d40957a4218e3dda3d91b2daf31a617e17a653e7dac11435a5f579a8724ce09e

Sharing

Copy URL

Twitter E-mail

General

Target

d40957a4218e3dda3d91b2daf31a617e17a653e7dac11435a5f579a8724ce09e
Size

1.2MB
MD5

b44363bf2e222b2ab856b080ba0870f3
SHA1

b6d9f86115dda1ffc16d11a06a99a00587437b54
SHA256

d40957a4218e3dda3d91b2daf31a617e17a653e7dac11435a5f579a8724ce09e
SHA512

ca5a41c1de3c355440643478209bba376df44b35cbf8ade898d393a5f31502736850ebb51b1f8315aa187068f6ed20ceea32ab48eb977012e82a35901d1220af
SSDEEP

24576:wc63xGzh4m/nKiEtrR22hdjJ8IuUvMewWxwpEryUZ5pcGYffMkRoj:Ckl4WxEd9hvIC20yc5pJOfMkU

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/test/a10.exe
unpack001/test/a11.exe

Files

d40957a4218e3dda3d91b2daf31a617e17a653e7dac11435a5f579a8724ce09e
.zip
test/a10.exe
.exe windows:6 windows x64 arch:x64

5691abfbbbf6cc181e8e9dc29d545a27

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetTickCount
HeapCreate
HeapAlloc
CloseHandle
ReleaseSRWLockExclusive
ReleaseMutex
ReleaseSRWLockShared
GetLastError
AddVectoredExceptionHandler
SetThreadStackGuarantee
Sleep
AcquireSRWLockExclusive
GetCurrentProcess
GetCurrentThread
RtlCaptureContext
GetProcAddress
RtlLookupFunctionEntry
SetLastError
GetCurrentDirectoryW
GetEnvironmentVariableW
GetStdHandle
GetCurrentProcessId
WaitForSingleObject
TryAcquireSRWLockExclusive
QueryPerformanceCounter
GetProcessHeap
HeapFree
HeapReAlloc
AcquireSRWLockShared
WaitForSingleObjectEx
LoadLibraryA
CreateMutexA
GetModuleHandleA
CreateFileW
GetConsoleMode
GetModuleHandleW
FormatMessageW
GetFullPathNameW
MultiByteToWideChar
WriteConsoleW
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
InitializeSListHead
GetCurrentThreadId
IsProcessorFeaturePresent

ntdll

RtlNtStatusToDosError
NtWriteFile

vcruntime140

__current_exception_context
__current_exception
__C_specific_handler
__CxxFrameHandler3
memmove
memcmp
memcpy
memset

api-ms-win-crt-runtime-l1-1-0

_initterm_e
exit
_exit
_initterm
__p___argc
__p___argv
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
_initialize_onexit_table
_register_onexit_function
_crt_atexit
terminate
_set_app_type
_seh_filter_exe

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

free
_set_new_mode

Sections

.text
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
test/a11.exe
.exe windows:6 windows x64 arch:x64

5691abfbbbf6cc181e8e9dc29d545a27

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetTickCount
HeapCreate
HeapAlloc
CloseHandle
ReleaseSRWLockExclusive
ReleaseMutex
ReleaseSRWLockShared
GetLastError
AddVectoredExceptionHandler
SetThreadStackGuarantee
Sleep
AcquireSRWLockExclusive
GetCurrentProcess
GetCurrentThread
RtlCaptureContext
GetProcAddress
RtlLookupFunctionEntry
SetLastError
GetCurrentDirectoryW
GetEnvironmentVariableW
GetStdHandle
GetCurrentProcessId
WaitForSingleObject
TryAcquireSRWLockExclusive
QueryPerformanceCounter
GetProcessHeap
HeapFree
HeapReAlloc
AcquireSRWLockShared
WaitForSingleObjectEx
LoadLibraryA
CreateMutexA
GetModuleHandleA
CreateFileW
GetConsoleMode
GetModuleHandleW
FormatMessageW
GetFullPathNameW
MultiByteToWideChar
WriteConsoleW
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
InitializeSListHead
GetCurrentThreadId
IsProcessorFeaturePresent

ntdll

RtlNtStatusToDosError
NtWriteFile

vcruntime140

__current_exception_context
__current_exception
__C_specific_handler
__CxxFrameHandler3
memmove
memcmp
memcpy
memset

api-ms-win-crt-runtime-l1-1-0

_initterm_e
exit
_exit
_initterm
__p___argc
__p___argv
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
_initialize_onexit_table
_register_onexit_function
_crt_atexit
terminate
_set_app_type
_seh_filter_exe

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

free
_set_new_mode

Sections

.text
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
test/go.exe
.exe windows:5 windows x64 arch:x64

20da0907080156212d0142bf600de211

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-05-2021 00:00

Not After

31-12-2028 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22-03-2021 00:00

Not After

21-03-2036 23:59

Subject

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

57:a0:99:d4:50:32:04:15:02:d1:f8:cc:00:8d:29:cf
Certificate

Issuer

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Not Before

10-12-2021 00:00

Not After

09-12-2024 23:59

Subject

SERIALNUMBER=91340100MA2T243T5P,CN=Hefei Pingbo Network Technology Co. Ltd,O=Hefei Pingbo Network Technology Co. Ltd,ST=Anhui Sheng,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03-05-2023 00:00

Not After

02-08-2034 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d8:0d:24:02:7b:6d:35:4c:19:bb:b1:ea:31:b1:93:7c:26:0f:34:1c:2c:b2:06:9c:e3:1f:65:43:76:a3:1f:20
Signer

Actual PE Digest

d8:0d:24:02:7b:6d:35:4c:19:bb:b1:ea:31:b1:93:7c:26:0f:34:1c:2c:b2:06:9c:e3:1f:65:43:76:a3:1f:20

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ws2_32

send
ioctlsocket
WSAGetLastError
recv
connect
inet_ntoa
htons
inet_addr
htonl
getsockname
setsockopt
sendto
bind
gethostbyname
listen
accept
select
__WSAFDIsSet
getpeername
socket
closesocket
WSAStartup

kernel32

ProcessIdToSessionId
OpenProcess
RemoveDirectoryW
FindClose
FindNextFileW
DeleteFileW
FindFirstFileW
GetDriveTypeW
CreateEventW
SetEvent
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
WriteFile
GetFileAttributesW
GlobalSize
ReadFile
GetFileSize
SetFileTime
CreateFileW
MoveFileW
CreateDirectoryW
GetTempPathA
ResetEvent
WaitForSingleObject
TerminateThread
SetThreadPriority
CreateThread
WideCharToMultiByte
GetSystemTimeAsFileTime
GetLocalTime
OutputDebugStringA
CreateFileA
DeviceIoControl
FindFirstFileA
FindNextFileA
DeleteFileA
RtlVirtualUnwind
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemInfo
HeapSize
CreateToolhelp32Snapshot
HeapCreate
HeapSetInformation
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
FlsAlloc
FlsFree
FlsSetValue
FlsGetValue
DecodePointer
EncodePointer
GetStdHandle
GetTimeZoneInformation
GetStartupInfoW
RtlCaptureContext
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
VirtualQuery
VirtualProtect
ExitProcess
HeapReAlloc
RtlUnwindEx
RtlLookupFunctionEntry
RtlPcToFileHeader
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
GetProcessHeap
HeapAlloc
HeapFree
InterlockedPushEntrySList
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
GetFullPathNameA
GetCurrentDirectoryA
FreeEnvironmentStringsW
Process32FirstW
Process32NextW
LoadLibraryW
CreateProcessA
VerSetConditionMask
VerifyVersionInfoW
CreateFileMappingW
GetVersionExW
GetModuleFileNameA
Sleep
CreateMutexW
GetModuleFileNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
lstrcmpiW
GetModuleHandleW
LoadLibraryA
GetProcAddress
GetLastError
lstrlenW
GetTickCount
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
CloseHandle
GetCurrentProcessId
InitializeCriticalSection
SetLastError
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetEnvironmentStringsW
GetCommandLineW
LCMapStringA
LCMapStringW
FlushFileBuffers
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
LocalAlloc

user32

EnumDisplayMonitors
GetCursorInfo
GetIconInfo
GetPriorityClipboardFormat
GetClipboardSequenceNumber
ExitWindowsEx
GetClipboardData
MapVirtualKeyW
SendInput
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetThreadDesktop
FindWindowW
SetDlgItemTextW
SetDlgItemInt
SendDlgItemMessageW
GetDlgItemTextW
GetDlgItemInt
FillRect
DrawTextA
SetScrollInfo
GetScrollInfo
ShowScrollBar
SetScrollPos
GetScrollRange
GetScrollPos
EnableWindow
ClientToScreen
EnumDisplaySettingsW
CreatePopupMenu
AppendMenuW
GetWindowThreadProcessId
DialogBoxParamW
GetDlgCtrlID
GetKeyState
LockWorkStation
GetSystemMetrics
GetCursorPos
LoadIconW
PtInRect
SetCursor
ReleaseCapture
OffsetRect
EndPaint
BeginPaint
GetWindowLongPtrW
GetSubMenu
TrackPopupMenu
CallWindowProcW
MonitorFromPoint
DestroyMenu
CheckMenuItem
EnableMenuItem
DeleteMenu
LoadMenuW
DrawTextW
SetForegroundWindow
SystemParametersInfoW
ChangeDisplaySettingsW
GetUserObjectInformationW
RegisterClassW
UnregisterClassW
EnumWindows
MoveWindow
WindowFromPoint
DrawIconEx
DestroyIcon
LoadImageW
SetWindowLongW
GetParent
GetWindow
MonitorFromWindow
UnionRect
mouse_event
IntersectRect
GetActiveWindow
OpenInputDesktop
GetMonitorInfoW
MapWindowPoints
IsWindow
IsDialogMessageW
SetFocus
SetCapture
KillTimer
SetTimer
IsWindowVisible
ReleaseDC
GetDC
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SendMessageW
GetWindowLongW
DefWindowProcW
MessageBoxW
CreateWindowExW
RegisterClassExW
CharNextW
PeekMessageW
LoadStringW
LoadCursorW
GetClassInfoExW
OpenDesktopW
SetThreadDesktop
CloseDesktop
GetMessageW
PostQuitMessage
TranslateMessage
DispatchMessageW
CreateDialogParamW
SetWindowLongPtrW
GetDlgItemTextA
EndDialog
DestroyWindow
PostThreadMessageW
GetDlgItem
ShowWindow
InvalidateRect
UpdateWindow
GetClientRect
SetWindowPos
PostMessageW
UnregisterClassA
GetCapture

gdi32

BitBlt
ExtSelectClipRgn
CreateDCW
RestoreDC
SaveDC
GetPaletteEntries
StretchBlt
CreateCompatibleDC
CreateDIBSection
SetStretchBltMode
GetObjectW
GetDIBits
GetDeviceCaps
GetTextExtentExPointW
CreatePen
CreateHatchBrush
CreateFontW
ExtTextOutW
RoundRect
Polygon
Ellipse
ExcludeClipRect
SelectClipRgn
SetViewportOrgEx
SetTextColor
SetBkMode
SetBkColor
GetStockObject
DeleteDC
DeleteObject
CreateSolidBrush
CreateRectRgn
SelectObject
Rectangle

advapi32

RegisterServiceCtrlHandlerW
SetServiceStatus
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
DuplicateTokenEx
SetTokenInformation
CreateProcessAsUserW
DeleteService
CreateServiceW
OpenServiceW
StartServiceW
ControlService
ChangeServiceConfig2W
OpenSCManagerW
CloseServiceHandle
GetUserNameW
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
StartServiceCtrlDispatcherW

shell32

SHGetFolderPathW
DragFinish
Shell_NotifyIconW
DragAcceptFiles
ShellExecuteA
DragQueryFileW

ole32

CoCreateInstance
CoTaskMemFree
CoInitializeEx
CoUninitialize
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

VariantClear
VarUI4FromStr
VariantInit

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 575KB - Virtual size: 574KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
test/gotohttp.ini

Sharing

General

Malware Config

Signatures

Files

5691abfbbbf6cc181e8e9dc29d545a27

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ntdll

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 165KB - Virtual size: 164KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 512B - Virtual size: 696B

.pdata Size: 7KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 1KB

5691abfbbbf6cc181e8e9dc29d545a27

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ntdll

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 165KB - Virtual size: 164KB

.rdata Size: 62KB - Virtual size: 62KB

.data Size: 512B - Virtual size: 696B

.pdata Size: 7KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 1KB

20da0907080156212d0142bf600de211

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6eCertificate

Extended Key Usages

Key Usages

57:a0:99:d4:50:32:04:15:02:d1:f8:cc:00:8d:29:cfCertificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

d8:0d:24:02:7b:6d:35:4c:19:bb:b1:ea:31:b1:93:7c:26:0f:34:1c:2c:b2:06:9c:e3:1f:65:43:76:a3:1f:20Signer

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

userenv

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rodata Size: 2KB - Virtual size: 2KB

.rdata Size: 575KB - Virtual size: 574KB

.data Size: 33KB - Virtual size: 46KB

.pdata Size: 65KB - Virtual size: 65KB

.text
Size: 165KB - Virtual size: 164KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 512B - Virtual size: 696B

.pdata
Size: 7KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 165KB - Virtual size: 164KB

.rdata
Size: 62KB - Virtual size: 62KB

.data
Size: 512B - Virtual size: 696B

.pdata
Size: 7KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 1KB

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

57:a0:99:d4:50:32:04:15:02:d1:f8:cc:00:8d:29:cf
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

d8:0d:24:02:7b:6d:35:4c:19:bb:b1:ea:31:b1:93:7c:26:0f:34:1c:2c:b2:06:9c:e3:1f:65:43:76:a3:1f:20
Signer

.text
Size: 1.5MB - Virtual size: 1.5MB

.rodata
Size: 2KB - Virtual size: 2KB

.rdata
Size: 575KB - Virtual size: 574KB

.data
Size: 33KB - Virtual size: 46KB

.pdata
Size: 65KB - Virtual size: 65KB

.rsrc
Size: 27KB - Virtual size: 26KB

.reloc
Size: 14KB - Virtual size: 13KB