14d8d7e52f18bfedb14382e35e21cdd2

Sharing

Copy URL

Twitter E-mail

General

Target

14d8d7e52f18bfedb14382e35e21cdd2
Size

1.2MB
MD5

14d8d7e52f18bfedb14382e35e21cdd2
SHA1

4b10fb7f31507e32330567d0084ecc4bd5209f79
SHA256

13b5f147b834964a6863e44486776d07de4b538abedffc337f1c54367a419b75
SHA512

a8fe61a6c1456601ff0bae27dae21402573792f9970646548fc3005b5412400ec167c01fb38512e6684288a764d78d10a460f976ff7b5248514c4b6587317ccc
SSDEEP

24576:9Oejgqx6a8x3Dn1R5e8CP/V1VFo24P9Dtv2Dw0VocaV8o:ILhh24P9Dtv280VocaVB

Score

1^/10

Malware Config

Signatures

Files

14d8d7e52f18bfedb14382e35e21cdd2
.exe windows:4 windows x86 arch:x86

d7227e7af56e03459921032301e6a461

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

55:41:51:e0:cf:fa:2c:95:13:07:ae:60:87:c2:80:52
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

07/03/2013, 00:00

Not After

05/04/2016, 23:59

Subject

CN=Kingsoft Security Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=毒霸研发部,O=Kingsoft Security Co.\,Ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ce:5d:6b:c7:70:20:d3:42:b5:12:40:a8:18:f3:40:12:3d:f3:8b:9a
Signer

Actual PE Digest

ce:5d:6b:c7:70:20:d3:42:b5:12:40:a8:18:f3:40:12:3d:f3:8b:9a

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

GetCurrentThread
SetFilePointer
SetThreadLocale
InitializeCriticalSectionAndSpinCount
GetTickCount
DeleteFileA
SetFileAttributesW
WriteFile
CreateFileA
GetModuleFileNameA
RemoveDirectoryW
DeleteFileW
GetFileAttributesExA
DeviceIoControl
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
GetVersionExA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
CreateEventW
UnmapViewOfFile
CloseHandle
VirtualFree
VirtualAlloc
HeapDestroy
HeapReAlloc
HeapSize
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WaitForSingleObject
CreateMutexW
MapViewOfFile
GetLastError
CreateFileMappingW
QueueUserWorkItem
SetEvent
ResetEvent
WaitForMultipleObjects
LocalFree
ReleaseMutex
OpenFileMappingW
OpenEventW
OpenMutexW
GetCurrentProcessId
GetModuleFileNameW
GetProcAddress
LoadLibraryW
GetModuleHandleW
SetErrorMode
Sleep
InterlockedDecrement
InterlockedIncrement
FreeLibrary
InitializeCriticalSection
DeleteCriticalSection
GetCurrentProcess
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
GetVersionExW
GetCurrentThreadId
RaiseException
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
FreeResource
GlobalAlloc
LockResource
LoadResource
SizeofResource
FindResourceW
TerminateThread
WritePrivateProfileStringW
GetPrivateProfileStringW
ReadFile
GetFileSize
CreateFileW
GetFullPathNameW
GetUserDefaultLangID
OpenProcess
GetProcessTimes
Module32FirstW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetFileAttributesExW
GetVersion
GetWindowsDirectoryW
GetCurrentDirectoryW
GetTempPathW
GetLongPathNameW
IsBadReadPtr
GetSystemDirectoryW
GetEnvironmentVariableW
GetLocalTime
SystemTimeToFileTime
GetSystemTime
FileTimeToSystemTime
GetPrivateProfileIntW
GetDriveTypeW
GetLogicalDriveStringsW
FindFirstFileW
FindNextFileW
FindClose
ExpandEnvironmentStringsW
GetFileAttributesW
CreateDirectoryW
GetSystemWindowsDirectoryW
GetNativeSystemInfo
MapViewOfFileEx
lstrcmpiW
LoadLibraryExW
CreateProcessW
lstrcpyW
SetLastError
FlushInstructionCache
WideCharToMultiByte
lstrlenA
MultiByteToWideChar
FindResourceExW
lstrlenW

user32

GetAncestor
GetSystemMetrics
GetClassNameW
PostThreadMessageW
CharNextW
RegisterWindowMessageW
CallWindowProcW
SetWindowLongW
GetClassInfoExW
LoadIconW
LoadImageW
DestroyIcon
DrawFrameControl
DrawTextW
FindWindowExW
PostMessageW
UpdateLayeredWindow
RegisterClassExW
CreateWindowExW
DrawIconEx
GetDlgItem
ShowWindow
SetRectEmpty
UnregisterClassA
EqualRect
OffsetRect
SetRect
InflateRect
PtInRect
LoadCursorW
SetCursor
InvalidateRect
SetWindowRgn
GetNextDlgTabItem
SetFocus
ReleaseCapture
SetCapture
GetDlgCtrlID
RedrawWindow
EndPaint
BeginPaint
GetDC
ReleaseDC
WindowFromPoint
GetScrollPos
GetKeyState
SetLayeredWindowAttributes
MonitorFromWindow
GetMonitorInfoW
CopyRect
PeekMessageW
IsWindow
GetMessageW
TranslateMessage
DispatchMessageW
GetFocus
GetParent
GetWindow
GetWindowRect
GetClientRect
MapWindowPoints
GetActiveWindow
GetDesktopWindow
IsWindowEnabled
EnableWindow
GetForegroundWindow
GetWindowThreadProcessId
SystemParametersInfoW
SetWindowPos
AttachThreadInput
SetForegroundWindow
SetActiveWindow
SendMessageW
GetWindowLongW
DestroyWindow
DefWindowProcW
IsWindowVisible

gdi32

GetRegionData
CreatePen
RectInRegion
CombineRgn
CreateRectRgnIndirect
CreateRectRgn
GetTextExtentPoint32W
TextOutW
RoundRect
Rectangle
LineTo
MoveToEx
GetClipRgn
SetBkMode
RestoreDC
SaveDC
GetCurrentObject
SelectClipRgn
EnumFontFamiliesExW
SetDIBitsToDevice
StretchDIBits
GetGlyphOutlineW
GetTextColor
GetTextMetricsW
GetObjectA
CreateBitmap
SetTextColor
CreateDIBSection
StretchBlt
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
SetBkColor
ExtTextOutW
DeleteDC
GetStockObject
GetObjectW
CreateFontIndirectW
CreateRoundRectRgn
DeleteObject

advapi32

GetSecurityDescriptorOwner
InitializeSecurityDescriptor
SetSecurityInfo
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCloseKey
RegQueryValueExW
RegOpenKeyW
SetThreadToken
RevertToSelf
ImpersonateSelf
OpenThreadToken
CreateProcessAsUserW
DuplicateTokenEx
ConvertStringSidToSidW
SetTokenInformation
SetNamedSecurityInfoW
GetNamedSecurityInfoW
LookupPrivilegeValueW
AdjustTokenPrivileges
GetAce
SetSecurityDescriptorSacl
GetSecurityDescriptorLength
MakeSelfRelativeSD
GetSecurityDescriptorGroup
GetSecurityDescriptorControl
MakeAbsoluteSD
GetAclInformation
InitializeAcl
AddAce
GetSecurityDescriptorDacl
IsValidSid
GetLengthSid
CopySid
GetSidLengthRequired
InitializeSid
GetSidSubAuthority
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
AllocateAndInitializeSid
EqualSid
FreeSid
OpenProcessToken
GetTokenInformation
ControlTraceW
RegOpenKeyExW
SetSecurityDescriptorDacl

shell32

SHGetFileInfoW
SHGetFileInfoA
SHGetSpecialFolderPathW
ShellExecuteW

ole32

CoCreateInstance
CoTaskMemAlloc
CoInitialize
CoUninitialize
CoTaskMemRealloc
CreateStreamOnHGlobal
CoTaskMemFree
CoCreateGuid

oleaut32

VarUI4FromStr

shlwapi

StrStrIW
PathIsDirectoryW
PathAddBackslashW
StrCmpNIW
PathFindFileNameW
PathFileExistsW
PathFileExistsA
StrToIntA
StrToIntW
PathAppendW
StrCpyNW
StrCmpNW
StrChrW
StrCmpIW
StrRChrW
StrStrIA
PathRemoveFileSpecW

comctl32

_TrackMouseEvent
InitCommonControlsEx

msimg32

AlphaBlend
TransparentBlt

gdiplus

GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipResetWorldTransform
GdipSetSmoothingMode
GdipSetImageAttributesWrapMode
GdipSetPixelOffsetMode
GdipGetPixelOffsetMode
GdipSetInterpolationMode
GdipGetInterpolationMode
GdipSetImageAttributesRemapTable
GdipDrawLineI
GdipSetPenDashStyle
GdipDeletePen
GdipCreatePen1
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageRectRectI
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipSetPageUnit
GdipSetPageScale
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdipGetDC
GdipReleaseDC
GdipImageRotateFlip
GdipCreateImageAttributes
GdipCreateFontFromLogfontA
GdipMeasureString
GdipCreateFontFromLogfontW
GdipCreateFontFromDC
GdipDrawString
GdipSetTextRenderingHint
GdipSetStringFormatTrimming
GdipDrawImageRectI
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipFillRectangleI
GdipDeleteGraphics
GdipCreateFromHDC
GdipAlloc
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipDeleteFont
GdipFree
GdiplusStartup
GdipDrawImagePointsRectI

msvcp80

??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?empty@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE_NXZ
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@III_W@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
wctype
?eq@?$char_traits@_W@std@@SA_NAB_W0@Z
?allocate@?$allocator@D@std@@QAEPADIPBX@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@V32@0@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?_Myptr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEPA_WXZ
?deallocate@?$allocator@D@std@@QAEXPADI@Z
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?assign@?$char_traits@_W@std@@SAXAA_WAB_W@Z
??0?$allocator@D@std@@QAE@ABV01@@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$allocator@D@std@@QAE@XZ

msvcr80

strncmp
strchr
tolower
wcsstr
wcschr
_wcsicmp
sscanf
_stricmp
strcat
strncat
strcpy
_vsnwprintf
_snwprintf
iswspace
_resetstkoflw
_swprintf
_wfopen
atoi
_purecall
strcmp
labs
abs
wcsrchr
wcslen
wcscpy
wcscat
__argc
__wargv
wcscpy_s
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??_V@YAXPAX@Z
??2@YAPAXI@Z
fwrite
strncpy
mbstowcs
isspace
isalnum
isalpha
_wcserror
_errno
_vsnprintf_s
??0exception@std@@QAE@ABQBDH@Z
_isctype
towlower
??8type_info@@QBE_NABV0@@Z
toupper
iswctype
memcmp
_mktime64
_findclose
_findnext64i32
_findfirst64i32
sscanf_s
fputc
memcpy
swprintf_s
_beginthreadex
memset
strrchr
_snprintf
_controlfp_s
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
_except_handler4_common
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
?terminate@@YAXXZ
sprintf
_itoa
_localtime64
ferror
fseek
ftell
fread
fclose
fprintf
atof
fopen_s
memmove
_splitpath
_i64tow_s
_wtoi64
iswdigit
wcstol
_wcsnicmp
wcsncmp
_wcslwr_s
wcscmp
wcsncpy
_wcslwr
_localtime64_s
_time64
_vswprintf
_wtoi
wcsncpy_s
calloc
malloc
vswprintf_s
_vscwprintf
vsprintf_s
_vscprintf
_mbscmp
_mbschr
_mbsstr
_mbsicmp
strlen
memmove_s
memcpy_s
free
_recalloc
towupper
__RTDynamicCast
??3@YAXPAX@Z
__CxxFrameHandler3

userenv

UnloadUserProfile

wininet

HttpOpenRequestW
HttpAddRequestHeadersW
InternetReadFile
InternetSetOptionW
InternetGetConnectedState
HttpSendRequestW
HttpQueryInfoW

iphlpapi

GetAdaptersInfo

psapi

GetModuleFileNameExW
EnumProcessModules
EnumProcesses

mpr

WNetGetResourceInformationW

imagehlp

ImageGetCertificateHeader

crypt32

CertGetNameStringW
CertNameToStrW

Sections

.text
Size: 792KB - Virtual size: 788KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7227e7af56e03459921032301e6a461

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate

Extended Key Usages

Key Usages

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fdCertificate

Extended Key Usages

Key Usages

55:41:51:e0:cf:fa:2c:95:13:07:ae:60:87:c2:80:52Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

ce:5d:6b:c7:70:20:d3:42:b5:12:40:a8:18:f3:40:12:3d:f3:8b:9aSigner

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

gdiplus

msvcp80

msvcr80

userenv

wininet

iphlpapi

psapi

mpr

imagehlp

crypt32

Sections

.text Size: 792KB - Virtual size: 788KB

.rdata Size: 136KB - Virtual size: 135KB

.data Size: 48KB - Virtual size: 49KB

.rsrc Size: 184KB - Virtual size: 183KB

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

55:41:51:e0:cf:fa:2c:95:13:07:ae:60:87:c2:80:52
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

ce:5d:6b:c7:70:20:d3:42:b5:12:40:a8:18:f3:40:12:3d:f3:8b:9a
Signer

.text
Size: 792KB - Virtual size: 788KB

.rdata
Size: 136KB - Virtual size: 135KB

.data
Size: 48KB - Virtual size: 49KB

.rsrc
Size: 184KB - Virtual size: 183KB