CPLApplet_V2_Fully_Unpacked[.]7z

Sharing

Copy URL

Twitter E-mail

General

Target

CPLApplet_V2_Fully_Unpacked.7z
Size

8.6MB
MD5

33ed0762ce6d793067c17cf0fa97e921
SHA1

617c09786533ff7587489a08484e72a3366aa548
SHA256

883edab53e0a82eb74c2442be70fee92d29078da0f1bd3052c60bc5faee14ad8
SHA512

e628cb08603852b83fcc8199c96917ba79e2f6efa319843bbd58ed0418dcd399c9e5291c5b30c83bfbd38dd9b46acef407de57ef60defa1af22ce8edef31a0d4
SSDEEP

196608:Ah2y2uaxGGvOvuh+x9xH43OlMlk49zqC0CFquMsV6WCemt:A0y2qvuhs9EOSlk4tqZCFqu5V6Wet

Score

3^/10

Malware Config

Signatures

Unsigned PE 29 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CPLApplet.dll
unpack001/Hidden CPLApplet Builder_Slayed_dotkill-cleaned.exe
unpack001/Stub/CPLApplet.dll
unpack001/Stub/CPLApplet/CPLApplet.dll
unpack001/Stub/Offline/CPLApplet.dll
unpack001/Stub/SDKs/1033/CPLApplet.dll
unpack001/Stub/SDKs/CPLApplet.dll
unpack001/Stub/SDKs/x64/1033/CPLApplet.dll
unpack001/Stub/SDKs/x64/CPLApplet.dll
unpack001/Stub/packages/DllExport.1.5.2/CPLApplet.dll
unpack001/Stub/packages/DllExport.1.5.2/lib/CPLApplet.dll
unpack001/Stub/packages/DllExport.1.5.2/lib/net20/CPLApplet.dll
unpack001/Stub/packages/DllExport.1.5.2/lib/net20/DllExport.dll
unpack001/Stub/packages/DllExport.1.5.2/lib/net20/DllExport.dll.raw
unpack001/Stub/packages/DllExport.1.5.2/tools/CPLApplet.dll
unpack001/Stub/packages/DllExport.1.5.2/tools/Microsoft.Management.Infrastructure.dll
unpack001/Stub/packages/DllExport.1.5.2/tools/Mono.Cecil.dll
unpack001/Stub/packages/DllExport.1.5.2/tools/NSBin.dll
unpack001/Stub/packages/DllExport.1.5.2/tools/RGiesecke.DllExport.MSBuild.dll
unpack001/Stub/packages/DllExport.1.5.2/tools/RGiesecke.DllExport.dll
unpack001/Stub/packages/DllExport.1.5.2/tools/System.Management.Automation.dll
unpack001/Stub/packages/DllExport.1.5.2/tools/coreclr/CPLApplet.dll
unpack001/Stub/packages/DllExport.1.5.2/tools/coreclr/coreclr.dll
unpack001/Stub/packages/DllExport.1.5.2/tools/coreclr/ilasm.exe
unpack001/Stub/packages/DllExport.1.5.2/tools/coreclr/ildasm.exe
unpack001/Stub/packages/DllExport.1.5.2/tools/coreclr/ildasmrc.dll
unpack001/Stub/packages/DllExport.1.5.2/tools/coreclr/mscordaccore.dll
unpack001/Stub/packages/DllExport.1.5.2/tools/coreclr/mscordbi.dll
unpack001/Stub/packages/DllExport.1.5.2/tools/net.r_eg.DllExport.Configurator.dll

Files

CPLApplet_V2_Fully_Unpacked.7z
.7z

Password: @REStunexPrivateTools
CPLApplet.dll
.dll windows:4 windows x86

Password: @REStunexPrivateTools

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Hidden CPLApplet Builder_Slayed_dotkill-cleaned.exe
.exe windows:4 windows x86

Password: @REStunexPrivateTools

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 201KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/CPLApplet.dll
.dll windows:4 windows x86

Password: @REStunexPrivateTools

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/CPLApplet/Analysis.vb
.vbs
Stub/CPLApplet/Application.Designer.vb
Stub/CPLApplet/Application.myapp
Stub/CPLApplet/AssemblyInfo.vb.backup
Stub/CPLApplet/CPLApplet.dll
.dll windows:4 windows x86

Password: @REStunexPrivateTools

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/CPLApplet/CPLApplet.vbproj.backup
Stub/CPLApplet/Resources.Designer.vb
.vbs
Stub/CPLApplet/Resources.resx
.vbs
Stub/CPLApplet/Settings.Designer.vb
.vbs
Stub/CPLApplet/Settings.settings
Stub/CPLApplet/Settings.vb.backup
Stub/CPLApplet/Test.vb
.vbs
Stub/CPLApplet/packages.config
Stub/Offline/Analysis.vb
.vbs
Stub/Offline/Application.Designer.vb
Stub/Offline/Application.myapp
Stub/Offline/AssemblyInfo.vb.backup
Stub/Offline/CPLApplet.dll
.dll windows:4 windows x86

Password: @REStunexPrivateTools

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/Offline/CPLApplet.vbproj.backup
Stub/Offline/Resources.Designer.vb
.vbs
Stub/Offline/Resources.resx
.vbs
Stub/Offline/Settings.Designer.vb
.vbs
Stub/Offline/Settings.settings
Stub/Offline/Settings.vb.backup
Stub/Offline/Test.vb
.vbs
Stub/Offline/packages.config
Stub/SDKs/1033/CPLApplet.dll
.dll windows:4 windows x86

Password: @REStunexPrivateTools

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/1033/IlDasmrc.dll
.dll windows:6 windows x86

Password: @REStunexPrivateTools

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:7f:96:15:84:51:82:1c:e8:fb:2b:8b:d0:dd:67:9d:f6:4b:70:61:cd:32:1d:9c:0e:c5:0d:ab:11:a1:54:49
Signer

Actual PE Digest

62:7f:96:15:84:51:82:1c:e8:fb:2b:8b:d0:dd:67:9d:f6:4b:70:61:cd:32:1d:9c:0e:c5:0d:ab:11:a1:54:49

Digest Algorithm

sha256

PE Digest Matches

true

e9:a3:98:5d:06:ad:23:6e:72:0e:70:76:14:71:64:b4:51:60:39:73
Signer

Actual PE Digest

e9:a3:98:5d:06:ad:23:6e:72:0e:70:76:14:71:64:b4:51:60:39:73

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Stub/SDKs/1033/TrackerUI.dll
.dll windows:6 windows x86

Password: @REStunexPrivateTools

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

75:a4:4c:39:91:61:a6:9b:d9:69:62:6a:bf:4a:40:22:8a:46:43:c3:4a:3d:6c:a7:70:86:f1:65:3d:6c:bc:de
Signer

Actual PE Digest

75:a4:4c:39:91:61:a6:9b:d9:69:62:6a:bf:4a:40:22:8a:46:43:c3:4a:3d:6c:a7:70:86:f1:65:3d:6c:bc:de

Digest Algorithm

sha256

PE Digest Matches

true

9b:bf:6c:80:5c:0e:5b:6f:b1:11:6b:50:98:fa:d6:ea:46:0a:82:a0
Signer

Actual PE Digest

9b:bf:6c:80:5c:0e:5b:6f:b1:11:6b:50:98:fa:d6:ea:46:0a:82:a0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Stub/SDKs/1033/flogvwrc.dll
.dll windows:6 windows x86

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ed:b2:11:ae:df:b0:3b:c1:e7:2d:4b:d0:bf:cc:f1:03:17:76:b6:7c:2c:22:de:4f:a4:ab:5a:5c:43:da:f3:39
Signer

Actual PE Digest

ed:b2:11:ae:df:b0:3b:c1:e7:2d:4b:d0:bf:cc:f1:03:17:76:b6:7c:2c:22:de:4f:a4:ab:5a:5c:43:da:f3:39

Digest Algorithm

sha256

PE Digest Matches

true

8c:84:84:57:47:7e:36:ef:a2:51:19:b5:5b:f4:f0:41:82:e0:bd:db
Signer

Actual PE Digest

8c:84:84:57:47:7e:36:ef:a2:51:19:b5:5b:f4:f0:41:82:e0:bd:db

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Stub/SDKs/1033/gacutlrc.dll
.dll windows:6 windows x86

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:92:4a:00:00:00:00:00:20
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

10:80:4d:59:0a:6a:6e:82:a3:ce:4b:53:06:9b:fe:ca:a2:6b:7b:15:fb:75:14:dc:da:a1:7c:d2:17:af:b2:a6
Signer

Actual PE Digest

10:80:4d:59:0a:6a:6e:82:a3:ce:4b:53:06:9b:fe:ca:a2:6b:7b:15:fb:75:14:dc:da:a1:7c:d2:17:af:b2:a6

Digest Algorithm

sha256

PE Digest Matches

true

4a:19:2a:59:9a:1e:53:e4:0a:17:1e:85:90:0f:cb:8f:a1:7d:fb:9c
Signer

Actual PE Digest

4a:19:2a:59:9a:1e:53:e4:0a:17:1e:85:90:0f:cb:8f:a1:7d:fb:9c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Stub/SDKs/1033/pevrfyrc.dll
.dll windows:6 windows x86

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a3:04:26:58:be:74:d3:e5:e0:85:55:82:9f:f0:cc:f0:84:ca:27:71:c5:e5:3a:f8:d3:2c:00:50:11:d9:01:dc
Signer

Actual PE Digest

a3:04:26:58:be:74:d3:e5:e0:85:55:82:9f:f0:cc:f0:84:ca:27:71:c5:e5:3a:f8:d3:2c:00:50:11:d9:01:dc

Digest Algorithm

sha256

PE Digest Matches

true

f7:89:1d:50:84:1e:f9:db:57:d4:7e:c6:08:47:58:6d:55:88:b0:87
Signer

Actual PE Digest

f7:89:1d:50:84:1e:f9:db:57:d4:7e:c6:08:47:58:6d:55:88:b0:87

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Stub/SDKs/1033/snrc.dll
.dll windows:6 windows x86

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:92:4a:00:00:00:00:00:20
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:26:cf:de:54:42:bd:b3:08:27:64:97:65:0c:b9:c4:4c:ca:c1:1b:b9:a8:59:5a:30:50:b4:30:7c:a0:6d:39
Signer

Actual PE Digest

2b:26:cf:de:54:42:bd:b3:08:27:64:97:65:0c:b9:c4:4c:ca:c1:1b:b9:a8:59:5a:30:50:b4:30:7c:a0:6d:39

Digest Algorithm

sha256

PE Digest Matches

true

7e:28:f6:48:5e:33:a2:ff:4d:ca:6a:43:87:0f:b4:14:d5:57:31:d1
Signer

Actual PE Digest

7e:28:f6:48:5e:33:a2:ff:4d:ca:6a:43:87:0f:b4:14:d5:57:31:d1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Stub/SDKs/AxImp.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

65:5f:2c:29:66:5e:7e:87:90:03:83:81:24:e1:99:b7:6e:0f:30:60:a0:c2:0b:1c:dd:ac:1b:b5:fe:c1:fc:60
Signer

Actual PE Digest

65:5f:2c:29:66:5e:7e:87:90:03:83:81:24:e1:99:b7:6e:0f:30:60:a0:c2:0b:1c:dd:ac:1b:b5:fe:c1:fc:60

Digest Algorithm

sha256

PE Digest Matches

true

eb:db:70:79:76:d0:4a:15:05:b2:fa:8f:3b:29:58:12:a7:8c:7d:bd
Signer

Actual PE Digest

eb:db:70:79:76:d0:4a:15:05:b2:fa:8f:3b:29:58:12:a7:8c:7d:bd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/CPLApplet.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/CorFlags.exe
.exe windows:6 windows x86

fb1db825db945cf1996cb2b13e56c7f9

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c3:f2:08:90:37:a3:df:da:8f:33:d5:65:a7:15:d7:45:ed:75:48:ea:f9:a1:02:1e:84:23:41:a6:0a:1c:97:07
Signer

Actual PE Digest

c3:f2:08:90:37:a3:df:da:8f:33:d5:65:a7:15:d7:45:ed:75:48:ea:f9:a1:02:1e:84:23:41:a6:0a:1c:97:07

Digest Algorithm

sha256

PE Digest Matches

true

73:22:80:4c:b6:8e:7d:a2:d3:ce:b1:9d:6b:60:1a:70:ae:c9:12:19
Signer

Actual PE Digest

73:22:80:4c:b6:8e:7d:a2:d3:ce:b1:9d:6b:60:1a:70:ae:c9:12:19

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleMode
LoadLibraryW
RtlUnwind
HeapReAlloc
SetFilePointerEx
SetStdHandle
GetProcAddress
GetModuleHandleW
GetVersion
CloseHandle
HeapSetInformation
GetModuleHandleA
CreateFileMappingW
CreateFileW
UnmapViewOfFile
MapViewOfFile
GetFileSize
GetEnvironmentVariableW
FreeLibrary
LoadLibraryExW
GetCurrentProcess
GetModuleFileNameW
MultiByteToWideChar
GetLastError
RaiseException
GetCPInfo
WideCharToMultiByte
FormatMessageW
GetACP
LocalFree
TlsGetValue
SetLastError
GetSystemTimeAsFileTime
GetCurrentThreadId
GetEnvironmentStringsW
lstrlenW
FreeEnvironmentStringsW
TerminateProcess
CreateMutexW
VirtualQuery
HeapAlloc
HeapFree
SetEvent
SleepEx
WaitForSingleObjectEx
VirtualFree
GetProcessHeap
InitializeCriticalSection
TlsSetValue
HeapDestroy
LeaveCriticalSection
HeapCreate
HeapValidate
ReleaseSemaphore
VirtualAlloc
EnterCriticalSection
ResetEvent
CreateSemaphoreW
CreateEventW
VirtualProtect
DeleteCriticalSection
ReleaseMutex
TlsAlloc
TlsFree
OutputDebugStringW
IsDebuggerPresent
EncodePointer
DecodePointer
GetCommandLineW
IsProcessorFeaturePresent
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
InterlockedIncrement
InterlockedDecrement
ExitProcess
GetModuleHandleExW
GetStdHandle
WriteFile
GetFileType
InitializeCriticalSectionAndSpinCount
InitOnceExecuteOnce
GetStartupInfoW
QueryPerformanceCounter
GetTickCount64
IsValidCodePage
GetOEMCP
LCMapStringEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapSize
Sleep
GetStringTypeW
FlushFileBuffers
GetConsoleCP
WriteConsoleW

mscoree

GetRequestedRuntimeInfo

user32

LoadStringW

oleaut32

SetErrorInfo

advapi32

RegOpenKeyExW
EventWrite
RegCloseKey
RegQueryValueExW

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/FUSLOGVW.exe
.exe windows:6 windows x86

ed217f59b96438ffdaf4447d2e2f667a

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:7d:c7:33:db:cc:91:6d:53:e9:01:ee:a2:95:5d:95:82:60:df:ab:03:f8:22:60:60:7c:c7:c4:49:06:50:20
Signer

Actual PE Digest

33:7d:c7:33:db:cc:91:6d:53:e9:01:ee:a2:95:5d:95:82:60:df:ab:03:f8:22:60:60:7c:c7:c4:49:06:50:20

Digest Algorithm

sha256

PE Digest Matches

true

8f:11:10:34:43:cb:29:75:a7:35:d3:98:c0:ff:84:f2:ed:d1:11:44
Signer

Actual PE Digest

8f:11:10:34:43:cb:29:75:a7:35:d3:98:c0:ff:84:f2:ed:d1:11:44

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
RegDeleteValueW
SetEntriesInAclW
RegCloseKey
RegSetValueExW
EventWrite
RegOpenKeyExW

kernel32

IsDebuggerPresent
FindNextFileW
FileTimeToLocalFileTime
DeleteFileW
DebugBreak
LocalFree
GetVersion
WriteConsoleW
SetFilePointerEx
SetStdHandle
HeapReAlloc
RtlUnwind
LoadLibraryW
LCMapStringEx
HeapSetInformation
HeapSize
GetOEMCP
IsValidCodePage
GetConsoleMode
GetConsoleCP
FlushFileBuffers
Sleep
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTickCount64
QueryPerformanceCounter
GetModuleFileNameA
GetStartupInfoW
InitOnceExecuteOnce
InitializeCriticalSectionAndSpinCount
GetFileType
WriteFile
GetStdHandle
GetModuleHandleExW
ExitProcess
InterlockedDecrement
RemoveDirectoryW
FindClose
GetProcAddress
SetLastError
lstrlenW
FileTimeToSystemTime
GetFileAttributesW
GetTimeFormatW
GetModuleHandleW
OutputDebugStringW
GetCurrentProcess
LoadLibraryExW
FreeLibrary
FindFirstFileW
GetDateFormatW
GetStringTypeW
GetEnvironmentVariableW
GetSystemDirectoryW
GetModuleFileNameW
CreateFileW
MultiByteToWideChar
GetLastError
CloseHandle
GetLocaleInfoW
GetConsoleOutputCP
GetUserDefaultUILanguage
TlsGetValue
GetEnvironmentStringsW
FreeEnvironmentStringsW
RaiseException
WideCharToMultiByte
GetCPInfo
FormatMessageW
GetACP
GetSystemTimeAsFileTime
GetCurrentThreadId
TerminateProcess
GetEnvironmentVariableA
CreateMutexW
VirtualQuery
HeapAlloc
HeapFree
SetEvent
SleepEx
WaitForSingleObjectEx
VirtualFree
GetProcessHeap
InitializeCriticalSection
TlsSetValue
HeapDestroy
LeaveCriticalSection
HeapCreate
HeapValidate
ReleaseSemaphore
VirtualAlloc
EnterCriticalSection
ResetEvent
CreateSemaphoreW
CreateEventW
VirtualProtect
DeleteCriticalSection
ReleaseMutex
TlsAlloc
TlsFree
EncodePointer
DecodePointer
GetCommandLineA
IsProcessorFeaturePresent
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
InterlockedIncrement

mscoree

GetRequestedRuntimeInfo

shlwapi

PathRemoveBackslashW
StrCmpW
StrStrIW
PathFindFileNameW
StrStrW

shell32

ShellExecuteExW

wininet

DeleteUrlCacheEntryW
FindNextUrlCacheEntryW
GetUrlCacheEntryInfoW
FindFirstUrlCacheEntryW
FindCloseUrlCache

oleaut32

SetErrorInfo

user32

ShowWindow
GetSystemMetrics
SetDlgItemTextW
SendMessageW
LoadStringW
MoveWindow
EndDialog
GetDlgItem
SetFocus
DialogBoxParamW
SetForegroundWindow
GetWindowRect
EnableWindow

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/IlDasm.chm
.chm
Stub/SDKs/MSBuildTaskHost.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d4:ec:45:a2:7b:ef:01:8f:1f:92:e7:e8:f1:fe:54:45:ee:ba:ca:7b:92:0b:a7:9c:22:bc:3b:d9:82:f7:fd:46
Signer

Actual PE Digest

d4:ec:45:a2:7b:ef:01:8f:1f:92:e7:e8:f1:fe:54:45:ee:ba:ca:7b:92:0b:a7:9c:22:bc:3b:d9:82:f7:fd:46

Digest Algorithm

sha256

PE Digest Matches

true

64:9a:87:0d:99:97:26:25:20:fe:b0:5a:0f:e0:48:a7:a4:f5:fa:81
Signer

Actual PE Digest

64:9a:87:0d:99:97:26:25:20:fe:b0:5a:0f:e0:48:a7:a4:f5:fa:81

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/MSBuildTaskHost.exe.config
.xml
Stub/SDKs/PEVerify.exe
.exe windows:6 windows x86

cf2381f1ac623f10a51e0b293248761f

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9d:ec:83:c4:fb:10:13:77:74:06:43:df:c2:15:39:f7:6d:60:7f:45:32:8a:f9:9d:23:86:aa:51:e8:09:0e:1b
Signer

Actual PE Digest

9d:ec:83:c4:fb:10:13:77:74:06:43:df:c2:15:39:f7:6d:60:7f:45:32:8a:f9:9d:23:86:aa:51:e8:09:0e:1b

Digest Algorithm

sha256

PE Digest Matches

true

47:f7:f4:51:34:16:a9:ec:4a:49:9c:86:34:ef:a7:57:37:77:c9:87
Signer

Actual PE Digest

47:f7:f4:51:34:16:a9:ec:4a:49:9c:86:34:ef:a7:57:37:77:c9:87

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSetInformation
GetModuleHandleW
SetEndOfFile
ReadConsoleW
ReadFile
GetVersion
WriteConsoleW
SetStdHandle
HeapReAlloc
SetFilePointerEx
LoadLibraryW
LCMapStringEx
GetStringTypeW
GetFullPathNameW
MapViewOfFile
CreateFileMappingW
CreateFileW
lstrlenW
FormatMessageW
WriteFile
GetStdHandle
WideCharToMultiByte
GetConsoleOutputCP
SwitchToThread
GetTickCount
GetLastError
GetFileSize
UnmapViewOfFile
CloseHandle
FreeLibrary
GetProcAddress
LoadLibraryExW
TlsGetValue
SetLastError
GetCPInfo
GetACP
MultiByteToWideChar
LocalFree
GetSystemTimeAsFileTime
GetCurrentThreadId
RaiseException
GetEnvironmentVariableW
FindFirstFileW
GetCurrentProcess
GetModuleFileNameW
FindClose
GetLocaleInfoW
GetFileAttributesW
FindNextFileW
GetUserDefaultUILanguage
CreateMutexW
VirtualQuery
HeapAlloc
HeapFree
SetEvent
SleepEx
WaitForSingleObjectEx
VirtualFree
GetProcessHeap
InitializeCriticalSection
TlsSetValue
HeapDestroy
LeaveCriticalSection
HeapCreate
HeapValidate
ReleaseSemaphore
VirtualAlloc
EnterCriticalSection
ResetEvent
CreateSemaphoreW
CreateEventW
VirtualProtect
DeleteCriticalSection
ReleaseMutex
TlsAlloc
TlsFree
GetEnvironmentStringsW
FreeEnvironmentStringsW
TerminateProcess
GetEnvironmentVariableA
OutputDebugStringW
IsDebuggerPresent
EncodePointer
DecodePointer
GetCommandLineW
IsProcessorFeaturePresent
InterlockedDecrement
ExitProcess
GetModuleHandleExW
AreFileApisANSI
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
InterlockedIncrement
GetFileType
InitializeCriticalSectionAndSpinCount
InitOnceExecuteOnce
GetStartupInfoW
QueryPerformanceCounter
GetTickCount64
Sleep
FlushFileBuffers
GetConsoleCP
GetConsoleMode
HeapSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlUnwind
IsValidCodePage
GetOEMCP

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

SetErrorInfo

user32

LoadStringW

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
EventWrite

mscoree

GetRequestedRuntimeInfo

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/PEVerify.exe.config
.xml
Stub/SDKs/ResGen.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

20:cd:af:26:3a:2a:c7:e7:db:02:b1:42:75:d3:b7:98:73:a0:60:0f:91:6e:0e:ae:1d:90:9e:3c:95:c0:01:ae
Signer

Actual PE Digest

20:cd:af:26:3a:2a:c7:e7:db:02:b1:42:75:d3:b7:98:73:a0:60:0f:91:6e:0e:ae:1d:90:9e:3c:95:c0:01:ae

Digest Algorithm

sha256

PE Digest Matches

true

3c:09:2a:c7:8f:af:2a:d2:ef:03:36:40:af:0e:50:68:14:ed:0c:4c
Signer

Actual PE Digest

3c:09:2a:c7:8f:af:2a:d2:ef:03:36:40:af:0e:50:68:14:ed:0c:4c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/SecAnnotate.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a4:e5:35:9c:0c:12:23:7b:9f:e2:21:b0:e4:85:82:ff:7e:fe:04:ae:e0:51:23:4a:44:0b:7d:b3:c7:ec:e4:87
Signer

Actual PE Digest

a4:e5:35:9c:0c:12:23:7b:9f:e2:21:b0:e4:85:82:ff:7e:fe:04:ae:e0:51:23:4a:44:0b:7d:b3:c7:ec:e4:87

Digest Algorithm

sha256

PE Digest Matches

true

d1:18:4b:65:bf:29:8f:30:c9:53:2d:6d:52:c7:65:0a:fe:98:da:87
Signer

Actual PE Digest

d1:18:4b:65:bf:29:8f:30:c9:53:2d:6d:52:c7:65:0a:fe:98:da:87

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/SqlMetal.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c5:68:a2:45:3c:fb:fe:46:10:f1:27:55:19:8f:ef:76:2e:7a:15:d1:70:4d:15:07:e6:e2:ee:c2:45:74:61:28
Signer

Actual PE Digest

c5:68:a2:45:3c:fb:fe:46:10:f1:27:55:19:8f:ef:76:2e:7a:15:d1:70:4d:15:07:e6:e2:ee:c2:45:74:61:28

Digest Algorithm

sha256

PE Digest Matches

true

3a:e6:b4:8a:be:90:12:18:02:cc:54:03:2a:dc:31:8e:d6:ed:8f:d5
Signer

Actual PE Digest

3a:e6:b4:8a:be:90:12:18:02:cc:54:03:2a:dc:31:8e:d6:ed:8f:d5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/SqlMetal.exe.config
Stub/SDKs/StoreAdm.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5e:7b:62:7c:0c:8b:98:7b:d2:8d:d1:62:cb:eb:14:33:bb:f6:54:50:dd:60:81:e1:fb:13:fc:77:66:b9:b1:19
Signer

Actual PE Digest

5e:7b:62:7c:0c:8b:98:7b:d2:8d:d1:62:cb:eb:14:33:bb:f6:54:50:dd:60:81:e1:fb:13:fc:77:66:b9:b1:19

Digest Algorithm

sha256

PE Digest Matches

true

81:da:1a:9a:5a:ff:8f:db:6a:53:d9:ba:4f:37:b5:83:2b:8d:bc:50
Signer

Actual PE Digest

81:da:1a:9a:5a:ff:8f:db:6a:53:d9:ba:4f:37:b5:83:2b:8d:bc:50

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/SvcConfigEditor.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:2d:c6:8e:51:0c:1c:58:64:aa:82:84:1e:ea:38:b2:f8:85:0a:58:6e:a6:c0:4b:07:9a:2c:14:b4:75:62:4e
Signer

Actual PE Digest

03:2d:c6:8e:51:0c:1c:58:64:aa:82:84:1e:ea:38:b2:f8:85:0a:58:6e:a6:c0:4b:07:9a:2c:14:b4:75:62:4e

Digest Algorithm

sha256

PE Digest Matches

true

19:87:54:4d:f4:f2:12:3c:b7:a0:03:ae:da:06:ad:06:41:26:90:7a
Signer

Actual PE Digest

19:87:54:4d:f4:f2:12:3c:b7:a0:03:ae:da:06:ad:06:41:26:90:7a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/SvcConfigEditor_4.0.chm
.chm
Stub/SDKs/SvcTraceViewer.chm
.chm
Stub/SDKs/SvcTraceViewer.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

96:7c:05:d9:69:03:77:41:3c:67:51:8b:53:c2:3e:68:63:63:6f:d6:4a:ec:a7:2f:b6:af:7f:89:ff:65:f6:a3
Signer

Actual PE Digest

96:7c:05:d9:69:03:77:41:3c:67:51:8b:53:c2:3e:68:63:63:6f:d6:4a:ec:a7:2f:b6:af:7f:89:ff:65:f6:a3

Digest Algorithm

sha256

PE Digest Matches

true

05:b2:92:6f:1e:08:f1:08:20:96:74:22:49:cc:59:e8:9d:7f:86:c5
Signer

Actual PE Digest

05:b2:92:6f:1e:08:f1:08:20:96:74:22:49:cc:59:e8:9d:7f:86:c5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 654KB - Virtual size: 654KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/SvcUtil.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9c:3b:47:3e:2e:6b:cd:9d:09:54:e8:2e:a2:2a:5c:90:24:c7:f6:1d:7e:0e:d3:ca:31:60:3e:76:e2:fe:63:67
Signer

Actual PE Digest

9c:3b:47:3e:2e:6b:cd:9d:09:54:e8:2e:a2:2a:5c:90:24:c7:f6:1d:7e:0e:d3:ca:31:60:3e:76:e2:fe:63:67

Digest Algorithm

sha256

PE Digest Matches

true

cc:37:f1:ee:1b:a3:37:8d:09:ef:e5:6e:1d:ae:92:32:c8:43:15:85
Signer

Actual PE Digest

cc:37:f1:ee:1b:a3:37:8d:09:ef:e5:6e:1d:ae:92:32:c8:43:15:85

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/TlbExp.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7a:1e:96:1a:d8:14:2b:bf:24:44:1e:68:2a:bd:13:2a:98:86:b2:09:a0:bb:4c:5e:f9:8f:23:18:ff:ae:e3:c6
Signer

Actual PE Digest

7a:1e:96:1a:d8:14:2b:bf:24:44:1e:68:2a:bd:13:2a:98:86:b2:09:a0:bb:4c:5e:f9:8f:23:18:ff:ae:e3:c6

Digest Algorithm

sha256

PE Digest Matches

true

a0:d9:7b:b0:24:12:ff:44:ed:97:0b:84:31:7f:e4:6f:6f:c6:87:e9
Signer

Actual PE Digest

a0:d9:7b:b0:24:12:ff:44:ed:97:0b:84:31:7f:e4:6f:6f:c6:87:e9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/TlbImp.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

75:c6:41:d2:f9:97:a5:4a:85:bc:a2:59:91:b8:fa:2f:f5:46:78:e4:e8:1e:a2:0d:f4:fb:07:0f:24:c0:b2:21
Signer

Actual PE Digest

75:c6:41:d2:f9:97:a5:4a:85:bc:a2:59:91:b8:fa:2f:f5:46:78:e4:e8:1e:a2:0d:f4:fb:07:0f:24:c0:b2:21

Digest Algorithm

sha256

PE Digest Matches

true

d5:0c:1b:59:c6:e3:7e:d0:51:84:54:d6:78:a8:eb:ff:ec:61:e5:ea
Signer

Actual PE Digest

d5:0c:1b:59:c6:e3:7e:d0:51:84:54:d6:78:a8:eb:ff:ec:61:e5:ea

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/Tracker.exe
.exe windows:6 windows x86

edb7de4623ae335f2538be97ec2d53e8

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4d:77:26:91:af:3a:ce:5d:95:72:50:79:69:fb:cb:6d:2b:fc:e7:45:2f:55:43:cb:de:a2:0f:92:73:e0:ec:47
Signer

Actual PE Digest

4d:77:26:91:af:3a:ce:5d:95:72:50:79:69:fb:cb:6d:2b:fc:e7:45:2f:55:43:cb:de:a2:0f:92:73:e0:ec:47

Digest Algorithm

sha256

PE Digest Matches

true

14:1b:e6:71:75:cd:ae:f4:35:e1:72:ef:9d:ce:d4:3c:80:e4:b7:ca
Signer

Actual PE Digest

14:1b:e6:71:75:cd:ae:f4:35:e1:72:ef:9d:ce:d4:3c:80:e4:b7:ca

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExW
RegOpenKeyExW

kernel32

GetEnvironmentVariableW
RaiseException
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
GetExitCodeProcess
SetDllDirectoryW
HeapSetInformation
OpenEventW
SetEnvironmentVariableW
SetLastError
SearchPathW
CreateProcessW
ResumeThread
WaitForMultipleObjects
GenerateConsoleCtrlEvent
WaitForSingleObject
WideCharToMultiByte
GetVersion
GetModuleHandleW
GetProcAddress
GetCommandLineW
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
IsDebuggerPresent
IsProcessorFeaturePresent
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
FreeEnvironmentStringsW
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
GetProcessHeap
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InitOnceExecuteOnce
GetStartupInfoW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount64
Sleep
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LoadLibraryExW
OutputDebugStringW
LoadLibraryW
RtlUnwind
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
HeapReAlloc
LCMapStringEx
GetStringTypeW
HeapSize
SetStdHandle
WriteConsoleW
CloseHandle
CreateFileW
HeapDestroy
VirtualAllocEx
VirtualProtectEx
VirtualQueryEx
ReadProcessMemory
WriteProcessMemory
FindClose
FindFirstFileW
FindNextFileW
GetFileAttributesW
GetFullPathNameW
GetLocaleInfoW
GetUserDefaultUILanguage
LocalFree
FormatMessageW
GetConsoleOutputCP
ReadFile
ReadConsoleW
SetFilePointer
SetEndOfFile

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/WCA.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

42:8a:71:6d:3e:da:51:a8:17:b6:fb:c6:c3:6f:5c:5c:61:91:38:fc:be:5f:fc:ec:4f:bf:29:ee:5e:ae:fa:1b
Signer

Actual PE Digest

42:8a:71:6d:3e:da:51:a8:17:b6:fb:c6:c3:6f:5c:5c:61:91:38:fc:be:5f:fc:ec:4f:bf:29:ee:5e:ae:fa:1b

Digest Algorithm

sha256

PE Digest Matches

true

c1:ef:c2:1f:a5:2b:80:7c:68:4a:f5:a2:ba:fa:1d:fe:e4:1f:13:81
Signer

Actual PE Digest

c1:ef:c2:1f:a5:2b:80:7c:68:4a:f5:a2:ba:fa:1d:fe:e4:1f:13:81

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/WFC.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

db:fb:c4:8b:50:62:b5:6e:8f:41:b9:45:ff:24:42:b0:b0:0d:70:27:ca:24:17:fd:9d:b5:68:02:b3:a3:78:ef
Signer

Actual PE Digest

db:fb:c4:8b:50:62:b5:6e:8f:41:b9:45:ff:24:42:b0:b0:0d:70:27:ca:24:17:fd:9d:b5:68:02:b3:a3:78:ef

Digest Algorithm

sha256

PE Digest Matches

true

67:93:ca:e9:4b:ce:b6:42:db:e0:f3:81:80:3d:2a:38:58:80:2d:e6
Signer

Actual PE Digest

67:93:ca:e9:4b:ce:b6:42:db:e0:f3:81:80:3d:2a:38:58:80:2d:e6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/WFC.exe.config
.xml
Stub/SDKs/WSatUI.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6c:aa:f9:11:e2:4d:39:53:2a:fb:27:ca:ea:86:a3:e3:94:f7:f7:bf:dc:7a:fa:aa:b5:6b:c6:53:4b:6b:42:b1
Signer

Actual PE Digest

6c:aa:f9:11:e2:4d:39:53:2a:fb:27:ca:ea:86:a3:e3:94:f7:f7:bf:dc:7a:fa:aa:b5:6b:c6:53:4b:6b:42:b1

Digest Algorithm

sha256

PE Digest Matches

true

58:8e:33:8b:f9:91:4f:8e:86:4f:4d:d1:7c:6b:45:e3:5f:b0:0e:f2
Signer

Actual PE Digest

58:8e:33:8b:f9:91:4f:8e:86:4f:4d:d1:7c:6b:45:e3:5f:b0:0e:f2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 218KB - Virtual size: 217KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/WinMDExp.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

59:36:27:45:4a:79:37:a0:aa:34:78:82:c6:13:56:d3:f8:38:6b:f0:89:85:fd:68:4c:dc:58:d7:9b:f4:bc:ef
Signer

Actual PE Digest

59:36:27:45:4a:79:37:a0:aa:34:78:82:c6:13:56:d3:f8:38:6b:f0:89:85:fd:68:4c:dc:58:d7:9b:f4:bc:ef

Digest Algorithm

sha256

PE Digest Matches

true

5e:44:ee:2b:46:23:fc:ac:94:8a:0d:7c:9a:68:97:60:0f:f9:06:43
Signer

Actual PE Digest

5e:44:ee:2b:46:23:fc:ac:94:8a:0d:7c:9a:68:97:60:0f:f9:06:43

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/WinRes.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e1:4d:36:9e:76:4b:14:2c:77:20:7c:03:5f:0a:ec:ce:04:58:86:0a:f5:30:b0:ad:de:a1:4a:3b:55:dd:aa:8c
Signer

Actual PE Digest

e1:4d:36:9e:76:4b:14:2c:77:20:7c:03:5f:0a:ec:ce:04:58:86:0a:f5:30:b0:ad:de:a1:4a:3b:55:dd:aa:8c

Digest Algorithm

sha256

PE Digest Matches

true

53:08:57:5e:bd:17:63:78:c2:db:c7:15:75:75:e7:0f:65:2e:cd:02
Signer

Actual PE Digest

53:08:57:5e:bd:17:63:78:c2:db:c7:15:75:75:e7:0f:65:2e:cd:02

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/al.exe
.exe windows:6 windows x86

35f7d7b0035d9d9c7dd3306a0690f78d

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:d7:2f:ae:79:3d:0b:23:87:91:ee:79:7c:e5:10:f3:cc:88:5b:e2:71:67:eb:6c:74:ac:a5:54:ed:54:d2:97
Signer

Actual PE Digest

90:d7:2f:ae:79:3d:0b:23:87:91:ee:79:7c:e5:10:f3:cc:88:5b:e2:71:67:eb:6c:74:ac:a5:54:ed:54:d2:97

Digest Algorithm

sha256

PE Digest Matches

false

bc:41:bf:ef:b6:55:0e:8a:de:87:d5:f8:c5:c2:80:8d:bf:92:aa:af
Signer

Actual PE Digest

bc:41:bf:ef:b6:55:0e:8a:de:87:d5:f8:c5:c2:80:8d:bf:92:aa:af

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
HeapAlloc
HeapFree
GetFileType
GetConsoleMode
GetConsoleCP
GetCurrentDirectoryW
FormatMessageW
InterlockedExchange
InterlockedCompareExchange
GetLastError
GetProcAddress
FreeLibrary
LoadLibraryA
SwitchToThread
GetConsoleOutputCP
WideCharToMultiByte
GetConsoleScreenBufferInfo
GetStdHandle
GetModuleFileNameA
GetVersionExA
MultiByteToWideChar
GetCommandLineW
CloseHandle
HeapSetInformation
ReadFile
WriteFile
GetVersion
GetModuleHandleW
LoadLibraryExA
GetTempFileNameA
GetTempPathA
RaiseException
GetTempPathW
GetTempFileNameW
GetFullPathNameW
GetFullPathNameA
SetLastError
GetShortPathNameW
GetShortPathNameA
FindClose
GetFileSize
GetACP
GetCommandLineA
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedIncrement
InterlockedDecrement
GetLocaleInfoEx
IsValidLocaleName
IsDebuggerPresent
IsProcessorFeaturePresent
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
GetTimeFormatEx
GetDateFormatEx
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetCurrentThreadId
FreeEnvironmentStringsW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
DeleteCriticalSection
InitOnceExecuteOnce
GetStartupInfoW
QueryPerformanceCounter
GetTickCount64
Sleep
GetCPInfo
IsValidCodePage
GetOEMCP
GetUserDefaultLocaleName
EnumSystemLocalesEx
GetStringTypeW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapSize
ReadConsoleW
GetTimeZoneInformation
FlushFileBuffers
LoadLibraryExW
GetEnvironmentStringsW
OutputDebugStringW
LoadLibraryW
RtlUnwind
HeapReAlloc
SetFilePointerEx
LCMapStringEx
WriteConsoleW
GetEnvironmentVariableA
LCMapStringA
CreateFileW
HeapDestroy
CreateFileA
DeleteFileA
DeleteFileW
FindFirstFileA
FindFirstFileW

mscoree

ord22
CorBindToCurrentRuntime
GetCORVersion
LoadLibraryShim

shlwapi

PathCommonPrefixW
PathIsRelativeW
PathCanonicalizeW
PathRemoveFileSpecW
PathIsUNCW
PathIsURLW
PathCombineW
PathRelativePathToW

ole32

CoUninitialize
CoCreateInstance
CoInitializeEx

oleaut32

VariantInit
SetErrorInfo
VariantClear
GetErrorInfo
SysFreeString
SysAllocString

user32

LoadStringW

Sections

.text
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/al.exe.config
.xml
Stub/SDKs/aspnet_intern.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

00:aa:91:ed:74:59:29:00:f2:54:16:2f:45:77:20:c6:23:5d:5a:a6:e0:43:c4:5d:ff:d8:a9:74:6b:74:cc:45
Signer

Actual PE Digest

00:aa:91:ed:74:59:29:00:f2:54:16:2f:45:77:20:c6:23:5d:5a:a6:e0:43:c4:5d:ff:d8:a9:74:6b:74:cc:45

Digest Algorithm

sha256

PE Digest Matches

true

1a:1e:f0:d8:46:82:cd:37:92:17:70:65:11:64:d3:55:01:4b:c6:86
Signer

Actual PE Digest

1a:1e:f0:d8:46:82:cd:37:92:17:70:65:11:64:d3:55:01:4b:c6:86

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/aspnet_merge.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c8:f8:b6:d2:94:66:79:b9:0e:af:97:42:8c:fa:4e:42:5f:7f:c4:11:e7:3d:a8:cd:bf:02:e9:db:27:d0:80:58
Signer

Actual PE Digest

c8:f8:b6:d2:94:66:79:b9:0e:af:97:42:8c:fa:4e:42:5f:7f:c4:11:e7:3d:a8:cd:bf:02:e9:db:27:d0:80:58

Digest Algorithm

sha256

PE Digest Matches

true

28:93:db:6f:ed:1d:e5:f5:b9:89:7c:76:8a:1d:47:4e:30:15:e5:25
Signer

Actual PE Digest

28:93:db:6f:ed:1d:e5:f5:b9:89:7c:76:8a:1d:47:4e:30:15:e5:25

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 899KB - Virtual size: 898KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/aspnet_merge.exe.config
.xml
Stub/SDKs/clrver.exe
.exe windows:6 windows x86

8b2123e573c22d47c97d402c43d0b828

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6c:e7:aa:bc:a7:72:94:4f:85:f8:e6:53:c3:1f:19:ce:67:f8:6f:99:4b:ad:0d:6b:6d:b8:a6:f1:54:12:c5:ce
Signer

Actual PE Digest

6c:e7:aa:bc:a7:72:94:4f:85:f8:e6:53:c3:1f:19:ce:67:f8:6f:99:4b:ad:0d:6b:6d:b8:a6:f1:54:12:c5:ce

Digest Algorithm

sha256

PE Digest Matches

true

02:c2:6b:a1:0d:44:de:7a:8e:44:8c:3e:a5:21:45:97:e3:61:bc:8a
Signer

Actual PE Digest

02:c2:6b:a1:0d:44:de:7a:8e:44:8c:3e:a5:21:45:97:e3:61:bc:8a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
FreeLibrary
OpenProcess
GetProcAddress
LoadLibraryA
Process32FirstW
Module32FirstW
Process32NextW
HeapSetInformation
CreateToolhelp32Snapshot
Module32NextW
CloseHandle
GetVersion
GetModuleHandleW
GetCommandLineA
GetLastError
SetLastError
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
FreeEnvironmentStringsW
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
GetProcessHeap
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InitOnceExecuteOnce
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount64
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapFree
Sleep
LoadLibraryExW
GetEnvironmentStringsW
OutputDebugStringW
LoadLibraryW
RtlUnwind
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
SetFilePointerEx
LCMapStringEx
GetStringTypeW
HeapAlloc
HeapReAlloc
HeapSize
SetStdHandle
WriteConsoleW
FlushFileBuffers
CreateFileW

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/disco.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:92:4a:00:00:00:00:00:20
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

73:60:9c:21:94:a3:4b:2f:22:51:68:d7:27:01:e1:47:8d:05:9c:b7:54:74:de:bf:95:4c:60:93:e8:8f:fa:4a
Signer

Actual PE Digest

73:60:9c:21:94:a3:4b:2f:22:51:68:d7:27:01:e1:47:8d:05:9c:b7:54:74:de:bf:95:4c:60:93:e8:8f:fa:4a

Digest Algorithm

sha256

PE Digest Matches

true

79:cc:6d:9e:41:4d:0c:4b:a7:93:3b:e0:71:c1:96:0b:29:9e:c1:8d
Signer

Actual PE Digest

79:cc:6d:9e:41:4d:0c:4b:a7:93:3b:e0:71:c1:96:0b:29:9e:c1:8d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/gacutil.exe
.exe windows:6 windows x86

1d5d62a00aa56ac222a0558af3bce499

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a3:51:2e:51:da:30:19:a1:27:f0:a2:12:57:b8:3c:fa:67:d2:cb:df:63:f1:93:dc:7f:1e:fa:4d:20:94:bc:97
Signer

Actual PE Digest

a3:51:2e:51:da:30:19:a1:27:f0:a2:12:57:b8:3c:fa:67:d2:cb:df:63:f1:93:dc:7f:1e:fa:4d:20:94:bc:97

Digest Algorithm

sha256

PE Digest Matches

true

f9:67:eb:3d:3e:50:0f:3e:23:d5:6b:c0:39:92:38:62:59:7c:d2:a3
Signer

Actual PE Digest

f9:67:eb:3d:3e:50:0f:3e:23:d5:6b:c0:39:92:38:62:59:7c:d2:a3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameW
FindFirstFileW
lstrlenA
FreeLibrary
LoadLibraryExW
GetModuleHandleW
WriteFile
WideCharToMultiByte
GetLocaleInfoW
FormatMessageW
GetFileAttributesW
ReadFile
GetModuleFileNameW
CreateFileW
MultiByteToWideChar
lstrlenW
GetConsoleOutputCP
GetStdHandle
GetLastError
GetProcAddress
FindClose
GetFileType
GetModuleHandleA
HeapSetInformation
FindNextFileW
GetUserDefaultUILanguage
CloseHandle
LocalFree
GetVersion
WriteConsoleW
SetStdHandle
CompareStringEx
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetCommandLineW
HeapFree
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
GetEnvironmentVariableW
SetLastError
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
FreeEnvironmentStringsW
ExitProcess
GetModuleHandleExW
GetProcessHeap
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InitOnceExecuteOnce
GetStartupInfoW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount64
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
HeapSize
Sleep
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
RaiseException
OutputDebugStringW
LoadLibraryW
RtlUnwind
LCMapStringEx
GetStringTypeW
HeapReAlloc
FlushFileBuffers

mscoree

CLRCreateInstance

user32

LoadStringW

shlwapi

PathCombineW

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/gacutil.exe.config
.xml
Stub/SDKs/ildasm.exe
.exe windows:6 windows x86

b59f10d55307ec747fb67fa01d1ec22f

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

df:f1:6e:fe:37:74:ba:8e:bf:a0:4a:7c:25:51:0a:08:88:34:6c:04:d1:a6:7b:43:26:e9:91:c5:93:91:ff:c1
Signer

Actual PE Digest

df:f1:6e:fe:37:74:ba:8e:bf:a0:4a:7c:25:51:0a:08:88:34:6c:04:d1:a6:7b:43:26:e9:91:c5:93:91:ff:c1

Digest Algorithm

sha256

PE Digest Matches

true

bd:e5:fc:eb:14:f6:65:e1:e9:b5:0f:9d:5b:70:c9:43:6e:f4:46:07
Signer

Actual PE Digest

bd:e5:fc:eb:14:f6:65:e1:e9:b5:0f:9d:5b:70:c9:43:6e:f4:46:07

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleW
HeapReAlloc
SetEndOfFile
LoadLibraryExA
GetCommandLineW
GetVersion
CreateProcessW
GetConsoleOutputCP
GetStdHandle
HeapSetInformation
GetFullPathNameW
WriteFile
LoadLibraryW
SetLastError
CreateFileMappingA
lstrlenW
FormatMessageW
SetStdHandle
SwitchToThread
SetFilePointerEx
LCMapStringEx
GetStringTypeW
HeapSize
GetOEMCP
IsValidCodePage
ReadConsoleW
ReadFile
RtlUnwind
CreateFileW
GetConsoleCP
FlushFileBuffers
Sleep
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTickCount64
QueryPerformanceCounter
GetModuleFileNameA
GetStartupInfoW
InitOnceExecuteOnce
InitializeCriticalSectionAndSpinCount
GetFileType
InterlockedIncrement
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
AreFileApisANSI
GetModuleHandleExW
ExitProcess
InterlockedDecrement
IsProcessorFeaturePresent
GetCommandLineA
DecodePointer
EncodePointer
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentVariableA
TlsFree
TlsAlloc
ReleaseMutex
MapViewOfFile
CreateFileMappingW
GetFileSize
UnmapViewOfFile
GetModuleHandleW
GetWindowsDirectoryA
CloseHandle
WideCharToMultiByte
MultiByteToWideChar
GetLastError
DebugBreak
FreeLibrary
GetProcAddress
LoadLibraryExW
OutputDebugStringW
IsDebuggerPresent
WaitForSingleObject
CreateThread
CreateEventW
SetEvent
GetConsoleMode
TlsGetValue
FindFirstFileW
GetLocaleInfoW
GetFileAttributesW
FindClose
FindNextFileW
GetUserDefaultUILanguage
GetCurrentProcess
TerminateProcess
GetModuleFileNameW
GetCPInfo
GetACP
LocalFree
GetSystemTimeAsFileTime
GetCurrentThreadId
RaiseException
GetEnvironmentVariableW
CreateMutexW
VirtualQuery
HeapAlloc
HeapFree
SleepEx
WaitForSingleObjectEx
VirtualFree
GetProcessHeap
InitializeCriticalSection
TlsSetValue
HeapDestroy
LeaveCriticalSection
HeapCreate
HeapValidate
ReleaseSemaphore
VirtualAlloc
EnterCriticalSection
ResetEvent
CreateSemaphoreW
VirtualProtect
DeleteCriticalSection
ExpandEnvironmentStringsA

mscoree

CoUninitializeCor
CoInitializeEE
CoUninitializeEE
CoInitializeCor
GetRequestedRuntimeInfo

gdi32

CreateSolidBrush
TextOutW
SetTextColor
SetBkColor
DeleteObject
GetTextMetricsW
CreateFontIndirectW
GetStockObject

comctl32

ImageList_Create
ImageList_Add
InitCommonControlsEx
ord17

comdlg32

GetOpenFileNameW
GetSaveFileNameW
FindTextW
ChooseFontW

ole32

CoUninitialize
CoCreateInstance
CoInitialize
StringFromGUID2

user32

LoadStringW
TranslateAcceleratorW
IsDialogMessageW
LoadAcceleratorsW
GetWindowRect
GetActiveWindow
DialogBoxParamW
EnableWindow
GetDlgItem
EndDialog
SendDlgItemMessageW
PostQuitMessage
MoveWindow
FillRect
DrawFocusRect
SetCursor
LoadCursorW
CheckMenuItem
ReleaseDC
GetDC
RegisterWindowMessageW
GetSysColor
LoadImageW
AppendMenuW
CreateMenu
SetFocus
UpdateWindow
ShowWindow
DrawMenuBar
EnableMenuItem
DispatchMessageW
TranslateMessage
GetMessageW
SendMessageW
SendMessageA
GetClientRect
CreateWindowExW
GetSystemMetrics
RegisterClassW
LoadIconW
DefWindowProcW
DestroyWindow
PostMessageA

shell32

CommandLineToArgvW
DragAcceptFiles
DragFinish
DragQueryFileW

oleaut32

SetErrorInfo
SysAllocStringLen
SysAllocString
VariantChangeType
VariantClear
VariantInit
GetErrorInfo
SysFreeString

advapi32

RegQueryValueExA
RegOpenKeyExA
RegOpenKeyExW
EventWrite
RegCloseKey
RegQueryValueExW

Sections

.text
Size: 421KB - Virtual size: 421KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 874KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/ildasm.exe.config
.xml
Stub/SDKs/lc.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cf:ad:9d:bd:14:34:87:a4:5c:98:43:67:b4:03:9c:e6:b5:ec:ab:91:47:f1:b0:33:12:71:21:9e:b9:c5:ee:3b
Signer

Actual PE Digest

cf:ad:9d:bd:14:34:87:a4:5c:98:43:67:b4:03:9c:e6:b5:ec:ab:91:47:f1:b0:33:12:71:21:9e:b9:c5:ee:3b

Digest Algorithm

sha256

PE Digest Matches

true

46:df:ae:57:18:e7:15:ce:e3:7e:bb:c3:af:5c:76:03:9b:a2:70:e7
Signer

Actual PE Digest

46:df:ae:57:18:e7:15:ce:e3:7e:bb:c3:af:5c:76:03:9b:a2:70:e7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/lc.exe.config
.xml
Stub/SDKs/mage.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:92:4a:00:00:00:00:00:20
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:82:2d:bb:fa:67:7f:10:8e:e6:1b:04:1f:f5:b1:af:9d:16:be:9c:a6:f1:32:bf:97:d1:b7:b9:c2:88:2f:1a
Signer

Actual PE Digest

0e:82:2d:bb:fa:67:7f:10:8e:e6:1b:04:1f:f5:b1:af:9d:16:be:9c:a6:f1:32:bf:97:d1:b7:b9:c2:88:2f:1a

Digest Algorithm

sha256

PE Digest Matches

true

e0:87:b2:9d:25:ab:40:06:cd:10:da:52:97:31:3c:38:48:92:9f:12
Signer

Actual PE Digest

e0:87:b2:9d:25:ab:40:06:cd:10:da:52:97:31:3c:38:48:92:9f:12

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/mageui.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fe:ef:ba:27:6b:e3:97:fe:0f:e4:52:c9:ff:e3:c4:69:73:61:77:86:2b:0c:ab:5d:5d:ba:dc:ee:cb:91:1e:56
Signer

Actual PE Digest

fe:ef:ba:27:6b:e3:97:fe:0f:e4:52:c9:ff:e3:c4:69:73:61:77:86:2b:0c:ab:5d:5d:ba:dc:ee:cb:91:1e:56

Digest Algorithm

sha256

PE Digest Matches

true

97:5f:e2:d0:0d:fe:68:98:3b:02:3f:cf:12:84:40:44:e8:bf:21:9b
Signer

Actual PE Digest

97:5f:e2:d0:0d:fe:68:98:3b:02:3f:cf:12:84:40:44:e8:bf:21:9b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 677KB - Virtual size: 676KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/mgmtclassgen.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

13:a1:52:fc:39:f8:c2:27:68:a5:7b:b9:64:fc:db:ad:59:a5:c4:34:ef:63:ca:3c:e2:17:01:9a:a2:20:eb:31
Signer

Actual PE Digest

13:a1:52:fc:39:f8:c2:27:68:a5:7b:b9:64:fc:db:ad:59:a5:c4:34:ef:63:ca:3c:e2:17:01:9a:a2:20:eb:31

Digest Algorithm

sha256

PE Digest Matches

true

2a:22:d0:bb:03:8c:04:69:d6:41:9b:46:53:26:a0:33:6f:da:b3:e4
Signer

Actual PE Digest

2a:22:d0:bb:03:8c:04:69:d6:41:9b:46:53:26:a0:33:6f:da:b3:e4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/sgen.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

67:67:44:05:e7:83:c6:53:e6:bf:b6:14:96:2c:7c:4c:f7:5f:17:9c:a0:dc:57:68:74:75:4a:3c:5a:84:70:dd
Signer

Actual PE Digest

67:67:44:05:e7:83:c6:53:e6:bf:b6:14:96:2c:7c:4c:f7:5f:17:9c:a0:dc:57:68:74:75:4a:3c:5a:84:70:dd

Digest Algorithm

sha256

PE Digest Matches

true

dc:ff:3a:a6:4d:19:cc:8d:25:f3:ab:0c:6a:4a:8c:cd:e8:bd:f7:b2
Signer

Actual PE Digest

dc:ff:3a:a6:4d:19:cc:8d:25:f3:ab:0c:6a:4a:8c:cd:e8:bd:f7:b2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/sn.exe
.exe windows:6 windows x86

6fd1c67b79af1ea44f7e5d30b1500226

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:92:4a:00:00:00:00:00:20
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dc:a6:df:7d:77:a6:e9:6e:a7:72:8f:f0:de:83:16:24:74:f8:bc:99:05:1d:46:24:c8:96:6b:d9:e4:e3:45:d1
Signer

Actual PE Digest

dc:a6:df:7d:77:a6:e9:6e:a7:72:8f:f0:de:83:16:24:74:f8:bc:99:05:1d:46:24:c8:96:6b:d9:e4:e3:45:d1

Digest Algorithm

sha256

PE Digest Matches

true

29:e3:a5:26:f3:99:ac:c3:85:47:ac:3e:d1:d3:76:70:d9:8e:6a:07
Signer

Actual PE Digest

29:e3:a5:26:f3:99:ac:c3:85:47:ac:3e:d1:d3:76:70:d9:8e:6a:07

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptAcquireContextW
CryptReleaseContext
CryptImportKey
CryptDestroyKey
CryptExportKey
RegQueryValueExW
RegDeleteKeyW
CryptSignHashW
RegDeleteValueW
CryptCreateHash
RegEnumKeyExW
CryptDestroyHash
CryptGetUserKey
RegCloseKey
RegSetValueExW
CryptHashData
EventWrite
RegOpenKeyExW
RegCreateKeyExW

kernel32

GetVersion
GetModuleHandleW
HeapReAlloc
SetFilePointerEx
RtlUnwind
MultiByteToWideChar
CloseHandle
FlushFileBuffers
LCMapStringEx
GetStringTypeW
HeapSize
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
CreateFileMappingW
GetFileType
GlobalFree
GetProcAddress
SetLastError
GetLastError
GlobalUnlock
GetStdHandle
GetOEMCP
IsValidCodePage
GetTickCount64
QueryPerformanceCounter
GetStartupInfoW
InitOnceExecuteOnce
GetModuleHandleExW
ExitProcess
InterlockedDecrement
InterlockedIncrement
FlsFree
FlsSetValue
CreateFileW
ReadFile
SetConsoleMode
FormatMessageW
GetConsoleMode
GlobalAlloc
GetConsoleCP
WriteFile
GlobalLock
LoadLibraryExW
FreeLibrary
UnmapViewOfFile
MapViewOfFile
GetFileSize
LoadLibraryW
TlsGetValue
GetEnvironmentVariableW
GetEnvironmentStringsW
GetModuleFileNameW
lstrlenW
FreeEnvironmentStringsW
FindFirstFileW
GetLocaleInfoW
GetFileAttributesW
GetConsoleOutputCP
FindClose
FindNextFileW
GetUserDefaultUILanguage
GetCurrentProcess
CreateMutexW
VirtualQuery
HeapAlloc
HeapFree
SetEvent
SleepEx
WaitForSingleObjectEx
VirtualFree
GetProcessHeap
InitializeCriticalSection
TlsSetValue
HeapDestroy
LeaveCriticalSection
HeapCreate
HeapValidate
ReleaseSemaphore
RaiseException
VirtualAlloc
EnterCriticalSection
ResetEvent
CreateSemaphoreW
CreateEventW
VirtualProtect
DeleteCriticalSection
ReleaseMutex
TlsAlloc
TlsFree
GetCPInfo
WideCharToMultiByte
GetACP
LocalFree
TerminateProcess
GetEnvironmentVariableA
GetSystemTimeAsFileTime
GetCurrentThreadId
OutputDebugStringW
IsDebuggerPresent
EncodePointer
DecodePointer
GetCommandLineW
IsProcessorFeaturePresent
SetStdHandle
InitializeCriticalSectionAndSpinCount
FlsAlloc
FlsGetValue
WriteConsoleW

mscoree

StrongNameGetPublicKey
GetRequestedRuntimeInfo
StrongNameSignatureGenerationEx
StrongNameKeyGenEx
CLRCreateInstance
StrongNameKeyDelete
StrongNameKeyInstall
StrongNameFreeBuffer
StrongNameErrorInfo
StrongNameTokenFromPublicKey
StrongNameCompareAssemblies
StrongNameKeyGen
StrongNameTokenFromAssemblyEx

crypt32

CertDuplicateCertificateContext
CertSetCertificateContextProperty
CertEnumCertificatesInStore
PFXImportCertStore
CertGetCertificateContextProperty
CertCloseStore
CertFreeCertificateContext
CryptQueryObject

user32

OpenClipboard
LoadStringW
SetClipboardData
CloseClipboard
EmptyClipboard

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SetErrorInfo

Sections

.text
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/sn.exe.config
.xml
Stub/SDKs/wsdl.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:92:4a:00:00:00:00:00:20
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cf:0f:15:2e:c4:06:38:9e:17:18:14:ff:5e:3c:f5:cb:8f:d1:ad:08:19:b2:8f:bf:f3:1f:73:d9:9b:bf:bd:95
Signer

Actual PE Digest

cf:0f:15:2e:c4:06:38:9e:17:18:14:ff:5e:3c:f5:cb:8f:d1:ad:08:19:b2:8f:bf:f3:1f:73:d9:9b:bf:bd:95

Digest Algorithm

sha256

PE Digest Matches

true

84:14:df:73:02:51:ff:1f:73:3b:07:46:bb:01:04:27:5c:84:61:14
Signer

Actual PE Digest

84:14:df:73:02:51:ff:1f:73:3b:07:46:bb:01:04:27:5c:84:61:14

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/wsdl.exe.config
.xml
Stub/SDKs/x64/1033/CPLApplet.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/1033/IlDasmrc.dll
.dll windows:6 windows x64

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ad:32:17:62:f8:40:7a:b0:b4:0e:43:15:e9:11:dd:6f:43:1b:91:7e:c7:a2:e7:24:c8:3c:eb:04:18:0c:90:45
Signer

Actual PE Digest

ad:32:17:62:f8:40:7a:b0:b4:0e:43:15:e9:11:dd:6f:43:1b:91:7e:c7:a2:e7:24:c8:3c:eb:04:18:0c:90:45

Digest Algorithm

sha256

PE Digest Matches

true

56:be:bb:c1:74:c1:35:34:0f:08:ed:67:8c:fd:1a:e3:e7:96:35:b6
Signer

Actual PE Digest

56:be:bb:c1:74:c1:35:34:0f:08:ed:67:8c:fd:1a:e3:e7:96:35:b6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/1033/TrackerUI.dll
.dll windows:6 windows x64

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:92:4a:00:00:00:00:00:20
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

96:3f:c4:a3:7d:6d:90:dc:ad:0c:ad:db:1a:79:a6:13:89:e5:c6:1b:d2:49:76:29:e8:4c:b5:0b:fb:3a:55:5b
Signer

Actual PE Digest

96:3f:c4:a3:7d:6d:90:dc:ad:0c:ad:db:1a:79:a6:13:89:e5:c6:1b:d2:49:76:29:e8:4c:b5:0b:fb:3a:55:5b

Digest Algorithm

sha256

PE Digest Matches

true

12:80:0b:75:85:22:0c:f0:af:52:5e:ae:4a:fb:0c:76:2d:88:4c:ab
Signer

Actual PE Digest

12:80:0b:75:85:22:0c:f0:af:52:5e:ae:4a:fb:0c:76:2d:88:4c:ab

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/1033/flogvwrc.dll
.dll windows:6 windows x64

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fe:b6:80:60:74:85:47:a3:8b:00:49:6c:1e:af:82:55:22:e5:ea:27:83:a2:5f:8b:2f:48:5b:af:d7:37:32:a2
Signer

Actual PE Digest

fe:b6:80:60:74:85:47:a3:8b:00:49:6c:1e:af:82:55:22:e5:ea:27:83:a2:5f:8b:2f:48:5b:af:d7:37:32:a2

Digest Algorithm

sha256

PE Digest Matches

true

eb:b7:5f:0f:4f:60:61:be:e5:ff:2b:d9:0f:fb:5b:18:cd:81:bb:53
Signer

Actual PE Digest

eb:b7:5f:0f:4f:60:61:be:e5:ff:2b:d9:0f:fb:5b:18:cd:81:bb:53

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/1033/gacutlrc.dll
.dll windows:6 windows x64

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:92:4a:00:00:00:00:00:20
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

24:dc:b9:4c:cf:00:4e:81:0d:0c:2b:c4:29:a5:1d:9f:52:c8:09:95:f4:50:1a:5a:a8:8e:5e:e1:b2:99:18:54
Signer

Actual PE Digest

24:dc:b9:4c:cf:00:4e:81:0d:0c:2b:c4:29:a5:1d:9f:52:c8:09:95:f4:50:1a:5a:a8:8e:5e:e1:b2:99:18:54

Digest Algorithm

sha256

PE Digest Matches

true

13:d7:dd:19:eb:4a:12:ea:25:1d:e7:48:f5:12:5c:22:5d:5f:a4:2b
Signer

Actual PE Digest

13:d7:dd:19:eb:4a:12:ea:25:1d:e7:48:f5:12:5c:22:5d:5f:a4:2b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/1033/pevrfyrc.dll
.dll windows:6 windows x64

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

af:a5:2c:6a:32:22:52:4a:9a:5c:43:c3:91:22:d6:b2:6d:48:b3:cc:0a:42:a4:0f:6d:00:88:85:91:74:3c:7c
Signer

Actual PE Digest

af:a5:2c:6a:32:22:52:4a:9a:5c:43:c3:91:22:d6:b2:6d:48:b3:cc:0a:42:a4:0f:6d:00:88:85:91:74:3c:7c

Digest Algorithm

sha256

PE Digest Matches

true

fb:62:b9:47:46:5b:ea:35:8e:bd:91:df:c4:0d:35:00:68:7b:35:cc
Signer

Actual PE Digest

fb:62:b9:47:46:5b:ea:35:8e:bd:91:df:c4:0d:35:00:68:7b:35:cc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/1033/snrc.dll
.dll windows:6 windows x64

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cf:83:85:4e:dd:4b:53:b8:f1:b8:a9:69:9b:c6:a7:d3:a6:3b:a9:d7:17:91:db:b7:8e:03:a0:46:35:e9:2f:ab
Signer

Actual PE Digest

cf:83:85:4e:dd:4b:53:b8:f1:b8:a9:69:9b:c6:a7:d3:a6:3b:a9:d7:17:91:db:b7:8e:03:a0:46:35:e9:2f:ab

Digest Algorithm

sha256

PE Digest Matches

true

24:d0:74:85:24:1f:02:34:12:75:7f:93:2d:f9:ce:37:ab:ae:1d:5f
Signer

Actual PE Digest

24:d0:74:85:24:1f:02:34:12:75:7f:93:2d:f9:ce:37:ab:ae:1d:5f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/AxImp.exe
.exe windows:4 windows x64

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ea:1e:72:a8:9e:05:bd:73:bc:ac:8c:e0:c3:20:9b:11:c4:5d:17:53:15:1d:50:7a:51:4c:49:ab:71:81:6c:5e
Signer

Actual PE Digest

ea:1e:72:a8:9e:05:bd:73:bc:ac:8c:e0:c3:20:9b:11:c4:5d:17:53:15:1d:50:7a:51:4c:49:ab:71:81:6c:5e

Digest Algorithm

sha256

PE Digest Matches

true

ea:5b:ba:e3:5a:41:bc:cd:4e:e9:9c:cf:4c:58:d1:e1:90:0d:27:5c
Signer

Actual PE Digest

ea:5b:ba:e3:5a:41:bc:cd:4e:e9:9c:cf:4c:58:d1:e1:90:0d:27:5c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/CPLApplet.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/CorFlags.exe
.exe windows:6 windows x64

737eed44e0e3e2f740cf6c506763184a

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

83:2f:7a:c5:c1:d5:a5:06:75:3f:7e:1d:1a:90:bd:31:46:bc:bc:95:a5:f1:52:97:27:6c:89:8d:54:31:ef:71
Signer

Actual PE Digest

83:2f:7a:c5:c1:d5:a5:06:75:3f:7e:1d:1a:90:bd:31:46:bc:bc:95:a5:f1:52:97:27:6c:89:8d:54:31:ef:71

Digest Algorithm

sha256

PE Digest Matches

true

2b:9c:cf:68:d2:c0:37:40:78:1b:fe:c1:13:d2:53:c7:c4:c6:14:2f
Signer

Actual PE Digest

2b:9c:cf:68:d2:c0:37:40:78:1b:fe:c1:13:d2:53:c7:c4:c6:14:2f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetConsoleCP
GetConsoleMode
LoadLibraryW
HeapReAlloc
SetFilePointerEx
SetStdHandle
WriteConsoleW
CloseHandle
HeapSetInformation
GetModuleHandleA
CreateFileMappingW
CreateFileW
UnmapViewOfFile
MapViewOfFile
GetFileSize
GetEnvironmentVariableW
FreeLibrary
LoadLibraryExW
GetCurrentProcess
GetModuleHandleW
GetModuleFileNameW
MultiByteToWideChar
GetLastError
GetProcAddress
RaiseException
DebugBreak
GetCPInfo
WideCharToMultiByte
FormatMessageW
GetACP
LocalFree
TlsGetValue
SetLastError
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCurrentThreadId
GetEnvironmentStringsW
lstrlenW
FreeEnvironmentStringsW
TerminateProcess
CreateMutexW
VirtualQuery
HeapAlloc
HeapFree
SetEvent
SleepEx
WaitForSingleObjectEx
VirtualFree
GetProcessHeap
InitializeCriticalSection
TlsSetValue
HeapDestroy
LeaveCriticalSection
HeapCreate
HeapValidate
ReleaseSemaphore
VirtualAlloc
EnterCriticalSection
ResetEvent
CreateSemaphoreW
CreateEventW
VirtualProtect
DeleteCriticalSection
ReleaseMutex
TlsAlloc
TlsFree
OutputDebugStringW
IsDebuggerPresent
EncodePointer
DecodePointer
GetCommandLineW
IsProcessorFeaturePresent
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
ExitProcess
GetModuleHandleExW
GetStdHandle
WriteFile
GetFileType
InitializeCriticalSectionAndSpinCount
InitOnceExecuteOnce
GetStartupInfoW
GetTickCount64
RtlUnwindEx
IsValidCodePage
GetOEMCP
LCMapStringEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapSize
Sleep
GetStringTypeW
FlushFileBuffers
RtlPcToFileHeader

mscoree

GetRequestedRuntimeInfo

user32

LoadStringW

oleaut32

SetErrorInfo

advapi32

RegQueryValueExW
RegOpenKeyExW
EventWrite
RegCloseKey

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/FUSLOGVW.exe
.exe windows:6 windows x64

e6d4b494c7c8b97faa526620511ba540

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:92:4a:00:00:00:00:00:20
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

63:1f:d8:35:fb:7c:5b:32:68:de:ce:fe:82:ca:19:a7:3d:be:37:d9:94:de:7d:cc:3d:1a:1f:c0:64:7f:0d:e2
Signer

Actual PE Digest

63:1f:d8:35:fb:7c:5b:32:68:de:ce:fe:82:ca:19:a7:3d:be:37:d9:94:de:7d:cc:3d:1a:1f:c0:64:7f:0d:e2

Digest Algorithm

sha256

PE Digest Matches

true

6d:ad:a1:a0:4c:84:7d:db:79:71:da:d4:a9:62:7c:83:87:cf:46:3e
Signer

Actual PE Digest

6d:ad:a1:a0:4c:84:7d:db:79:71:da:d4:a9:62:7c:83:87:cf:46:3e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegQueryValueExW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
RegDeleteValueW
SetEntriesInAclW
RegCloseKey
RegSetValueExW
EventWrite
RegOpenKeyExW

kernel32

IsDebuggerPresent
FindNextFileW
FileTimeToLocalFileTime
DeleteFileW
DebugBreak
LocalFree
WriteConsoleW
SetFilePointerEx
SetStdHandle
HeapReAlloc
LoadLibraryW
LCMapStringEx
GetStringTypeW
HeapSetInformation
GetOEMCP
IsValidCodePage
GetConsoleMode
GetConsoleCP
FlushFileBuffers
Sleep
RtlUnwindEx
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetTickCount64
GetModuleFileNameA
GetStartupInfoW
InitOnceExecuteOnce
InitializeCriticalSectionAndSpinCount
GetFileType
WriteFile
GetStdHandle
GetModuleHandleExW
RemoveDirectoryW
FindClose
GetProcAddress
SetLastError
lstrlenW
FileTimeToSystemTime
GetFileAttributesW
GetTimeFormatW
GetModuleHandleW
OutputDebugStringW
GetCurrentProcess
LoadLibraryExW
FreeLibrary
FindFirstFileW
GetDateFormatW
HeapSize
GetEnvironmentVariableW
GetSystemDirectoryW
GetModuleFileNameW
CreateFileW
MultiByteToWideChar
GetLastError
CloseHandle
GetLocaleInfoW
GetConsoleOutputCP
GetUserDefaultUILanguage
TlsGetValue
GetEnvironmentStringsW
FreeEnvironmentStringsW
RaiseException
WideCharToMultiByte
GetCPInfo
FormatMessageW
GetACP
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCurrentThreadId
TerminateProcess
GetEnvironmentVariableA
CreateMutexW
VirtualQuery
HeapAlloc
HeapFree
SetEvent
SleepEx
WaitForSingleObjectEx
VirtualFree
GetProcessHeap
InitializeCriticalSection
TlsSetValue
HeapDestroy
LeaveCriticalSection
HeapCreate
HeapValidate
ReleaseSemaphore
VirtualAlloc
EnterCriticalSection
ResetEvent
CreateSemaphoreW
CreateEventW
VirtualProtect
DeleteCriticalSection
ReleaseMutex
TlsAlloc
TlsFree
EncodePointer
DecodePointer
GetCommandLineA
IsProcessorFeaturePresent
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
ExitProcess
RtlPcToFileHeader

mscoree

GetRequestedRuntimeInfo

shlwapi

PathRemoveBackslashW
StrCmpW
StrStrIW
PathFindFileNameW
StrStrW

shell32

ShellExecuteExW

wininet

DeleteUrlCacheEntryW
FindNextUrlCacheEntryW
GetUrlCacheEntryInfoW
FindFirstUrlCacheEntryW
FindCloseUrlCache

oleaut32

SetErrorInfo

user32

ShowWindow
GetSystemMetrics
SetDlgItemTextW
SendMessageW
LoadStringW
MoveWindow
EndDialog
GetDlgItem
SetFocus
DialogBoxParamW
SetForegroundWindow
GetWindowRect
EnableWindow

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/IlDasm.chm
.chm
Stub/SDKs/x64/MSBuildTaskHost.exe
.exe windows:4 windows x64

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:92:4a:00:00:00:00:00:20
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:4f:21:3b:a2:19:12:17:8f:0a:c6:1b:ec:35:ed:57:a0:da:51:fc:48:b7:d4:08:0f:a7:f5:a6:e2:77:30:18
Signer

Actual PE Digest

2e:4f:21:3b:a2:19:12:17:8f:0a:c6:1b:ec:35:ed:57:a0:da:51:fc:48:b7:d4:08:0f:a7:f5:a6:e2:77:30:18

Digest Algorithm

sha256

PE Digest Matches

true

f1:35:c7:51:82:99:89:73:56:a3:8e:05:81:8e:7b:d8:de:69:fa:73
Signer

Actual PE Digest

f1:35:c7:51:82:99:89:73:56:a3:8e:05:81:8e:7b:d8:de:69:fa:73

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/MSBuildTaskHost.exe.config
.xml
Stub/SDKs/x64/PEVerify.exe
.exe windows:6 windows x64

8c709d5483b1595d7a170659e58b93aa

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e8:a2:60:3c:ac:8b:6c:73:c6:9f:d1:6d:b5:36:46:14:64:4d:84:a8:ec:f2:2b:42:23:e4:77:d6:15:1b:6c:5c
Signer

Actual PE Digest

e8:a2:60:3c:ac:8b:6c:73:c6:9f:d1:6d:b5:36:46:14:64:4d:84:a8:ec:f2:2b:42:23:e4:77:d6:15:1b:6c:5c

Digest Algorithm

sha256

PE Digest Matches

true

bb:19:9d:14:40:6e:d8:16:ff:ed:e4:ad:ac:fb:6f:f3:b3:2e:a8:7f
Signer

Actual PE Digest

bb:19:9d:14:40:6e:d8:16:ff:ed:e4:ad:ac:fb:6f:f3:b3:2e:a8:7f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

HeapSetInformation
SetEndOfFile
ReadConsoleW
ReadFile
GetVersion
WriteConsoleW
SetStdHandle
HeapReAlloc
SetFilePointerEx
LoadLibraryW
LCMapStringEx
GetStringTypeW
GetFullPathNameW
MapViewOfFile
CreateFileMappingW
CreateFileW
lstrlenW
FormatMessageW
WriteFile
GetStdHandle
WideCharToMultiByte
GetConsoleOutputCP
SwitchToThread
GetTickCount
GetLastError
GetFileSize
UnmapViewOfFile
CloseHandle
FreeLibrary
GetProcAddress
LoadLibraryExW
TlsGetValue
SetLastError
GetCPInfo
GetACP
MultiByteToWideChar
DebugBreak
LocalFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCurrentThreadId
RaiseException
GetEnvironmentVariableW
FindFirstFileW
GetCurrentProcess
GetModuleHandleW
GetModuleFileNameW
FindClose
GetLocaleInfoW
GetFileAttributesW
FindNextFileW
GetUserDefaultUILanguage
CreateMutexW
VirtualQuery
HeapAlloc
HeapFree
SetEvent
SleepEx
WaitForSingleObjectEx
VirtualFree
GetProcessHeap
InitializeCriticalSection
TlsSetValue
HeapDestroy
LeaveCriticalSection
HeapCreate
HeapValidate
ReleaseSemaphore
VirtualAlloc
EnterCriticalSection
ResetEvent
CreateSemaphoreW
CreateEventW
VirtualProtect
DeleteCriticalSection
ReleaseMutex
TlsAlloc
TlsFree
GetEnvironmentStringsW
FreeEnvironmentStringsW
TerminateProcess
GetEnvironmentVariableA
OutputDebugStringW
IsDebuggerPresent
EncodePointer
DecodePointer
GetCommandLineW
IsProcessorFeaturePresent
ExitProcess
GetModuleHandleExW
AreFileApisANSI
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetFileType
InitializeCriticalSectionAndSpinCount
InitOnceExecuteOnce
GetStartupInfoW
GetTickCount64
RtlUnwindEx
Sleep
FlushFileBuffers
GetConsoleCP
GetConsoleMode
HeapSize
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsValidCodePage
GetOEMCP
RtlPcToFileHeader

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

SetErrorInfo

user32

LoadStringW

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW
EventWrite

mscoree

GetRequestedRuntimeInfo

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/PEVerify.exe.config
.xml
Stub/SDKs/x64/SvcUtil.exe
.exe windows:4 windows x64

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:92:4a:00:00:00:00:00:20
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2a:67:17:08:44:81:14:7c:fb:fa:52:be:69:2a:bd:13:45:18:fb:71:73:53:dd:0d:f4:f8:2e:fd:09:09:83:fe
Signer

Actual PE Digest

2a:67:17:08:44:81:14:7c:fb:fa:52:be:69:2a:bd:13:45:18:fb:71:73:53:dd:0d:f4:f8:2e:fd:09:09:83:fe

Digest Algorithm

sha256

PE Digest Matches

true

34:f1:1a:79:55:07:12:85:fe:be:04:c6:00:12:30:5f:07:56:82:79
Signer

Actual PE Digest

34:f1:1a:79:55:07:12:85:fe:be:04:c6:00:12:30:5f:07:56:82:79

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/TlbExp.exe
.exe windows:4 windows x64

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:92:4a:00:00:00:00:00:20
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:7b:cc:3b:37:21:63:52:66:50:2b:1c:ce:6a:a7:14:e1:16:ea:7d:87:d2:a0:d7:85:98:94:16:c1:ec:0d:e4
Signer

Actual PE Digest

0b:7b:cc:3b:37:21:63:52:66:50:2b:1c:ce:6a:a7:14:e1:16:ea:7d:87:d2:a0:d7:85:98:94:16:c1:ec:0d:e4

Digest Algorithm

sha256

PE Digest Matches

true

91:a1:69:dc:f9:b6:af:71:e2:cd:a9:05:5d:a0:38:3b:0d:ee:10:f0
Signer

Actual PE Digest

91:a1:69:dc:f9:b6:af:71:e2:cd:a9:05:5d:a0:38:3b:0d:ee:10:f0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/TlbImp.exe
.exe windows:4 windows x64

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ba:fb:bd:b8:5a:e5:63:96:0f:d5:b5:fa:ee:66:d1:16:74:da:fa:d0:29:5b:e4:ba:68:1f:4c:ac:35:47:8b:2d
Signer

Actual PE Digest

ba:fb:bd:b8:5a:e5:63:96:0f:d5:b5:fa:ee:66:d1:16:74:da:fa:d0:29:5b:e4:ba:68:1f:4c:ac:35:47:8b:2d

Digest Algorithm

sha256

PE Digest Matches

true

0c:1c:15:b5:6b:a5:d2:97:55:15:95:be:aa:bd:2c:fc:c5:fe:f1:19
Signer

Actual PE Digest

0c:1c:15:b5:6b:a5:d2:97:55:15:95:be:aa:bd:2c:fc:c5:fe:f1:19

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/Tracker.exe
.exe windows:6 windows x64

b517539aa03ef87abb610ee2854c1cd8

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:92:4a:00:00:00:00:00:20
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a7:69:24:4f:e4:41:ef:6b:1f:bd:c8:b9:b4:0d:ab:ba:48:c1:cf:7d:0e:73:fa:26:d2:04:2b:c3:34:7f:c2:24
Signer

Actual PE Digest

a7:69:24:4f:e4:41:ef:6b:1f:bd:c8:b9:b4:0d:ab:ba:48:c1:cf:7d:0e:73:fa:26:d2:04:2b:c3:34:7f:c2:24

Digest Algorithm

sha256

PE Digest Matches

true

9a:c4:d6:e5:38:a2:c5:3f:f1:b6:4d:45:3d:d6:0b:84:54:01:68:21
Signer

Actual PE Digest

9a:c4:d6:e5:38:a2:c5:3f:f1:b6:4d:45:3d:d6:0b:84:54:01:68:21

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegQueryValueExW
RegOpenKeyExW

kernel32

GetEnvironmentVariableW
RaiseException
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
GetExitCodeProcess
SetDllDirectoryW
HeapSetInformation
OpenEventW
SetEnvironmentVariableW
SetLastError
SearchPathW
CreateProcessW
ResumeThread
WaitForMultipleObjects
GenerateConsoleCtrlEvent
WaitForSingleObject
WideCharToMultiByte
GetCommandLineW
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
IsDebuggerPresent
IsProcessorFeaturePresent
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetCurrentThreadId
FreeEnvironmentStringsW
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
GetProcessHeap
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InitOnceExecuteOnce
GetStartupInfoW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount64
RtlUnwindEx
Sleep
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetModuleHandleW
LoadLibraryExW
OutputDebugStringW
LoadLibraryW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
HeapReAlloc
LCMapStringEx
GetStringTypeW
HeapSize
SetStdHandle
WriteConsoleW
CloseHandle
CreateFileW
HeapDestroy
VirtualAllocEx
VirtualProtectEx
VirtualQueryEx
ReadProcessMemory
WriteProcessMemory
IsWow64Process
FindClose
FindFirstFileW
FindNextFileW
GetFileAttributesW
GetFullPathNameW
GetLocaleInfoW
GetUserDefaultUILanguage
LocalFree
FormatMessageW
GetConsoleOutputCP
ReadFile
RtlPcToFileHeader
ReadConsoleW
SetFilePointer
SetEndOfFile

Sections

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/al.exe
.exe windows:6 windows x64

364ede3acace322dd1076fa9279da829

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:92:4a:00:00:00:00:00:20
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e9:63:7f:d6:cd:7b:ae:e4:db:d0:d1:28:8a:d8:15:34:db:d8:b8:3e:09:2a:5e:4c:6e:36:1d:78:91:a0:56:5e
Signer

Actual PE Digest

e9:63:7f:d6:cd:7b:ae:e4:db:d0:d1:28:8a:d8:15:34:db:d8:b8:3e:09:2a:5e:4c:6e:36:1d:78:91:a0:56:5e

Digest Algorithm

sha256

PE Digest Matches

true

c7:3c:39:9a:1e:2f:50:bb:37:70:3e:88:9d:b4:6f:c3:ca:4d:51:7a
Signer

Actual PE Digest

c7:3c:39:9a:1e:2f:50:bb:37:70:3e:88:9d:b4:6f:c3:ca:4d:51:7a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetProcessHeap
HeapAlloc
HeapFree
GetFileType
GetConsoleMode
GetConsoleCP
GetCurrentDirectoryW
FormatMessageW
GetLastError
GetProcAddress
FreeLibrary
LoadLibraryA
SwitchToThread
GetConsoleOutputCP
WideCharToMultiByte
GetConsoleScreenBufferInfo
GetStdHandle
GetModuleFileNameA
CreateFileW
GetVersionExA
MultiByteToWideChar
GetCommandLineW
CloseHandle
HeapSetInformation
ReadFile
GetTempPathW
GetTempFileNameW
WriteFile
DeleteFileW
LoadLibraryExA
RaiseException
HeapDestroy
LCMapStringA
GetEnvironmentVariableA
WriteConsoleW
LCMapStringEx
SetFilePointerEx
HeapReAlloc
LoadLibraryW
OutputDebugStringW
GetEnvironmentStringsW
SetLastError
GetShortPathNameW
GetShortPathNameA
GetFullPathNameW
FindFirstFileW
FindClose
GetFileSize
GetACP
GetCommandLineA
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetLocaleInfoEx
IsValidLocaleName
IsDebuggerPresent
IsProcessorFeaturePresent
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
GetTimeFormatEx
GetDateFormatEx
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetCurrentThreadId
FreeEnvironmentStringsW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
DeleteCriticalSection
InitOnceExecuteOnce
GetStartupInfoW
QueryPerformanceCounter
GetTickCount64
RtlUnwindEx
Sleep
GetCPInfo
IsValidCodePage
GetOEMCP
GetUserDefaultLocaleName
EnumSystemLocalesEx
GetStringTypeW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetModuleHandleW
HeapSize
ReadConsoleW
GetTimeZoneInformation
FlushFileBuffers
LoadLibraryExW
RtlPcToFileHeader

mscoree

ord22
CorBindToCurrentRuntime
GetCORVersion
LoadLibraryShim

shlwapi

PathCommonPrefixW
PathCanonicalizeW
PathIsRelativeW
PathRemoveFileSpecW
PathIsUNCW
PathIsURLW
PathCombineW
PathRelativePathToW

ole32

CoUninitialize
CoCreateInstance
CoInitializeEx

oleaut32

VariantInit
SetErrorInfo
VariantClear
GetErrorInfo
SysFreeString
SysAllocString

user32

LoadStringW

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/al.exe.config
.xml
Stub/SDKs/x64/clrver.exe
.exe windows:6 windows x64

3a07376d2c7c5610b71b0d9a122bf39b

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d3:05:8b:0f:50:ba:09:6d:89:56:15:4f:eb:85:4d:e8:05:1b:b1:83:b9:87:64:ab:ed:25:ab:cf:2d:b1:1c:4b
Signer

Actual PE Digest

d3:05:8b:0f:50:ba:09:6d:89:56:15:4f:eb:85:4d:e8:05:1b:b1:83:b9:87:64:ab:ed:25:ab:cf:2d:b1:1c:4b

Digest Algorithm

sha256

PE Digest Matches

true

8c:e0:7d:37:13:7d:fb:cb:5e:e1:30:ae:23:a6:47:77:cc:be:cb:ee
Signer

Actual PE Digest

8c:e0:7d:37:13:7d:fb:cb:5e:e1:30:ae:23:a6:47:77:cc:be:cb:ee

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

SetErrorMode
FreeLibrary
OpenProcess
GetProcAddress
LoadLibraryA
Process32FirstW
Module32FirstW
Process32NextW
HeapSetInformation
CreateToolhelp32Snapshot
Module32NextW
CloseHandle
GetCommandLineA
GetLastError
SetLastError
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetCurrentThreadId
FreeEnvironmentStringsW
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
GetProcessHeap
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InitOnceExecuteOnce
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount64
RtlUnwindEx
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetModuleHandleW
HeapFree
Sleep
LoadLibraryExW
GetEnvironmentStringsW
OutputDebugStringW
LoadLibraryW
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
SetFilePointerEx
LCMapStringEx
GetStringTypeW
HeapAlloc
HeapReAlloc
HeapSize
SetStdHandle
WriteConsoleW
FlushFileBuffers
CreateFileW

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/disco.exe
.exe windows:4 windows x64

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ea:01:82:46:69:d9:17:5e:75:ef:ef:d8:e6:eb:be:0f:b3:3a:ce:87:67:33:3c:03:c9:79:c7:03:99:fe:0b:a5
Signer

Actual PE Digest

ea:01:82:46:69:d9:17:5e:75:ef:ef:d8:e6:eb:be:0f:b3:3a:ce:87:67:33:3c:03:c9:79:c7:03:99:fe:0b:a5

Digest Algorithm

sha256

PE Digest Matches

true

6f:ac:f4:b7:c8:01:c5:82:00:42:66:aa:38:b4:e2:8d:5f:51:dd:07
Signer

Actual PE Digest

6f:ac:f4:b7:c8:01:c5:82:00:42:66:aa:38:b4:e2:8d:5f:51:dd:07

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/gacutil.exe
.exe windows:6 windows x64

1859f09c53c6a7ccf0c78b8dbd0cc5a9

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e6:e6:fa:e4:60:e9:9e:9e:01:41:7f:91:e9:72:c0:ee:c5:2b:39:e3:36:d6:70:8b:b0:e2:0c:90:a4:bb:bd:f4
Signer

Actual PE Digest

e6:e6:fa:e4:60:e9:9e:9e:01:41:7f:91:e9:72:c0:ee:c5:2b:39:e3:36:d6:70:8b:b0:e2:0c:90:a4:bb:bd:f4

Digest Algorithm

sha256

PE Digest Matches

true

6b:30:52:18:46:f8:f4:93:91:7a:f1:02:8c:bf:a3:0a:33:1e:3b:c6
Signer

Actual PE Digest

6b:30:52:18:46:f8:f4:93:91:7a:f1:02:8c:bf:a3:0a:33:1e:3b:c6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetFullPathNameW
FindFirstFileW
lstrlenA
FreeLibrary
LoadLibraryExW
GetModuleHandleW
WriteFile
WideCharToMultiByte
GetLocaleInfoW
FormatMessageW
GetFileAttributesW
ReadFile
GetModuleFileNameW
CreateFileW
MultiByteToWideChar
lstrlenW
GetConsoleOutputCP
GetStdHandle
GetLastError
GetProcAddress
FindClose
GetFileType
GetModuleHandleA
HeapSetInformation
FindNextFileW
GetUserDefaultUILanguage
CloseHandle
LocalFree
WriteConsoleW
SetStdHandle
CompareStringEx
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetCommandLineW
HeapFree
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
GetEnvironmentVariableW
SetLastError
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetCurrentThreadId
FreeEnvironmentStringsW
ExitProcess
GetModuleHandleExW
GetProcessHeap
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InitOnceExecuteOnce
GetStartupInfoW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount64
RtlUnwindEx
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
HeapSize
Sleep
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
RtlPcToFileHeader
RaiseException
OutputDebugStringW
LoadLibraryW
LCMapStringEx
GetStringTypeW
HeapReAlloc
FlushFileBuffers

mscoree

CLRCreateInstance

user32

LoadStringW

shlwapi

PathCombineW

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/gacutil.exe.config
.xml
Stub/SDKs/x64/ildasm.exe
.exe windows:6 windows x64

ad5fa249b30d415c373e2bb8cdc77172

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:92:4a:00:00:00:00:00:20
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

40:10:51:ca:31:06:d0:d4:ee:3b:16:52:64:57:a9:08:7f:46:2a:ce:db:07:d8:ee:dd:3b:a0:68:9e:c5:73:f1
Signer

Actual PE Digest

40:10:51:ca:31:06:d0:d4:ee:3b:16:52:64:57:a9:08:7f:46:2a:ce:db:07:d8:ee:dd:3b:a0:68:9e:c5:73:f1

Digest Algorithm

sha256

PE Digest Matches

true

ce:20:ad:e9:f4:66:0f:31:38:50:da:1a:73:9d:4e:97:83:3e:f5:3f
Signer

Actual PE Digest

ce:20:ad:e9:f4:66:0f:31:38:50:da:1a:73:9d:4e:97:83:3e:f5:3f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetStdHandle
SetEndOfFile
LoadLibraryExA
GetCommandLineW
ExpandEnvironmentStringsA
CreateProcessW
GetConsoleOutputCP
SetStdHandle
HeapSetInformation
GetFullPathNameW
WriteFile
LoadLibraryW
SetLastError
CreateFileMappingA
lstrlenW
FormatMessageW
WriteConsoleW
SwitchToThread
HeapReAlloc
SetFilePointerEx
LCMapStringEx
GetStringTypeW
HeapSize
GetOEMCP
IsValidCodePage
ReadConsoleW
ReadFile
GetConsoleMode
CreateFileW
FlushFileBuffers
Sleep
RtlUnwindEx
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetTickCount64
GetModuleFileNameA
GetStartupInfoW
InitOnceExecuteOnce
InitializeCriticalSectionAndSpinCount
GetFileType
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
AreFileApisANSI
GetModuleHandleExW
ExitProcess
IsProcessorFeaturePresent
GetCommandLineA
DecodePointer
EncodePointer
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentVariableA
TlsFree
TlsAlloc
ReleaseMutex
DeleteCriticalSection
MapViewOfFile
CreateFileMappingW
GetFileSize
UnmapViewOfFile
GetModuleHandleW
GetWindowsDirectoryA
WideCharToMultiByte
CloseHandle
MultiByteToWideChar
GetLastError
DebugBreak
FreeLibrary
GetProcAddress
LoadLibraryExW
OutputDebugStringW
IsDebuggerPresent
WaitForSingleObject
CreateThread
CreateEventW
SetEvent
GetConsoleCP
TlsGetValue
FindFirstFileW
GetLocaleInfoW
GetFileAttributesW
FindClose
FindNextFileW
GetUserDefaultUILanguage
GetCurrentProcess
TerminateProcess
GetModuleFileNameW
GetCPInfo
GetACP
LocalFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCurrentThreadId
RaiseException
GetEnvironmentVariableW
CreateMutexW
VirtualQuery
HeapAlloc
HeapFree
SleepEx
WaitForSingleObjectEx
VirtualFree
GetProcessHeap
InitializeCriticalSection
TlsSetValue
HeapDestroy
LeaveCriticalSection
HeapCreate
HeapValidate
ReleaseSemaphore
VirtualAlloc
EnterCriticalSection
ResetEvent
CreateSemaphoreW
VirtualProtect
RtlPcToFileHeader

mscoree

CoUninitializeCor
CoInitializeEE
CoUninitializeEE
CoInitializeCor
GetRequestedRuntimeInfo

gdi32

CreateSolidBrush
TextOutW
SetTextColor
SetBkColor
DeleteObject
GetTextMetricsW
CreateFontIndirectW
GetStockObject

comctl32

ImageList_Create
ImageList_Add
InitCommonControlsEx
ord17

comdlg32

GetOpenFileNameW
GetSaveFileNameW
FindTextW
ChooseFontW

ole32

CoUninitialize
CoCreateInstance
CoInitialize
StringFromGUID2

user32

LoadStringW
TranslateAcceleratorW
IsDialogMessageW
LoadAcceleratorsW
GetWindowRect
GetActiveWindow
DialogBoxParamW
EnableWindow
GetDlgItem
EndDialog
SendDlgItemMessageW
PostQuitMessage
MoveWindow
FillRect
DrawFocusRect
SetCursor
LoadCursorW
CheckMenuItem
ReleaseDC
GetDC
RegisterWindowMessageW
GetSysColor
LoadImageW
AppendMenuW
CreateMenu
SetFocus
UpdateWindow
ShowWindow
DrawMenuBar
EnableMenuItem
DispatchMessageW
TranslateMessage
GetMessageW
SendMessageW
SendMessageA
GetClientRect
CreateWindowExW
GetSystemMetrics
RegisterClassW
LoadIconW
DefWindowProcW
DestroyWindow
PostMessageA

shell32

CommandLineToArgvW
DragAcceptFiles
DragFinish
DragQueryFileW

oleaut32

SetErrorInfo
SysAllocStringLen
SysAllocString
VariantChangeType
VariantClear
VariantInit
GetErrorInfo
SysFreeString

advapi32

RegQueryValueExA
RegOpenKeyExA
RegOpenKeyExW
EventWrite
RegCloseKey
RegQueryValueExW

Sections

.text
Size: 367KB - Virtual size: 366KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 883KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/ildasm.exe.config
.xml
Stub/SDKs/x64/lc.exe
.exe windows:4 windows x64

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:b6:a6:e0:32:e8:ef:ef:25:b5:e0:8c:2e:7b:81:13:a1:0c:2c:d1:ac:f9:ee:c5:d3:7b:58:1a:84:94:93:d2
Signer

Actual PE Digest

09:b6:a6:e0:32:e8:ef:ef:25:b5:e0:8c:2e:7b:81:13:a1:0c:2c:d1:ac:f9:ee:c5:d3:7b:58:1a:84:94:93:d2

Digest Algorithm

sha256

PE Digest Matches

true

8f:a3:18:26:12:66:06:7c:a8:c5:c1:9c:25:db:68:87:ff:e7:65:ce
Signer

Actual PE Digest

8f:a3:18:26:12:66:06:7c:a8:c5:c1:9c:25:db:68:87:ff:e7:65:ce

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/lc.exe.config
.xml
Stub/SDKs/x64/sgen.exe
.exe windows:4 windows x64

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:fe:e8:99:1d:b2:41:88:6d:e3:62:7e:f2:5b:de:23:12:97:75:92:26:e3:42:88:ac:7d:2c:1d:b2:9d:3c:f6
Signer

Actual PE Digest

8c:fe:e8:99:1d:b2:41:88:6d:e3:62:7e:f2:5b:de:23:12:97:75:92:26:e3:42:88:ac:7d:2c:1d:b2:9d:3c:f6

Digest Algorithm

sha256

PE Digest Matches

true

f0:88:e7:bb:74:fe:a8:40:f5:71:b9:a3:cb:0f:a1:79:bb:a6:0e:2c
Signer

Actual PE Digest

f0:88:e7:bb:74:fe:a8:40:f5:71:b9:a3:cb:0f:a1:79:bb:a6:0e:2c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/sn.exe
.exe windows:6 windows x64

b43e39f72141c38455537524fa7ef186

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2f:42:18:8c:1d:28:0c:07:7d:54:1a:a4:24:47:be:b5:61:37:f0:3b:33:5d:3d:63:1d:21:c7:bb:43:3b:ae:7b
Signer

Actual PE Digest

2f:42:18:8c:1d:28:0c:07:7d:54:1a:a4:24:47:be:b5:61:37:f0:3b:33:5d:3d:63:1d:21:c7:bb:43:3b:ae:7b

Digest Algorithm

sha256

PE Digest Matches

true

c7:77:d5:d2:7c:f8:64:ef:37:ba:db:fc:67:17:78:51:ff:07:4a:d0
Signer

Actual PE Digest

c7:77:d5:d2:7c:f8:64:ef:37:ba:db:fc:67:17:78:51:ff:07:4a:d0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

CryptAcquireContextW
CryptReleaseContext
CryptImportKey
CryptDestroyKey
CryptExportKey
RegQueryValueExW
RegDeleteKeyW
CryptSignHashW
RegDeleteValueW
CryptCreateHash
RegEnumKeyExW
CryptDestroyHash
CryptGetUserKey
RegCloseKey
RegSetValueExW
CryptHashData
EventWrite
RegOpenKeyExW
RegCreateKeyExW

kernel32

WriteConsoleW
HeapReAlloc
SetFilePointerEx
LoadLibraryW
MultiByteToWideChar
CloseHandle
LCMapStringEx
GetStringTypeW
HeapSize
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
CreateFileMappingW
GetFileType
GlobalFree
GetProcAddress
SetLastError
GetLastError
GetStdHandle
GlobalUnlock
FlushFileBuffers
RtlCaptureContext
Sleep
GetOEMCP
IsValidCodePage
RtlUnwindEx
GetTickCount64
GetStartupInfoW
InitOnceExecuteOnce
GetModuleHandleExW
ExitProcess
FlsFree
CreateFileW
ReadFile
SetConsoleMode
FormatMessageW
GetConsoleMode
GlobalAlloc
GetConsoleCP
WriteFile
GlobalLock
LoadLibraryExW
FreeLibrary
UnmapViewOfFile
MapViewOfFile
GetFileSize
TlsGetValue
GetEnvironmentVariableW
GetEnvironmentStringsW
GetModuleFileNameW
lstrlenW
FreeEnvironmentStringsW
FindFirstFileW
GetModuleHandleW
GetLocaleInfoW
GetFileAttributesW
GetConsoleOutputCP
FindClose
FindNextFileW
GetUserDefaultUILanguage
GetCurrentProcess
HeapSetInformation
CreateMutexW
VirtualQuery
HeapAlloc
HeapFree
SetEvent
SleepEx
WaitForSingleObjectEx
VirtualFree
GetProcessHeap
InitializeCriticalSection
TlsSetValue
HeapDestroy
LeaveCriticalSection
HeapCreate
HeapValidate
ReleaseSemaphore
RaiseException
VirtualAlloc
EnterCriticalSection
ResetEvent
CreateSemaphoreW
CreateEventW
VirtualProtect
DeleteCriticalSection
ReleaseMutex
TlsAlloc
TlsFree
DebugBreak
GetCPInfo
WideCharToMultiByte
GetACP
LocalFree
TerminateProcess
GetEnvironmentVariableA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCurrentThreadId
OutputDebugStringW
IsDebuggerPresent
EncodePointer
DecodePointer
GetCommandLineW
IsProcessorFeaturePresent
SetStdHandle
InitializeCriticalSectionAndSpinCount
FlsAlloc
FlsGetValue
FlsSetValue
RtlPcToFileHeader

mscoree

StrongNameGetPublicKey
GetRequestedRuntimeInfo
StrongNameSignatureGenerationEx
StrongNameKeyGenEx
CLRCreateInstance
StrongNameKeyDelete
StrongNameKeyInstall
StrongNameFreeBuffer
StrongNameErrorInfo
StrongNameTokenFromPublicKey
StrongNameCompareAssemblies
StrongNameKeyGen
StrongNameTokenFromAssemblyEx

crypt32

CertSetCertificateContextProperty
CertDuplicateCertificateContext
CertEnumCertificatesInStore
PFXImportCertStore
CertGetCertificateContextProperty
CertCloseStore
CertFreeCertificateContext
CryptQueryObject

user32

OpenClipboard
LoadStringW
SetClipboardData
CloseClipboard
EmptyClipboard

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SetErrorInfo

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/sn.exe.config
.xml
Stub/SDKs/x64/wsdl.exe
.exe windows:4 windows x64

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2f:fa:3c:f9:14:e5:89:d7:dc:79:e0:c7:40:46:08:26:9c:3f:42:7c:8d:11:25:80:96:4b:4b:71:38:43:07:99
Signer

Actual PE Digest

2f:fa:3c:f9:14:e5:89:d7:dc:79:e0:c7:40:46:08:26:9c:3f:42:7c:8d:11:25:80:96:4b:4b:71:38:43:07:99

Digest Algorithm

sha256

PE Digest Matches

true

a5:50:34:6c:a4:1b:00:49:83:1d:b7:a3:fe:e9:41:1a:43:9a:25:b4
Signer

Actual PE Digest

a5:50:34:6c:a4:1b:00:49:83:1d:b7:a3:fe:e9:41:1a:43:9a:25:b4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Stub/SDKs/x64/wsdl.exe.config
.xml
Stub/SDKs/x64/xsd.exe
.exe windows:4 windows x64

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-09-2012 21:12

Not After

04-12-2013 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

12:ba:7b:98:21:eb:67:54:d7:3b:64:28:b7:b1:f1:ea:77:4b:40:01:31:6b:15:75:44:be:c6:03:e2:e7:bf:a8
Signer

Actual PE Digest

12:ba:7b:98:21:eb:67:54:d7:3b:64:28:b7:b1:f1:ea:77:4b:40:01:31:6b:15:75:44:be:c6:03:e2:e7:bf:a8

Digest Algorithm

sha256

PE Digest Matches

true

b5:1d:ff:45:19:ad:ee:f5:f3:e0:98:3b:72:19:79:02:35:be:ac:c5
Signer

Actual PE Digest

b5:1d:ff:45:19:ad:ee:f5:f3:e0:98:3b:72:19:79:02:35:be:ac:c5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Stub/SDKs/xsd.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

17:32:7e:01:07:d4:f2:ab:9c:5b:1c:29:8a:88:dd:11:a6:14:e3:ff:80:92:43:7a:74:5d:29:61:e8:13:ed:60
Signer

Actual PE Digest

17:32:7e:01:07:d4:f2:ab:9c:5b:1c:29:8a:88:dd:11:a6:14:e3:ff:80:92:43:7a:74:5d:29:61:e8:13:ed:60

Digest Algorithm

sha256

PE Digest Matches

true

75:18:fb:16:70:1a:b0:99:65:a6:5e:c0:31:39:79:f5:99:61:3b:4a
Signer

Actual PE Digest

75:18:fb:16:70:1a:b0:99:65:a6:5e:c0:31:39:79:f5:99:61:3b:4a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/SDKs/xsltc.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-07-2012 20:50

Not After

26-10-2013 20:50

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:02:8e:42:00:00:00:00:00:1f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-01-2012 22:25

Not After

09-04-2013 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2012 00:14

Not After

07-10-2013 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e8:99:f3:d5:39:4b:b7:49:96:8f:55:e3:f4:cc:27:12:e2:99:a3:36:eb:5c:89:b6:1b:89:ba:c0:be:af:96:58
Signer

Actual PE Digest

e8:99:f3:d5:39:4b:b7:49:96:8f:55:e3:f4:cc:27:12:e2:99:a3:36:eb:5c:89:b6:1b:89:ba:c0:be:af:96:58

Digest Algorithm

sha256

PE Digest Matches

true

13:b6:ea:45:8a:b1:ec:59:38:98:31:f0:d7:78:69:6e:87:f0:00:42
Signer

Actual PE Digest

13:b6:ea:45:8a:b1:ec:59:38:98:31:f0:d7:78:69:6e:87:f0:00:42

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/packages/DllExport.1.5.2/3rd-party.txt
Stub/packages/DllExport.1.5.2/CPLApplet.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/packages/DllExport.1.5.2/DllExport.1.5.2.nupkg
.nupkg
Stub/packages/DllExport.1.5.2/License.txt
Stub/packages/DllExport.1.5.2/Readme.md
Stub/packages/DllExport.1.5.2/changelog.txt
Stub/packages/DllExport.1.5.2/lib/CPLApplet.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/packages/DllExport.1.5.2/lib/net20/CPLApplet.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/packages/DllExport.1.5.2/lib/net20/DllExport.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/packages/DllExport.1.5.2/lib/net20/DllExport.dll.ddNSi
Stub/packages/DllExport.1.5.2/lib/net20/DllExport.dll.raw
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/packages/DllExport.1.5.2/tools/CPLApplet.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/packages/DllExport.1.5.2/tools/DllExportCmdLets.psm1
.ps1
Stub/packages/DllExport.1.5.2/tools/Microsoft.Build.Framework.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22-08-2007 22:31

Not After

25-08-2012 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-12-2009 22:40

Not After

07-03-2011 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16-09-2006 01:04

Not After

15-09-2019 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25-07-2008 19:01

Not After

25-07-2013 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

17:2d:e7:d0:2d:52:fd:a6:20:2d:22:71:ee:22:7c:2b:29:66:27:19
Signer

Actual PE Digest

17:2d:e7:d0:2d:52:fd:a6:20:2d:22:71:ee:22:7c:2b:29:66:27:19

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/packages/DllExport.1.5.2/tools/Microsoft.Build.Utilities.v4.0.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22-08-2007 22:31

Not After

25-08-2012 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-12-2009 22:40

Not After

07-03-2011 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16-09-2006 01:04

Not After

15-09-2019 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25-07-2008 19:01

Not After

25-07-2013 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

99:6b:ca:86:0b:d2:4f:9e:29:f0:66:22:58:b3:7d:6c:db:82:07:7e
Signer

Actual PE Digest

99:6b:ca:86:0b:d2:4f:9e:29:f0:66:22:58:b3:7d:6c:db:82:07:7e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/packages/DllExport.1.5.2/tools/Microsoft.Management.Infrastructure.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/packages/DllExport.1.5.2/tools/Mono.Cecil.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 261KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/packages/DllExport.1.5.2/tools/NSBin.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/packages/DllExport.1.5.2/tools/NSBin.pdb
Stub/packages/DllExport.1.5.2/tools/RGiesecke.DllExport.MSBuild.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/packages/DllExport.1.5.2/tools/RGiesecke.DllExport.MSBuild.pdb
Stub/packages/DllExport.1.5.2/tools/RGiesecke.DllExport.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/packages/DllExport.1.5.2/tools/RGiesecke.DllExport.pdb
Stub/packages/DllExport.1.5.2/tools/System.Management.Automation.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/packages/DllExport.1.5.2/tools/coreclr/CPLApplet.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/packages/DllExport.1.5.2/tools/coreclr/LICENSE.TXT
Stub/packages/DllExport.1.5.2/tools/coreclr/PATENTS.TXT
Stub/packages/DllExport.1.5.2/tools/coreclr/README.md
Stub/packages/DllExport.1.5.2/tools/coreclr/_Version.txt
Stub/packages/DllExport.1.5.2/tools/coreclr/changelog.txt
Stub/packages/DllExport.1.5.2/tools/coreclr/coreclr.dll
.dll windows:6 windows x86

4ec23ad5e3f71ff3322a6bac0917b9bd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemTimeAsFileTime
RaiseException
FreeLibrary
GetCurrentProcessId
OutputDebugStringW
IsDebuggerPresent
GetProcAddress
DebugBreak
TerminateProcess
GetCurrentProcess
GetSystemDefaultLocaleName
GetUserPreferredUILanguages
GetUserDefaultLocaleName
GetLocaleInfoEx
CompareStringEx
CompareStringOrdinal
LCMapStringEx
FindNLSStringEx
GetCalendarInfoEx
LCIDToLocaleName
LocaleNameToLCID
EnumTimeFormatsEx
EnumCalendarInfoExEx
ResolveLocaleName
GetThreadPreferredUILanguages
EnumSystemLocalesEx
GetSystemInfo
GetModuleHandleW
SwitchToThread
GetProcessAffinityMask
FlushInstructionCache
VerSetConditionMask
VerifyVersionInfoW
IsWow64Process
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetErrorMode
CloseHandle
CreateProcessW
GetCurrentThread
WriteFile
GetStdHandle
GetConsoleOutputCP
GetLogicalProcessorInformation
SetThreadLocale
MapViewOfFileEx
UnmapViewOfFile
GetTickCount
QueryPerformanceCounter
GetStringTypeExW
WaitForSingleObject
GetTickCount64
CreateFileMappingW
GetFileSize
GlobalMemoryStatusEx
TlsGetValue
TlsSetValue
TlsAlloc
TlsFree
HeapAlloc
GetProcessHeap
HeapFree
ReleaseMutex
SetEvent
ReleaseSemaphore
WaitForMultipleObjectsEx
CreateMutexW
CreateEventW
CreateSemaphoreExW
OpenProcess
SetConsoleCtrlHandler
GetCurrentThreadId
GetVersionExW
InterlockedPushEntrySList
GetThreadContext
SuspendThread
ResumeThread
SetThreadContext
Sleep
FlushProcessWriteBuffers
QueueUserAPC
VirtualQuery
QueryPerformanceFrequency
InitializeSListHead
InterlockedPopEntrySList
GetCommandLineW
RaiseFailFastException
UnhandledExceptionFilter
SetUnhandledExceptionFilter
AddVectoredExceptionHandler
RemoveVectoredExceptionHandler
DuplicateHandle
WaitForSingleObjectEx
SetThreadPriority
GetThreadPriority
SetThreadStackGuarantee
GetThreadTimes
VirtualAlloc
VirtualFree
VirtualProtect
HeapCreate
HeapDestroy
HeapValidate
SleepEx
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ResetEvent
GetThreadLocale
CloseThreadpoolTimer
CreateThreadpoolTimer
SetThreadpoolTimer
ExitProcess
SetFilePointer
ReadFile
GetProcessTimes
InterlockedFlushSList
GetDriveTypeW
CreateMemoryResourceNotification
RtlUnwind
GetSystemDefaultLCID
GetUserDefaultLCID
GetCurrentProcessorNumber
CreateIoCompletionPort
PostQueuedCompletionStatus
GetQueuedCompletionStatus
ReadProcessMemory
lstrlenW
OutputDebugStringA
SetThreadIdealProcessorEx
GetThreadIdealProcessorEx
VirtualUnlock
ResetWriteWatch
GetWriteWatch
SetThreadAffinityMask
MapViewOfFile
FlushFileBuffers
GetLocalTime
GetTimeFormatW
GetDateFormatW
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
FindStringOrdinal
GetSystemDefaultUILanguage
GetLocaleInfoW
IsValidLocaleName
LocalFree
FormatMessageW
WideCharToMultiByte
IsDBCSLeadByte
GetCPInfo
GetACP
GetFullPathNameW
GetEnvironmentVariableW
GetCurrentDirectoryW
GetModuleFileNameW
CreateDirectoryW
GetLongPathNameW
GetLastError
EncodePointer
GetFileAttributesExW
GetFileAttributesW
CreateFileW
LoadLibraryExW
SetLastError
MultiByteToWideChar
CreateThread
ExitThread
OpenEventW
LoadLibraryW
LoadLibraryExA

advapi32

SetKernelObjectSecurity
ImpersonateLoggedOnUser
CryptReleaseContext
CryptGenRandom
CryptAcquireContextW
EventRegister
GetTokenInformation
EventWrite
SetThreadToken
OpenProcessToken
RevertToSelf
OpenThreadToken
RegEnumValueW
DeregisterEventSource
ReportEventW
RegisterEventSourceW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

ole32

CoCreateGuid
CoTaskMemAlloc
CoCreateFreeThreadedMarshaler
CLSIDFromProgID
CoReleaseMarshalData
StringFromGUID2
CoRevokeInitializeSpy
CoUninitialize
CoWaitForMultipleHandles
CoRegisterInitializeSpy
CoInitializeEx
IIDFromString
CoGetObjectContext
CoGetContextToken
CoGetMarshalSizeMax
CoMarshalInterface
CoUnmarshalInterface
CoGetClassObject
CoTaskMemFree
CreateStreamOnHGlobal

oleaut32

SafeArraySetRecordInfo
VarDecMul
SetErrorInfo
CreateErrorInfo
SysFreeString
LoadRegTypeLi
SysAllocString
SysStringLen
GetErrorInfo
SafeArrayGetVartype
VariantChangeType
VariantChangeTypeEx
SysAllocStringLen
VarDecCmp
SafeArrayDestroy
SafeArrayCreateVector
SafeArrayPutElement
VariantClear
VariantInit
VarDecFromCy
VarCyFromDec
SafeArrayAllocDescriptorEx
GetRecordInfoFromTypeInfo
VarDecRound
SafeArrayAllocData
SafeArrayGetElemsize
SafeArrayGetRecordInfo
SysStringByteLen
SysAllocStringByteLen
SafeArrayGetDim
SafeArrayGetLBound
VarDecFromR4
VarDecFromR8
VarR8FromDec
VarDecFix
VarDecInt
VarR4FromDec

user32

LoadStringW

version

VerQueryValueW
GetFileVersionInfoExW
GetFileVersionInfoSizeExW

shlwapi

PathFindFileNameW

bcrypt

BCryptGetProperty
BCryptFinishHash
BCryptDestroyHash
BCryptOpenAlgorithmProvider
BCryptCloseAlgorithmProvider
BCryptCreateHash
BCryptHashData

api-ms-win-crt-string-l1-1-0

towlower
wcsnlen
_wcsicmp
towupper
_strnicmp
isdigit
isalpha
iswascii
_stricmp
strnlen
iswspace
iswupper
strcat_s
strcmp
strncat_s
strlen
wcsncat_s
wcscat_s
strncmp
wcsncmp
strncpy_s
strcpy_s
wcsncpy_s
wcscpy_s

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf_s
fputs
fclose
_putws
__stdio_common_vfwprintf
_flushall
fflush
fwrite
__stdio_common_vsprintf_s
__acrt_iob_func
__stdio_common_vsnwprintf_s
_wfopen_s
__stdio_common_vfprintf
__stdio_common_vsnprintf_s
__stdio_common_vswscanf
_wfopen

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_invalid_parameter_noinfo
_errno
_configure_narrow_argv
_controlfp_s
_initialize_narrow_environment
abort
terminate
_initialize_onexit_table
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initterm

api-ms-win-crt-convert-l1-1-0

wcstoul
atol
_itow_s
atoi
_ltow_s

api-ms-win-crt-utility-l1-1-0

ldiv
qsort
bsearch

api-ms-win-crt-math-l1-1-0

__libm_sse2_asin
_isnan
_libm_sse2_log10_precise
_libm_sse2_log_precise
_libm_sse2_pow_precise
_copysign
__libm_sse2_atan
ceil
floor
__libm_sse2_acos
_CItanh
_CIsinh
_CIfmod
_CIcosh
__libm_sse2_atan2
_except1
__libm_sse2_cos
__libm_sse2_pow
__libm_sse2_sin
__libm_sse2_tan
modf
_libm_sse2_exp_precise

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-filesystem-l1-1-0

_wmakepath_s
_wsplitpath_s

api-ms-win-crt-heap-l1-1-0

_free_base
_calloc_base
malloc
free

Exports

Exports

GetCLRRuntimeHost
GetMetaDataInternalInterface
GetMetaDataInternalInterfaceFromPublic
GetMetaDataPublicInterfaceFromInternal
MetaDataGetDispenser
coreclr_create_delegate
coreclr_execute_assembly
coreclr_initialize
coreclr_shutdown
g_CLREngineMetrics

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CLR_UEF
Size: 512B - Virtual size: 91B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 650KB - Virtual size: 650KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/packages/DllExport.1.5.2/tools/coreclr/ilasm.exe
.exe windows:6 windows x86

ced05e986d6b96987cf3863cf7e57f3d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

coreclr

MetaDataGetDispenser

ole32

StringFromGUID2
CreateStreamOnHGlobal
CoCreateGuid
IIDFromString
CoTaskMemAlloc

oleaut32

SetErrorInfo
SysFreeString
SysAllocString
CreateErrorInfo

kernel32

GetLastError
CloseHandle
GetFileSize
GetFullPathNameW
GetConsoleOutputCP
SetEnvironmentVariableW
UnmapViewOfFile
GetBinaryTypeA
DeleteFileW
HeapSetInformation
CreateFileMappingW
MapViewOfFile
GetStdHandle
GetProcessHeap
HeapAlloc
HeapFree
LoadLibraryExW
CreateFileW
SearchPathW
GetModuleFileNameW
GetTempFileNameW
GetTempPathW
GetEnvironmentVariableW
FindFirstFileExW
GetACP
GetCPInfo
FormatMessageW
LocalFree
FindClose
FreeLibrary
GetProcAddress
GetModuleHandleW
GetCurrentProcess
FlushInstructionCache
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
CreateEventW
SetEvent
ResetEvent
SetLastError
ReleaseSemaphore
TlsGetValue
TlsSetValue
TlsAlloc
TlsFree
WaitForSingleObjectEx
CreateMutexW
ReleaseMutex
SleepEx
VirtualAlloc
VirtualFree
VirtualQuery
VirtualProtect
HeapCreate
HeapDestroy
HeapValidate
GetCurrentThreadId
GetSystemTimeAsFileTime
TerminateProcess
IsDebuggerPresent
CreateProcessW
GetCurrentThread
lstrlenW
WaitForSingleObject
ReadFile
GetExitCodeProcess
WriteFile
SetFilePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
InitializeSListHead
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetTickCount
WideCharToMultiByte
MultiByteToWideChar
EncodePointer
CreateSemaphoreExW

advapi32

SetThreadToken
RevertToSelf
OpenThreadToken
IsTextUnicode

user32

LoadStringW

shlwapi

PathFindExtensionW

api-ms-win-crt-stdio-l1-1-0

_set_fmode
fopen_s
__p__commode
__stdio_common_vsnwprintf_s
__stdio_common_vfprintf
__stdio_common_vsprintf_s
fread
__stdio_common_vsnprintf_s
__acrt_iob_func
_wfopen_s
__stdio_common_vswprintf
__stdio_common_vswscanf
fwrite
fclose

api-ms-win-crt-string-l1-1-0

isdigit
wcscpy_s
_wcsicmp
strcat_s
strcpy_s
strncmp
wcsncmp
strncpy_s
isspace
wcscat_s
wcsncpy_s
_stricmp

api-ms-win-crt-convert-l1-1-0

wcstod
atoi
strtod

api-ms-win-crt-runtime-l1-1-0

_set_app_type
exit
_seh_filter_exe
_cexit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
abort
_controlfp_s
_errno
terminate
_register_thread_local_exe_atexit_callback
_initialize_wide_environment
_c_exit
__p___wargv
__p___argc
_get_initial_wide_environment
_exit
_initterm_e
_initterm
_configure_wide_argv

api-ms-win-crt-multibyte-l1-1-0

_mbsinc

api-ms-win-crt-heap-l1-1-0

_free_base
_set_new_mode
free
_calloc_base
malloc

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-math-l1-1-0

__setusermatherr
_except1

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 227KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/packages/DllExport.1.5.2/tools/coreclr/ildasm.exe
.exe windows:6 windows x86

04376759df9b9515a9f9fabe4dd97d99

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

coreclr

MetaDataGetDispenser
GetMetaDataPublicInterfaceFromInternal
GetMetaDataInternalInterfaceFromPublic
GetMetaDataInternalInterface

ole32

StringFromGUID2

oleaut32

SetErrorInfo
VariantInit
SysFreeString
GetErrorInfo
SysAllocString
SysAllocStringLen
VariantChangeType
VariantClear

kernel32

UnmapViewOfFile
CloseHandle
GetFileSize
CreateFileMappingW
MapViewOfFile
SetLastError
WriteFile
MultiByteToWideChar
GetLastError
WideCharToMultiByte
CreateFileMappingA
GetCommandLineW
GetFullPathNameW
GetConsoleOutputCP
GetStdHandle
HeapSetInformation
LoadLibraryExW
CreateFileW
GetFileAttributesW
GetModuleFileNameW
GetEnvironmentVariableW
GetProcessHeap
HeapAlloc
HeapFree
GetACP
GetCPInfo
FormatMessageW
LocalFree
GetCurrentThreadId
GetSystemTimeAsFileTime
RaiseException
FindClose
FreeLibrary
GetProcAddress
GetModuleHandleW
GetCurrentProcess
TerminateProcess
GetLocaleInfoW
GetUserDefaultUILanguage
FindFirstFileW
FindNextFileW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
CreateEventW
SetEvent
ResetEvent
CreateSemaphoreExW
ReleaseSemaphore
TlsGetValue
TlsSetValue
TlsAlloc
TlsFree
WaitForSingleObjectEx
CreateMutexW
ReleaseMutex
SleepEx
VirtualAlloc
VirtualFree
VirtualQuery
VirtualProtect
HeapCreate
HeapDestroy
HeapValidate
EncodePointer
IsDebuggerPresent
GetEnvironmentVariableA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
InitializeSListHead
InitializeCriticalSectionAndSpinCount
RtlUnwind

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

user32

LoadStringW

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsnwprintf_s
__stdio_common_vsnprintf_s
_set_fmode
fopen_s
fgets
__stdio_common_vfprintf
__acrt_iob_func
__stdio_common_vswprintf_s
__p__commode
fwrite
__stdio_common_vsprintf_s
fclose
_wfopen_s

api-ms-win-crt-string-l1-1-0

wcsncmp
wcsncpy_s
_wcsnicmp
iswprint
isprint
strcat_s
_wcsicmp
_stricmp
strncmp
strcpy_s
wcscat_s
wcscpy_s
strncpy_s

api-ms-win-crt-convert-l1-1-0

_wtoi
wcstoul
_itow_s
atoi
_gcvt_s
atof
strtod

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
exit
_register_onexit_function
_controlfp_s
_initialize_onexit_table
_c_exit
_initialize_narrow_environment
_configure_narrow_argv
__p___argv
__p___argc
_errno
_cexit
_get_initial_narrow_environment
_exit
_initterm_e
abort
terminate
_seh_filter_exe
_register_thread_local_exe_atexit_callback
_initterm
_set_app_type

api-ms-win-crt-filesystem-l1-1-0

_wsplitpath_s

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-heap-l1-1-0

_calloc_base
_free_base
_set_new_mode
malloc
free

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 241KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 852KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/packages/DllExport.1.5.2/tools/coreclr/ildasmrc.dll
.dll windows:6 windows x86

d792987269cb06308dbf75f94f5169c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_cexit
_initterm
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment

api-ms-win-crt-heap-l1-1-0

_calloc_base
_free_base

kernel32

GetSystemTimeAsFileTime
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetCurrentProcess
SetLastError
IsProcessorFeaturePresent
GetLastError
TerminateProcess
RtlUnwind
InterlockedFlushSList
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
UnhandledExceptionFilter
InitializeSListHead
IsDebuggerPresent

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 700B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/packages/DllExport.1.5.2/tools/coreclr/mscordaccore.dll
.dll windows:6 windows x86

7a08a43df1dd263450c1a5425087d37d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcess
SetFilePointer
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
FlushFileBuffers
WriteFile
ReadFile
CreateEventW
SetEvent
ResetEvent
CreateSemaphoreExW
ReleaseSemaphore
TlsGetValue
TlsSetValue
TlsAlloc
TlsFree
HeapAlloc
GetProcessHeap
RaiseException
HeapFree
WaitForSingleObjectEx
CreateMutexW
ReleaseMutex
SleepEx
VirtualAlloc
VirtualFree
VirtualQuery
VirtualProtect
HeapCreate
HeapDestroy
HeapValidate
GetACP
GetCPInfo
IsDBCSLeadByte
FormatMessageW
LocalFree
SetLastError
GetCurrentThreadId
GetSystemTimeAsFileTime
ReadProcessMemory
SwitchToThread
GetProcessAffinityMask
GetEnvironmentVariableW
GetFullPathNameW
DebugBreak
TerminateProcess
LoadLibraryExW
CreateFileW
GetFileAttributesExW
GetModuleFileNameW
LCMapStringEx
OutputDebugStringW
IsDebuggerPresent
CloseHandle
FreeLibrary
GetSystemInfo
GetProcAddress
GetModuleHandleW
LeaveCriticalSection
EnterCriticalSection
GetEnvironmentVariableA
WideCharToMultiByte
GetLastError
MultiByteToWideChar
DeleteCriticalSection
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
RtlUnwind
InterlockedFlushSList
InitializeSListHead
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
EncodePointer

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

ole32

CoCreateFreeThreadedMarshaler
CoTaskMemFree
IIDFromString
CoCreateGuid

oleaut32

CreateErrorInfo
SetErrorInfo

user32

LoadStringW

api-ms-win-crt-string-l1-1-0

strncpy_s
wcsncat_s
strcmp
strncat_s
strlen
strncmp
wcsncmp
wcscpy_s
_wcslwr_s
strcpy_s
wcscat_s
strcat_s
strnlen
wcsncpy_s

api-ms-win-crt-runtime-l1-1-0

abort
_errno
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initterm
_initterm_e
terminate
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_invalid_parameter_noinfo

api-ms-win-crt-stdio-l1-1-0

_flushall
_putws
__stdio_common_vswprintf
__stdio_common_vsnprintf_s
__stdio_common_vsnwprintf_s
__acrt_iob_func
__stdio_common_vsprintf_s
__stdio_common_vfprintf

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-heap-l1-1-0

free
_calloc_base
_free_base
malloc

api-ms-win-crt-convert-l1-1-0

wcstoul

Exports

Exports

CLRDataCreateInstance
DacDbiInterfaceInstance
OutOfProcessExceptionEventCallback
OutOfProcessExceptionEventDebuggerLaunchCallback
OutOfProcessExceptionEventSignatureCallback
OutOfProcessFunctionTableCallback
OutOfProcessFunctionTableCallbackEx

Sections

.text
Size: 934KB - Virtual size: 933KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 239KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/packages/DllExport.1.5.2/tools/coreclr/mscordbi.dll
.dll windows:6 windows x86

d7f1402eeabd14c4f5992750bb791f74

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ResumeThread
FreeLibrary
DuplicateHandle
GetModuleHandleW
GetFileSize
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
Sleep
DebugActiveProcess
DebugActiveProcessStop
WaitForDebugEvent
ContinueDebugEvent
OpenProcess
TerminateProcess
GetCurrentProcessId
IsWow64Process
ReadProcessMemory
WriteProcessMemory
GetThreadContext
SetThreadContext
SetLastError
GetSystemTimeAsFileTime
GetProcessHeap
HeapAlloc
HeapFree
RaiseException
IsDebuggerPresent
DebugBreak
WideCharToMultiByte
LoadLibraryExW
CreateFileW
GetFileAttributesExW
GetModuleFileNameW
GetEnvironmentVariableW
GetFullPathNameW
CreateThread
GetSystemInfo
MultiByteToWideChar
SwitchToThread
GetACP
GetCPInfo
IsDBCSLeadByte
FormatMessageW
LocalFree
CreateProcessW
CreateSemaphoreExW
ReleaseSemaphore
TlsGetValue
TlsSetValue
TlsAlloc
TlsFree
WaitForSingleObjectEx
CreateMutexW
ReleaseMutex
SleepEx
VirtualAlloc
VirtualFree
VirtualQuery
VirtualProtect
HeapCreate
HeapDestroy
HeapValidate
LCMapStringEx
WriteFile
SetFilePointer
FlushFileBuffers
ReadFile
OpenThread
FlushInstructionCache
GetCurrentThreadId
ResetEvent
SetEvent
CreateEventW
WaitForMultipleObjectsEx
GetProcAddress
WaitForSingleObject
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
GetCurrentProcess
GetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
RtlUnwind
InterlockedFlushSList
InitializeSListHead
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
EncodePointer

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueW

ole32

CoCreateGuid
CoTaskMemAlloc
IIDFromString
CoCreateFreeThreadedMarshaler
CoTaskMemFree
CreateStreamOnHGlobal

oleaut32

SetErrorInfo
VariantInit
CreateErrorInfo

user32

LoadStringW

api-ms-win-crt-string-l1-1-0

strncmp
strcpy_s
wcsncmp
wcsnlen
strncpy_s
wcsncat_s
wcscat_s
_wcsicmp
wcscpy_s
wcsncpy_s

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_execute_onexit_table
_cexit
abort
_register_onexit_function
_initialize_onexit_table
_errno
_invalid_parameter_noinfo
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm
terminate
_initterm_e

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
__stdio_common_vsnwprintf_s
__acrt_iob_func
__stdio_common_vsnprintf_s

api-ms-win-crt-convert-l1-1-0

wcstoul

api-ms-win-crt-heap-l1-1-0

_free_base
free
malloc
_calloc_base

api-ms-win-crt-filesystem-l1-1-0

_wmakepath_s
_wsplitpath_s

api-ms-win-crt-utility-l1-1-0

bsearch
qsort

api-ms-win-crt-math-l1-1-0

_except1

Exports

Exports

CoreCLRCreateCordbObject
CreateCordbObject
DllGetClassObjectInternal
OpenVirtualProcess
OpenVirtualProcess2
OpenVirtualProcessImpl

Sections

.text
Size: 748KB - Virtual size: 747KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/packages/DllExport.1.5.2/tools/gnt.bat
.bat .js
Stub/packages/DllExport.1.5.2/tools/init.ps1
Stub/packages/DllExport.1.5.2/tools/install.ps1
.ps1
Stub/packages/DllExport.1.5.2/tools/msbuild.bat
.bat .vbs
Stub/packages/DllExport.1.5.2/tools/net.r_eg.DllExport.Configurator.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/packages/DllExport.1.5.2/tools/net.r_eg.DllExport.Configurator.pdb
Stub/packages/DllExport.1.5.2/tools/net.r_eg.DllExport.targets
Stub/packages/DllExport.1.5.2/tools/nsbin.bat
Stub/packages/DllExport.1.5.2/tools/powershell.bat
Stub/packages/DllExport.1.5.2/tools/uninstall.ps1

Sharing

General

Malware Config

Signatures

Files

Password: @REStunexPrivateTools

Password: @REStunexPrivateTools

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 38KB - Virtual size: 38KB

.rsrc Size: 1024B - Virtual size: 680B

.reloc Size: 512B - Virtual size: 12B

Password: @REStunexPrivateTools

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 201KB - Virtual size: 200KB

.rsrc Size: 106KB - Virtual size: 106KB

.reloc Size: 512B - Virtual size: 12B

Password: @REStunexPrivateTools

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 38KB - Virtual size: 38KB

.rsrc Size: 1024B - Virtual size: 680B

.reloc Size: 512B - Virtual size: 12B

Password: @REStunexPrivateTools

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 38KB - Virtual size: 38KB

.rsrc Size: 1024B - Virtual size: 680B

.reloc Size: 512B - Virtual size: 12B

Password: @REStunexPrivateTools

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 38KB - Virtual size: 38KB

.rsrc Size: 1024B - Virtual size: 680B

.reloc Size: 512B - Virtual size: 12B

Password: @REStunexPrivateTools

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 38KB - Virtual size: 38KB

.rsrc Size: 1024B - Virtual size: 680B

.reloc Size: 512B - Virtual size: 12B

Password: @REStunexPrivateTools

Code Sign

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88Certificate

Extended Key Usages

Key Usages

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2bCertificate

Extended Key Usages

61:33:26:1a:00:00:00:00:00:31Certificate

.text
Size: 38KB - Virtual size: 38KB

.rsrc
Size: 1024B - Virtual size: 680B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 201KB - Virtual size: 200KB

.rsrc
Size: 106KB - Virtual size: 106KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 38KB - Virtual size: 38KB

.rsrc
Size: 1024B - Virtual size: 680B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 38KB - Virtual size: 38KB

.rsrc
Size: 1024B - Virtual size: 680B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 38KB - Virtual size: 38KB

.rsrc
Size: 1024B - Virtual size: 680B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 38KB - Virtual size: 38KB

.rsrc
Size: 1024B - Virtual size: 680B

.reloc
Size: 512B - Virtual size: 12B

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

61:33:26:1a:00:00:00:00:00:31
Certificate

61:16:68:34:00:00:00:00:00:1c
Certificate

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

62:7f:96:15:84:51:82:1c:e8:fb:2b:8b:d0:dd:67:9d:f6:4b:70:61:cd:32:1d:9c:0e:c5:0d:ab:11:a1:54:49
Signer

e9:a3:98:5d:06:ad:23:6e:72:0e:70:76:14:71:64:b4:51:60:39:73
Signer

.rsrc
Size: 44KB - Virtual size: 43KB

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

61:02:8e:42:00:00:00:00:00:1f
Certificate

61:33:26:1a:00:00:00:00:00:31
Certificate

61:16:68:34:00:00:00:00:00:1c
Certificate

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

75:a4:4c:39:91:61:a6:9b:d9:69:62:6a:bf:4a:40:22:8a:46:43:c3:4a:3d:6c:a7:70:86:f1:65:3d:6c:bc:de
Signer

9b:bf:6c:80:5c:0e:5b:6f:b1:11:6b:50:98:fa:d6:ea:46:0a:82:a0
Signer

.rsrc
Size: 7KB - Virtual size: 6KB

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

61:33:26:1a:00:00:00:00:00:31
Certificate

61:16:68:34:00:00:00:00:00:1c
Certificate

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

ed:b2:11:ae:df:b0:3b:c1:e7:2d:4b:d0:bf:cc:f1:03:17:76:b6:7c:2c:22:de:4f:a4:ab:5a:5c:43:da:f3:39
Signer

8c:84:84:57:47:7e:36:ef:a2:51:19:b5:5b:f4:f0:41:82:e0:bd:db
Signer

.rsrc
Size: 5KB - Virtual size: 5KB

33:00:00:00:88:59:0e:3c:51:1f:e2:6a:67:00:01:00:00:00:88
Certificate

61:02:92:4a:00:00:00:00:00:20
Certificate