NEAS[.]ebdef15809e3dcb5c9851c0bda9512d0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.ebdef15809e3dcb5c9851c0bda9512d0.exe
Size

1.2MB
MD5

ebdef15809e3dcb5c9851c0bda9512d0
SHA1

d1dfcdcbdd58dd32ab6e1678695548c65e4b03c5
SHA256

e0988ffcf4d7181ee29515a8f4aa8a2cb7411289556cf7513c63d7ade2a4fa59
SHA512

b226934aebcd100a08376e3bee7fcfe31133bbb63f80b156c510a3b3cabd7aafc93ec08202ef94cd2c9f8f8d62c24db3707402b1c7887746e3b5d4372d57ed2d
SSDEEP

12288:dZWZcYArNrVk5mGzOTTuCFuaj15TjUiJGAXgO9ZHTuI5xTmAL1hLxBjvrEH7Z:dZLRrfkElT4aj19Y7A5Hp5zPLvrEH7Z

Score

1^/10

Malware Config

Signatures

Files

NEAS.ebdef15809e3dcb5c9851c0bda9512d0.exe
.exe windows:5 windows x86

e785ccafba2b39c139db9791a90cd6c3

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

29:c8:cb:43:1d:57:65:77:57:fb:47:fc
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

20/12/2022, 08:57

Not After

18/03/2025, 08:54

Subject

SERIALNUMBER=0104-01-157146,CN=FLEXTECH INC.,O=FLEXTECH INC.,STREET=Roppongi 6-10-1,L=Minato-ku,ST=Tokyo,C=JP,1.3.6.1.4.1.311.60.2.1.3=#13024a50,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

29:c8:cb:43:1d:57:65:77:57:fb:47:fc
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

20/12/2022, 08:57

Not After

18/03/2025, 08:54

Subject

SERIALNUMBER=0104-01-157146,CN=FLEXTECH INC.,O=FLEXTECH INC.,STREET=Roppongi 6-10-1,L=Minato-ku,ST=Tokyo,C=JP,1.3.6.1.4.1.311.60.2.1.3=#13024a50,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

36:11:c4:9c:26:cf:02:89:bc:33:88:39:9a:d8:74:7b:c8:05:78:a7:51:25:60:97:56:60:f6:cb:97:bc:07:fb
Signer

Actual PE Digest

36:11:c4:9c:26:cf:02:89:bc:33:88:39:9a:d8:74:7b:c8:05:78:a7:51:25:60:97:56:60:f6:cb:97:bc:07:fb

Digest Algorithm

sha256

PE Digest Matches

false

06:db:65:52:31:56:d4:6d:9f:3a:8e:c6:e7:76:c4:ec:da:f1:4a:49
Signer

Actual PE Digest

06:db:65:52:31:56:d4:6d:9f:3a:8e:c6:e7:76:c4:ec:da:f1:4a:49

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceW
OutputDebugStringA
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
WaitForSingleObject
CreateFileW
GetFileAttributesW
GetCurrentThreadId
GetVersionExW
UnmapViewOfFile
HeapValidate
HeapSize
MultiByteToWideChar
Sleep
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetLastError
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
GetVersionExA
DeleteFileA
DeleteFileW
HeapReAlloc
CloseHandle
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
GetProcAddress
CreateFileMappingA
LocalFree
LockFileEx
GetFileSize
DeleteCriticalSection
GetCurrentProcessId
GetProcessHeap
SystemTimeToFileTime
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
OpenMutexW
ReleaseMutex
OpenFileMappingW
SizeofResource
LockResource
LoadResource
FindResourceW
InterlockedCompareExchange
GetTempFileNameW
VirtualQuery
GetModuleHandleW
GetModuleFileNameW
CreateProcessW
GlobalAlloc
GetVolumeInformationA
GlobalFree
DeviceIoControl
InitializeCriticalSectionAndSpinCount
RaiseException
SetLastError
CreateEventA
CreateSemaphoreA
ReleaseSemaphore
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedExchangeAdd
TlsAlloc
WaitForMultipleObjects
TerminateThread
QueueUserAPC
CreateEventW
SetEvent
SleepEx
PostQueuedCompletionStatus
CreateIoCompletionPort
SetWaitableTimer
GetQueuedCompletionStatus
VerSetConditionMask
VerifyVersionInfoW
WaitForMultipleObjectsEx
ResetEvent
TlsGetValue
TlsSetValue
TlsFree
DecodePointer
OpenEventW
OpenProcess
TerminateProcess
GetPrivateProfileIntW
WriteConsoleW
SetConsoleTextAttribute
FreeConsole
GetConsoleScreenBufferInfo
GetStdHandle
AllocConsole
CreateWaitableTimerA
GetModuleHandleA
ResumeThread
OpenEventA
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
EncodePointer
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WriteFile
GetFullPathNameW
EnterCriticalSection
HeapFree
HeapCreate
TryEnterCriticalSection
ReadFile
FindResourceExW
AreFileApisANSI

user32

CallWindowProcW
DispatchMessageW
TranslateMessage
GetMessageW
PostMessageW
DestroyWindow
CreateWindowExW
LoadCursorW
GetClassInfoExW
RegisterClassExW
KillTimer
SetTimer
UnregisterClassW
IsWindow
SendMessageTimeoutW
SetWindowLongW
GetWindowLongW
DefWindowProcW

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorW

shell32

SHGetFolderPathW
SHGetSpecialFolderPathW

ole32

CoFreeLibrary
CoUninitialize
CoInitializeEx
CoLoadLibrary
CoCreateInstance

oleaut32

SysStringLen
SysAllocString
SysAllocStringLen
SysFreeString
VariantClear

msvcp140

??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?toupper@?$ctype@D@std@@QBEDD@Z
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?id@?$numpunct@D@std@@2V0locale@2@A
?_Getlconv@_Locinfo@std@@QBEPBUlconv@@XZ
?_Getfalse@_Locinfo@std@@QBEPBDXZ
?_Gettrue@_Locinfo@std@@QBEPBDXZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
??0_Locinfo@std@@QAE@PBD@Z
??1_Locinfo@std@@QAE@XZ
?classic@locale@std@@SAABV12@XZ
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?uncaught_exception@std@@YA_NXZ
?_BADOFF@std@@3_JB
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??Bid@locale@std@@QAEIXZ
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?id@?$ctype@D@std@@2V0locale@2@A
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHH@Z
?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE?AV?$fpos@U_Mbstatet@@@2@_JHH@Z
?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE?AV?$fpos@U_Mbstatet@@@2@V32@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??0facet@locale@std@@IAE@I@Z
??1facet@locale@std@@MAE@XZ
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UAEXXZ

shlwapi

SHDeleteKeyW

psapi

GetModuleBaseNameW
EnumProcesses

ws2_32

WSAGetLastError
getaddrinfo
freeaddrinfo
ntohl
htonl
ntohs
getpeername
getsockopt
WSAAddressToStringW
setsockopt
WSASocketW
WSASend
WSARecv
listen
shutdown
ioctlsocket
closesocket
WSACleanup
WSAStartup
WSASetLastError
bind

iphlpapi

GetAdaptersInfo

mswsock

AcceptEx
GetAcceptExSockaddrs

wininet

InternetOpenUrlW
InternetOpenW
InternetCloseHandle
InternetReadFile

vcruntime140

memchr
memcpy
memset
_except_handler4_common
_CxxThrowException
__vcrt_InitializeCriticalSectionEx
__CxxFrameHandler3
wcsstr
wcsrchr
wcschr
__std_type_info_compare
_purecall
__std_exception_destroy
memmove
__std_exception_copy
__std_terminate

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf
__stdio_common_vsprintf
_wfsopen
fclose
__stdio_common_vfwprintf
_set_fmode
fflush
__stdio_common_vswprintf_s
__stdio_common_vswscanf
__stdio_common_vsnwprintf_s
__p__commode
__stdio_common_vsscanf
__stdio_common_vsprintf_s

api-ms-win-crt-runtime-l1-1-0

terminate
abort
_beginthreadex
_invalid_parameter_noinfo
_controlfp_s
strerror
_errno
_endthreadex
_register_thread_local_exe_atexit_callback
_c_exit
_exit
exit
_initterm_e
_initterm
_get_wide_winmain_command_line
_invalid_parameter_noinfo_noreturn
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_seh_filter_exe
_set_app_type
_configure_wide_argv
_initialize_wide_environment

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh
calloc
_set_new_mode
realloc
_msize
_recalloc

api-ms-win-crt-string-l1-1-0

wcsspn
wcscspn
isalnum
wcsncpy_s
wcsnlen
isspace
strnlen
_wcslwr_s
strncmp
iswspace
wcscat_s
wcscpy_s
ispunct
_wcsicmp
isxdigit
wmemcpy_s

api-ms-win-crt-time-l1-1-0

_localtime64_s
_gmtime64
wcsftime
_time64

api-ms-win-crt-filesystem-l1-1-0

_waccess

api-ms-win-crt-convert-l1-1-0

_atoi64
atoi
_wtoi

api-ms-win-crt-multibyte-l1-1-0

_mbsicmp
_mbslwr_s
_mbsinc
_mbschr
_mbsstr
_mbscmp

api-ms-win-crt-math-l1-1-0

_except1
__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Exports

Exports

?$TSS0@?1??get_instance@?$singleton@VCRequestHandlerFactory@@@serialization@boost@@CAAAVCRequestHandlerFactory@@XZ@4HA
?get_instance@?$singleton@VCRequestHandlerFactory@@@serialization@boost@@CAAAVCRequestHandlerFactory@@XZ
?get_mutable_instance@?$singleton@VCRequestHandlerFactory@@@serialization@boost@@SAAAVCRequestHandlerFactory@@XZ
?instance@?$singleton@VCRequestHandlerFactory@@@serialization@boost@@0AAVCRequestHandlerFactory@@A
?t@?1??get_instance@?$singleton@VCRequestHandlerFactory@@@serialization@boost@@CAAAVCRequestHandlerFactory@@XZ@4V?$singleton_wrapper@VCRequestHandlerFactory@@@detail@34@A

Sections

.text
Size: 816KB - Virtual size: 815KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e785ccafba2b39c139db9791a90cd6c3

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

29:c8:cb:43:1d:57:65:77:57:fb:47:fcCertificate

Extended Key Usages

Key Usages

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate

Key Usages

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

29:c8:cb:43:1d:57:65:77:57:fb:47:fcCertificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

36:11:c4:9c:26:cf:02:89:bc:33:88:39:9a:d8:74:7b:c8:05:78:a7:51:25:60:97:56:60:f6:cb:97:bc:07:fbSigner

06:db:65:52:31:56:d4:6d:9f:3a:8e:c6:e7:76:c4:ec:da:f1:4a:49Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

msvcp140

shlwapi

psapi

ws2_32

iphlpapi

mswsock

wininet

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-multibyte-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Exports

Exports

Sections

.text Size: 816KB - Virtual size: 815KB

.rdata Size: 181KB - Virtual size: 180KB

.data Size: 19KB - Virtual size: 23KB

.gfids Size: 512B - Virtual size: 88B

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

29:c8:cb:43:1d:57:65:77:57:fb:47:fc
Certificate

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

29:c8:cb:43:1d:57:65:77:57:fb:47:fc
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

36:11:c4:9c:26:cf:02:89:bc:33:88:39:9a:d8:74:7b:c8:05:78:a7:51:25:60:97:56:60:f6:cb:97:bc:07:fb
Signer

06:db:65:52:31:56:d4:6d:9f:3a:8e:c6:e7:76:c4:ec:da:f1:4a:49
Signer

.text
Size: 816KB - Virtual size: 815KB

.rdata
Size: 181KB - Virtual size: 180KB

.data
Size: 19KB - Virtual size: 23KB

.gfids
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 32KB - Virtual size: 31KB

.reloc
Size: 37KB - Virtual size: 37KB