DamAgent[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

DamAgent.exe
Size

3.4MB
MD5

ebbc7658c5daeea545145076c4cb842c
SHA1

282a1827c3eedc86d02efe939f60b4f90d1acbc6
SHA256

e9b06b4806a23d47062321736476149e3d90145cee9462a966752ceff047e038
SHA512

7cc82d1ab931c3948181d562223175727369a37c1ca05587758bfc4e611a2bdbdf79c5b437c872d776a54510d2ce3d4ac29e0237d2a3891b0702d3406e63b495
SSDEEP

49152:32lgT4uNsc6owWoYl40/Y2fpVp1mKYUKrB6n5/WpMiR2TxoL1gQGhDFNVA5welQe:W0vhGq5/vVLV+3Zh

Score

1^/10

Malware Config

Signatures

Files

DamAgent.exe
.exe windows x64

ff56a8dc11e7d21f4e129ea7ca408240

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

07-11-2021 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

59:08:2b:87:54:9e:ff:e1:3c:2d:8e:4f:4f:84:f7:85
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

18-07-2016 00:00

Not After

15-07-2019 23:59

Subject

CN=Hang Zhou H3C Technologies Co.\, Ltd.,OU=IT,O=Hang Zhou H3C Technologies Co.\, Ltd.,L=Hangzhou,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

64:b3:37:db:59:df:86:6d:a8:a1:bb:42:d6:ed:18:87:d7:d9:ad:2c
Signer

Actual PE Digest

64:b3:37:db:59:df:86:6d:a8:a1:bb:42:d6:ed:18:87:d7:d9:ad:2c

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Hang Zhou H3C Technologies Co.\, Ltd.,OU=IT,O=Hang Zhou H3C Technologies Co.\, Ltd.,L=Hangzhou,ST=Zhejiang,C=CN

29-12-2017 06:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

psapi

EnumProcesses
EnumProcessModules
GetModuleFileNameExA
GetModuleBaseNameA

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

iphlpapi

GetAdaptersInfo

ws2_32

freeaddrinfo
getnameinfo
inet_addr
getaddrinfo
htonl
htons
WSAStartup
WSAGetLastError
socket
bind
WSACleanup
closesocket
sendto
ntohs
inet_ntoa
recvfrom
__WSAFDIsSet
select
ntohl

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

netapi32

NetApiBufferFree
NetShareEnum

advapi32

ConvertSidToStringSidA
FreeSid
RevertToSelf
RegNotifyChangeKeyValue
RegisterServiceCtrlHandlerExA
StartServiceCtrlDispatcherA
RegEnumKeyA
IsValidSecurityDescriptor
GetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
QueryServiceConfigA
QueryServiceStatusEx
StartServiceA
SetServiceStatus
LockServiceDatabase
QueryServiceLockStatusA
ChangeServiceConfigA
UnlockServiceDatabase
GetExplicitEntriesFromAclA
RegCreateKeyExA
SetTokenInformation
OpenServiceA
ImpersonateLoggedOnUser
DuplicateTokenEx
LookupPrivilegeValueA
AdjustTokenPrivileges
InitiateSystemShutdownA
GetTokenInformation
AllocateAndInitializeSid
EqualSid
RegDeleteValueA
RegEnumValueA
RegQueryInfoKeyA
RegCloseKey
RegOpenKeyExA
SetNamedSecurityInfoA
SetEntriesInAclA
BuildExplicitAccessWithNameA
GetNamedSecurityInfoA
GetUserNameA
CreateProcessAsUserA
OpenProcessToken
RegQueryValueExA
RegSetValueExA
RegCreateKeyA
RegDeleteKeyA
RegEnumKeyExA
CloseServiceHandle
CreateServiceA
OpenSCManagerA
DeleteService
QueryServiceStatus
ControlService
LookupAccountSidA

ole32

CoInitializeEx
CreateStreamOnHGlobal
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
DoDragDrop
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoCreateGuid
CoSetProxyBlanket
CoCreateInstance
CoInitialize
CoUninitialize
CoInitializeSecurity
CoTaskMemFree

setupapi

CM_Get_Device_IDA
SetupDiClassGuidsFromNameA
SetupDiGetClassDescriptionExA
SetupDiGetDeviceInfoListDetailA
CM_Get_DevNode_Status
SetupDiSetClassInstallParamsA
SetupDiCallClassInstaller
SetupDiGetDeviceInstanceIdA
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstallParamsA

kernel32

HeapFree
HeapAlloc
GetProcessHeap
ReleaseMutex
WritePrivateProfileStringA
GetCurrentProcessId
FindFirstFileA
GetPrivateProfileStringA
FindNextFileW
FindFirstFileW
GetSystemDirectoryA
GetEnvironmentVariableA
GetFileAttributesExA
CopyFileA
RemoveDirectoryA
DeviceIoControl
GetVersionExA
FormatMessageA
GetComputerNameA
CreateToolhelp32Snapshot
Process32First
Process32Next
OpenProcess
lstrlenA
OutputDebugStringA
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
OpenFileMappingA
Sleep
LocalFree
LocalAlloc
GetWindowsDirectoryA
GetSystemInfo
GlobalFree
GlobalAlloc
GetCurrentProcess
FreeLibrary
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetUserDefaultUILanguage
FileTimeToSystemTime
GetLogicalDrives
GetVolumeNameForVolumeMountPointA
SetVolumeMountPointA
DeleteVolumeMountPointA
GetDriveTypeA
CreateEventA
SetErrorMode
CreateMutexA
SetEvent
SystemTimeToTzSpecificLocalTime
GetProcessTimes
GetTickCount
GetVolumeInformationA
OpenMutexA
TerminateThread
ResumeThread
lstrlenW
lstrcmpiA
ResetEvent
FlushFileBuffers
SizeofResource
LoadResource
FindResourceA
GetFileAttributesA
lstrcmpA
WritePrivateProfileSectionA
FileTimeToLocalFileTime
SystemTimeToFileTime
VirtualFreeEx
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
MoveFileA
PostQueuedCompletionStatus
ReadDirectoryChangesW
CreateIoCompletionPort
GetLogicalDriveStringsA
GetQueuedCompletionStatus
GetFileInformationByHandle
TerminateProcess
SetEndOfFile
LockResource
FindResourceW
SetLastError
DeactivateActCtx
LoadLibraryW
ActivateActCtx
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
MulDiv
GlobalUnlock
GlobalLock
GlobalSize
ReleaseActCtx
GetModuleFileNameW
GetFileSizeEx
GetFileTime
LockFile
UnlockFile
GetFileSize
DuplicateHandle
GetFullPathNameA
TlsGetValue
TlsAlloc
GlobalReAlloc
LoadLibraryA
TlsSetValue
LocalReAlloc
CompareStringA
GetModuleHandleW
GlobalGetAtomNameA
SetThreadPriority
GlobalAddAtomA
GlobalFlags
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
FreeResource
GetLocaleInfoA
GetACP
GetCPInfo
GetOEMCP
lstrcpyA
GetCurrentDirectoryA
GetNumberFormatA
GetTempFileNameA
GetTempPathA
GetProfileIntA
SearchPathA
VirtualProtect
GetUserDefaultLCID
FindResourceExW
RtlLookupFunctionEntry
RtlUnwindEx
RaiseException
RtlPcToFileHeader
ExitThread
CreateThread
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
VirtualAlloc
SetThreadStackGuarantee
VirtualQuery
GetCommandLineA
SetStdHandle
GetFileType
HeapReAlloc
HeapQueryInformation
HeapSize
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
HeapSetInformation
GetVersion
HeapCreate
IsValidCodePage
SetHandleCount
GetStdHandle
GetStartupInfoW
LCMapStringW
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetLocaleInfoW
GetConsoleCP
GetConsoleMode
GetStringTypeW
CompareStringW
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
FindClose
FindNextFileA
SetFileAttributesA
DeleteFileA
CreateFileA
SetFilePointer
WriteFile
GetCurrentThreadId
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
GetModuleHandleA
GetProcAddress
GetDiskFreeSpaceA
CreatePipe
GetLastError
GetStartupInfoA
CreateProcessA
WaitForSingleObject
CloseHandle
ReadFile
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CreateDirectoryA
GlobalHandle
GetLocalTime
GetPrivateProfileIntA

user32

SetPropA
GetClassLongPtrA
GetClassLongA
GetCapture
IsChild
WinHelpA
LoadIconA
LoadIconW
RegisterWindowMessageA
IsIconic
PostQuitMessage
InflateRect
IntersectRect
GetMenuItemInfoA
DestroyMenu
SystemParametersInfoA
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
SetRectEmpty
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadCursorW
SetCursor
ShowOwnedPopups
DeleteMenu
InvalidateRect
SetTimer
KillTimer
RedrawWindow
GetMenuDefaultItem
CreatePopupMenu
IsRectEmpty
MapVirtualKeyA
SetCapture
GetAsyncKeyState
ReleaseCapture
InvertRect
DrawFocusRect
HideCaret
EnableScrollBar
NotifyWinEvent
MessageBeep
OffsetRect
GetIconInfo
CopyImage
LoadImageA
GetNextDlgGroupItem
DrawIconEx
IsZoomed
SetWindowRgn
SetParent
DestroyAcceleratorTable
WindowFromPoint
SetClassLongPtrA
LoadMenuW
GetSystemMenu
DrawStateA
DrawEdge
DrawFrameControl
CopyAcceleratorTableA
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetRect
SetCursorPos
BringWindowToTop
LockWindowUpdate
GetKeyNameTextA
CallWindowProcA
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
IsCharLowerA
MapVirtualKeyExA
UnionRect
UpdateLayeredWindow
MonitorFromPoint
IsMenu
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
PostThreadMessageA
WaitMessage
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
GetPropA
CreateMenu
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
RegisterClipboardFormatA
CopyIcon
CharUpperBuffA
GetDoubleClickTime
SubtractRect
MapDialogRect
DrawIcon
DestroyCursor
GetWindowRgn
LoadCursorA
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetWindowThreadProcessId
SendMessageA
GetWindowLongA
GetParent
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
CharUpperA
GetSystemMetrics
UnhookWindowsHookEx
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
GetDesktopWindow
UnregisterDeviceNotification
RegisterDeviceNotificationA
ExitWindowsEx
RemovePropA
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetWindowLongPtrA
SetWindowLongPtrA
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetClientRect
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
EndPaint
BeginPaint
GetWindowDC
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
SetWindowPos
ShowWindow
MoveWindow
SetWindowLongA
IsWindow
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
CheckDlgButton
GetScrollPos
SetScrollPos
SetFocus
GetFocus
RealChildWindowFromPoint
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
SetWindowTextA
DestroyIcon
EqualRect
DeferWindowPos
GetScrollInfo
SetWindowsHookExA
CallNextHookEx
GetMessageA
SetScrollInfo
CopyRect
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
GetWindowTextLengthA
GetWindowTextA
OpenClipboard

gdi32

SetDIBColorTable
StretchBlt
SetPixel
Rectangle
OffsetRgn
GetRgnBox
EnumFontFamiliesExA
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
SetBkColor
RestoreDC
SaveDC
DeleteObject
CreateDCA
CopyMetaFileA
ExtFloodFill
SetPaletteEntries
SetPixelV
Polygon
Ellipse
Polyline
CreateEllipticRgn
GetTextColor
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
GetBkColor
GetTextCharsetInfo
EnumFontFamiliesA
GetTextMetricsA
CreateCompatibleBitmap
CreateDIBitmap
GetTextExtentPoint32A
DPtoLP
PatBlt
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateFontIndirectA
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreateBitmap
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
GetTextFaceA
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectA
CreateRectRgn
SelectClipRgn
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
GetDeviceCaps

winspool.drv

DocumentPropertiesA
GetPrinterA
OpenPrinterA
FindFirstPrinterChangeNotification
FreePrinterNotifyInfo
FindClosePrinterChangeNotification
ClosePrinter
EnumPrintersA
FindNextPrinterChangeNotification

comdlg32

GetFileTitleA

shell32

SHGetFileInfoA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
SHGetDesktopFolder
SHBrowseForFolderA
DragFinish
DragQueryFileA
SHAppBarMessage

oleaut32

SafeArrayUnaccessData
SysAllocStringLen
SafeArrayGetUBound
VarBstrFromDate
SystemTimeToVariantTime
SysFreeString
SysStringLen
VarDateFromStr
VariantTimeToSystemTime
SysAllocString
VariantInit
VariantChangeType
VariantClear
SafeArrayAccessData
SafeArrayGetDim
SafeArrayGetLBound

shlwapi

PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
StrStrIA
PathRemoveFileSpecW

msimg32

AlphaBlend
TransparentBlt

comctl32

ImageList_GetIconSize

wininet

InternetSetFilePointer
InternetReadFile
InternetQueryDataAvailable
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA
FtpSetCurrentDirectoryA
FtpOpenFileA
InternetWriteFile
InternetCloseHandle
InternetSetStatusCallback
InternetGetLastResponseInfoA

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 791KB - Virtual size: 791KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 941KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff56a8dc11e7d21f4e129ea7ca408240

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78Certificate

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

59:08:2b:87:54:9e:ff:e1:3c:2d:8e:4f:4f:84:f7:85Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

64:b3:37:db:59:df:86:6d:a8:a1:bb:42:d6:ed:18:87:d7:d9:ad:2cSigner

Signature Validations

Verification

29-12-2017 06:34 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

psapi

userenv

iphlpapi

ws2_32

version

netapi32

advapi32

ole32

setupapi

kernel32

user32

gdi32

winspool.drv

comdlg32

shell32

oleaut32

shlwapi

msimg32

comctl32

wininet

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 791KB - Virtual size: 791KB

.data Size: 34KB - Virtual size: 941KB

.pdata Size: 125KB - Virtual size: 124KB

text Size: 3KB - Virtual size: 2KB

data Size: 2KB - Virtual size: 1KB

.rsrc Size: 57KB - Virtual size: 57KB

.reloc Size: 82KB - Virtual size: 81KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

59:08:2b:87:54:9e:ff:e1:3c:2d:8e:4f:4f:84:f7:85
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

64:b3:37:db:59:df:86:6d:a8:a1:bb:42:d6:ed:18:87:d7:d9:ad:2c
Signer

29-12-2017 06:34
Valid: false

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 791KB - Virtual size: 791KB

.data
Size: 34KB - Virtual size: 941KB

.pdata
Size: 125KB - Virtual size: 124KB

text
Size: 3KB - Virtual size: 2KB

data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 57KB - Virtual size: 57KB

.reloc
Size: 82KB - Virtual size: 81KB