3627d52feebc88b3379aaeba7d5de30dc89a757e41a24568472647e86648a0f2

Sharing

Copy URL Twitter E-mail

General

Target

3627d52feebc88b3379aaeba7d5de30dc89a757e41a24568472647e86648a0f2
Size

10.3MB
MD5

53d6de7bbad0f4bc6aab1f4d3d842db8
SHA1

0e8aa8a535ed77ed5c2a99135c1c51b80c37026c
SHA256

3627d52feebc88b3379aaeba7d5de30dc89a757e41a24568472647e86648a0f2
SHA512

35bf20c0856c9ed82bfafc0b1269fd266bf809c772f9a7bd0773fc6736a539870f10f9b3de5f4e10902f856565d2845df956563b9a4dd7dc61233ad59de1b9e9
SSDEEP

196608:yjNf9AoeYD3bndAtRNwBwlHjjH9hkX0+rzsBLG20tiqy2bRxpZ8tPql:yjp9Aoe4bWwBwlHnnVGqG2D4RxpZ8Fql

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/XYplorer 25.20.0100/XYplorer Academic.exe

Files

3627d52feebc88b3379aaeba7d5de30dc89a757e41a24568472647e86648a0f2
.rar
XYplorer 25.20.0100/App/AppInfo/Launcher/Custom.nsh
XYplorer 25.20.0100/App/AppInfo/Launcher/XYplorer Academic.ini
XYplorer 25.20.0100/App/AppInfo/appicon.ico
XYplorer 25.20.0100/App/AppInfo/appinfo.ini
XYplorer 25.20.0100/App/XYplorer/CatalogDefault.dat
XYplorer 25.20.0100/App/XYplorer/Data/XYplorer.ini
XYplorer 25.20.0100/App/XYplorer/Lang/Arabic.lng
XYplorer 25.20.0100/App/XYplorer/Lang/Catalan.lng
XYplorer 25.20.0100/App/XYplorer/Lang/ChineseSimplified.lng
XYplorer 25.20.0100/App/XYplorer/Lang/ChineseTraditional.lng
XYplorer 25.20.0100/App/XYplorer/Lang/Croatian.lng
XYplorer 25.20.0100/App/XYplorer/Lang/Czech.lng
XYplorer 25.20.0100/App/XYplorer/Lang/Danish.lng
XYplorer 25.20.0100/App/XYplorer/Lang/Dutch.lng
XYplorer 25.20.0100/App/XYplorer/Lang/EnglishBr.lng
XYplorer 25.20.0100/App/XYplorer/Lang/EnglishBritish.lng
XYplorer 25.20.0100/App/XYplorer/Lang/Finnish.lng
XYplorer 25.20.0100/App/XYplorer/Lang/French.lng
XYplorer 25.20.0100/App/XYplorer/Lang/German.lng
XYplorer 25.20.0100/App/XYplorer/Lang/Hungarian.lng
XYplorer 25.20.0100/App/XYplorer/Lang/Indonesian.lng
XYplorer 25.20.0100/App/XYplorer/Lang/Italian.lng
XYplorer 25.20.0100/App/XYplorer/Lang/Japanese.lng
XYplorer 25.20.0100/App/XYplorer/Lang/Klingon.lng
XYplorer 25.20.0100/App/XYplorer/Lang/Korean.lng
XYplorer 25.20.0100/App/XYplorer/Lang/Persian.lng
XYplorer 25.20.0100/App/XYplorer/Lang/Polish.lng
XYplorer 25.20.0100/App/XYplorer/Lang/PortugueseBrazil.lng
XYplorer 25.20.0100/App/XYplorer/Lang/PortugueseEuropean.lng
XYplorer 25.20.0100/App/XYplorer/Lang/Russia.lng
XYplorer 25.20.0100/App/XYplorer/Lang/Russian.lng
XYplorer 25.20.0100/App/XYplorer/Lang/Serbian.lng
XYplorer 25.20.0100/App/XYplorer/Lang/Spanish.lng
XYplorer 25.20.0100/App/XYplorer/Lang/Turkish.lng
XYplorer 25.20.0100/App/XYplorer/Lang/Vietnamese.lng
XYplorer 25.20.0100/App/XYplorer/LicenseXY.txt
XYplorer 25.20.0100/App/XYplorer/ReadmeXY.txt
XYplorer 25.20.0100/App/XYplorer/Startup.ini
XYplorer 25.20.0100/App/XYplorer/XY64.exe
.exe windows:4 windows x64 arch:x64

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:d2:aa:95:ff:46:72:20:7a:59:a2:34:9a:aa:c7:6a
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

25/05/2022, 00:00

Not After

24/05/2025, 23:59

Subject

CN=Cologne Code Company e.K.,O=Cologne Code Company e.K.,L=Köln,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

74:05:44:01:d9:d0:2c:45:4c:5b:76:6c:0e:b5:a7:60:6a:8b:19:ad:38:bb:14:b3:c3:57:01:2a:74:40:47:27
Signer

Actual PE Digest

74:05:44:01:d9:d0:2c:45:4c:5b:76:6c:0e:b5:a7:60:6a:8b:19:ad:38:bb:14:b3:c3:57:01:2a:74:40:47:27

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
XYplorer 25.20.0100/App/XYplorer/XY64contents.exe
.exe windows:5 windows x64 arch:x64

48e414e431433a62713440d22abb8343

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:d2:aa:95:ff:46:72:20:7a:59:a2:34:9a:aa:c7:6a
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

25/05/2022, 00:00

Not After

24/05/2025, 23:59

Subject

CN=Cologne Code Company e.K.,O=Cologne Code Company e.K.,L=Köln,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

00:a6:ab:ed:68:da:a5:a8:6b:99:7e:d1:ce:d5:4e:6e:91:d3:c0:4e:73:3e:a7:86:17:d9:ce:c1:d9:06:13:77
Signer

Actual PE Digest

00:a6:ab:ed:68:da:a5:a8:6b:99:7e:d1:ce:d5:4e:6e:91:d3:c0:4e:73:3e:a7:86:17:d9:ce:c1:d9:06:13:77

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

wsock32

gethostbyname

winmm

mixerOpen

version

VerQueryValueW

comctl32

ImageList_Create

psapi

GetModuleBaseNameW

wininet

InternetOpenW

user32

GetDC

gdi32

BitBlt

comdlg32

GetSaveFileNameW

advapi32

RegCloseKey

shell32

DragFinish

ole32

CoGetObject

oleaut32

SafeArrayGetLBound

Sections

.MPRESS1
Size: 411KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
XYplorer 25.20.0100/App/XYplorer/XY64ctxmenu.exe
.exe windows:5 windows x64 arch:x64

48e414e431433a62713440d22abb8343

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:d2:aa:95:ff:46:72:20:7a:59:a2:34:9a:aa:c7:6a
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

25/05/2022, 00:00

Not After

24/05/2025, 23:59

Subject

CN=Cologne Code Company e.K.,O=Cologne Code Company e.K.,L=Köln,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

86:0d:0d:35:f2:24:fc:98:84:9d:35:67:8b:db:cf:85:7f:0e:0a:e7:6e:a4:2f:f9:d2:2c:b7:60:a0:03:02:93
Signer

Actual PE Digest

86:0d:0d:35:f2:24:fc:98:84:9d:35:67:8b:db:cf:85:7f:0e:0a:e7:6e:a4:2f:f9:d2:2c:b7:60:a0:03:02:93

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

wsock32

gethostbyname

winmm

mixerOpen

version

VerQueryValueW

comctl32

ImageList_Create

psapi

GetModuleBaseNameW

wininet

InternetOpenW

user32

GetDC

gdi32

BitBlt

comdlg32

GetSaveFileNameW

advapi32

RegCloseKey

shell32

DragFinish

ole32

CoGetObject

oleaut32

SafeArrayGetLBound

Sections

.MPRESS1
Size: 411KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
XYplorer 25.20.0100/App/XYplorer/XYcopy.exe
.exe windows:4 windows x86 arch:x86

30c7747ed5cb258c08995ce2c28169be

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:d2:aa:95:ff:46:72:20:7a:59:a2:34:9a:aa:c7:6a
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

25/05/2022, 00:00

Not After

24/05/2025, 23:59

Subject

CN=Cologne Code Company e.K.,O=Cologne Code Company e.K.,L=Köln,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

df:2c:b1:da:b9:72:f1:a5:a6:83:2c:f4:3d:50:71:82:49:20:21:92:13:02:0e:b4:5e:43:38:67:78:86:79:c0
Signer

Actual PE Digest

df:2c:b1:da:b9:72:f1:a5:a6:83:2c:f4:3d:50:71:82:49:20:21:92:13:02:0e:b4:5e:43:38:67:78:86:79:c0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

ColorHLSToRGB

msvbvm60

EVENT_SINK_GetIDsOfNames
__vbaVarTstGt
__vbaR8FixI4
__vbaStrI2
__vbaI2Sgn
_CIcos
_adj_fptan
__vbaVarMove
__vbaHresultCheck
__vbaStrI4
__vbaAryMove
__vbaFreeVar
__vbaLenBstr
__vbaStrVarMove
ord696
ord697
__vbaFreeVarList
_adj_fdiv_m64
__vbaFpCDblR8
EVENT_SINK_Invoke
__vbaRaiseEvent
__vbaFreeObjList
ord516
__vbaVarFix
__vbaStrErrVarCopy
ord517
_adj_fprem1
__vbaRecAnsiToUni
ord519
__vbaCopyBytes
__vbaResume
__vbaStrCat
__vbaLsetFixstr
ord553
__vbaStrDate
__vbaSetSystemError
__vbaRecDestruct
ord662
__vbaLenBstrB
__vbaHresultCheckObj
ord663
__vbaLenVar
_adj_fdiv_m32
__vbaAryVar
__vbaVarTstLe
Zombie_GetTypeInfo
__vbaAryDestruct
__vbaLateMemSt
ord669
__vbaStrBool
__vbaForEachCollObj
__vbaExitProc
__vbaBoolStr
ord300
ord301
__vbaStrLike
__vbaOnError
__vbaObjSet
ord595
_adj_fdiv_m16i
ord303
ord702
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
ord306
__vbaBoolVar
__vbaStrFixstr
ord705
ord307
ord521
__vbaFPFix
ord309
__vbaBoolVarNull
ord523
_CIsin
ord709
__vbaErase
ord631
__vbaVarCmpGt
__vbaNextEachCollObj
ord525
__vbaChkstk
EVENT_SINK_AddRef
ord527
__vbaCyI2
__vbaStrCmp
__vbaAryConstruct2
__vbaVarTstEq
__vbaCyI4
__vbaDateR8
__vbaR4Str
ord561
DllFunctionCall
__vbaVarOr
__vbaVarLateMemSt
ord564
__vbaCastObjVar
__vbaRedimPreserve
__vbaLbound
_adj_fpatan
__vbaR4Var
__vbaLateIdCallLd
Zombie_GetTypeInfoCount
__vbaStrR8
__vbaRedim
__vbaR8Cy
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
_CIsqrt
__vbaObjIs
EVENT_SINK_QueryInterface
__vbaVarMul
__vbaFpCmpCy
ord710
__vbaStr2Vec
__vbaExceptHandler
ord711
__vbaStrToUnicode
ord605
ord712
ord606
_adj_fprem
_adj_fdivr_m64
__vbaVarDiv
ord607
__vbaFailedFriend
__vbaI2Str
__vbaFPException
__vbaInStrVar
ord717
ord319
__vbaUbound
__vbaStrVarVal
__vbaVarCat
__vbaCheckType
__vbaDateVar
__vbaI2Var
ord644
ord537
ord538
_CIlog
ord539
__vbaNew2
__vbaInStr
__vbaR8Str
__vbaVarInt
__vbaCyMulI2
_adj_fdiv_m32i
ord572
_adj_fdivr_m32i
__vbaStrCopy
__vbaI4Str
__vbaFreeStrList
_adj_fdivr_m32
__vbaR8Var
__vbaPowerR8
_adj_fdiv_r
ord685
ord100
__vbaVarTstNe
__vbaI4Var
__vbaVarCmpEq
__vbaFpCy
__vbaVarAdd
__vbaAryLock
__vbaInStrB
ord320
__vbaVarDup
ord612
__vbaStrToAnsi
__vbaStrComp
ord321
__vbaVerifyVarObj
__vbaAryVarVarg
__vbaFpI2
__vbaCheckTypeVar
ord616
__vbaVarLateMemCallLd
__vbaFpI4
__vbaLateMemCallLd
_CIatan
__vbaAryCopy
ord618
__vbaStrMove
__vbaCastObj
__vbaR8IntI4
__vbaI4Cy
__vbaStrVarCopy
__vbaVarNeg
ord542
ord650
ord543
_allmul
__vbaLateIdSt
ord544
ord545
_CItan
ord546
__vbaFPInt
__vbaAryUnlock
ord547
__vbaFpCSngR8
_CIexp
__vbaMidStmtBstr
__vbaRecAssign
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 672KB - Virtual size: 668KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
XYplorer 25.20.0100/App/XYplorer/XYicon_FolderDenied.ico
XYplorer 25.20.0100/App/XYplorer/XYicon_FolderEmpty.ico
XYplorer 25.20.0100/App/XYplorer/XYicon_FolderGeneric.ico
XYplorer 25.20.0100/App/XYplorer/XYicon_FolderGray.ico
XYplorer 25.20.0100/App/XYplorer/XYicon_FolderGreen.ico
XYplorer 25.20.0100/App/XYplorer/XYplorer Website.url
XYplorer 25.20.0100/App/XYplorer/XYplorer.chm
.chm
XYplorer 25.20.0100/App/XYplorer/XYplorer.exe
.exe windows:4 windows x86 arch:x86

122d45b61d009bcf6c9d2083014f6daf

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:d2:aa:95:ff:46:72:20:7a:59:a2:34:9a:aa:c7:6a
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

25/05/2022, 00:00

Not After

24/05/2025, 23:59

Subject

CN=Cologne Code Company e.K.,O=Cologne Code Company e.K.,L=Köln,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

b1:35:9c:12:88:4f:80:73:fc:01:f5:81:41:a1:0f:56:24:49:c5:23:36:d6:bf:ae:0a:ad:c6:c7:e5:b1:f8:e2
Signer

Actual PE Digest

b1:35:9c:12:88:4f:80:73:fc:01:f5:81:41:a1:0f:56:24:49:c5:23:36:d6:bf:ae:0a:ad:c6:c7:e5:b1:f8:e2

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

ColorHLSToRGB

ole32

StgCreateDocfileOnILockBytes
StgCreateDocfile
CreateILockBytesOnHGlobal
CoTaskMemFree

user32

SendMessageA

kernel32

Sleep

oleaut32

SysAllocStringLen
OleTranslateColor

msvbvm60

EVENT_SINK_GetIDsOfNames
__vbaVarSub
__vbaVarTstGt
__vbaR8FixI4
__vbaStrI2
__vbaI2Sgn
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaHresultCheck
__vbaVarVargNofree
__vbaAryMove
__vbaFreeVar
__vbaFpCDblR4
ord588
__vbaLenBstr
__vbaStrVarMove
__vbaLateIdCall
ord696
__vbaPut3
__vbaFreeVarList
ord697
__vbaEnd
_adj_fdiv_m64
__vbaFpCDblR8
ord698
ord512
EVENT_SINK_Invoke
__vbaRaiseEvent
__vbaFreeObjList
__vbaR8Sgn
ord516
__vbaVarFix
__vbaStrErrVarCopy
ord517
_adj_fprem1
__vbaRecAnsiToUni
ord519
__vbaI2Abs
__vbaI4Sgn
ord628
__vbaCopyBytes
__vbaResume
__vbaForEachCollAd
__vbaStrCat
ord552
__vbaError
ord553
__vbaLsetFixstr
__vbaSetSystemError
__vbaRecDestruct
__vbaStrDate
ord661
__vbaNameFile
ord662
__vbaLenBstrB
__vbaHresultCheckObj
ord663
ord557
ord558
__vbaVargVarCopy
__vbaLenVar
ord665
_adj_fdiv_m32
__vbaAryVar
__vbaVarTstLe
ord667
Zombie_GetTypeInfo
__vbaVarXor
__vbaVarCmpGe
__vbaAryDestruct
ord591
__vbaLateMemSt
ord592
ord593
__vbaExitProc
__vbaForEachCollObj
__vbaBoolStr
__vbaStrBool
ord300
__vbaRsetFixstr
__vbaI4Abs
ord594
ord301
__vbaCyAdd
__vbaObjSet
__vbaOnError
__vbaStrLike
ord302
_adj_fdiv_m16i
ord303
ord702
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
__vbaVarIndexLoad
ord704
ord599
ord306
ord705
__vbaBoolVar
__vbaStrFixstr
ord307
ord706
ord521
ord308
ord707
__vbaFPFix
ord309
__vbaEraseKeepData
__vbaVarTstLt
__vbaBoolVarNull
ord523
__vbaRefVarAry
_CIsin
ord631
__vbaErase
ord709
__vbaVargVarMove
__vbaVarCmpGt
__vbaNextEachCollObj
__vbaVarZero
ord525
__vbaChkstk
__vbaFileClose
__vbaCyVar
EVENT_SINK_AddRef
ord527
__vbaVarAbs
__vbaGenerateBoundsError
__vbaExitEachColl
__vbaGet3
ord529
__vbaStrCmp
__vbaCyI2
__vbaPutOwner3
__vbaGet4
__vbaVarTstEq
__vbaAryConstruct2
__vbaDateR8
ord560
__vbaCyI4
ord561
__vbaI2I4
__vbaObjVar
__vbaPrintObj
DllFunctionCall
ord563
__vbaVarLateMemSt
__vbaVarOr
ord564
__vbaCySub
__vbaFpUI1
__vbaCastObjVar
__vbaStrR4
__vbaRedimPreserve
__vbaLbound
_adj_fpatan
__vbaR4Var
__vbaFixstrConstruct
ord569
__vbaR4Cy
__vbaLateIdCallLd
Zombie_GetTypeInfoCount
__vbaR8Cy
__vbaRedim
__vbaStrR8
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
ord600
__vbaUI1I2
ord601
_CIsqrt
__vbaLateIdCallSt
__vbaObjIs
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaStr2Vec
__vbaVarMul
__vbaFpCmpCy
ord710
__vbaUI1I4
__vbaStrUI1
__vbaExceptHandler
ord711
__vbaPrintFile
__vbaStrToUnicode
ord712
ord605
ord713
__vbaCyFix
ord606
__vbaDateStr
__vbaR4ErrVar
_adj_fprem
_adj_fdivr_m64
__vbaR8ErrVar
ord714
__vbaVarDiv
__vbaI2Str
__vbaFailedFriend
ord716
__vbaVarCmpLe
__vbaFPException
ord717
__vbaInStrVar
ord319
__vbaGetOwner3
__vbaStrVarVal
__vbaUbound
ord641
__vbaGetOwner4
__vbaVarCat
ord535
__vbaDateVar
__vbaCheckType
__vbaLsetFixstrFree
__vbaMidStmtBstrB
__vbaI2Var
ord644
ord537
ord538
_CIlog
ord539
__vbaErrorOverflow
__vbaFileOpen
ord570
ord648
__vbaVarLateMemCallLdRf
__vbaR8Str
__vbaVar2Vec
__vbaNew2
__vbaInStr
__vbaCyMulI2
__vbaVarInt
_adj_fdiv_m32i
ord572
_adj_fdivr_m32i
__vbaStrCopy
__vbaI4Str
__vbaVarNot
__vbaFreeStrList
_adj_fdivr_m32
__vbaPowerR8
__vbaR8Var
_adj_fdiv_r
ord578
ord685
ord100
__vbaVarTstNe
__vbaI4Var
__vbaVarCmpEq
__vbaFpCy
ord610
__vbaInStrB
__vbaAryLock
__vbaLateMemCall
__vbaVarAdd
ord611
ord320
__vbaFreeVarg
__vbaStrComp
__vbaStrToAnsi
__vbaVarDup
ord612
ord321
__vbaVerifyVarObj
__vbaFpI2
__vbaCheckTypeVar
__vbaVarTstGe
__vbaUnkVar
__vbaVarLateMemCallLd
ord616
__vbaFpI4
__vbaVarCopy
__vbaRecDestructAnsi
__vbaLateMemCallLd
_CIatan
__vbaAryCopy
__vbaStrMove
__vbaCastObj
ord618
__vbaI4Cy
__vbaStrVarCopy
__vbaR8IntI4
ord542
__vbaVarNeg
ord543
ord650
_allmul
ord544
__vbaLateIdSt
ord545
_CItan
__vbaNextEachCollAd
ord546
ord547
__vbaAryUnlock
__vbaFPInt
__vbaFpCSngR8
_CIexp
__vbaMidStmtBstr
__vbaStrCy
__vbaI4ErrVar
__vbaFreeObj
__vbaFreeStr
__vbaRecAssign
ord581

Sections

.text
Size: 9.3MB - Virtual size: 9.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 968KB - Virtual size: 965KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
XYplorer 25.20.0100/Data/XYplorer/AutoBackup/24/XYplorer.ini
XYplorer 25.20.0100/Data/XYplorer/AutoBackup/24/catalog.dat
XYplorer 25.20.0100/Data/XYplorer/AutoBackup/24/fvs.dat
XYplorer 25.20.0100/Data/XYplorer/AutoBackup/24/ks.dat
XYplorer 25.20.0100/Data/XYplorer/AutoBackup/24/udc.dat
XYplorer 25.20.0100/Data/XYplorer/AutoBackup/XYplorer.ini
XYplorer 25.20.0100/Data/XYplorer/AutoBackup/catalog.dat
XYplorer 25.20.0100/Data/XYplorer/AutoBackup/fvs.dat
XYplorer 25.20.0100/Data/XYplorer/AutoBackup/ks.dat
XYplorer 25.20.0100/Data/XYplorer/AutoBackup/tag.dat
XYplorer 25.20.0100/Data/XYplorer/AutoBackup/udc.dat
XYplorer 25.20.0100/Data/XYplorer/Catalogs/catalog.dat
XYplorer 25.20.0100/Data/XYplorer/Panes/1/pane.ini
XYplorer 25.20.0100/Data/XYplorer/Panes/2/pane.ini
XYplorer 25.20.0100/Data/XYplorer/XYplorer.ini
XYplorer 25.20.0100/Data/XYplorer/action.dat
XYplorer 25.20.0100/Data/XYplorer/fvs.dat
XYplorer 25.20.0100/Data/XYplorer/ks.dat
XYplorer 25.20.0100/Data/XYplorer/lastini.dat
XYplorer 25.20.0100/Data/XYplorer/tag.dat
XYplorer 25.20.0100/Data/XYplorer/udc.dat
XYplorer 25.20.0100/XYplorer Academic.exe
.exe windows:4 windows x86 arch:x86

61259b55b8912888e90f516ca08dc514

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegEnumValueW

shell32

SHGetSpecialFolderLocation
SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW

ole32

OleInitialize
OleUninitialize
CoCreateInstance
IIDFromString
CoTaskMemFree

comctl32

ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked

user32

GetClientRect
EndPaint
DrawTextW
IsWindowEnabled
DispatchMessageW
wsprintfA
CharNextA
CharPrevW
MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
GetSystemMetrics
FillRect
AppendMenuW
TrackPopupMenu
OpenClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetSysColor
SetWindowPos
GetWindowLongW
PeekMessageW
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
EmptyClipboard
CreatePopupMenu

gdi32

SetBkMode
SetBkColor
GetDeviceCaps
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
SetTextColor
SelectObject

kernel32

GetExitCodeProcess
WaitForSingleObject
GetModuleHandleA
GetProcAddress
GetSystemDirectoryW
lstrcatW
Sleep
lstrcpyA
WriteFile
GetTempFileNameW
lstrcmpiA
RemoveDirectoryW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersionExW
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
CopyFileW
ExitProcess
GetCurrentProcess
GetModuleFileNameW
GetFileSize
CreateFileW
GetTickCount
MulDiv
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
MoveFileExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

01:d2:aa:95:ff:46:72:20:7a:59:a2:34:9a:aa:c7:6aCertificate

Extended Key Usages

Key Usages

74:05:44:01:d9:d0:2c:45:4c:5b:76:6c:0e:b5:a7:60:6a:8b:19:ad:38:bb:14:b3:c3:57:01:2a:74:40:47:27Signer

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 24KB - Virtual size: 23KB

.rsrc Size: 64KB - Virtual size: 63KB

48e414e431433a62713440d22abb8343

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

01:d2:aa:95:ff:46:72:20:7a:59:a2:34:9a:aa:c7:6aCertificate

Extended Key Usages

Key Usages

00:a6:ab:ed:68:da:a5:a8:6b:99:7e:d1:ce:d5:4e:6e:91:d3:c0:4e:73:3e:a7:86:17:d9:ce:c1:d9:06:13:77Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

wsock32

winmm

version

comctl32

psapi

wininet

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.MPRESS1 Size: 411KB - Virtual size: 1.1MB

.MPRESS2 Size: 4KB - Virtual size: 3KB

.rsrc Size: 67KB - Virtual size: 67KB

48e414e431433a62713440d22abb8343

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

01:d2:aa:95:ff:46:72:20:7a:59:a2:34:9a:aa:c7:6aCertificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

01:d2:aa:95:ff:46:72:20:7a:59:a2:34:9a:aa:c7:6a
Certificate

74:05:44:01:d9:d0:2c:45:4c:5b:76:6c:0e:b5:a7:60:6a:8b:19:ad:38:bb:14:b3:c3:57:01:2a:74:40:47:27
Signer

.text
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 64KB - Virtual size: 63KB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

01:d2:aa:95:ff:46:72:20:7a:59:a2:34:9a:aa:c7:6a
Certificate

00:a6:ab:ed:68:da:a5:a8:6b:99:7e:d1:ce:d5:4e:6e:91:d3:c0:4e:73:3e:a7:86:17:d9:ce:c1:d9:06:13:77
Signer

.MPRESS1
Size: 411KB - Virtual size: 1.1MB

.MPRESS2
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 67KB - Virtual size: 67KB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

01:d2:aa:95:ff:46:72:20:7a:59:a2:34:9a:aa:c7:6a
Certificate

86:0d:0d:35:f2:24:fc:98:84:9d:35:67:8b:db:cf:85:7f:0e:0a:e7:6e:a4:2f:f9:d2:2c:b7:60:a0:03:02:93
Signer

.MPRESS1
Size: 411KB - Virtual size: 1.1MB

.MPRESS2
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 67KB - Virtual size: 67KB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

01:d2:aa:95:ff:46:72:20:7a:59:a2:34:9a:aa:c7:6a
Certificate

df:2c:b1:da:b9:72:f1:a5:a6:83:2c:f4:3d:50:71:82:49:20:21:92:13:02:0e:b4:5e:43:38:67:78:86:79:c0
Signer

.text
Size: 672KB - Virtual size: 668KB

.data
Size: 4KB - Virtual size: 13KB

.rsrc
Size: 196KB - Virtual size: 192KB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

01:d2:aa:95:ff:46:72:20:7a:59:a2:34:9a:aa:c7:6a
Certificate

b1:35:9c:12:88:4f:80:73:fc:01:f5:81:41:a1:0f:56:24:49:c5:23:36:d6:bf:ae:0a:ad:c6:c7:e5:b1:f8:e2
Signer