d501821db733191f56fd3820008712fae4d4c6c091bf177bf9defe0f3ce522b8[.]exe[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

d501821db733191f56fd3820008712fae4d4c6c091bf177bf9defe0f3ce522b8.exe.zip
Size

79.3MB
MD5

298a6224847b89011d0d80e72b28ae55
SHA1

efd855daca8456f87ca390e3cfb7626b1329ffc1
SHA256

799160d702f4d94e8382e05336c1c8f54908a4c7bd9732983c6ab914da610010
SHA512

ccd6cf7262fa6abbf7d31df50ad9d8b54624741e80a931c6a8a301bf9ec2e9f33295b769a71d7b8dbb6c1677c46ca9d36945888b09bb92a663c273aa4d0f0d86
SSDEEP

1572864:YbGfmyCbb9MjH0m7br6JqtSo1jj1smB7XZHzgDcFQkRrE/DpZsmjMeuQoJ:ywmhb9MXbWqtSQjRn7XZ8v2ra/smjXuF

Score

1^/10

Malware Config

Signatures

Files

d501821db733191f56fd3820008712fae4d4c6c091bf177bf9defe0f3ce522b8.exe.zip
.zip

Password: infected
d501821db733191f56fd3820008712fae4d4c6c091bf177bf9defe0f3ce522b8.exe
.exe windows:5 windows x86 arch:x86

3968376bab7d74a1a051953adea72617

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:1f:3a:05:7a:1d:ce:4b:f7:d7:6d:0c:7a:df:83:7e
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/11/2019, 00:00

Not After

04/02/2023, 12:00

Subject

CN=Beijing Qihu Technology Co.\, Ltd.,O=Beijing Qihu Technology Co.\, Ltd.,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:41

Not After

15/04/2021, 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:41

Not After

15/04/2021, 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:83:09:ba:16:54:68:50:e6:05:e7:5d:77:3e:56:de
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/11/2019, 00:00

Not After

04/02/2023, 12:00

Subject

CN=Beijing Qihu Technology Co.\, Ltd.,O=Beijing Qihu Technology Co.\, Ltd.,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:a8:f7:25:76:dc:7b:14:7a:18:63:9e:8d:4d:eb:37
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

28/01/2021, 11:08

Not After

01/03/2032, 11:08

Subject

CN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10/12/2014, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

bd:32:8b:ff:90:d0:84:4d:6f:ad:91:41:b6:5b:1c:01:8e:23:8e:d2:be:40:34:f6:e3:ef:ac:da:05:2e:a5:8c
Signer

Actual PE Digest

bd:32:8b:ff:90:d0:84:4d:6f:ad:91:41:b6:5b:1c:01:8e:23:8e:d2:be:40:34:f6:e3:ef:ac:da:05:2e:a5:8c

Digest Algorithm

sha256

PE Digest Matches

true

02:f7:7d:28:ea:62:b3:15:f1:43:fe:44:b1:91:fa:30:fa:16:89:86
Signer

Actual PE Digest

02:f7:7d:28:ea:62:b3:15:f1:43:fe:44:b1:91:fa:30:fa:16:89:86

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
GetSystemTime
SetEvent
CreateEventW
FindAtomW
GlobalAddAtomW
WideCharToMultiByte
GetDiskFreeSpaceExW
GetVolumeNameForVolumeMountPointW
QueryDosDeviceW
lstrcatW
GetLocalTime
InterlockedCompareExchange
QueryPerformanceCounter
QueryPerformanceFrequency
lstrlenA
SystemTimeToFileTime
GetFileTime
InterlockedExchange
FlushInstructionCache
GlobalAlloc
GlobalFree
GetTickCount
GetCommandLineW
LoadLibraryExW
MultiByteToWideChar
lstrcmpiW
FreeResource
GetSystemWindowsDirectoryW
lstrcmpiA
lstrcmpA
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
GetLocaleInfoW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStartupInfoA
SetHandleCount
GetFileType
SetStdHandle
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
LeaveCriticalSection
GetUserDefaultLCID
GetTimeZoneInformation
GetModuleHandleA
HeapCreate
InitializeCriticalSectionAndSpinCount
GetModuleFileNameA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
GetStartupInfoW
ExitProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
ExitThread
TlsFree
ReleaseMutex
HeapWalk
HeapLock
OpenThread
HeapUnlock
SetFilePointerEx
GetCurrentThread
CreateFileA
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapSize
HeapReAlloc
HeapDestroy
TlsAlloc
LockFile
MapViewOfFile
CreateProcessW
GlobalDeleteAtom
CreateMutexW
PostQueuedCompletionStatus
CreateIoCompletionPort
GetQueuedCompletionStatus
CreateThread
TerminateThread
OutputDebugStringW
GetFileSizeEx
CompareFileTime
OpenProcess
GetVolumeInformationW
FormatMessageW
SetFileTime
SetEndOfFile
UnmapViewOfFile
GetFileSize
EnterCriticalSection
GetFullPathNameW
SetLastError
lstrlenW
lstrcpyW
DeleteCriticalSection
InitializeCriticalSection
RaiseException
FindFirstFileW
FindNextFileW
FindClose
LocalAlloc
GetVersionExW
CopyFileW
MoveFileW
MoveFileExW
GetPrivateProfileStringW
GlobalFindAtomW
Sleep
GetFileAttributesW
WriteFile
CreateDirectoryW
GetTempPathW
GetTempFileNameW
WritePrivateProfileStringW
SetFileAttributesW
InterlockedDecrement
RemoveDirectoryW
DeleteFileW
GetLastError
GetProcessHeap
HeapAlloc
HeapFree
GetSystemDirectoryW
ReadFile
SetFilePointer
GetCurrentProcessId
CreateFileW
DeviceIoControl
LoadLibraryW
InterlockedIncrement
GetModuleFileNameW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CloseHandle
WaitForSingleObject
GetModuleHandleW
GetProcAddress
GetSystemInfo
GlobalMemoryStatusEx
FreeLibrary
LocalFree
FindResourceExW
FindResourceW
LoadResource
LockResource
GetStdHandle
SetConsoleTextAttribute
LocalFileTimeToFileTime
DosDateTimeToFileTime
TlsGetValue
TlsSetValue
ResetEvent
ReadProcessMemory
OpenMutexW
GetExitCodeProcess
GetLongPathNameW
FindNextFileA
FindFirstFileA
LockFileEx
GetFileAttributesExW
UnlockFile
GetVersion
CreateFileMappingW
GetEnvironmentVariableW
GetLogicalDriveStringsW
GetWindowsDirectoryW
GetDriveTypeW
GetCurrentThreadId
MulDiv
GetSystemTimeAsFileTime
GetCurrentProcess
GetLocaleInfoA
SizeofResource

user32

GetWindowDC
EndDialog
GetWindowLongW
SetWindowTextW
MoveWindow
SetWindowPos
GetClientRect
ScreenToClient
MapWindowPoints
GetMonitorInfoW
MonitorFromWindow
GetWindowRect
GetWindow
GetParent
GetDC
ReleaseDC
IsWindowVisible
GetWindowTextW
FindWindowExW
InvalidateRect
RedrawWindow
GetDlgCtrlID
SetFocus
MessageBeep
GetWindowTextLengthW
CreateDialogParamW
SetWindowRgn
SetTimer
KillTimer
CopyRect
DefWindowProcW
CallWindowProcW
BeginPaint
EndPaint
DialogBoxParamW
EnableMenuItem
DestroyWindow
GetSystemMenu
SetDlgItemTextW
GetClassInfoExW
LoadCursorW
InflateRect
ShowWindow
IsWindowEnabled
wsprintfW
ExitWindowsEx
UnregisterClassA
GetDlgItem
PostQuitMessage
IsIconic
SystemParametersInfoW
LoadIconW
RegisterClassExW
CreateWindowExW
LoadImageW
EnableWindow
IsWindow
CharNextW
FindWindowW
SendMessageTimeoutW
SendMessageW
GetActiveWindow
MessageBoxW
DispatchMessageW
PostMessageW
wvsprintfW
BringWindowToTop
GetCursorPos
PtInRect
SetWindowLongW
TrackMouseEvent
GetShellWindow
PostThreadMessageW
SetForegroundWindow
UpdateWindow
UpdateLayeredWindow
GetWindowThreadProcessId
PeekMessageW
GetMessageW
TranslateMessage
GetSystemMetrics

gdi32

DeleteObject
EnumFontFamiliesW
CreateDIBSection
CreateFontW
SetViewportOrgEx
CreateRectRgn
CombineRgn
DeleteDC
SetBkColor
CreateSolidBrush
GetTextExtentPoint32W
CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
SelectObject
BitBlt

advapi32

RegEnumKeyExW
ImpersonateLoggedOnUser
RevertToSelf
OpenProcessToken
DuplicateTokenEx
OpenSCManagerW
OpenServiceW
QueryServiceStatusEx
CloseServiceHandle
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenThreadToken
ImpersonateSelf
AllocateAndInitializeSid
FreeSid
SetSecurityInfo
GetSecurityInfo
GetSecurityDescriptorSacl
IsValidSid
CopySid
RegQueryValueExW
RegQueryInfoKeyW
GetExplicitEntriesFromAclW
GetTrusteeNameW
DeleteAce
LookupAccountSidW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyW
GetTokenInformation
RegOpenKeyExW
RegDeleteValueW
RegEnumValueW
RegCloseKey
RegDeleteKeyW
GetUserNameW
LookupAccountNameW
GetFileSecurityW
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
GetAclInformation
GetLengthSid
InitializeAcl
GetAce
EqualSid
AddAce
AddAccessAllowedAce
SetSecurityDescriptorDacl
GetSecurityDescriptorControl
SetFileSecurityW
GetNamedSecurityInfoW
BuildExplicitAccessWithNameW
SetEntriesInAclW
SetNamedSecurityInfoW
ControlService
RegOpenKeyExA
RegQueryValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegEnumValueA
ChangeServiceConfigW

shell32

SHBrowseForFolderW
SHCreateDirectoryExW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetSpecialFolderPathW
ShellExecuteW
SHChangeNotify
SHFileOperationW
ShellExecuteExW
ord680
SHGetMalloc
CommandLineToArgvW
ord165
SHGetSpecialFolderPathA

ole32

CoInitializeSecurity
CoTaskMemAlloc
OleRun
CoTaskMemRealloc
CoInitialize
CoUninitialize
CoInitializeEx
CoCreateGuid
CoSetProxyBlanket
CreateStreamOnHGlobal
CoTaskMemFree
CoCreateInstance

oleaut32

SysAllocString
SysStringLen
VariantInit
VariantClear
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
SysAllocStringLen
VarUI4FromStr
SysFreeString

shlwapi

StrStrIW
SHGetValueA
PathCombineW
PathAppendW
PathIsRelativeW
SHDeleteKeyW
PathRemoveFileSpecW
StrStrIA
StrCmpNIW
StrTrimA
SHSetValueA
wnsprintfW
StrCmpW
PathAppendA
PathUnquoteSpacesW
PathCombineA
SHSetValueW
PathFileExistsW
SHGetValueW
SHDeleteValueW
StrCmpIW
PathFindExtensionW
PathCommonPrefixW
PathIsDirectoryW
PathAddBackslashW
PathFindFileNameW
PathRemoveExtensionW
PathMatchSpecW
StrRetToStrW
PathIsSameRootW
StrCatW
StrCpyW
PathIsPrefixW
PathIsDirectoryEmptyW
PathFileExistsA

comctl32

InitCommonControlsEx

crypt32

CertDeleteCertificateFromStore
CertDuplicateCertificateContext
CertCloseStore
CertGetNameStringW
CertEnumCertificatesInStore
CertOpenStore
CertCompareCertificate

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

psapi

GetModuleFileNameExW
EnumProcesses
GetProcessImageFileNameW

rpcrt4

NdrClientCall2
NdrAsyncClientCall
NdrAsyncServerCall
RpcStringFreeW
NdrServerCall2
RpcStringBindingComposeW
RpcBindingFromStringBindingW
RpcBindingFree

gdiplus

GdipFree
GdipAlloc
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipDisposeImage
GdipGetImageWidth
GdipCloneBrush
GdipRestoreGraphics
GdipSaveGraphics
GdipDrawString
GdipFillPath
GdipGraphicsClear
GdipRotateWorldTransform
GdipScaleWorldTransform
GdipTranslateWorldTransform
GdipSetSmoothingMode
GdipSetTextRenderingHint
GdipAddPathBezierI
GdipAddPathArcI
GdipClosePathFigure
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipCreateSolidFill
GdipDeleteFont
GdipCreateFont
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFontFamilyFromName
GdipDeletePath
GdipCreatePath
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeleteBrush
GdiplusStartup
GdiplusShutdown
GdipDrawImageRectRectI
GdipDrawImagePointRectI
GdipCreateFromHDC
GdipDeleteGraphics
GdipCloneImage
GdipDrawImageRectRect
GdipSetImageAttributesColorMatrix
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImageHeight

urlmon

URLDownloadToFileW
URLDownloadToCacheFileW

iphlpapi

GetAdaptersInfo

wininet

InternetConnectW
InternetSetOptionW
InternetQueryOptionW
HttpSendRequestW
HttpOpenRequestW
InternetCloseHandle
InternetOpenW
InternetGetConnectedState
InternetCrackUrlW
HttpQueryInfoW

netapi32

NetWkstaGetInfo
NetApiBufferFree

Sections

.text
Size: 617KB - Virtual size: 616KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6.7MB - Virtual size: 6.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

3968376bab7d74a1a051953adea72617

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:1f:3a:05:7a:1d:ce:4b:f7:d7:6d:0c:7a:df:83:7eCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

61:1c:b2:8a:00:00:00:00:00:26Certificate

Key Usages

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bdCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

61:1c:b2:8a:00:00:00:00:00:26Certificate

Key Usages

0c:83:09:ba:16:54:68:50:e6:05:e7:5d:77:3e:56:deCertificate

Extended Key Usages

Key Usages

01:a8:f7:25:76:dc:7b:14:7a:18:63:9e:8d:4d:eb:37Certificate

Extended Key Usages

Key Usages

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate

Key Usages

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51Certificate

Key Usages

bd:32:8b:ff:90:d0:84:4d:6f:ad:91:41:b6:5b:1c:01:8e:23:8e:d2:be:40:34:f6:e3:ef:ac:da:05:2e:a5:8cSigner

02:f7:7d:28:ea:62:b3:15:f1:43:fe:44:b1:91:fa:30:fa:16:89:86Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

crypt32

version

psapi

rpcrt4

gdiplus

urlmon

iphlpapi

wininet

netapi32

Sections

.text Size: 617KB - Virtual size: 616KB

.rdata Size: 170KB - Virtual size: 170KB

.data Size: 50KB - Virtual size: 70KB

.rsrc Size: 6.7MB - Virtual size: 6.7MB

.reloc Size: 67KB - Virtual size: 66KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:1f:3a:05:7a:1d:ce:4b:f7:d7:6d:0c:7a:df:83:7e
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

61:1c:b2:8a:00:00:00:00:00:26
Certificate

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

61:1c:b2:8a:00:00:00:00:00:26
Certificate

0c:83:09:ba:16:54:68:50:e6:05:e7:5d:77:3e:56:de
Certificate

01:a8:f7:25:76:dc:7b:14:7a:18:63:9e:8d:4d:eb:37
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

bd:32:8b:ff:90:d0:84:4d:6f:ad:91:41:b6:5b:1c:01:8e:23:8e:d2:be:40:34:f6:e3:ef:ac:da:05:2e:a5:8c
Signer

02:f7:7d:28:ea:62:b3:15:f1:43:fe:44:b1:91:fa:30:fa:16:89:86
Signer

.text
Size: 617KB - Virtual size: 616KB

.rdata
Size: 170KB - Virtual size: 170KB

.data
Size: 50KB - Virtual size: 70KB

.rsrc
Size: 6.7MB - Virtual size: 6.7MB

.reloc
Size: 67KB - Virtual size: 66KB