Greenshot Portable-Mod[.]rar

Sharing

Copy URL

Twitter E-mail

General

Target

Greenshot Portable-Mod.rar
Size

487KB
MD5

8e965e73006ffe07a5d53c471c412e9c
SHA1

9944c56078e11f6b5cc7c4b769845bfb79674dcd
SHA256

d311715788711fba67a34f9a192c79dd5856980f2c51ad9a1d4f6068094ff0c5
SHA512

c9da94c38bab6107c5df507f966d8bfa8056a88bcaa91037ec9e1f7d7c15b2c4e8e157c387e233f682f4d56c1b6a9cf6d6d1097e167b579053c583aaa190348e
SSDEEP

12288:Cj6t9IwCIma4Ia6yqu8MgZDbw8m5eicsAoN6N:Ic9IwCTPrwu8TzmcizxNs

Score

1^/10

Malware Config

Signatures

Files

Greenshot Portable-Mod.rar
.rar
Greenshot.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

29-10-2015 11:30

Not After

09-06-2027 11:30

Subject

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7
Certificate

Issuer

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

10-08-2016 20:47

Not After

10-08-2017 07:43

Subject

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

08-03-2016 13:10

Not After

30-05-2027 13:10

Subject

CN=Certum EV TSA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

29-10-2015 11:30

Not After

09-06-2027 11:30

Subject

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7
Certificate

Issuer

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

10-08-2016 20:47

Not After

10-08-2017 07:43

Subject

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

08-03-2016 13:10

Not After

30-05-2027 13:10

Subject

CN=Certum EV TSA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

a3:2a:d4:90:35:b0:5b:07:18:33:cc:d6:17:37:44:7e:26:3d:cd:69:e8:fb:7a:78:e5:cb:aa:8b:0d:4c:99:d2
Signer

Actual PE Digest

a3:2a:d4:90:35:b0:5b:07:18:33:cc:d6:17:37:44:7e:26:3d:cd:69:e8:fb:7a:78:e5:cb:aa:8b:0d:4c:99:d2

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

09-08-2017 15:34
Valid: true

Chain 1

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

47:da:78:48:c5:79:3c:02:5b:22:6e:ca:4a:5c:dc:89:91:e7:bd:95
Signer

Actual PE Digest

47:da:78:48:c5:79:3c:02:5b:22:6e:ca:4a:5c:dc:89:91:e7:bd:95

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

09-08-2017 15:34
Valid: true

Chain 1

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 476KB - Virtual size: 475KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Greenshot.exe.config
.xml
Greenshot.ini
GreenshotPlugin.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

29-10-2015 11:30

Not After

09-06-2027 11:30

Subject

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7
Certificate

Issuer

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

10-08-2016 20:47

Not After

10-08-2017 07:43

Subject

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

08-03-2016 13:10

Not After

30-05-2027 13:10

Subject

CN=Certum EV TSA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

29-10-2015 11:30

Not After

09-06-2027 11:30

Subject

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7
Certificate

Issuer

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

10-08-2016 20:47

Not After

10-08-2017 07:43

Subject

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

08-03-2016 13:10

Not After

30-05-2027 13:10

Subject

CN=Certum EV TSA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

52:60:cd:cb:43:e3:1b:83:3a:4a:d2:1a:37:90:59:3e:91:e8:1c:f5:1e:54:cb:ce:2f:94:57:30:ca:82:8c:1b
Signer

Actual PE Digest

52:60:cd:cb:43:e3:1b:83:3a:4a:d2:1a:37:90:59:3e:91:e8:1c:f5:1e:54:cb:ce:2f:94:57:30:ca:82:8c:1b

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

09-08-2017 15:35
Valid: true

Chain 1

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

40:39:80:86:13:4d:d1:f2:da:73:e4:76:fd:9e:b8:1d:c1:47:03:8c
Signer

Actual PE Digest

40:39:80:86:13:4d:d1:f2:da:73:e4:76:fd:9e:b8:1d:c1:47:03:8c

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

09-08-2017 15:35
Valid: true

Chain 1

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 424KB - Virtual size: 420KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
LinqBridge.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

29-10-2015 11:30

Not After

09-06-2027 11:30

Subject

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7
Certificate

Issuer

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

10-08-2016 20:47

Not After

10-08-2017 07:43

Subject

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

08-03-2016 13:10

Not After

30-05-2027 13:10

Subject

CN=Certum EV TSA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

29-10-2015 11:30

Not After

09-06-2027 11:30

Subject

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7
Certificate

Issuer

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

10-08-2016 20:47

Not After

10-08-2017 07:43

Subject

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

08-03-2016 13:10

Not After

30-05-2027 13:10

Subject

CN=Certum EV TSA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

fb:7c:f9:8f:a3:0a:53:b8:b8:9d:ba:75:e8:a1:32:18:30:fc:c4:85:c4:92:33:41:c6:87:19:d2:7f:a5:08:9f
Signer

Actual PE Digest

fb:7c:f9:8f:a3:0a:53:b8:b8:9d:ba:75:e8:a1:32:18:30:fc:c4:85:c4:92:33:41:c6:87:19:d2:7f:a5:08:9f

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

09-08-2017 15:35
Valid: true

Chain 1

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

2d:f6:49:c4:5d:01:b4:32:41:89:ca:1f:11:ba:38:17:2e:b2:53:0d
Signer

Actual PE Digest

2d:f6:49:c4:5d:01:b4:32:41:89:ca:1f:11:ba:38:17:2e:b2:53:0d

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

09-08-2017 15:35
Valid: true

Chain 1

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/GreenshotImgurPlugin/GreenshotImgurPlugin.gsp
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

29-10-2015 11:30

Not After

09-06-2027 11:30

Subject

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7
Certificate

Issuer

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

10-08-2016 20:47

Not After

10-08-2017 07:43

Subject

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

08-03-2016 13:10

Not After

30-05-2027 13:10

Subject

CN=Certum EV TSA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

29-10-2015 11:30

Not After

09-06-2027 11:30

Subject

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7
Certificate

Issuer

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

10-08-2016 20:47

Not After

10-08-2017 07:43

Subject

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

08-03-2016 13:10

Not After

30-05-2027 13:10

Subject

CN=Certum EV TSA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

bc:eb:dd:7b:40:84:57:19:f1:f5:12:04:47:2c:12:f4:ce:30:6b:4e:57:20:9d:c3:a4:cd:3e:f1:68:24:b2:b7
Signer

Actual PE Digest

bc:eb:dd:7b:40:84:57:19:f1:f5:12:04:47:2c:12:f4:ce:30:6b:4e:57:20:9d:c3:a4:cd:3e:f1:68:24:b2:b7

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

09-08-2017 15:34
Valid: true

Chain 1

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

6d:58:85:c5:14:39:3c:c4:2e:6c:cb:a1:f3:31:7b:e4:c1:fe:95:53
Signer

Actual PE Digest

6d:58:85:c5:14:39:3c:c4:2e:6c:cb:a1:f3:31:7b:e4:c1:fe:95:53

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

09-08-2017 15:34
Valid: true

Chain 1

CN=Open Source Developer\, Robin Krom,O=Open Source Developer,C=DE,1.2.840.113549.1.9.1=#0c16676574677265656e73686f7440676d61696c2e636f6d

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
checksum.MD5
log4net.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 204KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2Certificate

Extended Key Usages

Key Usages

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7Certificate

Extended Key Usages

Key Usages

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70Certificate

Extended Key Usages

Key Usages

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2Certificate

Extended Key Usages

Key Usages

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7Certificate

Extended Key Usages

Key Usages

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70Certificate

Extended Key Usages

Key Usages

a3:2a:d4:90:35:b0:5b:07:18:33:cc:d6:17:37:44:7e:26:3d:cd:69:e8:fb:7a:78:e5:cb:aa:8b:0d:4c:99:d2Signer

Signature Validations

Verification

09-08-2017 15:34 Valid: true

Chain 1

47:da:78:48:c5:79:3c:02:5b:22:6e:ca:4a:5c:dc:89:91:e7:bd:95Signer

Signature Validations

Verification

09-08-2017 15:34 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 476KB - Virtual size: 475KB

.rsrc Size: 20KB - Virtual size: 18KB

.reloc Size: 4KB - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2Certificate

Extended Key Usages

Key Usages

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7Certificate

Extended Key Usages

Key Usages

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70Certificate

Extended Key Usages

Key Usages

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2Certificate

Extended Key Usages

Key Usages

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7Certificate

Extended Key Usages

Key Usages

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70Certificate

Extended Key Usages

Key Usages

52:60:cd:cb:43:e3:1b:83:3a:4a:d2:1a:37:90:59:3e:91:e8:1c:f5:1e:54:cb:ce:2f:94:57:30:ca:82:8c:1bSigner

Signature Validations

Verification

09-08-2017 15:35 Valid: true

Chain 1

40:39:80:86:13:4d:d1:f2:da:73:e4:76:fd:9e:b8:1d:c1:47:03:8cSigner

Signature Validations

Verification

09-08-2017 15:35 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7
Certificate

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70
Certificate

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7
Certificate

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70
Certificate

a3:2a:d4:90:35:b0:5b:07:18:33:cc:d6:17:37:44:7e:26:3d:cd:69:e8:fb:7a:78:e5:cb:aa:8b:0d:4c:99:d2
Signer

09-08-2017 15:34
Valid: true

47:da:78:48:c5:79:3c:02:5b:22:6e:ca:4a:5c:dc:89:91:e7:bd:95
Signer

09-08-2017 15:34
Valid: true

.text
Size: 476KB - Virtual size: 475KB

.rsrc
Size: 20KB - Virtual size: 18KB

.reloc
Size: 4KB - Virtual size: 12B

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7
Certificate

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70
Certificate

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7
Certificate

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70
Certificate

52:60:cd:cb:43:e3:1b:83:3a:4a:d2:1a:37:90:59:3e:91:e8:1c:f5:1e:54:cb:ce:2f:94:57:30:ca:82:8c:1b
Signer

09-08-2017 15:35
Valid: true

40:39:80:86:13:4d:d1:f2:da:73:e4:76:fd:9e:b8:1d:c1:47:03:8c
Signer

09-08-2017 15:35
Valid: true

.text
Size: 424KB - Virtual size: 420KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 12B

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7
Certificate

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70
Certificate

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7
Certificate

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70
Certificate

fb:7c:f9:8f:a3:0a:53:b8:b8:9d:ba:75:e8:a1:32:18:30:fc:c4:85:c4:92:33:41:c6:87:19:d2:7f:a5:08:9f
Signer

09-08-2017 15:35
Valid: true

2d:f6:49:c4:5d:01:b4:32:41:89:ca:1f:11:ba:38:17:2e:b2:53:0d
Signer

09-08-2017 15:35
Valid: true

.text
Size: 59KB - Virtual size: 59KB

.rsrc
Size: 1024B - Virtual size: 928B

.reloc
Size: 512B - Virtual size: 12B

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7
Certificate

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70
Certificate

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

66:c5:dc:c1:4b:51:78:09:c1:72:b4:4b:7e:97:84:f7
Certificate

fe:67:e4:f1:5a:24:e3:c6:0d:54:7c:a0:20:c2:76:70
Certificate

bc:eb:dd:7b:40:84:57:19:f1:f5:12:04:47:2c:12:f4:ce:30:6b:4e:57:20:9d:c3:a4:cd:3e:f1:68:24:b2:b7
Signer

09-08-2017 15:34
Valid: true

6d:58:85:c5:14:39:3c:c4:2e:6c:cb:a1:f3:31:7b:e4:c1:fe:95:53
Signer