Winja[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Winja.exe
Size

24.3MB
MD5

05de146bea00c4a16a885d7be912401a
SHA1

79a206a3abd1767b0cd3fa4ac803c21adf0570ae
SHA256

0dd029f7a1170ab5408acc18a36e99359d5c15d840c17b8a8539d4aa10202901
SHA512

40c7925971b9b9d67209d13f9ca70c6164e921755c1db889be4e3ad59140ee4a4fa8623d6ac83ae8acee5a080917714fe5f8f535b87f12e479ee06188ac7b7b7
SSDEEP

196608:fEiePzY5OdluFWMljaYWXRS0l/HkPb+vc0+7h:fE5LY52uzlj9WXTl/wylG

Score

1^/10

Malware Config

Signatures

Files

Winja.exe
.exe windows x64

3c624a203bd3af5a911fb654706275c2

Code Sign

53:50:54:a4:e8:55:62:4e:58:23:d6:41:8e:87:bb:15
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

19/11/2018, 00:00

Not After

18/11/2020, 23:59

Subject

CN=PHROZEN SOFTWARE (PHROZEN SAS),O=PHROZEN SOFTWARE (PHROZEN SAS),POSTALCODE=78600,STREET=12B rue de la Muette,L=Maisons Laffitte,ST=Yvelines,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

Issuer

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

30/05/2020, 10:48

Subject

CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

27/04/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

46:71:4e:56:b2:37:ed:14:8b:2c:45:8b:e0:40:1d:15:de:d6:ff:5e
Signer

Actual PE Digest

46:71:4e:56:b2:37:ed:14:8b:2c:45:8b:e0:40:1d:15:de:d6:ff:5e

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=PHROZEN SOFTWARE (PHROZEN SAS),O=PHROZEN SOFTWARE (PHROZEN SAS),POSTALCODE=78600,STREET=12B rue de la Muette,L=Maisons Laffitte,ST=Yvelines,C=FR

01/07/2019, 09:18
Valid: true

Chain 1

CN=PHROZEN SOFTWARE (PHROZEN SAS),O=PHROZEN SOFTWARE (PHROZEN SAS),POSTALCODE=78600,STREET=12B rue de la Muette,L=Maisons Laffitte,ST=Yvelines,C=FR

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

winmm

timeGetTime

oleacc

LresultFromObject

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW
GetDefaultPrinterW
EnumPrintersW

comdlg32

GetOpenFileNameW

comctl32

ImageList_GetImageInfo
FlatSB_SetScrollInfo
ImageList_DragMove
ImageList_Destroy
_TrackMouseEvent
ImageList_DragShowNolock
ImageList_Add
FlatSB_SetScrollProp
ImageList_GetDragImage
ImageList_Create
ImageList_EndDrag
ImageList_DrawEx
ImageList_SetImageCount
FlatSB_GetScrollPos
FlatSB_SetScrollPos
InitializeFlatSB
ImageList_Copy
FlatSB_GetScrollInfo
ImageList_Write
ImageList_DrawIndirect
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_BeginDrag
ImageList_GetIcon
ImageList_Replace
ImageList_GetImageCount
ImageList_DragEnter
ImageList_GetIconSize
ImageList_SetIconSize
ImageList_Read
ImageList_DragLeave
ImageList_LoadImageW
ImageList_Draw
ImageList_Remove
ImageList_ReplaceIcon
ImageList_SetOverlayImage

ws2_32

gethostbyaddr
WSAStartup
WSACleanup

shell32

DragQueryFileW
Shell_NotifyIconW
DragAcceptFiles
SHGetPathFromIDListW
ShellExecuteExW
DragFinish
SHChangeNotifyDeregister
SHGetMalloc
SHGetFileInfoW
SHGetFolderPathW
SHChangeNotifyRegister
SHChangeNotification_Unlock
ShellExecuteW
CommandLineToArgvW

user32

CopyImage
SetMenuItemInfoW
GetMenuItemInfoW
DefFrameProcW
GetDlgCtrlID
FrameRect
RegisterWindowMessageW
GetMenuStringW
FillRect
SendMessageA
IsClipboardFormatAvailable
EnumWindows
ShowOwnedPopups
GetClassInfoW
GetScrollRange
SetActiveWindow
GetActiveWindow
DrawEdge
GetKeyboardLayoutList
LoadBitmapW
EnumChildWindows
GetScrollBarInfo
LoadStringA
UnhookWindowsHookEx
SetCapture
GetCapture
ShowCaret
CreatePopupMenu
GetMenuItemID
CharLowerBuffW
PostMessageW
IsZoomed
SetParent
DrawMenuBar
GetClientRect
IsChild
IsIconic
CallNextHookEx
ShowWindow
SetForegroundWindow
GetWindowTextW
IsDialogMessageW
DestroyWindow
RegisterClassW
EndMenu
CharNextW
GetFocus
GetDC
SetFocus
ReleaseDC
SetScrollRange
DrawTextW
PeekMessageA
MessageBeep
LockWindowUpdate
RemovePropW
GetSubMenu
DestroyIcon
IsWindowVisible
PtInRect
DispatchMessageA
UnregisterClassW
GetTopWindow
SendMessageW
NotifyWinEvent
GetWindowLongPtrW
SetWindowLongPtrW
LoadStringW
CreateMenu
CharLowerW
SetWindowRgn
SetWindowPos
GetMenuItemCount
GetSysColorBrush
GetWindowDC
DrawTextExW
CharLowerBuffA
EnumClipboardFormats
ScrollDC
GetScrollInfo
SetWindowTextW
GetMessageExtraInfo
GetSysColor
EnableScrollBar
TrackPopupMenu
DrawIconEx
GetClassNameW
GetMessagePos
GetIconInfo
SetScrollInfo
GetKeyNameTextW
GetDesktopWindow
SetCursorPos
GetCursorPos
SetMenu
GetMenuState
GetMenu
SetRect
GetKeyState
ValidateRect
GetCursor
KillTimer
BeginDeferWindowPos
WaitMessage
TranslateMDISysAccel
GetWindowPlacement
GetClipboardFormatNameW
CreateWindowExW
GetMessageW
GetDCEx
PeekMessageW
MonitorFromWindow
GetUpdateRect
SetTimer
WindowFromPoint
BeginPaint
RegisterClipboardFormatW
MapVirtualKeyW
OffsetRect
IsWindowUnicode
DispatchMessageW
CreateAcceleratorTableW
DefMDIChildProcW
GetSystemMenu
SetScrollPos
GetScrollPos
InflateRect
DrawFocusRect
ReleaseCapture
LoadCursorW
CharLowerA
ScrollWindow
GetLastActivePopup
GetCursorInfo
GetSystemMetrics
CharUpperBuffW
SetClassLongPtrW
GetClassLongPtrW
SetClipboardData
GetClipboardData
ClientToScreen
SetWindowPlacement
GetMonitorInfoW
CheckMenuItem
CharUpperW
DefWindowProcW
GetForegroundWindow
ToAscii
EnableWindow
GetWindowThreadProcessId
RedrawWindow
EndPaint
MsgWaitForMultipleObjectsEx
LoadKeyboardLayoutW
ActivateKeyboardLayout
GetParent
MonitorFromRect
InsertMenuItemW
GetPropW
MessageBoxW
SetPropW
UpdateWindow
MsgWaitForMultipleObjects
DestroyMenu
SetWindowsHookExW
EmptyClipboard
GetDlgItem
AdjustWindowRectEx
IsWindow
DrawIcon
EnumThreadWindows
InvalidateRect
GetKeyboardState
ScreenToClient
DrawFrameControl
SetCursor
CreateIcon
RemoveMenu
SubtractRect
GetKeyboardLayoutNameW
OpenClipboard
TranslateMessage
MapWindowPoints
EnumDisplayMonitors
CallWindowProcW
CountClipboardFormats
CloseClipboard
DestroyCursor
UpdateLayeredWindow
CharUpperBuffA
CopyIcon
PostQuitMessage
ShowScrollBar
EnableMenuItem
DeferWindowPos
HideCaret
EndDeferWindowPos
FindWindowExW
MonitorFromPoint
CharUpperA
LoadIconW
SystemParametersInfoW
GetWindow
GetWindowRect
InsertMenuW
PostThreadMessageW
IsWindowEnabled
IsDialogMessageA
CharNextA
FindWindowW
GetKeyboardLayout
DeleteMenu

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

oleaut32

SafeArrayPutElement
SafeArrayAllocData
LoadTypeLib
VariantClear
SysReAllocStringLen
CreateErrorInfo
SafeArrayAllocDescriptor
SafeArrayGetLBound
SafeArrayGetUBound
VariantCopy
SafeArrayCopy
SafeArrayDestroy
UnRegisterTypeLib
SafeArrayDestroyDescriptor
SafeArrayAccessData
SysFreeString
VariantInit
GetErrorInfo
SetErrorInfo
SafeArrayCreate
SafeArrayGetElement
SafeArrayUnaccessData
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayRedim
RegisterTypeLib
VariantChangeType
VariantCopyInd

advapi32

ControlService
CreateServiceW
RegUnLoadKeyW
RegSaveKeyW
CryptReleaseContext
DeleteService
RegReplaceKeyW
UnlockServiceDatabase
GetTokenInformation
LookupAccountSidW
ChangeServiceConfigW
RegCreateKeyExW
RegCreateKeyExA
CryptAcquireContextW
EnumDependentServicesW
RegEnumKeyExW
AdjustTokenPrivileges
QueryServiceConfigW
LookupPrivilegeValueW
OpenSCManagerW
RegOpenKeyExA
RegOpenKeyExW
AllocateAndInitializeSid
RegDeleteValueW
RegFlushKey
RegEnumValueW
RegQueryValueExW
RegQueryValueExA
QueryServiceLockStatusW
RegRestoreKeyW
EnumServicesStatusW
RegSetValueExA
RegSetValueExW
CloseServiceHandle
RegConnectRegistryW
LookupPrivilegeNameW
RegQueryInfoKeyW
CryptGenRandom
StartServiceW
RegQueryValueW
LockServiceDatabase
OpenServiceW
RegLoadKeyW
QueryServiceStatus
RegDeleteKeyW
RegDeleteKeyA
OpenProcessToken
FreeSid
RegCloseKey

netapi32

NetWkstaGetInfo
NetApiBufferFree

msvcrt

wcstombs
strcspn
_atoi64
isupper
toupper
wcslen
memchr
memcmp
memcpy
memset
sprintf
atoi
atof
towupper
strcat
strcpy
strcmp
strlen
_stricmp
strtod
strstr
iscntrl
_mbscspn
isxdigit
_gcvt
isgraph
islower
tolower
strncpy
_ismbblead
isalpha
isalnum
_itoa
memmove
isprint
isdigit
isspace
towlower
ispunct

psapi

GetModuleInformation

kernel32

GetFileType
RtlUnwindEx
GetACP
GetExitCodeProcess
GetStringTypeExW
LocalFree
CloseHandle
GetCurrentProcessId
SizeofResource
VirtualProtect
TerminateThread
QueryPerformanceFrequency
IsDebuggerPresent
FindNextFileW
GetFullPathNameW
VirtualFree
HeapAlloc
ExitProcess
GetCPInfoExW
GlobalSize
GetLongPathNameW
RtlUnwind
GetCPInfo
EnumSystemLocalesW
GetStdHandle
GetTimeZoneInformation
FileTimeToLocalFileTime
GetModuleHandleW
FreeLibrary
TryEnterCriticalSection
HeapDestroy
CompareFileTime
FileTimeToDosDateTime
ReadFile
FindFirstFileA
CreateProcessW
CreateRemoteThread
HeapSize
GetLastError
GetModuleFileNameW
SetLastError
GlobalAlloc
GlobalUnlock
FindResourceW
lstrlenA
CreateThread
CompareStringW
CopyFileW
lstrcpyA
lstrcmpA
lstrcatA
MapViewOfFile
CreateMutexW
LoadLibraryA
ResetEvent
MulDiv
GetLocaleInfoA
FreeResource
GetVersion
RaiseException
MoveFileW
GlobalAddAtomW
FormatMessageW
OpenProcess
SwitchToThread
GetExitCodeThread
OutputDebugStringW
GetCurrentThread
GetLogicalDrives
GetFileAttributesExW
ExpandEnvironmentStringsW
LoadLibraryExW
TerminateProcess
LockResource
GetCurrentThreadId
UnhandledExceptionFilter
GlobalFindAtomW
VirtualQuery
GlobalFree
VirtualQueryEx
Sleep
EnterCriticalSection
SetFilePointer
ReleaseMutex
GetStringTypeExA
LoadResource
SuspendThread
GetTickCount
lstrcmpiA
GetFileSize
GetTempFileNameW
GlobalDeleteAtom
GetStartupInfoW
GetFileAttributesW
SetCurrentDirectoryW
InitializeCriticalSection
GetThreadPriority
GetCurrentProcess
GlobalLock
SetThreadPriority
VirtualAlloc
GetTempPathW
GetSystemInfo
GetCommandLineW
LeaveCriticalSection
GetProcAddress
ResumeThread
GetVersionExW
GetModuleHandleA
VerifyVersionInfoW
HeapCreate
GetWindowsDirectoryW
LCMapStringW
GetDiskFreeSpaceW
VerSetConditionMask
FindFirstFileW
GetUserDefaultUILanguage
UnmapViewOfFile
lstrcpynA
GetModuleFileNameA
GlobalHandle
GetModuleHandleExA
lstrlenW
CompareStringA
QueryPerformanceCounter
SetEndOfFile
HeapFree
WideCharToMultiByte
FindClose
MultiByteToWideChar
LoadLibraryW
SetEvent
CreateFileW
GetLocaleInfoW
EnumResourceNamesW
GetSystemDirectoryW
DeleteFileW
GetEnvironmentVariableW
GetLocalTime
WaitForSingleObject
OutputDebugStringA
WriteFile
CreateFileMappingW
ExitThread
DeleteCriticalSection
GetDateFormatW
TlsGetValue
SetErrorMode
GetComputerNameW
IsValidLocale
TlsSetValue
CreateDirectoryW
GetSystemDefaultUILanguage
LoadLibraryExA
EnumCalendarInfoW
LocalAlloc
RemoveDirectoryW
IsDBCSLeadByte
CreateEventW
WaitForMultipleObjectsEx
GetThreadLocale
SetThreadLocale

wsock32

ntohl
inet_addr

ole32

RevokeDragDrop
CreateDataAdviseHolder
CoCreateInstance
CoUninitialize
OleGetClipboard
ReleaseStgMedium
OleSetClipboard
RegisterDragDrop
IsEqualGUID
CreateStreamOnHGlobal
OleFlushClipboard
OleInitialize
StringFromGUID2
CLSIDFromProgID
OleUninitialize
CoInitialize
CoDisconnectObject
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
DoDragDrop

gdi32

AddFontMemResourceEx
Pie
SetBkMode
GetRandomRgn
CreateCompatibleBitmap
GetEnhMetaFileHeader
RectVisible
AngleArc
ResizePalette
SetAbortProc
SetTextColor
GetTextColor
StretchBlt
RoundRect
SelectClipRgn
RestoreDC
SetRectRgn
GetTextMetricsW
GetWindowOrgEx
CreatePalette
CreateDCW
PolyBezierTo
CreateICW
GetStockObject
CreateSolidBrush
Polygon
MoveToEx
PlayEnhMetaFile
Ellipse
StartPage
GetBitmapBits
StartDocW
AbortDoc
GetSystemPaletteEntries
GetEnhMetaFileBits
GetEnhMetaFilePaletteEntries
CreatePenIndirect
SetMapMode
GetMapMode
CreateFontIndirectW
PolyBezier
LPtoDP
EndDoc
GetObjectW
GetCurrentObject
GetWinMetaFileBits
SetROP2
GetEnhMetaFileDescriptionW
ArcTo
Arc
CreateRectRgnIndirect
SelectPalette
ExcludeClipRect
MaskBlt
SetWindowOrgEx
CreatePatternBrush
EndPage
DeleteEnhMetaFile
Chord
SetDIBits
GetViewportOrgEx
SetViewportOrgEx
CreateRectRgn
RealizePalette
SetDIBColorTable
GetDIBColorTable
CreateBrushIndirect
PatBlt
SetEnhMetaFileBits
Rectangle
SaveDC
DeleteDC
BitBlt
FrameRgn
GetDeviceCaps
GetTextExtentPoint32W
GetClipBox
IntersectClipRect
Polyline
CreateBitmap
CombineRgn
SetWinMetaFileBits
CreateDIBitmap
GetStretchBltMode
CreateDIBSection
SetStretchBltMode
GetDIBits
LineTo
GetRgnBox
EnumFontsW
CreateHalftonePalette
SelectObject
DeleteObject
ExtFloodFill
UnrealizeObject
CopyEnhMetaFileW
OffsetRgn
SetBkColor
GetBkColor
CreateCompatibleDC
GetObjectA
GetBrushOrgEx
GetCurrentPositionEx
GetNearestPaletteIndex
RemoveFontMemResourceEx
GetTextExtentPointW
ExtTextOutW
SetBrushOrgEx
GetPixel
GdiFlush
SetPixel
EnumFontFamiliesExW
StretchDIBits
GetPaletteEntries

ntdll

NtDuplicateObject
NtQuerySystemInformation
NtQueryObject

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 8.4MB - Virtual size: 8.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 808KB - Virtual size: 807KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 578KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 151B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 652B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 109B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 427KB - Virtual size: 426KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.pdata
Size: 443KB - Virtual size: 442KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 14.2MB - Virtual size: 14.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c624a203bd3af5a911fb654706275c2

Code Sign

53:50:54:a4:e8:55:62:4e:58:23:d6:41:8e:87:bb:15Certificate

Extended Key Usages

Key Usages

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22Certificate

Key Usages

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49Certificate

Extended Key Usages

Key Usages

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19Certificate

Extended Key Usages

Key Usages

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4bCertificate

Key Usages

46:71:4e:56:b2:37:ed:14:8b:2c:45:8b:e0:40:1d:15:de:d6:ff:5eSigner

Signature Validations

Verification

01/07/2019, 09:18 Valid: true

Chain 1

Headers

File Characteristics

Imports

winmm

oleacc

winspool.drv

comdlg32

comctl32

ws2_32

shell32

user32

version

oleaut32

advapi32

netapi32

msvcrt

psapi

kernel32

wsock32

ole32

gdi32

ntdll

Exports

Exports

Sections

.text Size: 8.4MB - Virtual size: 8.4MB

.data Size: 808KB - Virtual size: 807KB

.bss Size: - Virtual size: 578KB

.idata Size: 24KB - Virtual size: 23KB

.didata Size: 33KB - Virtual size: 33KB

.edata Size: 512B - Virtual size: 151B

.tls Size: - Virtual size: 652B

.rdata Size: 512B - Virtual size: 109B

.reloc Size: 427KB - Virtual size: 426KB

.pdata Size: 443KB - Virtual size: 442KB

.rsrc Size: 14.2MB - Virtual size: 14.2MB

53:50:54:a4:e8:55:62:4e:58:23:d6:41:8e:87:bb:15
Certificate

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

46:71:4e:56:b2:37:ed:14:8b:2c:45:8b:e0:40:1d:15:de:d6:ff:5e
Signer

01/07/2019, 09:18
Valid: true

.text
Size: 8.4MB - Virtual size: 8.4MB

.data
Size: 808KB - Virtual size: 807KB

.bss
Size: - Virtual size: 578KB

.idata
Size: 24KB - Virtual size: 23KB

.didata
Size: 33KB - Virtual size: 33KB

.edata
Size: 512B - Virtual size: 151B

.tls
Size: - Virtual size: 652B

.rdata
Size: 512B - Virtual size: 109B

.reloc
Size: 427KB - Virtual size: 426KB

.pdata
Size: 443KB - Virtual size: 442KB

.rsrc
Size: 14.2MB - Virtual size: 14.2MB