pvz-road-trip[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

pvz-road-trip.zip
Size

101.0MB
MD5

4e72aebc81ee97b27aa78752457d2b36
SHA1

d3e7e4c7bf2423522306b2c126fa290c136aaf1e
SHA256

8e86e10a9b3a48604514c4fab81a68afcc48d1cbcf932255afdc8ca85e33c12d
SHA512

d81436d96d421b71a917944b067969792a7b6ba5f0b64165cd2897bd2d97d33ea884b8e382e65a35b7e24e98f1f85ff25262c6e6c10aa7e2be3fd831022400b8
SSDEEP

1572864:H71hbfI6vv9tRTfUtlfNswiZZAsAieEzpOAws9+ChiNC6+zOXwNbMG2bRfkJeyMZ:b16mrUtHJicsPeEIAXcDNp+yXPtQzS

Score

3^/10

Malware Config

Signatures

Unsigned PE 14 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PvZ Road Trip.exe
unpack001/PvZRT_Data/DRPC.mfx
unpack001/PvZRT_Data/Get.mfx
unpack001/PvZRT_Data/KcBoxA.mfx
unpack001/PvZRT_Data/KcButton.mfx
unpack001/PvZRT_Data/XBOXGamepad.mfx
unpack001/PvZRT_Data/kcfile.mfx
unpack001/PvZRT_Data/kcini.mfx
unpack001/PvZRT_Data/mp3flt.sft
unpack001/PvZRT_Data/oggflt.sft
unpack001/PvZRT_Data/parser.mfx
unpack001/PvZRT_Data/pinball.mvx
unpack001/PvZRT_Data/ultimatefullscreen.mfx
unpack001/PvZRT_Data/waveFlt.sft

Files

pvz-road-trip.zip
.zip
PvZ Road Trip.dat
PvZ Road Trip.exe
.exe windows x86

1c4661ad7d3fc8350c55edf0f712d992

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

winmm

timeBeginPeriod
joyGetDevCapsW
joyGetPosEx
timeEndPeriod

kernel32

WideCharToMultiByte
GlobalAddAtomW
GlobalDeleteAtom
lstrlenW
GetCommandLineW
GetExitCodeProcess
GlobalAlloc
GlobalLock
GlobalUnlock
SetErrorMode
GetCurrentDirectoryW
GlobalFree
LoadLibraryW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
FindNextFileA
FindFirstFileExA
DecodePointer
GetFileType
GetProcessHeap
LCMapStringW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetOEMCP
IsValidCodePage
GetStringTypeW
GetCPInfo
HeapFree
HeapReAlloc
HeapAlloc
GetStdHandle
MultiByteToWideChar
GetModuleHandleExW
ExitProcess
SetEnvironmentVariableW
DeleteFileW
HeapSize
GetACP
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
EncodePointer
RtlUnwind
InitializeSListHead
GetCurrentThreadId
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
QueryPerformanceFrequency
QueryPerformanceCounter
LoadLibraryExA
GetModuleHandleW
VirtualQuery
VirtualProtect
GetSystemInfo
RaiseException
SetCurrentDirectoryW
FindNextFileW
CreateMutexW
WriteFile
GetModuleFileNameW
Sleep
ReleaseMutex
WaitForSingleObject
FindClose
FindFirstFileW
CloseHandle
SetFilePointer
GetLastError
ReadFile
CreateFileW
CreateDirectoryW
GetTempFileNameW
GetTempPathW
WriteConsoleW
RemoveDirectoryW
GetVersionExW
GetLocaleInfoW
FreeLibrary
GetProcAddress
LoadLibraryExW
SetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
GetModuleFileNameA

user32

OffsetRect
DestroyWindow
PostQuitMessage
DrawTextW
FillRect
GetUpdateRect
DefMDIChildProcW
EndPaint
BeginPaint
InflateRect
GetClassNameW
GetDlgItemTextW
SendDlgItemMessageW
EndDialog
GetDlgItem
SetDlgItemTextW
DrawEdge
MapVirtualKeyW
GetInputState
DrawMenuBar
SetMenuInfo
DestroyMenu
LoadMenuIndirectW
GetMenuItemCount
SetWindowPlacement
GetWindowPlacement
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetDesktopWindow
GetSystemMenu
UpdateWindow
GetWindow
RegisterClassW
GetTabbedTextExtentW
ModifyMenuW
GetMenuStringW
DialogBoxIndirectParamW
GetMenuItemID
RegisterClassExW
LoadImageW
LoadIconW
GetMonitorInfoW
MonitorFromWindow
GetSystemMetrics
RedrawWindow
IsIconic
IsDialogMessageW
SetTimer
GetClipboardData
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
IsClipboardFormatAvailable
CheckMenuItem
EnableMenuItem
GetMenu
PtInRect
PostMessageW
InvalidateRect
SetFocus
GetFocus
CallWindowProcW
RemovePropW
SetPropW
SetWindowLongW
GetPropW
MessageBoxW
GetParent
GetActiveWindow
ShowCursor
SetCapture
ReleaseCapture
GetKeyState
GetWindowRect
GetWindowDC
SetCursorPos
ClientToScreen
ScreenToClient
GetCursorPos
LoadStringW
MapWindowPoints
SetWindowPos
IsZoomed
GetWindowLongW
AdjustWindowRectEx
SendMessageW
LockWindowUpdate
ShowWindow
IsWindowVisible
GetClientRect
SetWindowTextW
wsprintfW
IntersectRect
KillTimer
DestroyIcon
GetSubMenu
DeleteMenu
GetMenuState
LoadCursorW
SetCursor
SystemParametersInfoW
GetSysColor
ReleaseDC
CreateIconIndirect
GetDC
MsgWaitForMultipleObjects
DispatchMessageW
TranslateMessage
TranslateMDISysAccel
GetMessageW
PeekMessageW
DialogBoxParamW

gdi32

CreatePalette
SelectPalette
RealizePalette
EnumFontFamiliesExW
GetStockObject
SelectObject
GetTextExtentPointW
GetDeviceCaps
GetObjectW
CreateFontIndirectW
DeleteObject
CreatePen
Rectangle
LineTo
SetBkColor
ExtTextOutW
SetTextColor
SetBkMode
CreateRectRgn
GetClipRgn
ExcludeClipRect
SelectClipRgn
SetDIBits
CreateCompatibleBitmap
CreateSolidBrush
CreateBitmap

comdlg32

GetSaveFileNameW
GetOpenFileNameW

shell32

DragFinish
DragQueryFileW
ShellExecuteExW
DragAcceptFiles

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

.text
Size: 518KB - Virtual size: 517KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 289KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PvZRT_Data/Box2DBackground.mvx
.dll windows x86

3930d016d3e4fc2e19a88c824ffbe391

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-01-2021 00:00

Not After

06-01-2031 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:06:71:9c:4a:1a:31:e2:5f:f2:72:51:72:f1:b6:3c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-11-2020 00:00

Not After

08-01-2023 23:59

Subject

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3c:ff:f4:a7:4f:e4:b9:02:b4:3c:b2:a1:a3:46:44:fb:2a:2d:30:a0
Signer

Actual PE Digest

3c:ff:f4:a7:4f:e4:b9:02:b4:3c:b2:a1:a3:46:44:fb:2a:2d:30:a0

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

25-06-2021 09:19
Valid: true

Chain 1

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
DecodePointer
WriteConsoleW
CloseHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwind
RaiseException
InterlockedFlushSList
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
HeapAlloc
HeapFree
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
WriteFile
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
CreateFileW

user32

MessageBoxW
LoadStringW
LoadIconW

Exports

Exports

CreateMvt
GetMvtID
GetMvtIcon
GetMvtName
GetNumberOfMvts
IsUnicode

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PvZRT_Data/Box2DBase.mfx
.dll windows x86

ea7035d62396d3e0c291684a39c6488b

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-01-2021 00:00

Not After

06-01-2031 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:06:71:9c:4a:1a:31:e2:5f:f2:72:51:72:f1:b6:3c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-11-2020 00:00

Not After

08-01-2023 23:59

Subject

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

81:ac:21:8c:fc:9d:46:dd:1e:5e:28:81:50:b0:fc:83:7a:00:7c:48
Signer

Actual PE Digest

81:ac:21:8c:fc:9d:46:dd:1e:5e:28:81:50:b0:fc:83:7a:00:7c:48

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

25-06-2021 09:19
Valid: true

Chain 1

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mmfs2

ord171
ord153

kernel32

QueryPerformanceCounter
QueryPerformanceFrequency
WriteConsoleW
CloseHandle
SetFilePointerEx
HeapSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RaiseException
RtlUnwind
InterlockedFlushSList
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
CreateFileW
GetACP
HeapFree
HeapAlloc
HeapReAlloc
GetStdHandle
GetFileType
DecodePointer
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode

user32

LoadMenuW
GetMenuStringW
DestroyMenu
LoadStringW

Exports

Exports

ContinueRunObject
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
Free
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetDebugItem
GetDebugTree
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionParam
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetPropCheck
GetPropValue
GetProperties
GetRunObjectDataSize
GetRunObjectInfos
HandleRunObject
Initialize
IsPropEnabled
PauseRunObject
PrepareToWriteObject
ReInitRunObject
SetPropCheck
SetPropValue

Sections

.text
Size: 217KB - Virtual size: 217KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PvZRT_Data/Box2DStatic.mvx
.dll windows x86

2c9b5dbbebc9a70237e1b2365bfbba79

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-01-2021 00:00

Not After

06-01-2031 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:06:71:9c:4a:1a:31:e2:5f:f2:72:51:72:f1:b6:3c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-11-2020 00:00

Not After

08-01-2023 23:59

Subject

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fe:a1:2e:84:c7:8a:ac:98:51:09:65:4b:91:ca:f4:64:a4:18:5e:61
Signer

Actual PE Digest

fe:a1:2e:84:c7:8a:ac:98:51:09:65:4b:91:ca:f4:64:a4:18:5e:61

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

25-06-2021 09:19
Valid: true

Chain 1

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
CloseHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwind
RaiseException
InterlockedFlushSList
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
HeapFree
HeapAlloc
GetACP
GetStdHandle
GetFileType
DecodePointer
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
SetStdHandle
HeapSize
HeapReAlloc
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
WriteConsoleW
CreateFileW

user32

MessageBoxW
LoadStringW
LoadIconW

Exports

Exports

CreateMvt
GetMvtID
GetMvtIcon
GetMvtName
GetNumberOfMvts
IsUnicode

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PvZRT_Data/DRPC.mfx
.dll windows x86

8a06a728754924b33356748e5fdc53ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
GetFileAttributesW
DebugBreak
FreeLibrary
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
LoadLibraryExW
CreateEventW
LockResource
SizeofResource
FindResourceW
CreateDirectoryW
FindClose
FindFirstFileW
FindNextFileW
CopyFileW
CreateThread
WaitForSingleObject
OutputDebugStringA
WideCharToMultiByte
LoadResource
MultiByteToWideChar
WriteConsoleW
lstrlenW
CreateFileW
ReadFile
WriteFile
CloseHandle
GetLastError
PeekNamedPipe
WaitNamedPipeW
GetCurrentProcessId
FormatMessageW
DuplicateHandle
WaitForSingleObjectEx
Sleep
GetCurrentProcess
SwitchToThread
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
GetNativeSystemInfo
QueryPerformanceCounter
QueryPerformanceFrequency
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
GetProcAddress
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
ResetEvent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
CreateTimerQueue
SignalObjectAndWait
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
OutputDebugStringW
GetThreadTimes
FreeLibraryAndExitThread
GetModuleHandleA
GetVersionExW
VirtualAlloc
VirtualProtect
VirtualFree
SetProcessAffinityMask
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
WaitForMultipleObjectsEx
LoadLibraryW
RaiseException
RtlUnwind
HeapSize
ExitThread
ResumeThread
GetModuleHandleExW
ExitProcess
HeapAlloc
HeapFree
GetProcessHeap
GetACP
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetFileType
GetConsoleMode
ReadConsoleW
SetFilePointerEx
SetConsoleCtrlHandler
HeapReAlloc
GetTimeZoneInformation
FindFirstFileExA
FindFirstFileExW
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
FlushFileBuffers
GetConsoleCP
SetStdHandle
SetEndOfFile
RtlCaptureStackBackTrace

user32

CreateMenu
LoadStringW
MessageBoxA
CreatePopupMenu
AppendMenuW

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW

Exports

Exports

ContinueRunObject
CreateFromFile
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
DuplicateObject
EditDebugItem
EditObject
EditParameter
EditProp
EditorDisplay
EndApp
EndFrame
Free
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetDebugItem
GetDebugTree
GetDependencies
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionParam
GetExpressionString
GetExpressionTitle
GetFilters
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetParameterString
GetPropCheck
GetPropCreateParam
GetPropValue
GetProperties
GetRunObjectDataSize
GetRunObjectInfos
GetTextAlignment
GetTextCaps
GetTextClr
GetTextFont
HandleRunObject
InitParameter
Initialize
IsPropEnabled
IsTransparent
LoadObject
LoadRunObject
MakeIconEx
PauseRunObject
PrepareFlexBuild
PrepareToWriteObject
PutObject
ReleasePropCreateParam
ReleaseProperties
RemoveObject
SaveRunObject
SetPropCheck
SetPropValue
SetTextAlignment
SetTextClr
SetTextFont
StartApp
StartFrame
UnloadObject
UpdateEditStructure
UpdateFileNames
UsesFile

Sections

.text
Size: 667KB - Virtual size: 666KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PvZRT_Data/Get.mfx
.dll windows x86

61d29fbd6ac69b706207394c13f96389

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
OutputDebugStringW
MultiByteToWideChar
InterlockedExchange
CreateThread
GetLastError
WaitForSingleObject
Sleep
CloseHandle
InterlockedCompareExchange
CreateTimerQueue
CreateTimerQueueTimer
DeleteTimerQueueTimer
DeleteTimerQueue
WideCharToMultiByte
OutputDebugStringA
DecodePointer
SetEndOfFile
HeapReAlloc
HeapSize
GlobalAlloc
GetFileAttributesW
CreateEventW
FormatMessageW
WriteConsoleW
FlushFileBuffers
SetStdHandle
CreateFileW
GetStringTypeW
SetConsoleCtrlHandler
GetProcessHeap
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileW
FindNextFileA
FindFirstFileExW
FindFirstFileExA
FindClose
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwind
RaiseException
InterlockedPushEntrySList
InterlockedFlushSList
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ReadFile
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetModuleFileNameW
HeapAlloc
HeapFree
GetCurrentThread
GetACP
GetStdHandle
GetFileType
GetConsoleMode
ReadConsoleW
SetFilePointerEx
WriteFile
GetConsoleCP
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
WaitForSingleObjectEx

user32

wsprintfW
MessageBoxW
GetPropW

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysAllocString
SysFreeString

wininet

InternetCanonicalizeUrlW
InternetCrackUrlW
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetReadFile
InternetQueryOptionW
HttpOpenRequestW
HttpAddRequestHeadersW
HttpSendRequestW
HttpQueryInfoA
HttpQueryInfoW
InternetSetOptionW

Exports

Exports

ContinueRunObject
CreateFromFile
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
DuplicateObject
EditDebugItem
EditObject
EditParameter
EditProp
EndApp
EndFrame
Free
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetDebugItem
GetDebugTree
GetDependencies
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionParam
GetExpressionString
GetExpressionTitle
GetFilters
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetParameterString
GetPropCheck
GetPropCreateParam
GetPropValue
GetProperties
GetRunObjectDataSize
GetRunObjectInfos
HandleRunObject
InitParameter
Initialize
IsPropEnabled
IsTransparent
LoadObject
PauseRunObject
PrepareAndroidBuild
PrepareToWriteObject
PutObject
ReleasePropCreateParam
ReleaseProperties
RemoveObject
SetPropCheck
SetPropValue
StartApp
StartFrame
UnloadObject
UpdateEditStructure
UpdateFileNames
UsesFile

Sections

.text
Size: 266KB - Virtual size: 265KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PvZRT_Data/KcArray.mfx
PvZRT_Data/KcBoxA.mfx
.dll windows x86

c2cabe8290915bcd7397e0dbd553cb6e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
GlobalFree
GlobalLock
WriteFile
MultiByteToWideChar
GlobalUnlock
GlobalAlloc
GlobalAddAtomW
GlobalDeleteAtom
ReadFile

user32

GetSysColor
GetActiveWindow
CopyRect
ReleaseCapture
GetCapture
KillTimer
SetPropW
SendMessageW
GetClientRect
CreateWindowExW
LoadStringW
RemovePropW
DestroyWindow
EnableMenuItem
GetParent
GetKeyState
GetDC
ReleaseDC
GetCursorPos
ChildWindowFromPoint
SetTimer
LoadCursorW
SetCapture
PostMessageW
CheckMenuItem
GetMessageTime
GetMenu
GetMenuState
GetWindowLongW
GetWindowRect
ScreenToClient
ClientToScreen
GetPropW

gdi32

SetPixel
SelectObject
DeleteObject
CreateCompatibleDC
CreateFontIndirectW
CreateCompatibleBitmap
GetDIBits
GetDeviceCaps
DeleteDC

mmfs2

ord585
ord493
ord169
ord541
ord476
ord724
ord520
ord343
ord756
ord620
ord762
ord170
ord286
ord1029
ord679
ord372
ord753
ord445
ord355
ord1076
ord1075
ord1072
ord34
ord39
ord50
ord176
ord24
ord18
ord47
ord1068
ord443
ord264

comctl32

ord17

msvcrt

calloc
realloc
malloc
??3@YAXPAX@Z
??2@YAPAXI@Z
_ftol
wcslen
wcscpy
wcscmp
_initterm
_adjust_fdiv
free

Exports

Exports

ContinueRunObject
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
EditorDisplay
EndApp
EndFrame
EnumElts
Free
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetRunObjectDataSize
GetRunObjectFont
GetRunObjectInfos
GetRunObjectTextColor
GetTextAlignment
GetTextCaps
GetTextClr
GetTextFont
HandleRunObject
Initialize
LoadRunObject
MakeIconEx
PauseRunObject
ReInitRunObject
SaveRunObject
SelectPopup
SetEditSize
SetRunObjectFont
SetRunObjectTextColor
SetTextAlignment
SetTextClr
SetTextFont
StartApp
StartFrame
UpdateEditStructure
WToA
WindowProc

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PvZRT_Data/KcButton.mfx
.dll windows x86

79f391906f526c5900e0665d2a0a04f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
GlobalLock
MultiByteToWideChar
GlobalUnlock
GlobalAlloc
ReadFile
WriteFile
GlobalFindAtomW
FreeLibrary
LoadLibraryW
GetProcAddress
TlsFree
TlsGetValue
TlsSetValue
TlsAlloc

user32

GetMessagePos
KillTimer
CallWindowProcW
GetPropW
SetTimer
InvalidateRect
GetClientRect
PostMessageW
EndPaint
IsWindowEnabled
SendMessageW
GetWindowTextW
GetWindowRect
BeginPaint
MapWindowPoints
GetParent
CreateWindowExW
DestroyWindow
EnableWindow
EnableMenuItem
GetWindowTextLengthW
IsWindowVisible
CheckMenuItem
DrawFrameControl
CopyRect
DrawTextW
OffsetRect
GetSysColor
SetWindowRgn
SetWindowTextW
SetWindowPos
ShowWindow
UpdateWindow
IsWindow
GetMenu
GetMenuState
ScreenToClient
SetWindowLongW

gdi32

SelectObject
RealizePalette
SelectPalette
CreateSolidBrush
CreateFontIndirectW
DeleteObject
StretchDIBits
DeleteDC
GetDIBits
CreateCompatibleDC
CreateCompatibleBitmap
CombineRgn
CreateRectRgn
OffsetRgn
ExtCreateRegion
SetTextColor
SetBkMode
GetStockObject
BitBlt

mmfs2

ord490
ord28
ord153
ord47
ord17
ord16
ord50
ord170
ord756
ord445
ord753
ord571
ord1062
ord179
ord554
ord264
ord169
ord585
ord520
ord30
ord489
ord172
ord372
ord1058
ord343
ord710
ord286
ord373

msvcrt

calloc
free
wcscpy
wcslen
malloc
_ftol
realloc
wcscmp
__dllonexit
_onexit
_initterm
_adjust_fdiv

Exports

Exports

ContinueRunObject
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
EditObject
EditProp
EditorDisplay
EnumElts
ExportTexts
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetPropCheck
GetPropValue
GetProperties
GetRunObjectDataSize
GetRunObjectFont
GetRunObjectInfos
GetRunObjectTextColor
GetTextCaps
GetTextFont
HandleRunObject
ImportTexts
Initialize
IsPropEnabled
LoadRunObject
MakeIconEx
PauseRunObject
ReInitRunObject
SaveRunObject
SetEditSize
SetPropCheck
SetPropValue
SetRunObjectFont
SetRunObjectTextColor
SetTextFont
UpdateEditStructure
WindowProc

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PvZRT_Data/Layer.mfx
.dll windows x86

d82a75f35f09c2900baf6b3b35d9f046

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:06:71:9c:4a:1a:31:e2:5f:f2:72:51:72:f1:b6:3c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-11-2020 00:00

Not After

08-01-2023 23:59

Subject

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:8a:24:5a:10:9c:fd:93:ad:2b:21:bd:9e:ef:24:78:9f:1f:d3:91
Signer

Actual PE Digest

52:8a:24:5a:10:9c:fd:93:ad:2b:21:bd:9e:ef:24:78:9f:1f:d3:91

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

20-12-2020 17:20
Valid: true

Chain 1

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mmfs2

ord1036
ord1048
ord945
ord76

kernel32

WriteFile
CloseHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RaiseException
RtlUnwind
InterlockedFlushSList
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
CreateFileW
HeapAlloc
HeapFree
GetACP
GetStdHandle
GetFileType
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
SetStdHandle
HeapSize
HeapReAlloc
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
DecodePointer
WriteConsoleW

Exports

Exports

ContinueRunObject
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
EndApp
EndFrame
Free
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionParam
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetRunObjectDataSize
GetRunObjectInfos
GetTextAlignment
GetTextCaps
GetTextClr
GetTextFont
HandleRunObject
Initialize
PauseRunObject
SelectPopup
SetTextAlignment
SetTextClr
SetTextFont
StartApp
StartFrame
UpdateEditStructure

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PvZRT_Data/XBOXGamepad.mfx
.dll windows x86

e73265456aeb06307ef402609b770938

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryW
DecodePointer
WriteConsoleW
CloseHandle
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
RaiseException
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
LCMapStringW
HeapAlloc
HeapFree
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
WriteFile
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
CreateFileW

user32

GetMenuStringW
LoadMenuW
DestroyMenu
LoadStringW

Exports

Exports

ContinueRunObject
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
Free
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionParam
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetPropCheck
GetProperties
GetRunObjectDataSize
GetRunObjectInfos
HandleRunObject
Initialize
PauseRunObject
PrepareToWriteObject
ReInitRunObject
SetPropCheck

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PvZRT_Data/kcclock.mfx
.dll windows x86

a550e10ba3801239c3310ccaf1727864

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:06:71:9c:4a:1a:31:e2:5f:f2:72:51:72:f1:b6:3c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-11-2020 00:00

Not After

08-01-2023 23:59

Subject

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

46:68:e0:27:8e:bf:41:a0:90:9e:2d:f7:69:d7:1b:62:dd:92:f0:f7
Signer

Actual PE Digest

46:68:e0:27:8e:bf:41:a0:90:9e:2d:f7:69:d7:1b:62:dd:92:f0:f7

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

20-12-2020 17:17
Valid: true

Chain 1

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mmfs2

ord29
ord30
ord28
ord1081
ord48
ord1063
ord1062
ord50
ord78
ord179
ord27
ord1072
ord1068
ord39
ord176
ord37
ord45

kernel32

SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapSize
GetStringTypeW
GetFileType
GlobalAlloc
GlobalLock
GlobalFree
WriteFile
ReadFile
GetLocalTime
SetLocalTime
GetProfileStringW
MultiByteToWideChar
WideCharToMultiByte
GetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
CloseHandle
WriteConsoleW
DecodePointer
GlobalUnlock
DeleteCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
CreateFileW
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RaiseException
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
LCMapStringW
HeapAlloc
HeapFree
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW

user32

SendMessageW
LoadStringW
wsprintfW

gdi32

GetTextExtentPointW
GetStockObject
Ellipse
DeleteObject
CreatePen
SelectObject

Exports

Exports

ContinueRunObject
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
EditProp
EditorDisplay
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetImageInfosRunObject
GetInfos
GetObjInfos
GetObjectRect
GetPropCheck
GetPropCreateParam
GetPropValue
GetProperties
GetRunObjectDataSize
GetRunObjectFont
GetRunObjectInfos
GetRunObjectTextColor
GetTextCaps
GetTextClr
GetTextFont
HandleRunObject
IsPropEnabled
LoadRunObject
PauseRunObject
ReInitRunObject
SaveRunObject
SetEditSize
SetPropCheck
SetPropValue
SetRunObjectFont
SetRunObjectTextColor
SetTextClr
SetTextFont
UpdateEditStructure
WToA

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PvZRT_Data/kcedit.mfx
PvZRT_Data/kcfile.mfx
.dll windows x86

24a4c462ef36770e86c586341f070bd8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

mmfs2

ord433
ord432
ord422
ord419
ord1033
ord425

kernel32

SetEndOfFile
HeapReAlloc
HeapSize
GetTimeZoneInformation
WriteConsoleW
SetFilePointerEx
WriteFile
ReadFile
SetErrorMode
CloseHandle
GetDriveTypeW
GetSystemDirectoryW
GetTempPathW
GetTempFileNameW
GetWindowsDirectoryW
CreateFileW
GetVolumeInformationW
WideCharToMultiByte
FlushFileBuffers
GetStringTypeW
GetProcessHeap
GetLogicalDriveStringsW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
DecodePointer
RaiseException
GetFullPathNameW
DeleteFileW
GetFileAttributesExW
MoveFileExW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
RemoveDirectoryW
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
HeapAlloc
HeapFree
GetACP
GetConsoleMode
ReadConsoleW
GetConsoleCP
CompareStringW
LCMapStringW
SetStdHandle
GetStdHandle
FindClose
FindFirstFileExA
FindNextFileA

user32

wsprintfW
SendMessageW

comdlg32

GetOpenFileNameW
GetSaveFileNameW

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetMalloc

ole32

CoUninitialize
CoInitialize

Exports

Exports

ContinueRunObject
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionParam
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetRunObjectDataSize
GetRunObjectInfos
HandleRunObject
LoadRunObject
PauseRunObject
ReInitRunObject
SaveRunObject
UpdateEditStructure

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PvZRT_Data/kcini.mfx
.dll windows x86

e2787d9a548bd0a3d6305062f94cc683

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
WriteFile
ReadFile
FindClose
OpenFile
GetPrivateProfileStringA
GetPrivateProfileStringW
WritePrivateProfileStringA
WritePrivateProfileStringW
GetWindowsDirectoryW
SetCurrentDirectoryW
GetCurrentDirectoryW
FindFirstFileW
CopyFileW
GetVersionExW
MultiByteToWideChar
WideCharToMultiByte
DecodePointer
WriteConsoleW
CloseHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapSize
GetFileType
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RaiseException
RtlUnwind
InterlockedFlushSList
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
SetEnvironmentVariableW
CreateDirectoryW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetACP
HeapAlloc
HeapFree
GetStringTypeW
LCMapStringW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStdHandle
CreateFileW

user32

wsprintfW

shell32

SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation

Exports

Exports

ContinueRunObject
CreateFromFile
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
EditDebugItem
EditObject
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetDebugItem
GetDebugTree
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionParam
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetPropCheck
GetPropValue
GetProperties
GetRunObjectDataSize
GetRunObjectInfos
HandleRunObject
Initialize
IsPropEnabled
LoadRunObject
PauseRunObject
ReInitRunObject
SaveRunObject
SetPropCheck
SetPropValue
UpdateEditStructure
UpdateFileNames
UsesFile
WToA

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PvZRT_Data/kclist.mfx
PvZRT_Data/mmf2d3d11.dll
.dll windows x86

f202759cfe800e40c17c5513b9dbe690

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:06:71:9c:4a:1a:31:e2:5f:f2:72:51:72:f1:b6:3c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-11-2020 00:00

Not After

08-01-2023 23:59

Subject

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

d6:db:4c:0d:bb:14:0a:5f:59:12:b6:22:3a:71:da:e3:99:e0:5e:d9
Signer

Actual PE Digest

d6:db:4c:0d:bb:14:0a:5f:59:12:b6:22:3a:71:da:e3:99:e0:5e:d9

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

10-09-2022 09:22
Valid: true

Chain 1

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mmfs2

ord1121
ord751
ord624
ord397
ord395
ord919
ord871
ord960
ord936
ord857
ord971
ord904
ord903
ord935
ord908
ord862
ord396
ord946
ord845
ord869
ord1110
ord836
ord838
ord925
ord855
ord912
ord394
ord949
ord889
ord863
ord918
ord879
ord930
ord854
ord915
ord922
ord941
ord924
ord968
ord977
ord987
ord1002
ord928
ord1005
ord1001
ord1015
ord1013
ord1018
ord853
ord921
ord992
ord852
ord993
ord965
ord851
ord961
ord1138
ord860
ord931
ord995
ord978
ord1107
ord1100
ord1137
ord1103
ord1102
ord1112
ord1111
ord868
ord1090
ord966
ord1095
ord873
ord973
ord969
ord947
ord872
ord943
ord1136
ord1109
ord861
ord907
ord962
ord888
ord902
ord887
ord890
ord891
ord892
ord952
ord951
ord950
ord932
ord933
ord934
ord917
ord920
ord939
ord940
ord886
ord938
ord937
ord926
ord874
ord850
ord899
ord898
ord956
ord955
ord699
ord697
ord375
ord610
ord372
ord286
ord264
ord172
ord981
ord870
ord846
ord906
ord877
ord568
ord844
ord1104

d3d11

D3D11CreateDevice

kernel32

DecodePointer
GetStringTypeW
GetFileSizeEx
SetStdHandle
GetConsoleCP
WriteFile
FlushFileBuffers
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetConsoleMode
SetFilePointerEx
HeapSize
GetFileType
GetStdHandle
LCMapStringW
HeapFree
HeapAlloc
HeapReAlloc
GetModuleHandleExW
ExitProcess
RaiseException
RtlUnwind
LoadLibraryW
CreateTimerQueue
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
DuplicateHandle
WriteConsoleW
VirtualProtect
VirtualAlloc
GetVersionExW
LoadLibraryExW
GetModuleHandleA
GetModuleFileNameW
FreeLibraryAndExitThread
FreeLibrary
GetThreadTimes
GetCurrentThread
EncodePointer
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
CreateThread
SignalObjectAndWait
Sleep
InitializeSListHead
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
WaitForSingleObjectEx
ResetEvent
SetEvent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetProcAddress
GetModuleHandleW
GetTickCount
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
CreateEventW
InitializeCriticalSectionAndSpinCount
SetLastError
QueryPerformanceCounter
TryEnterCriticalSection
GetLastError
CloseHandle
CreateFileW
VirtualFree
EnterCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection

user32

OffsetRect
ShowWindow
SetWindowPos
GetWindowRect
GetWindowLongW
GetClientRect
GetParent
SetWindowLongW

gdi32

GetObjectW

Exports

Exports

SEFree
SEFunction
SEGetSIPrototype
SEInitialize

Sections

.text
Size: 313KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PvZRT_Data/mmf2d3d8.dll
.dll windows x86

64b0686318eee36fb6b5e0aeeba27718

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-01-2021 00:00

Not After

06-01-2031 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:06:71:9c:4a:1a:31:e2:5f:f2:72:51:72:f1:b6:3c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-11-2020 00:00

Not After

08-01-2023 23:59

Subject

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fb:80:97:cd:2c:62:ef:b6:15:81:d8:a9:14:ce:d6:f1:9c:dc:58:58
Signer

Actual PE Digest

fb:80:97:cd:2c:62:ef:b6:15:81:d8:a9:14:ce:d6:f1:9c:dc:58:58

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

25-02-2022 07:31
Valid: true

Chain 1

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mmfs2

ord397
ord395
ord751
ord568
ord610
ord286
ord264
ord1112
ord1111
ord1110
ord971
ord969
ord978
ord1095
ord966
ord965
ord1018
ord962
ord961
ord1138
ord960
ord1107
ord956
ord955
ord952
ord951
ord950
ord949
ord977
ord947
ord946
ord903
ord943
ord941
ord940
ord1001
ord396
ord836
ord838
ord925
ord844
ord924
ord968
ord855
ord394
ord981
ord1137
ord1100
ord845
ord846
ord850
ord851
ord852
ord939
ord938
ord937
ord936
ord935
ord1005
ord934
ord1103
ord933
ord932
ord1002
ord931
ord930
ord1109
ord928
ord624
ord926
ord922
ord921
ord920
ord919
ord918
ord1102
ord917
ord995
ord915
ord912
ord993
ord992
ord908
ord907
ord906
ord987
ord904
ord1015
ord902
ord899
ord898
ord892
ord891
ord890
ord889
ord888
ord887
ord886
ord879
ord877
ord1013
ord874
ord973
ord873
ord872
ord871
ord870
ord869
ord1090
ord868
ord1136
ord863
ord862
ord861
ord860
ord857
ord854
ord853

d3d8

Direct3DCreate8

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
DecodePointer
GetStringTypeW
HeapAlloc
GetACP
GetStdHandle
GetModuleFileNameA
GetModuleHandleExW
ExitProcess
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
SetLastError
InterlockedFlushSList
RaiseException
RtlUnwind
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetFileType
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
WriteConsoleW
IsProcessorFeaturePresent
WriteFile
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetProcessHeap
HeapFree
CloseHandle
GetVersionExA
CreateFileW
GetLastError
WideCharToMultiByte
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetCurrentThreadId
MultiByteToWideChar
Sleep

user32

DrawTextW
DrawTextA
GetMonitorInfoA
MonitorFromWindow
SystemParametersInfoA
GetParent
SetWindowLongA
GetWindowLongA
OffsetRect
ShowWindow
ReleaseDC
GetDC
DrawTextExW
GetSystemMetrics
SetWindowPos
GetWindowRect

gdi32

SetBkColor
DeleteDC
CreateDIBSection
CreateCompatibleDC
CreateFontIndirectA
DeleteObject
SetBkMode
SetTextColor
SelectObject
GetObjectA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyA

Exports

Exports

SEFree
SEGetSIPrototype
SEInitialize

Sections

.text
Size: 313KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PvZRT_Data/mmf2d3d9.dll
.dll windows x86

180c83ab59795576d7f7665df0409410

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-01-2021 00:00

Not After

06-01-2031 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:06:71:9c:4a:1a:31:e2:5f:f2:72:51:72:f1:b6:3c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-11-2020 00:00

Not After

08-01-2023 23:59

Subject

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6d:a5:42:2a:28:b7:2e:63:90:45:15:98:c2:b0:35:5b:aa:cc:98:9b
Signer

Actual PE Digest

6d:a5:42:2a:28:b7:2e:63:90:45:15:98:c2:b0:35:5b:aa:cc:98:9b

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

01-03-2022 12:47
Valid: true

Chain 1

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mmfs2

ord397
ord395
ord751
ord568
ord610
ord286
ord264
ord1112
ord1111
ord1110
ord971
ord969
ord978
ord1095
ord966
ord965
ord1018
ord926
ord396
ord836
ord838
ord925
ord844
ord924
ord968
ord855
ord394
ord981
ord1137
ord1100
ord845
ord846
ord850
ord851
ord962
ord961
ord1138
ord960
ord1107
ord956
ord955
ord952
ord951
ord950
ord949
ord977
ord947
ord946
ord903
ord943
ord941
ord940
ord939
ord938
ord937
ord936
ord935
ord1005
ord934
ord1103
ord933
ord932
ord1002
ord931
ord930
ord1109
ord928
ord1001
ord624
ord922
ord921
ord920
ord919
ord918
ord1102
ord917
ord995
ord915
ord912
ord993
ord992
ord908
ord907
ord906
ord987
ord904
ord1015
ord902
ord899
ord898
ord892
ord891
ord890
ord889
ord888
ord887
ord886
ord879
ord877
ord1013
ord874
ord973
ord873
ord872
ord871
ord870
ord869
ord1090
ord868
ord1136
ord863
ord862
ord861
ord860
ord857
ord854
ord853
ord852

d3d9

Direct3DCreate9

kernel32

GetConsoleMode
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
DecodePointer
GetStringTypeW
GetACP
GetModuleFileNameA
GetModuleHandleExW
ExitProcess
LoadLibraryExW
GetStdHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
VirtualQuery
EncodePointer
SetLastError
InterlockedFlushSList
RaiseException
RtlUnwind
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetFileType
GetConsoleCP
FindClose
SetFilePointerEx
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
FlushFileBuffers
WriteConsoleW
HeapSize
HeapReAlloc
FreeLibrary
GetFullPathNameA
HeapFree
GetProcessHeap
HeapAlloc
lstrcmpiA
WriteFile
OutputDebugStringA
UnmapViewOfFile
CloseHandle
CreateFileW
CreateFileA
CreateFileMappingA
GetFileSize
MapViewOfFile
Sleep
MultiByteToWideChar
GetCurrentThreadId
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetVersionExA
WideCharToMultiByte
GetSystemInfo
IsProcessorFeaturePresent
LoadLibraryA
GetModuleHandleA
GetProcAddress
VirtualFree
VirtualAlloc
InterlockedExchange
InterlockedCompareExchange
GetLastError

user32

GetMonitorInfoA
MonitorFromWindow
SystemParametersInfoA
GetParent
SetWindowLongA
GetWindowLongA
OffsetRect
GetWindowRect
ShowWindow
GetDC
GetTabbedTextExtentW
DrawTextExW
GetSystemMetrics
SetWindowPos
ReleaseDC

gdi32

CreateDIBSection
DeleteDC
DeleteObject
GetCharacterPlacementA
GetCharacterPlacementW
SetTextColor
SetBkColor
SetBkMode
GetGlyphOutlineA
GetFontLanguageInfo
CreateFontIndirectA
CreateFontIndirectW
SetTextAlign
SetMapMode
CreateCompatibleDC
ExtTextOutA
MoveToEx
ExtTextOutW
GetTextMetricsA
GetObjectW
GetTextMetricsW
SelectObject
GetObjectA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyA

Exports

Exports

SEFree
SEGetSIPrototype
SEInitialize

Sections

.text
Size: 877KB - Virtual size: 876KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PvZRT_Data/mmfs2.dll
.dll windows x86

fb76a0ebed426f70a384439c25a3c837

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:06:71:9c:4a:1a:31:e2:5f:f2:72:51:72:f1:b6:3c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-11-2020 00:00

Not After

08-01-2023 23:59

Subject

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

ca:53:a9:61:f7:92:d5:68:12:de:7c:8c:00:82:4a:88:ff:05:7a:da
Signer

Actual PE Digest

ca:53:a9:61:f7:92:d5:68:12:de:7c:8c:00:82:4a:88:ff:05:7a:da

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

26-10-2022 16:32
Valid: true

Chain 1

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeSetEvent
timeGetTime
mciSendCommandW
mciSendCommandA
timeKillEvent

ddraw

DirectDrawCreate

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExA
LCMapStringW
DecodePointer
GetProcessHeap
HeapReAlloc
GetACP
GetStdHandle
HeapAlloc
GetModuleHandleExW
ExitProcess
HeapCompact
HeapSize
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
EncodePointer
SetLastError
InterlockedFlushSList
RaiseException
RtlUnwind
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetFileType
GetStringTypeW
SetStdHandle
FlushFileBuffers
GetConsoleCP
GetConsoleMode
GetVersion
InterlockedExchange
LocalFree
LocalAlloc
WriteConsoleW
SetErrorMode
GetCurrentProcessId
FindResourceA
GetSystemInfo
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetCurrentThreadId
FreeResource
CreateFileW
CreateFileA
CloseHandle
SetFilePointerEx
SetFilePointer
ReadFile
WriteFile
GetLastError
GetVersionExW
FindNextFileW
FindNextFileA
FindFirstFileW
FindFirstFileA
LoadLibraryW
LoadLibraryA
FindClose
GetProcAddress
FreeLibrary
GetVersionExA
FindResourceW
LoadResource
LockResource
Sleep
GetModuleFileNameA
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
WideCharToMultiByte
MultiByteToWideChar
HeapFree

user32

GetWindow
SetActiveWindow
RegisterClassExA
RegisterClassA
PeekMessageA
DispatchMessageA
TranslateMessage
ChangeDisplaySettingsA
ClientToScreen
GetClassNameA
GetWindowDC
CreateIconIndirect
IntersectRect
DrawTextExW
DrawTextExA
SetRect
LoadStringW
LoadStringA
SetDlgItemTextW
GetWindowLongA
GetSysColor
ScreenToClient
MessageBoxW
InvalidateRect
SetDlgItemTextA
SetDlgItemInt
GetDlgItem
ShowWindow
DrawEdge
wsprintfW
CopyRect
DrawFocusRect
SendMessageW
DefMDIChildProcW
DefMDIChildProcA
DefFrameProcW
DefFrameProcA
GetClassNameW
GetParent
FillRect
EndPaint
BeginPaint
IsIconic
DefWindowProcW
DefWindowProcA
EnumDisplaySettingsA
LoadCursorA
SetWindowLongW
SetWindowLongA
SetCursor
AdjustWindowRectEx
GetWindowRect
GetClientRect
ReleaseDC
GetDC
SetMenu
GetSystemMetrics
GetKeyboardState
SetWindowPos
DestroyWindow
CreateWindowExW
CreateWindowExA
SendMessageA

gdi32

BitBlt
SetDIBits
SelectClipRgn
IntersectClipRect
GetDIBits
GetClipRgn
DeleteDC
CreateRectRgn
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
ExtTextOutW
ExtTextOutA
GetObjectW
GetObjectA
SetTextAlign
SetTextColor
GetTextAlign
CreateFontIndirectW
StretchBlt
RealizePalette
GetPaletteEntries
CreatePalette
GdiFlush
Polyline
SetROP2
SetBkMode
SetBkColor
SelectObject
Rectangle
GetClipBox
SetPixel
SelectPalette
GetSystemPaletteEntries
GetStockObject
GetPixel
GetDeviceCaps
DeleteObject
CreateFontIndirectA
StretchDIBits
MoveToEx
Polygon
CreateDIBSection
SetDIBColorTable
SetWindowOrgEx
CreateSolidBrush
Ellipse
CreateHalftonePalette
CreatePen
LineTo

comdlg32

GetOpenFileNameW
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameA

dsound

ord1

Sections

.text
Size: 405KB - Virtual size: 405KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PvZRT_Data/mp3flt.sft
.dll windows x86

f4e44e69456f6a20409ba6250920533d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mmfs2

ord259
ord283
ord738

msacm32

acmStreamPrepareHeader
acmStreamClose
acmStreamSize
acmStreamOpen
acmMetrics
acmStreamUnprepareHeader
acmStreamConvert

msvcrt

??3@YAXPAX@Z
__CxxFrameHandler
??2@YAPAXI@Z
free
calloc
_ftol
_initterm
malloc
_adjust_fdiv

Exports

Exports

CanReadFile
CreateFilter
GetFilterExts
GetFilterID
GetFilterName
GetPriority

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 440B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PvZRT_Data/oggflt.sft
.dll windows x86

8c071a971a35f2e806d3d72ab5fda000

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mmfs2

ord259
ord283
ord738

msvcrt

malloc
realloc
memmove
free
memchr
floor
_ftol
calloc
qsort
exit
frexp
ceil
_CIpow
ldexp
_errno
??3@YAXPAX@Z
__CxxFrameHandler
??2@YAPAXI@Z
_initterm
_adjust_fdiv

Exports

Exports

CanReadFile
CreateFilter
GetFilterExts
GetFilterID
GetFilterName

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PvZRT_Data/parser.mfx
.dll windows x86

c288edee36f0d3aea77e86e3112a1a2e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadStringA
LoadMenuA
GetMenuStringA
DestroyMenu

msvcrt

_strlwr
_adjust_fdiv
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
free
tolower
_stricmp
strncmp
_strnicmp
malloc
strncpy
_strupr
strtok
_itoa
_close
_write
_open
_read
realloc
isspace
isalnum
_ltoa
_initterm

Exports

Exports

ContinueRunObject
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
EditObject
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetRunObjectDataSize
GetRunObjectInfos
HandleRunObject
PauseRunObject
ReInitRunObject

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 510B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PvZRT_Data/pinball.mvx
.dll windows x86

ca8eef23eee6f5638768c2df268843f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
ReadFile
RtlUnwind
HeapAlloc
HeapFree
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetProcAddress
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
RaiseException

user32

LoadStringW
LoadIconW

Exports

Exports

CreateMvt
GetMvtID
GetMvtIcon
GetMvtName
GetNumberOfMvts
IsUnicode

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PvZRT_Data/ultimatefullscreen.mfx
.dll windows x86

a1fe34352ff57d72053d98e08e863984

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mmfs2

ord753

user32

ShowWindow
SetWindowPos
GetWindowRect
GetSystemMetrics
IsZoomed

kernel32

IsDebuggerPresent
GetStringTypeW
MultiByteToWideChar
LCMapStringW
IsValidCodePage
HeapAlloc
GetLastError
HeapFree
HeapReAlloc
RtlUnwind
EncodePointer
DecodePointer
GetCurrentThreadId
GetCommandLineA
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
HeapDestroy
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
HeapSize
IsProcessorFeaturePresent
RaiseException
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
GetCPInfo
GetACP
GetOEMCP

Exports

Exports

ContinueRunObject
CreateFromFile
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
DuplicateObject
EditDebugItem
EditObject
EditParameter
EditProp
EditorDisplay
EndApp
EndFrame
Free
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetDebugItem
GetDebugTree
GetDependencies
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionParam
GetExpressionString
GetExpressionTitle
GetFilters
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetParameterString
GetPropCheck
GetPropCreateParam
GetPropValue
GetProperties
GetRegID
GetRunObjectDataSize
GetRunObjectInfos
GetTextAlignment
GetTextCaps
GetTextClr
GetTextFont
HandleRunObject
InitParameter
Initialize
IsPropEnabled
IsTransparent
LoadObject
MakeIconEx
PauseRunObject
PrepareToWriteObject
PutObject
ReleasePropCreateParam
ReleaseProperties
RemoveObject
SetPropCheck
SetPropValue
SetTextAlignment
SetTextClr
SetTextFont
StartApp
StartFrame
UnloadObject
UpdateEditStructure
UpdateFileNames
UsesFile

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PvZRT_Data/waveFlt.sft
.dll windows x86

a37b82eab5fe34efed01d6399d87638b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mmfs2

ord259
ord283
ord738

msvcrt

??3@YAXPAX@Z
__CxxFrameHandler
??2@YAPAXI@Z
malloc
_ftol
free
_initterm
_adjust_fdiv

Exports

Exports

CanReadFile
CreateFilter
GetFilterExts
GetFilterID
GetFilterName

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 583B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c4661ad7d3fc8350c55edf0f712d992

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

winmm

kernel32

user32

gdi32

comdlg32

shell32

Exports

Exports

Sections

.text Size: 518KB - Virtual size: 517KB

.rdata Size: 95KB - Virtual size: 95KB

.data Size: 6KB - Virtual size: 9KB

.rsrc Size: 289KB - Virtual size: 289KB

.reloc Size: 26KB - Virtual size: 25KB

3930d016d3e4fc2e19a88c824ffbe391

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

05:06:71:9c:4a:1a:31:e2:5f:f2:72:51:72:f1:b6:3cCertificate

Extended Key Usages

Key Usages

3c:ff:f4:a7:4f:e4:b9:02:b4:3c:b2:a1:a3:46:44:fb:2a:2d:30:a0Signer

Signature Validations

Verification

25-06-2021 09:19 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 51KB - Virtual size: 51KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 4KB

ea7035d62396d3e0c291684a39c6488b

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

05:06:71:9c:4a:1a:31:e2:5f:f2:72:51:72:f1:b6:3cCertificate

Extended Key Usages

Key Usages

81:ac:21:8c:fc:9d:46:dd:1e:5e:28:81:50:b0:fc:83:7a:00:7c:48Signer

Signature Validations

Verification

25-06-2021 09:19 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

.text
Size: 518KB - Virtual size: 517KB

.rdata
Size: 95KB - Virtual size: 95KB

.data
Size: 6KB - Virtual size: 9KB

.rsrc
Size: 289KB - Virtual size: 289KB

.reloc
Size: 26KB - Virtual size: 25KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

05:06:71:9c:4a:1a:31:e2:5f:f2:72:51:72:f1:b6:3c
Certificate

3c:ff:f4:a7:4f:e4:b9:02:b4:3c:b2:a1:a3:46:44:fb:2a:2d:30:a0
Signer

25-06-2021 09:19
Valid: true

.text
Size: 51KB - Virtual size: 51KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 4KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

05:06:71:9c:4a:1a:31:e2:5f:f2:72:51:72:f1:b6:3c
Certificate

81:ac:21:8c:fc:9d:46:dd:1e:5e:28:81:50:b0:fc:83:7a:00:7c:48
Signer

25-06-2021 09:19
Valid: true

.text
Size: 217KB - Virtual size: 217KB

.rdata
Size: 38KB - Virtual size: 37KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 8KB - Virtual size: 7KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

05:06:71:9c:4a:1a:31:e2:5f:f2:72:51:72:f1:b6:3c
Certificate

fe:a1:2e:84:c7:8a:ac:98:51:09:65:4b:91:ca:f4:64:a4:18:5e:61
Signer

25-06-2021 09:19
Valid: true

.text
Size: 74KB - Virtual size: 74KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 5KB - Virtual size: 4KB

.text
Size: 667KB - Virtual size: 666KB

.rdata
Size: 128KB - Virtual size: 128KB

.data
Size: 18KB - Virtual size: 238KB

.rsrc
Size: 13KB - Virtual size: 12KB

.reloc
Size: 33KB - Virtual size: 33KB