TradingView_Pro_Desktop[.]zip

Resubmissions

01/10/2023, 14:43

231001-r3kedsdb27 3

Sharing

Copy URL Twitter E-mail

General

Target

TradingView_Pro_Desktop.zip
Size

11.1MB
MD5

371477e5f0588891e06501f60ddf0579
SHA1

6aa3f5ef35197ecc9fc936cd42ece3580f19a588
SHA256

f91f9f7c55fff60292e9ed0a7d9550e27253f07c283d8f7348a9225dddb7bfff
SHA512

a247ba015db8fff62575f26435d07585cce5f86c33950e79d346a7afc5196ecc1c9dc6bd76f0189abdf134842e420e385df70108e04b3a1ed5c9d3de01cf4f34
SSDEEP

196608:PErFb80Cfh9ZeDk7lj/TGFEbSKFJRsUvc:PErR8NbeDk7sFOSK5sUvc

Score

3^/10

Malware Config

Signatures

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/resources/Engine_x32.dll
unpack001/resources/platforms/PresentationBuildTasks.dll
unpack001/resources/platforms/System.Speech.dll
unpack001/resources/platforms/System.Workflow.Activities.dll
unpack001/resources/platforms/System.Workflow.ComponentModel.dll
unpack001/resources/platforms/WindowsBase.dll

Files

TradingView_Pro_Desktop.zip
.zip
TradingView (Pro+) Desktop.exe
.exe windows:5 windows x86

298cd829d710f1c0e669d72611b848c5

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

24/05/2016, 00:00

Not After

24/06/2027, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2b:a7:21:42:24:82:95:02:08:d9:a1:7e:99:e1:98:db
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/09/2015, 00:00

Not After

01/10/2018, 23:59

Subject

CN=Environmental Systems Research Institute Inc.,O=Environmental Systems Research Institute Inc.,L=Redlands,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:a7:21:42:24:82:95:02:08:d9:a1:7e:99:e1:98:db
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/09/2015, 00:00

Not After

01/10/2018, 23:59

Subject

CN=Environmental Systems Research Institute Inc.,O=Environmental Systems Research Institute Inc.,L=Redlands,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5f:d6:93:fa:b0:98:e3:f4:67:7b:b8:cb:67:2c:22:9e
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

11/06/2015, 00:00

Not After

29/12/2020, 23:59

Subject

CN=GeoTrust 2048-bit Timestamping Signer 1,O=GeoTrust Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

01/01/1997, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

75:35:33:3d:5e:54:80:36:6d:62:43:d1:ee:b5:fd:fd:49:a0:90:de:3e:b2:1f:be:c9:2c:7a:ba:d8:f9:f1:2f
Signer

Actual PE Digest

75:35:33:3d:5e:54:80:36:6d:62:43:d1:ee:b5:fd:fd:49:a0:90:de:3e:b2:1f:be:c9:2c:7a:ba:d8:f9:f1:2f

Digest Algorithm

sha256

PE Digest Matches

false

da:7a:05:af:51:06:2c:99:bf:c0:99:21:99:ab:09:c2:57:ee:79:ec
Signer

Actual PE Digest

da:7a:05:af:51:06:2c:99:bf:c0:99:21:99:ab:09:c2:57:ee:79:ec

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

ole32

CoCreateInstance

oleaut32

SysFreeString

Sections

.MPRESS1
Size: 4.2MB - Virtual size: 6.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
qtmultimedia_m3u.dll
.dll windows:6 windows x86

d35460b9a3baf35d1aaeb2c0ade3acc2

Code Sign

4a:53:8c:28
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

07/07/2009, 17:25

Not After

07/12/2030, 17:55

Subject

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4e:40:e4:37:54:ed:e6:8c:00:00:00:00:51:d3:94:7f
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

07/05/2021, 15:43

Not After

07/11/2030, 16:13

Subject

CN=Entrust Code Signing Root Certification Authority - CSBR1,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5a:34:61:50:30:94:33:f3:02:f6:ec:f2:31:43:1a:6d
Certificate

Issuer

CN=Entrust Extended Validation Code Signing CA - EVCS2,O=Entrust\, Inc.,C=US

Not Before

23/11/2021, 07:32

Not After

01/12/2022, 07:32

Subject

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

35:af:b7:7b:9d:34:1f:6a:fc:8f:84:46:ab:31:35:2b
Certificate

Issuer

CN=Entrust Code Signing Root Certification Authority - CSBR1,O=Entrust\, Inc.,C=US

Not Before

07/05/2021, 19:19

Not After

29/12/2040, 23:59

Subject

CN=Entrust Extended Validation Code Signing CA - EVCS2,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

38:63:de:f8
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

24/12/1999, 17:50

Not After

24/07/2029, 14:15

Subject

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

22/07/2015, 19:02

Not After

22/06/2029, 19:32

Subject

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

8d:ce:15:f3:a7:94:c5:87:00:00:00:00:55:92:33:f4
Certificate

Issuer

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

22/07/2020, 15:33

Not After

29/12/2030, 16:29

Subject

CN=Entrust Timestamp Authority - TSA1,O=Entrust\, Inc.,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

45:86:f7:f1:c5:65:6b:35:be:e3:c6:3c:61:d0:64:72:d1:3b:59:ab:19:38:a2:2d:0c:37:15:8c:d7:ea:b9:09
Signer

Actual PE Digest

45:86:f7:f1:c5:65:6b:35:be:e3:c6:3c:61:d0:64:72:d1:3b:59:ab:19:38:a2:2d:0c:37:15:8c:d7:ea:b9:09

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

qt5multimedia

?qt_metacall@QMediaPlaylistIOPlugin@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QMediaPlaylistIOPlugin@@UAEPAXPBD@Z
?staticMetaObject@QMediaPlaylistIOPlugin@@2UQMetaObject@@B
??1QMediaPlaylistIOPlugin@@UAE@XZ
??0QMediaPlaylistIOPlugin@@QAE@PAVQObject@@@Z
??0QMediaPlaylistWriter@@QAE@XZ
??1QMediaPlaylistWriter@@UAE@XZ
??0QMediaContent@@QAE@XZ
??1QMediaPlaylistReader@@UAE@XZ
?request@QMediaContent@@QBE?AVQNetworkRequest@@XZ
?isNull@QMediaContent@@QBE_NXZ
??4QMediaContent@@QAEAAV0@ABV0@@Z
??1QMediaContent@@QAE@XZ
??0QMediaContent@@QAE@ABV0@@Z
??0QMediaContent@@QAE@ABVQUrl@@@Z
??0QMediaPlaylistReader@@QAE@XZ

qt5network

??1QNetworkRequest@@QAE@XZ
?url@QNetworkRequest@@QBE?AVQUrl@@XZ

qt5core

?trimmed@QString@@QHAE?AV1@XZ
??8QString@@QBE_NVQLatin1String@@@Z
??BQCharRef@@QBE?AVQChar@@XZ
?detach_grow@QListData@@QAEPAUData@1@PAHH@Z
?dispose@QListData@@SAXPAUData@1@@Z
?append@QListData@@QAEPAPAXXZ
?isOpen@QIODevice@@QBE_NXZ
?isReadable@QIODevice@@QBE_NXZ
?isWritable@QIODevice@@QBE_NXZ
??0QTextStream@@QAE@PAVQIODevice@@@Z
??1QTextStream@@UAE@XZ
?atEnd@QTextStream@@QBE_NXZ
?readLine@QTextStream@@QAE?AVQString@@_J@Z
??6QTextStream@@QAEAAV0@ABVQString@@@Z
?endl@Qt@@YAAAVQTextStream@@AAV2@@Z
??0QUrl@@QAE@XZ
??0QUrl@@QAE@ABV0@@Z
??0QUrl@@QAE@ABVQString@@W4ParsingMode@0@@Z
??1QUrl@@QAE@XZ
?toString@QUrl@@QBE?AVQString@@V?$QUrlTwoFlags@W4UrlFormattingOption@QUrl@@W4ComponentFormattingOption@2@@@@Z
?fromUserInput@QUrl@@SA?AV1@ABVQString@@@Z
?isEmpty@QUrl@@QBE_NXZ
?endsWith@QString@@QBE_NVQLatin1String@@W4CaseSensitivity@Qt@@@Z
?resolved@QUrl@@QBE?AV1@ABV1@@Z
?isRelative@QUrl@@QBE_NXZ
?fromLocalFile@QUrl@@SA?AV1@ABVQString@@@Z
?toLocalFile@QUrl@@QBE?AVQString@@XZ
??0QFile@@QAE@ABVQString@@@Z
??1QFile@@UAE@XZ
?exists@QFile@@SA_NABVQString@@@Z
??0QFileInfo@@QAE@ABVQString@@@Z
??1QFileInfo@@QAE@XZ
?isReadable@QFileInfo@@QBE_NXZ
?atEnd@QFileDevice@@UBE_NXZ
?bytesAvailable@QIODevice@@UBE_JXZ
?bytesToWrite@QIODevice@@UBE_JXZ
?canReadLine@QIODevice@@UBE_NXZ
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
?close@QFileDevice@@UAEXXZ
?connectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?disconnectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?event@QObject@@UAE_NPAVQEvent@@@Z
?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?fileName@QFile@@UBE?AVQString@@XZ
?isSequential@QFileDevice@@UBE_NXZ
??AQString@@QAE?AVQCharRef@@H@Z
?open@QFile@@UAE_NV?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
?permissions@QFile@@UBE?AV?$QFlags@W4Permission@QFileDevice@@@@XZ
?pos@QFileDevice@@UBE_JXZ
?qt_metacall@QFile@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QFile@@UAEPAXPBD@Z
?readData@QFileDevice@@MAE_JPAD_J@Z
?readLineData@QFileDevice@@MAE_JPAD_J@Z
?reset@QIODevice@@UAE_NXZ
?resize@QFile@@UAE_N_J@Z
?seek@QFileDevice@@UAE_N_J@Z
?setPermissions@QFile@@UAE_NV?$QFlags@W4Permission@QFileDevice@@@@@Z
?size@QFile@@UBE_JXZ
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
?waitForBytesWritten@QIODevice@@UAE_NH@Z
?waitForReadyRead@QIODevice@@UAE_NH@Z
?writeData@QFileDevice@@MAE_JPBD_J@Z
?shared_null@QListData@@2UData@1@B
?dynamicMetaObject@QObjectData@@QBEPAUQMetaObject@@XZ
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPAU12@PBVQObject@@@Z
??1QString@@QAE@XZ
?qstrcmp@@YAHABVQByteArray@@PBD@Z
?toLower@QString@@QHAE?AV1@XZ
?scheme@QUrl@@QBE?AVQString@@XZ
?metaObject@QFile@@UBEPBUQMetaObject@@XZ

kernel32

DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
EnterCriticalSection
TerminateProcess
GetCurrentProcess
InitializeSListHead
CloseHandle
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection

vcruntime140

__std_exception_copy
__std_exception_destroy
_CxxThrowException
memset
_except_handler4_common
__std_type_info_destroy_list

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
_seh_filter_dll

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 512B - Virtual size: 90B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
resources/CreativeCloud_icon.svg
resources/DropGraphicFiles.svg
resources/Engine_x32.dll
.dll windows:4 windows x86

2c8b6407e1519c6ac69e454ee4a811d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

supersub

ord1611
ord417
ord1610
ord984
ord1609
ord411
ord1725
ord1730
ord72

idb

ord1
ord12
ord15
ord13
ord9
ord4
ord6
ord7
ord8
ord5
ord3

synccore

?ConvertHostTagToLSTag@CSyncUtil@@SAJABVTString@@AAJPAU_SYNC_TAGS@@H@Z
??0CSyncHttp@@QAE@PBU_SYNC_TAGS@@HPAVCThreadSafeSocket@@@Z
??1CSyncHttp@@QAE@XZ
?ReadLine@CSyncUtil@@SAJAAKAAVTString@@PAVCSyncHttp@@@Z
?SyncSetHeader@CSyncHttp@@QAEKPAU_SYNCHEADERINFO@@@Z
?GetLValAndRVal@CSyncUtil@@SAJABVTString@@AAV2@1@Z
?GetHostOperEntryType@CSyncUtil@@SAJAAVTString@@0AAJ@Z
?ClearBuffer@CSyncUtil@@SAXPAVCSyncHttp@@@Z
?SyncGetFileSize@CSyncHttp@@QAEKPAK@Z
?SyncSetURLField@CSyncHttp@@QAEKHPAD@Z
?NeedToKillThread@CSyncUtil@@SA_NPAX@Z
nsUnescape
?SkipLine@CSyncUtil@@SAJAAKHAAVTString@@PAVCSyncHttp@@@Z
?SyncStartURLString@CSyncHttp@@QAEKHPAD@Z
?SyncGetServerResponse@CSyncHttp@@QAEPBDXZ
?SyncQuery@CSyncHttp@@QAEKPAD@Z
?SyncCloseAllHttpHandles@CSyncHttp@@QAEXXZ
?ValidHostType@CSyncUtil@@SA_NABJQBJH@Z

manager

??1ABDataStore@@UAE@XZ
ord368
ord372
ord342
?RemoveEntry@ABDataStore@@QAEHPBD000000@Z
?AddEntry@ABDataStore@@QAEHPBD000000@Z
?RemoveItem@CACDataStore@@QAEHPBD00K_N@Z
??0ABDataStore@@QAE@XZ
?AddItem@CACDataStore@@QAEHPBD00K@Z
ord393

msvcp71

?_Nomemory@std@@YAXXZ
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHABV12@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHPBD@Z

msvcr71

_adjust_fdiv
__security_error_handler
_onexit
__dllonexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__lconv_init
__CppXcptFilter
_initterm
_callnewh
strtol
_strlwr
memset
_except_handler3
free
??0exception@@QAE@ABV0@@Z
__CxxFrameHandler
_CxxThrowException
??3@YAXPAX@Z
??_V@YAXPAX@Z
??1exception@@UAE@XZ
??0exception@@QAE@XZ
memmove
memcpy
strlen
sprintf
malloc
strncpy
rename
_purecall
realloc
strcmp
strcpy

user32

LoadStringA

kernel32

ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetFullPathNameA
DeleteFileA
GetFileAttributesA
DisableThreadLibraryCalls
lstrlenA
CreateMutexA
CloseHandle
lstrcpynA
ReleaseMutex
WaitForSingleObject
lstrcmpA
DeleteCriticalSection
InitializeCriticalSection
GetVersionExA

zlib

ord3

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
resources/GroupOnboardingBackground_CCD.png
.png
resources/GroupOnboardingGraphic_CCD.png
.png
resources/MissingLinkedElement_Dark.svg
.xml
resources/MissingLinkedElement_Light.svg
.xml
resources/NewUserEmpty_dark.svg
resources/NewUserEmpty_light.svg
resources/ScrollDownArrow_dark.svg
.xml
resources/ScrollDownArrow_darker.svg
.xml
resources/ScrollDownArrow_light.svg
.xml
resources/ScrollDownArrow_lighter.svg
.xml
resources/ScrollUpArrow_dark.svg
.xml
resources/ScrollUpArrow_darker.svg
.xml
resources/ScrollUpArrow_light.svg
.xml
resources/ScrollUpArrow_lighter.svg
.xml
resources/aac_filetype_256.svg
.xml
resources/aac_filetype_64.svg
.xml
resources/aif_filetype_256.svg
.xml
resources/aif_filetype_64.svg
.xml
resources/aiff_filetype_256.svg
.xml
resources/aiff_filetype_64.svg
.xml
resources/captureCoachMark.png
.png
resources/checkerboard.png
.png
resources/coachmark.png
.png
resources/icons.svg
resources/lgpllibs.dll
.dll windows:6 windows x64

451aecea9f58042e76d96a82be2804fa

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:1c:d3:ee:a4:7e:dd:a7:a0:32:57:3b:01:4d:0a:fd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09/04/2021, 00:00

Not After

19/06/2024, 23:59

Subject

CN=Mozilla Corporation,OU=Firefox Engineering Operations,O=Mozilla Corporation,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4a:3b:90:da:c2:ec:bd:f2:73:49:3f:a1:d6:9e:62:a9:55:da:15:1a
Signer

Actual PE Digest

4a:3b:90:da:c2:ec:bd:f2:73:49:3f:a1:d6:9e:62:a9:55:da:15:1a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mozglue

??2@YAPEAX_K@Z
??3@YAXPEAX@Z
??_U@YAPEAX_K@Z
??_V@YAXPEAX@Z

kernel32

DisableThreadLibraryCalls
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
_purecall
memcpy
memmove
memset

api-ms-win-crt-runtime-l1-1-0

_cexit
_configure_narrow_argv
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_seh_filter_dll

api-ms-win-crt-math-l1-1-0

cos
exp
ldexp
sin
sqrt

Exports

Exports

??0SoundTouch@soundtouch@@QEAA@AEBV01@@Z
??0SoundTouch@soundtouch@@QEAA@XZ
??1SoundTouch@soundtouch@@UEAA@XZ
??4SoundTouch@soundtouch@@QEAAAEAV01@AEBV01@@Z
??_7SoundTouch@soundtouch@@6B@
?calcEffectiveRateAndTempo@SoundTouch@soundtouch@@AEAAXXZ
?clear@SoundTouch@soundtouch@@UEAAXXZ
?createSoundTouchObj@soundtouch@@YAPEAVSoundTouch@1@XZ
?destroySoundTouchObj@soundtouch@@YAXPEAVSoundTouch@1@@Z
?flush@SoundTouch@soundtouch@@QEAAXXZ
?getInputOutputSampleRatio@SoundTouch@soundtouch@@QEAANXZ
?getSetting@SoundTouch@soundtouch@@QEBAHH@Z
?getVersionId@SoundTouch@soundtouch@@SAIXZ
?getVersionString@SoundTouch@soundtouch@@SAPEBDXZ
?numChannels@SoundTouch@soundtouch@@QEBAIXZ
?numUnprocessedSamples@SoundTouch@soundtouch@@UEBAIXZ
?putSamples@SoundTouch@soundtouch@@UEAAXPEBMI@Z
?receiveSamples@SoundTouch@soundtouch@@UEAAII@Z
?receiveSamples@SoundTouch@soundtouch@@UEAAIPEAMI@Z
?setChannels@SoundTouch@soundtouch@@QEAAXI@Z
?setPitch@SoundTouch@soundtouch@@QEAAXN@Z
?setPitchOctaves@SoundTouch@soundtouch@@QEAAXN@Z
?setPitchSemiTones@SoundTouch@soundtouch@@QEAAXH@Z
?setPitchSemiTones@SoundTouch@soundtouch@@QEAAXN@Z
?setRate@SoundTouch@soundtouch@@QEAAXN@Z
?setRateChange@SoundTouch@soundtouch@@QEAAXN@Z
?setSampleRate@SoundTouch@soundtouch@@QEAAXI@Z
?setSetting@SoundTouch@soundtouch@@QEAA_NHH@Z
?setTempo@SoundTouch@soundtouch@@QEAAXN@Z
?setTempoChange@SoundTouch@soundtouch@@QEAAXN@Z

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
resources/libEGL.dll
.dll windows:6 windows x64

733fea540c63883bb80910cfcf25367e

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:1c:d3:ee:a4:7e:dd:a7:a0:32:57:3b:01:4d:0a:fd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09/04/2021, 00:00

Not After

19/06/2024, 23:59

Subject

CN=Mozilla Corporation,OU=Firefox Engineering Operations,O=Mozilla Corporation,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

a6:34:64:16:a9:76:95:77:5e:ed:d6:4f:87:24:44:73:2b:ae:0e:51
Signer

Actual PE Digest

a6:34:64:16:a9:76:95:77:5e:ed:d6:4f:87:24:44:73:2b:ae:0e:51

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mozglue

??3@YAXPEAX_K@Z
free
moz_xmalloc

kernel32

CloseHandle
CreateEventW
DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetModuleHandleW
GetProcAddress
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
QueryPerformanceCounter
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetEvent
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
WaitForSingleObjectEx

vcruntime140

__C_specific_handler
__CxxFrameHandler3
__std_terminate
__std_type_info_destroy_list
memset

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vsprintf

api-ms-win-crt-math-l1-1-0

cosf
exp2f
logf
sinf
sqrtf

api-ms-win-crt-runtime-l1-1-0

_cexit
_configure_narrow_argv
_crt_atexit
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_register_onexit_function
_seh_filter_dll

Exports

Exports

eglBindAPI
eglBindTexImage
eglChooseConfig
eglClientWaitSync
eglClientWaitSyncKHR
eglCopyBuffers
eglCreateContext
eglCreateDeviceANGLE
eglCreateImage
eglCreateImageKHR
eglCreateNativeClientBufferANDROID
eglCreatePbufferFromClientBuffer
eglCreatePbufferSurface
eglCreatePixmapSurface
eglCreatePlatformPixmapSurface
eglCreatePlatformPixmapSurfaceEXT
eglCreatePlatformWindowSurface
eglCreatePlatformWindowSurfaceEXT
eglCreateStreamKHR
eglCreateStreamProducerD3DTextureANGLE
eglCreateSync
eglCreateSyncKHR
eglCreateWindowSurface
eglDebugMessageControlKHR
eglDestroyContext
eglDestroyImage
eglDestroyImageKHR
eglDestroyStreamKHR
eglDestroySurface
eglDestroySync
eglDestroySyncKHR
eglDupNativeFenceFDANDROID
eglGetCompositorTimingANDROID
eglGetCompositorTimingSupportedANDROID
eglGetConfigAttrib
eglGetConfigs
eglGetCurrentContext
eglGetCurrentDisplay
eglGetCurrentSurface
eglGetDisplay
eglGetError
eglGetFrameTimestampSupportedANDROID
eglGetFrameTimestampsANDROID
eglGetMscRateANGLE
eglGetNativeClientBufferANDROID
eglGetNextFrameIdANDROID
eglGetPlatformDisplay
eglGetPlatformDisplayEXT
eglGetProcAddress
eglGetSyncAttrib
eglGetSyncAttribKHR
eglGetSyncValuesCHROMIUM
eglHandleGPUSwitchANGLE
eglInitialize
eglLabelObjectKHR
eglMakeCurrent
eglPostSubBufferNV
eglPresentationTimeANDROID
eglProgramCacheGetAttribANGLE
eglProgramCachePopulateANGLE
eglProgramCacheQueryANGLE
eglProgramCacheResizeANGLE
eglQueryAPI
eglQueryContext
eglQueryDebugKHR
eglQueryDeviceAttribEXT
eglQueryDeviceStringEXT
eglQueryDisplayAttribANGLE
eglQueryDisplayAttribEXT
eglQueryStreamKHR
eglQueryStreamu64KHR
eglQueryString
eglQueryStringiANGLE
eglQuerySurface
eglQuerySurfacePointerANGLE
eglReacquireHighPowerGPUANGLE
eglReleaseDeviceANGLE
eglReleaseHighPowerGPUANGLE
eglReleaseTexImage
eglReleaseThread
eglSetBlobCacheFuncsANDROID
eglSignalSyncKHR
eglStreamAttribKHR
eglStreamConsumerAcquireKHR
eglStreamConsumerGLTextureExternalAttribsNV
eglStreamConsumerGLTextureExternalKHR
eglStreamConsumerReleaseKHR
eglStreamPostD3DTextureANGLE
eglSurfaceAttrib
eglSwapBuffers
eglSwapBuffersWithDamageKHR
eglSwapBuffersWithFrameTokenANGLE
eglSwapInterval
eglTerminate
eglWaitClient
eglWaitGL
eglWaitNative
eglWaitSync
eglWaitSyncKHR

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
resources/m4a_filetype_256.svg
.xml
resources/m4a_filetype_64.svg
.xml
resources/mp2_filetype_256.svg
.xml
resources/mp2_filetype_64.svg
.xml
resources/mp3_filetype_256.svg
.xml
resources/mp3_filetype_64.svg
.xml
resources/platforms/PresentationBuildTasks.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 568KB - Virtual size: 567KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
resources/platforms/System.Speech.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 664KB - Virtual size: 661KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
resources/platforms/System.Workflow.Activities.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1024KB - Virtual size: 1021KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
resources/platforms/System.Workflow.ComponentModel.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
resources/platforms/WindowsBase.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
resources/qtmultimedia_m3u.dll
.dll windows:6 windows x86

d35460b9a3baf35d1aaeb2c0ade3acc2

Code Sign

4a:53:8c:28
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

07/07/2009, 17:25

Not After

07/12/2030, 17:55

Subject

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4e:40:e4:37:54:ed:e6:8c:00:00:00:00:51:d3:94:7f
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

07/05/2021, 15:43

Not After

07/11/2030, 16:13

Subject

CN=Entrust Code Signing Root Certification Authority - CSBR1,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5a:34:61:50:30:94:33:f3:02:f6:ec:f2:31:43:1a:6d
Certificate

Issuer

CN=Entrust Extended Validation Code Signing CA - EVCS2,O=Entrust\, Inc.,C=US

Not Before

23/11/2021, 07:32

Not After

01/12/2022, 07:32

Subject

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

35:af:b7:7b:9d:34:1f:6a:fc:8f:84:46:ab:31:35:2b
Certificate

Issuer

CN=Entrust Code Signing Root Certification Authority - CSBR1,O=Entrust\, Inc.,C=US

Not Before

07/05/2021, 19:19

Not After

29/12/2040, 23:59

Subject

CN=Entrust Extended Validation Code Signing CA - EVCS2,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

38:63:de:f8
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

24/12/1999, 17:50

Not After

24/07/2029, 14:15

Subject

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

22/07/2015, 19:02

Not After

22/06/2029, 19:32

Subject

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

8d:ce:15:f3:a7:94:c5:87:00:00:00:00:55:92:33:f4
Certificate

Issuer

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

22/07/2020, 15:33

Not After

29/12/2030, 16:29

Subject

CN=Entrust Timestamp Authority - TSA1,O=Entrust\, Inc.,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

45:86:f7:f1:c5:65:6b:35:be:e3:c6:3c:61:d0:64:72:d1:3b:59:ab:19:38:a2:2d:0c:37:15:8c:d7:ea:b9:09
Signer

Actual PE Digest

45:86:f7:f1:c5:65:6b:35:be:e3:c6:3c:61:d0:64:72:d1:3b:59:ab:19:38:a2:2d:0c:37:15:8c:d7:ea:b9:09

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

qt5multimedia

?qt_metacall@QMediaPlaylistIOPlugin@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QMediaPlaylistIOPlugin@@UAEPAXPBD@Z
?staticMetaObject@QMediaPlaylistIOPlugin@@2UQMetaObject@@B
??1QMediaPlaylistIOPlugin@@UAE@XZ
??0QMediaPlaylistIOPlugin@@QAE@PAVQObject@@@Z
??0QMediaPlaylistWriter@@QAE@XZ
??1QMediaPlaylistWriter@@UAE@XZ
??0QMediaContent@@QAE@XZ
??1QMediaPlaylistReader@@UAE@XZ
?request@QMediaContent@@QBE?AVQNetworkRequest@@XZ
?isNull@QMediaContent@@QBE_NXZ
??4QMediaContent@@QAEAAV0@ABV0@@Z
??1QMediaContent@@QAE@XZ
??0QMediaContent@@QAE@ABV0@@Z
??0QMediaContent@@QAE@ABVQUrl@@@Z
??0QMediaPlaylistReader@@QAE@XZ

qt5network

??1QNetworkRequest@@QAE@XZ
?url@QNetworkRequest@@QBE?AVQUrl@@XZ

qt5core

?trimmed@QString@@QHAE?AV1@XZ
??8QString@@QBE_NVQLatin1String@@@Z
??BQCharRef@@QBE?AVQChar@@XZ
?detach_grow@QListData@@QAEPAUData@1@PAHH@Z
?dispose@QListData@@SAXPAUData@1@@Z
?append@QListData@@QAEPAPAXXZ
?isOpen@QIODevice@@QBE_NXZ
?isReadable@QIODevice@@QBE_NXZ
?isWritable@QIODevice@@QBE_NXZ
??0QTextStream@@QAE@PAVQIODevice@@@Z
??1QTextStream@@UAE@XZ
?atEnd@QTextStream@@QBE_NXZ
?readLine@QTextStream@@QAE?AVQString@@_J@Z
??6QTextStream@@QAEAAV0@ABVQString@@@Z
?endl@Qt@@YAAAVQTextStream@@AAV2@@Z
??0QUrl@@QAE@XZ
??0QUrl@@QAE@ABV0@@Z
??0QUrl@@QAE@ABVQString@@W4ParsingMode@0@@Z
??1QUrl@@QAE@XZ
?toString@QUrl@@QBE?AVQString@@V?$QUrlTwoFlags@W4UrlFormattingOption@QUrl@@W4ComponentFormattingOption@2@@@@Z
?fromUserInput@QUrl@@SA?AV1@ABVQString@@@Z
?isEmpty@QUrl@@QBE_NXZ
?endsWith@QString@@QBE_NVQLatin1String@@W4CaseSensitivity@Qt@@@Z
?resolved@QUrl@@QBE?AV1@ABV1@@Z
?isRelative@QUrl@@QBE_NXZ
?fromLocalFile@QUrl@@SA?AV1@ABVQString@@@Z
?toLocalFile@QUrl@@QBE?AVQString@@XZ
??0QFile@@QAE@ABVQString@@@Z
??1QFile@@UAE@XZ
?exists@QFile@@SA_NABVQString@@@Z
??0QFileInfo@@QAE@ABVQString@@@Z
??1QFileInfo@@QAE@XZ
?isReadable@QFileInfo@@QBE_NXZ
?atEnd@QFileDevice@@UBE_NXZ
?bytesAvailable@QIODevice@@UBE_JXZ
?bytesToWrite@QIODevice@@UBE_JXZ
?canReadLine@QIODevice@@UBE_NXZ
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
?close@QFileDevice@@UAEXXZ
?connectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?disconnectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?event@QObject@@UAE_NPAVQEvent@@@Z
?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?fileName@QFile@@UBE?AVQString@@XZ
?isSequential@QFileDevice@@UBE_NXZ
??AQString@@QAE?AVQCharRef@@H@Z
?open@QFile@@UAE_NV?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
?permissions@QFile@@UBE?AV?$QFlags@W4Permission@QFileDevice@@@@XZ
?pos@QFileDevice@@UBE_JXZ
?qt_metacall@QFile@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QFile@@UAEPAXPBD@Z
?readData@QFileDevice@@MAE_JPAD_J@Z
?readLineData@QFileDevice@@MAE_JPAD_J@Z
?reset@QIODevice@@UAE_NXZ
?resize@QFile@@UAE_N_J@Z
?seek@QFileDevice@@UAE_N_J@Z
?setPermissions@QFile@@UAE_NV?$QFlags@W4Permission@QFileDevice@@@@@Z
?size@QFile@@UBE_JXZ
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
?waitForBytesWritten@QIODevice@@UAE_NH@Z
?waitForReadyRead@QIODevice@@UAE_NH@Z
?writeData@QFileDevice@@MAE_JPBD_J@Z
?shared_null@QListData@@2UData@1@B
?dynamicMetaObject@QObjectData@@QBEPAUQMetaObject@@XZ
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPAU12@PBVQObject@@@Z
??1QString@@QAE@XZ
?qstrcmp@@YAHABVQByteArray@@PBD@Z
?toLower@QString@@QHAE?AV1@XZ
?scheme@QUrl@@QBE?AVQString@@XZ
?metaObject@QFile@@UBEPBUQMetaObject@@XZ

kernel32

DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
EnterCriticalSection
TerminateProcess
GetCurrentProcess
InitializeSListHead
CloseHandle
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection

vcruntime140

__std_exception_copy
__std_exception_destroy
_CxxThrowException
memset
_except_handler4_common
__std_type_info_destroy_list

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
_seh_filter_dll

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 512B - Virtual size: 90B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
resources/scroll_triangle_down_dark.svg
.xml
resources/scroll_triangle_down_light.svg
.xml
resources/scroll_triangle_left_dark.svg
.xml
resources/scroll_triangle_left_light.svg
.xml
resources/scroll_triangle_right_dark.svg
.xml
resources/scroll_triangle_right_light.svg
.xml
resources/scroll_triangle_up_dark.svg
.xml
resources/scroll_triangle_up_light.svg
.xml
resources/unlock_coachmark.png
.png
resources/wait_32.gif
.gif
resources/wav_filetype_256.svg
.xml
resources/wav_filetype_64.svg
.xml

Resubmissions

Sharing

General

Malware Config

Signatures

Files

298cd829d710f1c0e669d72611b848c5

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7Certificate

Key Usages

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14Certificate

Extended Key Usages

Key Usages

2b:a7:21:42:24:82:95:02:08:d9:a1:7e:99:e1:98:dbCertificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

2b:a7:21:42:24:82:95:02:08:d9:a1:7e:99:e1:98:dbCertificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

5f:d6:93:fa:b0:98:e3:f4:67:7b:b8:cb:67:2c:22:9eCertificate

Extended Key Usages

Key Usages

Certificate

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

75:35:33:3d:5e:54:80:36:6d:62:43:d1:ee:b5:fd:fd:49:a0:90:de:3e:b2:1f:be:c9:2c:7a:ba:d8:f9:f1:2fSigner

da:7a:05:af:51:06:2c:99:bf:c0:99:21:99:ab:09:c2:57:ee:79:ecSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

oleaut32

Sections

.MPRESS1 Size: 4.2MB - Virtual size: 6.9MB

.MPRESS2 Size: 3KB - Virtual size: 3KB

.rsrc Size: 45KB - Virtual size: 45KB

d35460b9a3baf35d1aaeb2c0ade3acc2

Code Sign

4a:53:8c:28Certificate

Key Usages

4e:40:e4:37:54:ed:e6:8c:00:00:00:00:51:d3:94:7fCertificate

Extended Key Usages

Key Usages

5a:34:61:50:30:94:33:f3:02:f6:ec:f2:31:43:1a:6dCertificate

Extended Key Usages

Key Usages

35:af:b7:7b:9d:34:1f:6a:fc:8f:84:46:ab:31:35:2bCertificate

Extended Key Usages

Key Usages

38:63:de:f8Certificate

Key Usages

58:da:13:ff:00:00:00:00:51:ce:0d:f7Certificate

Extended Key Usages

Key Usages

8d:ce:15:f3:a7:94:c5:87:00:00:00:00:55:92:33:f4Certificate

Extended Key Usages

Key Usages

45:86:f7:f1:c5:65:6b:35:be:e3:c6:3c:61:d0:64:72:d1:3b:59:ab:19:38:a2:2d:0c:37:15:8c:d7:ea:b9:09Signer

Headers

DLL Characteristics

File Characteristics

Imports

qt5multimedia

qt5network

qt5core

kernel32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

2b:a7:21:42:24:82:95:02:08:d9:a1:7e:99:e1:98:db
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

2b:a7:21:42:24:82:95:02:08:d9:a1:7e:99:e1:98:db
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

5f:d6:93:fa:b0:98:e3:f4:67:7b:b8:cb:67:2c:22:9e
Certificate

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

75:35:33:3d:5e:54:80:36:6d:62:43:d1:ee:b5:fd:fd:49:a0:90:de:3e:b2:1f:be:c9:2c:7a:ba:d8:f9:f1:2f
Signer

da:7a:05:af:51:06:2c:99:bf:c0:99:21:99:ab:09:c2:57:ee:79:ec
Signer

.MPRESS1
Size: 4.2MB - Virtual size: 6.9MB

.MPRESS2
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 45KB - Virtual size: 45KB

4a:53:8c:28
Certificate

4e:40:e4:37:54:ed:e6:8c:00:00:00:00:51:d3:94:7f
Certificate

5a:34:61:50:30:94:33:f3:02:f6:ec:f2:31:43:1a:6d
Certificate

35:af:b7:7b:9d:34:1f:6a:fc:8f:84:46:ab:31:35:2b
Certificate

38:63:de:f8
Certificate

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

8d:ce:15:f3:a7:94:c5:87:00:00:00:00:55:92:33:f4
Certificate

45:86:f7:f1:c5:65:6b:35:be:e3:c6:3c:61:d0:64:72:d1:3b:59:ab:19:38:a2:2d:0c:37:15:8c:d7:ea:b9:09
Signer

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 1024B - Virtual size: 1KB

.qtmetad
Size: 512B - Virtual size: 90B

.rsrc
Size: 1024B - Virtual size: 856B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 68KB - Virtual size: 66KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 4KB - Virtual size: 552B

.rsrc
Size: 4KB - Virtual size: 864B

.reloc
Size: 8KB - Virtual size: 5KB

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

0c:1c:d3:ee:a4:7e:dd:a7:a0:32:57:3b:01:4d:0a:fd
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

4a:3b:90:da:c2:ec:bd:f2:73:49:3f:a1:d6:9e:62:a9:55:da:15:1a
Signer

.text
Size: 17KB - Virtual size: 17KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1KB - Virtual size: 1KB

.00cfg
Size: 512B - Virtual size: 16B

.rsrc
Size: 1024B - Virtual size: 896B

.reloc
Size: 512B - Virtual size: 220B

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

0c:1c:d3:ee:a4:7e:dd:a7:a0:32:57:3b:01:4d:0a:fd
Certificate