pikabot | h4[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

h4.zip
Size

4.3MB
MD5

028621ae475fd3af1a60284f084124d9
SHA1

c18e6adf2c75f108a1bf98d534068ec424acc964
SHA256

feef7c585a67e368ce1a514158d6abc280e502b0408ad8b589d83687360ff11f
SHA512

e671e9998d8f3b938084e4cb0fed175c7f3ac009917989cace6af1c7a512ff207793534c1b03cc220f5da4173bc084ee508c5ac7e6154c4bc9a285a6974ecdc2
SSDEEP

98304:YfFBwV9Z9WRhoq9BQFSyd+doJTTL/alHFBwV9AfYbSdxHHkF:aebaT9kIonL/KeWfYmdxkF

Score

10^/10

pikabot

Malware Config

Signatures

Detects PikaBot botnet 2 IoCs

Processes:

resource	yara_rule
static1/unpack001/802a953fdb8efac8ec2a48bb8051713eb23edf962a10640d144206fea99b001f	family_pikabot
static1/unpack001/ed2529f938ef280b5e8adb171dd460212f777a19b1ac9d650ee81c4900c0bc78	family_pikabot

Pikabot family
pikabot

Unsigned PE 28 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/00ad95ca939f4fbb3452ea300bb919ef18cbde843604d7148fa165b645c3030e
unpack001/05d1b791865c9551ed8da6a170eb6f945a4d1e79cb70341f589cc47bacf78cc3
unpack001/31d025c022dfa29f0d953d477a5cefebe91bf28e60fa771b407cc0b25dd65355
unpack001/3b0dce669a07626746d3b2301607702abd3bb2cba8dcb9c8b655f246e7b8ab1d
unpack001/3ba484fd9430dda5ea691c86ed0cd6e95f1e401d7b444c0d6465545a03ae20b7
unpack001/443c727f45873a83f2b236cafa7781439e0ce9a25120d01621a812af15934ffd
unpack001/4d81b964b809d1d3c642d331f17f80ee013fdd2b8bd2cffd191449313ea92353
unpack001/4fb5b0da3a557a7dac922010a2b888a91055c4381cf494a6336a674be3bb4a45
unpack001/50d0a3b32e813c671248f0f2fe10c3c237ee94bfa94fcaf86886fc3a64d79b88
unpack001/5a76edd4bf074cc6a66199f87896dee330a81164d112605681ccb145d64cd587
unpack001/610e854b8c98ab9fd11985f3468eababee930d0bc695cc596f7a2b0e92b25f19
unpack001/644a054d1f42e129007fbe1ed445e1f36cc84737727e1d842530e16aec7c37bc
unpack001/802a953fdb8efac8ec2a48bb8051713eb23edf962a10640d144206fea99b001f
unpack001/8528b4fbb050be27debef474bd27d441d92196f5d19840f94afa979e8483c8ef
unpack001/9754d73feff432298ab129b21a09faa38c3a4ab9a480dbef2eb58dd7d4a151b0
unpack001/9c066b18b2cef503b177f12caf769df6b473a1ee599ff1e32549c2e4ab45b7d8
unpack001/9eafa6bbe7cbf0413b36993e97901c704b5217ef43e2172cb843bd9699719882
unpack001/a7122f6a2953f7c5960747cc165308fc3a33a7cb5e6b0093cff2855db2ecce7b
unpack001/add0e82c68959b9c88485da47178295d80bd6752dd7f0dd4c62cf80bdbf1939c
unpack001/b65009a7596afc021e95a290be757338f1d45bec0dd5e3197a242a77c0443d9f
unpack001/c15c4a73728ea1b3e6688066bb1fdea841d42b910fb2883289cb26003474af64
unpack001/cd6b1d3ea4540494866d5b51149de0aaa22e65a2ef5001421190e4a0ce6ec5c8
unpack001/dc0bc5af6c5323ff1e242c7f8485f1bcd393860d50494bdaa84eea9ea606b2bb
unpack001/e8c7d64a29182d3f84a956ed5bb8a8abc2b5459fa939eb17b00c9513240c817e
unpack001/ec3399ed009ffc80cd4a88093284f591278f0659a2ff883c364b6536382fcfbf
unpack001/ed2529f938ef280b5e8adb171dd460212f777a19b1ac9d650ee81c4900c0bc78
unpack001/ee57fb61953bce1b400f8de464b1d1bac5a7ed2657d64c03a51ab498f2cd19a3
unpack001/f84e36b4f2030ca6ecb037a85a35d56a324426ecf08b85c9c5cd3587ba3a6742

Files

h4.zip
.zip
00ad95ca939f4fbb3452ea300bb919ef18cbde843604d7148fa165b645c3030e
.dll windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
05d1b791865c9551ed8da6a170eb6f945a4d1e79cb70341f589cc47bacf78cc3
.dll regsvr32 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
2411b23bab7703e94897573f3758e1849fdc6f407ea1d1e5da20a4e07ecf3c09
.dll regsvr32 windows x86

2f7d1706341a4c1a58fd983f48b245ef

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:fa:99:4d:66:0d:e6:59:ee:90:37:ec:b4:37:d7:66
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

14-10-2019 00:00

Not After

18-10-2022 12:00

Subject

CN=Piriform Software Ltd,OU=RE 901,O=Piriform Software Ltd,L=London,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09-06-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:fa:99:4d:66:0d:e6:59:ee:90:37:ec:b4:37:d7:66
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

14-10-2019 00:00

Not After

18-10-2022 12:00

Subject

CN=Piriform Software Ltd,OU=RE 901,O=Piriform Software Ltd,L=London,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09-06-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

29:97:12:2c:73:9a:00:3b:dd:e2:f5:7d:da:a3:e5:87:24:68:44:d2:7d:48:e3:24:03:0d:53:75:23:b4:50:0b
Signer

Actual PE Digest

29:97:12:2c:73:9a:00:3b:dd:e2:f5:7d:da:a3:e5:87:24:68:44:d2:7d:48:e3:24:03:0d:53:75:23:b4:50:0b

Digest Algorithm

sha256

PE Digest Matches

false

13:97:35:c3:74:3c:ad:b0:3d:53:21:3c:98:12:d6:58:38:03:6c:5d
Signer

Actual PE Digest

13:97:35:c3:74:3c:ad:b0:3d:53:21:3c:98:12:d6:58:38:03:6c:5d

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AreFileApisANSI
GetNumaHighestNodeNumber
SetThreadAffinityMask
ReadFile
OpenEventA
SizeofResource
TryEnterCriticalSection
GetLogicalDrives
GetOEMCP
CompareFileTime
GlobalHandle
GetFileSizeEx
CreateTimerQueueTimer
FindFirstFileExW
SetWaitableTimer
TlsSetValue
FindFirstVolumeW
GetSystemDefaultLCID
VirtualProtect
VerifyVersionInfoA
HeapFree
SetLastError
EnterCriticalSection
VirtualFree
GetCommandLineW
GetCurrentProcess
GetStdHandle
ReleaseSemaphore
WriteFile
RegisterWaitForSingleObject
GetModuleHandleExW
UnregisterWait
DeviceIoControl
LCMapStringA
VirtualAlloc
TerminateProcess
GetProcessAffinityMask
LoadLibraryExA
SetFileTime
WaitForMultipleObjects
GetConsoleCP
SignalObjectAndWait
SetThreadPriority
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
InitializeCriticalSection
ExpandEnvironmentStringsA
SetErrorMode
SetFilePointer
GetCompressedFileSizeW
SetEndOfFile
PeekNamedPipe
WaitForMultipleObjectsEx
FindClose
GetVolumePathNameW
WaitForSingleObject
FreeLibraryAndExitThread
GetCurrentThreadId
lstrcmpA
ResumeThread
UnmapViewOfFile
DuplicateHandle
ExitThread
GetModuleHandleA
GetLocaleInfoA
GetACP
HeapSize
GetVersion
GetCommandLineA
GetVolumeNameForVolumeMountPointW
GetExitCodeThread
Sleep
GetConsoleMode
GetTimeZoneInformation
LocalFileTimeToFileTime
GetLastError
ChangeTimerQueueTimer
GetFileAttributesA
GetStringTypeExA
CreateFileA
GetUserDefaultLCID
SetEvent
GetLogicalProcessorInformation
FileTimeToSystemTime
GetCurrentThread
InterlockedFlushSList
GetSystemDirectoryA
TerminateThread
LoadLibraryA
WaitForSingleObjectEx
TlsAlloc
GetVersionExA
LockResource
QueryPerformanceFrequency
GetThreadPriority
GlobalAlloc
GlobalFree
HeapReAlloc
CloseHandle
RaiseException
GetSystemInfo
CreateThread
ResetEvent
GetWindowsDirectoryA
LoadResource
HeapAlloc
FileTimeToLocalFileTime
QueueUserAPC
GetLocalTime
SetStdHandle
CreateWaitableTimerA
SwitchToThread
HeapDestroy
GlobalLock
SetFilePointerEx
UnregisterWaitEx
LocalFree
MoveFileExW
IsProcessorFeaturePresent
GetFileSize
DeleteCriticalSection
ExitProcess
VerSetConditionMask
FindVolumeClose
SetEnvironmentVariableA
GetCurrentProcessId
UnhandledExceptionFilter
GetProcessHeap
SystemTimeToFileTime
IsValidLocale
FreeLibrary
FlushInstructionCache
GetVolumePathNamesForVolumeNameW
SleepEx
VerifyVersionInfoW
TlsGetValue
GetThreadTimes
SystemTimeToTzSpecificLocalTime
GetSystemTimeAsFileTime
GetFileType
DeleteTimerQueueTimer
TlsFree
CreateDirectoryA
GetSystemTime
GlobalMemoryStatus
FormatMessageA
BackupRead
CreateSemaphoreA
InterlockedPushEntrySList
DosDateTimeToFileTime
CreateEventA
MapViewOfFile
FindNextVolumeW
BackupSeek
QueryPerformanceCounter
InitializeSListHead
GetTickCount
GlobalUnlock
MulDiv
VirtualQuery
IsWow64Process
GetFileTime
InterlockedPopEntrySList
GlobalReAlloc
IsDebuggerPresent
VirtualQueryEx
QueryDepthSList
CreateTimerQueue
SetUnhandledExceptionFilter
FlushFileBuffers
FileTimeToDosDateTime

user32

EnableMenuItem
SetScrollPos
GetSysColorBrush
GetDesktopWindow
PostQuitMessage
CheckDlgButton
KillTimer
ShowCaret
LookupIconIdFromDirectoryEx
DrawIconEx
SetRect
GetMenuInfo
GetDlgItem
GetClientRect
CheckMenuItem
RemoveMenu
GetComboBoxInfo
MapDialogRect
SetScrollRange
FlashWindowEx
SetRectEmpty
SetCursor
SetClipboardData
GetWindowDC
SetCapture
SetParent
DestroyCaret
DragDetect
SetWindowContextHelpId
TranslateMessage
GetUpdateRect
BringWindowToTop
SetFocus
SetLayeredWindowAttributes
DestroyMenu
EnumWindows
UnhookWindowsHookEx
IsDlgButtonChecked
MoveWindow
IsWindowEnabled
GetSysColor
DrawFocusRect
FrameRect
TrackMouseEvent
SetMenuInfo
SetWindowPlacement
MapWindowPoints
CreateCaret
IsChild
ExitWindowsEx
EmptyClipboard
DestroyAcceleratorTable
CloseClipboard
ClientToScreen
GetDlgCtrlID
DrawEdge
IsMenu
DestroyIcon
RedrawWindow
SetTimer
GetCapture
OffsetRect
OpenClipboard
InvalidateRgn
IsWindow
ShowWindow
GetActiveWindow
GetSubMenu
SetCaretPos
TrackPopupMenu
DestroyCursor
GetWindowPlacement
WindowFromPoint
MsgWaitForMultipleObjects
GetScrollInfo
SetMenuItemBitmaps
CreatePopupMenu
MessageBeep
GetSystemMetrics
EndDialog
CallNextHookEx
ScreenToClient
DeleteMenu
GetIconInfo
FillRect
HideCaret
CopyIcon
LoadStringA
EnumChildWindows
GetMenuItemCount
MonitorFromWindow
CopyImage
SetWindowPos
IsWindowVisible
GetDC
InflateRect
DestroyWindow
GetFocus
GetMenu
GetMenuItemID
GetWindowRect
CreateIconFromResourceEx
GetWindow
CheckMenuRadioItem
MonitorFromPoint
GetMessagePos
GetKeyState
AdjustWindowRectEx
GetSystemMenu
CharLowerBuffA
GetWindowThreadProcessId
EndPaint
CharLowerA
GetParent
PtInRect
UpdateWindow
DrawFrameControl
ReleaseCapture
InvalidateRect
IsIconic
SetCursorPos
ReleaseDC
GetCursorPos
BeginPaint
CopyRect

oleaut32

VarBstrFromR8
VariantInit
LoadTypeLi
SysFreeString
SysAllocStringByteLen
SysAllocString
VarBstrCmp
DispCallFunc
SysStringLen
SysAllocStringLen
VariantChangeType
VariantClear
VarUI4FromStr

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 366KB - Virtual size: 366KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
31d025c022dfa29f0d953d477a5cefebe91bf28e60fa771b407cc0b25dd65355
.dll regsvr32 windows x86

2f7d1706341a4c1a58fd983f48b245ef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AreFileApisANSI
GetNumaHighestNodeNumber
SetThreadAffinityMask
ReadFile
OpenEventA
SizeofResource
TryEnterCriticalSection
GetLogicalDrives
GetOEMCP
CompareFileTime
GlobalHandle
GetFileSizeEx
CreateTimerQueueTimer
FindFirstFileExW
SetWaitableTimer
TlsSetValue
FindFirstVolumeW
GetSystemDefaultLCID
VirtualProtect
VerifyVersionInfoA
HeapFree
SetLastError
EnterCriticalSection
VirtualFree
GetCommandLineW
GetCurrentProcess
GetStdHandle
ReleaseSemaphore
WriteFile
RegisterWaitForSingleObject
GetModuleHandleExW
UnregisterWait
DeviceIoControl
LCMapStringA
VirtualAlloc
TerminateProcess
GetProcessAffinityMask
LoadLibraryExA
SetFileTime
WaitForMultipleObjects
GetConsoleCP
SignalObjectAndWait
SetThreadPriority
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
InitializeCriticalSection
ExpandEnvironmentStringsA
SetErrorMode
SetFilePointer
GetCompressedFileSizeW
SetEndOfFile
PeekNamedPipe
WaitForMultipleObjectsEx
FindClose
GetVolumePathNameW
WaitForSingleObject
FreeLibraryAndExitThread
GetCurrentThreadId
lstrcmpA
ResumeThread
UnmapViewOfFile
DuplicateHandle
ExitThread
GetModuleHandleA
GetLocaleInfoA
GetACP
HeapSize
GetVersion
GetCommandLineA
GetVolumeNameForVolumeMountPointW
GetExitCodeThread
Sleep
GetConsoleMode
GetTimeZoneInformation
LocalFileTimeToFileTime
GetLastError
ChangeTimerQueueTimer
GetFileAttributesA
GetStringTypeExA
CreateFileA
GetUserDefaultLCID
SetEvent
GetLogicalProcessorInformation
FileTimeToSystemTime
GetCurrentThread
InterlockedFlushSList
GetSystemDirectoryA
TerminateThread
LoadLibraryA
WaitForSingleObjectEx
TlsAlloc
GetVersionExA
LockResource
QueryPerformanceFrequency
GetThreadPriority
GlobalAlloc
GlobalFree
HeapReAlloc
CloseHandle
RaiseException
GetSystemInfo
CreateThread
ResetEvent
GetWindowsDirectoryA
LoadResource
HeapAlloc
FileTimeToLocalFileTime
QueueUserAPC
GetLocalTime
SetStdHandle
CreateWaitableTimerA
SwitchToThread
HeapDestroy
GlobalLock
SetFilePointerEx
UnregisterWaitEx
LocalFree
MoveFileExW
IsProcessorFeaturePresent
GetFileSize
DeleteCriticalSection
ExitProcess
VerSetConditionMask
FindVolumeClose
SetEnvironmentVariableA
GetCurrentProcessId
UnhandledExceptionFilter
GetProcessHeap
SystemTimeToFileTime
IsValidLocale
FreeLibrary
FlushInstructionCache
GetVolumePathNamesForVolumeNameW
SleepEx
VerifyVersionInfoW
TlsGetValue
GetThreadTimes
SystemTimeToTzSpecificLocalTime
GetSystemTimeAsFileTime
GetFileType
DeleteTimerQueueTimer
TlsFree
CreateDirectoryA
GetSystemTime
GlobalMemoryStatus
FormatMessageA
BackupRead
CreateSemaphoreA
InterlockedPushEntrySList
DosDateTimeToFileTime
CreateEventA
MapViewOfFile
FindNextVolumeW
BackupSeek
QueryPerformanceCounter
InitializeSListHead
GetTickCount
GlobalUnlock
MulDiv
VirtualQuery
IsWow64Process
GetFileTime
InterlockedPopEntrySList
GlobalReAlloc
IsDebuggerPresent
VirtualQueryEx
QueryDepthSList
CreateTimerQueue
SetUnhandledExceptionFilter
FlushFileBuffers
FileTimeToDosDateTime

user32

EnableMenuItem
SetScrollPos
GetSysColorBrush
GetDesktopWindow
PostQuitMessage
CheckDlgButton
KillTimer
ShowCaret
LookupIconIdFromDirectoryEx
DrawIconEx
SetRect
GetMenuInfo
GetDlgItem
GetClientRect
CheckMenuItem
RemoveMenu
GetComboBoxInfo
MapDialogRect
SetScrollRange
FlashWindowEx
SetRectEmpty
SetCursor
SetClipboardData
GetWindowDC
SetCapture
SetParent
DestroyCaret
DragDetect
SetWindowContextHelpId
TranslateMessage
GetUpdateRect
BringWindowToTop
SetFocus
SetLayeredWindowAttributes
DestroyMenu
EnumWindows
UnhookWindowsHookEx
IsDlgButtonChecked
MoveWindow
IsWindowEnabled
GetSysColor
DrawFocusRect
FrameRect
TrackMouseEvent
SetMenuInfo
SetWindowPlacement
MapWindowPoints
CreateCaret
IsChild
ExitWindowsEx
EmptyClipboard
DestroyAcceleratorTable
CloseClipboard
ClientToScreen
GetDlgCtrlID
DrawEdge
IsMenu
DestroyIcon
RedrawWindow
SetTimer
GetCapture
OffsetRect
OpenClipboard
InvalidateRgn
IsWindow
ShowWindow
GetActiveWindow
GetSubMenu
SetCaretPos
TrackPopupMenu
DestroyCursor
GetWindowPlacement
WindowFromPoint
MsgWaitForMultipleObjects
GetScrollInfo
SetMenuItemBitmaps
CreatePopupMenu
MessageBeep
GetSystemMetrics
EndDialog
CallNextHookEx
ScreenToClient
DeleteMenu
GetIconInfo
FillRect
HideCaret
CopyIcon
LoadStringA
EnumChildWindows
GetMenuItemCount
MonitorFromWindow
CopyImage
SetWindowPos
IsWindowVisible
GetDC
InflateRect
DestroyWindow
GetFocus
GetMenu
GetMenuItemID
GetWindowRect
CreateIconFromResourceEx
GetWindow
CheckMenuRadioItem
MonitorFromPoint
GetMessagePos
GetKeyState
AdjustWindowRectEx
GetSystemMenu
CharLowerBuffA
GetWindowThreadProcessId
EndPaint
CharLowerA
GetParent
PtInRect
UpdateWindow
DrawFrameControl
ReleaseCapture
InvalidateRect
IsIconic
SetCursorPos
ReleaseDC
GetCursorPos
BeginPaint
CopyRect

oleaut32

VarBstrFromR8
VariantInit
LoadTypeLi
SysFreeString
SysAllocStringByteLen
SysAllocString
VarBstrCmp
DispCallFunc
SysStringLen
SysAllocStringLen
VariantChangeType
VariantClear
VarUI4FromStr

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 366KB - Virtual size: 366KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
3b0dce669a07626746d3b2301607702abd3bb2cba8dcb9c8b655f246e7b8ab1d
.dll regsvr32 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
3ba484fd9430dda5ea691c86ed0cd6e95f1e401d7b444c0d6465545a03ae20b7
.dll regsvr32 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
443c727f45873a83f2b236cafa7781439e0ce9a25120d01621a812af15934ffd
.dll regsvr32 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
4bc3d95ee8661f7d381b2ceb6cb4a6e9759d7d0f9d883b44528b0f9c0aa559a2
.dll regsvr32 windows x86

2f7d1706341a4c1a58fd983f48b245ef

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:fa:99:4d:66:0d:e6:59:ee:90:37:ec:b4:37:d7:66
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

14-10-2019 00:00

Not After

18-10-2022 12:00

Subject

CN=Piriform Software Ltd,OU=RE 901,O=Piriform Software Ltd,L=London,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09-06-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:fa:99:4d:66:0d:e6:59:ee:90:37:ec:b4:37:d7:66
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

14-10-2019 00:00

Not After

18-10-2022 12:00

Subject

CN=Piriform Software Ltd,OU=RE 901,O=Piriform Software Ltd,L=London,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09-06-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

42:2b:33:b0:d9:3e:97:b7:43:d1:77:85:6f:c9:fc:dd:3f:14:09:ed:4e:a9:82:0f:e7:94:46:b2:4a:12:4e:26
Signer

Actual PE Digest

42:2b:33:b0:d9:3e:97:b7:43:d1:77:85:6f:c9:fc:dd:3f:14:09:ed:4e:a9:82:0f:e7:94:46:b2:4a:12:4e:26

Digest Algorithm

sha256

PE Digest Matches

false

45:ba:37:57:69:e2:c7:84:f6:28:bd:bb:c2:8e:5a:9e:92:b9:b3:88
Signer

Actual PE Digest

45:ba:37:57:69:e2:c7:84:f6:28:bd:bb:c2:8e:5a:9e:92:b9:b3:88

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AreFileApisANSI
GetNumaHighestNodeNumber
SetThreadAffinityMask
ReadFile
OpenEventA
SizeofResource
TryEnterCriticalSection
GetLogicalDrives
GetOEMCP
CompareFileTime
GlobalHandle
GetFileSizeEx
CreateTimerQueueTimer
FindFirstFileExW
SetWaitableTimer
TlsSetValue
FindFirstVolumeW
GetSystemDefaultLCID
VirtualProtect
VerifyVersionInfoA
HeapFree
SetLastError
EnterCriticalSection
VirtualFree
GetCommandLineW
GetCurrentProcess
GetStdHandle
ReleaseSemaphore
WriteFile
RegisterWaitForSingleObject
GetModuleHandleExW
UnregisterWait
DeviceIoControl
LCMapStringA
VirtualAlloc
TerminateProcess
GetProcessAffinityMask
LoadLibraryExA
SetFileTime
WaitForMultipleObjects
GetConsoleCP
SignalObjectAndWait
SetThreadPriority
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
InitializeCriticalSection
ExpandEnvironmentStringsA
SetErrorMode
SetFilePointer
GetCompressedFileSizeW
SetEndOfFile
PeekNamedPipe
WaitForMultipleObjectsEx
FindClose
GetVolumePathNameW
WaitForSingleObject
FreeLibraryAndExitThread
GetCurrentThreadId
lstrcmpA
ResumeThread
UnmapViewOfFile
DuplicateHandle
ExitThread
GetModuleHandleA
GetLocaleInfoA
GetACP
HeapSize
GetVersion
GetCommandLineA
GetVolumeNameForVolumeMountPointW
GetExitCodeThread
Sleep
GetConsoleMode
GetTimeZoneInformation
LocalFileTimeToFileTime
GetLastError
ChangeTimerQueueTimer
GetFileAttributesA
GetStringTypeExA
CreateFileA
GetUserDefaultLCID
SetEvent
GetLogicalProcessorInformation
FileTimeToSystemTime
GetCurrentThread
InterlockedFlushSList
GetSystemDirectoryA
TerminateThread
LoadLibraryA
WaitForSingleObjectEx
TlsAlloc
GetVersionExA
LockResource
QueryPerformanceFrequency
GetThreadPriority
GlobalAlloc
GlobalFree
HeapReAlloc
CloseHandle
RaiseException
GetSystemInfo
CreateThread
ResetEvent
GetWindowsDirectoryA
LoadResource
HeapAlloc
FileTimeToLocalFileTime
QueueUserAPC
GetLocalTime
SetStdHandle
CreateWaitableTimerA
SwitchToThread
HeapDestroy
GlobalLock
SetFilePointerEx
UnregisterWaitEx
LocalFree
MoveFileExW
IsProcessorFeaturePresent
GetFileSize
DeleteCriticalSection
ExitProcess
VerSetConditionMask
FindVolumeClose
SetEnvironmentVariableA
GetCurrentProcessId
UnhandledExceptionFilter
GetProcessHeap
SystemTimeToFileTime
IsValidLocale
FreeLibrary
FlushInstructionCache
GetVolumePathNamesForVolumeNameW
SleepEx
VerifyVersionInfoW
TlsGetValue
GetThreadTimes
SystemTimeToTzSpecificLocalTime
GetSystemTimeAsFileTime
GetFileType
DeleteTimerQueueTimer
TlsFree
CreateDirectoryA
GetSystemTime
GlobalMemoryStatus
FormatMessageA
BackupRead
CreateSemaphoreA
InterlockedPushEntrySList
DosDateTimeToFileTime
CreateEventA
MapViewOfFile
FindNextVolumeW
BackupSeek
QueryPerformanceCounter
InitializeSListHead
GetTickCount
GlobalUnlock
MulDiv
VirtualQuery
IsWow64Process
GetFileTime
InterlockedPopEntrySList
GlobalReAlloc
IsDebuggerPresent
VirtualQueryEx
QueryDepthSList
CreateTimerQueue
SetUnhandledExceptionFilter
FlushFileBuffers
FileTimeToDosDateTime

user32

EnableMenuItem
SetScrollPos
GetSysColorBrush
GetDesktopWindow
PostQuitMessage
CheckDlgButton
KillTimer
ShowCaret
LookupIconIdFromDirectoryEx
DrawIconEx
SetRect
GetMenuInfo
GetDlgItem
GetClientRect
CheckMenuItem
RemoveMenu
GetComboBoxInfo
MapDialogRect
SetScrollRange
FlashWindowEx
SetRectEmpty
SetCursor
SetClipboardData
GetWindowDC
SetCapture
SetParent
DestroyCaret
DragDetect
SetWindowContextHelpId
TranslateMessage
GetUpdateRect
BringWindowToTop
SetFocus
SetLayeredWindowAttributes
DestroyMenu
EnumWindows
UnhookWindowsHookEx
IsDlgButtonChecked
MoveWindow
IsWindowEnabled
GetSysColor
DrawFocusRect
FrameRect
TrackMouseEvent
SetMenuInfo
SetWindowPlacement
MapWindowPoints
CreateCaret
IsChild
ExitWindowsEx
EmptyClipboard
DestroyAcceleratorTable
CloseClipboard
ClientToScreen
GetDlgCtrlID
DrawEdge
IsMenu
DestroyIcon
RedrawWindow
SetTimer
GetCapture
OffsetRect
OpenClipboard
InvalidateRgn
IsWindow
ShowWindow
GetActiveWindow
GetSubMenu
SetCaretPos
TrackPopupMenu
DestroyCursor
GetWindowPlacement
WindowFromPoint
MsgWaitForMultipleObjects
GetScrollInfo
SetMenuItemBitmaps
CreatePopupMenu
MessageBeep
GetSystemMetrics
EndDialog
CallNextHookEx
ScreenToClient
DeleteMenu
GetIconInfo
FillRect
HideCaret
CopyIcon
LoadStringA
EnumChildWindows
GetMenuItemCount
MonitorFromWindow
CopyImage
SetWindowPos
IsWindowVisible
GetDC
InflateRect
DestroyWindow
GetFocus
GetMenu
GetMenuItemID
GetWindowRect
CreateIconFromResourceEx
GetWindow
CheckMenuRadioItem
MonitorFromPoint
GetMessagePos
GetKeyState
AdjustWindowRectEx
GetSystemMenu
CharLowerBuffA
GetWindowThreadProcessId
EndPaint
CharLowerA
GetParent
PtInRect
UpdateWindow
DrawFrameControl
ReleaseCapture
InvalidateRect
IsIconic
SetCursorPos
ReleaseDC
GetCursorPos
BeginPaint
CopyRect

oleaut32

VarBstrFromR8
VariantInit
LoadTypeLi
SysFreeString
SysAllocStringByteLen
SysAllocString
VarBstrCmp
DispCallFunc
SysStringLen
SysAllocStringLen
VariantChangeType
VariantClear
VarUI4FromStr

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 366KB - Virtual size: 366KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
4d81b964b809d1d3c642d331f17f80ee013fdd2b8bd2cffd191449313ea92353
.dll regsvr32 windows x86

2f7d1706341a4c1a58fd983f48b245ef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AreFileApisANSI
GetNumaHighestNodeNumber
SetThreadAffinityMask
ReadFile
OpenEventA
SizeofResource
TryEnterCriticalSection
GetLogicalDrives
GetOEMCP
CompareFileTime
GlobalHandle
GetFileSizeEx
CreateTimerQueueTimer
FindFirstFileExW
SetWaitableTimer
TlsSetValue
FindFirstVolumeW
GetSystemDefaultLCID
VirtualProtect
VerifyVersionInfoA
HeapFree
SetLastError
EnterCriticalSection
VirtualFree
GetCommandLineW
GetCurrentProcess
GetStdHandle
ReleaseSemaphore
WriteFile
RegisterWaitForSingleObject
GetModuleHandleExW
UnregisterWait
DeviceIoControl
LCMapStringA
VirtualAlloc
TerminateProcess
GetProcessAffinityMask
LoadLibraryExA
SetFileTime
WaitForMultipleObjects
GetConsoleCP
SignalObjectAndWait
SetThreadPriority
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
InitializeCriticalSection
ExpandEnvironmentStringsA
SetErrorMode
SetFilePointer
GetCompressedFileSizeW
SetEndOfFile
PeekNamedPipe
WaitForMultipleObjectsEx
FindClose
GetVolumePathNameW
WaitForSingleObject
FreeLibraryAndExitThread
GetCurrentThreadId
lstrcmpA
ResumeThread
UnmapViewOfFile
DuplicateHandle
ExitThread
GetModuleHandleA
GetLocaleInfoA
GetACP
HeapSize
GetVersion
GetCommandLineA
GetVolumeNameForVolumeMountPointW
GetExitCodeThread
Sleep
GetConsoleMode
GetTimeZoneInformation
LocalFileTimeToFileTime
GetLastError
ChangeTimerQueueTimer
GetFileAttributesA
GetStringTypeExA
CreateFileA
GetUserDefaultLCID
SetEvent
GetLogicalProcessorInformation
FileTimeToSystemTime
GetCurrentThread
InterlockedFlushSList
GetSystemDirectoryA
TerminateThread
LoadLibraryA
WaitForSingleObjectEx
TlsAlloc
GetVersionExA
LockResource
QueryPerformanceFrequency
GetThreadPriority
GlobalAlloc
GlobalFree
HeapReAlloc
CloseHandle
RaiseException
GetSystemInfo
CreateThread
ResetEvent
GetWindowsDirectoryA
LoadResource
HeapAlloc
FileTimeToLocalFileTime
QueueUserAPC
GetLocalTime
SetStdHandle
CreateWaitableTimerA
SwitchToThread
HeapDestroy
GlobalLock
SetFilePointerEx
UnregisterWaitEx
LocalFree
MoveFileExW
IsProcessorFeaturePresent
GetFileSize
DeleteCriticalSection
ExitProcess
VerSetConditionMask
FindVolumeClose
SetEnvironmentVariableA
GetCurrentProcessId
UnhandledExceptionFilter
GetProcessHeap
SystemTimeToFileTime
IsValidLocale
FreeLibrary
FlushInstructionCache
GetVolumePathNamesForVolumeNameW
SleepEx
VerifyVersionInfoW
TlsGetValue
GetThreadTimes
SystemTimeToTzSpecificLocalTime
GetSystemTimeAsFileTime
GetFileType
DeleteTimerQueueTimer
TlsFree
CreateDirectoryA
GetSystemTime
GlobalMemoryStatus
FormatMessageA
BackupRead
CreateSemaphoreA
InterlockedPushEntrySList
DosDateTimeToFileTime
CreateEventA
MapViewOfFile
FindNextVolumeW
BackupSeek
QueryPerformanceCounter
InitializeSListHead
GetTickCount
GlobalUnlock
MulDiv
VirtualQuery
IsWow64Process
GetFileTime
InterlockedPopEntrySList
GlobalReAlloc
IsDebuggerPresent
VirtualQueryEx
QueryDepthSList
CreateTimerQueue
SetUnhandledExceptionFilter
FlushFileBuffers
FileTimeToDosDateTime

user32

EnableMenuItem
SetScrollPos
GetSysColorBrush
GetDesktopWindow
PostQuitMessage
CheckDlgButton
KillTimer
ShowCaret
LookupIconIdFromDirectoryEx
DrawIconEx
SetRect
GetMenuInfo
GetDlgItem
GetClientRect
CheckMenuItem
RemoveMenu
GetComboBoxInfo
MapDialogRect
SetScrollRange
FlashWindowEx
SetRectEmpty
SetCursor
SetClipboardData
GetWindowDC
SetCapture
SetParent
DestroyCaret
DragDetect
SetWindowContextHelpId
TranslateMessage
GetUpdateRect
BringWindowToTop
SetFocus
SetLayeredWindowAttributes
DestroyMenu
EnumWindows
UnhookWindowsHookEx
IsDlgButtonChecked
MoveWindow
IsWindowEnabled
GetSysColor
DrawFocusRect
FrameRect
TrackMouseEvent
SetMenuInfo
SetWindowPlacement
MapWindowPoints
CreateCaret
IsChild
ExitWindowsEx
EmptyClipboard
DestroyAcceleratorTable
CloseClipboard
ClientToScreen
GetDlgCtrlID
DrawEdge
IsMenu
DestroyIcon
RedrawWindow
SetTimer
GetCapture
OffsetRect
OpenClipboard
InvalidateRgn
IsWindow
ShowWindow
GetActiveWindow
GetSubMenu
SetCaretPos
TrackPopupMenu
DestroyCursor
GetWindowPlacement
WindowFromPoint
MsgWaitForMultipleObjects
GetScrollInfo
SetMenuItemBitmaps
CreatePopupMenu
MessageBeep
GetSystemMetrics
EndDialog
CallNextHookEx
ScreenToClient
DeleteMenu
GetIconInfo
FillRect
HideCaret
CopyIcon
LoadStringA
EnumChildWindows
GetMenuItemCount
MonitorFromWindow
CopyImage
SetWindowPos
IsWindowVisible
GetDC
InflateRect
DestroyWindow
GetFocus
GetMenu
GetMenuItemID
GetWindowRect
CreateIconFromResourceEx
GetWindow
CheckMenuRadioItem
MonitorFromPoint
GetMessagePos
GetKeyState
AdjustWindowRectEx
GetSystemMenu
CharLowerBuffA
GetWindowThreadProcessId
EndPaint
CharLowerA
GetParent
PtInRect
UpdateWindow
DrawFrameControl
ReleaseCapture
InvalidateRect
IsIconic
SetCursorPos
ReleaseDC
GetCursorPos
BeginPaint
CopyRect

oleaut32

VarBstrFromR8
VariantInit
LoadTypeLi
SysFreeString
SysAllocStringByteLen
SysAllocString
VarBstrCmp
DispCallFunc
SysStringLen
SysAllocStringLen
VariantChangeType
VariantClear
VarUI4FromStr

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 360KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
4fb5b0da3a557a7dac922010a2b888a91055c4381cf494a6336a674be3bb4a45
.dll regsvr32 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
50d0a3b32e813c671248f0f2fe10c3c237ee94bfa94fcaf86886fc3a64d79b88
.dll windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
59f42ecde152f78731e54ea27e761bba748c9309a6ad1c2fd17f0e8b90f8aed1
.dll regsvr32 windows x86

47b25cab4d220854dcb1268c5af427d5

Code Sign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15-06-2016 00:00

Not After

15-06-2024 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

73:1d:40:ae:3f:3a:1f:b2:bc:3d:83:95
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

25-08-2020 13:42

Not After

26-08-2023 13:42

Subject

CN=win.rar GmbH,O=win.rar GmbH,L=Berlin,ST=Berlin,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-01-2021 00:00

Not After

06-01-2031 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15-06-2016 00:00

Not After

15-06-2024 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

73:1d:40:ae:3f:3a:1f:b2:bc:3d:83:95
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

25-08-2020 13:42

Not After

26-08-2023 13:42

Subject

CN=win.rar GmbH,O=win.rar GmbH,L=Berlin,ST=Berlin,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:00:46:69:50:a6:04:a9:d9:70:e8:1d:d2:4d:41:9f
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

27-05-2021 09:55

Not After

28-06-2032 09:55

Subject

CN=Globalsign TSA for Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

20-02-2019 00:00

Not After

18-03-2029 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18-03-2009 10:00

Not After

18-03-2029 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:9b:cb:fa:c8:da:95:f7:f1:bd:ac:60:de:04:f0:04:10:72:4c:05:1c:93:7e:10:22:d1:30:f0:47:f1:b6:6e
Signer

Actual PE Digest

78:9b:cb:fa:c8:da:95:f7:f1:bd:ac:60:de:04:f0:04:10:72:4c:05:1c:93:7e:10:22:d1:30:f0:47:f1:b6:6e

Digest Algorithm

sha256

PE Digest Matches

false

ac:93:c6:4d:1a:61:04:00:7c:29:53:1d:c8:50:b9:be:93:0f:be:6d
Signer

Actual PE Digest

ac:93:c6:4d:1a:61:04:00:7c:29:53:1d:c8:50:b9:be:93:0f:be:6d

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
CreateFileW
GetFileAttributesW
FreeLibraryAndExitThread
GetCurrentThreadId
GetVersionExW
ReleaseMutex
OpenFileMappingW
SuspendThread
GetSystemDirectoryW
FreeEnvironmentStringsW
ResumeThread
UnmapViewOfFile
ExitThread
GetACP
FindFirstChangeNotificationW
HeapSize
GetCommandLineA
SetFileAttributesW
IsValidCodePage
EndUpdateResourceW
CreateEventW
MultiByteToWideChar
Sleep
GetConsoleMode
GetFileInformationByHandle
FormatMessageW
LocalFileTimeToFileTime
CompareStringA
FlsSetValue
GetLastError
TzSpecificLocalTimeToSystemTime
ReleaseSRWLockExclusive
GlobalSize
SetEvent
FileTimeToSystemTime
GetDiskFreeSpaceExW
GetCurrentThread
AcquireSRWLockExclusive
FindCloseChangeNotification
ReadConsoleW
WaitForSingleObjectEx
TlsAlloc
LockResource
QueryPerformanceFrequency
GetThreadPriority
GlobalAlloc
DeleteFileW
GlobalFree
HeapReAlloc
CloseHandle
GetNumberFormatW
EnumResourceLanguagesW
RaiseException
LoadLibraryW
CreateThread
ResetEvent
IsDBCSLeadByte
LoadResource
FindResourceW
HeapAlloc
FindClose
GetLocalTime
GetCurrentDirectoryW
SetStdHandle
UpdateResourceW
FindNextChangeNotification
HeapDestroy
SetCurrentDirectoryW
WriteConsoleW
GetPriorityClass
Beep
GetProcAddress
GlobalLock
SetFilePointerEx
LocalFree
GetTimeFormatW
IsProcessorFeaturePresent
GetFileSize
DeleteCriticalSection
ExitProcess
LCMapStringW
GetCurrentProcessId
UnhandledExceptionFilter
GetProcessHeap
SystemTimeToFileTime
SetThreadExecutionState
GetModuleHandleW
FreeLibrary
CreateSemaphoreW
CopyFileW
WideCharToMultiByte
TlsGetValue
BeginUpdateResourceW
SystemTimeToTzSpecificLocalTime
GetSystemTimeAsFileTime
GetFileType
TlsFree
GetSystemTime
CreateFileMappingW
BackupRead
DosDateTimeToFileTime
MapViewOfFile
BackupSeek
QueryPerformanceCounter
GetStringTypeW
GetDateFormatW
InitializeSListHead
GetTickCount
GetEnvironmentStringsW
GlobalUnlock
FlsFree
FlsAlloc
MulDiv
MoveFileW
GetDriveTypeW
GetFileTime
LoadLibraryExW
IsDebuggerPresent
SetUnhandledExceptionFilter
FlushFileBuffers
CreateHardLinkW
InitializeCriticalSectionEx
CreateMutexW
GetTempPathW
EnumResourceNamesW
SetEndOfFile
FlsGetValue
GetCompressedFileSizeW
GetFullPathNameA
SetFilePointer
SetErrorMode
InitializeCriticalSection
FoldStringW
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
SetThreadPriority
EncodePointer
SetEnvironmentVariableW
WaitForMultipleObjects
GetModuleFileNameW
SetFileTime
GetProcessAffinityMask
RemoveDirectoryW
TerminateProcess
DeviceIoControl
GetDiskFreeSpaceW
GetShortPathNameW
ExpandEnvironmentStringsW
GetModuleHandleExW
WriteFile
GetCPInfo
ReleaseSemaphore
GetStdHandle
GetConsoleOutputCP
GetLocaleInfoW
GetCurrentProcess
GetLongPathNameW
FindNextFileW
GetFullPathNameW
GetCommandLineW
EnterCriticalSection
SetPriorityClass
SetLastError
HeapFree
TlsSetValue
CompareStringW
FindFirstFileExW
HeapCreate
GetFileSizeEx
FindFirstFileW
CompareFileTime
GetOEMCP
GetLogicalDrives
GetVolumeInformationW
TryEnterCriticalSection
SizeofResource
InitializeSRWLock
ReadFile
GetCPInfoExW
GetStartupInfoW
FileTimeToLocalFileTime
CreateDirectoryW

user32

GetDlgItemTextW
CharToOemBuffA
ValidateRect
SetWindowPlacement
MapWindowPoints
RegisterClassW
SetDlgItemTextW
IsChild
PeekMessageW
ExitWindowsEx
EmptyClipboard
SetMenuItemInfoW
CloseClipboard
ClientToScreen
CreateIconIndirect
CopyRect
DestroyIcon
IsDialogMessageW
RedrawWindow
SetTimer
DispatchMessageW
OpenClipboard
OemToCharBuffA
OemToCharBuffW
IsWindow
ShowWindow
GetSubMenu
LoadStringW
TrackPopupMenu
LoadAcceleratorsW
GetWindowPlacement
WindowFromPoint
RegisterClassExW
GetScrollInfo
CreatePopupMenu
MessageBeep
SetWindowTextW
GetSystemMetrics
RemovePropW
EndDialog
WaitForInputIdle
SendMessageW
ScreenToClient
DeleteMenu
GetIconInfo
CreateWindowExW
FillRect
EnumDisplayMonitors
EnumChildWindows
GetMenuItemCount
CopyImage
GetPropW
keybd_event
MessageBoxW
SetWindowPos
IsWindowVisible
GetDC
DestroyWindow
InsertMenuItemW
GetFocus
GetMenu
GetMenuItemID
GetWindowRect
SetProcessDefaultLayout
FindWindowExW
GetWindow
PostMessageW
CallWindowProcW
LoadMenuW
CharLowerW
CharUpperW
GetKeyState
GetSysColor
GetSystemMenu
DefWindowProcW
GetMenuItemInfoW
GetLastActivePopup
RegisterClipboardFormatW
CreateDialogParamW
GetMessageW
GetWindowTextLengthW
GetWindowThreadProcessId
GetWindowLongW
GetWindowTextW
GetForegroundWindow
CharToOemA
IsWindowEnabled
MoveWindow
SetMenu
IsDlgButtonChecked
EnumWindows
FlashWindow
DestroyMenu
IntersectRect
SetFocus
BringWindowToTop
TranslateAcceleratorW
SetPropW
TranslateMessage
GetClipboardData
LoadIconW
ScrollWindowEx
OemToCharA
FindWindowW
CharToOemBuffW
LoadCursorW
GetClassNameW
IsCharAlphaW
DrawMenuBar
InsertMenuW
SetClipboardData
SetCursor
wsprintfW
FlashWindowEx
GetDlgItemInt
SetScrollRange
SetWindowLongW
GetComboBoxInfo
CheckMenuItem
GetClientRect
GetDlgItem
AppendMenuW
PostThreadMessageW
KillTimer
CheckDlgButton
PostQuitMessage
GetDesktopWindow
SetScrollPos
CreateDialogIndirectParamW
EnableMenuItem
SystemParametersInfoW
SetDlgItemInt
GetParent
RegisterWindowMessageW
DialogBoxParamW
PtInRect
UpdateWindow
SetForegroundWindow
LoadImageW
InvalidateRect
IsIconic
ReleaseDC
GetCursorPos
BeginPaint
EndPaint
EnableWindow
SendDlgItemMessageW
MessageBoxIndirectW
GetMenuState
CreateIcon
DrawIconEx

gdi32

BitBlt
CreateCompatibleBitmap
SelectObject
CreateBitmap
CreateDIBSection
CreateCompatibleDC
SetPixel
StretchBlt
GetTextFaceW
CreateFontW
GetDeviceCaps
GetTextMetricsW
GetPixel
DeleteDC
TextOutW
GetTextExtentPoint32W
SetTextColor
TextOutA
LineTo
CreatePen
Rectangle
GetObjectW
MoveToEx
SetBkColor
DeleteObject
CreateSolidBrush
DPtoLP
GetMapMode
ExtTextOutW
SetMapMode

comdlg32

CommDlgExtendedError
ChooseFontW
GetSaveFileNameW
GetOpenFileNameW

advapi32

RegSetValueExW
LookupPrivilegeValueW
AdjustTokenPrivileges
IsTextUnicode
RegCloseKey
SetFileSecurityW
CryptAcquireContextW
AccessCheck
CryptGenRandom
RegDeleteKeyW
AllocateAndInitializeSid
RegCreateKeyExW
RegEnumKeyExW
CryptReleaseContext
OpenProcessToken
FreeSid
GetFileSecurityW
CheckTokenMembership
RegOpenKeyExW
DuplicateToken
RegDeleteValueW
MapGenericMask
GetSecurityDescriptorLength
RegEnumValueW
RegQueryValueExW

ole32

OleInitialize
RegisterDragDrop
OleSetClipboard
CLSIDFromString
CoInitializeEx
RevokeDragDrop
CoSetProxyBlanket
CreateStreamOnHGlobal
CoTaskMemFree
CoUninitialize
CoTaskMemAlloc
OleUninitialize
DoDragDrop

oleaut32

VariantClear
SysFreeString
SysAllocString

msimg32

GradientFill

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 927KB - Virtual size: 926KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
5a76edd4bf074cc6a66199f87896dee330a81164d112605681ccb145d64cd587
.dll regsvr32 windows x86

f1c2f5370d0009f10adb6d65fdcaaa38

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageW

user32

MessageBoxW

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
610e854b8c98ab9fd11985f3468eababee930d0bc695cc596f7a2b0e92b25f19
.dll windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 359KB - Virtual size: 358KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
644a054d1f42e129007fbe1ed445e1f36cc84737727e1d842530e16aec7c37bc
.dll regsvr32 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
802a953fdb8efac8ec2a48bb8051713eb23edf962a10640d144206fea99b001f
.dll regsvr32 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 212B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
8528b4fbb050be27debef474bd27d441d92196f5d19840f94afa979e8483c8ef
.dll regsvr32 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
9754d73feff432298ab129b21a09faa38c3a4ab9a480dbef2eb58dd7d4a151b0
.dll regsvr32 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
9c066b18b2cef503b177f12caf769df6b473a1ee599ff1e32549c2e4ab45b7d8
.dll regsvr32 windows x86

2f7d1706341a4c1a58fd983f48b245ef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AreFileApisANSI
GetNumaHighestNodeNumber
SetThreadAffinityMask
ReadFile
OpenEventA
SizeofResource
TryEnterCriticalSection
GetLogicalDrives
GetOEMCP
CompareFileTime
GlobalHandle
GetFileSizeEx
CreateTimerQueueTimer
FindFirstFileExW
SetWaitableTimer
TlsSetValue
FindFirstVolumeW
GetSystemDefaultLCID
VirtualProtect
VerifyVersionInfoA
HeapFree
SetLastError
EnterCriticalSection
VirtualFree
GetCommandLineW
GetCurrentProcess
GetStdHandle
ReleaseSemaphore
WriteFile
RegisterWaitForSingleObject
GetModuleHandleExW
UnregisterWait
DeviceIoControl
LCMapStringA
VirtualAlloc
TerminateProcess
GetProcessAffinityMask
LoadLibraryExA
SetFileTime
WaitForMultipleObjects
GetConsoleCP
SignalObjectAndWait
SetThreadPriority
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
InitializeCriticalSection
ExpandEnvironmentStringsA
SetErrorMode
SetFilePointer
GetCompressedFileSizeW
SetEndOfFile
PeekNamedPipe
WaitForMultipleObjectsEx
FindClose
GetVolumePathNameW
WaitForSingleObject
FreeLibraryAndExitThread
GetCurrentThreadId
lstrcmpA
ResumeThread
UnmapViewOfFile
DuplicateHandle
ExitThread
GetModuleHandleA
GetLocaleInfoA
GetACP
HeapSize
GetVersion
GetCommandLineA
GetVolumeNameForVolumeMountPointW
GetExitCodeThread
Sleep
GetConsoleMode
GetTimeZoneInformation
LocalFileTimeToFileTime
GetLastError
ChangeTimerQueueTimer
GetFileAttributesA
GetStringTypeExA
CreateFileA
GetUserDefaultLCID
SetEvent
GetLogicalProcessorInformation
FileTimeToSystemTime
GetCurrentThread
InterlockedFlushSList
GetSystemDirectoryA
TerminateThread
LoadLibraryA
WaitForSingleObjectEx
TlsAlloc
GetVersionExA
LockResource
QueryPerformanceFrequency
GetThreadPriority
GlobalAlloc
GlobalFree
HeapReAlloc
CloseHandle
RaiseException
GetSystemInfo
CreateThread
ResetEvent
GetWindowsDirectoryA
LoadResource
HeapAlloc
FileTimeToLocalFileTime
QueueUserAPC
GetLocalTime
SetStdHandle
CreateWaitableTimerA
SwitchToThread
HeapDestroy
GlobalLock
SetFilePointerEx
UnregisterWaitEx
LocalFree
MoveFileExW
IsProcessorFeaturePresent
GetFileSize
DeleteCriticalSection
ExitProcess
VerSetConditionMask
FindVolumeClose
SetEnvironmentVariableA
GetCurrentProcessId
UnhandledExceptionFilter
GetProcessHeap
SystemTimeToFileTime
IsValidLocale
FreeLibrary
FlushInstructionCache
GetVolumePathNamesForVolumeNameW
SleepEx
VerifyVersionInfoW
TlsGetValue
GetThreadTimes
SystemTimeToTzSpecificLocalTime
GetSystemTimeAsFileTime
GetFileType
DeleteTimerQueueTimer
TlsFree
CreateDirectoryA
GetSystemTime
GlobalMemoryStatus
FormatMessageA
BackupRead
CreateSemaphoreA
InterlockedPushEntrySList
DosDateTimeToFileTime
CreateEventA
MapViewOfFile
FindNextVolumeW
BackupSeek
QueryPerformanceCounter
InitializeSListHead
GetTickCount
GlobalUnlock
MulDiv
VirtualQuery
IsWow64Process
GetFileTime
InterlockedPopEntrySList
GlobalReAlloc
IsDebuggerPresent
VirtualQueryEx
QueryDepthSList
CreateTimerQueue
SetUnhandledExceptionFilter
FlushFileBuffers
FileTimeToDosDateTime

user32

EnableMenuItem
SetScrollPos
GetSysColorBrush
GetDesktopWindow
PostQuitMessage
CheckDlgButton
KillTimer
ShowCaret
LookupIconIdFromDirectoryEx
DrawIconEx
SetRect
GetMenuInfo
GetDlgItem
GetClientRect
CheckMenuItem
RemoveMenu
GetComboBoxInfo
MapDialogRect
SetScrollRange
FlashWindowEx
SetRectEmpty
SetCursor
SetClipboardData
GetWindowDC
SetCapture
SetParent
DestroyCaret
DragDetect
SetWindowContextHelpId
TranslateMessage
GetUpdateRect
BringWindowToTop
SetFocus
SetLayeredWindowAttributes
DestroyMenu
EnumWindows
UnhookWindowsHookEx
IsDlgButtonChecked
MoveWindow
IsWindowEnabled
GetSysColor
DrawFocusRect
FrameRect
TrackMouseEvent
SetMenuInfo
SetWindowPlacement
MapWindowPoints
CreateCaret
IsChild
ExitWindowsEx
EmptyClipboard
DestroyAcceleratorTable
CloseClipboard
ClientToScreen
GetDlgCtrlID
DrawEdge
IsMenu
DestroyIcon
RedrawWindow
SetTimer
GetCapture
OffsetRect
OpenClipboard
InvalidateRgn
IsWindow
ShowWindow
GetActiveWindow
GetSubMenu
SetCaretPos
TrackPopupMenu
DestroyCursor
GetWindowPlacement
WindowFromPoint
MsgWaitForMultipleObjects
GetScrollInfo
SetMenuItemBitmaps
CreatePopupMenu
MessageBeep
GetSystemMetrics
EndDialog
CallNextHookEx
ScreenToClient
DeleteMenu
GetIconInfo
FillRect
HideCaret
CopyIcon
LoadStringA
EnumChildWindows
GetMenuItemCount
MonitorFromWindow
CopyImage
SetWindowPos
IsWindowVisible
GetDC
InflateRect
DestroyWindow
GetFocus
GetMenu
GetMenuItemID
GetWindowRect
CreateIconFromResourceEx
GetWindow
CheckMenuRadioItem
MonitorFromPoint
GetMessagePos
GetKeyState
AdjustWindowRectEx
GetSystemMenu
CharLowerBuffA
GetWindowThreadProcessId
EndPaint
CharLowerA
GetParent
PtInRect
UpdateWindow
DrawFrameControl
ReleaseCapture
InvalidateRect
IsIconic
SetCursorPos
ReleaseDC
GetCursorPos
BeginPaint
CopyRect

oleaut32

VarBstrFromR8
VariantInit
LoadTypeLi
SysFreeString
SysAllocStringByteLen
SysAllocString
VarBstrCmp
DispCallFunc
SysStringLen
SysAllocStringLen
VariantChangeType
VariantClear
VarUI4FromStr

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
9eafa6bbe7cbf0413b36993e97901c704b5217ef43e2172cb843bd9699719882
.dll windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
a383c00d4afce7703d884042f3556c71e8765f087ae1e398be4c9c4f163f4678
.dll regsvr32 windows x86

2f7d1706341a4c1a58fd983f48b245ef

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:fa:99:4d:66:0d:e6:59:ee:90:37:ec:b4:37:d7:66
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

14-10-2019 00:00

Not After

18-10-2022 12:00

Subject

CN=Piriform Software Ltd,OU=RE 901,O=Piriform Software Ltd,L=London,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09-06-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:fa:99:4d:66:0d:e6:59:ee:90:37:ec:b4:37:d7:66
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

14-10-2019 00:00

Not After

18-10-2022 12:00

Subject

CN=Piriform Software Ltd,OU=RE 901,O=Piriform Software Ltd,L=London,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09-06-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b8:33:03:d9:31:66:c3:55:c9:d7:83:69:c1:b5:87:e4:f1:9a:75:ee:82:e1:1b:2b:01:c0:f5:f5:cc:77:fb:b6
Signer

Actual PE Digest

b8:33:03:d9:31:66:c3:55:c9:d7:83:69:c1:b5:87:e4:f1:9a:75:ee:82:e1:1b:2b:01:c0:f5:f5:cc:77:fb:b6

Digest Algorithm

sha256

PE Digest Matches

false

b5:e5:5a:70:51:b2:fe:9f:a6:14:38:2a:c9:c9:4d:20:79:31:43:59
Signer

Actual PE Digest

b5:e5:5a:70:51:b2:fe:9f:a6:14:38:2a:c9:c9:4d:20:79:31:43:59

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AreFileApisANSI
GetNumaHighestNodeNumber
SetThreadAffinityMask
ReadFile
OpenEventA
SizeofResource
TryEnterCriticalSection
GetLogicalDrives
GetOEMCP
CompareFileTime
GlobalHandle
GetFileSizeEx
CreateTimerQueueTimer
FindFirstFileExW
SetWaitableTimer
TlsSetValue
FindFirstVolumeW
GetSystemDefaultLCID
VirtualProtect
VerifyVersionInfoA
HeapFree
SetLastError
EnterCriticalSection
VirtualFree
GetCommandLineW
GetCurrentProcess
GetStdHandle
ReleaseSemaphore
WriteFile
RegisterWaitForSingleObject
GetModuleHandleExW
UnregisterWait
DeviceIoControl
LCMapStringA
VirtualAlloc
TerminateProcess
GetProcessAffinityMask
LoadLibraryExA
SetFileTime
WaitForMultipleObjects
GetConsoleCP
SignalObjectAndWait
SetThreadPriority
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
InitializeCriticalSection
ExpandEnvironmentStringsA
SetErrorMode
SetFilePointer
GetCompressedFileSizeW
SetEndOfFile
PeekNamedPipe
WaitForMultipleObjectsEx
FindClose
GetVolumePathNameW
WaitForSingleObject
FreeLibraryAndExitThread
GetCurrentThreadId
lstrcmpA
ResumeThread
UnmapViewOfFile
DuplicateHandle
ExitThread
GetModuleHandleA
GetLocaleInfoA
GetACP
HeapSize
GetVersion
GetCommandLineA
GetVolumeNameForVolumeMountPointW
GetExitCodeThread
Sleep
GetConsoleMode
GetTimeZoneInformation
LocalFileTimeToFileTime
GetLastError
ChangeTimerQueueTimer
GetFileAttributesA
GetStringTypeExA
CreateFileA
GetUserDefaultLCID
SetEvent
GetLogicalProcessorInformation
FileTimeToSystemTime
GetCurrentThread
InterlockedFlushSList
GetSystemDirectoryA
TerminateThread
LoadLibraryA
WaitForSingleObjectEx
TlsAlloc
GetVersionExA
LockResource
QueryPerformanceFrequency
GetThreadPriority
GlobalAlloc
GlobalFree
HeapReAlloc
CloseHandle
RaiseException
GetSystemInfo
CreateThread
ResetEvent
GetWindowsDirectoryA
LoadResource
HeapAlloc
FileTimeToLocalFileTime
QueueUserAPC
GetLocalTime
SetStdHandle
CreateWaitableTimerA
SwitchToThread
HeapDestroy
GlobalLock
SetFilePointerEx
UnregisterWaitEx
LocalFree
MoveFileExW
IsProcessorFeaturePresent
GetFileSize
DeleteCriticalSection
ExitProcess
VerSetConditionMask
FindVolumeClose
SetEnvironmentVariableA
GetCurrentProcessId
UnhandledExceptionFilter
GetProcessHeap
SystemTimeToFileTime
IsValidLocale
FreeLibrary
FlushInstructionCache
GetVolumePathNamesForVolumeNameW
SleepEx
VerifyVersionInfoW
TlsGetValue
GetThreadTimes
SystemTimeToTzSpecificLocalTime
GetSystemTimeAsFileTime
GetFileType
DeleteTimerQueueTimer
TlsFree
CreateDirectoryA
GetSystemTime
GlobalMemoryStatus
FormatMessageA
BackupRead
CreateSemaphoreA
InterlockedPushEntrySList
DosDateTimeToFileTime
CreateEventA
MapViewOfFile
FindNextVolumeW
BackupSeek
QueryPerformanceCounter
InitializeSListHead
GetTickCount
GlobalUnlock
MulDiv
VirtualQuery
IsWow64Process
GetFileTime
InterlockedPopEntrySList
GlobalReAlloc
IsDebuggerPresent
VirtualQueryEx
QueryDepthSList
CreateTimerQueue
SetUnhandledExceptionFilter
FlushFileBuffers
FileTimeToDosDateTime

user32

EnableMenuItem
SetScrollPos
GetSysColorBrush
GetDesktopWindow
PostQuitMessage
CheckDlgButton
KillTimer
ShowCaret
LookupIconIdFromDirectoryEx
DrawIconEx
SetRect
GetMenuInfo
GetDlgItem
GetClientRect
CheckMenuItem
RemoveMenu
GetComboBoxInfo
MapDialogRect
SetScrollRange
FlashWindowEx
SetRectEmpty
SetCursor
SetClipboardData
GetWindowDC
SetCapture
SetParent
DestroyCaret
DragDetect
SetWindowContextHelpId
TranslateMessage
GetUpdateRect
BringWindowToTop
SetFocus
SetLayeredWindowAttributes
DestroyMenu
EnumWindows
UnhookWindowsHookEx
IsDlgButtonChecked
MoveWindow
IsWindowEnabled
GetSysColor
DrawFocusRect
FrameRect
TrackMouseEvent
SetMenuInfo
SetWindowPlacement
MapWindowPoints
CreateCaret
IsChild
ExitWindowsEx
EmptyClipboard
DestroyAcceleratorTable
CloseClipboard
ClientToScreen
GetDlgCtrlID
DrawEdge
IsMenu
DestroyIcon
RedrawWindow
SetTimer
GetCapture
OffsetRect
OpenClipboard
InvalidateRgn
IsWindow
ShowWindow
GetActiveWindow
GetSubMenu
SetCaretPos
TrackPopupMenu
DestroyCursor
GetWindowPlacement
WindowFromPoint
MsgWaitForMultipleObjects
GetScrollInfo
SetMenuItemBitmaps
CreatePopupMenu
MessageBeep
GetSystemMetrics
EndDialog
CallNextHookEx
ScreenToClient
DeleteMenu
GetIconInfo
FillRect
HideCaret
CopyIcon
LoadStringA
EnumChildWindows
GetMenuItemCount
MonitorFromWindow
CopyImage
SetWindowPos
IsWindowVisible
GetDC
InflateRect
DestroyWindow
GetFocus
GetMenu
GetMenuItemID
GetWindowRect
CreateIconFromResourceEx
GetWindow
CheckMenuRadioItem
MonitorFromPoint
GetMessagePos
GetKeyState
AdjustWindowRectEx
GetSystemMenu
CharLowerBuffA
GetWindowThreadProcessId
EndPaint
CharLowerA
GetParent
PtInRect
UpdateWindow
DrawFrameControl
ReleaseCapture
InvalidateRect
IsIconic
SetCursorPos
ReleaseDC
GetCursorPos
BeginPaint
CopyRect

oleaut32

VarBstrFromR8
VariantInit
LoadTypeLi
SysFreeString
SysAllocStringByteLen
SysAllocString
VarBstrCmp
DispCallFunc
SysStringLen
SysAllocStringLen
VariantChangeType
VariantClear
VarUI4FromStr

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
a7122f6a2953f7c5960747cc165308fc3a33a7cb5e6b0093cff2855db2ecce7b
.dll regsvr32 windows x86

2f7d1706341a4c1a58fd983f48b245ef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AreFileApisANSI
GetNumaHighestNodeNumber
SetThreadAffinityMask
ReadFile
OpenEventA
SizeofResource
TryEnterCriticalSection
GetLogicalDrives
GetOEMCP
CompareFileTime
GlobalHandle
GetFileSizeEx
CreateTimerQueueTimer
FindFirstFileExW
SetWaitableTimer
TlsSetValue
FindFirstVolumeW
GetSystemDefaultLCID
VirtualProtect
VerifyVersionInfoA
HeapFree
SetLastError
EnterCriticalSection
VirtualFree
GetCommandLineW
GetCurrentProcess
GetStdHandle
ReleaseSemaphore
WriteFile
RegisterWaitForSingleObject
GetModuleHandleExW
UnregisterWait
DeviceIoControl
LCMapStringA
VirtualAlloc
TerminateProcess
GetProcessAffinityMask
LoadLibraryExA
SetFileTime
WaitForMultipleObjects
GetConsoleCP
SignalObjectAndWait
SetThreadPriority
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
InitializeCriticalSection
ExpandEnvironmentStringsA
SetErrorMode
SetFilePointer
GetCompressedFileSizeW
SetEndOfFile
PeekNamedPipe
WaitForMultipleObjectsEx
FindClose
GetVolumePathNameW
WaitForSingleObject
FreeLibraryAndExitThread
GetCurrentThreadId
lstrcmpA
ResumeThread
UnmapViewOfFile
DuplicateHandle
ExitThread
GetModuleHandleA
GetLocaleInfoA
GetACP
HeapSize
GetVersion
GetCommandLineA
GetVolumeNameForVolumeMountPointW
GetExitCodeThread
Sleep
GetConsoleMode
GetTimeZoneInformation
LocalFileTimeToFileTime
GetLastError
ChangeTimerQueueTimer
GetFileAttributesA
GetStringTypeExA
CreateFileA
GetUserDefaultLCID
SetEvent
GetLogicalProcessorInformation
FileTimeToSystemTime
GetCurrentThread
InterlockedFlushSList
GetSystemDirectoryA
TerminateThread
LoadLibraryA
WaitForSingleObjectEx
TlsAlloc
GetVersionExA
LockResource
QueryPerformanceFrequency
GetThreadPriority
GlobalAlloc
GlobalFree
HeapReAlloc
CloseHandle
RaiseException
GetSystemInfo
CreateThread
ResetEvent
GetWindowsDirectoryA
LoadResource
HeapAlloc
FileTimeToLocalFileTime
QueueUserAPC
GetLocalTime
SetStdHandle
CreateWaitableTimerA
SwitchToThread
HeapDestroy
GlobalLock
SetFilePointerEx
UnregisterWaitEx
LocalFree
MoveFileExW
IsProcessorFeaturePresent
GetFileSize
DeleteCriticalSection
ExitProcess
VerSetConditionMask
FindVolumeClose
SetEnvironmentVariableA
GetCurrentProcessId
UnhandledExceptionFilter
GetProcessHeap
SystemTimeToFileTime
IsValidLocale
FreeLibrary
FlushInstructionCache
GetVolumePathNamesForVolumeNameW
SleepEx
VerifyVersionInfoW
TlsGetValue
GetThreadTimes
SystemTimeToTzSpecificLocalTime
GetSystemTimeAsFileTime
GetFileType
DeleteTimerQueueTimer
TlsFree
CreateDirectoryA
GetSystemTime
GlobalMemoryStatus
FormatMessageA
BackupRead
CreateSemaphoreA
InterlockedPushEntrySList
DosDateTimeToFileTime
CreateEventA
MapViewOfFile
FindNextVolumeW
BackupSeek
QueryPerformanceCounter
InitializeSListHead
GetTickCount
GlobalUnlock
MulDiv
VirtualQuery
IsWow64Process
GetFileTime
InterlockedPopEntrySList
GlobalReAlloc
IsDebuggerPresent
VirtualQueryEx
QueryDepthSList
CreateTimerQueue
SetUnhandledExceptionFilter
FlushFileBuffers
FileTimeToDosDateTime

user32

EnableMenuItem
SetScrollPos
GetSysColorBrush
GetDesktopWindow
PostQuitMessage
CheckDlgButton
KillTimer
ShowCaret
LookupIconIdFromDirectoryEx
DrawIconEx
SetRect
GetMenuInfo
GetDlgItem
GetClientRect
CheckMenuItem
RemoveMenu
GetComboBoxInfo
MapDialogRect
SetScrollRange
FlashWindowEx
SetRectEmpty
SetCursor
SetClipboardData
GetWindowDC
SetCapture
SetParent
DestroyCaret
DragDetect
SetWindowContextHelpId
TranslateMessage
GetUpdateRect
BringWindowToTop
SetFocus
SetLayeredWindowAttributes
DestroyMenu
EnumWindows
UnhookWindowsHookEx
IsDlgButtonChecked
MoveWindow
IsWindowEnabled
GetSysColor
DrawFocusRect
FrameRect
TrackMouseEvent
SetMenuInfo
SetWindowPlacement
MapWindowPoints
CreateCaret
IsChild
ExitWindowsEx
EmptyClipboard
DestroyAcceleratorTable
CloseClipboard
ClientToScreen
GetDlgCtrlID
DrawEdge
IsMenu
DestroyIcon
RedrawWindow
SetTimer
GetCapture
OffsetRect
OpenClipboard
InvalidateRgn
IsWindow
ShowWindow
GetActiveWindow
GetSubMenu
SetCaretPos
TrackPopupMenu
DestroyCursor
GetWindowPlacement
WindowFromPoint
MsgWaitForMultipleObjects
GetScrollInfo
SetMenuItemBitmaps
CreatePopupMenu
MessageBeep
GetSystemMetrics
EndDialog
CallNextHookEx
ScreenToClient
DeleteMenu
GetIconInfo
FillRect
HideCaret
CopyIcon
LoadStringA
EnumChildWindows
GetMenuItemCount
MonitorFromWindow
CopyImage
SetWindowPos
IsWindowVisible
GetDC
InflateRect
DestroyWindow
GetFocus
GetMenu
GetMenuItemID
GetWindowRect
CreateIconFromResourceEx
GetWindow
CheckMenuRadioItem
MonitorFromPoint
GetMessagePos
GetKeyState
AdjustWindowRectEx
GetSystemMenu
CharLowerBuffA
GetWindowThreadProcessId
EndPaint
CharLowerA
GetParent
PtInRect
UpdateWindow
DrawFrameControl
ReleaseCapture
InvalidateRect
IsIconic
SetCursorPos
ReleaseDC
GetCursorPos
BeginPaint
CopyRect

oleaut32

VarBstrFromR8
VariantInit
LoadTypeLi
SysFreeString
SysAllocStringByteLen
SysAllocString
VarBstrCmp
DispCallFunc
SysStringLen
SysAllocStringLen
VariantChangeType
VariantClear
VarUI4FromStr

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
add0e82c68959b9c88485da47178295d80bd6752dd7f0dd4c62cf80bdbf1939c
.dll regsvr32 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
b65009a7596afc021e95a290be757338f1d45bec0dd5e3197a242a77c0443d9f
.dll windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
c15c4a73728ea1b3e6688066bb1fdea841d42b910fb2883289cb26003474af64
.dll regsvr32 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
c24ecd199e5e39cb7daca5e79b7af82f06fe4c2a32409c5053145b67dc0088c5
.dll regsvr32 windows x86

2f7d1706341a4c1a58fd983f48b245ef

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:fa:99:4d:66:0d:e6:59:ee:90:37:ec:b4:37:d7:66
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

14-10-2019 00:00

Not After

18-10-2022 12:00

Subject

CN=Piriform Software Ltd,OU=RE 901,O=Piriform Software Ltd,L=London,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09-06-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:fa:99:4d:66:0d:e6:59:ee:90:37:ec:b4:37:d7:66
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

14-10-2019 00:00

Not After

18-10-2022 12:00

Subject

CN=Piriform Software Ltd,OU=RE 901,O=Piriform Software Ltd,L=London,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09-06-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3e:eb:10:d8:39:d7:25:ba:d0:22:b6:9d:56:a4:32:78:84:f2:3c:be:7b:03:11:1d:c3:dc:0a:23:0f:94:0e:8f
Signer

Actual PE Digest

3e:eb:10:d8:39:d7:25:ba:d0:22:b6:9d:56:a4:32:78:84:f2:3c:be:7b:03:11:1d:c3:dc:0a:23:0f:94:0e:8f

Digest Algorithm

sha256

PE Digest Matches

false

d4:9b:b4:29:d9:90:cf:c0:5d:0e:1b:97:66:9f:18:55:56:d6:14:47
Signer

Actual PE Digest

d4:9b:b4:29:d9:90:cf:c0:5d:0e:1b:97:66:9f:18:55:56:d6:14:47

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AreFileApisANSI
GetNumaHighestNodeNumber
SetThreadAffinityMask
ReadFile
OpenEventA
SizeofResource
TryEnterCriticalSection
GetLogicalDrives
GetOEMCP
CompareFileTime
GlobalHandle
GetFileSizeEx
CreateTimerQueueTimer
FindFirstFileExW
SetWaitableTimer
TlsSetValue
FindFirstVolumeW
GetSystemDefaultLCID
VirtualProtect
VerifyVersionInfoA
HeapFree
SetLastError
EnterCriticalSection
VirtualFree
GetCommandLineW
GetCurrentProcess
GetStdHandle
ReleaseSemaphore
WriteFile
RegisterWaitForSingleObject
GetModuleHandleExW
UnregisterWait
DeviceIoControl
LCMapStringA
VirtualAlloc
TerminateProcess
GetProcessAffinityMask
LoadLibraryExA
SetFileTime
WaitForMultipleObjects
GetConsoleCP
SignalObjectAndWait
SetThreadPriority
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
InitializeCriticalSection
ExpandEnvironmentStringsA
SetErrorMode
SetFilePointer
GetCompressedFileSizeW
SetEndOfFile
PeekNamedPipe
WaitForMultipleObjectsEx
FindClose
GetVolumePathNameW
WaitForSingleObject
FreeLibraryAndExitThread
GetCurrentThreadId
lstrcmpA
ResumeThread
UnmapViewOfFile
DuplicateHandle
ExitThread
GetModuleHandleA
GetLocaleInfoA
GetACP
HeapSize
GetVersion
GetCommandLineA
GetVolumeNameForVolumeMountPointW
GetExitCodeThread
Sleep
GetConsoleMode
GetTimeZoneInformation
LocalFileTimeToFileTime
GetLastError
ChangeTimerQueueTimer
GetFileAttributesA
GetStringTypeExA
CreateFileA
GetUserDefaultLCID
SetEvent
GetLogicalProcessorInformation
FileTimeToSystemTime
GetCurrentThread
InterlockedFlushSList
GetSystemDirectoryA
TerminateThread
LoadLibraryA
WaitForSingleObjectEx
TlsAlloc
GetVersionExA
LockResource
QueryPerformanceFrequency
GetThreadPriority
GlobalAlloc
GlobalFree
HeapReAlloc
CloseHandle
RaiseException
GetSystemInfo
CreateThread
ResetEvent
GetWindowsDirectoryA
LoadResource
HeapAlloc
FileTimeToLocalFileTime
QueueUserAPC
GetLocalTime
SetStdHandle
CreateWaitableTimerA
SwitchToThread
HeapDestroy
GlobalLock
SetFilePointerEx
UnregisterWaitEx
LocalFree
MoveFileExW
IsProcessorFeaturePresent
GetFileSize
DeleteCriticalSection
ExitProcess
VerSetConditionMask
FindVolumeClose
SetEnvironmentVariableA
GetCurrentProcessId
UnhandledExceptionFilter
GetProcessHeap
SystemTimeToFileTime
IsValidLocale
FreeLibrary
FlushInstructionCache
GetVolumePathNamesForVolumeNameW
SleepEx
VerifyVersionInfoW
TlsGetValue
GetThreadTimes
SystemTimeToTzSpecificLocalTime
GetSystemTimeAsFileTime
GetFileType
DeleteTimerQueueTimer
TlsFree
CreateDirectoryA
GetSystemTime
GlobalMemoryStatus
FormatMessageA
BackupRead
CreateSemaphoreA
InterlockedPushEntrySList
DosDateTimeToFileTime
CreateEventA
MapViewOfFile
FindNextVolumeW
BackupSeek
QueryPerformanceCounter
InitializeSListHead
GetTickCount
GlobalUnlock
MulDiv
VirtualQuery
IsWow64Process
GetFileTime
InterlockedPopEntrySList
GlobalReAlloc
IsDebuggerPresent
VirtualQueryEx
QueryDepthSList
CreateTimerQueue
SetUnhandledExceptionFilter
FlushFileBuffers
FileTimeToDosDateTime

user32

EnableMenuItem
SetScrollPos
GetSysColorBrush
GetDesktopWindow
PostQuitMessage
CheckDlgButton
KillTimer
ShowCaret
LookupIconIdFromDirectoryEx
DrawIconEx
SetRect
GetMenuInfo
GetDlgItem
GetClientRect
CheckMenuItem
RemoveMenu
GetComboBoxInfo
MapDialogRect
SetScrollRange
FlashWindowEx
SetRectEmpty
SetCursor
SetClipboardData
GetWindowDC
SetCapture
SetParent
DestroyCaret
DragDetect
SetWindowContextHelpId
TranslateMessage
GetUpdateRect
BringWindowToTop
SetFocus
SetLayeredWindowAttributes
DestroyMenu
EnumWindows
UnhookWindowsHookEx
IsDlgButtonChecked
MoveWindow
IsWindowEnabled
GetSysColor
DrawFocusRect
FrameRect
TrackMouseEvent
SetMenuInfo
SetWindowPlacement
MapWindowPoints
CreateCaret
IsChild
ExitWindowsEx
EmptyClipboard
DestroyAcceleratorTable
CloseClipboard
ClientToScreen
GetDlgCtrlID
DrawEdge
IsMenu
DestroyIcon
RedrawWindow
SetTimer
GetCapture
OffsetRect
OpenClipboard
InvalidateRgn
IsWindow
ShowWindow
GetActiveWindow
GetSubMenu
SetCaretPos
TrackPopupMenu
DestroyCursor
GetWindowPlacement
WindowFromPoint
MsgWaitForMultipleObjects
GetScrollInfo
SetMenuItemBitmaps
CreatePopupMenu
MessageBeep
GetSystemMetrics
EndDialog
CallNextHookEx
ScreenToClient
DeleteMenu
GetIconInfo
FillRect
HideCaret
CopyIcon
LoadStringA
EnumChildWindows
GetMenuItemCount
MonitorFromWindow
CopyImage
SetWindowPos
IsWindowVisible
GetDC
InflateRect
DestroyWindow
GetFocus
GetMenu
GetMenuItemID
GetWindowRect
CreateIconFromResourceEx
GetWindow
CheckMenuRadioItem
MonitorFromPoint
GetMessagePos
GetKeyState
AdjustWindowRectEx
GetSystemMenu
CharLowerBuffA
GetWindowThreadProcessId
EndPaint
CharLowerA
GetParent
PtInRect
UpdateWindow
DrawFrameControl
ReleaseCapture
InvalidateRect
IsIconic
SetCursorPos
ReleaseDC
GetCursorPos
BeginPaint
CopyRect

oleaut32

VarBstrFromR8
VariantInit
LoadTypeLi
SysFreeString
SysAllocStringByteLen
SysAllocString
VarBstrCmp
DispCallFunc
SysStringLen
SysAllocStringLen
VariantChangeType
VariantClear
VarUI4FromStr

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 366KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cd6b1d3ea4540494866d5b51149de0aaa22e65a2ef5001421190e4a0ce6ec5c8
.dll regsvr32 windows x86

2f7d1706341a4c1a58fd983f48b245ef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AreFileApisANSI
GetNumaHighestNodeNumber
SetThreadAffinityMask
ReadFile
OpenEventA
SizeofResource
TryEnterCriticalSection
GetLogicalDrives
GetOEMCP
CompareFileTime
GlobalHandle
GetFileSizeEx
CreateTimerQueueTimer
FindFirstFileExW
SetWaitableTimer
TlsSetValue
FindFirstVolumeW
GetSystemDefaultLCID
VirtualProtect
VerifyVersionInfoA
HeapFree
SetLastError
EnterCriticalSection
VirtualFree
GetCommandLineW
GetCurrentProcess
GetStdHandle
ReleaseSemaphore
WriteFile
RegisterWaitForSingleObject
GetModuleHandleExW
UnregisterWait
DeviceIoControl
LCMapStringA
VirtualAlloc
TerminateProcess
GetProcessAffinityMask
LoadLibraryExA
SetFileTime
WaitForMultipleObjects
GetConsoleCP
SignalObjectAndWait
SetThreadPriority
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
InitializeCriticalSection
ExpandEnvironmentStringsA
SetErrorMode
SetFilePointer
GetCompressedFileSizeW
SetEndOfFile
PeekNamedPipe
WaitForMultipleObjectsEx
FindClose
GetVolumePathNameW
WaitForSingleObject
FreeLibraryAndExitThread
GetCurrentThreadId
lstrcmpA
ResumeThread
UnmapViewOfFile
DuplicateHandle
ExitThread
GetModuleHandleA
GetLocaleInfoA
GetACP
HeapSize
GetVersion
GetCommandLineA
GetVolumeNameForVolumeMountPointW
GetExitCodeThread
Sleep
GetConsoleMode
GetTimeZoneInformation
LocalFileTimeToFileTime
GetLastError
ChangeTimerQueueTimer
GetFileAttributesA
GetStringTypeExA
CreateFileA
GetUserDefaultLCID
SetEvent
GetLogicalProcessorInformation
FileTimeToSystemTime
GetCurrentThread
InterlockedFlushSList
GetSystemDirectoryA
TerminateThread
LoadLibraryA
WaitForSingleObjectEx
TlsAlloc
GetVersionExA
LockResource
QueryPerformanceFrequency
GetThreadPriority
GlobalAlloc
GlobalFree
HeapReAlloc
CloseHandle
RaiseException
GetSystemInfo
CreateThread
ResetEvent
GetWindowsDirectoryA
LoadResource
HeapAlloc
FileTimeToLocalFileTime
QueueUserAPC
GetLocalTime
SetStdHandle
CreateWaitableTimerA
SwitchToThread
HeapDestroy
GlobalLock
SetFilePointerEx
UnregisterWaitEx
LocalFree
MoveFileExW
IsProcessorFeaturePresent
GetFileSize
DeleteCriticalSection
ExitProcess
VerSetConditionMask
FindVolumeClose
SetEnvironmentVariableA
GetCurrentProcessId
UnhandledExceptionFilter
GetProcessHeap
SystemTimeToFileTime
IsValidLocale
FreeLibrary
FlushInstructionCache
GetVolumePathNamesForVolumeNameW
SleepEx
VerifyVersionInfoW
TlsGetValue
GetThreadTimes
SystemTimeToTzSpecificLocalTime
GetSystemTimeAsFileTime
GetFileType
DeleteTimerQueueTimer
TlsFree
CreateDirectoryA
GetSystemTime
GlobalMemoryStatus
FormatMessageA
BackupRead
CreateSemaphoreA
InterlockedPushEntrySList
DosDateTimeToFileTime
CreateEventA
MapViewOfFile
FindNextVolumeW
BackupSeek
QueryPerformanceCounter
InitializeSListHead
GetTickCount
GlobalUnlock
MulDiv
VirtualQuery
IsWow64Process
GetFileTime
InterlockedPopEntrySList
GlobalReAlloc
IsDebuggerPresent
VirtualQueryEx
QueryDepthSList
CreateTimerQueue
SetUnhandledExceptionFilter
FlushFileBuffers
FileTimeToDosDateTime

user32

EnableMenuItem
SetScrollPos
GetSysColorBrush
GetDesktopWindow
PostQuitMessage
CheckDlgButton
KillTimer
ShowCaret
LookupIconIdFromDirectoryEx
DrawIconEx
SetRect
GetMenuInfo
GetDlgItem
GetClientRect
CheckMenuItem
RemoveMenu
GetComboBoxInfo
MapDialogRect
SetScrollRange
FlashWindowEx
SetRectEmpty
SetCursor
SetClipboardData
GetWindowDC
SetCapture
SetParent
DestroyCaret
DragDetect
SetWindowContextHelpId
TranslateMessage
GetUpdateRect
BringWindowToTop
SetFocus
SetLayeredWindowAttributes
DestroyMenu
EnumWindows
UnhookWindowsHookEx
IsDlgButtonChecked
MoveWindow
IsWindowEnabled
GetSysColor
DrawFocusRect
FrameRect
TrackMouseEvent
SetMenuInfo
SetWindowPlacement
MapWindowPoints
CreateCaret
IsChild
ExitWindowsEx
EmptyClipboard
DestroyAcceleratorTable
CloseClipboard
ClientToScreen
GetDlgCtrlID
DrawEdge
IsMenu
DestroyIcon
RedrawWindow
SetTimer
GetCapture
OffsetRect
OpenClipboard
InvalidateRgn
IsWindow
ShowWindow
GetActiveWindow
GetSubMenu
SetCaretPos
TrackPopupMenu
DestroyCursor
GetWindowPlacement
WindowFromPoint
MsgWaitForMultipleObjects
GetScrollInfo
SetMenuItemBitmaps
CreatePopupMenu
MessageBeep
GetSystemMetrics
EndDialog
CallNextHookEx
ScreenToClient
DeleteMenu
GetIconInfo
FillRect
HideCaret
CopyIcon
LoadStringA
EnumChildWindows
GetMenuItemCount
MonitorFromWindow
CopyImage
SetWindowPos
IsWindowVisible
GetDC
InflateRect
DestroyWindow
GetFocus
GetMenu
GetMenuItemID
GetWindowRect
CreateIconFromResourceEx
GetWindow
CheckMenuRadioItem
MonitorFromPoint
GetMessagePos
GetKeyState
AdjustWindowRectEx
GetSystemMenu
CharLowerBuffA
GetWindowThreadProcessId
EndPaint
CharLowerA
GetParent
PtInRect
UpdateWindow
DrawFrameControl
ReleaseCapture
InvalidateRect
IsIconic
SetCursorPos
ReleaseDC
GetCursorPos
BeginPaint
CopyRect

oleaut32

VarBstrFromR8
VariantInit
LoadTypeLi
SysFreeString
SysAllocStringByteLen
SysAllocString
VarBstrCmp
DispCallFunc
SysStringLen
SysAllocStringLen
VariantChangeType
VariantClear
VarUI4FromStr

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 368KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dc0bc5af6c5323ff1e242c7f8485f1bcd393860d50494bdaa84eea9ea606b2bb
.dll windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
e8c7d64a29182d3f84a956ed5bb8a8abc2b5459fa939eb17b00c9513240c817e
.dll regsvr32 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ec3399ed009ffc80cd4a88093284f591278f0659a2ff883c364b6536382fcfbf
.dll windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ed2529f938ef280b5e8adb171dd460212f777a19b1ac9d650ee81c4900c0bc78
.dll windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ee57fb61953bce1b400f8de464b1d1bac5a7ed2657d64c03a51ab498f2cd19a3
.dll regsvr32 windows x86

2f7d1706341a4c1a58fd983f48b245ef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AreFileApisANSI
GetNumaHighestNodeNumber
SetThreadAffinityMask
ReadFile
OpenEventA
SizeofResource
TryEnterCriticalSection
GetLogicalDrives
GetOEMCP
CompareFileTime
GlobalHandle
GetFileSizeEx
CreateTimerQueueTimer
FindFirstFileExW
SetWaitableTimer
TlsSetValue
FindFirstVolumeW
GetSystemDefaultLCID
VirtualProtect
VerifyVersionInfoA
HeapFree
SetLastError
EnterCriticalSection
VirtualFree
GetCommandLineW
GetCurrentProcess
GetStdHandle
ReleaseSemaphore
WriteFile
RegisterWaitForSingleObject
GetModuleHandleExW
UnregisterWait
DeviceIoControl
LCMapStringA
VirtualAlloc
TerminateProcess
GetProcessAffinityMask
LoadLibraryExA
SetFileTime
WaitForMultipleObjects
GetConsoleCP
SignalObjectAndWait
SetThreadPriority
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
InitializeCriticalSection
ExpandEnvironmentStringsA
SetErrorMode
SetFilePointer
GetCompressedFileSizeW
SetEndOfFile
PeekNamedPipe
WaitForMultipleObjectsEx
FindClose
GetVolumePathNameW
WaitForSingleObject
FreeLibraryAndExitThread
GetCurrentThreadId
lstrcmpA
ResumeThread
UnmapViewOfFile
DuplicateHandle
ExitThread
GetModuleHandleA
GetLocaleInfoA
GetACP
HeapSize
GetVersion
GetCommandLineA
GetVolumeNameForVolumeMountPointW
GetExitCodeThread
Sleep
GetConsoleMode
GetTimeZoneInformation
LocalFileTimeToFileTime
GetLastError
ChangeTimerQueueTimer
GetFileAttributesA
GetStringTypeExA
CreateFileA
GetUserDefaultLCID
SetEvent
GetLogicalProcessorInformation
FileTimeToSystemTime
GetCurrentThread
InterlockedFlushSList
GetSystemDirectoryA
TerminateThread
LoadLibraryA
WaitForSingleObjectEx
TlsAlloc
GetVersionExA
LockResource
QueryPerformanceFrequency
GetThreadPriority
GlobalAlloc
GlobalFree
HeapReAlloc
CloseHandle
RaiseException
GetSystemInfo
CreateThread
ResetEvent
GetWindowsDirectoryA
LoadResource
HeapAlloc
FileTimeToLocalFileTime
QueueUserAPC
GetLocalTime
SetStdHandle
CreateWaitableTimerA
SwitchToThread
HeapDestroy
GlobalLock
SetFilePointerEx
UnregisterWaitEx
LocalFree
MoveFileExW
IsProcessorFeaturePresent
GetFileSize
DeleteCriticalSection
ExitProcess
VerSetConditionMask
FindVolumeClose
SetEnvironmentVariableA
GetCurrentProcessId
UnhandledExceptionFilter
GetProcessHeap
SystemTimeToFileTime
IsValidLocale
FreeLibrary
FlushInstructionCache
GetVolumePathNamesForVolumeNameW
SleepEx
VerifyVersionInfoW
TlsGetValue
GetThreadTimes
SystemTimeToTzSpecificLocalTime
GetSystemTimeAsFileTime
GetFileType
DeleteTimerQueueTimer
TlsFree
CreateDirectoryA
GetSystemTime
GlobalMemoryStatus
FormatMessageA
BackupRead
CreateSemaphoreA
InterlockedPushEntrySList
DosDateTimeToFileTime
CreateEventA
MapViewOfFile
FindNextVolumeW
BackupSeek
QueryPerformanceCounter
InitializeSListHead
GetTickCount
GlobalUnlock
MulDiv
VirtualQuery
IsWow64Process
GetFileTime
InterlockedPopEntrySList
GlobalReAlloc
IsDebuggerPresent
VirtualQueryEx
QueryDepthSList
CreateTimerQueue
SetUnhandledExceptionFilter
FlushFileBuffers
FileTimeToDosDateTime

user32

EnableMenuItem
SetScrollPos
GetSysColorBrush
GetDesktopWindow
PostQuitMessage
CheckDlgButton
KillTimer
ShowCaret
LookupIconIdFromDirectoryEx
DrawIconEx
SetRect
GetMenuInfo
GetDlgItem
GetClientRect
CheckMenuItem
RemoveMenu
GetComboBoxInfo
MapDialogRect
SetScrollRange
FlashWindowEx
SetRectEmpty
SetCursor
SetClipboardData
GetWindowDC
SetCapture
SetParent
DestroyCaret
DragDetect
SetWindowContextHelpId
TranslateMessage
GetUpdateRect
BringWindowToTop
SetFocus
SetLayeredWindowAttributes
DestroyMenu
EnumWindows
UnhookWindowsHookEx
IsDlgButtonChecked
MoveWindow
IsWindowEnabled
GetSysColor
DrawFocusRect
FrameRect
TrackMouseEvent
SetMenuInfo
SetWindowPlacement
MapWindowPoints
CreateCaret
IsChild
ExitWindowsEx
EmptyClipboard
DestroyAcceleratorTable
CloseClipboard
ClientToScreen
GetDlgCtrlID
DrawEdge
IsMenu
DestroyIcon
RedrawWindow
SetTimer
GetCapture
OffsetRect
OpenClipboard
InvalidateRgn
IsWindow
ShowWindow
GetActiveWindow
GetSubMenu
SetCaretPos
TrackPopupMenu
DestroyCursor
GetWindowPlacement
WindowFromPoint
MsgWaitForMultipleObjects
GetScrollInfo
SetMenuItemBitmaps
CreatePopupMenu
MessageBeep
GetSystemMetrics
EndDialog
CallNextHookEx
ScreenToClient
DeleteMenu
GetIconInfo
FillRect
HideCaret
CopyIcon
LoadStringA
EnumChildWindows
GetMenuItemCount
MonitorFromWindow
CopyImage
SetWindowPos
IsWindowVisible
GetDC
InflateRect
DestroyWindow
GetFocus
GetMenu
GetMenuItemID
GetWindowRect
CreateIconFromResourceEx
GetWindow
CheckMenuRadioItem
MonitorFromPoint
GetMessagePos
GetKeyState
AdjustWindowRectEx
GetSystemMenu
CharLowerBuffA
GetWindowThreadProcessId
EndPaint
CharLowerA
GetParent
PtInRect
UpdateWindow
DrawFrameControl
ReleaseCapture
InvalidateRect
IsIconic
SetCursorPos
ReleaseDC
GetCursorPos
BeginPaint
CopyRect

oleaut32

VarBstrFromR8
VariantInit
LoadTypeLi
SysFreeString
SysAllocStringByteLen
SysAllocString
VarBstrCmp
DispCallFunc
SysStringLen
SysAllocStringLen
VariantChangeType
VariantClear
VarUI4FromStr

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 360KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

iatnames
Size: 4KB - Virtual size: 5KB
f84e36b4f2030ca6ecb037a85a35d56a324426ecf08b85c9c5cd3587ba3a6742
.dll regsvr32 windows x86

f1c2f5370d0009f10adb6d65fdcaaa38

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageW

user32

MessageBoxW

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 43KB - Virtual size: 42KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 144B

.reloc Size: 512B - Virtual size: 260B

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

2f7d1706341a4c1a58fd983f48b245ef

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

02:fa:99:4d:66:0d:e6:59:ee:90:37:ec:b4:37:d7:66Certificate

Extended Key Usages

Key Usages

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

02:fa:99:4d:66:0d:e6:59:ee:90:37:ec:b4:37:d7:66Certificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0Certificate

Extended Key Usages

Key Usages

29:97:12:2c:73:9a:00:3b:dd:e2:f5:7d:da:a3:e5:87:24:68:44:d2:7d:48:e3:24:03:0d:53:75:23:b4:50:0bSigner

13:97:35:c3:74:3c:ad:b0:3d:53:21:3c:98:12:d6:58:38:03:6c:5dSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

oleaut32

Exports

Exports

Sections

.text Size: 75KB - Virtual size: 75KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 366KB - Virtual size: 366KB

.reloc Size: 1KB - Virtual size: 1KB

2f7d1706341a4c1a58fd983f48b245ef

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

oleaut32

.text
Size: 43KB - Virtual size: 42KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 144B

.reloc
Size: 512B - Virtual size: 260B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

02:fa:99:4d:66:0d:e6:59:ee:90:37:ec:b4:37:d7:66
Certificate

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

02:fa:99:4d:66:0d:e6:59:ee:90:37:ec:b4:37:d7:66
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

29:97:12:2c:73:9a:00:3b:dd:e2:f5:7d:da:a3:e5:87:24:68:44:d2:7d:48:e3:24:03:0d:53:75:23:b4:50:0b
Signer

13:97:35:c3:74:3c:ad:b0:3d:53:21:3c:98:12:d6:58:38:03:6c:5d
Signer

.text
Size: 75KB - Virtual size: 75KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 366KB - Virtual size: 366KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 75KB - Virtual size: 75KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 366KB - Virtual size: 366KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 43KB - Virtual size: 42KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 144B

.reloc
Size: 512B - Virtual size: 260B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: - Virtual size: 52B

.reloc
Size: 512B - Virtual size: 48B

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

02:fa:99:4d:66:0d:e6:59:ee:90:37:ec:b4:37:d7:66
Certificate

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

02:fa:99:4d:66:0d:e6:59:ee:90:37:ec:b4:37:d7:66
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate