Patch[.]zip | Triage

Resubmissions

29/09/2023, 21:42

230929-1kcq9seg9x 8

Sharing

Copy URL

Twitter E-mail

General

Target

Patch.zip
Size

408.2MB
MD5

5f757ae21f067d56dceab4eabd49b26a
SHA1

32bc41ddc87c1c2bd37323d1ec6cd02bde8444a2
SHA256

a74f6f08656a1fb91d3b1b6560feec6d795fb58d333fb38a067290007da92f59
SHA512

79c3099ff0b5dae590009f0f90d1e79b300c40291b8ca6863f5b8a7a6688f7774c07ce0a5f399fd773a7abdb778dcdad53653a6f18507cd2bb5bceb2927fa22e
SSDEEP

12582912:MkENsdeS324g2IoO0RCcZIgldCinCNtc77BHzUKeXLNKZWcTbVEQlr:yNmeSmvo5RCW5v/MqBYzNKdFE4r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Patch/Patch MB 4.6.x.xxx.exe

Files

Patch.zip
.zip
Patch/Patch MB 4.6.x.xxx.exe
.exe windows:5 windows x64

81530254b85f34245257b4cb8cfcd6a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

user32

MessageBoxA
CharNextW
LoadStringW
OemToCharW
MessageBoxW
LoadStringW
GetSystemMetrics
CharUpperW
CharLowerBuffW

kernel32

Sleep
VirtualFree
VirtualAlloc
HeapFree
HeapAlloc
GetProcessHeap
lstrlenW
VirtualQuery
QueryPerformanceCounter
GetTickCount
GetSystemInfo
GetVersion
CompareStringW
IsValidLocale
SetThreadLocale
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetLocaleInfoW
WideCharToMultiByte
MultiByteToWideChar
GetACP
LoadLibraryExW
GetStartupInfoW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetCommandLineW
FreeLibrary
GetLastError
UnhandledExceptionFilter
RtlUnwindEx
RtlUnwind
RaiseException
ExitProcess
SwitchToThread
GetCurrentThreadId
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
FindFirstFileW
FindClose
WriteFile
GetStdHandle
CloseHandle
GetProcAddress
RaiseException
LoadLibraryA
GetLastError
TlsSetValue
TlsGetValue
LocalFree
LocalAlloc
GetModuleHandleW
FreeLibrary
WriteFile
WideCharToMultiByte
WaitForSingleObject
VirtualQueryEx
VirtualQuery
VirtualFree
UnmapViewOfFile
SwitchToThread
SizeofResource
SetLastError
SetFileTime
SetFilePointer
SetEvent
SetEnvironmentVariableW
SetEndOfFile
ResetEvent
RemoveDirectoryW
ReadFile
MapViewOfFile
LockResource
LocalFree
LocalFileTimeToFileTime
LoadResource
LeaveCriticalSection
IsValidLocale
InitializeCriticalSection
GetVersionExW
GetTickCount
GetThreadLocale
GetTempPathW
GetStdHandle
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetLocalTime
GetLastError
GetFullPathNameW
GetFileSize
GetFileAttributesW
GetExitCodeProcess
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCommandLineW
GetCPInfo
FreeResource
FreeLibrary
FormatMessageW
FindResourceW
EnumCalendarInfoW
EnterCriticalSection
DosDateTimeToFileTime
DeleteFileW
DeleteCriticalSection
CreateProcessW
CreateFileMappingW
CreateFileW
CreateEventW
CreateDirectoryW
CompareStringW
CloseHandle
Sleep

shfolder

SHGetFolderPathW

msvcrt

memcpy

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 371KB - Virtual size: 370KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 37KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 416B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Patch/Patch.7z
.7z
Patch/readme.txt
Setup/MBSetup.exe
.exe windows:6 windows x86

64f7bc8815496ea07e67416229607846

Code Sign

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a6:57:f7:78:b3:1a:e5:23:d6:67:13:17:18:d1:6e:b2
Certificate

Issuer

CN=Sectigo RSA Code Signing CA 2,O=Sectigo Limited,C=GB

Not Before

23/03/2022, 00:00

Not After

16/03/2025, 23:59

Subject

CN=Malwarebytes Inc.,O=Malwarebytes Inc.,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

9e:02:b0:e9:4a:ce:b2:10:9c:a1:e9:83:6b:e0:c2:db
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

25/05/2021, 00:00

Not After

24/05/2036, 23:59

Subject

CN=Sectigo RSA Code Signing CA 2,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:05:e5:cf:0f:ff:66:2e:c9:87:00:00:00:00:00:05
Certificate

Issuer

CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US

Not Before

19/11/2020, 20:32

Not After

19/11/2035, 20:42

Subject

CN=Microsoft Public RSA Timestamping CA 2020,O=Microsoft Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:26:0a:af:97:8f:de:85:10:01:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Public RSA Timestamping CA 2020,O=Microsoft Corporation,C=US

Not Before

06/04/2023, 18:44

Not After

04/04/2024, 18:44

Subject

CN=Microsoft Public RSA Time Stamping Authority,OU=Microsoft America Operations+OU=nShield TSS ESN:7D00-05E0-D947,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

54:98:d2:d1:d4:5b:19:95:48:13:79:c8:11:c0:87:99
Certificate

Issuer

CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US

Not Before

16/04/2020, 18:36

Not After

16/04/2045, 18:44

Subject

CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:2a:c9:26:1a:29:98:d0:4c:95:be:00:00:00:00:2a:c9
Certificate

Issuer

CN=Microsoft ID Verified CS EOC CA 01,O=Microsoft Corporation,C=US

Not Before

20/09/2023, 23:35

Not After

23/09/2023, 23:35

Subject

CN=Malwarebytes Inc,O=Malwarebytes Inc,L=Santa Clara,ST=CA,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:2a:c9:26:1a:29:98:d0:4c:95:be:00:00:00:00:2a:c9
Certificate

Issuer

CN=Microsoft ID Verified CS EOC CA 01,O=Microsoft Corporation,C=US

Not Before

20/09/2023, 23:35

Not After

23/09/2023, 23:35

Subject

CN=Malwarebytes Inc,O=Malwarebytes Inc,L=Santa Clara,ST=CA,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:06:4a:1a:fa:cf:05:61:6a:74:00:00:00:00:00:06
Certificate

Issuer

CN=Microsoft ID Verified Code Signing PCA 2021,O=Microsoft Corporation,C=US

Not Before

13/04/2021, 17:31

Not After

13/04/2026, 17:31

Subject

CN=Microsoft ID Verified CS EOC CA 01,O=Microsoft Corporation,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:07:87:a3:34:a3:7b:a5:8e:1c:00:00:00:00:00:07
Certificate

Issuer

CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US

Not Before

01/04/2021, 20:05

Not After

01/04/2036, 20:15

Subject

CN=Microsoft ID Verified Code Signing PCA 2021,O=Microsoft Corporation,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:05:e5:cf:0f:ff:66:2e:c9:87:00:00:00:00:00:05
Certificate

Issuer

CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US

Not Before

19/11/2020, 20:32

Not After

19/11/2035, 20:42

Subject

CN=Microsoft Public RSA Timestamping CA 2020,O=Microsoft Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:25:07:a4:fb:43:53:57:33:62:00:00:00:00:00:25
Certificate

Issuer

CN=Microsoft Public RSA Timestamping CA 2020,O=Microsoft Corporation,C=US

Not Before

06/04/2023, 18:44

Not After

04/04/2024, 18:44

Subject

CN=Microsoft Public RSA Time Stamping Authority,OU=Microsoft America Operations+OU=nShield TSS ESN:A500-05E0-D947,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4e:24:02:55:00:0d:6c:c6:4b:67:02:66:62:86:5e:ab:68:04:d2:92:ec:7c:26:fc:12:46:f2:a1:de:a3:e1:e0
Signer

Actual PE Digest

4e:24:02:55:00:0d:6c:c6:4b:67:02:66:62:86:5e:ab:68:04:d2:92:ec:7c:26:fc:12:46:f2:a1:de:a3:e1:e0

Digest Algorithm

sha256

PE Digest Matches

true

4e:24:02:55:00:0d:6c:c6:4b:67:02:66:62:86:5e:ab:68:04:d2:92:ec:7c:26:fc:12:46:f2:a1:de:a3:e1:e0
Signer

Actual PE Digest

4e:24:02:55:00:0d:6c:c6:4b:67:02:66:62:86:5e:ab:68:04:d2:92:ec:7c:26:fc:12:46:f2:a1:de:a3:e1:e0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
LeaveCriticalSection
RaiseException
EnterCriticalSection
GetLastError
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
InitializeCriticalSectionEx
DeleteCriticalSection
IsWow64Process
GetCurrentProcess
VerifyVersionInfoW
VerSetConditionMask
GetSystemDirectoryW
CreateFileW
DeviceIoControl
CloseHandle
GetCurrentThreadId
SetLastError
LockResource
FindResourceExW
Sleep
GlobalFree
LocalFree
FormatMessageW
LocalAlloc
CallNamedPipeW
GetWindowsDirectoryW
SetCurrentDirectoryW
GetCommandLineW
GetModuleHandleW
CreateMutexW
GetNativeSystemInfo
GetDiskFreeSpaceExW
FindFirstFileW
FindClose
CreateProcessW
FindNextFileW
WideCharToMultiByte
GlobalAlloc
GlobalLock
SetThreadUILanguage
LoadLibraryW
CreateDirectoryW
GetLogicalDrives
GetTempPathW
DeleteFileW
InitializeProcThreadAttributeList
UpdateProcThreadAttribute
DeleteProcThreadAttributeList
OpenProcess
ResumeThread
TerminateProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
K32GetModuleFileNameExW
GetCurrentDirectoryW
GetCurrentProcessId
OutputDebugStringW
SetEndOfFile
WriteConsoleW
SetStdHandle
FreeLibrary
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
DecodePointer
MulDiv
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
GetSystemInfo
VirtualProtect
VirtualQuery
LoadLibraryExA
GetStringTypeW
FindFirstFileExW
GetFileAttributesW
GetFileAttributesExW
GetFileInformationByHandle
RemoveDirectoryW
AreFileApisANSI
CopyFileW
DuplicateHandle
WaitForSingleObjectEx
SwitchToThread
GetCurrentThread
QueryPerformanceCounter
TryEnterCriticalSection
EncodePointer
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
IsDebuggerPresent
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
SetEvent
ResetEvent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
CreateTimerQueue
SignalObjectAndWait
CreateThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibraryAndExitThread
GetModuleHandleA
GetVersionExW
ReleaseSemaphore
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
RtlUnwind
ExitProcess
GetModuleHandleExW
GetCommandLineA
ExitThread
GetStdHandle
WriteFile
GetFileType
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadFile
SetFilePointerEx
GetFileSizeEx
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadConsoleW
GetTimeZoneInformation

dwmapi

DwmGetWindowAttribute

crypt32

CertCloseStore
CertFreeCertificateContext
CertGetNameStringW
CertFindCertificateInStore
CryptMsgGetParam
CryptQueryObject
CryptMsgClose

rpcrt4

RpcStringFreeW
UuidToStringW
UuidCreate
UuidToStringA
RpcStringFreeA

Sections

.text
Size: 726KB - Virtual size: 726KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 281.8MB - Virtual size: 281.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

81530254b85f34245257b4cb8cfcd6a1

Headers

File Characteristics

Imports

oleaut32

advapi32

user32

kernel32

shfolder

msvcrt

Exports

Exports

Sections

.text Size: 371KB - Virtual size: 370KB

.data Size: 54KB - Virtual size: 53KB

.bss Size: - Virtual size: 37KB

.idata Size: 5KB - Virtual size: 5KB

.didata Size: 512B - Virtual size: 396B

.edata Size: 512B - Virtual size: 150B

.tls Size: - Virtual size: 416B

.rdata Size: 512B - Virtual size: 40B

.pdata Size: 21KB - Virtual size: 20KB

.rsrc Size: 91KB - Virtual size: 91KB

64f7bc8815496ea07e67416229607846

Code Sign

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95Certificate

Key Usages

a6:57:f7:78:b3:1a:e5:23:d6:67:13:17:18:d1:6e:b2Certificate

Extended Key Usages

Key Usages

9e:02:b0:e9:4a:ce:b2:10:9c:a1:e9:83:6b:e0:c2:dbCertificate

Extended Key Usages

Key Usages

33:00:00:00:05:e5:cf:0f:ff:66:2e:c9:87:00:00:00:00:00:05Certificate

Extended Key Usages

Key Usages

33:00:00:00:26:0a:af:97:8f:de:85:10:01:00:00:00:00:00:26Certificate

Extended Key Usages

Key Usages

54:98:d2:d1:d4:5b:19:95:48:13:79:c8:11:c0:87:99Certificate

Key Usages

33:00:00:2a:c9:26:1a:29:98:d0:4c:95:be:00:00:00:00:2a:c9Certificate

Extended Key Usages

Key Usages

33:00:00:2a:c9:26:1a:29:98:d0:4c:95:be:00:00:00:00:2a:c9Certificate

Extended Key Usages

Key Usages

33:00:00:00:06:4a:1a:fa:cf:05:61:6a:74:00:00:00:00:00:06Certificate

Key Usages

33:00:00:00:07:87:a3:34:a3:7b:a5:8e:1c:00:00:00:00:00:07Certificate

Key Usages

33:00:00:00:05:e5:cf:0f:ff:66:2e:c9:87:00:00:00:00:00:05Certificate

Extended Key Usages

Key Usages

33:00:00:00:25:07:a4:fb:43:53:57:33:62:00:00:00:00:00:25Certificate

Extended Key Usages

Key Usages

4e:24:02:55:00:0d:6c:c6:4b:67:02:66:62:86:5e:ab:68:04:d2:92:ec:7c:26:fc:12:46:f2:a1:de:a3:e1:e0Signer

4e:24:02:55:00:0d:6c:c6:4b:67:02:66:62:86:5e:ab:68:04:d2:92:ec:7c:26:fc:12:46:f2:a1:de:a3:e1:e0Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

dwmapi

crypt32

rpcrt4

Sections

.text Size: 726KB - Virtual size: 726KB

.rdata Size: 178KB - Virtual size: 177KB

.data Size: 17KB - Virtual size: 22KB

.rsrc Size: 281.8MB - Virtual size: 281.8MB

.reloc Size: 42KB - Virtual size: 42KB

.text
Size: 371KB - Virtual size: 370KB

.data
Size: 54KB - Virtual size: 53KB

.bss
Size: - Virtual size: 37KB

.idata
Size: 5KB - Virtual size: 5KB

.didata
Size: 512B - Virtual size: 396B

.edata
Size: 512B - Virtual size: 150B

.tls
Size: - Virtual size: 416B

.rdata
Size: 512B - Virtual size: 40B

.pdata
Size: 21KB - Virtual size: 20KB

.rsrc
Size: 91KB - Virtual size: 91KB

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

a6:57:f7:78:b3:1a:e5:23:d6:67:13:17:18:d1:6e:b2
Certificate

9e:02:b0:e9:4a:ce:b2:10:9c:a1:e9:83:6b:e0:c2:db
Certificate

33:00:00:00:05:e5:cf:0f:ff:66:2e:c9:87:00:00:00:00:00:05
Certificate

33:00:00:00:26:0a:af:97:8f:de:85:10:01:00:00:00:00:00:26
Certificate

54:98:d2:d1:d4:5b:19:95:48:13:79:c8:11:c0:87:99
Certificate

33:00:00:2a:c9:26:1a:29:98:d0:4c:95:be:00:00:00:00:2a:c9
Certificate

33:00:00:2a:c9:26:1a:29:98:d0:4c:95:be:00:00:00:00:2a:c9
Certificate

33:00:00:00:06:4a:1a:fa:cf:05:61:6a:74:00:00:00:00:00:06
Certificate

33:00:00:00:07:87:a3:34:a3:7b:a5:8e:1c:00:00:00:00:00:07
Certificate

33:00:00:00:05:e5:cf:0f:ff:66:2e:c9:87:00:00:00:00:00:05
Certificate

33:00:00:00:25:07:a4:fb:43:53:57:33:62:00:00:00:00:00:25
Certificate

4e:24:02:55:00:0d:6c:c6:4b:67:02:66:62:86:5e:ab:68:04:d2:92:ec:7c:26:fc:12:46:f2:a1:de:a3:e1:e0
Signer

4e:24:02:55:00:0d:6c:c6:4b:67:02:66:62:86:5e:ab:68:04:d2:92:ec:7c:26:fc:12:46:f2:a1:de:a3:e1:e0
Signer

.text
Size: 726KB - Virtual size: 726KB

.rdata
Size: 178KB - Virtual size: 177KB

.data
Size: 17KB - Virtual size: 22KB

.rsrc
Size: 281.8MB - Virtual size: 281.8MB

.reloc
Size: 42KB - Virtual size: 42KB