Extracted

• Panda.rar

  .rar
• Panda Regedit/Guna.UI2.dll

  .dll windows x86

  dae02f32a21e03ce65412f6e56942daa

  
  

  Code Sign

  7a:98:1b:7d:3e:b4:86:bb:45:84:c4:3c:c9:a8:3f:db

  Certificate

  Issuer

  CN=Sobatdata Root CA

  Not Before

  23/10/2019, 05:22

  Not After

  22/10/2025, 17:00

  Subject

  CN=Sobatdata Software

  0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd

  Certificate

  Issuer

  CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  01/01/2021, 00:00

  Not After

  06/01/2031, 00:00

  Subject

  CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15

  Certificate

  Issuer

  CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  07/01/2016, 12:00

  Not After

  07/01/2031, 12:00

  Subject

  CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  8d:ae:28:3e:4f:d9:48:5e:14:cd:ec:ed:ab:f1:52:70:6e:07:9f:18

  Signer

  Actual PE Digest

  8d:ae:28:3e:4f:d9:48:5e:14:cd:ec:ed:ab:f1:52:70:6e:07:9f:18

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_DLL

  Imports

  mscoree

  _CorDllMain

  Sections

  .text

  Size: 3.7MB - Virtual size: 3.7MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 12B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• Panda Regedit/Panda_Panel.exe

  .exe windows x86

  f34d5f2d4577ed6d9ceec516c1f5a744

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Imports

  mscoree

  _CorExeMain

  Sections

  .text

  Size: 833KB - Virtual size: 833KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 55KB - Virtual size: 54KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 12B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• Panda Regedit/Panda_System.exe

  .exe windows x86

  f34d5f2d4577ed6d9ceec516c1f5a744

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  mscoree

  _CorExeMain

  Sections

  .text

  Size: 39KB - Virtual size: 38KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 12KB - Virtual size: 11KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 12B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ