RogueKiller64[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

RogueKiller64.exe
Size

32.7MB
MD5

df80b52c24b75edbf3ef545d2d90b80b
SHA1

0e819e63279a0416127e51414121afdf0386cda0
SHA256

4a53f7036aaa75e7ff6158b3318c127daffb68f74a25855ac55137febb601cc4
SHA512

ce46e359e9f29781b00d8d36758ab14d49629a9ad1c043c8704cbe1fa7f17f937b5cb0b24a1f62a407f60b747f7ea1880389872b556562b36abccaf91985e0f4
SSDEEP

393216:LPGGG+4Oe1/mbTCEFrtrdcUzOxJ4A+Jsv6tWKFdu9CJ0QOzn69CdZWSMrNp4nnk:QevGf7QOndZWSMrNp4nk

Score

1^/10

Malware Config

Signatures

Files

RogueKiller64.exe
.exe windows x64

054c92fbf075d852a0c0cb3f58bdf1bb

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

18:39:af:85:74:aa:0e:80:c3:71:d9:80:34:61:dd:7b
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

13/01/2022, 00:00

Not After

12/01/2025, 23:59

Subject

CN=ADLICE,O=ADLICE,ST=Loire-Atlantique,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

24:8c:c5:b2:ac:c4:10:c7:4f:0f:14:88:96:1c:a0:7c:96:c0:24:ab
Signer

Actual PE Digest

24:8c:c5:b2:ac:c4:10:c7:4f:0f:14:88:96:1c:a0:7c:96:c0:24:ab

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ws2_32

freeaddrinfo
getnameinfo
inet_pton
WSAIoctl
getaddrinfo

winmm

timeKillEvent
PlaySoundW
timeSetEvent

netapi32

NetShareEnum
NetApiBufferFree
NetUserGetInfo

kernel32

CreateFiber
QueryPerformanceCounter
GetSystemTimeAsFileTime
ConvertFiberToThread
ConvertThreadToFiber
LoadLibraryA
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
FormatMessageA
InitializeCriticalSectionEx
SleepEx
QueryPerformanceFrequency
GetSystemDirectoryA
VerifyVersionInfoA
WaitForSingleObjectEx
ExpandEnvironmentStringsA
CreateFileMappingA
SwitchToThread
WTSGetActiveConsoleSessionId
CheckRemoteDebuggerPresent
GlobalUnlock
GlobalLock
GlobalSize
lstrcmpW
GetUserDefaultLangID
CompareStringEx
GetLocalTime
SetThreadPriority
GetThreadPriority
OutputDebugStringW
IsProcessorFeaturePresent
GetTickCount64
GetCurrencyFormatW
GetUserDefaultLCID
GetUserPreferredUILanguages
GetStartupInfoW
GetLogicalDrives
SetEndOfFile
SetFileTime
GetFileInformationByHandleEx
CompareStringW
LCMapStringW
FindCloseChangeNotification
FindFirstChangeNotificationW
FindNextChangeNotification
FindFirstFileExW
UnregisterWaitEx
RegisterWaitForSingleObject
GetTimeZoneInformation
lstrcpyW
InitializeCriticalSection
InterlockedPushEntrySList
RtlUnwindEx
DeleteFiber
InitializeSListHead
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
DecodePointer
EncodePointer
GetStringTypeW
SwitchToFiber
GetStdHandle
GetModuleHandleExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentThreadId
GlobalFree
GlobalAlloc
LoadLibraryExW
QueueUserWorkItem
GetACP
HeapReAlloc
IsValidLocale
EnumSystemLocalesW
HeapSize
SetEnvironmentVariableA
lstrcmpA
IsBadWritePtr
IsBadReadPtr
lstrlenW
lstrcmpiW
VirtualFree
VirtualAlloc
GetVolumeNameForVolumeMountPointW
SetFilePointerEx
GetVolumePathNameW
GetFileType
GetFileInformationByHandle
SetEnvironmentVariableW
WriteConsoleW
IsValidCodePage
GetOEMCP
FindFirstFileExA
FindNextFileA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetFileSizeEx
LoadResource
LockResource
SizeofResource
FindResourceW
HeapDestroy
CreateMutexA
HeapCreate
GetFileSize
CreateFileA
VirtualQueryEx
AreFileApisANSI
LockFile
UnlockFileEx
HeapValidate
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
FlushViewOfFile
DeleteFileA
HeapCompact
UnlockFile
LockFileEx
IsDebuggerPresent
SetFilePointer
GetDiskFreeSpaceW
LocalAlloc
DeviceIoControl
GetVolumePathNamesForVolumeNameW
QueryDosDeviceW
DefineDosDeviceW
K32GetModuleInformation
Module32NextW
Module32FirstW
CreateRemoteThread
WriteProcessMemory
OpenThread
CreateThread
RaiseException
GetModuleFileNameA
GetVersionExA
ResumeThread
GetCurrentThread
OutputDebugStringA
GetEnvironmentVariableW
RtlCaptureContext
GetTickCount
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
CreateMutexW
ReleaseMutex
GetThreadLocale
GetUserGeoID
GetGeoInfoW
GetLocaleInfoW
GetModuleHandleW
GetTempPathW
GetTempFileNameW
GetModuleFileNameW
GetProcessHeap
HeapFree
HeapAlloc
GetVersionExW
VerSetConditionMask
CancelIo
GetOverlappedResult
WaitNamedPipeW
CreateNamedPipeW
PeekNamedPipe
SetNamedPipeHandleState
DisconnectNamedPipe
ConnectNamedPipe
SetHandleInformation
WriteFile
ReadFile
FlushFileBuffers
MoveFileExW
MoveFileW
CopyFileW
SetFileAttributesW
RemoveDirectoryW
GetFileTime
GetFileAttributesExW
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
DeleteFileW
CreateFileW
GetConsoleCP
CreateDirectoryW
GetShortPathNameW
GetFullPathNameW
ExpandEnvironmentStringsW
WaitForMultipleObjects
CreateEventW
ResetEvent
SetEvent
Thread32Next
Thread32First
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
K32GetProcessImageFileNameW
K32GetModuleFileNameExW
K32GetModuleBaseNameW
TerminateJobObject
AssignProcessToJobObject
CreateJobObjectW
GetModuleHandleA
ReadProcessMemory
OpenProcess
GetProcessId
CreateProcessW
TerminateThread
GetExitCodeProcess
TerminateProcess
GetProcessTimes
WaitForSingleObject
SetLastError
DuplicateHandle
CloseHandle
GetComputerNameW
FormatMessageW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimes
Sleep
SetErrorMode
GetCurrentDirectoryW
GetCurrentProcessId
GetCurrentProcess
LocalFree
GetCommandLineW
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryW
GetProcAddress
FreeLibrary
GetLastError
DeleteCriticalSection
TryEnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetTimeFormatW
GetDateFormatW
SystemTimeToFileTime
FileTimeToSystemTime
TzSpecificLocalTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetSystemTime
CompareFileTime
GetConsoleWindow
GetDriveTypeW
GetLongPathNameW
GetVolumeInformationW
SetConsoleCtrlHandler
ExitThread
FreeLibraryAndExitThread
GetCommandLineA
GetFullPathNameA
SetStdHandle
ExitProcess

user32

RegisterWindowMessageW
GetKeyboardLayout
RegisterClipboardFormatW
ChangeClipboardChain
SetClipboardViewer
IsHungAppWindow
LoadIconW
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromWindow
SetMenuItemInfoW
GetMenuItemInfoW
TrackPopupMenu
RemoveMenu
ModifyMenuW
AppendMenuW
InsertMenuW
DestroyMenu
CreatePopupMenu
CreateMenu
DrawMenuBar
SetMenu
LoadImageW
GetSysColorBrush
IsWindowEnabled
WindowFromPoint
GetCursorPos
GetFocus
RegisterClassExW
GetClassInfoW
UnregisterClassW
UnregisterPowerSettingNotification
RegisterPowerSettingNotification
RegisterDeviceNotificationW
UnregisterDeviceNotification
GetDC
ReleaseDC
DrawIconEx
GetIconInfo
GetSystemMenu
EnableMenuItem
GetSystemMetrics
GetSysColor
SystemParametersInfoW
MessageBoxW
ExitWindowsEx
CreateCaret
DestroyCaret
HideCaret
ShowCaret
SetCaretPos
PeekMessageW
IsZoomed
GetKeyState
GetKeyboardState
ToAscii
ToUnicode
MapVirtualKeyW
TrackPopupMenuEx
SetCursorPos
GetCursor
LoadCursorW
CreateCursor
CreateIconIndirect
GetCursorInfo
RegisterClassW
EnumDisplayDevicesW
GetClipboardFormatNameW
TrackMouseEvent
GetMessageExtraInfo
CharNextExA
GetAsyncKeyState
GetTouchInputInfo
CloseTouchInputHandle
GetWindowTextW
RealGetWindowClassW
ChangeWindowMessageFilterEx
TranslateMessage
DispatchMessageW
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetTimer
KillTimer
SetWindowsHookExW
UnhookWindowsHookEx
ChildWindowFromPointEx
PostMessageW
ShowWindow
CallNextHookEx
EnumWindows
GetWindowThreadProcessId
GetProcessWindowStation
GetUserObjectInformationW
SendMessageA
FindWindowA
GetKeyboardLayoutList
GetAncestor
GetClassNameW
EnumChildWindows
CharNextW
MonitorFromPoint
DestroyIcon
DestroyCursor
GetWindow
SetParent
GetParent
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
GetWindowLongW
ScreenToClient
ClientToScreen
SetCursor
AdjustWindowRectEx
GetWindowRect
GetClientRect
SetWindowTextW
InvalidateRect
SetWindowRgn
GetUpdateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
GetMenu
ReleaseCapture
SetCapture
GetCapture
IsTouchWindow
UnregisterTouchWindow
RegisterTouchWindow
SetFocus
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
FlashWindowEx
SetLayeredWindowAttributes
UpdateLayeredWindow
DestroyWindow
IsChild
CreateWindowExW
DefWindowProcW
AttachThreadInput
SendMessageW
GetDoubleClickTime
IsWindow
MessageBeep
GetCaretBlinkTime
GetDesktopWindow
UpdateLayeredWindowIndirect

gdi32

CreateFontIndirectW
EnumFontFamiliesExW
GetFontData
GetStockObject
AddFontResourceExW
RemoveFontResourceExW
AddFontMemResourceEx
RemoveFontMemResourceEx
GetTextMetricsW
GetTextFaceW
GetCharABCWidthsW
GdiFlush
GetGlyphOutlineW
GetOutlineTextMetricsW
GetTextExtentPoint32W
GetCharABCWidthsI
SetBkMode
SetGraphicsMode
SetTextColor
SetTextAlign
SetWorldTransform
ExtTextOutW
GetRegionData
GetObjectW
GetBitmapBits
SetPixelFormat
SwapBuffers
GetPixelFormat
DescribePixelFormat
ChoosePixelFormat
CreateBitmap
CreateDCW
CreateCompatibleBitmap
GetDeviceCaps
SetLayout
SelectClipRgn
OffsetRgn
CreateRectRgn
CombineRgn
BitBlt
CreateDIBSection
SelectObject
GetDIBits
DeleteDC
GetCharABCWidthsFloatW
CreateCompatibleDC
DeleteObject

shell32

Shell_NotifyIconW
SHBrowseForFolderW
SHGetKnownFolderIDList
SHGetPathFromIDListW
SHCreateItemFromIDList
ord727
SHGetStockIconInfo
SHGetFileInfoW
SHGetFolderPathW
ord51
ShellExecuteExW
SHGetMalloc
CommandLineToArgvW
ShellExecuteW
Shell_NotifyIconGetRect
SHGetKnownFolderPath
SHCreateItemFromParsingName

ole32

CoInitialize
OleSetClipboard
OleGetClipboard
OleFlushClipboard
StringFromCLSID
OleIsCurrentClipboard
DoDragDrop
ReleaseStgMedium
CoTaskMemRealloc
CoTaskMemAlloc
CoGetMalloc
OleInitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
CoSetProxyBlanket
CoCreateInstance
CoInitializeSecurity
CoInitializeEx
CoUninitialize
CoCreateGuid
StringFromGUID2
CoTaskMemFree
OleUninitialize

oleaut32

SysAllocString
SysFreeString
SysStringLen
VariantInit
VariantClear
SafeArrayPutElement
SafeArrayCreateVector
VarUI4FromStr

advapi32

GetSecurityInfo
RegFlushKey
BuildTrusteeWithSidW
GetEffectiveRightsFromAclW
MapGenericMask
AccessCheck
SystemFunction036
GetSidSubAuthorityCount
GetSidSubAuthority
LookupPrivilegeValueA
CreateProcessAsUserW
OpenProcessToken
AdjustTokenPrivileges
DuplicateTokenEx
LookupPrivilegeValueW
DeregisterEventSource
RegisterEventSourceW
ReportEventW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
ChangeServiceConfigW
ChangeServiceConfig2W
CloseServiceHandle
ControlService
CreateServiceW
DeleteService
EnumDependentServicesW
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
GetExplicitEntriesFromAclW
RegSetKeySecurity
RegGetKeySecurity
GetAce
SetEntriesInAclW
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
IsValidSecurityDescriptor
InitializeSecurityDescriptor
InitializeAcl
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
ConvertStringSidToSidW
ConvertSidToStringSidW
LookupAccountNameW
LookupAccountSidW
IsValidSid
GetTokenInformation
GetLengthSid
CopySid
EnumServicesStatusW
OpenSCManagerW
OpenServiceW
QueryServiceConfigW
QueryServiceConfig2W
QueryServiceStatus
QueryServiceStatusEx
SetServiceObjectSecurity
StartServiceW
DuplicateToken
GetUserNameW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW

mpr

WNetGetConnectionW

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock
LoadUserProfileW
UnloadUserProfile
GetProfilesDirectoryW
GetUserProfileDirectoryW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

shlwapi

PathQuoteSpacesW
StrCmpIW
StrDupW
StrFormatByteSizeW
PathUnExpandEnvStringsW
PathUnquoteSpacesW
PathSearchAndQualifyW
PathRemoveFileSpecW
PathRemoveExtensionW
PathRemoveBlanksW
PathRemoveBackslashW
PathRemoveArgsW
PathIsNetworkPathW
PathIsRelativeW
PathIsPrefixW
PathIsDirectoryW
PathGetDriveNumberW
PathGetArgsW
PathFindFileNameW
PathFindExtensionW
PathFileExistsW
PathAppendW
PathAddBackslashW
AssocQueryStringW

wtsapi32

WTSQueryUserToken
WTSFreeMemory
WTSEnumerateSessionsW
WTSQuerySessionInformationW

wininet

InternetGetConnectedState

ntdll

NtCreateKey
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlPcToFileHeader
NtQuerySystemInformation
NtQueryKey
NtSetValueKey
NtDeleteValueKey
NtDeleteKey
NtOpenKey
NtUnloadDriver
RtlInitUnicodeString
NtLoadDriver

wsock32

shutdown
getsockopt
ntohs
WSAStartup
WSACleanup
inet_ntoa
WSAAsyncSelect
gethostname
sendto
recvfrom
htonl
select
__WSAFDIsSet
htons
getpeername
socket
setsockopt
listen
connect
closesocket
bind
accept
WSASetLastError
send
recv
WSAGetLastError
getsockname

crypt32

CertGetNameStringW
CertNameToStrW
CertFreeCertificateContext
CryptQueryObject
CertCloseStore
CryptMsgGetParam
CryptMsgClose
CryptDecodeObject
CertOpenStore
CertEnumCertificatesInStore
CertDuplicateCertificateContext
CertFindCertificateInStore
CertGetCertificateContextProperty

wintrust

CryptCATAdminCalcHashFromFileHandle
CryptCATAdminEnumCatalogFromHash
WinVerifyTrust
CryptCATAdminAcquireContext
CryptCATAdminReleaseContext
CryptCATAdminReleaseCatalogContext
CryptCATCatalogInfoFromContext

bcrypt

BCryptGenRandom
BCryptDeriveKeyPBKDF2
BCryptDestroyHash
BCryptFinishHash
BCryptHashData
BCryptCreateHash
BCryptDestroyKey
BCryptEncrypt
BCryptGenerateSymmetricKey
BCryptCloseAlgorithmProvider
BCryptSetProperty
BCryptGetProperty
BCryptOpenAlgorithmProvider

dwmapi

DwmIsCompositionEnabled
DwmSetWindowAttribute
DwmGetWindowAttribute
DwmEnableBlurBehindWindow

uxtheme

GetThemeBool
GetCurrentThemeName
OpenThemeData
GetThemePartSize
GetThemeColor
GetThemeInt
GetThemeEnumValue
GetThemeMargins
GetThemePropertyOrigin
GetThemeTransitionDuration
CloseThemeData
ord47
GetThemeBackgroundRegion
IsThemeBackgroundPartiallyTransparent
IsAppThemed
SetWindowTheme
IsThemeActive

imm32

ImmGetCompositionStringW
ImmGetDefaultIMEWnd
ImmGetContext
ImmReleaseContext
ImmAssociateContext
ImmAssociateContextEx
ImmGetOpenStatus
ImmNotifyIME
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetVirtualKey

Sections

.text
Size: 16.7MB - Virtual size: 16.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8.4MB - Virtual size: 8.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 292KB - Virtual size: 543KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1010KB - Virtual size: 1010KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 1024B - Virtual size: 677B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmimed
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

054c92fbf075d852a0c0cb3f58bdf1bb

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

18:39:af:85:74:aa:0e:80:c3:71:d9:80:34:61:dd:7bCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

24:8c:c5:b2:ac:c4:10:c7:4f:0f:14:88:96:1c:a0:7c:96:c0:24:abSigner

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

winmm

netapi32

kernel32

user32

gdi32

shell32

ole32

oleaut32

advapi32

mpr

userenv

version

shlwapi

wtsapi32

wininet

ntdll

wsock32

crypt32

wintrust

bcrypt

dwmapi

uxtheme

imm32

Sections

.text Size: 16.7MB - Virtual size: 16.7MB

.rdata Size: 8.4MB - Virtual size: 8.4MB

.data Size: 292KB - Virtual size: 543KB

.pdata Size: 1010KB - Virtual size: 1010KB

.qtmetad Size: 1024B - Virtual size: 677B

.tls Size: 512B - Virtual size: 13B

.qtmimed Size: 315KB - Virtual size: 315KB

.gfids Size: 512B - Virtual size: 508B

_RDATA Size: 512B - Virtual size: 272B

.rsrc Size: 5.9MB - Virtual size: 5.9MB

.reloc Size: 108KB - Virtual size: 107KB

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

18:39:af:85:74:aa:0e:80:c3:71:d9:80:34:61:dd:7b
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

24:8c:c5:b2:ac:c4:10:c7:4f:0f:14:88:96:1c:a0:7c:96:c0:24:ab
Signer

.text
Size: 16.7MB - Virtual size: 16.7MB

.rdata
Size: 8.4MB - Virtual size: 8.4MB

.data
Size: 292KB - Virtual size: 543KB

.pdata
Size: 1010KB - Virtual size: 1010KB

.qtmetad
Size: 1024B - Virtual size: 677B

.tls
Size: 512B - Virtual size: 13B

.qtmimed
Size: 315KB - Virtual size: 315KB

.gfids
Size: 512B - Virtual size: 508B

_RDATA
Size: 512B - Virtual size: 272B

.rsrc
Size: 5.9MB - Virtual size: 5.9MB

.reloc
Size: 108KB - Virtual size: 107KB