RogueKiller32[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

RogueKiller32.exe
Size

26.4MB
MD5

4561db853024de00aa8aa7ee6e1380d8
SHA1

9e508003e0dde725ea8451851e54736ca99496e6
SHA256

edff56114b7a1aada29a776bcbb8b4fcd125bde89bdcb9c3055febc7a829552f
SHA512

60dcfa7beec12315843f8d8f9fa0b7ccf76761c71e5e91f5d6696b69acd2acce82e5369b5af73262b5f879664c7ee2ce107cf9bd47dea81db337c652923ab27b
SSDEEP

393216:znd5cncIUAsrqKnoof7tNeKwKORCGxOHerJsv6tWKFdu9Cf9CdZWSMrNp4nn+rJ5:55+5U1qKnoqt6CGkdZWSMrNp4nO

Score

1^/10

Malware Config

Signatures

Files

RogueKiller32.exe
.exe windows x86

2315bbe60ea01f2b89f6becf7dd4d45a

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

18:39:af:85:74:aa:0e:80:c3:71:d9:80:34:61:dd:7b
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

13/01/2022, 00:00

Not After

12/01/2025, 23:59

Subject

CN=ADLICE,O=ADLICE,ST=Loire-Atlantique,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

f0:0e:14:a2:2f:8a:fa:3e:af:c3:5e:d8:ad:ea:16:c8:93:d8:3f:e0
Signer

Actual PE Digest

f0:0e:14:a2:2f:8a:fa:3e:af:c3:5e:d8:ad:ea:16:c8:93:d8:3f:e0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glPixelStorei
glLineWidth
glPolygonOffset
glReadPixels
glScissor
glStencilFunc
glStencilMask
glStencilOp
glTexImage2D
glTexParameterf
glTexParameterfv
glTexParameteri
glTexParameteriv
glTexSubImage2D
glViewport
glIsTexture
glIsEnabled
glHint
glGetTexParameteriv
glGetTexParameterfv
glGetString
glGetIntegerv
glGetFloatv
glGetError
glGetBooleanv
glGenTextures
glFrontFace
glFlush
glFinish
glEnable
glDrawElements
glDrawArrays
glDisable
glDepthRange
glDepthMask
glDepthFunc
glDeleteTextures
glCullFace
glCopyTexSubImage2D
glCopyTexImage2D
glColorMask
glClearStencil
glClearDepth
glClearColor
glClear
glBlendFunc
glBindTexture

ws2_32

WSAIoctl
getnameinfo
freeaddrinfo
getaddrinfo

winmm

PlaySoundW

netapi32

NetUserGetInfo
NetApiBufferFree

kernel32

GetCurrentThread
ResumeThread
GetModuleFileNameA
GetEnvironmentVariableW
OutputDebugStringA
GetVersionExA
RaiseException
CreateThread
OpenThread
WriteProcessMemory
CreateRemoteThread
Module32FirstW
Module32NextW
InterlockedDecrement
DeviceIoControl
DefineDosDeviceW
QueryDosDeviceW
LocalAlloc
VirtualAlloc
VirtualFree
GetFileInformationByHandle
GetFileType
SetFilePointerEx
lstrcmpiW
lstrlenW
GetDiskFreeSpaceW
IsBadReadPtr
IsBadWritePtr
GetVolumeNameForVolumeMountPointW
GetVolumePathNameW
lstrcmpA
lstrcpyW
SetFilePointer
QueueUserWorkItem
GlobalAlloc
GlobalFree
LoadLibraryExW
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
GetStdHandle
SwitchToFiber
DeleteFiber
CreateFiber
QueryPerformanceCounter
GetSystemTimeAsFileTime
ConvertFiberToThread
ConvertThreadToFiber
LoadLibraryA
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
FormatMessageA
InitializeCriticalSection
SleepEx
QueryPerformanceFrequency
GetSystemDirectoryA
VerifyVersionInfoA
ExpandEnvironmentStringsA
CreateFileMappingA
SwitchToThread
IsValidLanguageGroup
IsValidLocale
GetUserDefaultLangID
CheckRemoteDebuggerPresent
GlobalUnlock
GlobalLock
GlobalSize
CompareStringW
GetUserDefaultLCID
GetLocalTime
SetThreadPriority
GetThreadPriority
WaitForSingleObjectEx
OutputDebugStringW
GetLocaleInfoW
GetCurrencyFormatW
GetUserDefaultUILanguage
GetStartupInfoW
GetLogicalDrives
SetEndOfFile
GetTickCount
FindCloseChangeNotification
FindFirstChangeNotificationW
FindNextChangeNotification
FindFirstFileExW
GetTimeZoneInformation
GetTempFileNameW
GetVolumeInformationW
GetLongPathNameW
GetTempPathW
GetModuleFileNameW
GetDriveTypeW
CloseHandle
OpenProcess
ReadProcessMemory
LockFileEx
UnlockFile
HeapCompact
DeleteFileA
FlushViewOfFile
GetFileAttributesA
GetDiskFreeSpaceA
GetTempPathA
HeapValidate
UnlockFileEx
LockFile
AreFileApisANSI
VirtualQueryEx
CreateFileA
GetFileSize
HeapCreate
CreateMutexA
HeapDestroy
InterlockedIncrement
FindResourceW
SizeofResource
LoadResource
LockResource
GetFileSizeEx
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
WriteConsoleW
SetEnvironmentVariableA
HeapSize
EnumSystemLocalesW
GetACP
HeapReAlloc
GetConsoleCP
SetStdHandle
GetFullPathNameA
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
SetConsoleCtrlHandler
InterlockedPushEntrySList
IsDebuggerPresent
InitializeSListHead
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetCPInfo
DecodePointer
EncodePointer
GetStringTypeW
CreateFileMappingW
GetGeoInfoW
UnmapViewOfFile
MapViewOfFile
CreateMutexW
ReleaseMutex
GetThreadLocale
GetProcessHeap
HeapFree
HeapAlloc
GetVersionExW
VerSetConditionMask
CancelIo
WaitNamedPipeW
CreateNamedPipeW
PeekNamedPipe
SetNamedPipeHandleState
DisconnectNamedPipe
ConnectNamedPipe
SetHandleInformation
FlushFileBuffers
ReadFile
WriteFile
GetOverlappedResult
GetModuleHandleW
GetUserGeoID
MoveFileExW
MoveFileW
CopyFileW
FindNextFileW
FindFirstFileW
DeleteFileW
GetFileAttributesExW
GetFileAttributesW
SetFileAttributesW
CreateFileW
RemoveDirectoryW
CreateDirectoryW
GetFileTime
FindClose
GetFullPathNameW
ExpandEnvironmentStringsW
GetShortPathNameW
CreateEventW
WaitForMultipleObjects
ResetEvent
SetEvent
Thread32Next
Thread32First
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
TerminateJobObject
AssignProcessToJobObject
CreateJobObjectW
CreateProcessW
DuplicateHandle
WaitForSingleObject
SetLastError
TerminateThread
GetProcessId
GetExitCodeProcess
TerminateProcess
GetProcessTimes
GetComputerNameW
GetCurrentDirectoryW
GetSystemDirectoryW
FormatMessageW
GetSystemTimes
GetSystemInfo
Sleep
SetErrorMode
GetCurrentProcessId
GetCurrentProcess
GetCommandLineW
LocalFree
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryW
GetLastError
FreeLibrary
DeleteCriticalSection
TryEnterCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
GetDateFormatW
GetTimeFormatW
CompareFileTime
FileTimeToSystemTime
SystemTimeToFileTime
TzSpecificLocalTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetSystemTime
ExitProcess
GetModuleHandleA
GetConsoleWindow
lstrcmpW
LCMapStringW

user32

GetDesktopWindow
SetWindowLongW
SetParent
DestroyCursor
GetAncestor
GetKeyboardLayoutList
UnregisterClassW
GetClassInfoW
RegisterClassExW
GetFocus
GetClientRect
GetCursorPos
ChildWindowFromPointEx
GetSysColorBrush
LoadImageW
GetMonitorInfoW
EnumDisplayMonitors
RegisterClassW
NotifyWinEvent
GetWindowLongW
GetClipboardFormatNameW
SetCursorPos
GetCursor
LoadCursorW
CreateCursor
GetCursorInfo
TrackMouseEvent
GetMessageExtraInfo
GetWindowTextW
RealGetWindowClassW
TranslateMessage
DispatchMessageW
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetTimer
KillTimer
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
CharNextExA
CreateWindowExW
DefWindowProcW
SendMessageW
RegisterWindowMessageW
EnableMenuItem
GetSystemMenu
GetIconInfo
ScreenToClient
ClientToScreen
DrawIconEx
GetDC
ReleaseDC
SetCursor
AdjustWindowRectEx
GetWindowRect
SetWindowTextW
GetParent
LoadIconW
SetClipboardViewer
ChangeClipboardChain
RegisterClipboardFormatW
GetAsyncKeyState
GetKeyboardLayout
GetClassNameW
EnumChildWindows
CharNextW
DestroyWindow
GetSystemMetrics
GetWindowThreadProcessId
DestroyIcon
GetSysColor
SystemParametersInfoW
SetWindowRgn
MessageBoxW
CreateIconIndirect
ExitWindowsEx
PostMessageW
ShowWindow
EnumWindows
GetProcessWindowStation
GetUserObjectInformationW
SendMessageA
FindWindowA
GetDoubleClickTime
CreateCaret
GetCaretBlinkTime
MessageBeep
IsChild
FlashWindowEx
MoveWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
IsWindowVisible
IsIconic
SetFocus
GetCapture
SetCapture
ReleaseCapture
GetForegroundWindow
DestroyCaret
HideCaret
SetCaretPos
PeekMessageW
IsZoomed
GetKeyState
GetKeyboardState
ToAscii
ToUnicode
MapVirtualKeyW
GetMenu
GetUpdateRect
EndPaint
BeginPaint
SetForegroundWindow
TrackPopupMenuEx
SetMenuItemInfoW
InvalidateRect

gdi32

DeleteObject
DeleteDC
CreateCompatibleDC
AddFontResourceExW
RemoveFontResourceExW
AddFontMemResourceEx
RemoveFontMemResourceEx
GetTextMetricsW
GetTextFaceW
ChoosePixelFormat
DescribePixelFormat
GetDIBits
SetPixelFormat
SwapBuffers
GetBitmapBits
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetGlyphOutlineW
GetOutlineTextMetricsW
GetCharABCWidthsI
SetBkMode
SetTextColor
SetTextAlign
SetWorldTransform
SelectObject
CreateDIBSection
CombineRgn
CreateRectRgn
GetRegionData
SelectClipRgn
GdiFlush
CreateBitmap
GetObjectW
BitBlt
OffsetRgn
GetDeviceCaps
CreateCompatibleBitmap
CreateDCW
EnumFontFamiliesExW
CreateFontIndirectW
GetFontData
GetPixelFormat
GetStockObject
ExtTextOutW
GetTextExtentPoint32W
SetGraphicsMode

shell32

Shell_NotifyIconW
CommandLineToArgvW
SHGetMalloc
ShellExecuteExW
ord51
SHGetFolderPathW
SHGetFileInfoW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderPathW
ShellExecuteW

ole32

StringFromCLSID
CoTaskMemRealloc
StringFromGUID2
CoCreateGuid
CoTaskMemFree
CoUninitialize
CoInitializeEx
CoInitializeSecurity
CoCreateInstance
CoSetProxyBlanket
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleInitialize
OleUninitialize
CoInitialize
OleSetClipboard
OleGetClipboard
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
ReleaseStgMedium
CoGetMalloc
CoTaskMemAlloc

oleaut32

VarUI4FromStr
SystemTimeToVariantTime
VariantChangeType
SysAllocStringLen
VariantClear
VariantInit
SysStringLen
SysFreeString
SysAllocString

advapi32

SetServiceObjectSecurity
QueryServiceStatusEx
QueryServiceStatus
QueryServiceConfig2W
QueryServiceConfigW
OpenServiceW
OpenSCManagerW
EnumServicesStatusW
EnumDependentServicesW
DeleteService
CreateServiceW
ControlService
CloseServiceHandle
ChangeServiceConfig2W
ChangeServiceConfigW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
ReportEventW
RegisterEventSourceW
DeregisterEventSource
DuplicateTokenEx
CreateProcessAsUserW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
StartServiceW
DuplicateToken
GetUserNameW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
GetTokenInformation
IsValidSid
GetLengthSid
CopySid
GetNamedSecurityInfoW
GetExplicitEntriesFromAclW
SetNamedSecurityInfoW
LookupAccountSidW
LookupAccountNameW
ConvertSidToStringSidW
ConvertStringSidToSidW
AllocateAndInitializeSid
FreeSid
InitializeAcl
InitializeSecurityDescriptor
IsValidSecurityDescriptor
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner
CheckTokenMembership
SetEntriesInAclW
GetAce
RegGetKeySecurity
RegSetKeySecurity
GetSecurityInfo
LookupPrivilegeValueA
RegFlushKey
CryptGenRandom
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

wininet

InternetGetConnectedState

shlwapi

PathQuoteSpacesW
PathIsNetworkPathW
PathRemoveArgsW
PathRemoveBackslashW
PathRemoveBlanksW
PathRemoveExtensionW
PathRemoveFileSpecW
PathSearchAndQualifyW
PathUnquoteSpacesW
PathUnExpandEnvStringsW
StrFormatByteSizeW
StrDupW
StrCmpIW
PathIsRelativeW
PathIsPrefixW
PathIsDirectoryW
PathGetDriveNumberW
PathGetArgsW
PathFindFileNameW
PathFindExtensionW
PathFileExistsW
PathAppendW
PathAddBackslashW
AssocQueryStringW

psapi

GetProcessImageFileNameW
GetModuleFileNameExW
GetModuleBaseNameW
GetModuleInformation

userenv

UnloadUserProfile
LoadUserProfileW
DestroyEnvironmentBlock
CreateEnvironmentBlock
GetProfilesDirectoryW

ntdll

NtQueryVirtualMemory
RtlUnwind
memcmp
islower
isupper
bsearch
wcsncmp
wcstombs
strpbrk
strtol
atoi
_stricmp
_strnicmp
strtoul
strspn
strcmp
strrchr
strncpy
qsort
NtQuerySystemInformation
NtQueryKey
NtCreateKey
NtSetValueKey
NtDeleteValueKey
NtDeleteKey
NtOpenKey
_wtoi64
strcspn
_wcsicmp
memchr
tolower
isalnum
toupper
isspace
strstr
isdigit
wcsrchr
floor
strchr
ceil
strncmp
memset
memcpy
memmove
wcschr
RtlInitUnicodeString
NtLoadDriver
NtUnloadDriver
wcsstr

wsock32

ntohs
getsockopt
getsockname
WSAStartup
WSACleanup
WSAGetLastError
recv
send
WSASetLastError
inet_ntoa
bind
closesocket
connect
listen
setsockopt
WSAAsyncSelect
gethostname
sendto
recvfrom
htonl
select
__WSAFDIsSet
htons
getpeername
accept
shutdown
socket

mpr

WNetGetConnectionW

wtsapi32

WTSQueryUserToken
WTSFreeMemory
WTSEnumerateSessionsW

crypt32

CryptQueryObject
CryptMsgClose
CryptMsgGetParam
CertCloseStore
CertGetCertificateContextProperty
CertDuplicateCertificateContext
CertEnumCertificatesInStore
CertOpenStore
CryptDecodeObject
CertGetNameStringW
CertNameToStrW
CertFreeCertificateContext
CertFindCertificateInStore

wintrust

WinVerifyTrust
CryptCATAdminAcquireContext
CryptCATAdminReleaseContext
CryptCATAdminReleaseCatalogContext
CryptCATAdminEnumCatalogFromHash
CryptCATAdminCalcHashFromFileHandle
CryptCATCatalogInfoFromContext

imm32

ImmGetVirtualKey
ImmSetCandidateWindow
ImmGetDefaultIMEWnd
ImmGetContext
ImmReleaseContext
ImmAssociateContext
ImmGetCompositionStringW
ImmNotifyIME
ImmSetCompositionWindow

Sections

.text
Size: 13.5MB - Virtual size: 13.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6.2MB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 227KB - Virtual size: 395KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 657KB - Virtual size: 656KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2315bbe60ea01f2b89f6becf7dd4d45a

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

18:39:af:85:74:aa:0e:80:c3:71:d9:80:34:61:dd:7bCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

f0:0e:14:a2:2f:8a:fa:3e:af:c3:5e:d8:ad:ea:16:c8:93:d8:3f:e0Signer

Headers

DLL Characteristics

File Characteristics

Imports

opengl32

ws2_32

winmm

netapi32

kernel32

user32

gdi32

shell32

ole32

oleaut32

advapi32

version

wininet

shlwapi

psapi

userenv

ntdll

wsock32

mpr

wtsapi32

crypt32

wintrust

imm32

Sections

.text Size: 13.5MB - Virtual size: 13.5MB

.rdata Size: 6.2MB - Virtual size: 6.2MB

.data Size: 227KB - Virtual size: 395KB

.qtmetad Size: 1024B - Virtual size: 588B

.tls Size: 512B - Virtual size: 13B

.gfids Size: 1024B - Virtual size: 548B

_RDATA Size: 512B - Virtual size: 292B

.rsrc Size: 5.9MB - Virtual size: 5.9MB

.reloc Size: 657KB - Virtual size: 656KB

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

18:39:af:85:74:aa:0e:80:c3:71:d9:80:34:61:dd:7b
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

f0:0e:14:a2:2f:8a:fa:3e:af:c3:5e:d8:ad:ea:16:c8:93:d8:3f:e0
Signer

.text
Size: 13.5MB - Virtual size: 13.5MB

.rdata
Size: 6.2MB - Virtual size: 6.2MB

.data
Size: 227KB - Virtual size: 395KB

.qtmetad
Size: 1024B - Virtual size: 588B

.tls
Size: 512B - Virtual size: 13B

.gfids
Size: 1024B - Virtual size: 548B

_RDATA
Size: 512B - Virtual size: 292B

.rsrc
Size: 5.9MB - Virtual size: 5.9MB

.reloc
Size: 657KB - Virtual size: 656KB