Activator[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Activator.exe
Size

1.9MB
MD5

d129733180505f8ccf02d3219c1183dc
SHA1

87534859be1e98fee1449de4bc06c212e7111692
SHA256

87b052085b3c3b60a993e59e3997a331d4f6766302b3e3dafd26186883ae5e01
SHA512

263774ecf387c59d63a0c7a644692bcc721db03a9addb65669287dc4b9b98d9903eed26ec05677b38220733c705f4cab065871d19d0a38f7d4fb8adf606f7389
SSDEEP

24576:pNNZP4o6D7sM/i0POWuCkiVe+tMLdi5QK8FBiMKrGmLzJLtvTp:pNf4oT0P6CDVnIc5QHFBiZDzJ1p

Score

1^/10

Malware Config

Signatures

Files

Activator.exe
.exe windows:6 windows x64 arch:x64

Password: activator

c0b5fb8e30eb036565ebfee440033d17

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:fe:e6:95:a2:bb:1d:58:31:42:fa:ed:2a:0e:f8:d0
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/06/2015, 00:00

Not After

01/07/2018, 23:59

Subject

CN=VanDyke Software\, Inc.,O=VanDyke Software\, Inc.,L=Albuquerque,ST=New Mexico,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d6:57:b2:31:39:a5:8b:f9:4d:08:40:a8:a9:00:1d:90:d7:23:08:5e:6c:f9:96:6d:d5:70:11:b3:ba:e5:5b:c8
Signer

Actual PE Digest

d6:57:b2:31:39:a5:8b:f9:4d:08:40:a8:a9:00:1d:90:d7:23:08:5e:6c:f9:96:6d:d5:70:11:b3:ba:e5:5b:c8

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

commonui80u

?GetVdsUserDataPathSub@@YAXPEAVIString@@@Z
?VGetAppName@@YAPEB_WXZ
?SetVdsConfigPathSub@@YAXPEB_W@Z
??_7TrayIconClient@@6B@
?GetVdsSshDataPathSub@@YAXPEAVIString@@@Z
?GetVdsInstallPathSub@@YAXPEAVIString@@@Z
?GetVdsConfigPathSub@@YAXPEAVIString@@@Z
?SetVdsInstallPathSub@@YAXPEB_W@Z
?SetVdsUserDataPathSub@@YAXPEB_W@Z
?SetVdsSshDataPathSub@@YAXPEB_W@Z
??0TrayIconClient@@QEAA@XZ
??1VRecentFileList@@UEAA@XZ
?WriteList@VRecentFileList@@UEAAXXZ
?ReadList@VRecentFileList@@UEAAXXZ
??0VUnicodeString@@QEAA@AEBV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@W4SensitiveState@Str@@@Z
?AddToMostRecent@VRecentFileList@@QEAAXPEB_W@Z
?EscapeAmpersand@@YA?AVVUnicodeString@@PEB_W@Z
?RemoveTrayIcon@TrayIcon@@QEAAXXZ
??1TrayIcon@@UEAA@XZ
??0VRecentFileList@@QEAA@IPEB_W0_KH@Z
?SetTrayIconTip@TrayIcon@@QEBAXPEB_W@Z
?SetTrayIcon@TrayIcon@@QEAAXPEAUHICON__@@@Z
?Create@TrayIcon@@QEAA_NXZ
??0TrayIcon@@QEAA@PEAVTrayIconClient@@@Z
?CommonUiInit@@YAXP6APEAVIHostnameResolver@@XZP6APEAVVProfileStoreFactory@@XZ@Z

connectdialog80u

?GetActivatorShowSelectionMessage@@YAIXZ
?GetActivatorCanExitApplicationMessage@@YAIXZ

clientconfigui80u

?UpdateProfileEncryptedString@@YA_NAEAVVProfileEncryptedString@@AEBVVUnicodeString@@@Z
?GetProfileEncryptedPlaintextString@@YA?AVVUnicodeString@@AEBVVProfileEncryptedString@@@Z
?ClientConfigUiInit@@YAXP6APEAVVReportMessageRouter@@XZH@Z
?GetConfigPassphrase@@YA?AVVUnicodeString@@XZ
?IsConfigPassphraseDisabled@@YA_NXZ
?GetAppConfigPath@@YA?AVVUnicodeString@@PEB_W@Z
?UsePersonalDataPath@@YA_NPEB_W@Z
?GetConnectProtocolTable@@YAAEAVConnectProtocolTable@@XZ
?HasVShellEmulation@@YA_NXZ
?LaunchFirewallPasswordDialog@@YA_NPEAVIString@@AEA_NPEAVIParentable@@@Z
?LaunchFirewallUsernameDialog@@YA_NPEAVIString@@AEA_NPEAVIParentable@@@Z
?GetSecureFxPath@@YAPEB_WXZ
?IsSecureFxInstalled@@YA_NXZ
?GetCrtPath@@YAPEB_WXZ
?IsCrtInstalled@@YA_NXZ
?GetSecureCrtPath@@YAPEB_WXZ
?IsSecureCrtOrCrtInstalled@@YA_NXZ
?IsSecureCrtInstalled@@YA_NXZ
?IsIntegrated@@YA_NXZ
?GetGlobalConfig@@YAXAEAPEAUGlobalConfig@@H@Z
?GetAppPersonalDataPath@@YA?AVVUnicodeString@@PEB_W0@Z
?ClientConfigUiInitProfileFactory@@YAXP6APEAVVProfileStoreFactory@@XZ@Z

ssh2core80u

?CleanupForUnload@SSH2@@YAXXZ
?Init@SSH2@@YA_N_NAEAVVReportMessageParams@@@Z

ssh2client80u

?LaunchManageAgentKeys@SSH2@@YAXAEAVVProfileListViewState@@PEAVCWnd@@PEAPEAV3@@Z
?ClientUiInit@SSH2@@YAXP6A_NXZP6A?AVVUnicodeString@@XZP6A_NAEAVVProfileEncryptedString@@AEBV2@@ZP6A?AV2@AEBV3@@Z@Z

mfc140u

ord5080
ord11850
ord3172
ord3278
ord3279
ord3812
ord11806
ord2629
ord5723
ord13354
ord11406
ord6631
ord14217
ord7651
ord14211
ord2967
ord4352
ord9384
ord4360
ord4828
ord4767
ord4752
ord4814
ord4859
ord4782
ord4837
ord4853
ord4794
ord4800
ord4806
ord4788
ord4843
ord4776
ord1755
ord1734
ord1748
ord1722
ord1700
ord11940
ord11944
ord13513
ord3173
ord8947
ord10691
ord6729
ord11854
ord8656
ord14209
ord11625
ord3718
ord11771
ord8830
ord11415
ord11414
ord5451
ord9979
ord9975
ord9977
ord9978
ord9976
ord14360
ord2697
ord7913
ord3209
ord3212
ord13397
ord6000
ord3071
ord3307
ord3308
ord3951
ord11085
ord10704
ord1501
ord11813
ord7393
ord1450
ord983
ord2270
ord1489
ord286
ord1033
ord4445
ord12607
ord266
ord6614
ord8900
ord9941
ord5555
ord11901
ord2344
ord11933
ord10124
ord7920
ord11929
ord11921
ord5706
ord3731
ord6122
ord14289
ord6123
ord14290
ord6121
ord14288
ord7719
ord12212
ord14088
ord11665
ord11664
ord2011
ord7668
ord12625
ord5363
ord3949
ord5552
ord5339
ord4011
ord9089
ord14216
ord7650
ord14210
ord12223
ord12222
ord2439
ord5183
ord8023
ord12544
ord8084
ord8167
ord265
ord2689
ord14194
ord3748
ord2907
ord8440
ord4083
ord3096
ord6002
ord13401
ord2698
ord8822
ord11902
ord5916
ord6342
ord1454
ord990
ord1157
ord3599
ord4335
ord4343
ord296
ord8731
ord9041
ord5165
ord1503
ord5582
ord5083
ord5229
ord5062
ord7460
ord7461
ord7450
ord5227
ord7922
ord9946
ord8901
ord6285
ord5240
ord13767
ord10163
ord1089
ord4726
ord446
ord7233
ord1491
ord13949
ord14033
ord14039
ord7893
ord5709
ord285
ord2921
ord14145
ord5232
ord1785
ord1786
ord12274
ord280
ord2212
ord2370
ord1641
ord5674

kernel32

CompareFileTime
OutputDebugStringW
IsDebuggerPresent
InitializeSListHead
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
LeaveCriticalSection
EnterCriticalSection
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GetModuleHandleExW
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
FreeLibrary
GetProcAddress
LoadLibraryW
GetSystemTime
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
GetSystemTimeAsFileTime
GetTimeZoneInformation
WideCharToMultiByte
MultiByteToWideChar
FormatMessageW
FormatMessageA
GetLocalTime
GetCurrentThreadId
RemoveDirectoryW
RemoveDirectoryA
CreateDirectoryW
FindNextFileW
FindClose
FindFirstFileW
SetFileTime
GetFileSize
SetFilePointer
UnlockFileEx
LockFileEx
SetEndOfFile
WriteFile
ReadFile
MoveFileW
DeleteFileW
MoveFileA
DeleteFileA
GetTempPathW
GetLongPathNameW
GetVolumeInformationW
GetDriveTypeW
GetFullPathNameW
GetDriveTypeA
GetFullPathNameA
GetComputerNameW
GetCurrentThread
GetCurrentProcess
LocalAlloc
GetModuleFileNameW
ReleaseMutex
WaitForSingleObject
LocalFree
lstrlenW
ExpandEnvironmentStringsW
GetFileInformationByHandle
CreateFileW
VirtualQuery
MapViewOfFile
OpenFileMappingW
CreateFileMappingW
UnmapViewOfFile
GetExitCodeProcess
CreateProcessW
GetStartupInfoW
CloseHandle
SetLastError
lstrcmpW
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
HeapFree
GetCommandLineW
GetLastError
CreateMutexW
GetModuleHandleW

user32

GetWindowLongW
GetClassLongW
FindWindowW
EnableWindow
EnumWindows
GetWindowLongPtrW
GetKeyboardLayout
SystemParametersInfoW
PostQuitMessage
MessageBoxW
EnableMenuItem
AppendMenuW
CreatePopupMenu
GetParent
GetClassNameW
LoadImageW
SetForegroundWindow
GetLastActivePopup
IsWindow
UnregisterClassW
UpdateWindow
InvalidateRect
PostMessageW
ShowWindow
IsIconic
SendMessageW
GetDesktopWindow

advapi32

EqualPrefixSid
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
IsValidSecurityDescriptor
RegSetValueExW
GetSecurityDescriptorLength
RegDeleteValueW
RegDeleteKeyW
RegSetKeySecurity
RegGetKeySecurity
RegCreateKeyExW
RegEnumValueW
RegEnumKeyExW
RegQueryInfoKeyW
GetLengthSid
CopySid
GetAclInformation
InitializeSecurityDescriptor
MakeSelfRelativeSD
EqualSid
GetSecurityDescriptorControl
OpenProcessToken
DuplicateToken
OpenThreadToken
AccessCheck
GetKernelObjectSecurity
GetFileSecurityW
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
SetSecurityDescriptorSacl
SetSecurityDescriptorControl
BuildExplicitAccessWithNameW
SetEntriesInAclW
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
MakeAbsoluteSD
InitializeAcl
GetAce
AddAce
DeleteAce
OpenSCManagerW
OpenServiceW
QueryServiceConfigW
CryptGenRandom
CryptReleaseContext
CryptAcquireContextW
LsaClose
LsaOpenPolicy
LsaLookupNames2
GetUserNameW
CloseServiceHandle
AllocateAndInitializeSid
FreeSid
ConvertStringSidToSidW
ConvertSidToStringSidW
LsaLookupSids
LsaFreeMemory
LsaNtStatusToWinError
LsaQueryInformationPolicy
CreateProcessAsUserW
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
InitializeSid
GetSidLengthRequired
GetTokenInformation

shell32

SHGetFolderPathW

ole32

CoTaskMemFree

oleaut32

SysFreeString
SafeArrayUnaccessData
GetErrorInfo
SetErrorInfo
CreateErrorInfo
SafeArrayAccessData
SafeArrayPutElement
SafeArrayCreate
SysAllocString
VariantChangeType
VariantInit
VariantClear

msvcp140

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
_Cnd_init
_Mtx_init
_Mtx_lock
_Cnd_signal
_Cnd_destroy
_Mtx_destroy
_Mtx_unlock
?set_new_handler@std@@YAP6AXXZP6AXXZ@Z
_Thrd_start
_Cnd_do_broadcast_at_thread_exit
_Cnd_wait
?_Throw_Cpp_error@std@@YAXH@Z
?_Throw_C_error@std@@YAXH@Z
_Thrd_detach
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?width@ios_base@std@@QEBA_JXZ
?flags@ios_base@std@@QEBAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?width@ios_base@std@@QEAA_J_J@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
?uncaught_exception@std@@YA_NXZ
?good@ios_base@std@@QEBA_NXZ
?rdstate@ios_base@std@@QEBAHXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBAPEAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBAPEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WXZ
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z

ws2_32

closesocket
socket
htons
freeaddrinfo
getaddrinfo
getnameinfo
ntohs
htonl
ntohl
inet_addr
inet_ntoa

vcruntime140

__std_type_info_destroy_list
__vcrt_InitializeCriticalSectionEx
__CxxFrameHandler3
__C_specific_handler
memset
__std_terminate
strstr
wcsrchr
wcschr
memchr
wcsstr
__std_exception_copy
__std_exception_destroy
_purecall
strrchr
memmove
__std_type_info_compare
__std_type_info_name
strchr
__RTDynamicCast
memcmp
memcpy
_CxxThrowException

api-ms-win-crt-runtime-l1-1-0

terminate
_seh_filter_exe
_set_app_type
_configure_wide_argv
_initialize_wide_environment
_get_wide_winmain_command_line
_initterm
exit
_exit
_errno
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_invalid_parameter_noinfo_noreturn
_configure_narrow_argv
_invalid_parameter_noinfo
_seh_filter_dll
_initterm_e
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit

api-ms-win-crt-heap-l1-1-0

_aligned_malloc
_recalloc
_set_new_mode
free
_aligned_free
malloc

api-ms-win-crt-string-l1-1-0

tolower
isspace
toupper
towlower
towupper
strncmp
wcstok
iswdigit
isdigit
wcsncmp
strncpy
_wcsnicmp
iswspace
wcsncpy
_strnicmp
_stricmp
_wcsicmp
strcmp

api-ms-win-crt-convert-l1-1-0

_strtoi64
_strtoui64
_wcstoi64
wcstoul
_wcstoui64
wcstod
strtol
_wtoi

api-ms-win-crt-filesystem-l1-1-0

_wsplitpath

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode
__stdio_common_vswscanf
__stdio_common_vswprintf
__stdio_common_vsscanf

api-ms-win-crt-utility-l1-1-0

srand
rand
qsort

api-ms-win-crt-time-l1-1-0

strftime

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

crypt32

CryptUnprotectData
CryptProtectData

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 568KB - Virtual size: 567KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: activator

c0b5fb8e30eb036565ebfee440033d17

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4aCertificate

Key Usages

67:fe:e6:95:a2:bb:1d:58:31:42:fa:ed:2a:0e:f8:d0Certificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

d6:57:b2:31:39:a5:8b:f9:4d:08:40:a8:a9:00:1d:90:d7:23:08:5e:6c:f9:96:6d:d5:70:11:b3:ba:e5:5b:c8Signer

Headers

DLL Characteristics

File Characteristics

Imports

commonui80u

connectdialog80u

clientconfigui80u

ssh2core80u

ssh2client80u

mfc140u

kernel32

user32

advapi32

shell32

ole32

oleaut32

msvcp140

ws2_32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

crypt32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 568KB - Virtual size: 567KB

.data Size: 36KB - Virtual size: 44KB

.pdata Size: 61KB - Virtual size: 60KB

.gfids Size: 512B - Virtual size: 140B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 60KB - Virtual size: 60KB

.reloc Size: 13KB - Virtual size: 13KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

67:fe:e6:95:a2:bb:1d:58:31:42:fa:ed:2a:0e:f8:d0
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

d6:57:b2:31:39:a5:8b:f9:4d:08:40:a8:a9:00:1d:90:d7:23:08:5e:6c:f9:96:6d:d5:70:11:b3:ba:e5:5b:c8
Signer

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 568KB - Virtual size: 567KB

.data
Size: 36KB - Virtual size: 44KB

.pdata
Size: 61KB - Virtual size: 60KB

.gfids
Size: 512B - Virtual size: 140B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 60KB - Virtual size: 60KB

.reloc
Size: 13KB - Virtual size: 13KB