NEAS[.]4dfe18efde9f6ddf053034782d897c60[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NEAS.4dfe18efde9f6ddf053034782d897c60.exe
Size

706KB
MD5

4dfe18efde9f6ddf053034782d897c60
SHA1

d2d4a791f47c3782445a33c3cd4361804687e12d
SHA256

cc5f606aa31291a57d2fc76413d42c20ddb93a7f91b0baeb5ac02a69f2821bd3
SHA512

7927d442c1ff31591fc9291ef6661315c55b9f95ac45afde296d63ce910e8942bdd5476339f40c9f2f5a1d96f6e4a0d6d184c690106daa99a65f2674a4f94811
SSDEEP

12288:k7gjMWToFqeTKqLKV9U4R4mKmOA1mqdwg2o+n8E1d28IgH:k7gV8Fqe8VHRuA0Rg2ogvdyi

Score

1^/10

Malware Config

Signatures

Files

NEAS.4dfe18efde9f6ddf053034782d897c60.exe
.exe windows:6 windows x64

8a2f0daf4e5b80555fdf45ca353aa9dd

Code Sign

33:00:00:04:8f:0b:b9:7c:df:7a:ff:4a:57:00:00:00:00:04:8f
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12-05-2022 20:47

Not After

11-05-2023 20:47

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06-07-2010 20:40

Not After

06-07-2025 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:02:ce:78:d4:2c:89:f8:69:73:53:00:00:00:00:02:ce
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12-05-2022 20:46

Not After

11-05-2023 20:46

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:79:26:47:8b:e5:e9:96:1f:a1:06:ea:49:91:d2:07:a3:30:00:67:2a:70:c3:7c:aa:69:08:26:2e:68:7a:a7
Signer

Actual PE Digest

8c:79:26:47:8b:e5:e9:96:1f:a1:06:ea:49:91:d2:07:a3:30:00:67:2a:70:c3:7c:aa:69:08:26:2e:68:7a:a7

Digest Algorithm

sha256

PE Digest Matches

true

8c:79:26:47:8b:e5:e9:96:1f:a1:06:ea:49:91:d2:07:a3:30:00:67:2a:70:c3:7c:aa:69:08:26:2e:68:7a:a7
Signer

Actual PE Digest

8c:79:26:47:8b:e5:e9:96:1f:a1:06:ea:49:91:d2:07:a3:30:00:67:2a:70:c3:7c:aa:69:08:26:2e:68:7a:a7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
InitializeSRWLock
GetSystemTimeAsFileTime
TerminateProcess
GetModuleFileNameA
GetShortPathNameA
GetModuleFileNameW
CreateProcessW
CreateFileW
FormatMessageA
CreateActCtxW
ActivateActCtx
OutputDebugStringA
FindActCtxSectionStringW
DeactivateActCtx
QueryActCtxW
LoadLibraryW
IsValidCodePage
GetStringTypeExW
QueryDepthSList
InitializeCriticalSectionEx
DeleteCriticalSection
TryEnterCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeSListHead
InterlockedPushEntrySList
InterlockedPopEntrySList
GetModuleHandleW
DeleteProcThreadAttributeList
SetEnvironmentVariableW
CreateEventW
DuplicateHandle
InitializeProcThreadAttributeList
UpdateProcThreadAttribute
GetExitCodeProcess
IsDebuggerPresent
GetTempPathW
GetTempFileNameW
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
CloseThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CreateThreadpoolTimer
CloseThreadpoolWait
SetThreadpoolWait
WaitForThreadpoolWaitCallbacks
CreateThreadpoolWait
CreateThreadpoolWork
SubmitThreadpoolWork
WaitForSingleObject
Sleep
InitOnceExecuteOnce
GetHandleInformation
InitializeCriticalSection
CancelIoEx
GetQueuedCompletionStatusEx
CreateIoCompletionPort
SetFileCompletionNotificationModes
LoadLibraryA
QueryPerformanceCounter
GetTickCount
SetHandleInformation
ReadFile
SetNamedPipeHandleState
WriteFile
GetProcAddress
LoadLibraryExA
VirtualQuery
VirtualProtect
GetSystemInfo
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeLibrary
CompareStringEx
RaiseException
GetCurrentThreadId
GetCurrentProcessId
CreateWaitableTimerW
GetCurrentProcess
SetLastError
WaitForMultipleObjectsEx
WaitForSingleObjectEx
GetTickCount64
GetLastError
AcquireSRWLockShared
ReleaseSRWLockShared
AcquireSRWLockExclusive
FileTimeToSystemTime
ReleaseSRWLockExclusive
SetEvent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
ResetEvent
InitializeCriticalSectionAndSpinCount
CreateEventExW
CloseHandle

ole32

StringFromGUID2
CoCreateGuid

advapi32

CryptAcquireContextW
CryptGenRandom
EventUnregister
EventRegister
EventWriteTransfer
RegCloseKey
RegOpenKeyExW

iphlpapi

GetAdaptersAddresses
if_indextoname

ws2_32

WSASocketW
WSACleanup
connect
recv
getsockopt
htonl
htons
ioctlsocket
getnameinfo
setsockopt
WSAGetLastError
getpeername
WSAIoctl
listen
getsockname
bind
socket
closesocket
freeaddrinfo
ntohs
getaddrinfo
ntohl
WSAPoll
sendto
recvfrom
inet_ntoa
inet_addr
WSAStartup
accept
send

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__C_specific_handler
_purecall
__std_exception_copy
strrchr
__std_terminate
__current_exception
__current_exception_context
memcpy
_CxxThrowException
__C_specific_handler_noexcept
memchr
memcmp
memmove
memset
__std_exception_destroy

msvcp140

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
_Cnd_destroy_in_situ
_Cnd_broadcast
_Cnd_wait
_Cnd_timedwait
?_Syserror_map@std@@YAPEBDH@Z
_Cnd_init_in_situ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?_Xinvalid_argument@std@@YAXPEBD@Z
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
_Thrd_sleep
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
_Query_perf_frequency
_Query_perf_counter
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
_Xtime_get_ticks
?uncaught_exception@std@@YA_NXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?id@?$ctype@_W@std@@2V0locale@2@A
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@F@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@N@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXH@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?widen@?$ctype@_W@std@@QEBA_WD@Z
??Bid@locale@std@@QEAA_KXZ
?_Xout_of_range@std@@YAXPEBD@Z
_Thrd_id
?_Throw_C_error@std@@YAXH@Z
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_unlock
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

api-ms-win-crt-heap-l1-1-0

realloc
malloc
free
_set_new_mode

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
terminate
strerror
_crt_atexit
_errno
_invalid_parameter_noinfo
abort
_register_thread_local_exe_atexit_callback
_c_exit
_cexit
__p___argv
__p___argc
_exit
exit
_initterm_e
_beginthreadex
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment
_invalid_parameter_noinfo_noreturn
_configure_narrow_argv
_seh_filter_exe
_set_app_type
_register_onexit_function

api-ms-win-crt-stdio-l1-1-0

fgetpos
_fseeki64
fsetpos
setvbuf
fgetc
fputc
_set_fmode
fread
_get_stream_buffer_pointers
fclose
tmpnam_s
__stdio_common_vsprintf
__p__commode
__stdio_common_vfprintf
__acrt_iob_func
fflush
__stdio_common_vsnwprintf_s
ungetc
fwrite

api-ms-win-crt-string-l1-1-0

towlower
wcscmp
isxdigit
iswspace
wcscpy_s
wcsncpy_s
isalpha
strnlen
strncpy
isalnum
strtok_s
strcpy_s
_stricmp
isdigit
strcmp

api-ms-win-crt-convert-l1-1-0

wcstol
_i64tow_s
_wcstoi64
_wcstoui64
strtol
wcstoul
wcstod
atoi

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
__initialize_lconv_for_unsigned_char

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_mkdir
_unlink
_rmdir
_lock_file

api-ms-win-crt-math-l1-1-0

floor
pow
log10
__setusermatherr
ceilf
round

api-ms-win-crt-utility-l1-1-0

rand

Sections

.text
Size: 535KB - Virtual size: 535KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a2f0daf4e5b80555fdf45ca353aa9dd

Code Sign

33:00:00:04:8f:0b:b9:7c:df:7a:ff:4a:57:00:00:00:00:04:8fCertificate

Extended Key Usages

61:0c:52:4c:00:00:00:00:00:03Certificate

Key Usages

33:00:00:02:ce:78:d4:2c:89:f8:69:73:53:00:00:00:00:02:ceCertificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

8c:79:26:47:8b:e5:e9:96:1f:a1:06:ea:49:91:d2:07:a3:30:00:67:2a:70:c3:7c:aa:69:08:26:2e:68:7a:a7Signer

8c:79:26:47:8b:e5:e9:96:1f:a1:06:ea:49:91:d2:07:a3:30:00:67:2a:70:c3:7c:aa:69:08:26:2e:68:7a:a7Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

advapi32

iphlpapi

ws2_32

vcruntime140_1

vcruntime140

msvcp140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-utility-l1-1-0

Sections

.text Size: 535KB - Virtual size: 535KB

.rdata Size: 113KB - Virtual size: 113KB

.data Size: 6KB - Virtual size: 6KB

.pdata Size: 23KB - Virtual size: 23KB

.didat Size: 512B - Virtual size: 32B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 5KB

33:00:00:04:8f:0b:b9:7c:df:7a:ff:4a:57:00:00:00:00:04:8f
Certificate

61:0c:52:4c:00:00:00:00:00:03
Certificate

33:00:00:02:ce:78:d4:2c:89:f8:69:73:53:00:00:00:00:02:ce
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

8c:79:26:47:8b:e5:e9:96:1f:a1:06:ea:49:91:d2:07:a3:30:00:67:2a:70:c3:7c:aa:69:08:26:2e:68:7a:a7
Signer

8c:79:26:47:8b:e5:e9:96:1f:a1:06:ea:49:91:d2:07:a3:30:00:67:2a:70:c3:7c:aa:69:08:26:2e:68:7a:a7
Signer

.text
Size: 535KB - Virtual size: 535KB

.rdata
Size: 113KB - Virtual size: 113KB

.data
Size: 6KB - Virtual size: 6KB

.pdata
Size: 23KB - Virtual size: 23KB

.didat
Size: 512B - Virtual size: 32B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 5KB