SetuperLaunchWin[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

SetuperLaunchWin.rar
Size

9.6MB
MD5

7813ff3611c5b88b9e543aa94164219c
SHA1

ca82cbbb37fa8603cf81df4d3b407c5bcd537c14
SHA256

b7e9cd1a5e700a16582c3332aab1d805278be5c6a0cf03e83e4be029ef46d3cb
SHA512

73f31c496f03ee42c5c1b60b4640d39b7362d20f580e07c210fbcc7d516a24c435ccf5f36ee561070eb0aea08de205129d6c6c390c375449e2a60eae58697b1d
SSDEEP

196608:z9jnqxeTIiiudszX4Ss73Rz+qPrvCj4YuP1TNu8kdmwGTxf8aRtnPUcy0Q:z1qxevFCUSst3PrKj4Yg1TNunmwG1tb4

Score

1^/10

Malware Config

Signatures

Files

SetuperLaunchWin.rar
.rar

Password: 2023
SetuperLaunchWin.exe/Cursors/SortDefault.nls
SetuperLaunchWin.exe/Cursors/SortServer2003Compat.nls
SetuperLaunchWin.exe/Cursors/SortServer2008Compat.nls
SetuperLaunchWin.exe/Cursors/SortVistaCompat.nls
SetuperLaunchWin.exe/Cursors/SortWindows61.nls
SetuperLaunchWin.exe/Globalization/Time Zone/timezoneMapping.xml
SetuperLaunchWin.exe/Globalization/Time Zone/timezones.xml
SetuperLaunchWin.exe/Resource files/ActiveXInstallService.admx
SetuperLaunchWin.exe/Resource files/AddRemovePrograms.admx
SetuperLaunchWin.exe/Resource files/AppCompat.admx
SetuperLaunchWin.exe/Resource files/AppXRuntime.admx
.xml
SetuperLaunchWin.exe/Resource files/AppxPackageManager.admx
SetuperLaunchWin.exe/Resource files/AttachmentManager.admx
SetuperLaunchWin.exe/Resource files/AuditSettings.admx
.xml
SetuperLaunchWin.exe/Resource files/AutoPlay.admx
SetuperLaunchWin.exe/Resource files/Biometrics.admx
SetuperLaunchWin.exe/Resource files/CEIPEnable.admx
SetuperLaunchWin.exe/Resource files/COM.admx
SetuperLaunchWin.exe/Resource files/CipherSuiteOrder.admx
SetuperLaunchWin.exe/Resource files/ControlPanel.admx
SetuperLaunchWin.exe/Resource files/Cpls.admx
SetuperLaunchWin.exe/Resource files/CredUI.admx
SetuperLaunchWin.exe/Resource files/CredentialProviders.admx
SetuperLaunchWin.exe/Resource files/CtrlAltDel.admx
SetuperLaunchWin.exe/Resource files/DCOM.admx
SetuperLaunchWin.exe/Resource files/DFS.admx
SetuperLaunchWin.exe/Resource files/DWM.admx
SetuperLaunchWin.exe/Resource files/DeviceCompat.admx
SetuperLaunchWin.exe/Resource files/DeviceSetup.admx
SetuperLaunchWin.exe/Resource files/DigitalLocker.admx
SetuperLaunchWin.exe/Resource files/DiskDiagnostic.admx
SetuperLaunchWin.exe/Resource files/DiskNVCache.admx
SetuperLaunchWin.exe/Resource files/DiskQuota.admx
SetuperLaunchWin.exe/Resource files/DistributedLinkTracking.admx
SetuperLaunchWin.exe/Resource files/EAIME.admx
SetuperLaunchWin.exe/Resource files/EarlyLaunchAM.admx
SetuperLaunchWin.exe/Resource files/EdgeUI.admx
SetuperLaunchWin.exe/Resource files/EncryptFilesonMove.admx
SetuperLaunchWin.exe/Resource files/EventForwarding.admx
.xml
SetuperLaunchWin.exe/Resource files/EventViewer.admx
SetuperLaunchWin.exe/Resource files/Explorer.admx
SetuperLaunchWin.exe/Resource files/ExternalBoot.admx
.xml
SetuperLaunchWin.exe/Resource files/FileHistory.admx
SetuperLaunchWin.exe/Resource files/FileRecovery.admx
SetuperLaunchWin.exe/Resource files/FileRevocation.admx
SetuperLaunchWin.exe/Resource files/FileServerVSSProvider.admx
SetuperLaunchWin.exe/Resource files/FileSys.admx
.xml
SetuperLaunchWin.exe/Resource files/FolderRedirection.admx
SetuperLaunchWin.exe/Resource files/FramePanes.admx
SetuperLaunchWin.exe/Resource files/GameExplorer.admx
SetuperLaunchWin.exe/Resource files/GroupPolicy-Server.admx
SetuperLaunchWin.exe/Resource files/Help.admx
SetuperLaunchWin.exe/Resource files/HelpAndSupport.admx
SetuperLaunchWin.exe/Resource files/IIS.admx
SetuperLaunchWin.exe/Resource files/InkWatson.admx
SetuperLaunchWin.exe/Resource files/Kerberos.admx
SetuperLaunchWin.exe/Resource files/LanmanServer.admx
SetuperLaunchWin.exe/Resource files/LeakDiagnostic.admx
SetuperLaunchWin.exe/Resource files/LinkLayerTopologyDiscovery.admx
SetuperLaunchWin.exe/Resource files/LocationProviderAdm.admx
SetuperLaunchWin.exe/Resource files/MMC.admx
SetuperLaunchWin.exe/Resource files/MMCSnapIns2.admx
SetuperLaunchWin.exe/Resource files/MSDT.admx
SetuperLaunchWin.exe/Resource files/MediaCenter.admx
SetuperLaunchWin.exe/Resource files/MobilePCMobilityCenter.admx
SetuperLaunchWin.exe/Resource files/MobilePCPresentationSettings.admx
SetuperLaunchWin.exe/Resource files/Msi-FileRecovery.admx
SetuperLaunchWin.exe/Resource files/NAPXPQec.admx
SetuperLaunchWin.exe/Resource files/NCSI.admx
SetuperLaunchWin.exe/Resource files/NetworkIsolation.admx
SetuperLaunchWin.exe/Resource files/NetworkProjection.admx
SetuperLaunchWin.exe/Resource files/P2P-pnrp.admx
SetuperLaunchWin.exe/Resource files/ParentalControls.admx
SetuperLaunchWin.exe/Resource files/PeerToPeerCaching.admx
SetuperLaunchWin.exe/Resource files/PenTraining.admx
SetuperLaunchWin.exe/Resource files/PerformanceDiagnostics.admx
SetuperLaunchWin.exe/Resource files/PerformancePerftrack.admx
SetuperLaunchWin.exe/Resource files/PowerShellExecutionPolicy.admx
SetuperLaunchWin.exe/Resource files/PreviousVersions.admx
SetuperLaunchWin.exe/Resource files/Programs.admx
SetuperLaunchWin.exe/Resource files/PswdSync.admx
SetuperLaunchWin.exe/Resource files/RPC.admx
SetuperLaunchWin.exe/Resource files/RacWmiProv.admx
SetuperLaunchWin.exe/Resource files/Radar.admx
SetuperLaunchWin.exe/Resource files/ReAgent.admx
SetuperLaunchWin.exe/Resource files/Reliability.admx
SetuperLaunchWin.exe/Resource files/RemoteAssistance.admx
SetuperLaunchWin.exe/Resource files/Scripts.admx
SetuperLaunchWin.exe/Resource files/Securitycenter.admx
SetuperLaunchWin.exe/Resource files/Sensors.admx
SetuperLaunchWin.exe/Resource files/ServerManager.admx
SetuperLaunchWin.exe/Resource files/Servicing.admx
SetuperLaunchWin.exe/Resource files/Setup.admx
SetuperLaunchWin.exe/Resource files/SharedFolders.admx
SetuperLaunchWin.exe/Resource files/Sharing.admx
SetuperLaunchWin.exe/Resource files/Shell-CommandPrompt-RegEditTools.admx
SetuperLaunchWin.exe/Resource files/ShellWelcomeCenter.admx
SetuperLaunchWin.exe/Resource files/Sidebar.admx
SetuperLaunchWin.exe/Resource files/SkyDrive.admx
.xml
SetuperLaunchWin.exe/Resource files/Snis.admx
SetuperLaunchWin.exe/Resource files/Snmp.admx
SetuperLaunchWin.exe/Resource files/SoundRec.admx
SetuperLaunchWin.exe/Resource files/SystemRestore.admx
SetuperLaunchWin.exe/Resource files/TPM.admx
SetuperLaunchWin.exe/Resource files/TaskScheduler.admx
SetuperLaunchWin.exe/Resource files/Thumbnails.admx
SetuperLaunchWin.exe/Resource files/TouchInput.admx
SetuperLaunchWin.exe/Resource files/W32Time.admx
SetuperLaunchWin.exe/Resource files/WCM.admx
SetuperLaunchWin.exe/Resource files/WDI.admx
SetuperLaunchWin.exe/Resource files/WPN.admx
SetuperLaunchWin.exe/Resource files/WinCal.admx
.xml
SetuperLaunchWin.exe/Resource files/WinInit.admx
SetuperLaunchWin.exe/Resource files/WinLogon.admx
SetuperLaunchWin.exe/Resource files/WindowsAnytimeUpgrade.admx
SetuperLaunchWin.exe/Resource files/WindowsBackup.admx
SetuperLaunchWin.exe/Resource files/WindowsColorSystem.admx
SetuperLaunchWin.exe/Resource files/WindowsConnectNow.admx
SetuperLaunchWin.exe/Resource files/WindowsFileProtection.admx
SetuperLaunchWin.exe/Resource files/WindowsMail.admx
SetuperLaunchWin.exe/Resource files/WindowsMediaDRM.admx
SetuperLaunchWin.exe/Resource files/WindowsMessenger.admx
SetuperLaunchWin.exe/Resource files/WindowsProducts.admx
SetuperLaunchWin.exe/Resource files/WindowsRemoteShell.admx
SetuperLaunchWin.exe/Resource files/WindowsServer.admx
SetuperLaunchWin.exe/Resource files/Winsrv.admx
SetuperLaunchWin.exe/Resource files/WordWheel.admx
SetuperLaunchWin.exe/Resource files/WorkFolders-Client.admx
SetuperLaunchWin.exe/Resource files/WorkplaceJoin.admx
.xml
SetuperLaunchWin.exe/Resource files/fthsvc.admx
SetuperLaunchWin.exe/Resource files/hotspotauth.admx
SetuperLaunchWin.exe/Resource files/iSCSI.admx
SetuperLaunchWin.exe/Resource files/kdc.admx
SetuperLaunchWin.exe/Resource files/msched.admx
.xml
SetuperLaunchWin.exe/Resource files/nca.admx
SetuperLaunchWin.exe/Resource files/pca.admx
SetuperLaunchWin.exe/Resource files/sdiageng.admx
SetuperLaunchWin.exe/Resource files/srm-fci.admx
SetuperLaunchWin.exe/Resource files/wlansvc.admx
.xml
SetuperLaunchWin.exe/Resource files/wwansvc.admx
.xml
SetuperLaunchWin.exe/SetuperLaunchWin.exe
.exe windows x86

Password: 2023

3e081a820fe6244a01fb0c6235a1ea08

Code Sign

33:00:00:03:df:fb:6a:e3:f4:27:ec:b6:a3:00:00:00:00:03:df
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/12/2020, 21:24

Not After

02/12/2021, 21:24

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:e3:0e:3b:6f:67:7a:1b:6b:7e:00:00:00:00:01:e3
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/12/2020, 21:31

Not After

02/12/2021, 21:31

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

84:84:37:c4:50:20:5a:d3:03:f5:4f:2f:05:74:2b:27:48:ae:73:dc:be:ab:4e:5a:11:ac:ad:cb:e0:de:07:8e
Signer

Actual PE Digest

84:84:37:c4:50:20:5a:d3:03:f5:4f:2f:05:74:2b:27:48:ae:73:dc:be:ab:4e:5a:11:ac:ad:cb:e0:de:07:8e

Digest Algorithm

sha256

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

09/03/2023, 18:57
Valid: false

84:84:37:c4:50:20:5a:d3:03:f5:4f:2f:05:74:2b:27:48:ae:73:dc:be:ab:4e:5a:11:ac:ad:cb:e0:de:07:8e
Signer

Actual PE Digest

84:84:37:c4:50:20:5a:d3:03:f5:4f:2f:05:74:2b:27:48:ae:73:dc:be:ab:4e:5a:11:ac:ad:cb:e0:de:07:8e

Digest Algorithm

sha256

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

09/03/2023, 18:57
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCommandLineA
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
SetUnhandledExceptionFilter
TlsGetValue
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery

msvcrt

_strdup
_stricoll
__getmainargs
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_cexit
_errno
_fpreset
_fullpath
_iob
_isctype
_onexit
_pctype
_setmode
abort
atexit
calloc
free
fwrite
malloc
mbstowcs
memcpy
realloc
setlocale
signal
strcoll
strlen
tolower
vfprintf
wcstombs

Sections

.text
Size: 457KB - Virtual size: 456KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 740B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 112B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SetuperLaunchWin.exe/config.txt
SetuperLaunchWin.exe/data/SciLexer.dll
.dll windows x64

Password: 2023

f19ce51dc9ca97eb6b3fde5e513a0f03

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:34:25:92:a0:01:0c:b1:10:9c:11:c0:51:9c:fd:24
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

03/05/2019, 00:00

Not After

11/05/2022, 12:00

Subject

CN=Notepad\+\+,O=Notepad\+\+,L=Saint Cloud,ST=Ile-de-France,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

13:f9:17:7d:83:64:29:93:31:e4:00:71:4b:58:88:09:76:ee:16:b1
Signer

Actual PE Digest

13:f9:17:7d:83:64:29:93:31:e4:00:71:4b:58:88:09:76:ee:16:b1

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Notepad\+\+,O=Notepad\+\+,L=Saint Cloud,ST=Ile-de-France,C=FR

14/02/2021, 02:19
Valid: true

Chain 1

CN=Notepad\+\+,O=Notepad\+\+,L=Saint Cloud,ST=Ile-de-France,C=FR

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

FindFirstFileExW
FindClose
GetFileType
GetStdHandle
HeapAlloc
HeapFree
HeapReAlloc
GetModuleFileNameW
GetModuleHandleExW
ExitProcess
LoadLibraryExW
GetLastError
InterlockedFlushSList
RaiseException
RtlPcToFileHeader
RtlUnwindEx
GetStringTypeExA
GetUserDefaultLCID
LCMapStringA
GetStringTypeExW
FindNextFileW
GetCurrentThreadId
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCPInfo
DecodePointer
EncodePointer
GetModuleHandleW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventW
InitializeCriticalSectionAndSpinCount
SetLastError
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetFilePointerEx
SetStdHandle
HeapSize
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
CloseHandle
CreateFileW
WriteConsoleW
EnterCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
GlobalUnlock
GetTickCount
WideCharToMultiByte
LCMapStringW
GlobalLock
GlobalFree
GlobalAlloc
GlobalSize
Sleep
GetLocaleInfoA
MulDiv
FreeLibrary
DeleteCriticalSection
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetModuleHandleA
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryExA
InitializeSListHead
GetStringTypeW
QueryPerformanceFrequency
QueryPerformanceCounter

user32

EndPaint
BeginPaint
LoadStringW
LoadStringA
GetCursorPos
ReleaseDC
InvalidateRect
SetScrollInfo
GetKeyState
GetUpdateRgn
HideCaret
PostMessageA
ScreenToClient
NotifyWinEvent
GetScrollInfo
MsgWaitForMultipleObjects
RegisterClassExW
SetCaretPos
OpenClipboard
SetTimer
GetDlgCtrlID
CloseClipboard
EmptyClipboard
IsChild
CreateCaret
ValidateRect
TrackMouseEvent
GetKeyboardLayout
GetMessageTime
SetFocus
GetClipboardData
DestroyCaret
SetClipboardData
AppendMenuA
IsClipboardFormatAvailable
GetCaretBlinkTime
ShowCaret
KillTimer
PtInRect
RegisterClipboardFormatA
AdjustWindowRectEx
MonitorFromPoint
GetWindowRect
LoadCursorA
DestroyWindow
InflateRect
GetDC
SetWindowPos
MonitorFromRect
FillRect
GetIconInfo
GetSystemMetrics
CreatePopupMenu
DestroyCursor
TrackPopupMenu
ShowWindow
DrawTextA
SetWindowLongA
CreateIconIndirect
ClientToScreen
CallWindowProcA
MapWindowPoints
GetWindowLongA
GetDoubleClickTime
FrameRect
GetMonitorInfoA
GetSysColor
DefWindowProcA
DestroyMenu
CreateWindowExA
SendMessageA
SetCapture
SetCursor
SystemParametersInfoA
GetClientRect
GetWindowLongPtrA
DrawTextW
UnregisterClassA
GetParent
SetWindowLongPtrA
RegisterClassExA
ReleaseCapture

gdi32

GetTextExtentExPointA
GetObjectA
ExtTextOutW
RoundRect
SetTextAlign
CreateFontIndirectW
GetTextMetricsA
CreateSolidBrush
DeleteObject
Ellipse
SetBkColor
CreateRectRgnIndirect
CreateRectRgn
CreateBitmap
CombineRgn
GetNearestColor
BitBlt
CreateCompatibleBitmap
ExtTextOutA
SelectObject
CreateDIBSection
GetTextExtentPoint32A
CreateCompatibleDC
GetTextExtentExPointW
StretchBlt
GetStockObject
GetDeviceCaps
CreatePatternBrush
DeleteDC
GetTextExtentPoint32W
SetTextColor
SetBkMode
LineTo
CreatePen
Rectangle
GetObjectW
Polygon
MoveToEx
IntersectClipRect

imm32

ImmSetCandidateWindow
ImmSetCompositionStringW
ImmEscapeW
ImmNotifyIME
ImmSetCompositionWindow
ImmSetCompositionFontW
ImmReleaseContext
ImmGetContext
ImmGetCompositionStringW

ole32

CoCreateInstance
CLSIDFromProgID
OleUninitialize
DoDragDrop
RevokeDragDrop
RegisterDragDrop
OleInitialize

oleaut32

SysFreeString
SysAllocString

msimg32

AlphaBlend

Exports

Exports

Scintilla_DirectFunction

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SetuperLaunchWin.exe/data/WCMICON2.DLL
.dll windows x86

Password: 2023

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SetuperLaunchWin.exe/data/bdcam32.bin
.exe windows x86

Password: 2023

7ef02d5d277b99cf67a85f2969c6d4f9

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:26:1c:84:70:ad:bb:65:80:0c:ea:f3:ea:c7:08:19
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/01/2021, 00:00

Not After

30/01/2024, 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:26:1c:84:70:ad:bb:65:80:0c:ea:f3:ea:c7:08:19
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/01/2021, 00:00

Not After

30/01/2024, 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7f:b8:1e:39:7b:22:37:ec:48:e7:0d:26:4f:7e:db:9a:b8:8a:20:0e:a1:31:aa:ae:32:57:36:d7:2c:d7:f3:ff
Signer

Actual PE Digest

7f:b8:1e:39:7b:22:37:ec:48:e7:0d:26:4f:7e:db:9a:b8:8a:20:0e:a1:31:aa:ae:32:57:36:d7:2c:d7:f3:ff

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

09/02/2022, 18:50
Valid: true

Chain 1

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

04:98:51:b2:bc:9e:a8:cf:c3:2f:38:bf:ef:86:0b:0b:05:12:c9:4e
Signer

Actual PE Digest

04:98:51:b2:bc:9e:a8:cf:c3:2f:38:bf:ef:86:0b:0b:05:12:c9:4e

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

09/02/2022, 18:50
Valid: true

Chain 1

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

bdcam32

Bdcam_Uninitialize
Bdcam_Initialize
Bdcam_SharedData

kernel32

ExitProcess
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
VirtualQuery
VirtualAlloc
HeapQueryInformation
GetCommandLineW
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
RtlUnwind
GetStringTypeW
LCMapStringW
GetCPInfo
SetFilePointerEx
GetCommandLineA
GetConsoleCP
WriteConsoleW
GetLastError
CloseHandle
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
OutputDebugStringW
OutputDebugStringA
CreateFileW
SetFilePointer
ReadFile
SizeofResource
LockResource
LoadResource
FindResourceW
GetFileTime
GetSystemTimeAsFileTime
FileTimeToSystemTime
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
GetConsoleMode
FindFirstFileW
lstrcpyW
FindNextFileW
FindClose
SetLastError
GetVolumeInformationW
GetModuleHandleW
GetProcAddress
LoadLibraryW
FreeLibrary
GetCurrentProcess
GetCurrentThread
GlobalAlloc
GlobalFree
GetModuleFileNameW
GetSystemDirectoryW
GetCurrentDirectoryW
GetTempPathW
GetTempFileNameW
DeleteFileW
GetFileAttributesW
GetFileSize
GetFileSizeEx
LocalFree
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
QueryPerformanceCounter
WaitForSingleObjectEx
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SearchPathW
GetProfileIntW
GetTickCount
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
FindResourceExW
GetFileAttributesExW
SetErrorMode
VirtualProtect
lstrcmpiW
DuplicateHandle
WriteFile
CreateDirectoryW
GetFullPathNameW
UnlockFile
SetEndOfFile
LockFile
FlushFileBuffers
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalGetAtomNameW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
GlobalFindAtomW
EncodePointer
GlobalAddAtomW
ResumeThread
SetThreadPriority
CreateEventW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GlobalDeleteAtom
LoadLibraryExW
GetCurrentThreadId
LoadLibraryA
GetModuleHandleA
CopyFileW
FormatMessageW
GlobalUnlock
GlobalLock
GlobalSize
GetProcessHeap
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
HeapFree
GetUserDefaultLangID
CompareStringW
QueryFullProcessImageNameW
Sleep
FileTimeToLocalFileTime
lstrcmpA
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ResetEvent
SetEvent
CreateEventA
MulDiv
lstrcmpW
GetVersionExW
GetSystemInfo
TerminateProcess
OpenProcess
Process32NextW
GetCurrentProcessId
Process32FirstW
CreateToolhelp32Snapshot
WaitForSingleObject
MultiByteToWideChar
WideCharToMultiByte
ReadConsoleW

user32

CopyIcon
SetCursorPos
IsZoomed
DrawFrameControl
DrawEdge
SetWindowRgn
SetClassLongW
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetLayeredWindowAttributes
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
DrawFocusRect
GetNextDlgGroupItem
SetParent
GetSystemMenu
UnionRect
MapVirtualKeyW
GetKeyNameTextW
GetMenuDefaultItem
TrackMouseEvent
ReuseDDElParam
UnpackDDElParam
LoadImageW
IntersectRect
InsertMenuItemW
CreatePopupMenu
LoadMenuW
TranslateAcceleratorW
LoadAcceleratorsW
MapDialogRect
GetAsyncKeyState
SetRectEmpty
SendDlgItemMessageA
InflateRect
DestroyMenu
CharUpperW
FillRect
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
InvalidateRect
KillTimer
RealChildWindowFromPoint
DeleteMenu
CopyImage
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
GetSysColorBrush
IsDialogMessageW
FrameRect
CheckDlgButton
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetWindow
GetTopWindow
GetClassLongW
PtInRect
SetFocus
GetFocus
IsWindowEnabled
UnhookWindowsHookEx
PostQuitMessage
GetSysColor
AdjustWindowRectEx
GetClientRect
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
CreateAcceleratorTableW
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
DestroyAcceleratorTable
CopyAcceleratorTableW
RemoveMenu
SetMenuDefaultItem
GetDoubleClickTime
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
CreateMenu
DrawIcon
SetWindowPlacement
DestroyWindow
SetRect
LockWindowUpdate
UpdateLayeredWindow
GetComboBoxInfo
PostThreadMessageW
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
GetMessageW
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExW
CallNextHookEx
ShowOwnedPopups
SetCursor
SendMessageW
GetSystemMetrics
SystemParametersInfoW
GetWindowRect
GetMonitorInfoW
CopyRect
MonitorFromPoint
OffsetRect
EqualRect
MessageBoxW
MoveWindow
GetWindowLongW
SetWindowPos
ScreenToClient
ClientToScreen
PeekMessageW
TranslateMessage
DispatchMessageW
IsWindow
GetParent
GetDesktopWindow
FindWindowExW
GetWindowThreadProcessId
IsWindowVisible
IsIconic
GetWindowTextW
GetWindowPlacement
GetForegroundWindow
SetForegroundWindow
BringWindowToTop
GetDC
ReleaseDC
RegisterWindowMessageW
DestroyIcon
DrawTextW
GetLastActivePopup
GetMessagePos
GetDlgCtrlID
SetWindowTextW
MapWindowPoints
GetClassNameW
SetWindowLongW
EnumChildWindows
GetMenuItemCount
GetMenuStringW
GetWindowRgn
DestroyCursor
GetMenuItemID
ModifyMenuW
GetMenuItemInfoW
GetSubMenu
EnumDisplayMonitors
PostMessageW
IsRectEmpty
ShowWindow
GetMessageTime
CallWindowProcW
GetClassInfoW
GetClassInfoExW
SetScrollRange
DefWindowProcW
LoadIconW
LoadCursorW
RegisterClassW
SetTimer
EnableWindow
UnregisterClassW
GetMenuState
InsertMenuW
AppendMenuW
IsChild
IsMenu
CreateWindowExW

gdi32

RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
CreateCompatibleBitmap
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
EnumFontFamiliesExW
RectVisible
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateDIBitmap
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetTextExtentPoint32W
GetTextMetricsW
GetStockObject
GetObjectW
EnumFontFamiliesW
SetBkColor
ExtTextOutW
DeleteObject
GetDeviceCaps
DeleteDC
CopyMetaFileW
CreateDCW
CreateBitmap
SetTextColor
CreateCompatibleDC
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
BitBlt
CreateSolidBrush
Escape
ExcludeClipRect
GetClipBox

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

LookupPrivilegeValueW
OpenProcessToken
AllocateAndInitializeSid
FreeSid
SetEntriesInAclW
SetNamedSecurityInfoW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegEnumValueW
RegQueryValueW
RegEnumKeyW
AdjustTokenPrivileges
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW

shell32

SHAppBarMessage
SHGetDesktopFolder
SHGetSpecialFolderLocation
DragFinish
DragQueryFileW
SHGetFileInfoW
ShellExecuteW
SHBrowseForFolderW
SHGetPathFromIDListW

comctl32

InitCommonControlsEx

shlwapi

PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW
PathIsDirectoryW
StrFormatKBSizeW

uxtheme

DrawThemeText
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
OpenThemeData
CloseThemeData
GetThemeColor
GetCurrentThemeName
GetThemePartSize
GetThemeSysColor
GetWindowTheme
IsAppThemed

ole32

CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoDisconnectObject
CoInitialize
CoCreateGuid
CoInitializeEx
ReleaseStgMedium
OleDuplicateData

oleaut32

SysAllocStringLen
LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantCopy
VarBstrFromDate
VariantChangeType
SysFreeString
SysAllocString
VariantClear
VariantInit

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream

psapi

GetModuleFileNameExW
EnumProcessModules

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 372KB - Virtual size: 371KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BANDISH
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SetuperLaunchWin.exe/data/bdcamvk32.dll
.dll windows x86

Password: 2023

1c5276a97c0f2c93db7bab1bc6c2bb1a

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:26:1c:84:70:ad:bb:65:80:0c:ea:f3:ea:c7:08:19
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/01/2021, 00:00

Not After

30/01/2024, 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:26:1c:84:70:ad:bb:65:80:0c:ea:f3:ea:c7:08:19
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/01/2021, 00:00

Not After

30/01/2024, 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

be:35:ef:88:74:26:0b:ca:be:77:02:27:ba:c1:d7:96:bf:a1:bf:2c:e2:e1:70:5e:2b:74:64:db:19:b8:5e:b1
Signer

Actual PE Digest

be:35:ef:88:74:26:0b:ca:be:77:02:27:ba:c1:d7:96:bf:a1:bf:2c:e2:e1:70:5e:2b:74:64:db:19:b8:5e:b1

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

09/02/2022, 18:50
Valid: true

Chain 1

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

88:77:f4:69:5d:a0:bf:7d:0d:a1:bb:d8:44:f8:32:ce:7d:8f:10:b3
Signer

Actual PE Digest

88:77:f4:69:5d:a0:bf:7d:0d:a1:bb:d8:44:f8:32:ce:7d:8f:10:b3

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

09/02/2022, 18:50
Valid: true

Chain 1

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceW
WideCharToMultiByte
InitializeCriticalSection
GetModuleFileNameA
FindResourceExW
GetLastError
RaiseException
DecodePointer
DeleteCriticalSection
LoadResource
LockResource
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
InitializeCriticalSectionEx
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
CloseHandle
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
GetProcAddress
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
EncodePointer
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
MultiByteToWideChar
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
RtlUnwind
InterlockedFlushSList
FreeLibrary
LoadLibraryExW
CreateFileW
GetFileType
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetCurrentThread
GetFileSizeEx
SetFilePointerEx
GetStdHandle
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
SetStdHandle
ReadFile
ReadConsoleW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteConsoleW
GetThreadTimes

advapi32

RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA

Exports

Exports

GetLayerVersion
RegDll
SetLayerCallback
UnregDll
vkGetDeviceProcAddr
vkGetInstanceProcAddr

Sections

.text
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SetuperLaunchWin.exe/data/bdcamvk64.dll
.dll windows x64

Password: 2023

c4e29b444515427ab735b3c64b9337c8

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:26:1c:84:70:ad:bb:65:80:0c:ea:f3:ea:c7:08:19
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/01/2021, 00:00

Not After

30/01/2024, 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:26:1c:84:70:ad:bb:65:80:0c:ea:f3:ea:c7:08:19
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/01/2021, 00:00

Not After

30/01/2024, 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

65:b0:51:10:cd:37:22:76:1e:2c:aa:33:bd:d5:01:19:2b:20:da:df:2b:c9:a8:dd:88:66:55:ac:00:2c:25:d7
Signer

Actual PE Digest

65:b0:51:10:cd:37:22:76:1e:2c:aa:33:bd:d5:01:19:2b:20:da:df:2b:c9:a8:dd:88:66:55:ac:00:2c:25:d7

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

09/02/2022, 18:50
Valid: true

Chain 1

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

78:f7:48:95:14:3c:a8:bd:c2:0e:c5:38:77:3c:0f:9d:f8:6e:3a:64
Signer

Actual PE Digest

78:f7:48:95:14:3c:a8:bd:c2:0e:c5:38:77:3c:0f:9d:f8:6e:3a:64

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

09/02/2022, 18:50
Valid: true

Chain 1

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

FindResourceW
WideCharToMultiByte
InitializeCriticalSection
GetModuleFileNameA
FindResourceExW
GetLastError
RaiseException
DecodePointer
DeleteCriticalSection
LoadResource
LockResource
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
InitializeCriticalSectionEx
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
CloseHandle
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
GetProcAddress
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
EncodePointer
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
MultiByteToWideChar
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
RtlUnwindEx
RtlPcToFileHeader
InterlockedFlushSList
FreeLibrary
LoadLibraryExW
CreateFileW
GetFileType
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetCurrentThread
GetFileSizeEx
SetFilePointerEx
GetStdHandle
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
SetStdHandle
ReadFile
ReadConsoleW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteConsoleW
GetThreadTimes
RtlUnwind

advapi32

RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA

Exports

Exports

GetLayerVersion
RegDll
SetLayerCallback
UnregDll
vkGetDeviceProcAddr
vkGetInstanceProcAddr

Sections

.text
Size: 210KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SetuperLaunchWin.exe/data/bdcap32.dll
.dll windows x86

Password: 2023

f140dcd6c20347624d2e9e539aae22b3

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:26:1c:84:70:ad:bb:65:80:0c:ea:f3:ea:c7:08:19
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/01/2021, 00:00

Not After

30/01/2024, 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:26:1c:84:70:ad:bb:65:80:0c:ea:f3:ea:c7:08:19
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/01/2021, 00:00

Not After

30/01/2024, 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ff:99:0a:78:28:28:c1:02:72:ad:fe:1f:67:74:08:51:4f:a8:37:9a:f7:21:9d:ec:de:9d:9e:03:54:f4:d7:33
Signer

Actual PE Digest

ff:99:0a:78:28:28:c1:02:72:ad:fe:1f:67:74:08:51:4f:a8:37:9a:f7:21:9d:ec:de:9d:9e:03:54:f4:d7:33

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

09/02/2022, 18:50
Valid: true

Chain 1

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

2d:e7:c1:99:20:37:9c:37:44:7d:14:d4:f2:66:d0:0b:c5:b0:d4:fb
Signer

Actual PE Digest

2d:e7:c1:99:20:37:9c:37:44:7d:14:d4:f2:66:d0:0b:c5:b0:d4:fb

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

09/02/2022, 18:50
Valid: true

Chain 1

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dsound

ord7
ord6

kernel32

WaitForSingleObject
GetCurrentProcessId
TerminateProcess
GetSystemInfo
GlobalMemoryStatusEx
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
SizeofResource
LockResource
LoadResource
FindResourceExW
FindResourceW
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetTickCount64
QueryPerformanceFrequency
CreateEventA
SetEvent
ResetEvent
InitializeCriticalSection
DeleteCriticalSection
CreateFileW
WriteFile
VirtualAlloc
VirtualFree
CreateMutexA
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
SetThreadPriority
Sleep
WaitForMultipleObjects
MulDiv
DisableThreadLibraryCalls
GetSystemTime
GetDiskFreeSpaceExA
DeleteFileW
GetThreadPriority
CreateSemaphoreA
ReleaseSemaphore
InitializeCriticalSectionEx
RaiseException
DecodePointer
VirtualProtect
WaitForSingleObjectEx
CreateThread
WaitForMultipleObjectsEx
GlobalLock
GlobalUnlock
FlushFileBuffers
GetFileAttributesExA
TryEnterCriticalSection
SwitchToThread
CreateEventW
LoadLibraryW
GetTickCount
FindFirstFileW
FindNextFileW
GetFileAttributesW
GetModuleFileNameW
SetErrorMode
GetModuleHandleExW
LoadLibraryExW
CreateTimerQueue
UnregisterWaitEx
QueryDepthSList
InterlockedPopEntrySList
DuplicateHandle
GetVersionExW
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SignalObjectAndWait
WriteConsoleW
SetEndOfFile
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
SetFilePointerEx
GetConsoleCP
ReadConsoleW
GetConsoleMode
GetOEMCP
GetACP
IsValidCodePage
HeapQueryInformation
GetFileType
GetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
ExitProcess
FindFirstFileExW
FreeLibraryAndExitThread
ExitThread
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
EncodePointer
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeSListHead
GetCurrentThreadId
GetStartupInfoW
MultiByteToWideChar
WideCharToMultiByte
GetFileSizeEx
GetFileSize
GetFileAttributesA
DeleteFileA
GetSystemDirectoryA
GetModuleFileNameA
GlobalFree
GlobalAlloc
GetCurrentThread
GetCurrentProcess
GetModuleHandleA
FreeLibrary
LoadLibraryA
GetProcAddress
GetModuleHandleW
GetVolumeInformationA
SetLastError
FindClose
GetTimeZoneInformation
GetSystemTimeAsFileTime
ReadFile
SetFilePointer
CreateFileA
lstrlenA
CloseHandle
GetLastError
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
OutputDebugStringW
IsDebuggerPresent
LoadLibraryExA
VirtualQuery

user32

CloseDesktop
OpenInputDesktop
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
IsRectEmpty
FillRect
EnumDisplayDevicesA
MsgWaitForMultipleObjects
GetSystemMetrics
GetWindowRect
CopyRect
OffsetRect
EqualRect
PtInRect
ClientToScreen
PeekMessageA
TranslateMessage
DispatchMessageA
GetDesktopWindow
GetForegroundWindow
GetDC
ReleaseDC
RegisterWindowMessageA
GetCursorInfo
GetIconInfo
SetThreadDesktop
GetCursorPos
GetAsyncKeyState
ScreenToClient
WindowFromDC
DrawIconEx
IntersectRect
SetRect
SetRectEmpty
UnionRect
GetClientRect

gdi32

CreateSolidBrush
GetDIBits
CreateCompatibleBitmap
CreateDCA
SetBkMode
TextOutW
GetTextExtentPoint32W
SetTextCharacterExtra
CreateFontW
AbortPath
GetPath
EndPath
CloseFigure
BeginPath
StretchBlt
SetStretchBltMode
DeleteDC
SelectObject
CreateCompatibleDC
CreateDIBSection
DeleteObject
SetBkColor
GetObjectA

advapi32

RegCloseKey
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW

shell32

SHGetFolderPathW

ole32

CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemFree

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

pdh

PdhCollectQueryData
PdhAddCounterA
PdhOpenQueryA
PdhRemoveCounter
PdhGetFormattedCounterValue

vcomp140

omp_unset_lock
_vcomp_set_num_threads
omp_set_lock
omp_init_lock
omp_set_dynamic
omp_get_num_threads
omp_destroy_lock
omp_get_max_threads
_vcomp_for_static_end
_vcomp_for_static_simple_init
_vcomp_fork
_vcomp_master_begin
_vcomp_master_end
_vcomp_reduction_i4
omp_get_thread_num

winmm

mmioAscend
mmioOpenW
mmioClose
mmioCreateChunk
mmioWrite
waveInAddBuffer
waveInGetNumDevs
mmioSeek
waveInGetDevCapsA
PlaySoundW
timeBeginPeriod
mixerGetControlDetailsA
mixerSetControlDetails
mixerClose
mixerGetLineControlsA
mixerGetLineInfoA
mixerGetDevCapsA
mixerOpen
mixerGetID
waveInMessage
waveInGetErrorTextA
waveInReset
waveInStop
waveInClose
waveInUnprepareHeader
waveInStart
waveInPrepareHeader
waveInOpen

d3d9

Direct3DCreate9Ex

dxva2

DXVA2CreateDirect3DDeviceManager9

Exports

Exports

CreateBandiCapture
CreateCoreInterface
CreateDrawEffect

Sections

.text
Size: 7.0MB - Virtual size: 7.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

IPPCODE
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 427KB - Virtual size: 535KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IPPDATA
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.BANDI0
Size: 789KB - Virtual size: 789KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SetuperLaunchWin.exe/data/mojo_core.dll
.dll windows x64

Password: 2023

8171e9aca280155d683da31fc1a12d16

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:44:18:e2:de:de:36:dd:29:74:c3:44:3a:fb:5c:e5
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

02/07/2021, 00:00

Not After

10/07/2024, 23:59

Subject

CN=Google LLC,O=Google LLC,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

53:7d:78:c7:5b:11:c3:74:22:ef:d9:cf:6e:17:a8:aa:ae:63:f4:76:e6:0a:9e:ad:29:45:ce:3a:16:b6:72:65
Signer

Actual PE Digest

53:7d:78:c7:5b:11:c3:74:22:ef:d9:cf:6e:17:a8:aa:ae:63:f4:76:e6:0a:9e:ad:29:45:ce:3a:16:b6:72:65

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Google LLC,O=Google LLC,L=Mountain View,ST=California,C=US

24/01/2023, 04:08
Valid: true

Chain 1

CN=Google LLC,O=Google LLC,L=Mountain View,ST=California,C=US

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Chain 2

CN=Google LLC,O=Google LLC,L=Mountain View,ST=California,C=US

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

AcquireSRWLockExclusive
AcquireSRWLockShared
CancelIo
CloseHandle
CompareStringW
ConnectNamedPipe
CreateEventW
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateNamedPipeW
CreateThread
DeleteCriticalSection
DeleteFileW
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FindClose
FindFirstFileExW
FindNextFileW
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsW
GetFileSizeEx
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetProcAddress
GetProcessHeap
GetProductInfo
GetQueuedCompletionStatus
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadId
GetThreadPriority
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExW
InitOnceExecuteOnce
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
K32GetModuleInformation
K32QueryWorkingSetEx
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LocalFree
MapViewOfFile
MultiByteToWideChar
OutputDebugStringA
PostQueuedCompletionStatus
QueryPerformanceCounter
QueryPerformanceFrequency
QueryThreadCycleTime
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ResetEvent
RtlCaptureContext
RtlCaptureStackBackTrace
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
UnhandledExceptionFilter
UnmapViewOfFile
UnregisterWaitEx
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WaitNamedPipeW
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
lstrlenA

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
EventRegister
EventUnregister
EventWrite
InitializeAcl
InitializeSecurityDescriptor
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
SetSecurityDescriptorDacl
SystemFunction036

dbghelp

SymCleanup
SymFromAddr
SymGetLineFromAddr64
SymGetSearchPathW
SymInitialize
SymSetOptions
SymSetSearchPathW

shell32

CommandLineToArgvW

user32

CreateWindowExW
DefWindowProcW
DestroyWindow
DispatchMessageW
GetQueueStatus
GetWindowLongPtrW
KillTimer
MsgWaitForMultipleObjectsEx
PeekMessageW
PostMessageW
PostQuitMessage
RegisterClassExW
SetTimer
SetWindowLongPtrW
TranslateMessage
UnregisterClassW

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime

ole32

CoInitializeEx
CoRegisterInitializeSpy
CoRevokeInitializeSpy
CoUninitialize

Exports

Exports

GetHandleVerifier
MojoGetSystemThunks

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gxfg
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 92B

.tls
Size: 512B - Virtual size: 297B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 68B

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: 2023

Password: 2023

3e081a820fe6244a01fb0c6235a1ea08

Code Sign

33:00:00:03:df:fb:6a:e3:f4:27:ec:b6:a3:00:00:00:00:03:dfCertificate

Extended Key Usages

61:0c:52:4c:00:00:00:00:00:03Certificate

Key Usages

33:00:00:01:e3:0e:3b:6f:67:7a:1b:6b:7e:00:00:00:00:01:e3Certificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

84:84:37:c4:50:20:5a:d3:03:f5:4f:2f:05:74:2b:27:48:ae:73:dc:be:ab:4e:5a:11:ac:ad:cb:e0:de:07:8eSigner

Signature Validations

Verification

09/03/2023, 18:57 Valid: false

84:84:37:c4:50:20:5a:d3:03:f5:4f:2f:05:74:2b:27:48:ae:73:dc:be:ab:4e:5a:11:ac:ad:cb:e0:de:07:8eSigner

Signature Validations

Verification

09/03/2023, 18:57 Valid: false

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 457KB - Virtual size: 456KB

.data Size: 244KB - Virtual size: 244KB

.rdata Size: 1024B - Virtual size: 740B

.eh_fram Size: 3KB - Virtual size: 2KB

.bss Size: - Virtual size: 112B

.idata Size: 1KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 66KB - Virtual size: 66KB

Password: 2023

f19ce51dc9ca97eb6b3fde5e513a0f03

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

01:34:25:92:a0:01:0c:b1:10:9c:11:c0:51:9c:fd:24Certificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

13:f9:17:7d:83:64:29:93:31:e4:00:71:4b:58:88:09:76:ee:16:b1Signer

Signature Validations

Verification

14/02/2021, 02:19 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

imm32

ole32

oleaut32

msimg32

Exports

Exports

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 291KB - Virtual size: 290KB

.data Size: 34KB - Virtual size: 40KB

.pdata Size: 41KB - Virtual size: 41KB

.rsrc Size: 1024B - Virtual size: 976B

.reloc Size: 11KB - Virtual size: 11KB

33:00:00:03:df:fb:6a:e3:f4:27:ec:b6:a3:00:00:00:00:03:df
Certificate

61:0c:52:4c:00:00:00:00:00:03
Certificate

33:00:00:01:e3:0e:3b:6f:67:7a:1b:6b:7e:00:00:00:00:01:e3
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

84:84:37:c4:50:20:5a:d3:03:f5:4f:2f:05:74:2b:27:48:ae:73:dc:be:ab:4e:5a:11:ac:ad:cb:e0:de:07:8e
Signer

09/03/2023, 18:57
Valid: false

84:84:37:c4:50:20:5a:d3:03:f5:4f:2f:05:74:2b:27:48:ae:73:dc:be:ab:4e:5a:11:ac:ad:cb:e0:de:07:8e
Signer

09/03/2023, 18:57
Valid: false

.text
Size: 457KB - Virtual size: 456KB

.data
Size: 244KB - Virtual size: 244KB

.rdata
Size: 1024B - Virtual size: 740B

.eh_fram
Size: 3KB - Virtual size: 2KB

.bss
Size: - Virtual size: 112B

.idata
Size: 1KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 66KB - Virtual size: 66KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

01:34:25:92:a0:01:0c:b1:10:9c:11:c0:51:9c:fd:24
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

13:f9:17:7d:83:64:29:93:31:e4:00:71:4b:58:88:09:76:ee:16:b1
Signer

14/02/2021, 02:19
Valid: true

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 291KB - Virtual size: 290KB

.data
Size: 34KB - Virtual size: 40KB

.pdata
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 1024B - Virtual size: 976B

.reloc
Size: 11KB - Virtual size: 11KB

CODE
Size: 3KB - Virtual size: 2KB

DATA
Size: 512B - Virtual size: 128B

BSS
Size: - Virtual size: 1KB

.idata
Size: 1024B - Virtual size: 556B

.reloc
Size: 512B - Virtual size: 300B

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

0d:26:1c:84:70:ad:bb:65:80:0c:ea:f3:ea:c7:08:19
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

0d:26:1c:84:70:ad:bb:65:80:0c:ea:f3:ea:c7:08:19
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

7f:b8:1e:39:7b:22:37:ec:48:e7:0d:26:4f:7e:db:9a:b8:8a:20:0e:a1:31:aa:ae:32:57:36:d7:2c:d7:f3:ff
Signer

09/02/2022, 18:50
Valid: true

04:98:51:b2:bc:9e:a8:cf:c3:2f:38:bf:ef:86:0b:0b:05:12:c9:4e
Signer

09/02/2022, 18:50
Valid: true