Proteus Professional 8[.]5[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

Proteus Professional 8.5.rar
Size

302.1MB
MD5

e225a905632602f131c3e0e5aaea99aa
SHA1

636eeee7c1b8369326416b80d88a974e1c954165
SHA256

d24c69d51a02d5720af86f0eb971506649066cf565705cc73a23b6f5a5f7ac5f
SHA512

92cdc0b19490b6bdb951d481baac3e1386e3ffdc55fc8723105c37d14b1b8a9da702abd9f076e50b0b9f8d0359b36db86d4d7bd460d8c9d711294d332363ca82
SSDEEP

6291456:U1wAV8UXl7+cTFD+F/9a3p6YvUqjniLvozBJ3IkHkFZ36E79Kv4i4dt:RAVN7+cZiFFa0YsqjiLAnYZ3Sqt

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/Proteus Professional 8.5/Proteus Design Suite 8.5/Update Proteus 8.5 SP0 Demo to PRO ENG v1.0.exe	upx

Files

Proteus Professional 8.5.rar
.rar
Proteus Professional 8.5/Licence Manager Proteus/LICENCE.DLL
.dll windows x86

9772b69a1669f46ad375b9724a113bb1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wincore

?initialise@REGISTRY32@@AAEXPAUHKEY__@@PBD@Z
??1REGISTRY32@@UAE@XZ
??_7REGISTRY32@@6B@
??_7REGISTRY@@6B@

lxlcore

?getint@@YAHPAPADPAH@Z
?remove@DIDX@@QAEPADH@Z
alnumcmp
??0DIDX@@QAE@HHP6AHPAD0@Z@Z
filename
strnzcpy
??1DPA@@QAE@XZ
addpaths
?zap@DPA@@QAEXXZ
??ADIDX@@QAEPADPAD@Z
?add@DIDX@@QAEHPADPAX@Z
pathtrim
addfilename
?skippast@@YAHPAPADD@Z

kernel32

GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcessId
SetUnhandledExceptionFilter
IsDebuggerPresent
GetTickCount
InterlockedExchange
InterlockedCompareExchange
QueryPerformanceCounter
UnhandledExceptionFilter
GetCurrentThreadId
GetProcAddress
LoadLibraryA
FreeLibrary
Sleep
GetModuleHandleA
SystemTimeToFileTime
GetFileAttributesExA
GetCurrentProcess
GetModuleFileNameA
GetComputerNameA
GetEnvironmentVariableW
CloseHandle
WaitForSingleObject
CreateMailslotA
ReadFile
WriteFile
ReleaseSemaphore
CreateFileA
CreateSemaphoreA

user32

MessageBoxA
SendMessageA

advapi32

RegEnumKeyExA
RegQueryValueExA
RegOpenKeyA
RegSetValueExA
RegCloseKey

shell32

SHGetSpecialFolderPathA

ole32

CoInitialize
CoCreateInstanceEx
CoUninitialize

msvcr90

ftell
fseek
fwrite
memcpy
fread
memset
?what@exception@std@@UBEPBDXZ
fopen
fclose
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
??0bad_cast@std@@QAE@ABV01@@Z
abort
_invalid_parameter_noinfo
srand
free
_isctype
tolower
_time32
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
memcpy_s
memmove_s
__CxxFrameHandler
_CxxThrowException
??2@YAPAXI@Z
??0bad_cast@std@@QAE@PBD@Z
_mktime32
_except_handler3
_endthread
rand
exit
??3@YAXPAX@Z
sprintf
sscanf
malloc
_strdup
_beginthread
??1bad_cast@std@@UAE@XZ

msvcp90

?_Decref@facet@locale@std@@QAEPAV123@XZ
_Tolower
_Toupper
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Xran@_String_base@std@@SAXXZ
?_Xlen@_String_base@std@@SAXXZ
??_8?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@7B@
??_7ios_base@std@@6B@
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?_Init@locale@std@@CAPAV_Locimp@12@XZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?id@?$ctype@D@std@@2V0locale@2@A
?_Id_cnt@id@locale@std@@0HA
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??_7?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@6B@
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
??0_Mutex@std@@QAE@XZ
??1_Mutex@std@@QAE@XZ
??_7?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@6B@
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?_Lock@_Mutex@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?_Unlock@_Mutex@std@@QAEXXZ

Exports

Exports

createlicenceserver
releaselicenceserver

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Proteus Professional 8.5/Licence Manager Proteus/LICENCE.EXE
.exe windows x86

9d20236ca12fd3df7a3434df71e7c961

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

a1:b7:a7:1e:eb:0d:eb:0c:63:1e:93:81:39:7e:48:07
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/07/2012, 00:00

Not After

09/07/2014, 23:59

Subject

CN=Labcenter Electronics,O=Labcenter Electronics,POSTALCODE=BD23 5AA,STREET=Main Street+STREET=53-55,L=Skipton,ST=North Yorkshire,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

bf:ba:64:3f:1a:63:60:29:07:59:27:2d:bd:5d:de:18:0b:ed:da:64
Signer

Actual PE Digest

bf:ba:64:3f:1a:63:60:29:07:59:27:2d:bd:5d:de:18:0b:ed:da:64

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Labcenter Electronics,O=Labcenter Electronics,POSTALCODE=BD23 5AA,STREET=Main Street+STREET=53-55,L=Skipton,ST=North Yorkshire,C=GB

01/08/2012, 07:56
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

GetWindowRect
EnumWindows
GetSystemMetrics
GetClassNameA
GetMonitorInfoA
MonitorFromRect
SetForegroundWindow
LoadIconA
PostMessageA
GetWindowLongA
SetFocus
IsWindowEnabled
GetAsyncKeyState
GetClientRect
GetSysColor
GetNextDlgTabItem
SetCursor
CreateDialogParamA
TranslateMessage
PeekMessageA
GetDlgItem
DefWindowProcA
PostQuitMessage
CreateWindowExA
SystemParametersInfoA
RegisterClassA
LoadCursorA
LoadBitmapA
ShowWindow
SetWindowPos
DispatchMessageA
GetMessageA
InsertMenuA
GetMenuItemCount
GetSystemMenu
MessageBoxA
DestroyWindow
UnregisterClassA
SetWindowTextA
GetWindowTextA
EnableWindow
GetFocus
SendMessageA

kernel32

GetCurrentDirectoryA
GetLocaleInfoA
GetDateFormatA
GetTimeFormatA
GetFullPathNameA
VirtualAlloc
VirtualFree
RaiseException
SetConsoleCtrlHandler
GetEnvironmentVariableA
GlobalAlloc
WriteFile
GlobalFree
ReadFile
GetFileType
WriteConsoleA
GetCPInfo
GetOEMCP
GetACP
MultiByteToWideChar
SetUnhandledExceptionFilter
GetTimeZoneInformation
SetFilePointer
CreateFileA
SetHandleCount
WideCharToMultiByte
FileTimeToDosDateTime
RtlUnwind
GetPrivateProfileStringA
GetSystemDirectoryA
GetTickCount
ReleaseSemaphore
CreateSemaphoreA
ExitProcess
UnhandledExceptionFilter
GetFileAttributesA
DuplicateHandle
GetCurrentProcess
GetStdHandle
GetLocalTime
LCMapStringA
GetStringTypeA
DeleteFileA
GetCurrentThreadId
FreeEnvironmentStringsA
GetVersion
GetEnvironmentStrings
GetCommandLineA
GetModuleHandleA
GetTempPathA
LoadLibraryA
GetLogicalDriveStringsA
CreateDirectoryA
GetFileAttributesExA
SystemTimeToFileTime
GetWindowsDirectoryA
CloseHandle
GetExitCodeProcess
WaitForSingleObject
GetLastError
CreateProcessA
FreeLibrary
GetProcAddress
GetModuleFileNameA
FindClose
FindNextFileA
FindFirstFileA

shell32

DragQueryFileA
SHGetSpecialFolderPathA
DragFinish
DragAcceptFiles

comctl32

ImageList_Add
ImageList_Create
ord17

gdi32

CreateSolidBrush
CreateFontA
SetBkColor
DeleteObject

comdlg32

GetSaveFileNameA
GetOpenFileNameA

wininet

InternetOpenUrlA
InternetOpenA
InternetAttemptConnect
InternetReadFile
InternetCloseHandle

advapi32

RegOpenKeyA
RegEnumKeyA
RegEnumValueA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA

Sections

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_TEXT
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT$XIA
Size: 33KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 28B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Proteus Professional 8.5/Licence Manager Proteus/Licencia Proteus 8.4 SP0 2030/Bard-LICENCE.lxk
Proteus Professional 8.5/Licence Manager Proteus/Licencia Proteus 8.4 SP0 2030/desktop.ini
Proteus Professional 8.5/Licence Manager Proteus/desktop.ini
Proteus Professional 8.5/Proteus Design Suite 8.5/Proteus_Pro-DEMO_8.5_SP0_Downloadly.ir.exe
.exe windows x86

a7743dff61b65f4214e6cf40057cf69d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
InitializeCriticalSection
DeleteCriticalSection
InterlockedDecrement
InterlockedIncrement
LoadLibraryW
GetCurrentThreadId
CloseHandle
GetShortPathNameW
GetModuleHandleW
GetCommandLineW
SetCurrentDirectoryW
GetDriveTypeW
GetFileAttributesW
GetVersionExW
CopyFileW
GetCurrentProcess
FlushInstructionCache
SetLastError
LoadLibraryExW
EnterCriticalSection
LeaveCriticalSection
lstrcmpiW
FreeLibrary
GetLastError
WriteFile
CreateFileW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
CreateMutexW
RaiseException
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
lstrlenW
MultiByteToWideChar
SetFileAttributesW
WideCharToMultiByte
GetLocaleInfoA
LocalAlloc
GetProcAddress
InterlockedExchange
LoadLibraryA
GetTempPathW
GetTempFileNameW
DeleteFileW
FindFirstFileW
FindNextFileW
RemoveDirectoryW
FindClose
GetLogicalDriveStringsW
CreateDirectoryW
GetFileSize
SetFilePointer
ReadFile
EnumResourceLanguagesW
GetLocaleInfoW
GetSystemDefaultLangID
GetUserDefaultLangID
GlobalMemoryStatus
OutputDebugStringW
GetCurrentProcessId
GetLocalTime
FlushFileBuffers
lstrcpynW
GetSystemDirectoryW
GetWindowsDirectoryW
GetEnvironmentVariableW
GetSystemTime
WaitForSingleObject
CreateThread
MulDiv
GetExitCodeThread
TerminateThread
CreateEventW
SetEvent
MoveFileW
Sleep
ResetEvent
CreateFileA
GetDiskFreeSpaceExW
FormatMessageW
CreateProcessW
GetExitCodeProcess
GetVersion
GetTempPathA
GetTempFileNameA
DuplicateHandle
GetStdHandle
CreateProcessA
DeleteFileA
LockFile
UnlockFile
CreateNamedPipeW
SearchPathW
OpenProcess
TerminateProcess
GlobalLock
GlobalUnlock
GlobalAlloc
GlobalFree
lstrcmpW
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedCompareExchange
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
ExitProcess
HeapCreate
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
LCMapStringW
RtlUnwind
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
GetStringTypeA
GetStringTypeW

user32

GetClientRect
GetParent
GetWindowRect
SystemParametersInfoW
GetWindowLongW
GetWindow
EndDialog
CreateDialogParamW
GetSystemMetrics
GetDC
PeekMessageW
TranslateMessage
DispatchMessageW
GetForegroundWindow
SendMessageW
CreateWindowExW
EnableWindow
ScreenToClient
GetDesktopWindow
PostQuitMessage
CallWindowProcW
ShowWindow
GetPropW
IsWindowVisible
RedrawWindow
InvalidateRect
SetFocus
SetWindowTextW
SetForegroundWindow
LoadImageW
GetSystemMenu
MapWindowPoints
DestroyMenu
MsgWaitForMultipleObjects
ModifyMenuW
FindWindowW
GetWindowTextLengthW
GetWindowTextW
MessageBeep
ExitWindowsEx
GetScrollRange
GetScrollPos
GetDlgCtrlID
SetPropW
RemovePropW
TrackPopupMenu
LoadMenuW
GetSubMenu
SetTimer
KillTimer
LoadIconW
GetWindowDC
ReleaseDC
OpenClipboard
CloseClipboard
EmptyClipboard
SetClipboardData
UnregisterClassA
GetDlgItem
IsWindow
PostMessageW
EnableMenuItem
SetWindowPos
DialogBoxParamW
MessageBoxW
GetActiveWindow
SetWindowLongW
DefWindowProcW
CharNextW
DestroyWindow
LoadStringW

gdi32

GetDeviceCaps
GetObjectW
DeleteDC
SetBkMode
DeleteObject
GetStockObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetMapMode
SetMapMode
GetViewportExtEx
GetWindowExtEx
CreateFontIndirectW

shell32

ShellExecuteW
ShellExecuteExW
SHGetFolderPathW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation

ole32

CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
CoUninitialize
StgCreateDocfileOnILockBytes
CoInitialize

oleaut32

VarUI4FromStr
OleLoadPicture

shlwapi

PathFileExistsW

comctl32

PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Sections

.text
Size: 246KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Proteus Professional 8.5/Proteus Design Suite 8.5/Readme.txt
Proteus Professional 8.5/Proteus Design Suite 8.5/Update Proteus 8.5 SP0 Demo to PRO ENG v1.0.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Proteus Professional 8.5/Proteus Design Suite 8.5/desktop.ini
Proteus Professional 8.5/desktop.ini

Sharing

General

Malware Config

Signatures

Files

9772b69a1669f46ad375b9724a113bb1

Headers

DLL Characteristics

File Characteristics

Imports

wincore

lxlcore

kernel32

user32

advapi32

shell32

ole32

msvcr90

msvcp90

Exports

Exports

Sections

.text Size: 66KB - Virtual size: 65KB

.text1 Size: 2KB - Virtual size: 1KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 6KB - Virtual size: 20KB

.data1 Size: 3KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 900B

.reloc Size: 5KB - Virtual size: 4KB

9d20236ca12fd3df7a3434df71e7c961

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate

Extended Key Usages

Key Usages

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bbCertificate

Extended Key Usages

Key Usages

a1:b7:a7:1e:eb:0d:eb:0c:63:1e:93:81:39:7e:48:07Certificate

Extended Key Usages

Key Usages

bf:ba:64:3f:1a:63:60:29:07:59:27:2d:bd:5d:de:18:0b:ed:da:64Signer

Signature Validations

Verification

01/08/2012, 07:56 Valid: false

Headers

File Characteristics

Imports

user32

kernel32

shell32

comctl32

gdi32

comdlg32

wininet

advapi32

Sections

.idata Size: 4KB - Virtual size: 4KB

_TEXT Size: 110KB - Virtual size: 110KB

.CRT$XIA Size: 33KB - Virtual size: 44KB

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 7KB - Virtual size: 7KB

.debug Size: 28B - Virtual size: 512B

a7743dff61b65f4214e6cf40057cf69d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

shlwapi

comctl32

version

Sections

.text Size: 246KB - Virtual size: 246KB

.rdata Size: 51KB - Virtual size: 51KB

.data Size: 7KB - Virtual size: 15KB

.text
Size: 66KB - Virtual size: 65KB

.text1
Size: 2KB - Virtual size: 1KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 6KB - Virtual size: 20KB

.data1
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 900B

.reloc
Size: 5KB - Virtual size: 4KB

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

a1:b7:a7:1e:eb:0d:eb:0c:63:1e:93:81:39:7e:48:07
Certificate

bf:ba:64:3f:1a:63:60:29:07:59:27:2d:bd:5d:de:18:0b:ed:da:64
Signer

01/08/2012, 07:56
Valid: false

.idata
Size: 4KB - Virtual size: 4KB

_TEXT
Size: 110KB - Virtual size: 110KB

.CRT$XIA
Size: 33KB - Virtual size: 44KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 7KB - Virtual size: 7KB

.debug
Size: 28B - Virtual size: 512B

.text
Size: 246KB - Virtual size: 246KB

.rdata
Size: 51KB - Virtual size: 51KB

.data
Size: 7KB - Virtual size: 15KB

.rsrc
Size: 98KB - Virtual size: 97KB

UPX0
Size: - Virtual size: 40KB

UPX1
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 4KB