Extracted

• 00260cbc7fa2b19799b8ac4d5005b27a.bin

  .exe windows x86

  e2349da2db81e32780b8623198107187

  
  

  Code Sign

  0a

  Certificate

  Issuer

  CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

  Not Before

  06/08/2003, 00:00

  Not After

  05/08/2013, 23:59

  Subject

  CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

  Extended Key Usages

  ExtKeyUsageClientAuth

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5

  Certificate

  Issuer

  CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

  Not Before

  15/06/2007, 00:00

  Not After

  14/06/2012, 23:59

  Subject

  CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  67:c5:f1:45:53:19:2e:4a:bf:84:35:9c:d7:e6:b1:b6

  Certificate

  Issuer

  CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

  Not Before

  25/06/2009, 00:00

  Not After

  17/09/2011, 23:59

  Subject

  CN=RealVNC Ltd,OU=SOFTWARE,O=RealVNC Ltd,L=Cambridge,ST=Cambridgeshire,C=UK

  Extended Key Usages

  ExtKeyUsageCodeSigning

  ExtKeyUsageMicrosoftCommercialCodeSigning

  47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4

  Certificate

  Issuer

  CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

  Not Before

  04/12/2003, 00:00

  Not After

  03/12/2013, 23:59

  Subject

  CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  18:f1:05:d7:26:29:5f:ea:07:dd:08:4c:26:44:d0:dd:ed:22:df:76

  Signer

  Actual PE Digest

  18:f1:05:d7:26:29:5f:ea:07:dd:08:4c:26:44:d0:dd:ed:22:df:76

  Digest Algorithm

  sha1

  PE Digest Matches

  false

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=RealVNC Ltd,OU=SOFTWARE,O=RealVNC Ltd,L=Cambridge,ST=Cambridgeshire,C=UK

  18/08/2011, 13:37

  Valid: false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  ws2_32

  setsockopt

  inet_addr

  inet_ntoa

  htonl

  WSAEventSelect

  WSAIoctl

  WSAEnumNetworkEvents

  WSAStartup

  ioctlsocket

  __WSAFDIsSet

  select

  bind

  socket

  listen

  htons

  accept

  gethostbyname

  getpeername

  getsockname

  getservbyname

  WSADuplicateSocketW

  WSASocketW

  gethostbyaddr

  getservbyport

  ntohs

  WSAConnect

  recv

  send

  WSASetLastError

  closesocket

  getsockopt

  WSAGetLastError

  comctl32

  ImageList_Draw

  CreatePropertySheetPageW

  PropertySheetW

  ImageList_ReplaceIcon

  ord17

  ImageList_Create

  ImageList_Destroy

  InitCommonControlsEx

  _TrackMouseEvent

  imm32

  ImmSetOpenStatus

  ImmGetContext

  ImmGetVirtualKey

  kernel32

  OutputDebugStringW

  ResetEvent

  Sleep

  GetCurrentDirectoryW

  CloseHandle

  SetEvent

  GetLastError

  CreateEventW

  GetModuleHandleW

  WriteFile

  DuplicateHandle

  GetCurrentProcess

  CreatePipe

  SetErrorMode

  GetDiskFreeSpaceW

  GetDiskFreeSpaceExW

  GetVolumeInformationW

  GetDriveTypeW

  SetEnvironmentVariableA

  CompareStringW

  CompareStringA

  WriteConsoleW

  GetConsoleOutputCP

  WriteConsoleA

  FlushFileBuffers

  SetEndOfFile

  GetStringTypeW

  GetStringTypeA

  GetLocaleInfoA

  GetConsoleMode

  GetConsoleCP

  GetTimeZoneInformation

  VirtualAlloc

  LCMapStringW

  FindClose

  FindFirstFileA

  GetFileAttributesA

  GetLogicalDrives

  ReadFile

  MoveFileW

  GetFileAttributesW

  LCMapStringA

  VirtualFree

  HeapCreate

  TlsAlloc

  TlsGetValue

  TlsSetValue

  InitializeCriticalSection

  DeleteCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  WideCharToMultiByte

  MultiByteToWideChar

  TlsFree

  WaitForMultipleObjects

  GetSystemTimeAsFileTime

  FormatMessageW

  ResumeThread

  CreateThread

  GetThreadTimes

  GetCurrentThread

  GetCurrentThreadId

  WaitForSingleObject

  TerminateThread

  FreeLibrary

  GetProcAddress

  LoadLibraryW

  GetCommandLineW

  SetHandleInformation

  LoadLibraryA

  GetSystemDirectoryA

  GlobalFree

  GlobalUnlock

  GlobalAlloc

  GlobalLock

  GetCurrentProcessId

  GlobalSize

  ExpandEnvironmentStringsW

  CreateFileW

  SetFileAttributesW

  MulDiv

  CancelIo

  GetOverlappedResult

  GetTempFileNameA

  GetTempPathA

  GetComputerNameW

  GetTempFileNameW

  CreateDirectoryW

  GetTempPathW

  GetVersion

  GetFileType

  GetStdHandle

  GetTickCount

  QueryPerformanceCounter

  GlobalMemoryStatus

  GetVersionExW

  GetExitCodeProcess

  TerminateProcess

  CreateProcessW

  GetModuleFileNameW

  AllocConsole

  OpenProcess

  FindFirstFileW

  FindNextFileW

  FindNextFileA

  GetProfileStringW

  ExitProcess

  SetLastError

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  RaiseException

  RtlUnwind

  SetFilePointer

  GetModuleHandleA

  GetCommandLineA

  HeapFree

  GetVersionExA

  HeapAlloc

  GetProcessHeap

  GetStartupInfoA

  GetModuleFileNameA

  GetTimeFormatA

  GetDateFormatA

  DeleteFileA

  DeleteFileW

  HeapReAlloc

  InterlockedIncrement

  InterlockedDecrement

  HeapSize

  GetCPInfo

  GetACP

  GetOEMCP

  IsValidCodePage

  SetHandleCount

  SetStdHandle

  CreateFileA

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  HeapDestroy

  user32

  GetAsyncKeyState

  SetWindowTextW

  UpdateWindow

  SendMessageW

  SetForegroundWindow

  ShowWindow

  FindWindowW

  IsIconic

  MsgWaitForMultipleObjects

  PeekMessageW

  CloseClipboard

  SetClipboardData

  EmptyClipboard

  OpenClipboard

  SetActiveWindow

  RegisterClipboardFormatW

  GetFocus

  PostMessageW

  GetScrollInfo

  CreatePopupMenu

  DestroyMenu

  GetMessagePos

  InflateRect

  mouse_event

  GetKeyboardState

  GetUserObjectInformationW

  GetProcessWindowStation

  GetDesktopWindow

  MessageBoxW

  WaitForInputIdle

  keybd_event

  MapVirtualKeyW

  ToAsciiEx

  ToUnicodeEx

  VkKeyScanExA

  VkKeyScanExW

  ReleaseDC

  GetDC

  GetWindowDC

  CallNextHookEx

  GetForegroundWindow

  SetWindowsHookExW

  UnhookWindowsHookEx

  IsRectEmpty

  ChangeDisplaySettingsW

  ClientToScreen

  RegisterWindowMessageW

  GetWindowThreadProcessId

  GetClassNameW

  CloseDesktop

  EnumDesktopWindows

  OpenDesktopW

  EnumDesktopsW

  UnregisterClassW

  RegisterClassW

  CheckMenuItem

  GetMenuState

  InsertMenuItemW

  GetMenuItemCount

  SetMenuItemInfoW

  DeleteMenu

  DialogBoxParamW

  IsDialogMessageW

  CreateDialogParamW

  EndDialog

  IsWindowEnabled

  RegisterClassExW

  LoadBitmapW

  SetCapture

  SetClipboardViewer

  GetClipboardOwner

  SendMessageTimeoutW

  CallWindowProcW

  SetParent

  DrawFocusRect

  DrawTextW

  GetNextDlgTabItem

  GetParent

  GetKeyState

  GetWindowInfo

  CreateWindowExA

  GetMessageTime

  OffsetRect

  SetWindowRgn

  IsZoomed

  GetIconInfo

  GetClipboardData

  GetUpdateRect

  ValidateRect

  GetKeyboardLayout

  ScreenToClient

  MessageBeep

  SetWindowPos

  GetDlgItem

  SetFocus

  GetWindowRect

  SetWindowLongW

  FillRect

  GetSysColorBrush

  EnumDisplaySettingsW

  ChangeClipboardChain

  GetMessageW

  EnableWindow

  DestroyIcon

  DrawIconEx

  PostThreadMessageW

  CreateWindowExW

  DestroyWindow

  GetComboBoxInfo

  LoadImageW

  IsWindowVisible

  ScrollWindowEx

  GetClientRect

  ShowCursor

  SetScrollInfo

  GetSystemMetrics

  AdjustWindowRectEx

  SetRect

  GetWindowLongW

  ReleaseCapture

  SystemParametersInfoW

  InvalidateRect

  SetTimer

  KillTimer

  TranslateMessage

  DispatchMessageW

  LoadMenuW

  GetSubMenu

  SetMenuDefaultItem

  GetCursorPos

  TrackPopupMenu

  PostQuitMessage

  GetSystemMenu

  AppendMenuW

  EnableMenuItem

  DefWindowProcW

  AdjustWindowRect

  LoadCursorW

  SetCursor

  LoadIconW

  BeginPaint

  EndPaint

  gdi32

  SelectObject

  StartPage

  ResetDCW

  EndDoc

  StretchDIBits

  GetDeviceCaps

  CreateCompatibleBitmap

  Rectangle

  SetTextColor

  StartDocW

  CreatePen

  CreateBrushIndirect

  SetBkColor

  MoveToEx

  LineTo

  EndPage

  GetObjectW

  CreateRectRgnIndirect

  GetCurrentObject

  GetTextExtentPoint32W

  GetDIBits

  CreateDCW

  CreateCompatibleDC

  DeleteDC

  CreateDIBSection

  SetDIBColorTable

  CreateRectRgn

  DeleteObject

  RealizePalette

  SelectPalette

  CombineRgn

  SetRectRgn

  CreatePalette

  SetPaletteEntries

  GetRegionData

  BitBlt

  OffsetRgn

  GetRandomRgn

  StretchBlt

  SetBrushOrgEx

  SetStretchBltMode

  GetStockObject

  CreateFontIndirectW

  comdlg32

  CommDlgExtendedError

  GetOpenFileNameW

  GetSaveFileNameW

  shell32

  ShellExecuteW

  SHGetDesktopFolder

  SHBrowseForFolderW

  SHAppBarMessage

  SHGetMalloc

  Shell_NotifyIconW

  SHAddToRecentDocs

  SHGetFileInfoW

  version

  GetFileVersionInfoW

  GetFileVersionInfoSizeW

  VerQueryValueW

  oleacc

  AccessibleObjectFromWindow

  LresultFromObject

  winspool.drv

  DeviceCapabilitiesW

  GetPrinterW

  DocumentPropertiesW

  OpenPrinterW

  ClosePrinter

  advapi32

  CryptGenRandom

  CryptReleaseContext

  CryptAcquireContextW

  DeregisterEventSource

  ReportEventW

  RegisterEventSourceW

  RegCloseKey

  RegDeleteValueW

  RegNotifyChangeKeyValue

  RegSetValueExW

  RegEnumValueW

  RegQueryInfoKeyW

  RegQueryValueExW

  RegOpenKeyExW

  RegCreateKeyExW

  CreateProcessAsUserW

  OpenProcessToken

  RevertToSelf

  GetUserNameW

  ImpersonateLoggedOnUser

  EqualSid

  CopySid

  GetLengthSid

  GetTokenInformation

  AllocateAndInitializeSid

  FreeSid

  IsValidSid

  ole32

  OleInitialize

  OleUninitialize

  CoInitialize

  CoUninitialize

  CoCreateInstance

  CoMarshalInterThreadInterfaceInStream

  CoGetInterfaceAndReleaseStream

  CoTaskMemAlloc

  CoTaskMemFree

  ReleaseStgMedium

  OleSetClipboard

  OleGetClipboard

  oleaut32

  SysAllocString

  SysAllocStringLen

  Sections

  .text

  Size: 1.0MB - Virtual size: 1.0MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 236KB - Virtual size: 232KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 36KB - Virtual size: 56KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 564KB - Virtual size: 563KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 76KB - Virtual size: 73KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ