039254cae35e5ab4381e03a90ddc63674d5a036b09c1e047f7a59581c9a26321[.]exe[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

039254cae35e5ab4381e03a90ddc63674d5a036b09c1e047f7a59581c9a26321.exe.zip
Size

10.5MB
MD5

c3b4bfc90094bf87530731345a92c09d
SHA1

32350d780ec42a8aefa12ad0ae2f126e9b2ab36a
SHA256

033949db39ddce168e7f063bee76ccf448f43e54746e98909659d5ebc0a85733
SHA512

025729ae7000176f5f54368c2ee319f9e8a44f1585efc7c572258a1ba81bc719620f23342979598f59a20428bd5961c8dedac2ec9d00b4add6a84ebb79408364
SSDEEP

196608:XsxXv9l7hgIPx4O6BctVocBhEVf92EWPDgFcE2sejtIMW3Y/B5MhUd5kwQ1:w55tVoehEWDgOJtTgY/BB59Q1

Score

1^/10

Malware Config

Signatures

Files

039254cae35e5ab4381e03a90ddc63674d5a036b09c1e047f7a59581c9a26321.exe.zip
.zip

Password: infected
039254cae35e5ab4381e03a90ddc63674d5a036b09c1e047f7a59581c9a26321.exe
.exe windows:5 windows x86

c96935a11cbf9ec5f0c37ed1259b8d4e

Code Sign

07:30:c2:48:97:78:13:c2:5b:b2:25:68:b5:1e:d2:87
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

31/03/2015, 00:00

Not After

28/06/2018, 12:00

Subject

CN=Adlice,O=Adlice,L=Orvault,ST=Loire Atlantique,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

49:34:f3:fc:f0:d8:73:1d:29:7d:5d:52:0f:d7:64:a1:12:1f:01:61
Signer

Actual PE Digest

49:34:f3:fc:f0:d8:73:1d:29:7d:5d:52:0f:d7:64:a1:12:1f:01:61

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleInputA
GetACP
SetConsoleCtrlHandler
FindFirstFileExA
GetOEMCP
GetDriveTypeA
FileTimeToLocalFileTime
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetCPInfo
InitializeCriticalSectionAndSpinCount
CreateProcessA
LCMapStringW
SetEnvironmentVariableA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsProcessorFeaturePresent
IsDebuggerPresent
FindCloseChangeNotification
SetStdHandle
FindFirstChangeNotificationW
GetConsoleCP
FindNextChangeNotification
ExitThread
HeapSetInformation
GetCommandLineA
RaiseException
BackupSeek
BackupRead
SetHandleInformation
lstrlenA
DecodePointer
EncodePointer
GetStringTypeW
InterlockedExchange
GlobalFree
LoadLibraryExW
CreatePipe
FlushConsoleInputBuffer
GlobalMemoryStatus
VirtualQueryEx
GetFileSizeEx
CreateMutexA
ExpandEnvironmentStringsA
PeekNamedPipe
GetVersion
AddVectoredExceptionHandler
RemoveVectoredExceptionHandler
SetUnhandledExceptionFilter
SleepEx
GetVolumeNameForVolumeMountPointW
lstrcmpiW
lstrlenW
IsBadWritePtr
GetVolumePathNameW
WaitForMultipleObjectsEx
GetCompressedFileSizeW
IsBadReadPtr
GetStdHandle
WriteConsoleW
SetConsoleMode
GetConsoleMode
CreateDirectoryA
RemoveDirectoryA
GetTimeFormatA
GetDateFormatA
OpenEventW
SetEvent
CreateEventW
WaitForMultipleObjects
ResetEvent
DeleteFileA
AreFileApisANSI
GetTempPathA
GetDiskFreeSpaceA
CreateFileMappingA
LockFileEx
HeapSize
HeapValidate
HeapCreate
GetFileAttributesA
HeapDestroy
FormatMessageA
GetSystemTimeAsFileTime
GetProcessHeap
UnlockFileEx
LockFile
FlushViewOfFile
UnlockFile
InterlockedCompareExchange
HeapFree
HeapAlloc
TryEnterCriticalSection
HeapCompact
CreateFileA
HeapReAlloc
GetFullPathNameA
LockResource
SizeofResource
LoadResource
FindResourceW
VerifyVersionInfoA
UnhandledExceptionFilter
SuspendThread
GetVersionExA
OutputDebugStringA
GetModuleFileNameA
lstrcpyW
LocalAlloc
lstrcmpA
GetDiskFreeSpaceExW
QueryDosDeviceW
Module32NextW
Module32FirstW
CreateRemoteThread
GetComputerNameW
GetThreadLocale
GetShortPathNameW
GetTempFileNameW
SetFileAttributesW
GetDiskFreeSpaceW
SetFilePointer
GetFileSize
WriteProcessMemory
TerminateJobObject
CreateToolhelp32Snapshot
Process32NextW
OpenThread
Process32FirstW
SetLastError
Thread32Next
TerminateProcess
GetExitCodeProcess
AssignProcessToJobObject
Thread32First
CompareStringW
GetUserDefaultLCID
GetCurrentProcessId
LocalFree
GetCommandLineW
GetLocalTime
GetSystemTime
GetConsoleWindow
OutputDebugStringW
WaitForSingleObject
TlsFree
TlsSetValue
GetCurrentThreadId
GetSystemInfo
SwitchToThread
Sleep
SetThreadPriority
GetCurrentThread
TlsAlloc
TerminateThread
TlsGetValue
GetLastError
ResumeThread
GetThreadPriority
CreateThread
DuplicateHandle
GetCurrentProcess
GetProcAddress
VerifyVersionInfoW
GetVersionExW
FormatMessageW
WaitForSingleObjectEx
QueryPerformanceFrequency
GetModuleHandleW
GetTickCount
QueryPerformanceCounter
GetStartupInfoW
GetModuleFileNameW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFileInformationByHandle
SetErrorMode
FindClose
FindFirstFileW
CreateFileW
CreateDirectoryW
RemoveDirectoryW
GetFileAttributesW
CopyFileW
MoveFileW
DeleteFileW
LoadLibraryW
DeviceIoControl
GetFullPathNameW
GetLongPathNameW
GetTempPathW
GetCurrentDirectoryW
GetLogicalDrives
GetFileAttributesExW
GetCurrencyFormatW
GetDateFormatW
GetTimeFormatW
GetLocaleInfoW
GetUserDefaultUILanguage
GetSystemDirectoryW
MultiByteToWideChar
WideCharToMultiByte
FlushFileBuffers
GetFileType
SetFilePointerEx
ReadFile
WriteFile
MoveFileExW
SetEndOfFile
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
GetGeoInfoW
GetUserGeoID
GetTimeZoneInformation
FreeLibrary
FindNextFileW
FindFirstFileExW
OpenProcess
LoadLibraryA
GetModuleHandleA
ExitProcess
GetVolumeInformationW
GetDriveTypeW
ReadProcessMemory
lstrcmpW
IsValidLocale
IsValidLanguageGroup
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GetUserDefaultLangID
ExpandEnvironmentStringsW
CreateProcessW
CheckRemoteDebuggerPresent
InterlockedIncrement
InterlockedDecrement
CreateMutexW
ReleaseMutex
VirtualFree
VirtualAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SystemTimeToFileTime
CompareFileTime
TzSpecificLocalTimeToSystemTime
CreateJobObjectW
GetProcessTimes
CloseHandle

user32

SendMessageA
DrawIconEx
GetIconInfo
ReleaseDC
GetDC
FlashWindowEx
FindWindowA
MessageBoxA
GetProcessWindowStation
GetUserObjectInformationW
ExitWindowsEx
EnumWindows
RealGetWindowClassW
GetWindowTextW
GetCursor
CreateCursor
CreateIconIndirect
SetCursorPos
GetCursorInfo
GetMessageExtraInfo
TrackMouseEvent
EnumDisplayMonitors
GetMonitorInfoW
NotifyWinEvent
LoadCursorW
UnregisterClassW
SetTimer
KillTimer
PeekMessageW
UnhookWindowsHookEx
DestroyWindow
CallNextHookEx
PostMessageW
GetQueueStatus
SetWindowsHookExW
DefWindowProcW
GetWindowLongW
RegisterClassW
SetWindowLongW
CreateWindowExW
DispatchMessageW
TranslateMessage
MsgWaitForMultipleObjectsEx
CharNextExA
MessageBoxW
SystemParametersInfoW
GetSystemMenu
EnableMenuItem
GetSystemMetrics
DestroyIcon
SendMessageW
GetWindowThreadProcessId
RegisterWindowMessageW
GetSysColor
SetWindowRgn
MessageBeep
GetDoubleClickTime
GetCaretBlinkTime
ScreenToClient
GetClientRect
GetKeyboardLayoutList
GetParent
ChildWindowFromPointEx
GetFocus
GetCursorPos
ClientToScreen
RegisterClassExW
LoadImageW
GetClassInfoW
GetSysColorBrush
GetCapture
GetDesktopWindow
GetAncestor
IsWindowVisible
IsChild
GetForegroundWindow
ReleaseCapture
SetCursor
GetAsyncKeyState
InvalidateRect
SetWindowPos
ShowWindow
GetWindowRect
GetWindowPlacement
AdjustWindowRectEx
SetWindowTextW
SetFocus
SetForegroundWindow
SetCapture
EndPaint
BeginPaint
GetUpdateRect
SetParent
MoveWindow
SetWindowPlacement
IsIconic
RegisterClipboardFormatW
GetClipboardFormatNameW
ToUnicode
GetKeyState
TrackPopupMenuEx
SetMenuItemInfoW
IsZoomed
MapVirtualKeyW
GetKeyboardState
GetMenu
ToAscii
LoadIconW
SetCaretPos
DestroyCaret
HideCaret
CreateCaret
ChangeClipboardChain
SetClipboardViewer
DestroyCursor

gdi32

RemoveFontMemResourceEx
GetObjectW
EnumFontFamiliesExW
CreateFontIndirectW
GetFontData
GetStockObject
OffsetRgn
GetDeviceCaps
BitBlt
SelectClipRgn
GetRegionData
CreateCompatibleBitmap
CreateDCW
GetOutlineTextMetricsW
GetGlyphOutlineW
GetTextExtentPoint32W
GdiFlush
SetGraphicsMode
RemoveFontResourceExW
GetCharABCWidthsI
GetCharABCWidthsW
ExtTextOutW
SetTextAlign
SetBkMode
SetTextColor
GetTextFaceW
CreateRectRgn
CombineRgn
CreateCompatibleDC
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
GetDIBits
AddFontResourceExW
GetTextMetricsW
AddFontMemResourceEx
SetPixelFormat
CreateBitmap
ChoosePixelFormat
SwapBuffers
DescribePixelFormat
GetPixelFormat
GetCharABCWidthsFloatW
GetBitmapBits
SetWorldTransform

opengl32

glDepthFunc
glDeleteTextures
glCullFace
glCopyTexSubImage2D
glCopyTexImage2D
glColorMask
glClearStencil
glClearColor
glClear
glBlendFunc
glBindTexture
glDepthMask
glDisable
glDrawArrays
glDrawElements
glEnable
glFinish
glFlush
glFrontFace
glGenTextures
glGetBooleanv
glGetError
glGetFloatv
glGetIntegerv
glGetString
glClearDepth
glDepthRange
glViewport
glTexSubImage2D
glTexParameteriv
glTexParameteri
glGetTexParameterfv
glTexParameterfv
glTexParameterf
glTexImage2D
glStencilOp
glStencilMask
glStencilFunc
glScissor
glGetTexParameteriv
glHint
glIsEnabled
glIsTexture
glLineWidth
glReadPixels
glPolygonOffset
glPixelStorei

ntdll

_aullrem
_CIsqrt
_CIpow
_CIcos
strtol
VerSetConditionMask
_aulldvrm
strncpy
_allrem
floor
ceil
strrchr
strchr
strncmp
_alldiv
memset
_chkstk
_aulldiv
_allmul
memmove
memcpy
isgraph
wcsncmp
wcsrchr
_CIlog
sscanf
memchr
_aullshr
isdigit
strstr
_snprintf
bsearch
strtoul
qsort
_wcsicmp
tolower
_wtoi64
strcspn
isalnum
wcsstr
NtQueryKey
NtOpenKey
NtDeleteValueKey
NtSetValueKey
NtDeleteKey
_vsnprintf
isxdigit
islower
isupper
_stricmp
_allshr
_atoi64
isprint
NtQueryVirtualMemory
atoi
strspn
_strnicmp
strcmp
strpbrk
isalpha
NtUnloadDriver
_allshl
RtlInitUnicodeString
wcstombs
NtLoadDriver
NtQuerySystemInformation
strlen
memcmp
sprintf
toupper
isspace
_CIsin
_vsnwprintf
RtlUnwind

advapi32

InitializeSecurityDescriptor
LookupPrivilegeValueW
InitializeAcl
AllocateAndInitializeSid
SetSecurityDescriptorOwner
SetEntriesInAclW
IsValidSecurityDescriptor
CheckTokenMembership
AdjustTokenPrivileges
LookupPrivilegeValueA
RegLoadKeyW
RegUnLoadKeyW
GetUserNameW
GetExplicitEntriesFromAclW
RegSetValueExW
RegisterEventSourceA
ReportEventA
DeregisterEventSource
CryptGenRandom
QueryServiceConfigW
EnumServicesStatusW
QueryServiceStatus
ChangeServiceConfig2W
QueryServiceConfig2W
EnumDependentServicesW
ControlService
StartServiceW
OpenServiceW
OpenSCManagerW
DeleteService
CloseServiceHandle
CreateServiceW
ConvertSidToStringSidW
GetInheritanceSourceW
RegSetKeySecurity
IsValidSid
GetNamedSecurityInfoW
RegGetKeySecurity
SetNamedSecurityInfoW
ConvertStringSidToSidW
FreeInheritedFromArray
RegDeleteValueW
RegDeleteKeyW
RegEnumValueW
RegFlushKey
RegCreateKeyExW
RegQueryInfoKeyW
RegEnumKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
SetSecurityDescriptorDacl
OpenProcessToken
GetTokenInformation
GetLengthSid
CopySid
FreeSid

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

wsock32

listen
accept
recvfrom
sendto
gethostbyname
connect
socket
closesocket
getpeername
getsockopt
htons
inet_ntoa
ntohs
inet_addr
ntohl
htonl
getsockname
setsockopt
send
recv
select
WSAGetLastError
__WSAFDIsSet
gethostname
bind
WSASetLastError
WSAStartup
WSACleanup
WSAAsyncSelect
shutdown

crypt32

CertCloseStore
CertFindCertificateInStore
CertFreeCertificateContext
CertGetNameStringW
CryptQueryObject
CertNameToStrW
CryptDecodeObject
CryptMsgClose
CryptMsgGetParam

wintrust

CryptCATCatalogInfoFromContext
CryptCATAdminEnumCatalogFromHash
CryptCATAdminReleaseContext
CryptCATAdminCalcHashFromFileHandle
WinVerifyTrust
CryptCATAdminAcquireContext
CryptCATAdminReleaseCatalogContext

wininet

InternetCrackUrlW
InternetGetConnectedState

psapi

GetProcessImageFileNameW
GetModuleFileNameExW
GetMappedFileNameW
GetModuleBaseNameW

userenv

GetProfilesDirectoryW

winhttp

WinHttpReceiveResponse
WinHttpSetOption
WinHttpSendRequest
WinHttpConnect
WinHttpOpenRequest
WinHttpReadData
WinHttpCloseHandle
WinHttpQueryHeaders
WinHttpQueryDataAvailable
WinHttpOpen

shlwapi

PathCanonicalizeW
PathAddBackslashW
PathGetDriveNumberW
PathRemoveBlanksW
PathFileExistsW
PathIsRootW
PathAppendW
PathCommonPrefixW
PathUnquoteSpacesW
PathQuoteSpacesW
PathRemoveArgsW
PathMakePrettyW
StrCmpIW
StrDupW
StrCmpNIW
PathFindFileNameW
PathIsRelativeW
PathGetArgsW
PathFindExtensionW
PathIsDirectoryW
PathUnExpandEnvStringsW
PathIsPrefixW
PathRemoveExtensionW
PathIsNetworkPathW
AssocQueryStringW
PathSearchAndQualifyW

shell32

SHGetSpecialFolderPathW
Shell_NotifyIconW
ShellExecuteW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetMalloc
SHBrowseForFolderW
ShellExecuteExW
SHGetFolderPathW
CommandLineToArgvW

ole32

CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket
CoTaskMemAlloc
CoGetMalloc
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
OleGetClipboard
ReleaseStgMedium
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance
CoInitialize
CoUninitialize
CoCreateGuid

ws2_32

WSAIoctl

oleaut32

VariantClear
SystemTimeToVariantTime
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocString

imm32

ImmAssociateContext
ImmGetCompositionStringW
ImmGetDefaultIMEWnd
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetVirtualKey
ImmGetContext
ImmNotifyIME
ImmReleaseContext

winmm

PlaySoundW

Exports

Exports

ud_decode
ud_disassemble
ud_get_user_opaque_data
ud_init
ud_input_end
ud_input_skip
ud_insn_asm
ud_insn_hex
ud_insn_len
ud_insn_mnemonic
ud_insn_off
ud_insn_opr
ud_insn_ptr
ud_lookup_mnemonic
ud_opr_is_gpr
ud_opr_is_sreg
ud_set_asm_buffer
ud_set_input_buffer
ud_set_input_file
ud_set_input_hook
ud_set_mode
ud_set_pc
ud_set_sym_resolver
ud_set_syntax
ud_set_user_opaque_data
ud_set_vendor
ud_translate_intel
yr_compiler_add_file
yr_compiler_add_string
yr_compiler_create
yr_compiler_define_boolean_variable
yr_compiler_define_float_variable
yr_compiler_define_integer_variable
yr_compiler_define_string_variable
yr_compiler_destroy
yr_compiler_get_current_file_name
yr_compiler_get_error_message
yr_compiler_get_rules
yr_compiler_set_callback
yr_filemap_map
yr_filemap_map_ex
yr_filemap_map_fd
yr_filemap_unmap
yr_filemap_unmap_fd
yr_finalize
yr_finalize_thread
yr_get_configuration
yr_get_tidx
yr_hash_table_add
yr_hash_table_add_raw_key
yr_hash_table_clean
yr_hash_table_create
yr_hash_table_destroy
yr_hash_table_lookup
yr_hash_table_lookup_raw_key
yr_initialize
yr_object_print_data
yr_rules_define_boolean_variable
yr_rules_define_float_variable
yr_rules_define_integer_variable
yr_rules_define_string_variable
yr_rules_destroy
yr_rules_load
yr_rules_load_stream
yr_rules_save
yr_rules_save_stream
yr_rules_scan_fd
yr_rules_scan_file
yr_rules_scan_mem
yr_rules_scan_mem_blocks
yr_rules_scan_proc
yr_set_configuration
yr_set_tidx
z_adler32
z_adler32_combine
z_adler32_combine64
z_compress
z_compress2
z_compressBound
z_crc32
z_crc32_combine
z_crc32_combine64
z_deflate
z_deflateBound
z_deflateCopy
z_deflateEnd
z_deflateInit2_
z_deflateInit_
z_deflateParams
z_deflatePrime
z_deflateReset
z_deflateSetDictionary
z_deflateSetHeader
z_deflateTune
z_get_crc_table
z_inflate
z_inflateCopy
z_inflateEnd
z_inflateGetHeader
z_inflateInit2_
z_inflateInit_
z_inflateMark
z_inflatePrime
z_inflateReset
z_inflateReset2
z_inflateSetDictionary
z_inflateSync
z_inflateSyncPoint
z_inflateUndermine
z_uncompress
z_zError
z_zlibCompileFlags
z_zlibVersion

Sections

.text
Size: 10.3MB - Virtual size: 10.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 305KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 541KB - Virtual size: 541KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

c96935a11cbf9ec5f0c37ed1259b8d4e

Code Sign

07:30:c2:48:97:78:13:c2:5b:b2:25:68:b5:1e:d2:87Certificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate

Extended Key Usages

Key Usages

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate

Extended Key Usages

Key Usages

49:34:f3:fc:f0:d8:73:1d:29:7d:5d:52:0f:d7:64:a1:12:1f:01:61Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

opengl32

ntdll

advapi32

version

wsock32

crypt32

wintrust

wininet

psapi

userenv

winhttp

shlwapi

shell32

ole32

ws2_32

oleaut32

imm32

winmm

Exports

Exports

Sections

.text Size: 10.3MB - Virtual size: 10.3MB

.rdata Size: 4.4MB - Virtual size: 4.4MB

.data Size: 305KB - Virtual size: 354KB

.qtmetad Size: 512B - Virtual size: 272B

.rsrc Size: 4.4MB - Virtual size: 4.4MB

.reloc Size: 541KB - Virtual size: 541KB

07:30:c2:48:97:78:13:c2:5b:b2:25:68:b5:1e:d2:87
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

49:34:f3:fc:f0:d8:73:1d:29:7d:5d:52:0f:d7:64:a1:12:1f:01:61
Signer

.text
Size: 10.3MB - Virtual size: 10.3MB

.rdata
Size: 4.4MB - Virtual size: 4.4MB

.data
Size: 305KB - Virtual size: 354KB

.qtmetad
Size: 512B - Virtual size: 272B

.rsrc
Size: 4.4MB - Virtual size: 4.4MB

.reloc
Size: 541KB - Virtual size: 541KB