Macrium Reflect DLHF[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Macrium Reflect DLHF.exe
Size

5.4MB
MD5

7f969bd72141c2f8dc42dbe6ed67d956
SHA1

129744482f288d9e5fcb8a235fafbd4d0b6df43d
SHA256

b3ba6a64ed9bd25fbf6050c76eac48da74309493db691c5c15111f3ebf2ac0f4
SHA512

0096f5a060fefd3f834a1fbb36433b9db20e283990ba5250bd7cb05555712d28ad1522219889ef6e572384c669f38973ff2a7bca2fd4c67176600bc6fe550256
SSDEEP

49152:9Zf+DYbbRfliHhwFUuZANwsRmzl0kwfqjyaDdLAbiT8lb/wewESRxT0eYu:mixliHhwGgANwGOPwCOrRjwewOu

Score

1^/10

Malware Config

Signatures

Files

Macrium Reflect DLHF.exe
.exe windows x86

5f5462dcedeaf171cdbcda002e897080

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:a3:9d:c6:65:3a:dd:c1:6f:d0:a7:39
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

31/12/2021, 14:10

Not After

10/02/2025, 13:32

Subject

SERIALNUMBER=02973414,CN=PARAMOUNT SOFTWARE UK LIMITED,O=PARAMOUNT SOFTWARE UK LIMITED,STREET=Unit 13 Lloyd Street North\, Manchester Science Park,L=Manchester,ST=Greater Manchester,C=GB,1.3.6.1.4.1.311.60.2.1.3=#13024742,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

68:d0:10:9e:f0:95:fd:5c:b5:20:bd:06:c9:bf:d8:3d:17:9e:21:b1:4f:08:32:b8:94:06:91:8b:b1:3c:fc:fa
Signer

Actual PE Digest

68:d0:10:9e:f0:95:fd:5c:b5:20:bd:06:c9:bf:d8:3d:17:9e:21:b1:4f:08:32:b8:94:06:91:8b:b1:3c:fc:fa

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

mpr

WNetOpenEnumW
WNetCancelConnection2W
WNetCloseEnum
WNetGetUniversalNameW
WNetGetUserW
WNetEnumResourceW
WNetGetConnectionW
WNetAddConnection3W

ws2_32

socket
getnameinfo
WSAStringToAddressW
WSAAddressToStringW
WSACleanup
WSAStartup
setsockopt
sendto
inet_ntoa
inet_addr
htons
closesocket

kernel32

TerminateProcess
IsProcessorFeaturePresent
WaitForSingleObjectEx
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GlobalFlags
GetSystemDefaultUILanguage
ResetEvent
GetThreadPriority
GetFileAttributesW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
InitializeCriticalSection
SetFileTime
LocalFileTimeToFileTime
GetFileTime
lstrcmpiW
UnlockFile
LockFile
GetFullPathNameW
GetFileSize
ReleaseSemaphore
SuspendThread
SetThreadPriority
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CompareStringW
LoadLibraryA
FreeResource
EncodePointer
MulDiv
GlobalSize
CompareStringA
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GetModuleHandleA
LoadLibraryExW
ExpandEnvironmentStringsW
SystemTimeToFileTime
QueryDepthSList
InterlockedPopEntrySList
GetThreadTimes
UnregisterWait
SetThreadAffinityMask
GetTempPathW
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SignalObjectAndWait
CreateTimerQueue
FreeEnvironmentStringsW
GetEnvironmentStringsW
FindFirstFileExW
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
GetConsoleCP
HeapQueryInformation
SetStdHandle
FreeLibraryAndExitThread
ExitThread
VirtualQuery
GetCommandLineW
GetCommandLineA
ReadConsoleW
GetConsoleMode
WriteConsoleW
GetModuleHandleExW
GetFileType
GetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
LCMapStringW
GetCPInfo
TryEnterCriticalSection
GetExitCodeThread
SwitchToThread
GetStringTypeW
GetUserDefaultLangID
ExitProcess
EnumResourceLanguagesW
EnumResourceNamesW
EnumResourceTypesW
lstrcpynW
OutputDebugStringW
GetSystemInfo
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
SetErrorMode
VirtualProtect
GetNumaHighestNodeNumber
OutputDebugStringA
UnregisterWaitEx
RegisterWaitForSingleObject
CancelWaitableTimer
SetWaitableTimer
CreateWaitableTimerW
TlsSetValue
TlsGetValue
TlsAlloc
DuplicateHandle
ResumeThread
TerminateThread
CreateThread
GetFileAttributesExW
GlobalFindAtomW
GlobalAddAtomW
MoveFileExW
GetSystemTime
SetLastError
SizeofResource
LockResource
LoadResource
FindResourceW
CloseHandle
GlobalGetAtomNameW
GetLocalTime
GetACP
DeleteVolumeMountPointW
SetVolumeMountPointW
FindVolumeMountPointClose
FindNextVolumeMountPointW
FindFirstVolumeMountPointW
CompareFileTime
OpenThread
OpenProcess
GetProcessTimes
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetSystemDefaultLCID
GetLocaleInfoA
DeleteFileA
CreateFileA
GetTempFileNameA
GetTempPathA
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileInformationByHandle
GetTempFileNameW
WaitForMultipleObjects
CopyFileW
GetCurrentThreadId
SetUnhandledExceptionFilter
GetUserDefaultLCID
GetUserDefaultUILanguage
SetThreadLocale
GetThreadLocale
EnumDateFormatsExW
GetDateFormatW
GetTimeFormatW
GetLocaleInfoW
ProcessIdToSessionId
GetVolumePathNamesForVolumeNameW
GetVolumeNameForVolumeMountPointW
FindVolumeClose
FindNextVolumeW
FindFirstVolumeW
DnsHostnameToComputerNameW
GetComputerNameExW
CreateEventW
WaitForSingleObject
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
VerifyVersionInfoW
VerSetConditionMask
GetProcAddress
MultiByteToWideChar
GetModuleHandleW
GetModuleFileNameW
GetVersionExW
GetLastError
CreateMutexW
SetPriorityClass
MoveFileW
FindNextFileW
FindFirstFileW
QueryDosDeviceW
RemoveDirectoryW
GetDiskFreeSpaceExW
GetSystemDirectoryW
CreateProcessW
FormatMessageW
FindClose
FlushFileBuffers
Sleep
SetThreadExecutionState
GetCurrentThread
GetCurrentProcessId
LocalFree
LocalAlloc
GlobalFree
GetVersion
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
SetVolumeLabelW
GetDiskFreeSpaceW
SetFileAttributesW
CreateDirectoryW
GetDriveTypeW
lstrlenW
GetProcessHeap
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
HeapFree
WideCharToMultiByte
SetFilePointerEx
SetCurrentDirectoryW
GetCurrentDirectoryW
ReadFile
GetFileSizeEx
SetEndOfFile
WriteFile
GetTickCount
SetFilePointer
DeviceIoControl
GetVolumeInformationW
CreateFileW
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentProcess
GetExitCodeProcess
DeleteFileW
GetWindowsDirectoryW
FreeLibrary
LoadLibraryW
SetEvent
GetProcessAffinityMask

user32

SetRect
IntersectRect
IsRectEmpty
GetNextDlgGroupItem
DestroyIcon
SetWindowRgn
BringWindowToTop
LoadAcceleratorsW
InvalidateRgn
GetMenuItemID
InsertMenuW
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
PostThreadMessageW
GetDCEx
LockWindowUpdate
GetSubMenu
GetMenuState
GetClassInfoExW
TranslateAcceleratorW
CreatePopupMenu
GetActiveWindow
InsertMenuItemW
GetParent
IsWindow
IsWindowVisible
GetDesktopWindow
SetActiveWindow
SendMessageW
EnableWindow
GetWindowRect
PostMessageW
LoadImageW
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
LoadIconW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
UpdateWindow
SetWindowLongW
GetWindow
RegisterWindowMessageW
UnregisterClassW
GetKeyState
CharToOemBuffA
OemToCharBuffA
CopyAcceleratorTableW
CharNextW
WindowFromPoint
ReleaseCapture
SetCapture
GetDialogBaseUnits
InflateRect
DestroyMenu
LoadCursorW
GetSysColorBrush
InvalidateRect
RealChildWindowFromPoint
DeleteMenu
CharUpperW
FillRect
ClientToScreen
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
ReleaseDC
GetDC
MapVirtualKeyW
SetCursor
ShowOwnedPopups
GetCursorPos
GetMessageW
MapDialogRect
SetWindowContextHelpId
GetWindowThreadProcessId
KillTimer
SetTimer
WaitMessage
LoadMenuW
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
PostQuitMessage
TranslateMessage
DispatchMessageW
PeekMessageW
SendMessageTimeoutW
MsgWaitForMultipleObjectsEx
LoadStringW
SystemParametersInfoW
MessageBoxW
GetClipboardData
IsClipboardFormatAvailable
GetFocus
TranslateMDISysAccel
DefFrameProcW
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatW
UnionRect
GetSystemMenu
GetMenuStringW
SetParent
DrawMenuBar
SetWindowLongA
GetWindowLongA
IsWindowUnicode
GetWindowLongW
GetWindowTextLengthW
SetCursorPos
VkKeyScanExW
GetKeyboardState
GetKeyboardLayoutList
ToUnicodeEx
GetMenuDefaultItem
GetWindowRgn
GetDoubleClickTime
GetTabbedTextExtentA
ShowCaret
HideCaret
GetCursor
DrawEdge
DrawFocusRect
DrawFrameControl
LookupIconIdFromDirectoryEx
GetIconInfo
CreateIconIndirect
CreateIconFromResourceEx
DrawStateW
InvertRect
CopyIcon
DrawIconEx
BeginPaint
EndPaint
ValidateRect
MessageBeep
GetSysColor
GetMenuItemCount
GetMenuItemInfoW
SetMenuItemInfoW
SendDlgItemMessageA
SetRectEmpty
OffsetRect
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
PtInRect
EqualRect
CopyRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
CreateWindowExW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
GetScrollPos
RedrawWindow
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPos
DestroyWindow
IsChild
IsMenu

gdi32

GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateCompatibleDC
BitBlt
PatBlt
CreateRectRgnIndirect
CreateBitmap
GetObjectW
GetDeviceCaps
CreateDCW
ExtTextOutW
SetTextColor
SetBkColor
SelectObject
GetStockObject
SetBkMode
SetMapMode
GetLayout
GetPixel
GetViewportExtEx
MoveToEx
TextOutW
PolyBezierTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
GetTextMetricsW
GetBkColor
GetTextColor
GetRgnBox
CombineRgn
GetMapMode
DPtoLP
Ellipse
CreateDIBSection
EnumFontFamiliesExW
CreateCompatibleBitmap
GetCharWidthW
StretchDIBits
SetStretchBltMode
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SetTextAlign
SelectClipRgn
ExtSelectClipRgn
CreateBrushIndirect
GetBkMode
SetPixel
BeginPath
EndPath
StrokePath
Polygon
GetDIBits
StretchBlt
GetCurrentObject
ExtCreateRegion
GetBitmapBits
GetTextAlign
GetTextExtentPoint32A
CloseFigure
FillPath
StrokeAndFillPath
Polyline
PtInRegion
GetViewportOrgEx
CreatePolygonRgn
GetWindowOrgEx
RoundRect
GetObjectA

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegDeleteKeyW
OpenSCManagerW
ControlService
CloseServiceHandle
LookupPrivilegeValueW
LookupAccountSidW
FreeSid
AllocateAndInitializeSid
AdjustTokenPrivileges
GetTokenInformation
OpenThreadToken
OpenProcessToken
RegQueryInfoKeyW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW
RegQueryValueExW
RegEnumKeyExW
RegSetValueExW
RegEnumValueW
CryptReleaseContext
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextW
QueryServiceStatus
StartServiceW
SetEntriesInAclW
SetNamedSecurityInfoW
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertStringSidToSidW
DeregisterEventSource
RegisterEventSourceW
ReportEventW
RevertToSelf
SetThreadToken
ImpersonateLoggedOnUser
LogonUserW
RegEnumKeyW
RegQueryValueW
OpenServiceW
IsTextUnicode

shell32

SHAppBarMessage
DragFinish
DragQueryFileW
ShellExecuteW
ShellExecuteExW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
SHChangeNotify
SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

comctl32

ImageList_GetImageInfo
ImageList_GetIconSize
ImageList_DrawEx
ImageList_ReplaceIcon
ImageList_Add
ImageList_GetImageCount
ImageList_Destroy
_TrackMouseEvent
ImageList_GetIcon
ImageList_AddMasked
ord338
ord332
ord334
ord329
ord328
InitCommonControlsEx
ImageList_Draw

shlwapi

PathCombineW
PathRemoveFileSpecW
PathStripToRootW
PathIsUNCW
UrlUnescapeW
PathFindFileNameW
PathAppendW
PathMatchSpecW
PathFindExtensionW
PathFileExistsW
PathIsNetworkPathW

ole32

CoCreateGuid
CLSIDFromString
CoTaskMemFree
StringFromGUID2
CoInitialize
CoUninitialize
CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity
CoTaskMemAlloc
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoInitializeEx
OleUninitialize
CLSIDFromProgID
CoDisconnectObject
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleRun
CoFreeUnusedLibraries
OleInitialize

oleaut32

SafeArrayDestroy
SysStringLen
LoadTypeLi
SysAllocStringByteLen
VariantCopy
OleCreateFontIndirect
VariantChangeType
VariantClear
VariantInit
SysStringByteLen
SysAllocStringLen
SysAllocString
GetErrorInfo
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SysFreeString
SystemTimeToVariantTime
OleLoadPicturePath
VariantTimeToSystemTime

oledlg

OleUIAddVerbMenuW
OleUIBusyW

wsock32

WSASetLastError

gdiplus

GdipFillPieI
GdipSetSmoothingMode
GdipSetPathGradientBlend
GdipGetPathGradientPointCount
GdipSetPathGradientCenterPointI
GdipSetPathGradientSurroundColorsWithCount
GdipSetPathGradientCenterColor
GdipCreatePathGradientFromPath
GdipSetLineBlend
GdipCreateLineBrushI
GdipCreateLineBrush
GdipAddPathEllipseI
GdipDeletePath
GdipCreatePath
GdiplusShutdown
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDrawString
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipFillRectangle
GdipSetCompositingQuality
GdipSetCompositingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdiplusStartup
GdipFree
GdipAlloc
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipFillRectangleI

cabinet

ord20
ord21
ord14
ord13
ord11
ord10
ord23
ord22

setupapi

CM_Get_Parent
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
CM_Get_Device_IDW

ntdll

NtClose
NtCreateFile
RtlInitUnicodeString

winhttp

WinHttpGetIEProxyConfigForCurrentUser
WinHttpDetectAutoProxyConfigUrl

rpcrt4

UuidCreate

oleacc

LresultFromObject
CreateStdAccessibleObject

wininet

HttpQueryInfoW
HttpEndRequestW
HttpSendRequestExW
HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetSetOptionW
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetCanonicalizeUrlW
InternetCrackUrlW

winmm

PlaySoundW

netapi32

NetServerGetInfo
NetShareGetInfo
NetApiBufferFree

iphlpapi

GetBestInterfaceEx
GetAdaptersAddresses
GetIpAddrTable
GetAdaptersInfo
GetTcpTable

dnsapi

DnsQuery_W
DnsFree

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 699KB - Virtual size: 699KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f5462dcedeaf171cdbcda002e897080

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

0e:a3:9d:c6:65:3a:dd:c1:6f:d0:a7:39Certificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

68:d0:10:9e:f0:95:fd:5c:b5:20:bd:06:c9:bf:d8:3d:17:9e:21:b1:4f:08:32:b8:94:06:91:8b:b1:3c:fc:faSigner

Headers

DLL Characteristics

File Characteristics

Imports

version

mpr

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

wsock32

gdiplus

cabinet

setupapi

ntdll

winhttp

rpcrt4

oleacc

wininet

winmm

netapi32

iphlpapi

dnsapi

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 699KB - Virtual size: 699KB

.data Size: 52KB - Virtual size: 85KB

.rsrc Size: 1.9MB - Virtual size: 1.9MB

.reloc Size: 168KB - Virtual size: 167KB

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

0e:a3:9d:c6:65:3a:dd:c1:6f:d0:a7:39
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

68:d0:10:9e:f0:95:fd:5c:b5:20:bd:06:c9:bf:d8:3d:17:9e:21:b1:4f:08:32:b8:94:06:91:8b:b1:3c:fc:fa
Signer

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 699KB - Virtual size: 699KB

.data
Size: 52KB - Virtual size: 85KB

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

.reloc
Size: 168KB - Virtual size: 167KB