ArmouryCrate[.]Service[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

ArmouryCrate.Service.exe
Size

373KB
MD5

3e1d3e020c84239379c7665245662c54
SHA1

8d5a63387c52222a90ff27174bc57b13d7fc7da8
SHA256

fa8bedfcdf5128720978d7a4abedf951048c3c6bfa104457bf869a7aafee0e15
SHA512

b439213071bb22065d90afd76872aea94e1cb945795798242b039badf25fc2f3c61d6dac2a0a2bee7499bab32f1122085b8184bc7e04567e55494f0d6a1139ff
SSDEEP

6144:WanbDQKCveEW0AbMuPjRxnWlLHSj9ZtsXjayd6eH9s3impA+xY:WanbUKX1fbrdAHSj9ETZyxpAyY

Score

1^/10

Malware Config

Signatures

Files

ArmouryCrate.Service.exe
.exe windows x64

105dfc611494fe52cbe7700d47f4cffa

Code Sign

0c:98:38:f6:73:f9:b1:cc:e3:95:cf:ab:2b:66:84:e4
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

08/10/2020, 00:00

Not After

12/10/2023, 12:00

Subject

SERIALNUMBER=23638777,CN=ASUSTeK COMPUTER INC.,O=ASUSTeK COMPUTER INC.,L=Beitou District,ST=Taipei City,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09/06/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6f:83:6c:7d:09:e5:2a:ff:d0:34:75:66:c9:de:f3:9a:4a:01:de:91:ba:d7:6a:c4:d8:bf:ee:b5:40:71:99:12
Signer

Actual PE Digest

6f:83:6c:7d:09:e5:2a:ff:d0:34:75:66:c9:de:f3:9a:4a:01:de:91:ba:d7:6a:c4:d8:bf:ee:b5:40:71:99:12

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=23638777,CN=ASUSTeK COMPUTER INC.,O=ASUSTeK COMPUTER INC.,L=Beitou District,ST=Taipei City,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025457

27/07/2022, 06:31
Valid: true

Chain 1

SERIALNUMBER=23638777,CN=ASUSTeK COMPUTER INC.,O=ASUSTeK COMPUTER INC.,L=Beitou District,ST=Taipei City,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025457

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

armourycrate.toolkit

?g_threadOwners@@3PEAV?$unordered_map@KV?$stack@U_ThreadOwner@@V?$deque@U_ThreadOwner@@V?$allocator@U_ThreadOwner@@@std@@@std@@@std@@U?$hash@K@2@U?$equal_to@K@2@V?$allocator@U?$pair@$$CBKV?$stack@U_ThreadOwner@@V?$deque@U_ThreadOwner@@V?$allocator@U_ThreadOwner@@@std@@@std@@@std@@@std@@@2@@std@@EA
?g_pLogCrashParam@@3PEAXEA
?g_cswThreadOwners@@3PEAVCCriticalSectionWrapper@@EA
?LogCrash@@YAXW4_CrashType@@PEAU_EXCEPTION_POINTERS@@@Z
?SetThreadCrashHandlers@@YAXAEBU_GUID@@PEB_W1@Z
?g_fnLogCrash@@3P6AXPEAXKPEAU_EXCEPTION_POINTERS@@AEBU_GUID@@PEB_W3@ZEA

ws2_32

WSAStartup
WSAGetLastError
closesocket
recv
__WSAFDIsSet
select
send
WSASocketW
WSACleanup
setsockopt
htonl
htons
bind
getsockname
ntohs
listen
accept
WSASetLastError

kernel32

GetProcessId
DeleteTimerQueueEx
GetCurrentProcessId
CreateTimerQueueTimer
DeleteTimerQueueTimer
SetConsoleCtrlHandler
GetCommandLineW
GetTickCount
GetModuleHandleW
GetProcessHeap
HeapFree
OpenMutexW
CreateMutexW
RemoveDirectoryW
TerminateThread
AttachConsole
GetSystemDirectoryW
CreatePipe
PeekNamedPipe
GetEnvironmentVariableW
GetFileSizeEx
Sleep
IsDebuggerPresent
IsProcessorFeaturePresent
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
MultiByteToWideChar
GetExitCodeThread
LoadLibraryExW
AddDllDirectory
FindClose
FindNextFileW
FindFirstFileW
AllocConsole
DeleteFileW
FreeLibrary
CreateTimerQueue
CreateProcessW
VerSetConditionMask
WTSGetActiveConsoleSessionId
GetModuleFileNameW
GetProcAddress
Process32FirstW
OutputDebugStringW
Process32NextW
CreateToolhelp32Snapshot
OpenProcess
LocalAlloc
InitializeCriticalSectionEx
TerminateProcess
GetCurrentProcess
CreateDirectoryW
LocalFree
GetFileAttributesW
FlushFileBuffers
WaitNamedPipeW
WriteFile
SetLastError
ResetEvent
WaitForMultipleObjects
GetLastError
DeleteCriticalSection
GetCurrentThreadId
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
TryEnterCriticalSection
SetUnhandledExceptionFilter
OpenThread
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
CloseHandle
ReadFile
GetFileSize
CreateFileW
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringA
LoadLibraryW
lstrcmpA
FileTimeToSystemTime
FileTimeToLocalFileTime
SystemTimeToFileTime
GetExitCodeProcess
VerifyVersionInfoW
HeapAlloc

user32

UnregisterDeviceNotification
RegisterPowerSettingNotification
UnregisterPowerSettingNotification
RegisterDeviceNotificationW
GetUserObjectInformationW
DefWindowProcW
DispatchMessageW
GetProcessWindowStation
CloseWindow
RegisterClassW
CreateWindowExW
GetMessageW
TranslateMessage

advapi32

RegCloseKey
CloseEventLog
NotifyChangeEventLog
ReadEventLogW
GetOldestEventLogRecord
GetNumberOfEventLogRecords
RegNotifyChangeKeyValue
SetFileSecurityW
RegDeleteKeyExW
RegEnumKeyW
DeleteService
QueryServiceStatus
StartServiceW
CreateServiceW
ChangeServiceConfig2W
OpenSCManagerW
CloseServiceHandle
QueryServiceStatusEx
ControlService
OpenServiceW
EnumDependentServicesW
DeregisterEventSource
ReportEventW
RegisterEventSourceW
SetServiceStatus
RegisterServiceCtrlHandlerExW
StartServiceCtrlDispatcherW
RegFlushKey
RegGetValueW
RegDeleteValueW
RegSetKeyValueW
RegDeleteKeyValueW
SetSecurityDescriptorDacl
OpenEventLogW
SetEntriesInAclW
RegCreateKeyExW
ConvertStringSidToSidW
RegEnumKeyExW
RegSetValueExW
InitializeSecurityDescriptor
InitializeAcl
RegOpenKeyExW
CreateProcessAsUserW
GetLengthSid
DuplicateTokenEx
AddAccessAllowedAce
RegQueryValueExW
GetTokenInformation
GetAce
EqualSid
AllocateAndInitializeSid
SetNamedSecurityInfoW
GetNamedSecurityInfoW
DeleteAce
FreeSid
BuildTrusteeWithSidW

shell32

SHGetSpecialFolderPathW
CommandLineToArgvW
SHGetFolderPathW
SHFileOperationW

ole32

CLSIDFromString
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoUninitialize
CoCreateInstance

oleaut32

VariantInit
SysFreeString
SysAllocString
VariantClear

msvcp140

??Bid@locale@std@@QEAA_KXZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
?out@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEB_W1AEAPEB_WPEAD3AEAPEAD@Z
?unshift@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
?_Init@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXXZ
?getloc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEBA?AVlocale@2@XZ
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_function_call@std@@YAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
_Query_perf_frequency
?_Xbad_alloc@std@@YAXXZ
_Query_perf_counter
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA_N_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Syserror_map@std@@YAPEBDH@Z
?_Winerror_message@std@@YAKKPEADK@Z
?_Winerror_map@std@@YAHH@Z
_Remove_dir
_Unlink
_Stat
_Lstat
_Open_dir
_Close_dir
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z

shlwapi

PathFileExistsW
PathAppendW
PathIsDirectoryW
SHDeleteKeyW

wtsapi32

WTSQuerySessionInformationW
WTSQueryUserToken
WTSEnumerateSessionsW
WTSFreeMemory

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

wintrust

WTHelperGetProvCertFromChain
WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
WinVerifyTrust

crypt32

CryptQueryObject
CertFreeCertificateContext
CryptMsgClose
CryptDecodeObject
CertCloseStore
CertFindCertificateInStore
CertGetNameStringW
CryptMsgGetParam

api-ms-win-core-path-l1-1-0

PathCchAppend
PathCchRemoveFileSpec

vcruntime140

_local_unwind
memset
__CxxFrameHandler3
__std_terminate
_set_purecall_handler
__std_exception_destroy
__std_exception_copy
wcsrchr
__std_type_info_compare
__C_specific_handler
_CxxThrowException
memcmp
memcpy
memmove

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_seh_filter_exe
_set_app_type
_invalid_parameter_noinfo_noreturn
_configure_wide_argv
_initialize_wide_environment
_get_wide_winmain_command_line
_initterm
_initterm_e
exit
_exit
_set_abort_behavior
_c_exit
_register_thread_local_exe_atexit_callback
_set_invalid_parameter_handler
_invalid_parameter_noinfo
_errno
_set_new_handler
terminate
signal

api-ms-win-crt-stdio-l1-1-0

fgetwc
__stdio_common_vsscanf
fflush
fputwc
ungetc
ungetwc
__stdio_common_vsnwprintf_s
__stdio_common_vswprintf_s
__stdio_common_vsprintf_s
__p__commode
_set_fmode
_wfsopen
__stdio_common_vfwprintf
_wfopen_s
__stdio_common_vswprintf
fclose
fwrite
fgetpos
_fseeki64
fsetpos
setvbuf
__acrt_iob_func
fgetc

api-ms-win-crt-heap-l1-1-0

_callnewh
realloc
malloc
_set_new_mode
free

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-string-l1-1-0

_wcsicmp
wcsncat_s
wcscpy_s
wcsnlen
tolower
towlower
_stricmp
strnlen
strncpy_s
wcsncpy_s
_wcsnicmp
wcscat_s
wcstok_s

api-ms-win-crt-time-l1-1-0

_time64
wcsftime
_localtime64_s

api-ms-win-crt-convert-l1-1-0

_wtoi

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file

api-ms-win-crt-math-l1-1-0

__setusermatherr

Sections

.text
Size: 189KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

105dfc611494fe52cbe7700d47f4cffa

Code Sign

0c:98:38:f6:73:f9:b1:cc:e3:95:cf:ab:2b:66:84:e4Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0Certificate

Extended Key Usages

Key Usages

6f:83:6c:7d:09:e5:2a:ff:d0:34:75:66:c9:de:f3:9a:4a:01:de:91:ba:d7:6a:c4:d8:bf:ee:b5:40:71:99:12Signer

Signature Validations

Verification

27/07/2022, 06:31 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Imports

armourycrate.toolkit

ws2_32

kernel32

user32

advapi32

shell32

ole32

oleaut32

msvcp140

shlwapi

wtsapi32

userenv

version

wintrust

crypt32

api-ms-win-core-path-l1-1-0

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-math-l1-1-0

Sections

.text Size: 189KB - Virtual size: 188KB

.rdata Size: 88KB - Virtual size: 88KB

.data Size: 4KB - Virtual size: 5KB

.pdata Size: 10KB - Virtual size: 10KB

.rsrc Size: 69KB - Virtual size: 69KB

.reloc Size: 1024B - Virtual size: 592B

0c:98:38:f6:73:f9:b1:cc:e3:95:cf:ab:2b:66:84:e4
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

6f:83:6c:7d:09:e5:2a:ff:d0:34:75:66:c9:de:f3:9a:4a:01:de:91:ba:d7:6a:c4:d8:bf:ee:b5:40:71:99:12
Signer

27/07/2022, 06:31
Valid: true

.text
Size: 189KB - Virtual size: 188KB

.rdata
Size: 88KB - Virtual size: 88KB

.data
Size: 4KB - Virtual size: 5KB

.pdata
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 69KB - Virtual size: 69KB

.reloc
Size: 1024B - Virtual size: 592B