25a04854b83cfd1e9fbbd144bf170760_dll64_JC[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

25a04854b83cfd1e9fbbd144bf170760_dll64_JC.dll
Size

663KB
MD5

25a04854b83cfd1e9fbbd144bf170760
SHA1

1fc3eb45f12635dbe28d14a35d0f5ec1ad41d768
SHA256

bc6d8534edf34c38e37c408639903ddd8cf0323d2d3c51c23076293b9c652fec
SHA512

af15108fe24f152e945a13e8ae979be960d049abce7eca25fd0a3726a8ea6f8d60ff8d7e0372963d80436cc5bd98422dd2e4d5ee90ee2802c5cfbbeac821f6cb
SSDEEP

12288:k3b6ajVRdPQ4Dwra9PpeYwwXXsHHph0lhSMXl+x6imOXNYdT:k3b6ajVRdPQiwmpcYwwXXsHJh0lhSMXv

Score

1^/10

Malware Config

Signatures

Files

25a04854b83cfd1e9fbbd144bf170760_dll64_JC.dll
.dll regsvr32 windows:10 windows x64

3b6f8a0b4e1ff0e4e451fda43b5557e1

Code Sign

1c:cf:9d:67:cd:e2:19:ff:12:d9:9a:ff:36:82:e5:a7
Certificate

Issuer

CN=SSL.com Root Certification Authority ECC,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

07/03/2019, 19:35

Not After

03/03/2034, 19:35

Subject

CN=SSL.com Code Signing Intermediate CA ECC R2,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:28:d3:29:9c:b4:c3:7e:a3:03:dd:18:5d:c9:6c:b7
Certificate

Issuer

CN=SSL.com Code Signing Intermediate CA ECC R2,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

01/06/2021, 22:52

Not After

31/05/2024, 22:52

Subject

CN=SmartSoft Ltd,O=SmartSoft Ltd,L=Victoria,ST=Mahe,C=SC

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

47:64:9b:10:2b:0d:58:d7:b3:25:6c:ae:06:2e:64:82:2e:af:d2:39:11:78:49:16:36:a2:d6:be:6f:da:97:67
Signer

Actual PE Digest

47:64:9b:10:2b:0d:58:d7:b3:25:6c:ae:06:2e:64:82:2e:af:d2:39:11:78:49:16:36:a2:d6:be:6f:da:97:67

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

propsys

PropVariantCompareEx
PSCreateSimplePropertyChange
PSFormatForDisplay
PropVariantGetElementCount
PropVariantToInt32
InitPropVariantFromPropVariantVectorElem
PropVariantChangeType
VariantToString
PSGetPropertyDescription
PSCreateMemoryPropertyStore
PropVariantToFileTime
PropVariantToUInt64
PropVariantToStringWithDefault
ord423

comctl32

ord326
ord388
ord324
ord320
ord332
ord386
ord329
ord328
ord321
ord323
DestroyPropertySheetPage
ord344
CreatePropertySheetPageW
PropertySheetW
ord334

uxtheme

SetWindowTheme

ntdll

RtlVirtualUnwind
VerSetConditionMask
RtlCaptureContext
RtlLookupFunctionEntry
LdrResolveDelayLoadedAPI

atlthunk

AtlThunk_InitData
AtlThunk_FreeData
AtlThunk_AllocateData
AtlThunk_DataToCode

api-ms-win-core-com-l1-1-0

CoTaskMemAlloc
PropVariantClear
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance

api-ms-win-core-libraryloader-l1-2-0

GetProcAddress
SizeofResource
LoadResource
GetModuleHandleW
LockResource

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringW

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
QueueUserAPC
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
GetCurrentProcess
TerminateProcess
TerminateThread
GetCurrentProcessId

api-ms-win-core-localization-l1-2-0

FormatMessageA
FindNLSString
FormatMessageW
GetLocaleInfoEx

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetSystemTime
GetLocalTime

api-ms-win-core-heap-l2-1-0

LocalAlloc
LocalFree

api-ms-win-core-synch-l1-1-0

AcquireSRWLockExclusive
ReleaseSRWLockExclusive
SleepEx
SetEvent
WaitForSingleObject
EnterCriticalSection
CreateEventW
SetWaitableTimer
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection

api-ms-win-core-errorhandling-l1-1-0

GetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError
RaiseException

api-ms-win-core-libraryloader-l1-2-1

FindResourceW

api-ms-win-core-string-l1-1-0

WideCharToMultiByte
CompareStringEx
CompareStringW
MultiByteToWideChar

bcrypt

BCryptCloseAlgorithmProvider
BCryptGetProperty
BCryptOpenAlgorithmProvider

ncrypt

NCryptEnumAlgorithms
NCryptFreeBuffer
NCryptFreeObject
NCryptOpenStorageProvider

api-ms-win-core-timezone-l1-1-0

FileTimeToSystemTime
SystemTimeToFileTime

rpcrt4

NdrDllCanUnloadNow
CStdStubBuffer_IsIIDSupported
IUnknown_QueryInterface_Proxy
CStdStubBuffer_Disconnect
NdrDllGetClassObject
CStdStubBuffer_DebugServerRelease
NdrOleAllocate
CStdStubBuffer_QueryInterface
CStdStubBuffer_CountRefs
IUnknown_Release_Proxy
CStdStubBuffer_AddRef
NdrOleFree
CStdStubBuffer_DebugServerQueryInterface
IUnknown_AddRef_Proxy
CStdStubBuffer_Invoke
NdrCStdStubBuffer_Release
CStdStubBuffer_Connect

api-ms-win-core-com-midlproxystub-l1-1-0

ObjectStublessClient3
ObjectStublessClient11
ObjectStublessClient15
ObjectStublessClient4
ObjectStublessClient12
ObjectStublessClient7
ObjectStublessClient13
ObjectStublessClient5
ObjectStublessClient8
ObjectStublessClient9
ObjectStublessClient10
ObjectStublessClient16
ObjectStublessClient14
ObjectStublessClient6

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapFree
HeapAlloc

api-ms-win-core-kernel32-legacy-l1-1-1

VerifyVersionInfoW

api-ms-win-core-registry-l1-1-0

RegOpenKeyExW
RegCloseKey

oleaut32

VariantInit
VariantClear

ws2_32

closesocket
WSAStringToAddressW
WSAGetLastError
WSACleanup
WSAStartup
ioctlsocket
WSARecv
htonl
bind
getsockname
setsockopt
WSASend
listen
ntohs
htons
WSASocketW
WSASetLastError
ntohl
shutdown

api-ms-win-core-io-l1-1-0

GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
CancelIoEx

mswsock

GetAcceptExSockaddrs
AcceptEx

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects
CreateWaitableTimerW

api-ms-win-core-url-l1-1-0

UrlUnescapeW

dui70

InitThread
UnInitProcessPriv
InitProcessPriv
RegisterPVLBehaviorFactory
UnInitThread

ftplib

?CreateInstance_KeyManager@FTPLib@@YAJAEBU_GUID@@PEAPEAX@Z

msvcp140

?_Syserror_map@std@@YAPEBDH@Z
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?id@?$numpunct@_W@std@@2V0locale@2@A
?_Winerror_map@std@@YAHH@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
??0facet@locale@std@@IEAA@_K@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
??1facet@locale@std@@MEAA@XZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
??1_Locinfo@std@@QEAA@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
_Mbrtowc
?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAH@Z
?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?imbue@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
?_Xbad_alloc@std@@YAXXZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
??Bid@locale@std@@QEAA_KXZ
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
_Query_perf_counter
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?toupper@?$ctype@_W@std@@QEBA_W_W@Z
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?fail@ios_base@std@@QEBA_NXZ
?tolower@?$ctype@_W@std@@QEBA_W_W@Z
?widen@?$ctype@_W@std@@QEBA_WD@Z
?id@?$ctype@_W@std@@2V0locale@2@A
_Query_perf_frequency
?id@?$numpunct@D@std@@2V0locale@2@A
?is@?$ctype@_W@std@@QEBA_NF_W@Z
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
_Cnd_do_broadcast_at_thread_exit
_Thrd_join
_Thrd_id
?_Throw_Cpp_error@std@@YAXH@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ

user32

GetKeyboardLayout
LoadStringW
GetSystemMetricsForDpi
AreDpiAwarenessContextsEqual
GetWindowDpiAwarenessContext
GetDpiForWindow
DestroyIcon
ReleaseDC
DrawTextW
GetDC
GetCursorPos
MonitorFromPoint
IsDlgButtonChecked
GetDlgItemTextW
ShowWindow
SetDlgItemInt
GetDlgItemInt
GetWindowLongPtrW
DefWindowProcW
DestroyWindow
CallWindowProcW
PostMessageW
GetWindowTextW
SetFocus
SetDlgItemTextW
GetWindowTextLengthW
SetWindowLongPtrW
SendDlgItemMessageW
EndDialog
DialogBoxParamW
UnregisterClassW
GetClientRect
GetDlgItem
EnableWindow
SetWindowTextW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
GetWindowRect
GetParent
SendMessageW
GetWindow
SetWindowPos
GetWindowLongW
MessageBeep

ole32

CreateBindCtx
PropVariantCopy

shell32

ord43
ord100
SHCreateItemFromParsingName
Shell_GetCachedImageIndexW
SHAssocEnumHandlers
SHAssocEnumHandlersForProtocolByApplication
ShellExecuteExW
ShellExecuteW
ord63
SHGetFileInfoW
SHCreateItemFromIDList
SHParseDisplayName
SHBindToParent
ord903
ord939
ord765

shlwapi

ord219
PathRemoveFileSpecW
SHAutoComplete
PathFindExtensionW
PathCompactPathW
AssocQueryStringW
PathFindFileNameW
ord158
AssocCreate
StrDupW
PathMatchSpecExW
ord154
ord572
ord516

gdi32

GetDeviceCaps
SelectObject

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memset
_CxxThrowException
__std_type_info_compare
memmove
memcpy
memcmp
memchr
__std_terminate
__current_exception_context
__current_exception
__std_exception_copy
__std_exception_destroy
_purecall
__std_type_info_destroy_list
__C_specific_handler

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
_set_errno
_get_errno
_invalid_parameter_noinfo
_errno
abort
terminate
_beginthreadex
_resetstkoflw
_seh_filter_dll
_initterm_e
_initterm
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsnprintf_s
__stdio_common_vswscanf
__stdio_common_vswprintf

api-ms-win-crt-heap-l1-1-0

free
calloc
_recalloc
_callnewh
malloc
_aligned_free
_aligned_malloc

api-ms-win-crt-math-l1-1-0

_ldsign
_dsign
_dclass
_ldclass
_fdclass
_fdsign

api-ms-win-core-localization-obsolete-l1-2-0

GetUserDefaultUILanguage

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-synch-l1-2-0

SleepConditionVariableSRW
WakeAllConditionVariable

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

?CreateInstance_ConditionsDialog@CommonUI@@YAJAEBU_GUID@@PEAPEAX@Z
?CreateInstance_CreateCertWizard@CommonUI@@YAJAEBU_GUID@@PEAPEAX@Z
?CreateInstance_FileExistsDialog@CommonUI@@YAJAEBU_GUID@@PEAPEAX@Z
?CreateInstance_ImportKeyWizard@CommonUI@@YAJAEBU_GUID@@PEAPEAX@Z
?CreateInstance_OAuthAuthorizationDialog@CommonUI@@YAJAEBU_GUID@@PEAPEAX@Z
?CreateInstance_OpenAsDialog@CommonUI@@YAJAEBU_GUID@@PEAPEAX@Z
DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 367KB - Virtual size: 367KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b6f8a0b4e1ff0e4e451fda43b5557e1

Code Sign

1c:cf:9d:67:cd:e2:19:ff:12:d9:9a:ff:36:82:e5:a7Certificate

Extended Key Usages

Key Usages

52:28:d3:29:9c:b4:c3:7e:a3:03:dd:18:5d:c9:6c:b7Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

47:64:9b:10:2b:0d:58:d7:b3:25:6c:ae:06:2e:64:82:2e:af:d2:39:11:78:49:16:36:a2:d6:be:6f:da:97:67Signer

Headers

DLL Characteristics

File Characteristics

Imports

propsys

comctl32

uxtheme

ntdll

atlthunk

api-ms-win-core-com-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-heap-l2-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-libraryloader-l1-2-1

api-ms-win-core-string-l1-1-0

bcrypt

ncrypt

api-ms-win-core-timezone-l1-1-0

rpcrt4

api-ms-win-core-com-midlproxystub-l1-1-0

api-ms-win-core-util-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-kernel32-legacy-l1-1-1

api-ms-win-core-registry-l1-1-0

oleaut32

ws2_32

api-ms-win-core-io-l1-1-0

mswsock

api-ms-win-core-handle-l1-1-0

api-ms-win-core-synch-l1-2-1

api-ms-win-core-url-l1-1-0

dui70

ftplib

msvcp140

user32

ole32

shell32

shlwapi

gdi32

vcruntime140_1

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-core-localization-obsolete-l1-2-0

api-ms-win-core-processthreads-l1-1-1

api-ms-win-core-synch-l1-2-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-interlocked-l1-1-0

api-ms-win-core-delayload-l1-1-0

Exports

Exports

1c:cf:9d:67:cd:e2:19:ff:12:d9:9a:ff:36:82:e5:a7
Certificate

52:28:d3:29:9c:b4:c3:7e:a3:03:dd:18:5d:c9:6c:b7
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

47:64:9b:10:2b:0d:58:d7:b3:25:6c:ae:06:2e:64:82:2e:af:d2:39:11:78:49:16:36:a2:d6:be:6f:da:97:67
Signer

.text
Size: 367KB - Virtual size: 367KB

.orpc
Size: 512B - Virtual size: 240B

.rdata
Size: 216KB - Virtual size: 215KB

.data
Size: 2KB - Virtual size: 4KB

.pdata
Size: 19KB - Virtual size: 19KB

.didat
Size: 512B - Virtual size: 40B

.rsrc
Size: 45KB - Virtual size: 45KB

.reloc
Size: 2KB - Virtual size: 2KB