2024-01-24_90a89b963b07c6d4f31e499a4944976b_ryuk

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-24_90a89b963b07c6d4f31e499a4944976b_ryuk
Size

18.8MB
MD5

90a89b963b07c6d4f31e499a4944976b
SHA1

a760dee272385fe602841c31f3ef257cd94cb533
SHA256

7367f458a61b144320d71ca36518dcb1156125641c25af5a6e1ebeff25c44632
SHA512

1cb621bd631529464e467d1ef357b69f58e73b1214deef967807215f96cd7df6012d86d90175565b402e22fb3822f305d031582ef0292108e47d9a4f018aa4c8
SSDEEP

196608:h44f+XHYMLevW62F1psxXGGnrj8pPgPEX4X9lxc6HG8QXxq:h4JoOCCplGrj8pIcoXrHG8QXxq

Score

1^/10

Malware Config

Signatures

Files

2024-01-24_90a89b963b07c6d4f31e499a4944976b_ryuk
.exe windows:5 windows x64 arch:x64

eaf5ea89181dfb0e972bfec2e75a39ce

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:a5:a1:33:e7:fe:db:53:c8:f1:66:87:cf:bc:4e:db
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

04/04/2023, 00:00

Not After

04/04/2026, 23:59

Subject

SERIALNUMBER=91310110787862412B,CN=上海贝锐信息科技股份有限公司,O=上海贝锐信息科技股份有限公司,ST=上海市,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#0c09e4b88ae6b5b7e5b882,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:a5:a1:33:e7:fe:db:53:c8:f1:66:87:cf:bc:4e:db
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

04/04/2023, 00:00

Not After

04/04/2026, 23:59

Subject

SERIALNUMBER=91310110787862412B,CN=上海贝锐信息科技股份有限公司,O=上海贝锐信息科技股份有限公司,ST=上海市,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#0c09e4b88ae6b5b7e5b882,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

95:8c:e4:62:e5:e5:38:e2:9b:e0:76:83:17:66:57:3f:fc:4b:51:c9:f8:12:24:94:eb:b7:30:6c:be:7b:e3:31
Signer

Actual PE Digest

95:8c:e4:62:e5:e5:38:e2:9b:e0:76:83:17:66:57:3f:fc:4b:51:c9:f8:12:24:94:eb:b7:30:6c:be:7b:e3:31

Digest Algorithm

sha256

PE Digest Matches

true

8b:c2:17:7f:a4:05:55:5a:5f:b1:ad:03:90:25:5e:d4:f7:79:c9:ba
Signer

Actual PE Digest

8b:c2:17:7f:a4:05:55:5a:5f:b1:ad:03:90:25:5e:d4:f7:79:c9:ba

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

crypt32

CertOpenStore
CertEnumCertificatesInStore
CertDuplicateCertificateContext
CertGetNameStringW
CertFindCertificateInStore
CryptMsgGetParam
CertCloseStore
CryptQueryObject
CertFreeCertificateContext
CryptMsgClose
CertGetCertificateContextProperty

winmm

timeEndPeriod
timeGetTime
timeBeginPeriod

powrprof

GetCurrentPowerPolicies

winspool.drv

GetPrintProcessorDirectoryA
DeletePrinter
EnumPrinterDriversW
OpenPrinterA
EnumPrintProcessorsW
ClosePrinter
AddPrinterA

setupapi

SetupDiGetClassDevsW
CM_Get_Device_Interface_ListW
CM_Get_Device_Interface_List_SizeW
SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceRegistryPropertyW
SetupDiChangeState
SetupFindFirstLineW
SetupOpenInfFileW
SetupGetStringFieldW
SetupCloseInfFile
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiSetClassInstallParamsW
SetupDiEnumDeviceInfo

hid

HidP_GetCaps
HidD_GetPreparsedData
HidD_FreePreparsedData
HidD_SetNumInputBuffers
HidD_GetAttributes
HidD_GetHidGuid

kernel32

CreateRemoteThread
lstrcpyA
GetSystemTime
GetTempFileNameA
ProcessIdToSessionId
TerminateThread
GetLocalTime
SetConsoleCtrlHandler
GetSystemTimes
CompareFileTime
GetDiskFreeSpaceExW
GetWindowsDirectoryW
DeviceIoControl
CreateFileA
OutputDebugStringW
GetSystemDirectoryW
FreeResource
VirtualQuery
GlobalAddAtomW
GlobalSize
WaitForSingleObjectEx
GetConsoleMode
WriteConsoleW
GetProcessAffinityMask
GetThreadPriority
ReadConsoleA
GetEnvironmentVariableW
GlobalMemoryStatus
ConvertThreadToFiber
ConvertFiberToThread
CreateFiber
DeleteFiber
SwitchToFiber
SwitchToThread
CreateWaitableTimerW
SetWaitableTimer
HeapQueryInformation
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
SetEndOfFile
SetStdHandle
GetCurrentDirectoryW
ReadConsoleW
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetACP
FlushInstructionCache
GetTimeZoneInformation
SetFilePointerEx
GetConsoleCP
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
SetConsoleMode
GetExitCodeThread
GetFileAttributesExW
GetFileType
GetDriveTypeW
LoadLibraryExW
RtlUnwindEx
RtlPcToFileHeader
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
CreateSemaphoreA
CreateEventA
LoadLibraryExA
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
GetCPInfo
GetLocaleInfoW
LCMapStringW
CompareStringW
EncodePointer
GetStringTypeW
DisconnectNamedPipe
PeekNamedPipe
CreateNamedPipeA
SetUnhandledExceptionFilter
RtlCaptureContext
OpenMutexW
CreateMutexW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetUserDefaultLangID
FileTimeToDosDateTime
GetFileTime
GetSystemDirectoryA
QueryPerformanceCounter
QueryPerformanceFrequency
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualProtect
WriteProcessMemory
GetProcessId
VerifyVersionInfoW
VerSetConditionMask
ExitProcess
MoveFileExW
GetModuleHandleA
GetProcAddress
GetTickCount
HeapFree
EnterCriticalSection
ReleaseSemaphore
WaitForMultipleObjects
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
InitializeCriticalSection
WaitForSingleObject
HeapSize
CreateEventW
GetLastError
SetEvent
HeapReAlloc
CloseHandle
RaiseException
ResetEvent
HeapAlloc
DecodePointer
HeapDestroy
DeleteCriticalSection
OpenEventW
GetNativeSystemInfo
SetProcessShutdownParameters
GetCommandLineW
SetPriorityClass
CreateDirectoryA
GetTempPathW
SetLastError
GetExitCodeProcess
LocalAlloc
WritePrivateProfileStringA
WritePrivateProfileStringW
TryEnterCriticalSection
ConnectNamedPipe
GlobalUnlock
MapViewOfFile
CreateFileMappingW
IsBadReadPtr
WideCharToMultiByte
CopyFileW
GetModuleHandleW
CreateProcessW
GetCurrentProcessId
LocalFree
GlobalLock
FindResourceW
LoadResource
FindResourceExW
GetSystemInfo
GlobalFree
Process32FirstW
DeleteFileW
GlobalAlloc
LockResource
GetCurrentThread
Process32NextW
GetTempPathA
CreateToolhelp32Snapshot
GetCommandLineA
GetVersion
UnmapViewOfFile
CreateFileW
OpenFileMappingW
ReleaseMutex
CreateDirectoryW
CreateMutexA
FindClose
GetModuleFileNameW
TerminateProcess
FindNextFileW
GetFileSizeEx
FindFirstFileW
SizeofResource
GetModuleFileNameA
ReadFile
LoadLibraryA
SystemTimeToFileTime
GetVersionExW
GetCurrentProcess
GetFullPathNameW
GetSystemTimeAsFileTime
TlsFree
TlsGetValue
CreateThread
TlsAlloc
Sleep
ResumeThread
SetThreadPriority
TlsSetValue
MultiByteToWideChar
IsDebuggerPresent
FreeLibrary
LoadLibraryW
GetCurrentThreadId
OutputDebugStringA
WriteFile
GetStdHandle
CreateSemaphoreW
GetProcessHeap
GetFileAttributesW

user32

SetActiveWindow
GetIconInfo
IsRectEmpty
OffsetRect
GetDesktopWindow
SetRectEmpty
RegisterWindowMessageW
IntersectRect
MsgWaitForMultipleObjects
ChangeClipboardChain
GetOpenClipboardWindow
GetClipboardOwner
SetClipboardViewer
SendMessageTimeoutW
GetPropW
PostQuitMessage
DrawIconEx
GetSysColor
PeekMessageW
SetWindowPos
GetProcessWindowStation
GetMonitorInfoA
EnumDisplaySettingsA
UnregisterClassW
ReleaseDC
SetForegroundWindow
SystemParametersInfoW
SetClipboardData
GetWindowDC
GetClipboardData
GetForegroundWindow
AttachThreadInput
EmptyClipboard
CloseClipboard
OpenClipboard
IsWindow
ShowWindow
GetKeyboardState
IsWindowVisible
PostMessageW
GetWindowThreadProcessId
GetWindowLongW
GetDC
MessageBoxW
SendMessageW
FindWindowExW
SendInput
GetGUIThreadInfo
GetClassInfoExW
KillTimer
PostThreadMessageW
LoadCursorW
TranslateMessage
LockWorkStation
ClientToScreen
SetTimer
DispatchMessageW
RegisterClassExW
GetWindowLongPtrW
GetSystemMetrics
CreateWindowExW
SetWindowLongPtrW
MapVirtualKeyW
CallWindowProcW
GetKeyState
DefWindowProcW
DrawIcon
GetClientRect
SetWindowsHookExW
SetPropW
UnhookWindowsHookEx
RemovePropW
WindowFromPoint
GetClassInfoW
GetMessageW
EnumDisplaySettingsW
EnumDisplayDevicesW
GetCursorPos
OpenInputDesktop
CloseDesktop
GetThreadDesktop
SetThreadDesktop
GetUserObjectInformationA
SetCursorPos
SetRect
GetClipCursor
GetCursorInfo
EnumDisplayDevicesA
GetMonitorInfoW
EnumDisplayMonitors
PtInRect
SetWindowLongW
SetLayeredWindowAttributes
GetUpdateRgn
RegisterClipboardFormatW
CallNextHookEx
GetDialogBaseUnits
DialogBoxIndirectParamW
EndDialog
DestroyWindow
GetWindowRect
RegisterClipboardFormatA
GetPriorityClipboardFormat
ChangeDisplaySettingsExA
EnumDisplaySettingsExA
ExitWindowsEx
EnumDisplaySettingsExW
ChangeDisplaySettingsExW
InvalidateRect
SwapMouseButton
VkKeyScanW
RegisterClassW
GetDoubleClickTime
BlockInput
EnumWindows
GetUserObjectInformationW
DrawTextW
OpenDesktopW
GetParent

gdi32

SetDIBitsToDevice
GetDIBits
GdiFlush
CreateRectRgn
GetRegionData
StretchBlt
CreateRectRgnIndirect
SelectClipRgn
CombineRgn
GetRgnBox
SetDIBColorTable
CreateFontIndirectW
ExtEscape
GetDIBColorTable
CreateDCW
GetPixel
GetBitmapBits
GetObjectW
BitBlt
CreateDIBSection
CreateFontW
GetStockObject
SetTextColor
SetBkMode
LineTo
CreatePen
Rectangle
MoveToEx
Ellipse
DeleteObject
CreateSolidBrush
GetDeviceCaps
SelectObject
CreateCompatibleDC
DeleteDC

advapi32

ChangeServiceConfigW
OpenProcessToken
CryptReleaseContext
RegQueryValueExW
CryptEnumProvidersW
CryptSignHashW
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
ReportEventW
RegisterEventSourceW
DeregisterEventSource
RegEnumKeyExW
CryptAcquireContextA
RegQueryInfoKeyW
CryptGenRandom
RegCreateKeyW
EnumServicesStatusW
SetSecurityInfo
BuildTrusteeWithSidW
GetSecurityInfo
QueryServiceStatus
UnlockServiceDatabase
CloseServiceHandle
OpenSCManagerW
LockServiceDatabase
ControlService
StartServiceW
QueryServiceConfigW
OpenServiceW
QueryServiceStatusEx
LookupPrivilegeValueW
AdjustTokenPrivileges
SetSecurityDescriptorDacl
RegCloseKey
CryptAcquireContextW
SetTokenInformation
AllocateAndInitializeSid
SetEntriesInAclW
CreateWellKnownSid
RegCreateKeyExW
CryptCreateHash
RegSetValueExW
CryptDestroyHash
FreeSid
CheckTokenMembership
InitializeSecurityDescriptor
RegOpenKeyExW
CreateProcessAsUserW
RegDeleteValueW
GetUserNameW
DuplicateTokenEx

shell32

SHCreateDirectoryExW
ShellExecuteExA
DragQueryFileW
DragQueryPoint
ord727
SHGetFileInfoW
SHGetSpecialFolderPathW
CommandLineToArgvW
ShellExecuteExW
SHGetFolderPathW

ole32

OleUninitialize
OleInitialize
CoInitialize
ReleaseStgMedium
OleSetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoCreateInstance
CoUninitialize
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
RegisterDragDrop

oleaut32

SysStringByteLen
SysAllocStringByteLen
SysFreeString
SysAllocString

shlwapi

PathRemoveFileSpecW
PathFileExistsW
PathFileExistsA
PathStripPathW
PathRemoveFileSpecA
StrStrIA
PathFindExtensionW

userenv

CreateEnvironmentBlock

ws2_32

gethostbyname
WSAGetLastError
setsockopt
ioctlsocket
getsockopt
recv
getaddrinfo
freeaddrinfo
shutdown
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
inet_ntoa
getservbyname
htonl
htons
__WSAFDIsSet
select
WSACleanup
WSAStartup
accept
bind
closesocket
listen
getpeername
getsockname
send
socket
connect

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

gdiplus

GdipGetImagePixelFormat
GdipDisposeImage
GdipFree
GdipDeleteGraphics
GdipGetImagePalette
GdipGetImageWidth
GdipCreateBitmapFromScan0
GdipDrawImageI
GdiplusStartup
GdiplusShutdown
GdipGetImageGraphicsContext
GdipGetImageHeight
GdipBitmapLockBits
GdipGetImagePaletteSize
GdipCloneImage
GdipBitmapUnlockBits
GdipAlloc
GdipCreateBitmapFromStream

msimg32

TransparentBlt
AlphaBlend

dbghelp

SymCleanup
SymGetModuleBase64
SymGetModuleInfo64
SymGetLineFromAddr64
SymFunctionTableAccess64
SymInitialize
StackWalk64
SymGetSymFromAddr64

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 12.8MB - Virtual size: 12.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 241KB - Virtual size: 8.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 384KB - Virtual size: 383KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.custom
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 594KB - Virtual size: 594KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eaf5ea89181dfb0e972bfec2e75a39ce

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

04:a5:a1:33:e7:fe:db:53:c8:f1:66:87:cf:bc:4e:dbCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

04:a5:a1:33:e7:fe:db:53:c8:f1:66:87:cf:bc:4e:dbCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

95:8c:e4:62:e5:e5:38:e2:9b:e0:76:83:17:66:57:3f:fc:4b:51:c9:f8:12:24:94:eb:b7:30:6c:be:7b:e3:31Signer

8b:c2:17:7f:a4:05:55:5a:5f:b1:ad:03:90:25:5e:d4:f7:79:c9:baSigner

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

winmm

powrprof

winspool.drv

setupapi

hid

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

userenv

ws2_32

wtsapi32

gdiplus

msimg32

dbghelp

version

Sections

.text Size: 12.8MB - Virtual size: 12.8MB

.rdata Size: 4.6MB - Virtual size: 4.6MB

.data Size: 241KB - Virtual size: 8.6MB

.pdata Size: 384KB - Virtual size: 383KB

.gfids Size: 2KB - Virtual size: 2KB

.rodata Size: 33KB - Virtual size: 33KB

.tls Size: 512B - Virtual size: 9B

_RDATA Size: 44KB - Virtual size: 43KB

.custom Size: 512B - Virtual size: 408B

.rsrc Size: 594KB - Virtual size: 594KB

.reloc Size: 76KB - Virtual size: 75KB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

04:a5:a1:33:e7:fe:db:53:c8:f1:66:87:cf:bc:4e:db
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

04:a5:a1:33:e7:fe:db:53:c8:f1:66:87:cf:bc:4e:db
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

95:8c:e4:62:e5:e5:38:e2:9b:e0:76:83:17:66:57:3f:fc:4b:51:c9:f8:12:24:94:eb:b7:30:6c:be:7b:e3:31
Signer

8b:c2:17:7f:a4:05:55:5a:5f:b1:ad:03:90:25:5e:d4:f7:79:c9:ba
Signer

.text
Size: 12.8MB - Virtual size: 12.8MB

.rdata
Size: 4.6MB - Virtual size: 4.6MB

.data
Size: 241KB - Virtual size: 8.6MB

.pdata
Size: 384KB - Virtual size: 383KB

.gfids
Size: 2KB - Virtual size: 2KB

.rodata
Size: 33KB - Virtual size: 33KB

.tls
Size: 512B - Virtual size: 9B

_RDATA
Size: 44KB - Virtual size: 43KB

.custom
Size: 512B - Virtual size: 408B

.rsrc
Size: 594KB - Virtual size: 594KB

.reloc
Size: 76KB - Virtual size: 75KB