zip
.zip
Adobe 2023/Adobe 2023/products/UXPW/application.json
.js
Adobe 2023/Adobe 2023/products/driver.xml
Adobe 2023/Adobe 2023/resources/AdobePIM.dll
.dll windows x86

bad4069efbb0fea858e33d102d409210

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ff:93:96:11:6c:ee:f7:27:fe:35:b5:b4:f7:f8:43:7b:42:22:59:7e:1a:75:c8:e9:6c:94:ac:49:50:ad:6c:60
Signer

Actual PE Digest

ff:93:96:11:6c:ee:f7:27:fe:35:b5:b4:f7:f8:43:7b:42:22:59:7e:1a:75:c8:e9:6c:94:ac:49:50:ad:6c:60

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

25/06/2021, 08:59
Valid: true

Chain 1

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
CreateSemaphoreW
AreFileApisANSI
ReadFile
TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
CreateFileW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
HeapSize
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
HeapReAlloc
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
GetProcAddress
LockFileEx
GetFileSize
GetProcessHeap
SystemTimeToFileTime
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
ReleaseSemaphore
MultiByteToWideChar
GetTempPathW
CreateDirectoryW
GetDateFormatW
GetTimeFormatW
GetLocalTime
GetCommandLineW
GetExitCodeProcess
lstrcmpW
lstrcmpiW
CopyFileW
CreateProcessW
LocalFree
ResetEvent
CreateThread
CloseHandle
OpenSemaphoreW
Process32FirstW
GetDiskFreeSpaceExW
ReleaseMutex
SetEvent
Process32NextW
Sleep
CreateEventW
CreateToolhelp32Snapshot
SetFileAttributesW
OpenProcess
GetVersionExW
LocalAlloc
WaitForSingleObject
FindClose
RemoveDirectoryW
TerminateProcess
FindNextFileW
FindFirstFileW
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetConsoleCP
ReadConsoleW
GetConsoleMode
GetFileType
GetStdHandle
EnumSystemLocalesW
IsValidLocale
ExitProcess
GetTimeZoneInformation
GetModuleHandleExW
ExitThread
RtlUnwind
InterlockedFlushSList
InterlockedPushEntrySList
LoadLibraryExW
FreeLibraryAndExitThread
GetStartupInfoW
InitializeSListHead
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
QueryPerformanceFrequency
GetLocaleInfoW
CompareStringW
InitializeCriticalSectionEx
EncodePointer
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateMutexW
InitializeCriticalSectionAndSpinCount
GetExitCodeThread
SwitchToThread
GetStringTypeW
GetCurrentProcess
GetFileSizeEx
lstrlenW
GetACP
SetFilePointerEx
GlobalFree
ResumeThread
TerminateThread
SetThreadPriority
GetCurrentThread
SizeofResource
GetModuleFileNameW
LockResource
LoadResource
FindResourceW
MoveFileExW
GlobalAlloc
VerSetConditionMask
GetModuleHandleW
VerifyVersionInfoW
SetLastError
DuplicateHandle
ProcessIdToSessionId
FindResourceExW
lstrcpyW
GetThreadTimes
QueryFullProcessImageNameW
GetUserDefaultLangID
GetUserDefaultLCID
LCMapStringW
FileTimeToSystemTime
OpenMutexW
VirtualFree
VirtualAlloc
GetUserDefaultUILanguage

user32

wsprintfW
GetWindowThreadProcessId
GetShellWindow
EnumWindows

advapi32

CryptAcquireContextW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
GetNamedSecurityInfoW
SetNamedSecurityInfoW
LookupAccountSidW
CreateWellKnownSid
EqualSid
GetTokenInformation
DuplicateTokenEx
GetUserNameW
ConvertSidToStringSidW
ImpersonateLoggedOnUser
ConvertStringSidToSidW
RevertToSelf
CryptReleaseContext
SetSecurityDescriptorDacl
RegCloseKey
RegDeleteKeyExW
AllocateAndInitializeSid
SetEntriesInAclW
RegCreateKeyExW
RegSetValueExW
FreeSid
InitializeSecurityDescriptor
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash

shell32

SHGetKnownFolderPath
ord680
SHGetFolderLocation
SHGetFolderPathW
SHGetPathFromIDListW
ShellExecuteExW
SHCreateDirectoryExW
SHCreateItemFromParsingName
SHGetSpecialFolderPathW
CommandLineToArgvW
ord51

ole32

OleRun
CLSIDFromProgID
StringFromGUID2
CoCreateGuid
CoInitializeSecurity
CoSetProxyBlanket
CoUninitialize
CoCreateInstance
CoInitializeEx
CoInitialize
CLSIDFromString
CoTaskMemFree

oleaut32

VariantInit
SysFreeString
SysAllocString
VariantClear
GetErrorInfo
VariantCopy
SysStringLen
VariantChangeType

msi

ord145
ord74
ord147

winhttp

WinHttpSendRequest
WinHttpSetCredentials
WinHttpConnect
WinHttpQueryDataAvailable
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpOpenRequest
WinHttpOpen
WinHttpGetProxyForUrl
WinHttpQueryAuthSchemes
WinHttpGetIEProxyConfigForCurrentUser
WinHttpCloseHandle
WinHttpSetOption
WinHttpReadData
WinHttpSetTimeouts

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

psapi

GetProcessImageFileNameW
GetModuleFileNameExW
EnumProcessModules

wtsapi32

WTSEnumerateSessionsW
WTSFreeMemory

shlwapi

PathFileExistsW
PathIsDirectoryW
PathRenameExtensionW
PathAppendW
PathRemoveBackslashW
PathStripPathW
PathAppendA
PathFindFileNameW
PathRemoveFileSpecW
PathFileExistsA
PathIsRootW
PathIsSystemFolderW
PathIsDirectoryEmptyW
PathIsDirectoryA
PathRemoveFileSpecA
PathRemoveExtensionW
PathAddExtensionW
PathIsFileSpecW

crypt32

CertGetNameStringW

wintrust

WinVerifyTrust
WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
WTHelperGetProvCertFromChain

bcrypt

BCryptOpenAlgorithmProvider
BCryptFinishHash
BCryptDestroyHash
BCryptCloseAlgorithmProvider
BCryptCreateHash
BCryptHashData

Exports

Exports

AAMIU_Uninstall
AAMIU_getDeploymentValidationStatus
AAMIU_preInstallPropertySet
pim_createLibraryRef
pim_freeLibraryRef
pim_freeLiraryRef
pim_freeString
pim_getAppletAndPackageInfo
pim_getAppletRegistrationInfo
pim_getAppletRelationshipInfo
pim_getCurrentCCVersion
pim_getCurrentPackagesVersion
pim_getInstallStatus
pim_getInstalledPackagesInfo
pim_launchACCCUninstallerExecutableAsAdmin
pim_selfUpdateCheck
pim_selfUpdateCheckWithData
pim_selfUpdateCheckWithDataV2
pim_startWorkflow
pim_startWorkflowWithData
pim_syncFromPathToACF
pim_syncFromPathToPath
pim_syncUSFToACF
pim_uninstallAAMFromAAMCleanerTool
pim_uninstallAAMUsingAAMCleanerTool
pim_uninstallACCC64FromACCCCleanerTool
pim_uninstallACCCFromACCCCleanerTool
pim_uninstallADC64UsingADCCleanerTool
pim_uninstallADCUsingADCCleanerTool

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 366KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Adobe 2023/Adobe 2023/resources/Config.xml
.xml
Adobe 2023/Adobe 2023/resources/carousel/Dictionary/cs_cz/locale.json
Adobe 2023/Adobe 2023/resources/carousel/Dictionary/de_de/locale.json
Adobe 2023/Adobe 2023/resources/carousel/Dictionary/en_US/locale.json
Adobe 2023/Adobe 2023/resources/carousel/Dictionary/es_es/locale.json
Adobe 2023/Adobe 2023/resources/carousel/Dictionary/fr_fr/locale.json
Adobe 2023/Adobe 2023/resources/carousel/Dictionary/it_it/locale.json
Adobe 2023/Adobe 2023/resources/carousel/Dictionary/ja_jp/locale.json
Adobe 2023/Adobe 2023/resources/carousel/Dictionary/ko_kr/locale.json
Adobe 2023/Adobe 2023/resources/carousel/Dictionary/nl_nl/locale.json
Adobe 2023/Adobe 2023/resources/carousel/Dictionary/pl_pl/locale.json
Adobe 2023/Adobe 2023/resources/carousel/Dictionary/ru_ru/locale.json
Adobe 2023/Adobe 2023/resources/carousel/Dictionary/sv_se/locale.json
Adobe 2023/Adobe 2023/resources/carousel/Dictionary/zh_cn/locale.json
Adobe 2023/Adobe 2023/resources/carousel/Dictionary/zh_tw/locale.json
Adobe 2023/Adobe 2023/resources/carousel/carousel.js
.js
Adobe 2023/Adobe 2023/resources/carousel/css/fonts/adobeclean/adobeclean-regular-webfont.woff
Adobe 2023/Adobe 2023/resources/carousel/css/styles.css
Adobe 2023/Adobe 2023/resources/carousel/images/01_creativity_for_all_445x239.mp4
Adobe 2023/Adobe 2023/resources/carousel/index.html
.html
Adobe 2023/Adobe 2023/resources/carousel/lib/jquery.min.js
.js
Adobe 2023/Adobe 2023/resources/content/images/appIcon.png
.png
Adobe 2023/Adobe 2023/resources/content/images/appIcon2x.png
.png

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 2.6MB

UPX1 Size: 893KB - Virtual size: 896KB

.rsrc Size: 66KB - Virtual size: 68KB

b78757e60c78fbd8d0549e7a1e0d29a1

Code Sign

0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2fCertificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6Certificate

Extended Key Usages

Key Usages

ac:7d:c4:d6:78:b5:cd:0d:da:54:a6:bd:90:ba:4d:9e:d0:98:05:62:5d:95:08:08:69:0a:ff:f1:ac:cd:d5:43Signer

Signature Validations

Verification

04/12/2018, 12:01 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

advapi32

ole32

oleaut32

shell32

Sections

.text Size: 748KB - Virtual size: 747KB

.rdata Size: 197KB - Virtual size: 196KB

.data Size: 17KB - Virtual size: 33KB

.gfids Size: 1024B - Virtual size: 596B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 46KB - Virtual size: 46KB

.reloc Size: 44KB - Virtual size: 44KB

85aa1a3ec9a324deb93be1db280c6b57

Code Sign

0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2fCertificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6Certificate

Extended Key Usages

Key Usages

45:89:c1:a8:6a:c2:59:11:0f:f3:d0:dd:de:2c:9f:61:14:dd:37:fb:38:82:82:1c:83:5d:79:6e:28:bc:74:54Signer

Signature Validations

Verification

04/12/2018, 12:01 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

Sections

.text Size: 118KB - Virtual size: 118KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 4KB - Virtual size: 7KB

UPX0
Size: - Virtual size: 2.6MB

UPX1
Size: 893KB - Virtual size: 896KB

.rsrc
Size: 66KB - Virtual size: 68KB

0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2f
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

ac:7d:c4:d6:78:b5:cd:0d:da:54:a6:bd:90:ba:4d:9e:d0:98:05:62:5d:95:08:08:69:0a:ff:f1:ac:cd:d5:43
Signer

04/12/2018, 12:01
Valid: true

.text
Size: 748KB - Virtual size: 747KB

.rdata
Size: 197KB - Virtual size: 196KB

.data
Size: 17KB - Virtual size: 33KB

.gfids
Size: 1024B - Virtual size: 596B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 46KB - Virtual size: 46KB

.reloc
Size: 44KB - Virtual size: 44KB

0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2f
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

45:89:c1:a8:6a:c2:59:11:0f:f3:d0:dd:de:2c:9f:61:14:dd:37:fb:38:82:82:1c:83:5d:79:6e:28:bc:74:54
Signer

04/12/2018, 12:01
Valid: true

.text
Size: 118KB - Virtual size: 118KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 4KB - Virtual size: 7KB

.gfids
Size: 512B - Virtual size: 512B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 8KB

.text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 3KB - Virtual size: 20KB

.pdata
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 88KB - Virtual size: 87KB

.reloc
Size: 2KB - Virtual size: 2KB

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

ff:93:96:11:6c:ee:f7:27:fe:35:b5:b4:f7:f8:43:7b:42:22:59:7e:1a:75:c8:e9:6c:94:ac:49:50:ad:6c:60
Signer

25/06/2021, 08:59
Valid: true

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 366KB - Virtual size: 365KB

.data
Size: 20KB - Virtual size: 29KB