61f62b1950619312ac2b0d15e089388066e1955e77b5f1664d2132afa74258a4 (1)[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

61f62b1950619312ac2b0d15e089388066e1955e77b5f1664d2132afa74258a4 (1).zip
Size

10.0MB
MD5

8c01cd0003d2be5a3e72ebdfa4bbde2f
SHA1

068cef143e25af751995e5d533f69c6033bbc615
SHA256

7616fd9ba6e18801fbc83eef4e1825c5efc66588c6dcf22683075f680a61cee3
SHA512

ec2332446f5615dec3849d846fcbcef4d88694468c05c9fcc987cc2bcdd9c83349dc72af4742d0ef707a6afc5968ad2b5113e92708ad89dfda15ee1c42df2f6f
SSDEEP

196608:USMDhMbuOMGGEa4qWoJQeysqWnEO9l9icBu2NFGcamITszV+4XPVYyzvkHAXhQv:UBDh/jvEqJQyqWEO9l0Cl3GlTqnXPh6V

Score

1^/10

Malware Config

Signatures

Files

61f62b1950619312ac2b0d15e089388066e1955e77b5f1664d2132afa74258a4 (1).zip
.zip

Password: infected
61f62b1950619312ac2b0d15e089388066e1955e77b5f1664d2132afa74258a4
.exe windows:6 windows x64

1c095f5854b787f05b69465d3f3bdc67

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

82:31:89:63:f2:be:45:bf:7c:49:a4:90:be:f5:68:ed
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

11/10/2021, 00:00

Not After

10/10/2024, 23:59

Subject

CN=NinjaRMM\, LLC,O=NinjaRMM\, LLC,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

b6:0b:95:94:6e:10:a5:cf:d6:b3:2d:a4:40:1f:77:35:97:87:d2:c6:cc:88:e1:77:31:8b:45:f5:d4:7f:00:0d
Signer

Actual PE Digest

b6:0b:95:94:6e:10:a5:cf:d6:b3:2d:a4:40:1f:77:35:97:87:d2:c6:cc:88:e1:77:31:8b:45:f5:d4:7f:00:0d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

wsock32

htons
htonl
getsockopt
getsockname
getpeername
inet_ntoa
connect
closesocket
bind
accept
__WSAFDIsSet
WSACleanup
ntohl
ntohs
listen
select
setsockopt
WSASetLastError
WSAGetLastError
WSAStartup

user32

HideCaret
UnregisterDeviceNotification
RegisterDeviceNotificationW
CharNextExA
PostThreadMessageW
KillTimer
SetTimer
GetProcessWindowStation
GetUserObjectInformationA
PostQuitMessage
MsgWaitForMultipleObjectsEx
GetQueueStatus
DispatchMessageW
TranslateMessage
DrawIconEx
ChangeWindowMessageFilterEx
RealGetWindowClassW
GetUserObjectInformationW
MessageBoxW
GetSystemMetrics
SystemParametersInfoW
DefWindowProcW
DestroyWindow
GetDC
ReleaseDC
GetSysColor
GetDesktopWindow
GetDoubleClickTime
IsWindow
MessageBeep
GetCaretBlinkTime
UpdateLayeredWindowIndirect
SendMessageW
PostMessageW
AttachThreadInput
CreateWindowExW
IsChild
ShowWindow
UpdateLayeredWindow
SetLayeredWindowAttributes
FlashWindowEx
MoveWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
IsWindowVisible
IsIconic
SetFocus
RegisterTouchWindow
UnregisterTouchWindow
IsTouchWindow
GetCapture
SetCapture
ReleaseCapture
GetMenu
GetSystemMenu
EnableMenuItem
GetForegroundWindow
SetForegroundWindow
BeginPaint
EndPaint
GetUpdateRect
SetWindowRgn
InvalidateRect
SetWindowTextW
GetClientRect
GetWindowRect
AdjustWindowRectEx
SetCursor
ClientToScreen
ScreenToClient
GetWindowLongW
SetWindowLongW
GetWindowLongPtrW
SetWindowLongPtrW
GetParent
SetParent
GetWindowThreadProcessId
GetWindow
DestroyCursor
DestroyIcon
MonitorFromPoint
GetAncestor
GetKeyboardLayoutList
RegisterPowerSettingNotification
UnregisterPowerSettingNotification
UnregisterClassW
GetClassInfoW
RegisterClassExW
GetFocus
GetCursorPos
WindowFromPoint
ChildWindowFromPointEx
GetSysColorBrush
LoadImageW
SetMenu
DrawMenuBar
CreateMenu
CreatePopupMenu
DestroyMenu
InsertMenuW
AppendMenuW
ModifyMenuW
RemoveMenu
TrackPopupMenu
GetMenuItemInfoW
SetMenuItemInfoW
MonitorFromWindow
GetMonitorInfoW
EnumDisplayMonitors
LoadIconW
IsHungAppWindow
SetClipboardViewer
ChangeClipboardChain
RegisterClipboardFormatW
GetKeyboardLayout
RegisterWindowMessageW
IsWindowEnabled
CreateCaret
DestroyCaret
EnumWindows
ShowCaret
SetCaretPos
FindWindowA
PeekMessageW
IsZoomed
GetKeyState
GetKeyboardState
ToAscii
ToUnicode
MapVirtualKeyW
TrackPopupMenuEx
RegisterClassW
EnumDisplayDevicesW
SetCursorPos
GetCursor
LoadCursorW
CreateCursor
CreateIconIndirect
GetIconInfo
GetCursorInfo
GetClipboardFormatNameW
TrackMouseEvent
GetMessageExtraInfo
GetAsyncKeyState
GetTouchInputInfo
CloseTouchInputHandle
GetWindowTextW

msi

ord248

wtsapi32

WTSQuerySessionInformationW
WTSFreeMemory

uxtheme

GetThemePartSize
OpenThemeData
GetThemeInt
GetCurrentThemeName
GetThemeEnumValue
IsThemeActive
SetWindowTheme
GetThemeMargins
GetThemeColor
GetThemePropertyOrigin
GetThemeTransitionDuration
CloseThemeData
ord47
GetThemeBackgroundRegion
GetThemeBool
IsThemeBackgroundPartiallyTransparent
IsAppThemed

dwmapi

DwmGetWindowAttribute
DwmIsCompositionEnabled
DwmSetWindowAttribute
DwmEnableBlurBehindWindow

oleaut32

VariantInit
VariantClear
SafeArrayPutElement
SafeArrayCreateVector
SysFreeString
SysAllocString

imm32

ImmGetDefaultIMEWnd
ImmGetContext
ImmReleaseContext
ImmAssociateContext
ImmAssociateContextEx
ImmGetCompositionStringW
ImmGetOpenStatus
ImmNotifyIME
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetVirtualKey

iphlpapi

GetExtendedUdpTable
GetAdaptersInfo
GetIfEntry2
GetNetworkParams
GetAdaptersAddresses
ConvertInterfaceNameToLuidW
ConvertInterfaceLuidToNameW
ConvertInterfaceLuidToIndex
ConvertInterfaceIndexToLuid
ConvertInterfaceLuidToGuid

crypt32

CertGetCertificateChain
CertFindCertificateInStore
CertAddCertificateContextToStore
CertFreeCertificateContext
CertFreeCertificateChain
CertEnumCertificatesInStore
CertDuplicateCertificateContext
CertGetCertificateContextProperty
CertCreateCertificateContext
CertOpenStore
CertOpenSystemStoreW
CertCloseStore

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock
GetUserProfileDirectoryW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

netapi32

NetApiBufferFree
NetShareEnum

ws2_32

inet_addr
WSASendTo
WSARecvFrom
WSANtohs
WSANtohl
WSAHtonl
WSAConnect
WSAAccept
inet_ntoa
freeaddrinfo
getaddrinfo
WSAAddressToStringW
WSASocketW
WSASend
WSARecv
WSAIoctl
gethostname
WSAAsyncSelect
gethostbyname
getservbyport
getservbyname
recv
send
socket
getnameinfo
shutdown
gethostbyaddr

advapi32

CloseServiceHandle
OpenProcessToken
GetTokenInformation
ConvertSidToStringSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
CreateProcessAsUserW
BuildTrusteeWithSidW
GetNamedSecurityInfoW
GetEffectiveRightsFromAclW
LookupAccountSidW
MapGenericMask
GetLengthSid
FreeSid
DuplicateToken
CopySid
AllocateAndInitializeSid
AccessCheck
RegSetValueExW
RegFlushKey
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
SystemFunction036
GetSidSubAuthorityCount
GetSidSubAuthority
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextW
ReportEventW
RegisterEventSourceW
DeregisterEventSource
RegNotifyChangeKeyValue
RegCloseKey
GetSecurityInfo
StartServiceW
QueryServiceStatusEx
OpenServiceW
OpenSCManagerW
DeleteService
CreateServiceW
ControlService
AdjustTokenPrivileges
ChangeServiceConfigW
InitiateSystemShutdownExW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumValueW
RegEnumKeyExW
CreateProcessWithLogonW
LogonUserW
GetUserNameW
DuplicateTokenEx
ImpersonateLoggedOnUser
InitializeSecurityDescriptor
LookupPrivilegeValueW
SetTokenInformation
SetSecurityDescriptorDacl
RevertToSelf

kernel32

RtlPcToFileHeader
RaiseException
TryEnterCriticalSection
InitOnceBeginInitialize
InitOnceComplete
EncodePointer
DecodePointer
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringEx
GetStringTypeW
GetCPInfo
RtlCaptureContext
RtlLookupFunctionEntry
UnhandledExceptionFilter
InitializeSListHead
IsDebuggerPresent
RtlUnwindEx
InterlockedPushEntrySList
RtlUnwind
LoadLibraryExW
ExitThread
FreeLibraryAndExitThread
SystemTimeToTzSpecificLocalTime
ExitProcess
GetCommandLineA
GetConsoleOutputCP
SetStdHandle
HeapSize
IsValidLocale
CloseHandle
GetLastError
EnumSystemLocalesW
EnterCriticalSection
LeaveCriticalSection
SetEvent
CreateEventA
TlsAlloc
TlsFree
LocalFree
FormatMessageA
FormatMessageW
WideCharToMultiByte
SetConsoleCtrlHandler
VerSetConditionMask
DuplicateHandle
SetLastError
HeapAlloc
HeapFree
GetProcessHeap
CreateIoCompletionPort
GetQueuedCompletionStatus
CancelIoEx
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
ReleaseSemaphore
WaitForSingleObject
SleepEx
WaitForSingleObjectEx
CreateEventW
SetWaitableTimer
Sleep
WaitForMultipleObjects
CreateWaitableTimerW
QueueUserAPC
GetCurrentProcess
TerminateThread
TlsGetValue
TlsSetValue
GetSystemTimeAsFileTime
GetModuleHandleA
GetProcAddress
CreateSemaphoreA
VerifyVersionInfoW
CreateSemaphoreW
ResetEvent
OpenEventW
GetCurrentProcessId
TerminateProcess
SetProcessShutdownParameters
ProcessIdToSessionId
OpenProcess
GetTickCount
GetModuleFileNameW
GetModuleHandleW
LocalAlloc
WTSGetActiveConsoleSessionId
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CreateFileW
SetUnhandledExceptionFilter
GetCurrentThreadId
LoadLibraryW
MultiByteToWideChar
MoveFileExW
DeleteFileW
GetFileAttributesExW
SetFileAttributesW
GetFileAttributesW
GetFileType
WriteFile
GetFileSizeEx
GetFileTime
ReadFile
SetFilePointerEx
GlobalFree
SetHandleInformation
QueryPerformanceCounter
QueryPerformanceFrequency
WaitForMultipleObjectsEx
OpenEventA
ResumeThread
GetSystemInfo
CreateWaitableTimerA
GetSystemTime
SystemTimeToFileTime
GetSystemDirectoryA
FreeLibrary
LoadLibraryA
InitializeSRWLock
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
VirtualAlloc
VirtualFree
SwitchToFiber
DeleteFiber
CreateFiberEx
FindClose
FindFirstFileW
FindNextFileW
GetEnvironmentVariableW
GetACP
GetStdHandle
RtlVirtualUnwind
ConvertFiberToThread
ConvertThreadToFiberEx
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
lstrcmpW
ExpandEnvironmentStringsW
CreateProcessW
CheckRemoteDebuggerPresent
GlobalAlloc
GlobalUnlock
GlobalLock
GetLocaleInfoW
GlobalSize
GetUserDefaultLangID
CreateFileA
HeapReAlloc
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
GetTempPathA
GetTempFileNameA
SetFilePointer
InitializeCriticalSectionEx
InitializeConditionVariable
WakeConditionVariable
SleepConditionVariableCS
SetThreadPriority
GetVolumeInformationW
GetLongPathNameW
GetDriveTypeW
GetConsoleWindow
InitializeCriticalSection
OutputDebugStringW
IsProcessorFeaturePresent
CompareStringEx
GetCommandLineW
GetLocalTime
GetTickCount64
GetStartupInfoW
SwitchToThread
CreateThread
GetCurrentThread
WriteConsoleW
GetSystemDirectoryW
GetDateFormatW
GetTimeFormatW
GetCurrencyFormatW
GetUserDefaultLCID
GetUserPreferredUILanguages
CreateFileMappingW
GetCurrentDirectoryW
CreateDirectoryW
GetFileInformationByHandle
GetFullPathNameW
GetLogicalDrives
RemoveDirectoryW
SetFileTime
GetTempPathW
GetVolumePathNamesForVolumeNameW
SetErrorMode
DeviceIoControl
CopyFileW
MoveFileW
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
GetFileInformationByHandleEx
FlushFileBuffers
SetEndOfFile
GetEnvironmentStringsW
FreeEnvironmentStringsW
ConnectNamedPipe
CreateNamedPipeW
GetExitCodeProcess
GetProcessId
UnregisterWaitEx
RegisterWaitForSingleObject
FindFirstFileExW
CompareStringW
LCMapStringW
FindCloseChangeNotification
FindFirstChangeNotificationW
FindNextChangeNotification
GetModuleHandleExW
GetTimeZoneInformation
GetGeoInfoW
GetUserGeoID
ReadFileEx
PeekNamedPipe
WriteFileEx
ReleaseMutex
CreateMutexA
SetEnvironmentVariableW
IsValidCodePage
GetOEMCP
PostQueuedCompletionStatus
GetThreadPriority

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CoLockObjectExternal
RevokeDragDrop
StringFromGUID2
CoCreateGuid
CoGetMalloc
ReleaseStgMedium
CoTaskMemFree
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
OleSetClipboard
CoInitializeEx
OleUninitialize
OleInitialize
RegisterDragDrop

shell32

SHGetFileInfoW
SHGetStockIconInfo
ord727
ShellExecuteW
SHCreateItemFromIDList
SHCreateItemFromParsingName
SHGetMalloc
SHGetPathFromIDListW
SHGetKnownFolderIDList
SHBrowseForFolderW
Shell_NotifyIconW
Shell_NotifyIconGetRect
CommandLineToArgvW
SHGetKnownFolderPath
ShellExecuteExW

winmm

timeSetEvent
PlaySoundW
timeKillEvent

bcrypt

BCryptOpenAlgorithmProvider
BCryptGetProperty
BCryptSetProperty
BCryptCloseAlgorithmProvider
BCryptGenerateSymmetricKey
BCryptEncrypt
BCryptDeriveKeyPBKDF2
BCryptGenRandom
BCryptDestroyHash
BCryptFinishHash
BCryptHashData
BCryptDestroyKey
BCryptCreateHash

gdi32

BitBlt
OffsetRgn
SetLayout
GetDeviceCaps
CreateCompatibleBitmap
GdiFlush
CreateDIBSection
SelectObject
SelectClipRgn
GetRegionData
SetWorldTransform
ExtTextOutW
GetDIBits
CreateCompatibleDC
DeleteObject
DeleteDC
CreateRectRgn
CombineRgn
SetTextAlign
SetTextColor
SetGraphicsMode
SetBkMode
GetCharABCWidthsI
GetTextExtentPoint32W
GetOutlineTextMetricsW
GetGlyphOutlineW
GetCharABCWidthsFloatW
GetCharABCWidthsW
GetTextFaceW
GetTextMetricsW
RemoveFontMemResourceEx
AddFontMemResourceEx
RemoveFontResourceExW
AddFontResourceExW
GetStockObject
GetFontData
EnumFontFamiliesExW
CreateFontIndirectW
GetObjectW
GetBitmapBits
SwapBuffers
GetPixelFormat
DescribePixelFormat
SetPixelFormat
ChoosePixelFormat
CreateBitmap
CreateDCW

Sections

.text
Size: 14.5MB - Virtual size: 14.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5.4MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 511KB - Virtual size: 613KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 690KB - Virtual size: 690KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmimed
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

1c095f5854b787f05b69465d3f3bdc67

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

82:31:89:63:f2:be:45:bf:7c:49:a4:90:be:f5:68:edCertificate

Extended Key Usages

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

b6:0b:95:94:6e:10:a5:cf:d6:b3:2d:a4:40:1f:77:35:97:87:d2:c6:cc:88:e1:77:31:8b:45:f5:d4:7f:00:0dSigner

Headers

DLL Characteristics

File Characteristics

Imports

wsock32

user32

msi

wtsapi32

uxtheme

dwmapi

oleaut32

imm32

iphlpapi

crypt32

userenv

version

netapi32

ws2_32

advapi32

kernel32

ole32

shell32

winmm

bcrypt

gdi32

Sections

.text Size: 14.5MB - Virtual size: 14.5MB

.rdata Size: 5.4MB - Virtual size: 5.4MB

.data Size: 511KB - Virtual size: 613KB

.pdata Size: 690KB - Virtual size: 690KB

.qtmetad Size: 2KB - Virtual size: 1KB

.qtmimed Size: 315KB - Virtual size: 315KB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 101KB - Virtual size: 101KB

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

82:31:89:63:f2:be:45:bf:7c:49:a4:90:be:f5:68:ed
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

b6:0b:95:94:6e:10:a5:cf:d6:b3:2d:a4:40:1f:77:35:97:87:d2:c6:cc:88:e1:77:31:8b:45:f5:d4:7f:00:0d
Signer

.text
Size: 14.5MB - Virtual size: 14.5MB

.rdata
Size: 5.4MB - Virtual size: 5.4MB

.data
Size: 511KB - Virtual size: 613KB

.pdata
Size: 690KB - Virtual size: 690KB

.qtmetad
Size: 2KB - Virtual size: 1KB

.qtmimed
Size: 315KB - Virtual size: 315KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 101KB - Virtual size: 101KB