eee[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eee.zip
Size

4.5MB
MD5

2577979fcd6a28c1c64cf02cef339c33
SHA1

13186dea06129bb8b776b7d107bada7a1c16608e
SHA256

13306aef1317f04713600d888840f55b77fb3eaef283fb9baa407bcebd3278da
SHA512

dde48e1b692170b00034af92f50fe2009e3f85bee80b56b88fe2eb1843de3420b5eb0d6da67357e3a40cb0a68e1b1ceefa8fd3b0f38a8e08bdc9e330ab5251cf
SSDEEP

98304:MSdLgqKXeUaLhkLI3wAMWWg1hMYOLYcJYWd6QFrzXiwlB2GvTStZlGMf90h:qqKuUa1yIAAMWXUjLLBtFfXiW7TStZl8

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/eee/Skin/black.style	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/eee/Skin/black.style	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/eee/Skin/black.style
unpack001/eee/TRILLIUM_SECURITY_MULTISPLOIT_TOOL V4.exe

Files

eee.zip
.zip
eee/Icons/Logo.png
.png
eee/OCX FILES AND REGISTRATOR/Codejock.CommandBars.v15.2.1.ocx
.dll regsvr32 windows x86

8d1c2918fbda0177d7c988251098ff2b

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

29/01/1996, 00:00

Not After

01/08/2028, 23:59

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

77:5d:7c:93:bd:42:1c:4c:35:98:4f:45:95:4b:a4:e3
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

29/09/2010, 00:00

Not After

19/10/2012, 23:59

Subject

CN=Codejock Technologies\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Codejock Software,O=Codejock Technologies\, LLC,L=Owosso,ST=Michigan,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:8f:14:70:eb:42:00:b3:e4:39:8b:8b:f8:98:9c:d3:ec:ca:44:a8
Signer

Actual PE Digest

6a:8f:14:70:eb:42:00:b3:e4:39:8b:8b:f8:98:9c:d3:ec:ca:44:a8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord818
ord4299
ord4275
ord755
ord470
ord613
ord289
ord2379
ord6041
ord2452
ord1146
ord6157
ord1265
ord1567
ord268
ord283
ord703
ord603
ord1989
ord1969
ord2454
ord3508
ord273
ord403
ord2393
ord786
ord5989
ord519
ord3216
ord1259
ord1770
ord462
ord3115
ord3315
ord3470
ord452
ord3728
ord543
ord803
ord6307
ord521
ord4167
ord834
ord836
ord2814
ord2763
ord4160
ord2813
ord5216
ord861
ord1572
ord849
ord850
ord2915
ord906
ord845
ord1133
ord2233
ord404
ord957
ord1860
ord5449
ord6393
ord909
ord4205
ord3986
ord1777
ord884
ord886
ord463
ord882
ord876
ord878
ord879
ord2890
ord6572
ord857
ord940
ord6779
ord536
ord6385
ord6389
ord1979
ord5442
ord3318
ord665
ord5186
ord354
ord924
ord926
ord539
ord922
ord1206
ord1223
ord6364
ord3326
ord6365
ord4472
ord5498
ord3278
ord3681
ord446
ord743
ord6440
ord1214
ord2868
ord5575
ord3525
ord433
ord699
ord3938
ord397
ord5593
ord3438
ord6876
ord912
ord4188
ord4277
ord538
ord4278
ord6283
ord4202
ord5710
ord1644
ord4163
ord1200
ord4020
ord2727
ord2730
ord2729
ord1175
ord3887
ord2830
ord4222
ord5467
ord1581
ord2918
ord2805
ord960
ord6314
ord4179
ord5445
ord6012
ord5775
ord2603
ord3180
ord3183
ord3176
ord3652
ord1643
ord1949
ord2152
ord6453
ord6605
ord3797
ord2380
ord2381
ord2567
ord4270
ord1134
ord3005
ord2135
ord3732
ord556
ord809
ord2122
ord1940
ord6571
ord3030
ord2639
ord6109
ord6335
ord2546
ord291
ord923
ord2714
ord5785
ord1842
ord3092
ord1270
ord2867
ord1859
ord859
ord4204
ord4083
ord4287
ord1229
ord4285
ord4123
ord1140
ord656
ord2642
ord3803
ord4284
ord4124
ord939
ord941
ord5631
ord3089
ord1829
ord2089
ord5949
ord4047
ord6199
ord1217
ord1883
ord2884
ord3084
ord3348
ord4351
ord2625
ord297
ord619
ord5860
ord2464
ord4036
ord1656
ord3443
ord3786
ord434
ord1771
ord6366
ord2413
ord2024
ord4219
ord2581
ord4401
ord3639
ord692
ord5148
ord3716
ord790
ord6111
ord2113
ord3402
ord5161
ord5162
ord5160
ord4905
ord4742
ord4976
ord4948
ord4358
ord4377
ord4854
ord5287
ord4835
ord2302
ord2411
ord2023
ord4218
ord2578
ord4398
ord3582
ord616
ord2298
ord2370
ord6334
ord3721
ord795
ord3097
ord5953
ord2301
ord6241
ord5718
ord2629
ord1137
ord609
ord5510
ord3027
ord4042
ord1652
ord429
ord4644
ord4217
ord3577
ord4225
ord1719
ord4060
ord2937
ord4397
ord2575
ord4396
ord3574
ord5890
ord3957
ord4234
ord2243
ord1234
ord6402
ord6403
ord3521
ord6401
ord3522
ord2723
ord2390
ord3059
ord5100
ord5103
ord4467
ord4303
ord3350
ord975
ord5472
ord3403
ord2879
ord2878
ord4077
ord5237
ord2649
ord1665
ord4436
ord5252
ord3369
ord4427
ord366
ord5012
ord4151
ord3623
ord674
ord3869
ord2127
ord2391
ord5102
ord5105
ord4468
ord2880
ord2383
ord4437
ord5255
ord3373
ord402
ord4428
ord4153
ord3651
ord5284
ord5282
ord2795
ord5683
ord4317
ord3448
ord1664
ord3499
ord3175
ord2515
ord355
ord1929
ord2116
ord5805
ord2513
ord293
ord955
ord1194
ord805
ord6154
ord2530
ord4364
ord4056
ord5471
ord4121
ord2389
ord1709
ord5234
ord6369
ord5279
ord5248
ord2444
ord3583
ord620
ord298
ord4230
ord4759
ord2408
ord3815
ord5129
ord5119
ord4895
ord4896
ord4832
ord4894
ord1904
ord4515
ord1721
ord4589
ord4588
ord4899
ord4370
ord4892
ord4535
ord5076
ord4341
ord4348
ord4723
ord4887
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4963
ord4960
ord4108
ord5240
ord3748
ord1725
ord4432
ord761
ord569
ord480
ord4256
ord4461
ord3103
ord5260
ord2785
ord1767
ord5925
ord6130
ord6128
ord6131
ord6216
ord3816
ord5146
ord5037
ord6603
ord6565
ord6802
ord3262
ord6825
ord6343
ord774
ord502
ord1111
ord1152
ord3711
ord783
ord6026
ord6027
ord5856
ord3610
ord3520
ord1803
ord1716
ord4454
ord4755
ord2681
ord5153
ord4530
ord4544
ord4542
ord4523
ord5685
ord3274
ord439
ord2097
ord3742
ord1858
ord5495
ord6242
ord6320
ord2571
ord5053
ord4114
ord1865
ord979
ord5782
ord2566
ord3920
ord353
ord324
ord6129
ord3753
ord3754
ord2634
ord3437
ord698
ord911
ord396
ord5592
ord6874
ord1871
ord768
ord1907
ord5278
ord3813
ord1161
ord1262
ord1832
ord5651
ord350
ord6447
ord4033
ord5642
ord1083
ord501
ord1000
ord4326
ord4324
ord4325
ord3752

msvcrt

atoi
_purecall
memmove
free
malloc
_mbscmp
sscanf
wcslen
_wcslwr
wcsstr
wcscmp
_ftol
_CIpow
__CxxFrameHandler
strtod
strchr
_mbctoupper
mbstowcs
wcsncpy
calloc
_mbctype
_mbschr
qsort
rand
_snprintf
longjmp
fprintf
_iob
abort
_setjmp3
fread
wcsncmp
_CxxThrowException
_mbsnbcpy
wcschr
_wcsicmp
_wtoi
ceil
swscanf
floor
_mbsrchr
_strdup
__dllonexit
_onexit
??1type_info@@UAE@XZ
_except_handler3
?terminate@@YAXXZ
_initterm
_adjust_fdiv
_mbsicmp

kernel32

LocalFree
GlobalSize
lstrcpyA
GlobalFree
lstrcmpiA
SetFileAttributesA
GetModuleFileNameA
CreateDirectoryA
CompareStringA
GetCurrentDirectoryA
lstrlenA
lstrcpynA
GetVersion
GetCurrentProcessId
GetTickCount
SetEvent
GetExitCodeThread
TerminateThread
CreateThread
SetThreadPriority
ResumeThread
WaitForSingleObject
ResetEvent
CreateEventA
GetOEMCP
GetCPInfo
GetVersionExA
EnumResourceLanguagesA
EnumResourceTypesA
MultiByteToWideChar
WideCharToMultiByte
EnumResourceNamesA
FreeLibrary
GetPrivateProfileStringA
GetTempPathA
GetTempFileNameA
GetPrivateProfileSectionNamesA
WritePrivateProfileStringA
DeleteFileA
GetFileAttributesA
lstrcmpA
LeaveCriticalSection
EnterCriticalSection
Sleep
InterlockedDecrement
GlobalAlloc
DeleteCriticalSection
InitializeCriticalSection
SetFilePointer
SizeofResource
FindResourceA
LoadResource
LockResource
CreateFileA
ReadFile
CloseHandle
InterlockedIncrement
GlobalLock
GlobalUnlock
MulDiv
LoadLibraryA
GetModuleHandleA
GetProcAddress
GetCurrentThreadId
LocalAlloc

user32

UnionRect
TrackPopupMenu
GetTabbedTextExtentA
GetClipboardData
GetSysColorBrush
MapDialogRect
GetAsyncKeyState
InsertMenuA
DestroyAcceleratorTable
CreateAcceleratorTableA
VkKeyScanA
FindWindowExA
IsWindowUnicode
GetWindowLongW
SetWindowLongW
SetWindowLongA
SendMessageA
EnableWindow
GrayStringA
DrawTextA
TabbedTextOutA
GetSubMenu
PeekMessageA
SetRect
SystemParametersInfoA
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
GetForegroundWindow
OpenClipboard
GetWindowLongA
GetDialogBaseUnits
IntersectRect
SetCapture
IsRectEmpty
LoadCursorA
LockWindowUpdate
GetDCEx
GetCapture
GetMessageA
ClientToScreen
OffsetRect
DispatchMessageA
ReleaseCapture
InvertRect
CopyRect
GetClientRect
IsWindow
GetWindowRect
SetRectEmpty
GetCursorPos
DeferWindowPos
PtInRect
CallNextHookEx
GetParent
SetWindowsHookExA
UnhookWindowsHookEx
GetDesktopWindow
GetDC
GetKeyNameTextA
GetSysColor
GetKeyboardState
CloseClipboard
SetForegroundWindow
GetActiveWindow
SetActiveWindow
GetClassLongA
GetMenuDefaultItem
CreatePopupMenu
IsClipboardFormatAvailable
SetParent
MapWindowPoints
SetFocus
GetClassNameA
ShowWindow
IsDialogMessageA
GetSystemMenu
GetMenuState
GetDlgItem
AdjustWindowRectEx
wsprintfA
TranslateMessage
WaitMessage
UpdateWindow
GetTopWindow
GetWindow
GetDlgCtrlID
InflateRect
HideCaret
SetCursor
ShowCaret
GetNextDlgTabItem
GetFocus
IsChild
MapVirtualKeyA
MessageBeep
IsMenu
GetMenuItemCount
GetMenuItemInfoA
GetMenuItemID
EqualRect
SetWindowPos
InvalidateRect
SetTimer
MoveWindow
BringWindowToTop
RedrawWindow
IsZoomed
CharUpperA
ScreenToClient
GetKeyboardLayoutList
GetCursor
GetKeyState
KillTimer
IsWindowVisible
WindowFromPoint
GetSystemMetrics
LoadMenuIndirectA
GetMenuStringA
GetMenuStringW
LookupIconIdFromDirectoryEx
LoadMenuA
CopyImage
PostMessageA
SetClipboardData
IsCharLowerA
IsIconic
LoadBitmapA
DestroyIcon
CopyIcon
ToAsciiEx
GetKeyboardLayout
EmptyClipboard
MapVirtualKeyExA
CopyAcceleratorTableA
FillRect
DrawEdge
GetDoubleClickTime
SendMessageTimeoutA
ShowScrollBar
SetCursorPos
GetMenu
LoadIconA
SetMenu
GetClipboardFormatNameA
BeginDeferWindowPos
EndDeferWindowPos
DrawFrameControl
DrawFocusRect
IsWindowEnabled
ReleaseDC
MessageBoxA
CreateIconIndirect
DrawIconEx
GetIconInfo
DrawStateA
CreateIconFromResourceEx
LoadImageA
RegisterClipboardFormatA
SetWindowRgn
GetWindowRgn
CallWindowProcA
GetLastActivePopup
RegisterWindowMessageA

gdi32

ExtTextOutA
Escape
CreateRectRgn
CombineRgn
CreateDIBSection
DeleteDC
StretchBlt
CreateBitmap
SetTextColor
SetBkColor
SetStretchBltMode
GetDIBits
GetCurrentObject
GetTextColor
GetBitmapBits
ExtCreateRegion
PtInRegion
EnumFontFamiliesA
GetViewportOrgEx
CreatePatternBrush
ExtFloodFill
Ellipse
GetMapMode
CreateFontA
Polyline
Rectangle
GetWindowOrgEx
GetRgnBox
CreatePolygonRgn
RoundRect
TextOutA
GetWindowExtEx
StrokePath
FillPath
StrokeAndFillPath
EndPath
CloseFigure
MoveToEx
LineTo
PolyBezierTo
BeginPath
OffsetViewportOrgEx
GetClipBox
GetTextExtentPoint32W
ExtTextOutW
GetCharWidthA
GetCurrentPositionEx
GetTextAlign
GetTextMetricsA
IntersectClipRect
GetClipRgn
ExtSelectClipRgn
SetBkMode
SetBrushOrgEx
AbortDoc
EndDoc
EndPage
StartPage
DPtoLP
StartDocA
SetAbortProc
RectVisible
PtVisible
CreateFontIndirectA
GetTextExtentPoint32A
Polygon
EnumFontFamiliesExA
SetPixel
GetStockObject
PatBlt
CreateSolidBrush
CreatePen
DeleteObject
BitBlt
CreateRectRgnIndirect
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetObjectA
GetViewportExtEx
GetDeviceCaps
GetPixel

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegQueryValueExA

shell32

SHGetFileInfoA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA
SHAppBarMessage
DragQueryFileA

comctl32

ImageList_GetImageCount
ImageList_Destroy
ImageList_GetIconSize
ImageList_AddMasked
ImageList_GetIcon
ImageList_DrawEx
ImageList_ReplaceIcon
ImageList_Add
ImageList_GetImageInfo
_TrackMouseEvent
ImageList_Draw

ole32

RevokeDragDrop
RegisterDragDrop
CoCreateInstance
OleRun
CoLockObjectExternal
ReleaseStgMedium

olepro32

ord252
ord254
ord253

oleaut32

SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
VarI4FromCy
VarI4FromR4
VarI4FromR8
VariantInit
VariantChangeType
SysFreeString
SysAllocString
VariantChangeTypeEx
SafeArrayGetDim
VariantClear
OleLoadPicturePath
LoadRegTypeLi
SafeArrayCreate

winmm

PlaySoundA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 664KB - Virtual size: 661KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 152KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
eee/OCX FILES AND REGISTRATOR/Codejock.Controls.v15.2.1.ocx
.dll regsvr32 windows x86

362c62ed4f5d5b2ad98dc4f3f5a4f115

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

29/01/1996, 00:00

Not After

01/08/2028, 23:59

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

77:5d:7c:93:bd:42:1c:4c:35:98:4f:45:95:4b:a4:e3
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

29/09/2010, 00:00

Not After

19/10/2012, 23:59

Subject

CN=Codejock Technologies\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Codejock Software,O=Codejock Technologies\, LLC,L=Owosso,ST=Michigan,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:e7:8a:2f:b8:0e:37:28:a8:7e:b9:18:11:e7:04:37:77:63:0a:06
Signer

Actual PE Digest

27:e7:8a:2f:b8:0e:37:28:a8:7e:b9:18:11:e7:04:37:77:63:0a:06

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord755
ord470
ord613
ord289
ord2379
ord6041
ord2452
ord1146
ord6157
ord1265
ord1567
ord268
ord283
ord703
ord603
ord1989
ord1969
ord2454
ord3508
ord273
ord403
ord2393
ord1259
ord1770
ord462
ord3115
ord3315
ord3470
ord452
ord6307
ord521
ord4167
ord834
ord836
ord2814
ord2763
ord4160
ord2813
ord5216
ord861
ord1572
ord849
ord850
ord2915
ord906
ord845
ord1133
ord2233
ord404
ord957
ord1860
ord5449
ord6393
ord909
ord4205
ord3986
ord1777
ord884
ord886
ord463
ord882
ord876
ord878
ord879
ord2890
ord6572
ord857
ord940
ord6779
ord536
ord6385
ord6389
ord1979
ord5442
ord3318
ord665
ord5186
ord354
ord924
ord926
ord539
ord922
ord1206
ord1223
ord2868
ord5575
ord3525
ord433
ord699
ord3938
ord397
ord5593
ord3438
ord6876
ord912
ord4188
ord4277
ord538
ord4278
ord6283
ord4202
ord5710
ord1644
ord4163
ord1200
ord4020
ord2727
ord2730
ord2729
ord1949
ord2152
ord6453
ord6605
ord3797
ord2380
ord2381
ord2567
ord4270
ord1134
ord3005
ord2135
ord3732
ord556
ord809
ord2122
ord1940
ord4287
ord6756
ord2629
ord1229
ord939
ord1150
ord6662
ord6199
ord1140
ord3402
ord3610
ord656
ord765
ord6458
ord5053
ord4480
ord3092
ord2645
ord2108
ord4284
ord6377
ord2078
ord3721
ord795
ord2116
ord6663
ord3089
ord4123
ord6170
ord3698
ord3957
ord1795
ord2642
ord2580
ord4400
ord3630
ord682
ord1844
ord1849
ord4083
ord1848
ord5805
ord6086
ord4375
ord4852
ord3356
ord324
ord1908
ord1690
ord2528
ord5288
ord4439
ord2054
ord4431
ord771
ord2041
ord498
ord1008
ord3475
ord4259
ord5849
ord4715
ord5785
ord5788
ord472
ord4258
ord3719
ord5161
ord5162
ord5160
ord4905
ord4742
ord4948
ord4358
ord4377
ord4854
ord5287
ord4835
ord3699
ord793
ord768
ord489
ord2294
ord2362
ord2302
ord4976
ord6334
ord2646
ord1929
ord1771
ord6366
ord2413
ord2024
ord4401
ord692
ord1847
ord3803
ord6194
ord4124
ord2575
ord4396
ord3574
ord801
ord609
ord541
ord2301
ord1816
ord4234
ord668
ord2770
ord356
ord6883
ord1858
ord2652
ord1669
ord4538
ord1829
ord3876
ord2546
ord291
ord2714
ord1927
ord5856
ord4204
ord3530
ord2439
ord1693
ord4342
ord4687
ord4639
ord5674
ord2156
ord4856
ord4920
ord3133
ord6002
ord2137
ord1963
ord5213
ord2953
ord3868
ord5150
ord4705
ord4707
ord2876
ord2998
ord5649
ord4113
ord4661
ord4660
ord4768
ord4650
ord4903
ord4548
ord4521
ord4594
ord4988
ord4925
ord4930
ord4935
ord4659
ord4909
ord4908
ord4668
ord4667
ord4666
ord4648
ord4689
ord5023
ord4654
ord4643
ord4354
ord4780
ord4649
ord4637
ord4636
ord5060
ord4584
ord4371
ord4361
ord4356
ord4739
ord4741
ord4738
ord4409
ord4603
ord4415
ord4992
ord4979
ord2488
ord3404
ord4539
ord4534
ord4949
ord2541
ord2954
ord2384
ord6370
ord2983
ord3148
ord3260
ord4466
ord3269
ord2986
ord3080
ord4081
ord4624
ord5825
ord1205
ord723
ord4996
ord4743
ord5888
ord5979
ord6128
ord5573
ord3199
ord5033
ord5574
ord3057
ord4820
ord2566
ord559
ord812
ord1088
ord5862
ord5610
ord2867
ord923
ord353
ord5861
ord1651
ord2112
ord6195
ord3520
ord6401
ord3870
ord2463
ord3711
ord783
ord4021
ord5782
ord3920
ord1262
ord1832
ord5651
ord350
ord6447
ord4033
ord5642
ord1083
ord501
ord1000
ord1114
ord1113
ord1099
ord5510
ord1647
ord429
ord1877
ord4249
ord423
ord4809
ord1614
ord4811
ord1685
ord6040
ord1686
ord3474
ord5008
ord4275
ord5683
ord5953
ord3499
ord2515
ord355
ord4367
ord5344
ord3273
ord438
ord4042
ord2613
ord1706
ord2386
ord6570
ord3882
ord2795
ord4989
ord4926
ord4931
ord3272
ord2504
ord430
ord729
ord2723
ord2390
ord3059
ord5100
ord5103
ord4467
ord4303
ord3350
ord5012
ord975
ord5472
ord3403
ord2879
ord2878
ord4151
ord4077
ord5237
ord5282
ord2649
ord1665
ord4436
ord4427
ord366
ord1842
ord4242
ord4793
ord5252
ord5228
ord1721
ord4589
ord4588
ord4899
ord4370
ord4892
ord4535
ord5076
ord4341
ord4348
ord4887
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4963
ord4960
ord4108
ord5240
ord3748
ord1725
ord5260
ord4432
ord761
ord480
ord1904
ord4256
ord4894
ord4723
ord5121
ord674
ord5483
ord2496
ord5959
ord3119
ord6042
ord3230
ord3212
ord2901
ord5984
ord3203
ord6166
ord3804
ord4788
ord4760
ord4390
ord4651
ord4735
ord5334
ord5328

msvcrt

_purecall
memmove
free
malloc
_mbscmp
sscanf
_mbsicmp
_wcslwr
wcsstr
wcscmp
_ftol
_CIpow
__CxxFrameHandler
wcslen
strtod
strchr
_mbctoupper
mbstowcs
wcsncpy
calloc
realloc
_splitpath
_fstat
fopen
fclose
fseek
ftell
fgets
_mbschr
isxdigit
_ismbcalnum
_ismbcspace
_ismbcdigit
_ismbcprint
_ismbcalpha
isprint
sprintf
_mbsnbcmp
qsort
_snprintf
longjmp
fprintf
_iob
abort
_setjmp3
fread
wcsncmp
_CxxThrowException
_mbsnbcpy
wcschr
_wcsicmp
_wtoi
_mbctype
ceil
swscanf
floor
_mbsrchr
_strdup
_mbsinc
wcstombs
__dllonexit
_onexit
??1type_info@@UAE@XZ
_except_handler3
?terminate@@YAXXZ
_initterm
_adjust_fdiv
atoi

kernel32

GlobalFree
lstrlenW
IsDBCSLeadByte
lstrcpyA
lstrcpynA
GetLastError
LocalFree
GetPrivateProfileIntA
lstrlenA
GlobalSize
GetCurrentDirectoryA
GetModuleFileNameA
GetTickCount
GetOEMCP
GetCPInfo
GetVersionExA
EnumResourceLanguagesA
EnumResourceTypesA
MultiByteToWideChar
WideCharToMultiByte
EnumResourceNamesA
FreeLibrary
GetPrivateProfileStringA
WritePrivateProfileStringA
GetFileAttributesA
lstrcmpA
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
GlobalAlloc
DeleteCriticalSection
InitializeCriticalSection
SetFilePointer
SizeofResource
FindResourceA
LoadResource
LockResource
CreateFileA
ReadFile
CloseHandle
InterlockedIncrement
GlobalLock
GlobalUnlock
MulDiv
LoadLibraryA
GetModuleHandleA
GetProcAddress
GetCurrentThreadId
LocalAlloc

user32

GrayStringA
DrawTextA
TabbedTextOutA
GetSubMenu
PeekMessageA
SetRect
SystemParametersInfoA
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
GetForegroundWindow
GetLastActivePopup
GetWindowLongA
GetDialogBaseUnits
IntersectRect
SetCapture
IsRectEmpty
LoadCursorA
LockWindowUpdate
GetCapture
SetScrollPos
ClientToScreen
OffsetRect
DispatchMessageA
ReleaseCapture
InvertRect
CopyRect
GetClientRect
IsWindow
GetWindowRect
SetRectEmpty
GetCursorPos
ScreenToClient
PtInRect
CallNextHookEx
GetParent
SetWindowsHookExA
UnhookWindowsHookEx
GetDesktopWindow
GetDC
ReleaseDC
GetSysColor
EnableMenuItem
EnableScrollBar
ShowScrollBar
EnableWindow
SetCaretPos
DragDetect
GetScrollInfo
DestroyCaret
GetScrollPos
HideCaret
ShowCaret
DrawEdge
GetDlgItem
GetMenuItemID
SetForegroundWindow
GetClipboardData
GetWindowPlacement
ShowWindow
GetClassLongA
LoadIconA
SetFocus
OpenClipboard
EmptyClipboard
CloseClipboard
CheckMenuItem
GetNextDlgTabItem
GetWindow
MessageBeep
DrawFrameControl
GetFocus
DrawFocusRect
FillRect
AdjustWindowRectEx
RedrawWindow
GetSysColorBrush
LoadStringA
SetWindowTextA
InflateRect
SetCursor
IsWindowEnabled
GetActiveWindow
SetActiveWindow
UpdateWindow
EqualRect
SetWindowPos
InvalidateRect
SetTimer
GetCursor
GetKeyState
KillTimer
SendMessageA
SetWindowLongA
DrawAnimatedRects
FindWindowA
CreateCaret
EnumChildWindows
IsWindowVisible
WindowFromPoint
GetSystemMetrics
LoadMenuIndirectA
LookupIconIdFromDirectoryEx
LoadMenuA
CopyImage
PostMessageA
SetClipboardData
LoadBitmapA
DestroyIcon
CopyIcon
CreateIconIndirect
GetSystemMenu
RemoveMenu
DrawMenuBar
DrawIconEx
GetIconInfo
DrawStateA
CreateIconFromResourceEx
ValidateRect
SetParent
IsClipboardFormatAvailable
TrackPopupMenu
GetMenu
SetWindowPlacement
SetClassLongA
WinHelpA
VkKeyScanA
CreateAcceleratorTableA
DestroyAcceleratorTable
UnionRect
TranslateMessage
GetDoubleClickTime
GetTabbedTextExtentA
IsChild
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
wsprintfA
GetClassNameA
MoveWindow
GetMenuItemCount
GetDlgCtrlID
LoadImageA
RegisterClipboardFormatA
SetWindowRgn
GetWindowRgn
CallWindowProcA
RegisterWindowMessageA
IsWindowUnicode
GetWindowLongW
GetMessageA
SetWindowLongW

gdi32

CreateDIBSection
DeleteDC
StretchBlt
CreateBitmap
SetTextColor
SetBkColor
SetStretchBltMode
GetDIBits
GetTextColor
GetBitmapBits
ExtCreateRegion
GetTextAlign
GetTextMetricsA
SetPixelV
CreatePolygonRgn
FillRgn
FrameRgn
PtInRegion
GetWindowOrgEx
CreateFontA
GetCharWidthA
SetBoundsRect
CreatePatternBrush
GetBkColor
GetRgnBox
RoundRect
GetViewportExtEx
GetWindowExtEx
Ellipse
CombineRgn
StrokePath
FillPath
StrokeAndFillPath
EndPath
CloseFigure
MoveToEx
LineTo
PolyBezierTo
BeginPath
OffsetViewportOrgEx
GetClipBox
GetTextExtentPoint32W
ExtTextOutW
GetCurrentPositionEx
IntersectClipRect
GetClipRgn
ExtSelectClipRgn
SetBkMode
Rectangle
GetTextExtentPointA
SetBrushOrgEx
GetBrushOrgEx
CreateRectRgn
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateFontIndirectA
GetTextExtentPoint32A
Polygon
EnumFontFamiliesExA
SetPixel
GetStockObject
PatBlt
CreateSolidBrush
CreatePen
DeleteObject
BitBlt
CreateRectRgnIndirect
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetObjectA
Polyline
GetDeviceCaps
GetPixel

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueExA

shell32

DragQueryFileA
SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA
SHAppBarMessage
Shell_NotifyIconA

comctl32

_TrackMouseEvent
ImageList_Destroy
ImageList_GetIcon
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_DrawEx
ImageList_ReplaceIcon
ImageList_Add
ImageList_GetImageInfo
ImageList_Create
ImageList_Draw
ImageList_AddMasked
ord17

ole32

RevokeDragDrop
RegisterDragDrop
PropVariantClear
CoCreateInstance
OleRun
CoLockObjectExternal
ReleaseStgMedium

olepro32

ord252
ord254
ord253

oleaut32

VariantCopy
SafeArrayCreate
VarI4FromCy
VarI4FromR4
VarI4FromR8
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
VariantChangeType
VariantInit
SysFreeString
SysAllocString
VariantChangeTypeEx
SafeArrayGetDim
VariantClear
OleLoadPicturePath
LoadRegTypeLi
SysAllocStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 368KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
eee/OCX FILES AND REGISTRATOR/Codejock.SkinFramework.v15.2.1.ocx
.dll regsvr32 windows x86

8fb4f322418faaa5d9e46b0c2b2ad05a

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

29/01/1996, 00:00

Not After

01/08/2028, 23:59

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

77:5d:7c:93:bd:42:1c:4c:35:98:4f:45:95:4b:a4:e3
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

29/09/2010, 00:00

Not After

19/10/2012, 23:59

Subject

CN=Codejock Technologies\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Codejock Software,O=Codejock Technologies\, LLC,L=Owosso,ST=Michigan,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

74:b2:db:d2:29:d6:34:1e:e7:e0:2e:10:b8:b7:d4:86:e7:4b:35:f6
Signer

Actual PE Digest

74:b2:db:d2:29:d6:34:1e:e7:e0:2e:10:b8:b7:d4:86:e7:4b:35:f6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord4809
ord1614
ord3797
ord4299
ord3474
ord5008
ord800
ord535
ord2818
ord540
ord2764
ord6877
ord5572
ord2915
ord939
ord924
ord537
ord1168
ord665
ord5442
ord353
ord6874
ord3262
ord1206
ord1223
ord2486
ord3237
ord860
ord1601
ord858
ord4278
ord5683
ord2514
ord2385
ord6374
ord4627
ord640
ord4160
ord2450
ord1175
ord6199
ord1640
ord323
ord641
ord801
ord2640
ord2623
ord541
ord1177
ord4367
ord5344
ord3273
ord438
ord5861
ord4042
ord2613
ord1706
ord2386
ord6570
ord3882
ord2795
ord1799
ord2723
ord2390
ord3059
ord5100
ord5103
ord4467
ord4303
ord3350
ord5012
ord975
ord5472
ord3403
ord2879
ord2878
ord4151
ord4077
ord5237
ord5282
ord2649
ord1665
ord4436
ord4427
ord366
ord1842
ord4242
ord4793
ord5805
ord2379
ord4123
ord5252
ord2393
ord6197
ord2233
ord5228
ord1721
ord4589
ord4588
ord4899
ord4370
ord4892
ord4535
ord5076
ord4341
ord4348
ord4887
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4963
ord4960
ord4108
ord5240
ord3748
ord1725
ord5260
ord4432
ord761
ord480
ord1904
ord4256
ord4894
ord3495
ord1140
ord3874
ord5981
ord4723
ord5121
ord3092
ord2859
ord2860
ord6880
ord5575
ord3525
ord433
ord674
ord2868
ord5864
ord861
ord539
ord815
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord3401
ord3670
ord561
ord3952
ord2724
ord6354
ord1216
ord1227
ord6364
ord3326
ord6365
ord4472
ord5498
ord3278
ord3681
ord446
ord743
ord6440
ord1214
ord2687
ord1226
ord1210
ord922
ord3946
ord2956
ord2556
ord3571
ord3626
ord5785
ord1146
ord5314
ord324
ord6030
ord1269
ord3663
ord941
ord668
ord4925
ord3178
ord3181
ord4058
ord2781
ord2770
ord356
ord4277
ord2763
ord2614
ord4129
ord6282
ord536
ord5440
ord6383
ord5450
ord6394
ord2740
ord2801
ord686
ord5163
ord384
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord6172
ord5873
ord5789
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord3596
ord3706
ord5781
ord3693
ord3573
ord2405
ord567
ord2753
ord2754
ord6648
ord3138
ord1232
ord2919
ord3517
ord3619
ord5875
ord764
ord3028
ord824
ord826
ord2044
ord2107
ord2841
ord2448
ord5834
ord1176
ord3742
ord818
ord4275
ord755
ord470
ord613
ord289
ord2452
ord6157
ord1265
ord703
ord603
ord1969
ord2454
ord273
ord403
ord1259
ord1770
ord462
ord3115
ord3315
ord3470
ord452
ord6307
ord521
ord4167
ord699
ord3938
ord397
ord5593
ord3438
ord6876
ord912
ord4188
ord538
ord6283
ord834
ord836
ord2814
ord2813
ord5216
ord1572
ord849
ord850
ord906
ord845
ord404
ord957
ord1860
ord5449
ord6393
ord909
ord4205
ord3986
ord1777
ord884
ord886
ord463
ord882
ord876
ord878
ord879
ord2890
ord6572
ord857
ord940
ord6779
ord6385
ord6389
ord1979
ord3318
ord5186
ord354
ord926
ord4202
ord1644
ord4163
ord805
ord3030
ord4204
ord2381
ord1153
ord6493
ord533
ord923
ord2567
ord1270
ord3402
ord2867
ord6662
ord5631
ord4284
ord4287
ord2714
ord1949
ord4226
ord3884
ord3920
ord3815
ord1229
ord2380
ord3089
ord2862
ord3752
ord3754
ord2243
ord6242
ord1262
ord1132
ord723
ord1116
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord269
ord423
ord5825
ord4988
ord4594
ord4521
ord4548
ord4903
ord4650
ord4768
ord4660
ord4661
ord4113
ord5649
ord2998
ord2876
ord4707
ord4705
ord5150
ord3868
ord2953
ord5213
ord1963
ord2137
ord6002
ord3133
ord4920
ord4856
ord2156
ord5674
ord4639
ord4687
ord4342
ord1693
ord2439
ord3530
ord4249
ord1877
ord1133
ord6467
ord268
ord4624
ord4081
ord3080
ord2986
ord3269
ord4466
ord3260
ord3148
ord2983
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6370
ord2384
ord5241
ord4407
ord1776
ord4078
ord6055
ord2954
ord2541
ord4949
ord4534
ord4539
ord3404
ord2488
ord4979
ord4992
ord4415
ord4603
ord4409
ord4738
ord4741
ord4739
ord4356
ord4361
ord4371
ord4584
ord5060
ord4636
ord4637
ord4649
ord4780
ord4354
ord4643
ord4654
ord5023
ord4689
ord4648
ord4666
ord4667
ord4668
ord4908
ord4909
ord4659
ord4935
ord2096
ord4930
ord1567
ord2414
ord1641

msvcrt

_strdup
free
_mbscmp
wcsncpy
wcslen
_mbsicmp
_CIpow
wcscmp
wcsstr
_wcslwr
atoi
_ftol
_CxxThrowException
_purecall
__CxxFrameHandler
memmove
malloc
strchr
sscanf
_mbctoupper
strtod
mbstowcs
strrchr
wcschr
_mbsstr
_snprintf
longjmp
fprintf
_iob
abort
_setjmp3
fread
??1type_info@@UAE@XZ
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
_initterm
_adjust_fdiv
_mbsrchr

kernel32

LocalSize
OpenProcess
LoadLibraryExW
LoadLibraryExA
LoadLibraryW
VirtualQuery
VirtualProtect
GetSystemInfo
GetCurrentProcessId
SetEvent
GetExitCodeThread
TerminateThread
CreateThread
SetThreadPriority
ResumeThread
WaitForSingleObject
ResetEvent
CreateEventA
GetVersionExA
EnumResourceLanguagesA
EnumResourceTypesA
MultiByteToWideChar
WideCharToMultiByte
lstrcmpA
LocalFree
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetFilePointer
SizeofResource
FindResourceA
LoadResource
LockResource
CreateFileA
ReadFile
CloseHandle
LoadLibraryA
GetModuleHandleA
GetProcAddress
GetCurrentThreadId
InterlockedDecrement
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
InterlockedIncrement
GetModuleFileNameA
lstrcpyA
GetFileAttributesA
MulDiv
lstrlenA
EnumResourceNamesA
LocalAlloc

user32

GetMenuItemInfoA
GetWindowDC
SetWindowPos
GetMenuItemID
GetMenuDefaultItem
MessageBeep
WaitMessage
CreateWindowExA
GetDoubleClickTime
IsWindowVisible
ReleaseCapture
GetClientRect
SetRectEmpty
GetCursorPos
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
LoadStringA
GetSysColor
LoadBitmapA
GetWindowRect
EqualRect
InvalidateRect
DefFrameProcW
IsWindowEnabled
IsRectEmpty
IsWindow
EnableWindow
SetTimer
KillTimer
GetKeyState
UpdateWindow
SetMenuDefaultItem
SetRect
CopyRect
OffsetRect
InflateRect
MoveWindow
GetParent
GetWindowLongA
SendMessageA
GetSystemMetrics
SetClassLongA
GetDC
GetMenu
ScreenToClient
GetDesktopWindow
DefFrameProcA
DefWindowProcW
CallWindowProcW
GetScrollInfo
EnableScrollBar
SetScrollInfo
SetScrollPos
GetSysColorBrush
GetWindow
GetClassNameA
GetClassLongA
FillRect
LoadMenuIndirectA
GetMenuStringA
LookupIconIdFromDirectoryEx
LoadMenuA
CopyImage
PostMessageA
DestroyIcon
CopyIcon
CreateIconIndirect
GetMenuItemCount
DrawIconEx
GetIconInfo
DrawStateA
CreateIconFromResourceEx
LoadImageA
RegisterClipboardFormatA
SetWindowRgn
CallWindowProcA
RegisterWindowMessageA
IsWindowUnicode
GetWindowLongW
SetWindowLongW
SetWindowLongA
GrayStringA
DrawTextA
TabbedTextOutA
GetFocus
DrawFocusRect
EnumWindows
GetSubMenu
PeekMessageA
GetWindowTextLengthA
TranslateMessage
GetSystemMenu
ReleaseDC
GetMenuState
GetWindowThreadProcessId
EndPaint
BeginPaint
SendMessageTimeoutA
LoadIconA
TrackPopupMenuEx
TrackPopupMenu
DrawMenuBar
DrawFrameControl
DrawEdge
AdjustWindowRect
AdjustWindowRectEx
RegisterClassW
RegisterClassA
DefMDIChildProcW
DefMDIChildProcA
DefDlgProcW
PtInRect
DefDlgProcA
GetWindowTextA
DefWindowProcA
IntersectRect
SetCapture
LoadCursorA
GetCapture
GetMessageA
ClientToScreen
SystemParametersInfoA
DispatchMessageA

gdi32

Polygon
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateRectRgn
CombineRgn
CreateDIBSection
DeleteDC
StretchBlt
CreateBitmap
SetTextColor
SetBkColor
SetStretchBltMode
CreatePalette
CreateDIBitmap
SelectPalette
GetObjectType
GetTextColor
ExtSelectClipRgn
IntersectClipRect
GetClipRgn
GetTextCharsetInfo
OffsetRgn
SetBrushOrgEx
GetTextMetricsA
SetBkMode
CreatePatternBrush
SetPixel
GetStockObject
PatBlt
CreateSolidBrush
CreatePen
DeleteObject
CreateRectRgnIndirect
CreateCompatibleBitmap
SelectObject
GetPixel
BitBlt
CreateCompatibleDC
GetTextExtentPoint32A
CreateFontIndirectA
GetDIBits
GetObjectA
GetDeviceCaps

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegQueryValueExA

shell32

DragQueryFileA

comctl32

ImageList_DrawEx
ImageList_GetIconSize
ImageList_Add
ImageList_Destroy
_TrackMouseEvent
ImageList_AddMasked
ImageList_GetIcon
ImageList_GetImageInfo
FlatSB_GetScrollProp
ImageList_Draw
ImageList_GetBkColor
ImageList_GetImageCount
ImageList_DrawIndirect

ole32

CoCreateInstance
ReleaseStgMedium
OleRun

olepro32

ord254
ord253
ord252

oleaut32

SysAllocString
VariantChangeTypeEx
SafeArrayGetDim
OleLoadPicturePath
SafeArrayCreate
VarI4FromCy
VarI4FromR4
VarI4FromR8
VariantInit
VariantChangeType
VariantClear
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
LoadRegTypeLi
SysFreeString

winmm

PlaySoundA

imagehlp

ImageDirectoryEntryToData

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 376KB - Virtual size: 375KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
eee/OCX FILES AND REGISTRATOR/MSINET.OCX
.dll regsvr32 windows x86

96286284ff8e040938ba779778d1542e

Code Sign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

wininet

FtpSetCurrentDirectoryA
FtpCreateDirectoryA
InternetCrackUrlA
InternetSetOptionA
InternetCreateUrlA
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
InternetFindNextFileA
FtpDeleteFileA
FtpGetFileA
FtpPutFileA
FtpRenameFileA
InternetReadFile
InternetConnectA
FtpGetCurrentDirectoryA
FtpRemoveDirectoryA
FtpFindFirstFileA
HttpQueryInfoA
HttpOpenRequestA
HttpSendRequestA
InternetOpenUrlA

kernel32

LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
HeapAlloc
InitializeCriticalSection
EnterCriticalSection
GetProcessHeap
CloseHandle
LocalFree
FormatMessageA
SetEvent
CreateEventA
GetLastError
MultiByteToWideChar
lstrcatA
lstrcpyA
lstrlenA
ResetEvent
SetLastError
lstrcpynA
WaitForSingleObject
WaitForMultipleObjects
GetTickCount
IsBadWritePtr
DisableThreadLibraryCalls
GetVersion
GetFileAttributesA
GetModuleFileNameA
GetWindowsDirectoryA
LoadLibraryA
GetLocaleInfoA
GetProcAddress
InterlockedIncrement
InterlockedDecrement
HeapReAlloc
lstrcmpiA
LockResource
LoadResource
FindResourceA
lstrcmpA

user32

SetDlgItemInt
SendDlgItemMessageA
GetMessageA
PostQuitMessage
GetDlgItemInt
GetDlgItemTextA
SendMessageA
ReleaseDC
GetDC
CharNextA
SetDlgItemTextA
SetWindowPos
SetWindowLongA
SetParent
EndPaint
GetClientRect
BeginPaint
GetWindowLongA
SetFocus
MoveWindow
GetWindow
GetActiveWindow
GetWindowRect
IsWindowVisible
TranslateMessage
OffsetRect
EqualRect
IntersectRect
DispatchMessageA
GetWindowThreadProcessId
PtInRect
WinHelpA
IsDialogMessageA
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
IsChild
GetKeyState
CreateDialogIndirectParamA
MessageBoxA
MessageBeep
SetTimer
PeekMessageA
MsgWaitForMultipleObjects
PostMessageA
GetParent
ClientToScreen
CreateWindowExA
EndDialog
LoadIconA
DrawEdge
DrawIcon
LoadCursorA
RegisterClassA
DestroyIcon
KillTimer
DestroyWindow
GetSystemMetrics
LoadStringA
wsprintfA
DialogBoxParamA
SetWindowRgn
ShowWindow
DefWindowProcA
PostThreadMessageA
UnregisterClassA

ole32

CoUninitialize
CoTaskMemAlloc
CoInitialize
CoTaskMemFree
CoCreateInstance
CreateOleAdviseHolder

advapi32

RegEnumKeyExA
RegQueryValueExA
RegQueryValueA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA

oleaut32

OleCreatePropertyFrame
RegisterTypeLi
LoadTypeLi
UnRegisterTypeLi
LoadTypeLibEx
SafeArrayCreate
SetErrorInfo
CreateErrorInfo
GetErrorInfo
LoadRegTypeLi
SysStringLen
SysAllocStringLen
SysFreeString
VariantInit
VariantClear
VariantChangeType
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetDim
SafeArrayRedim
SafeArrayDestroy
VariantChangeTypeEx
SysAllocString

gdi32

GetWindowExtEx
SetViewportOrgEx
LPtoDP
DeleteDC
SetWindowExtEx
SetMapMode
SetViewportExtEx
GetViewportExtEx
SetWindowOrgEx
CreateDCA
GetDeviceCaps
CreateRectRgnIndirect

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
eee/OCX FILES AND REGISTRATOR/Registrator.exe
.exe windows x86

7e753ff681654f6baf71d608521060db

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

29/01/1996, 00:00

Not After

01/08/2028, 23:59

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

05:e6:68:a2:4e:36:9e:cc:bc:a9:53:1d:11:83:64:bf
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

20/10/2008, 00:00

Not After

20/10/2010, 23:59

Subject

CN=Codejock Technologies\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Codejock Software,O=Codejock Technologies\, LLC,L=Owosso,ST=Michigan,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

4b:fc:e1:dd:20:33:d2:a8:fe:38:55:d1:a5:df:8f:93:c8:ed:41:ad
Signer

Actual PE Digest

4b:fc:e1:dd:20:33:d2:a8:fe:38:55:d1:a5:df:8f:93:c8:ed:41:ad

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord641
ord693
ord800
ord2514
ord2764
ord537
ord1205
ord2621
ord1134
ord2725
ord5265
ord4376
ord4853
ord4998
ord4710
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord1089
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord4234
ord535
ord860
ord540
ord1168
ord2582
ord6055
ord1776
ord4402
ord5290
ord3370
ord3640
ord858
ord1146
ord567
ord2358
ord2302
ord6215
ord5949
ord6199
ord3998
ord2614
ord4277
ord4129
ord6648
ord3092
ord4160
ord2863
ord668
ord2642
ord3178
ord2781
ord2770
ord924
ord356
ord6334
ord2379
ord755
ord470
ord3181
ord6907
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4837
ord4673
ord1576

msvcrt

__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
_mbsrchr
__CxxFrameHandler
_setmbcp
_initterm

kernel32

GetCommandLineA
GetVersionExA
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetStartupInfoA
GetModuleFileNameA

user32

GetSystemMenu
DrawIcon
GetClientRect
AppendMenuA
IsIconic
EnableWindow
SendMessageA
GetSystemMetrics
FindWindowA
LoadIconA

shell32

ShellExecuteA

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
eee/Settings/SecurityCheck.txt
eee/Skin/black.style
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

UPX0
Size: - Virtual size: 3.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 133KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
eee/TRILLIUM_SECURITY_MULTISPLOIT_TOOL V4.exe
.exe windows x86

f1421a623efba19c7f2338e68d3f4317

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetMailslotInfo
GetDateFormatA
TerminateProcess
GetLastError
lstrcmpiW
GetCurrentDirectoryA
GetVolumeInformationW
LoadLibraryA
GetCurrentProcess
HeapAlloc
GetProcessHeap
HeapFree
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapReAlloc
CommConfigDialogA
lstrcmpiA
SetFilePointer

user32

SendInput
wsprintfW
CreateWindowExA
GetScrollBarInfo

advapi32

RegQueryValueExW
RegOpenKeyExW

oleaut32

SafeArrayAllocData

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
eee/learn all kind of hacking.url
.url

Sharing

General

Malware Config

Signatures

Files

8d1c2918fbda0177d7c988251098ff2b

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bfCertificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

77:5d:7c:93:bd:42:1c:4c:35:98:4f:45:95:4b:a4:e3Certificate

Extended Key Usages

Key Usages

6a:8f:14:70:eb:42:00:b3:e4:39:8b:8b:f8:98:9c:d3:ec:ca:44:a8Signer

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

shell32

comctl32

ole32

olepro32

oleaut32

winmm

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 300KB - Virtual size: 299KB

.data Size: 84KB - Virtual size: 92KB

.rsrc Size: 664KB - Virtual size: 661KB

.reloc Size: 152KB - Virtual size: 148KB

362c62ed4f5d5b2ad98dc4f3f5a4f115

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bfCertificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

77:5d:7c:93:bd:42:1c:4c:35:98:4f:45:95:4b:a4:e3Certificate

Extended Key Usages

Key Usages

27:e7:8a:2f:b8:0e:37:28:a8:7e:b9:18:11:e7:04:37:77:63:0a:06Signer

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

shell32

comctl32

ole32

olepro32

oleaut32

Exports

Exports

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 260KB - Virtual size: 259KB

.data Size: 52KB - Virtual size: 60KB

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

77:5d:7c:93:bd:42:1c:4c:35:98:4f:45:95:4b:a4:e3
Certificate

6a:8f:14:70:eb:42:00:b3:e4:39:8b:8b:f8:98:9c:d3:ec:ca:44:a8
Signer

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 300KB - Virtual size: 299KB

.data
Size: 84KB - Virtual size: 92KB

.rsrc
Size: 664KB - Virtual size: 661KB

.reloc
Size: 152KB - Virtual size: 148KB

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

77:5d:7c:93:bd:42:1c:4c:35:98:4f:45:95:4b:a4:e3
Certificate

27:e7:8a:2f:b8:0e:37:28:a8:7e:b9:18:11:e7:04:37:77:63:0a:06
Signer

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 260KB - Virtual size: 259KB

.data
Size: 52KB - Virtual size: 60KB

.rsrc
Size: 368KB - Virtual size: 365KB

.reloc
Size: 116KB - Virtual size: 115KB

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

77:5d:7c:93:bd:42:1c:4c:35:98:4f:45:95:4b:a4:e3
Certificate

74:b2:db:d2:29:d6:34:1e:e7:e0:2e:10:b8:b7:d4:86:e7:4b:35:f6
Signer

.text
Size: 376KB - Virtual size: 375KB

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 28KB - Virtual size: 31KB

.rsrc
Size: 40KB - Virtual size: 38KB

.reloc
Size: 36KB - Virtual size: 35KB

.text
Size: 66KB - Virtual size: 65KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 32KB - Virtual size: 31KB

.reloc
Size: 5KB - Virtual size: 4KB

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate