mozglue[.]dll | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

mozglue.dll
Size

222KB
MD5

1cb56f7fce3972481fdaeb0f53fb80ad
SHA1

c51499e8a2e1f3d8cf74c2c1e0b3fb0a678586fa
SHA256

6379ba837c7d94018af73de5a5cc24cc43cb0154c53026425e6148c7bd138e91
SHA512

b2fd80fd592455df51a82ac2ef71d26b7fab0c3150706803200161b824985c722faf4594cfb848fde6a0de053e24d22f8c163922b8931e7cf8f32a4af9f6c63a
SSDEEP

6144:8r+372UpqoFXwqAimnNWuvkd7TBNG82Kx/6QFi9jpapT3DeJR:BaUltANbvklTXG8fU2p32R

Score

1^/10

Malware Config

Signatures

Files

mozglue.dll
.dll windows:6 windows x64

5aad8eb7668926ff5dde618738f4ff53

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-05-2021 00:00

Not After

31-12-2028 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22-03-2021 00:00

Not After

21-03-2036 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6c:04:1b:e0:8a:5f:cd:47:36:e2:85:04:be:b7:78:6c
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

20-03-2023 00:00

Not After

19-03-2026 23:59

Subject

CN=Mark Straver,O=Mark Straver,ST=Jönköpings län,C=SE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03-05-2023 00:00

Not After

02-08-2034 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b9:71:8c:88:e7:29:3d:3d:cd:80:ee:68:4d:75:25:f2:97:59:94:e5:79:51:35:83:0f:02:8a:6d:a1:81:ac:fd
Signer

Actual PE Digest

b9:71:8c:88:e7:29:3d:3d:cd:80:ee:68:4d:75:25:f2:97:59:94:e5:79:51:35:83:0f:02:8a:6d:a1:81:ac:fd

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

VerSetConditionMask
SearchPathW
CreateFileW
WriteFile
IsDebuggerPresent
OutputDebugStringA
EncodePointer
DecodePointer
CloseHandle
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcess
GetCurrentThreadId
GetSystemInfo
VirtualAllocEx
VirtualProtectEx
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetModuleHandleA
GetProcAddress
LoadLibraryExA
VerifyVersionInfoA
TerminateProcess
GetEnvironmentVariableA
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TlsAlloc
TlsGetValue
TlsSetValue
VirtualAlloc
VirtualFree
DisableThreadLibraryCalls
RtlLookupFunctionEntry
RtlVirtualUnwind
DuplicateHandle
GetLastError
TryEnterCriticalSection
SetEvent
WaitForSingleObject
CreateEventA
SignalObjectAndWait
GetCurrentThread
SuspendThread
ResumeThread
GetThreadContext
LocalFree
FormatMessageA
QueryPerformanceCounter
QueryPerformanceFrequency
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetProcessTimes
GetSystemTime
GetTickCount64
GetSystemTimeAdjustment
SystemTimeToFileTime
GetSystemTimeAsFileTime
GetCurrentProcessId
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlCaptureContext
GetModuleHandleW
FreeLibrary
VirtualQuery
VirtualProtect
RaiseException
InitializeSListHead

msvcp140

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Xlength_error@std@@YAXPEBD@Z
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z

vcruntime140

__C_specific_handler
strchr
memcpy
__std_type_info_destroy_list
memset
memchr
memmove

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_invoke_watson
_invalid_parameter_noinfo_noreturn
_crt_atexit
_cexit
_initterm
_initterm_e
strerror
_errno
_beginthreadex
_execute_onexit_table

api-ms-win-crt-string-l1-1-0

_stricmp
isxdigit
wcsncpy
_strnicmp
strncpy

api-ms-win-crt-stdio-l1-1-0

_read
_open
_dup
fclose
__stdio_common_vfprintf
__stdio_common_vsprintf
fflush
_write
_close
fputs
__acrt_iob_func
_lseeki64
_wopen

api-ms-win-crt-convert-l1-1-0

_ltoa
_strtoui64
wcstombs

api-ms-win-crt-math-l1-1-0

_fdopen
ceil
_dclass

api-ms-win-crt-heap-l1-1-0

malloc
free

api-ms-win-crt-environment-l1-1-0

getenv

Exports

Exports

??0Decimal@blink@@QEAA@AEBV01@@Z
??0Decimal@blink@@QEAA@AEBVEncodedData@01@@Z
??0Decimal@blink@@QEAA@H@Z
??0Decimal@blink@@QEAA@W4Sign@01@H_K@Z
??0SHA1Sum@mozilla@@QEAA@XZ
??0TimeStampValue@mozilla@@AEAA@_K0_N@Z
??4Decimal@blink@@QEAAAEAV01@AEBV01@@Z
??8Decimal@blink@@QEBA_NAEBV01@@Z
??9Decimal@blink@@QEBA_NAEBV01@@Z
??DDecimal@blink@@QEBA?AV01@AEBV01@@Z
??GDecimal@blink@@QEBA?AV01@AEBV01@@Z
??GDecimal@blink@@QEBA?AV01@XZ
??GTimeStampValue@mozilla@@QEBA_KAEBV01@@Z
??HDecimal@blink@@QEBA?AV01@AEBV01@@Z
??KDecimal@blink@@QEBA?AV01@AEBV01@@Z
??MDecimal@blink@@QEBA_NAEBV01@@Z
??NDecimal@blink@@QEBA_NAEBV01@@Z
??ODecimal@blink@@QEBA_NAEBV01@@Z
??PDecimal@blink@@QEBA_NAEBV01@@Z
??XDecimal@blink@@QEAAAEAV01@AEBV01@@Z
??YDecimal@blink@@QEAAAEAV01@AEBV01@@Z
??YTimeStampValue@mozilla@@QEAAAEAV01@_J@Z
??ZDecimal@blink@@QEAAAEAV01@AEBV01@@Z
??ZTimeStampValue@mozilla@@QEAAAEAV01@_J@Z
??_0Decimal@blink@@QEAAAEAV01@AEBV01@@Z
??_FDecimal@blink@@QEAAXXZ
?AcquireStackWalkWorkaroundLock@@YAXXZ
?CheckQPC@TimeStampValue@mozilla@@AEBA_KAEBV12@@Z
?ComputeProcessUptime@TimeStamp@mozilla@@CA_KXZ
?CreateDecimalRepresentation@DoubleToStringConverter@double_conversion@@AEBAXPEBDHHHPEAVStringBuilder@2@@Z
?CreateExponentialRepresentation@DoubleToStringConverter@double_conversion@@AEBAXPEBDHHPEAVStringBuilder@2@@Z
?DllBlocklist_CheckStatus@@YA_NXZ
?DllBlocklist_Initialize@@YAXXZ
?DllBlocklist_SetInXPCOMLoadOnMainThread@@YAX_N@Z
?DllBlocklist_WriteNotes@@YAXPEAX@Z
?DoubleToAscii@DoubleToStringConverter@double_conversion@@SAXNW4DtoaMode@12@HPEADHPEA_NPEAH3@Z
?EcmaScriptConverter@DoubleToStringConverter@double_conversion@@SAAEBV12@XZ
?FramePointerStackWalk@mozilla@@YA_NP6AXIPEAX00@ZII0PEAPEAX0@Z
?HandleSpecialValues@DoubleToStringConverter@double_conversion@@AEBA_NNPEAVStringBuilder@2@@Z
?HashBytes@mozilla@@YAIPEBX_K@Z
?IsFloat32Representable@mozilla@@YA_NN@Z
?MozDescribeCodeAddress@@YA_NPEAXPEAUMozCodeAddressDetails@@@Z
?MozFormatCodeAddress@@YAXPEADIIPEBXPEBD2_J2I@Z
?MozFormatCodeAddressDetails@@YAXPEADIIPEAXPEBUMozCodeAddressDetails@@@Z
?MozStackWalk@@YA_NP6AXIPEAX00@ZII0_K0@Z
?Now@TimeStamp@mozilla@@CA?AV12@_N@Z
?ProcessCreation@TimeStamp@mozilla@@SA?AV12@AEA_N@Z
?RecordProcessRestart@TimeStamp@mozilla@@SAXXZ
?ReleaseStackWalkWorkaroundLock@@YAXXZ
?ResolutionInTicks@BaseTimeDurationPlatformUtils@mozilla@@SA_JXZ
?Shutdown@TimeStamp@mozilla@@SAXXZ
?StackWalkInitCriticalAddress@@YAXXZ
?Startup@TimeStamp@mozilla@@SAXXZ
?TicksFromMilliseconds@BaseTimeDurationPlatformUtils@mozilla@@SA_JN@Z
?ToExponential@DoubleToStringConverter@double_conversion@@QEBA_NNHPEAVStringBuilder@2@@Z
?ToFixed@DoubleToStringConverter@double_conversion@@QEBA_NNHPEAVStringBuilder@2@@Z
?ToPrecision@DoubleToStringConverter@double_conversion@@QEBA_NNHPEA_NPEAVStringBuilder@2@@Z
?ToSeconds@BaseTimeDurationPlatformUtils@mozilla@@SAN_J@Z
?ToSecondsSigDigits@BaseTimeDurationPlatformUtils@mozilla@@SAN_J@Z
?ToShortestIeeeNumber@DoubleToStringConverter@double_conversion@@AEBA_NNPEAVStringBuilder@2@W4DtoaMode@12@@Z
?TryAcquireStackWalkWorkaroundLock@@YA_NXZ
?Unused@mozilla@@3Uunused_t@1@B
?abs@Decimal@blink@@QEBA?AV12@XZ
?alignOperands@Decimal@blink@@CA?AUAlignedOperands@12@AEBV12@0@Z
?avx2_enabled@sse_private@mozilla@@3_NA
?avx_enabled@sse_private@mozilla@@3_NA
?ceil@Decimal@blink@@QEBA?AV12@XZ
?compareTo@Decimal@blink@@AEBA?AV12@AEBV12@@Z
?compress@LZ4@Compression@mozilla@@SA_KPEBD_KPEAD@Z
?compressLimitedOutput@LZ4@Compression@mozilla@@SA_KPEBD_KPEAD1@Z
?decompress@LZ4@Compression@mozilla@@SA_NPEBDPEAD_K@Z
?decompress@LZ4@Compression@mozilla@@SA_NPEBD_KPEAD1PEA_K@Z
?decompressPartial@LZ4@Compression@mozilla@@SA_NPEBD_KPEAD1PEA_K@Z
?finish@SHA1Sum@mozilla@@QEAAXAEAY0BE@E@Z
?floor@Decimal@blink@@QEBA?AV12@XZ
?fromDouble@Decimal@blink@@SA?AV12@N@Z
?fromString@Decimal@blink@@SA?AV12@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?gChaosFeatures@detail@mozilla@@3W4ChaosFeature@2@A
?gChaosModeCounter@detail@mozilla@@3V?$Atomic@I$01X@2@A
?gTwoCharEscapes@detail@mozilla@@3QBDB
?infinity@Decimal@blink@@SA?AV12@W4Sign@12@@Z
?kBase10MaximalLength@DoubleToStringConverter@double_conversion@@2HB
?mmx_enabled@sse_private@mozilla@@3_NA
?mozalloc_abort@@YAXQEBD@Z
?mozalloc_handle_oom@@YAX_K@Z
?mozalloc_set_oom_abort_handler@@YAXP6AX_K@Z@Z
?nan@Decimal@blink@@SA?AV12@XZ
?remainder@Decimal@blink@@QEBA?AV12@AEBV12@@Z
?round@Decimal@blink@@QEBA?AV12@XZ
?sse3_enabled@sse_private@mozilla@@3_NA
?sse4_1_enabled@sse_private@mozilla@@3_NA
?sse4_2_enabled@sse_private@mozilla@@3_NA
?sse4a_enabled@sse_private@mozilla@@3_NA
?ssse3_enabled@sse_private@mozilla@@3_NA
?toDouble@Decimal@blink@@QEBANXZ
?toString@Decimal@blink@@QEBA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?toString@Decimal@blink@@QEBA_NPEAD_K@Z
?update@SHA1Sum@mozilla@@QEAAXPEBXI@Z
?zero@Decimal@blink@@SA?AV12@W4Sign@12@@Z
HeapAlloc
HeapFree
HeapReAlloc
MOZ_CrashOOL
MOZ_CrashPrintf
MOZ_Z_adler32
MOZ_Z_adler32_combine
MOZ_Z_compress
MOZ_Z_compress2
MOZ_Z_compressBound
MOZ_Z_crc32
MOZ_Z_crc32_combine
MOZ_Z_deflate
MOZ_Z_deflateBound
MOZ_Z_deflateCopy
MOZ_Z_deflateEnd
MOZ_Z_deflateInit2_
MOZ_Z_deflateInit_
MOZ_Z_deflateParams
MOZ_Z_deflatePending
MOZ_Z_deflatePrime
MOZ_Z_deflateReset
MOZ_Z_deflateResetKeep
MOZ_Z_deflateSetDictionary
MOZ_Z_deflateSetHeader
MOZ_Z_deflateTune
MOZ_Z_get_crc_table
MOZ_Z_gzbuffer
MOZ_Z_gzclearerr
MOZ_Z_gzclose
MOZ_Z_gzclose_r
MOZ_Z_gzclose_w
MOZ_Z_gzdirect
MOZ_Z_gzdopen
MOZ_Z_gzeof
MOZ_Z_gzerror
MOZ_Z_gzflush
MOZ_Z_gzgetc_
MOZ_Z_gzgets
MOZ_Z_gzoffset
MOZ_Z_gzoffset64
MOZ_Z_gzopen
MOZ_Z_gzopen64
MOZ_Z_gzopen_w
MOZ_Z_gzprintf
MOZ_Z_gzputc
MOZ_Z_gzputs
MOZ_Z_gzread
MOZ_Z_gzrewind
MOZ_Z_gzseek
MOZ_Z_gzseek64
MOZ_Z_gzsetparams
MOZ_Z_gztell
MOZ_Z_gztell64
MOZ_Z_gzungetc
MOZ_Z_gzvprintf
MOZ_Z_gzwrite
MOZ_Z_inflate
MOZ_Z_inflateBack
MOZ_Z_inflateBackEnd
MOZ_Z_inflateBackInit_
MOZ_Z_inflateCopy
MOZ_Z_inflateEnd
MOZ_Z_inflateGetDictionary
MOZ_Z_inflateGetHeader
MOZ_Z_inflateInit2_
MOZ_Z_inflateInit_
MOZ_Z_inflateMark
MOZ_Z_inflatePrime
MOZ_Z_inflateReset
MOZ_Z_inflateReset2
MOZ_Z_inflateResetKeep
MOZ_Z_inflateSetDictionary
MOZ_Z_inflateSync
MOZ_Z_inflateSyncPoint
MOZ_Z_inflateUndermine
MOZ_Z_uncompress
MOZ_Z_uncompress2
MOZ_Z_zError
MOZ_Z_zlibCompileFlags
MOZ_Z_zlibVersion
_aligned_free
_aligned_malloc
_expand
_malloc_message
_malloc_options
_msize
_recalloc
_strdup
_wcsdup
adler32_z
calloc
crc32_z
deflateGetDictionary
free
frex
gMozCrashReason
gMozillaPoisonBase
gMozillaPoisonSize
gMozillaPoisonValue
gzfread
gzfwrite
gzgetc
inflateCodesUsed
inflateValidate
jemalloc_free_dirty_pages
jemalloc_purge_freed_pages
jemalloc_stats
malloc
malloc_good_size
malloc_usable_size
mozPoisonValueInit
moz_malloc_size_of
moz_malloc_usable_size
moz_xcalloc
moz_xmalloc
moz_xrealloc
moz_xstrdup
posix_memalign
realloc
strdup
strndup
wcsdup

Sections

.text
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5aad8eb7668926ff5dde618738f4ff53

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

6c:04:1b:e0:8a:5f:cd:47:36:e2:85:04:be:b7:78:6cCertificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

b9:71:8c:88:e7:29:3d:3d:cd:80:ee:68:4d:75:25:f2:97:59:94:e5:79:51:35:83:0f:02:8a:6d:a1:81:ac:fdSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcp140

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-environment-l1-1-0

Exports

Exports

Sections

.text Size: 149KB - Virtual size: 148KB

.rdata Size: 50KB - Virtual size: 49KB

.data Size: 2KB - Virtual size: 4KB

.pdata Size: 9KB - Virtual size: 8KB

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 512B - Virtual size: 372B

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

6c:04:1b:e0:8a:5f:cd:47:36:e2:85:04:be:b7:78:6c
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

b9:71:8c:88:e7:29:3d:3d:cd:80:ee:68:4d:75:25:f2:97:59:94:e5:79:51:35:83:0f:02:8a:6d:a1:81:ac:fd
Signer

.text
Size: 149KB - Virtual size: 148KB

.rdata
Size: 50KB - Virtual size: 49KB

.data
Size: 2KB - Virtual size: 4KB

.pdata
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 512B - Virtual size: 372B