Reflect[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Reflect.exe
Size

5.4MB
MD5

ab4c360cf7ad6e0c82efe9276de01b02
SHA1

dbcba264bcb1a5ab85215d95ae7e48654fa65e72
SHA256

4df64b999f0bbc820213baf1f289e44f966f2fd6792315d55ccf2fb22dc1831f
SHA512

e3ac999f53f49374a5c38d80bed9b72e2919feb1904e5a171634845ce34b0f8ffb5325f6562456440db9e8e1114aa2b5bacd383ead58c6760ab71d85db2c3138
SSDEEP

49152:v/y+yAPLWruNZzf6OO4EV+L+hKSMytc/jgLEkTOa/cGrb/wewE8jq81:vFPLWrsV6OYZhNFt8rq/cGrjwewP51

Score

1^/10

Malware Config

Signatures

Files

Reflect.exe
.exe windows x86

1aca71b7341b9dbcead63ea1678de139

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:a3:9d:c6:65:3a:dd:c1:6f:d0:a7:39
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

31/12/2021, 14:10

Not After

10/02/2025, 13:32

Subject

SERIALNUMBER=02973414,CN=PARAMOUNT SOFTWARE UK LIMITED,O=PARAMOUNT SOFTWARE UK LIMITED,STREET=Unit 13 Lloyd Street North\, Manchester Science Park,L=Manchester,ST=Greater Manchester,C=GB,1.3.6.1.4.1.311.60.2.1.3=#13024742,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

10:5c:f5:6d:1d:cf:10:20:f5:e0:6e:28:82:7d:b4:22:a1:66:b5:01:77:b5:8c:45:b8:a2:2b:18:7d:05:bc:70
Signer

Actual PE Digest

10:5c:f5:6d:1d:cf:10:20:f5:e0:6e:28:82:7d:b4:22:a1:66:b5:01:77:b5:8c:45:b8:a2:2b:18:7d:05:bc:70

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

mpr

WNetOpenEnumW
WNetCancelConnection2W
WNetCloseEnum
WNetGetUniversalNameW
WNetGetUserW
WNetEnumResourceW
WNetGetConnectionW
WNetAddConnection3W

ws2_32

socket
getnameinfo
WSAStringToAddressW
WSAAddressToStringW
WSACleanup
WSAStartup
setsockopt
sendto
inet_ntoa
inet_addr
htons
closesocket

kernel32

QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
VirtualProtect
FreeLibrary
LoadLibraryW
SetEvent
GlobalGetAtomNameW
GlobalFlags
GetSystemDefaultUILanguage
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
InitializeCriticalSection
SetFileTime
LocalFileTimeToFileTime
GetFileTime
lstrcmpiW
UnlockFile
LockFile
GetFullPathNameW
GetFileSize
SuspendThread
SetThreadPriority
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CompareStringW
LoadLibraryA
FreeResource
EncodePointer
MulDiv
GlobalSize
CompareStringA
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GetModuleHandleA
LoadLibraryExW
OpenMutexW
SystemTimeToFileTime
QueryDepthSList
InterlockedPopEntrySList
GetThreadTimes
UnregisterWait
SetThreadAffinityMask
GetProcessAffinityMask
ResetEvent
IsProcessorFeaturePresent
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SignalObjectAndWait
CreateTimerQueue
FreeEnvironmentStringsW
GetEnvironmentStringsW
FindFirstFileExW
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
GetConsoleCP
HeapQueryInformation
SetStdHandle
FreeLibraryAndExitThread
ExitThread
VirtualQuery
GetCommandLineW
GetCommandLineA
ReadConsoleW
GetConsoleMode
WriteConsoleW
GetModuleHandleExW
GetFileType
GetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
LCMapStringW
GetCPInfo
TryEnterCriticalSection
GetExitCodeThread
SwitchToThread
GetStringTypeW
GetUserDefaultLangID
ExitProcess
EnumResourceLanguagesW
EnumResourceNamesW
EnumResourceTypesW
lstrcpynW
OutputDebugStringW
GetSystemInfo
ExpandEnvironmentStringsW
VirtualFree
WaitForSingleObjectEx
TerminateProcess
UnhandledExceptionFilter
DeleteTimerQueueTimer
VirtualAlloc
OutputDebugStringA
UnregisterWaitEx
RegisterWaitForSingleObject
CancelWaitableTimer
SetWaitableTimer
CreateWaitableTimerW
TlsSetValue
TlsGetValue
TlsAlloc
DuplicateHandle
ResumeThread
TerminateThread
GetFileAttributesExW
GlobalFindAtomW
GlobalAddAtomW
MoveFileExW
GetSystemTime
SetLastError
SizeofResource
LockResource
LoadResource
FindResourceW
CloseHandle
CreateMutexW
GetLastError
GetVersionExW
GetModuleFileNameW
SetErrorMode
GetLocalTime
GetACP
DeleteVolumeMountPointW
SetVolumeMountPointW
FindVolumeMountPointClose
FindNextVolumeMountPointW
FindFirstVolumeMountPointW
CompareFileTime
OpenThread
OpenProcess
GetProcessTimes
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetSystemDefaultLCID
GetLocaleInfoA
DeleteFileA
CreateFileA
GetTempFileNameA
GetTempPathA
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileInformationByHandle
GetTempFileNameW
CreateSemaphoreW
WaitForMultipleObjects
ReleaseSemaphore
CreateThread
CopyFileW
GetCurrentThreadId
SetUnhandledExceptionFilter
GetUserDefaultLCID
GetUserDefaultUILanguage
SetThreadLocale
GetThreadLocale
EnumDateFormatsExW
GetDateFormatW
GetTimeFormatW
GetLocaleInfoW
ProcessIdToSessionId
GetThreadPriority
GetFileAttributesW
GetTempPathW
CreateEventW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
VerifyVersionInfoW
VerSetConditionMask
GetProcAddress
WaitForSingleObject
MultiByteToWideChar
GetModuleHandleW
GetVolumePathNamesForVolumeNameW
GetVolumeNameForVolumeMountPointW
FindVolumeClose
FindNextVolumeW
FindFirstVolumeW
DnsHostnameToComputerNameW
GetComputerNameExW
SetPriorityClass
MoveFileW
FindNextFileW
FindFirstFileW
QueryDosDeviceW
RemoveDirectoryW
GetDiskFreeSpaceExW
GetSystemDirectoryW
CreateProcessW
FormatMessageW
FindClose
FlushFileBuffers
Sleep
SetThreadExecutionState
GetCurrentThread
GetCurrentProcessId
LocalFree
LocalAlloc
GlobalFree
GetVersion
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
SetVolumeLabelW
GetDiskFreeSpaceW
SetFileAttributesW
CreateDirectoryW
GetDriveTypeW
lstrlenW
GetProcessHeap
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
HeapFree
WideCharToMultiByte
SetFilePointerEx
SetCurrentDirectoryW
GetCurrentDirectoryW
ReadFile
GetFileSizeEx
SetEndOfFile
WriteFile
GetTickCount
SetFilePointer
DeviceIoControl
GetVolumeInformationW
CreateFileW
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentProcess
GetExitCodeProcess
DeleteFileW
GetWindowsDirectoryW
GetNumaHighestNodeNumber

user32

IntersectRect
IsRectEmpty
GetNextDlgGroupItem
DestroyIcon
SetWindowRgn
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
SetRect
GetMenuItemID
InsertMenuW
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
LockWindowUpdate
GetSubMenu
GetMenuState
GetClassInfoExW
CreatePopupMenu
InsertMenuItemW
GetActiveWindow
UnpackDDElParam
GetParent
IsWindow
IsWindowVisible
GetDesktopWindow
SetActiveWindow
SendMessageW
EnableWindow
GetWindowRect
PostMessageW
LoadImageW
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
LoadIconW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
UpdateWindow
ReuseDDElParam
GetMenuStringW
GetWindow
RegisterWindowMessageW
UnregisterClassW
GetKeyState
CharToOemBuffA
OemToCharBuffA
TranslateMessage
InvalidateRgn
CopyAcceleratorTableW
CharNextW
WindowFromPoint
ReleaseCapture
SetCapture
GetDialogBaseUnits
InflateRect
DestroyMenu
LoadCursorW
GetSysColorBrush
InvalidateRect
RealChildWindowFromPoint
DeleteMenu
CharUpperW
FillRect
ClientToScreen
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
ReleaseDC
GetDC
MapVirtualKeyW
SetCursor
ShowOwnedPopups
GetCursorPos
GetMessageW
MapDialogRect
SetWindowContextHelpId
GetWindowThreadProcessId
KillTimer
SetTimer
WaitMessage
LoadMenuW
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
PostQuitMessage
DispatchMessageW
PeekMessageW
SendMessageTimeoutW
MsgWaitForMultipleObjectsEx
LoadStringW
SystemParametersInfoW
MessageBoxW
GetClipboardData
IsClipboardFormatAvailable
GetFocus
TranslateMDISysAccel
DefFrameProcW
DrawMenuBar
CheckMenuItem
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
RegisterClipboardFormatW
UnionRect
GetSystemMenu
SetParent
PostThreadMessageW
GetWindowLongW
GetDCEx
SetWindowLongA
GetWindowLongA
IsWindowUnicode
SetWindowLongW
GetWindowTextLengthW
SetCursorPos
VkKeyScanExW
GetKeyboardState
GetKeyboardLayoutList
ToUnicodeEx
GetMenuDefaultItem
GetWindowRgn
GetDoubleClickTime
GetTabbedTextExtentA
ShowCaret
HideCaret
GetCursor
DrawEdge
DrawFocusRect
DrawFrameControl
LookupIconIdFromDirectoryEx
GetIconInfo
CreateIconIndirect
CreateIconFromResourceEx
DrawStateW
InvertRect
CopyIcon
DrawIconEx
BeginPaint
EndPaint
ValidateRect
MessageBeep
GetSysColor
GetMenuItemCount
GetMenuItemInfoW
SetMenuItemInfoW
SendDlgItemMessageA
SetRectEmpty
OffsetRect
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
PtInRect
EqualRect
CopyRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
CreateWindowExW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
GetScrollPos
RedrawWindow
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPos
DestroyWindow
IsChild
IsMenu

gdi32

IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateCompatibleDC
BitBlt
PatBlt
CreateRectRgnIndirect
CreateBitmap
GetObjectW
GetDeviceCaps
CreateDCW
ExtTextOutW
SetTextColor
SetBkColor
SelectObject
GetStockObject
SetMapMode
GetLayout
SetStretchBltMode
MoveToEx
TextOutW
PolyBezierTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
SetTextAlign
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
GetTextMetricsW
GetBkColor
GetTextColor
GetRgnBox
CombineRgn
GetMapMode
DPtoLP
Ellipse
CreateDIBSection
EnumFontFamiliesExW
CreateCompatibleBitmap
GetCharWidthW
StretchDIBits
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SetBkMode
LineTo
CreateBrushIndirect
GetBkMode
SetPixel
BeginPath
EndPath
StrokePath
Polygon
GetDIBits
StretchBlt
GetCurrentObject
ExtCreateRegion
GetBitmapBits
GetTextAlign
GetTextExtentPoint32A
CloseFigure
FillPath
StrokeAndFillPath
Polyline
PtInRegion
GetViewportOrgEx
CreatePolygonRgn
GetWindowOrgEx
RoundRect
GetObjectA

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegQueryValueExW
QueryServiceStatus
OpenServiceW
OpenSCManagerW
ControlService
CloseServiceHandle
RegUnLoadKeyW
RegLoadKeyW
LookupPrivilegeValueW
LookupAccountSidW
FreeSid
AllocateAndInitializeSid
AdjustTokenPrivileges
GetTokenInformation
OpenThreadToken
OpenProcessToken
RegQueryInfoKeyW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW
RegSetValueExW
RegEnumValueW
CryptReleaseContext
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextW
SetEntriesInAclW
SetNamedSecurityInfoW
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertStringSidToSidW
DeregisterEventSource
RegisterEventSourceW
ReportEventW
RevertToSelf
SetThreadToken
ImpersonateLoggedOnUser
ImpersonateAnonymousToken
LogonUserW
RegEnumKeyW
RegQueryValueW
StartServiceW
IsTextUnicode

shell32

SHAppBarMessage
DragFinish
DragQueryFileW
ShellExecuteW
ShellExecuteExW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
SHChangeNotify
SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

comctl32

ImageList_GetImageInfo
ImageList_GetIconSize
ImageList_DrawEx
ImageList_ReplaceIcon
ImageList_Add
ImageList_GetImageCount
ImageList_Destroy
_TrackMouseEvent
ImageList_GetIcon
ImageList_AddMasked
ord338
ord332
ord334
ord329
ord328
InitCommonControlsEx
ImageList_Draw

shlwapi

PathCombineW
PathRemoveFileSpecW
PathStripToRootW
PathIsUNCW
UrlUnescapeW
PathFindFileNameW
PathAppendW
PathMatchSpecW
PathFindExtensionW
PathFileExistsW
PathIsNetworkPathW

ole32

CoSetProxyBlanket
CoUninitialize
CLSIDFromString
CoTaskMemFree
StringFromGUID2
CoInitialize
CoInitializeSecurity
CoCreateInstance
CoCreateGuid
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoInitializeEx
OleUninitialize
CoTaskMemAlloc
CLSIDFromProgID
CoDisconnectObject
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleRun
CoFreeUnusedLibraries
OleInitialize

oleaut32

SafeArrayDestroy
SysStringLen
LoadTypeLi
SysAllocStringByteLen
VariantCopy
OleCreateFontIndirect
VariantChangeType
VariantClear
VariantInit
SysStringByteLen
SysAllocStringLen
SysAllocString
GetErrorInfo
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SysFreeString
SystemTimeToVariantTime
OleLoadPicturePath
VariantTimeToSystemTime

oledlg

OleUIAddVerbMenuW
OleUIBusyW

wsock32

WSASetLastError

gdiplus

GdipSetSmoothingMode
GdipGetPathGradientPointCount
GdipSetPathGradientCenterPointI
GdipSetPathGradientSurroundColorsWithCount
GdipSetPathGradientCenterColor
GdipCreatePathGradientFromPath
GdipSetLineBlend
GdipCreateLineBrushI
GdipCreateLineBrush
GdipAddPathEllipseI
GdipDeletePath
GdipCreatePath
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipDeleteStringFormat
GdiplusShutdown
GdipCreateStringFormat
GdipDrawString
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipFillRectangle
GdipSetCompositingQuality
GdipSetCompositingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdiplusStartup
GdipFree
GdipAlloc
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipFillRectangleI
GdipFillPieI
GdipSetPathGradientBlend

cabinet

ord21
ord22
ord14
ord13
ord11
ord10
ord23
ord20

setupapi

CM_Get_Parent
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
CM_Get_Device_IDW

ntdll

NtCreateFile
RtlInitUnicodeString
NtClose

winhttp

WinHttpGetIEProxyConfigForCurrentUser

rpcrt4

UuidCreate

oleacc

LresultFromObject
CreateStdAccessibleObject

wininet

HttpQueryInfoW
HttpEndRequestW
HttpSendRequestExW
HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetCrackUrlW
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetSetOptionW
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetCanonicalizeUrlW

winmm

PlaySoundW

netapi32

NetServerGetInfo
NetShareGetInfo
NetApiBufferFree

iphlpapi

GetBestInterfaceEx
GetAdaptersAddresses
GetIpAddrTable
GetAdaptersInfo
GetTcpTable

dnsapi

DnsFree
DnsQuery_W

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 703KB - Virtual size: 703KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1aca71b7341b9dbcead63ea1678de139

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

0e:a3:9d:c6:65:3a:dd:c1:6f:d0:a7:39Certificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

10:5c:f5:6d:1d:cf:10:20:f5:e0:6e:28:82:7d:b4:22:a1:66:b5:01:77:b5:8c:45:b8:a2:2b:18:7d:05:bc:70Signer

Headers

DLL Characteristics

File Characteristics

Imports

version

mpr

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

wsock32

gdiplus

cabinet

setupapi

ntdll

winhttp

rpcrt4

oleacc

wininet

winmm

netapi32

iphlpapi

dnsapi

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 703KB - Virtual size: 703KB

.data Size: 52KB - Virtual size: 85KB

.rsrc Size: 1.9MB - Virtual size: 1.9MB

.reloc Size: 168KB - Virtual size: 168KB

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

0e:a3:9d:c6:65:3a:dd:c1:6f:d0:a7:39
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

10:5c:f5:6d:1d:cf:10:20:f5:e0:6e:28:82:7d:b4:22:a1:66:b5:01:77:b5:8c:45:b8:a2:2b:18:7d:05:bc:70
Signer

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 703KB - Virtual size: 703KB

.data
Size: 52KB - Virtual size: 85KB

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

.reloc
Size: 168KB - Virtual size: 168KB