tmp | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

tmp
Size

14.5MB
MD5

6784be19a5f870544c8e564c768eff23
SHA1

177c876064ed39e9c06c187176f9f783833f1e1d
SHA256

b654cb0e45016773edacb532cddfaa3faf677adbbb3bd7b61e31ed0ec23e0c91
SHA512

ce22023e55ad368ea8b3f7d07a2b8b95d79f6ebcecc69bebf2022d840624b080d69fe3d3d584fbe55c9e24b5fd882085ebc0c5e1e780d8bb3641a9ce82d1db82
SSDEEP

196608:q3e439qcLO4DOyvek4JELDzDSlYm4QV3j8rqNU:QdKErLDzDSCm4QV3j8rqNU

Score

1^/10

Malware Config

Signatures

Files

tmp
.exe windows:6 windows x64

31d49736e8e51fb45e62a0baa554a5da

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-05-2021 00:00

Not After

31-12-2028 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09-06-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22-03-2021 00:00

Not After

21-03-2036 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:9b:04:40:9b:71:98:57:d8:49:bb:69:d4:73:be:9d
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

26-08-2021 00:00

Not After

26-08-2022 23:59

Subject

CN=Zhou Huabing,O=Zhou Huabing,ST=Central Singapore,C=SG

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

71:e1:f3:1a:f5:ca:21:13:f6:17:26:a0:8f:93:03:e8:d2:a9:e6:75
Signer

Actual PE Digest

71:e1:f3:1a:f5:ca:21:13:f6:17:26:a0:8f:93:03:e8:d2:a9:e6:75

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

SleepEx
GetEnvironmentStringsW
FreeEnvironmentStringsW
CompareStringOrdinal
GetSystemDirectoryW
GetFileAttributesW
GetWindowsDirectoryW
CreateProcessW
DuplicateHandle
CreateThread
GetCurrentThread
WriteFileEx
WaitForMultipleObjects
CreateEventW
CancelIo
ExitProcess
QueryPerformanceFrequency
RtlCaptureContext
FindFirstFileW
DeleteFileW
MoveFileExW
RemoveDirectoryW
CreateSymbolicLinkW
SetHandleInformation
GetComputerNameExW
VerSetConditionMask
ProcessIdToSessionId
OpenProcess
VerifyVersionInfoW
WTSGetActiveConsoleSessionId
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
LoadLibraryExW
WideCharToMultiByte
GetSystemTime
GetLocalTime
GetDateFormatW
GetTimeFormatW
GetLocaleInfoW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
ResetEvent
CreateSemaphoreW
ResumeThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetComputerNameW
CompareStringW
GetNumberFormatW
GetCurrencyFormatW
GetSystemDefaultLCID
GetUserDefaultLCID
OutputDebugStringW
MulDiv
GetTempPathA
GetTempFileNameA
AllocConsole
GetModuleFileNameA
LoadLibraryExA
DebugBreak
FormatMessageA
SetErrorMode
GetQueuedCompletionStatus
GetFileType
RegisterWaitForSingleObject
UnregisterWait
SetNamedPipeHandleState
PeekNamedPipe
GetNamedPipeHandleStateW
QueueUserWorkItem
GetFileSize
SetEndOfFile
SetFilePointer
CreateFileMappingW
MapViewOfFile
FlushViewOfFile
UnmapViewOfFile
GetCPInfo
FreeLibrary
LocalSize
CreateFileA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
CreateDirectoryW
GetConsoleScreenBufferInfo
SetConsoleCursorPosition
WriteConsoleInputW
UnregisterWaitEx
LCMapStringW
CopyFileW
CreateHardLinkW
GetLongPathNameW
GetShortPathNameW
ReadDirectoryChangesW
DecodePointer
RaiseException
InitializeCriticalSectionEx
GetLogicalDriveStringsW
GetVolumeInformationW
GetStartupInfoW
LoadLibraryW
lstrcmpW
SetThreadPriority
GetThreadPriority
GetTickCount
GetVersionExW
GetFileTime
WakeConditionVariable
SleepConditionVariableCS
InitializeConditionVariable
WakeAllConditionVariable
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetFileSizeEx
EnumSystemLocalesW
IsValidLocale
GetCommandLineA
GetConsoleOutputCP
SetFileAttributesW
GetFileAttributesExW
SetStdHandle
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
InitializeCriticalSectionAndSpinCount
RtlUnwind
RtlUnwindEx
GetStringTypeW
LCMapStringEx
EncodePointer
SleepConditionVariableSRW
InitializeSRWLock
GetNativeSystemInfo
GetExitCodeThread
RtlPcToFileHeader
IsDebuggerPresent
InitializeSListHead
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
ReadFileEx
GetFullPathNameW
FindNextFileW
DeviceIoControl
GetFileInformationByHandle
GetCommandLineW
GetModuleFileNameW
GetTempPathW
SetEnvironmentVariableW
GetEnvironmentVariableW
RtlLookupFunctionEntry
ReleaseMutex
GetCurrentProcess
CreateMutexA
LoadLibraryA
WaitForSingleObjectEx
GetCurrentDirectoryW
WriteConsoleW
GetProcAddress
GetModuleHandleA
CreateNamedPipeW
SetFileCompletionNotificationModes
CreateIoCompletionPort
CancelIoEx
WriteFile
PostQueuedCompletionStatus
GetOverlappedResult
ReadFile
TryAcquireSRWLockExclusive
GetFinalPathNameByHandleW
SetLastError
GetQueuedCompletionStatusEx
SetConsoleCtrlHandler
CreateSemaphoreA
TerminateProcess
GetUserDefaultLocaleName
GetModuleHandleW
GetCurrentThreadId
GlobalFree
GlobalAlloc
MultiByteToWideChar
WaitForSingleObject
GlobalSize
GlobalUnlock
GlobalLock
GetSystemInfo
GetLogicalProcessorInformation
FlushFileBuffers
LocalAlloc
ConnectNamedPipe
GetExitCodeProcess
LocalFree
SetFileTime
GetLogicalDrives
ReleaseSRWLockShared
AcquireSRWLockShared
GetTimeZoneInformation
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
FormatMessageW
lstrlenW
ReleaseSemaphore
QueryPerformanceCounter
WaitForMultipleObjectsEx
SetEvent
CreateEventA
SetFilePointerEx
GetFileInformationByHandleEx
GetStdHandle
HeapReAlloc
SetThreadStackGuarantee
AddVectoredExceptionHandler
Sleep
GetLastError
SetConsoleMode
GetConsoleMode
CreateFileW
GetSystemTimeAsFileTime
GetCurrentProcessId
CloseHandle
SwitchToThread
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
FindClose
HeapAlloc
GetProcessHeap
ReadConsoleW
HeapFree
HeapSize

sas

SendSAS

wtsapi32

WTSQuerySessionInformationW
WTSEnumerateSessionsA
WTSFreeMemory

secur32

AcquireCredentialsHandleA
DecryptMessage
QueryContextAttributesW
InitializeSecurityContextW
AcceptSecurityContext
ApplyControlToken
EncryptMessage
FreeCredentialsHandle
DeleteSecurityContext
FreeContextBuffer

ole32

PropVariantClear
RegisterDragDrop
RevokeDragDrop
DoDragDrop
ReleaseStgMedium
CoInitializeEx
CoTaskMemAlloc
CoFreeUnusedLibraries
CoInitialize
OleSetClipboard
OleGetClipboard
OleIsCurrentClipboard
CoUninitialize
CoTaskMemFree
CoCreateInstance
OleInitialize
CoCreateGuid
CreateStreamOnHGlobal
OleUninitialize

user32

MapVirtualKeyW
SetWinEventHook
UpdateLayeredWindow
GetQueueStatus
MsgWaitForMultipleObjects
DispatchMessageA
DefWindowProcA
RegisterClassExA
CreateWindowExA
GetClipboardOwner
EnumClipboardFormats
ChangeClipboardChain
RegisterClipboardFormatA
GetClipboardFormatNameA
GetClientRect
EnableWindow
IsWindowUnicode
KillTimer
SetTimer
ReleaseCapture
CreateIconIndirect
UpdateWindow
CountClipboardFormats
RegisterClipboardFormatW
GetClipboardSequenceNumber
FindWindowW
SetCaretPos
DestroyCaret
CreateCaret
MessageBoxW
SetActiveWindow
SetClipboardViewer
LoadStringW
SendInput
GetForegroundWindow
GetWindowThreadProcessId
GetKeyboardLayout
MapVirtualKeyExW
VkKeyScanExW
SetCapture
GetCapture
GetFocus
GetActiveWindow
SetFocus
CallMsgFilterW
IsIconic
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetWindowPlacement
MoveWindow
FlashWindowEx
DestroyWindow
IsChild
IsWindow
GetDesktopWindow
GetMessageTime
RegisterWindowMessageW
MessageBoxA
GetWindowTextW
GetMonitorInfoW
MonitorFromWindow
SystemParametersInfoW
DestroyCursor
LoadCursorFromFileA
LoadCursorW
GetSysColor
UnhookWindowsHookEx
GetAsyncKeyState
PostMessageA
SendMessageA
PeekMessageA
GetUserObjectInformationA
GetThreadDesktop
CloseDesktop
SetThreadDesktop
OpenInputDesktop
RegisterClassExW
GetKeyState
LockWorkStation
GetCursorPos
GetCursorInfo
MapVirtualKeyA
EnumDisplaySettingsExW
EnumDisplayDevicesW
CallNextHookEx
ToUnicodeEx
GetSystemMetrics
BlockInput
MsgWaitForMultipleObjectsEx
GetUpdateRect
PostThreadMessageW
PeekMessageW
ValidateRect
GetRawInputData
TrackPopupMenu
SetForegroundWindow
DefWindowProcW
PostMessageW
GetWindowLongPtrW
RegisterWindowMessageA
DestroyMenu
AppendMenuW
CreatePopupMenu
SendMessageW
InvalidateRgn
SetWindowPos
AdjustWindowRectEx
GetMenu
GetWindowLongW
RedrawWindow
RegisterClassW
CopyIcon
DestroyIcon
CreateIconFromResourceEx
LookupIconIdFromDirectoryEx
RegisterRawInputDevices
SetWindowLongPtrW
CreateWindowExW
DispatchMessageW
TranslateMessage
GetMessageW
ShowWindow
SetWindowTextW
GetMessageA
EndPaint
BeginPaint
IsWindowEnabled
AnimateWindow
MessageBeep
GetDoubleClickTime
NotifyWinEvent
MonitorFromPoint
GetScrollInfo
SetScrollInfo
LoadIconW
SetWindowsHookExW
GetWindow
EnumThreadWindows
GetParent
SetClassLongW
GetClassLongW
SetWindowLongW
IsRectEmpty
WindowFromPoint
MapWindowPoints
ScreenToClient
ClientToScreen
SetCursor
PostQuitMessage
GetIconInfo
GetDC
ReleaseDC
OpenClipboard
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
EmptyClipboard
SetClipboardData
SetWindowsHookExA
GetWindowRect
EnumDisplayMonitors
InvalidateRect
DrawIconEx

comdlg32

GetOpenFileNameW
PrintDlgW
GetSaveFileNameW
CommDlgExtendedError

wininet

InternetOpenA
InternetConnectA
InternetErrorDlg
HttpQueryInfoW
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetSetOptionW
InternetQueryOptionW
InternetReadFile
InternetCloseHandle

bcrypt

BCryptGenRandom

ntdll

NtDeviceIoControlFile
NtCancelIoFileEx
RtlNtStatusToDosError
NtCreateFile

advapi32

OpenServiceW
SystemFunction036
CryptGenRandom
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerExW
SetServiceStatus
InitializeSecurityDescriptor
SetEntriesInAclW
AllocateAndInitializeSid
FreeSid
SetSecurityDescriptorDacl
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
GetUserNameW
OpenSCManagerW
CryptReleaseContext
CloseServiceHandle
CreateProcessAsUserW
OpenProcessToken
CryptAcquireContextW

comctl32

ImageList_Destroy
ImageList_GetIconSize
ord410
ord412
ord413
ImageList_DrawEx

crypt32

CertCloseStore
CertDuplicateCertificateContext
CertOpenStore
CertAddCertificateContextToStore
CertDuplicateStore
CertEnumCertificatesInStore
CertGetCertificateChain
CertDuplicateCertificateChain
CertFreeCertificateChain
CertVerifyCertificateChainPolicy
CertFreeCertificateContext

d3d11

D3D11CreateDevice

dxgi

CreateDXGIFactory1

gdi32

DeleteDC
DeleteObject
BitBlt
GetDIBits
GetObjectA
GetBitmapBits
CreateCompatibleDC
CreateDCW
CreateCompatibleBitmap
GetDeviceCaps
AddFontMemResourceEx
GetObjectW
SetMapMode
StartDocW
EndDoc
StartPage
EndPage
CreateSolidBrush
GetStockObject
SetLayout
CreateDIBSection
CreateBitmap
GetGlyphIndicesW
CreateFontW
EnumFontFamiliesExW
GetFontUnicodeRanges
StretchDIBits
GetClipBox
RestoreDC
SaveDC
SetViewportOrgEx
SelectObject

imm32

ImmGetContext
ImmReleaseContext
ImmAssociateContextEx
ImmGetCompositionStringW
ImmNotifyIME
ImmSetCandidateWindow
ImmIsIME

iphlpapi

GetAdaptersAddresses

oleaut32

SysAllocStringLen
SysFreeString
SafeArrayDestroy
SafeArrayPutElement
SafeArrayCreateVector

shell32

ShellExecuteExW
SHAddToRecentDocs
CommandLineToArgvW
SHGetKnownFolderPath
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
ord727
ord74
DragQueryFileW
ShellExecuteW
SHGetSpecialFolderPathW
Shell_NotifyIconW

shlwapi

PathIsRelativeW

uxtheme

GetThemePartSize
OpenThemeData
SetWindowTheme
IsThemeBackgroundPartiallyTransparent
CloseThemeData
DrawThemeBackground

winspool.drv

ord203

ws2_32

WSARecvFrom
WSARecv
htons
WSASend
send
recv
WSACleanup
freeaddrinfo
select
WSASetLastError
WSASocketW
getaddrinfo
WSAIoctl
recvfrom
sendto
bind
listen
socket
ioctlsocket
setsockopt
closesocket
WSAStartup
getsockopt
shutdown
connect
getsockname
WSAGetLastError
getpeername
accept

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

gdiplus

GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesColorMatrix
GdipCreateFromHDC
GdipCreateFromHWND
GdipDeleteGraphics
GdipSetCompositingQuality
GdipSetSmoothingMode
GdipGetSmoothingMode
GdipSetPixelOffsetMode
GdipSetTextRenderingHint
GdipSetInterpolationMode
GdipResetWorldTransform
GdipMultiplyWorldTransform
GdipTranslateWorldTransform
GdipGetWorldTransform
GdipSetPageUnit
GdipTransformPoints
GdipDrawLine
GdipCreatePen1
GdipDrawRectangle
GdipDrawEllipse
GdipDrawPie
GdipDrawPath
GdipGraphicsClear
GdipFillRectangle
GdipFillRectangleI
GdipFillRectanglesI
GdipFillEllipse
GdipFillPie
GdipFillPath
GdipDrawImageRectRect
GdipSetClipRect
GdipSetClipRectI
GdipGetClipBoundsI
GdipSaveGraphics
GdipRestoreGraphics
GdipCloneImage
GdipSetPenMiterLimit
GdiplusStartup
GdiplusShutdown
GdipDeleteFontFamily
GdipGetEmHeight
GdipGetCellAscent
GdipGetLineSpacing
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipGetFamily
GdipGetFontSize
GdipCreateBitmapFromGraphics
GdipCreateHBITMAPFromBitmap
GdipDrawImageI
GdipDrawDriverString
GdipSetPenLineJoin
GdipSetPathGradientTransform
GdipSetPathGradientWrapMode
GdipSetPathGradientPresetBlend
GdipSetPathGradientCenterPoint
GdipCreatePathGradientFromPath
GdipMultiplyLineTransform
GdipSetLineWrapMode
GdipSetLinePresetBlend
GdipCreateLineBrush
GdipCreateSolidFill
GdipCreateTexture
GdipDeleteBrush
GdipCloneBrush
GdipGetMatrixElements
GdipShearMatrix
GdipRotateMatrix
GdipScaleMatrix
GdipTranslateMatrix
GdipDeleteMatrix
GdipCreateMatrix2
GdipCreateMatrix
GdipIsVisiblePathPoint
GdipGetPathWorldBounds
GdipAddPathRectangleI
GdipAddPathArcI
GdipAddPathLineI
GdipAddPathEllipse
GdipDisposeImage
GdipSetPenDashOffset
GdipSetPenDashArray
GdipBeginContainer2
GdipAlloc
GdipFree
GdipSetPenEndCap
GdipSetPenStartCap
GdipDeletePen
GdipSetPenDashStyle
GdipEndContainer
GdipCreatePath
GdipClonePath
GdipDeletePath
GdipResetPath
GdipSetPathFillMode
GdipStartPathFigure
GdipClosePathFigure
GdipAddPathLine
GdipAddPathArc
GdipAddPathBezier
GdipCreatePen2
GdipDrawArc

winmm

timeEndPeriod
timeBeginPeriod
timeGetTime
timeKillEvent
timeSetEvent

oleacc

AccessibleObjectFromWindow
LresultFromObject

usp10

ScriptApplyDigitSubstitution
ScriptFreeCache
ScriptItemize
ScriptShape
ScriptPlace
ScriptBreak

Sections

.text
Size: 10.7MB - Virtual size: 10.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 292KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 294KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31d49736e8e51fb45e62a0baa554a5da

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0Certificate

Extended Key Usages

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

0f:9b:04:40:9b:71:98:57:d8:49:bb:69:d4:73:be:9dCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

71:e1:f3:1a:f5:ca:21:13:f6:17:26:a0:8f:93:03:e8:d2:a9:e6:75Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

sas

wtsapi32

secur32

ole32

user32

comdlg32

wininet

bcrypt

ntdll

advapi32

comctl32

crypt32

d3d11

dxgi

gdi32

imm32

iphlpapi

oleaut32

shell32

shlwapi

uxtheme

winspool.drv

ws2_32

userenv

gdiplus

winmm

oleacc

usp10

Sections

.text Size: 10.7MB - Virtual size: 10.7MB

.rdata Size: 3.1MB - Virtual size: 3.1MB

.data Size: 292KB - Virtual size: 344KB

.pdata Size: 294KB - Virtual size: 294KB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 36KB - Virtual size: 35KB

.reloc Size: 154KB - Virtual size: 153KB

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

0f:9b:04:40:9b:71:98:57:d8:49:bb:69:d4:73:be:9d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

71:e1:f3:1a:f5:ca:21:13:f6:17:26:a0:8f:93:03:e8:d2:a9:e6:75
Signer

.text
Size: 10.7MB - Virtual size: 10.7MB

.rdata
Size: 3.1MB - Virtual size: 3.1MB

.data
Size: 292KB - Virtual size: 344KB

.pdata
Size: 294KB - Virtual size: 294KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 36KB - Virtual size: 35KB

.reloc
Size: 154KB - Virtual size: 153KB