setup[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

setup.zip
Size

102.1MB
MD5

743cfde49e3175ff890b81ed4183ab9d
SHA1

24e964f1f19364e7244bf0c93cd71fa914095d21
SHA256

17eee3e43973dbf283482c1aa62390876bbdd98a4eb675d52fba66d88fb6f14b
SHA512

350cef5103ffccbd07033e047678526a7e24abde692391b341459d79e2025c6b285cecc6d99adef2c1472ee793dcce00bedd018430c7c81d7bdd04ba84df728d
SSDEEP

1572864:68xxheXU5IXnuqaz1m3GfXXFsI9CXDmFT96RYn5S1al1F/IGDMwz4Om4AeCFExTd:68xTeZX+gOlssCq6yn5zwGAqs4H1Bd

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/setup/Bin/sbs_system.data.dll
unpack001/setup/Bin/sbs_system.enterpriseservices.dll

Files

setup.zip
.zip
setup/Bin/Privacy Policy/Privacy Policy.txt
setup/Bin/bin/Data/bootx64.efi
.dll windows:0 windows x64

Code Sign

33:00:00:01:c4:22:b2:f7:9b:79:3d:ac:b2:00:00:00:00:01:c4
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

03/07/2018, 20:45

Not After

26/07/2019, 20:45

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

88:d0:ff:fa:39:fe:d6:5e:69:9c:7a:19:b6:9f:c7:0a:62:0b:20:5b:af:e7:a8:99:02:5d:bc:6a:71:fc:0b:3b
Signer

Actual PE Digest

88:d0:ff:fa:39:fe:d6:5e:69:9c:7a:19:b6:9f:c7:0a:62:0b:20:5b:af:e7:a8:99:02:5d:bc:6a:71:fc:0b:3b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

TRANSIT
Size: 512B - Virtual size: 29B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup/Bin/js1cr.dll
setup/Bin/license-key.key
setup/Bin/sbs_VsaVb7rt.dll
.dll windows:5 windows x86

1ee86a608d231b83dca35006d3b58ed8

Code Sign

61:19:cc:93:00:01:00:00:00:66
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

10/10/2011, 20:32

Not After

10/01/2013, 20:32

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:05:19:96:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2011, 20:42

Not After

25/10/2012, 20:42

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:9E78-864B-039D,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

50:e6:af:15:30:3d:56:cc:89:94:6c:c5:ee:40:bb:52:14:fa:8d:e0
Signer

Actual PE Digest

50:e6:af:15:30:3d:56:cc:89:94:6c:c5:ee:40:bb:52:14:fa:8d:e0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr90

_except_handler4_common
_onexit
_crt_debugger_hook
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup/Bin/sbs_system.data.dll
.dll windows:10 windows x86

e0bd3263fd5ea99b1d0c2f6f5194cc24

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_except_handler4_common
_XcptFilter
_initterm
malloc
free
_amsg_exit

kernel32

Sleep
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup/Bin/sbs_system.enterpriseservices.dll
.dll windows:10 windows x86

e0bd3263fd5ea99b1d0c2f6f5194cc24

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_except_handler4_common
_XcptFilter
_initterm
malloc
free
_amsg_exit

kernel32

Sleep
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup/Bin/updater.ini
setup/Bin/version.json
setup/Data/bootx64.efi
.dll windows:0 windows x64

Code Sign

33:00:00:01:c4:22:b2:f7:9b:79:3d:ac:b2:00:00:00:00:01:c4
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

03/07/2018, 20:45

Not After

26/07/2019, 20:45

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

88:d0:ff:fa:39:fe:d6:5e:69:9c:7a:19:b6:9f:c7:0a:62:0b:20:5b:af:e7:a8:99:02:5d:bc:6a:71:fc:0b:3b
Signer

Actual PE Digest

88:d0:ff:fa:39:fe:d6:5e:69:9c:7a:19:b6:9f:c7:0a:62:0b:20:5b:af:e7:a8:99:02:5d:bc:6a:71:fc:0b:3b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

TRANSIT
Size: 512B - Virtual size: 29B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup/setup.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

03:aa:64:92:de:9d:96:a9:0a:4b:ca:97:be:ad:b4:4a
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

13/05/2022, 00:00

Not After

14/05/2025, 23:59

Subject

CN=Notepad\+\+,O=Notepad\+\+,L=Saint Cloud,ST=Ile-de-France,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

4b:3d:b6:d6:d9:43:33:49:12:5f:28:42:a5:50:40:a7:9e:91:22:3a
Signer

Actual PE Digest

4b:3d:b6:d6:d9:43:33:49:12:5f:28:42:a5:50:40:a7:9e:91:22:3a

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 100.5MB - Virtual size: 100.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup/version.json

Sharing

General

Malware Config

Signatures

Files

Code Sign

33:00:00:01:c4:22:b2:f7:9b:79:3d:ac:b2:00:00:00:00:01:c4Certificate

Extended Key Usages

61:07:76:56:00:00:00:00:00:08Certificate

Key Usages

88:d0:ff:fa:39:fe:d6:5e:69:9c:7a:19:b6:9f:c7:0a:62:0b:20:5b:af:e7:a8:99:02:5d:bc:6a:71:fc:0b:3bSigner

Headers

File Characteristics

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

TRANSIT Size: 512B - Virtual size: 29B

.data Size: 3KB - Virtual size: 265KB

.pdata Size: 45KB - Virtual size: 44KB

.rsrc Size: 66KB - Virtual size: 66KB

.reloc Size: 3KB - Virtual size: 3KB

1ee86a608d231b83dca35006d3b58ed8

Code Sign

61:19:cc:93:00:01:00:00:00:66Certificate

Extended Key Usages

Key Usages

61:05:19:96:00:00:00:00:00:1bCertificate

Extended Key Usages

61:33:26:1a:00:00:00:00:00:31Certificate

Key Usages

61:16:68:34:00:00:00:00:00:1cCertificate

Extended Key Usages

Key Usages

50:e6:af:15:30:3d:56:cc:89:94:6c:c5:ee:40:bb:52:14:fa:8d:e0Signer

Headers

DLL Characteristics

File Characteristics

Imports

msvcr90

kernel32

Sections

.text Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 860B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 344B

e0bd3263fd5ea99b1d0c2f6f5194cc24

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

Sections

.text Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 844B

.idata Size: 1024B - Virtual size: 536B

.rsrc Size: 1024B - Virtual size: 1016B

.reloc Size: 512B - Virtual size: 280B

e0bd3263fd5ea99b1d0c2f6f5194cc24

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

Sections

.text Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 844B

.idata Size: 1024B - Virtual size: 536B

.rsrc Size: 1024B - Virtual size: 1016B

.reloc Size: 512B - Virtual size: 280B

Code Sign

33:00:00:01:c4:22:b2:f7:9b:79:3d:ac:b2:00:00:00:00:01:c4Certificate

Extended Key Usages

61:07:76:56:00:00:00:00:00:08Certificate

Key Usages

88:d0:ff:fa:39:fe:d6:5e:69:9c:7a:19:b6:9f:c7:0a:62:0b:20:5b:af:e7:a8:99:02:5d:bc:6a:71:fc:0b:3bSigner

Headers

File Characteristics

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

33:00:00:01:c4:22:b2:f7:9b:79:3d:ac:b2:00:00:00:00:01:c4
Certificate

61:07:76:56:00:00:00:00:00:08
Certificate

88:d0:ff:fa:39:fe:d6:5e:69:9c:7a:19:b6:9f:c7:0a:62:0b:20:5b:af:e7:a8:99:02:5d:bc:6a:71:fc:0b:3b
Signer

.text
Size: 1.3MB - Virtual size: 1.3MB

TRANSIT
Size: 512B - Virtual size: 29B

.data
Size: 3KB - Virtual size: 265KB

.pdata
Size: 45KB - Virtual size: 44KB

.rsrc
Size: 66KB - Virtual size: 66KB

.reloc
Size: 3KB - Virtual size: 3KB

61:19:cc:93:00:01:00:00:00:66
Certificate

61:05:19:96:00:00:00:00:00:1b
Certificate

61:33:26:1a:00:00:00:00:00:31
Certificate

61:16:68:34:00:00:00:00:00:1c
Certificate

50:e6:af:15:30:3d:56:cc:89:94:6c:c5:ee:40:bb:52:14:fa:8d:e0
Signer

.text
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 860B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 344B

.text
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 844B

.idata
Size: 1024B - Virtual size: 536B

.rsrc
Size: 1024B - Virtual size: 1016B

.reloc
Size: 512B - Virtual size: 280B

.text
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 844B

.idata
Size: 1024B - Virtual size: 536B

.rsrc
Size: 1024B - Virtual size: 1016B

.reloc
Size: 512B - Virtual size: 280B

33:00:00:01:c4:22:b2:f7:9b:79:3d:ac:b2:00:00:00:00:01:c4
Certificate

61:07:76:56:00:00:00:00:00:08
Certificate

88:d0:ff:fa:39:fe:d6:5e:69:9c:7a:19:b6:9f:c7:0a:62:0b:20:5b:af:e7:a8:99:02:5d:bc:6a:71:fc:0b:3b
Signer

.text
Size: 1.3MB - Virtual size: 1.3MB

TRANSIT
Size: 512B - Virtual size: 29B

.data
Size: 3KB - Virtual size: 265KB

.pdata
Size: 45KB - Virtual size: 44KB

.rsrc
Size: 66KB - Virtual size: 66KB

.reloc
Size: 3KB - Virtual size: 3KB

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

03:aa:64:92:de:9d:96:a9:0a:4b:ca:97:be:ad:b4:4a
Certificate

4b:3d:b6:d6:d9:43:33:49:12:5f:28:42:a5:50:40:a7:9e:91:22:3a
Signer

.text
Size: 100.5MB - Virtual size: 100.5MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B