Extracted

Extracted

• 55484e8e8afe387318a55295422cd500

  .exe windows:5 windows x86 arch:x86

  9826ce53d9532b80b2f67968fe1f0c18

  
  

  Code Sign

  38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5

  Certificate

  Issuer

  CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

  Not Before

  15/06/2007, 00:00

  Not After

  14/06/2012, 23:59

  Subject

  CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4

  Certificate

  Issuer

  CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

  Not Before

  04/12/2003, 00:00

  Not After

  03/12/2013, 23:59

  Subject

  CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd

  Certificate

  Issuer

  OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

  Not Before

  08/11/2006, 00:00

  Not After

  07/11/2021, 23:59

  Subject

  CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageServerAuth

  ExtKeyUsageClientAuth

  ExtKeyUsageCodeSigning

  ExtKeyUsageNetscapeServerGatedCrypto

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  61:0c:12:06:00:00:00:00:00:1b

  Certificate

  Issuer

  CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  23/05/2006, 17:01

  Not After

  23/05/2016, 17:11

  Subject

  OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  0d:d6:d6:71:fe:03:64:d4:3b:63:21:31:41:7e:7b:3f

  Certificate

  Issuer

  CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

  Not Before

  31/01/2011, 00:00

  Not After

  30/01/2014, 23:59

  Subject

  CN=AVAST Software,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AVAST Software,L=Praha 4,ST=Praha,C=CZ

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7

  Certificate

  Issuer

  CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

  Not Before

  08/02/2010, 00:00

  Not After

  07/02/2020, 23:59

  Subject

  CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageClientAuth

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  cf:04:24:55:ea:91:a3:ee:22:de:b1:db:34:ed:bb:f0:df:01:af:c4

  Signer

  Actual PE Digest

  cf:04:24:55:ea:91:a3:ee:22:de:b1:db:34:ed:bb:f0:df:01:af:c4

  Digest Algorithm

  sha1

  PE Digest Matches

  false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  ashtask

  _tskFreeLibrary@0

  _tskInitLibrary@8

  ashbase

  _basCreatePath@16

  ashtaskex

  tskexInit

  tskexStartUpdate

  aswlog

  _logCloseQuery@4

  _logGetRow@4

  _logInitSessionsQuery@84

  kernel32

  GetTickCount

  QueryPerformanceCounter

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  TerminateProcess

  GetCurrentThreadId

  InterlockedExchange

  GetCurrentProcess

  GetLastError

  GetFileAttributesW

  Sleep

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  InterlockedCompareExchange

  user32

  ExitWindowsEx

  advapi32

  LookupPrivilegeValueW

  AdjustTokenPrivileges

  OpenProcessToken

  aswcmnbs

  fsGetAvastProgramPath

  msvcr90

  _controlfp_s

  _XcptFilter

  _invoke_watson

  _except_handler4_common

  _decode_pointer

  _wcsicmp

  wprintf

  _wfopen

  fread

  fclose

  _amsg_exit

  __wgetmainargs

  _cexit

  _exit

  memset

  exit

  __winitenv

  _initterm

  _initterm_e

  _configthreadlocale

  __setusermatherr

  _adjust_fdiv

  __p__commode

  __p__fmode

  _encode_pointer

  __set_app_type

  _crt_debugger_hook

  ?terminate@@YAXXZ

  _unlock

  __dllonexit

  _lock

  _onexit

  Sections

  .text

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 916B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 63KB - Virtual size: 62KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 1024B - Virtual size: 706B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ