2024-01-26_70c367fdbb36d1722806a29142a1ea89_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-01-26_70c367fdbb36d1722806a29142a1ea89_icedid
Size

4.3MB
MD5

70c367fdbb36d1722806a29142a1ea89
SHA1

63ebf82fca04248c1081892cd3b451892a5bcf74
SHA256

cedc0b94cbe25a0e0c264db086cf48d31f841d6244c524208a2e15ee32aec959
SHA512

827cf3d553dee62842ad637f0d7237720def6c72c98e9477bb8cf64c4b250bfa46f8d77f3636332038f83b36a53740f450327d331f31ed7ae3f95db709f23e05
SSDEEP

49152:5MeZ6QWZR3UqDbM1tMRIpPk6sD5Pgx/V+Fp1/yuO1F:5RVa5eGWRk6k5PE/V82uOb

Score

1^/10

Malware Config

Signatures

Files

2024-01-26_70c367fdbb36d1722806a29142a1ea89_icedid
.exe windows:4 windows x86 arch:x86

fc29cbf01eb31e903ba652051e3dab09

Code Sign

01
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

01-08-1996 00:00

Not After

31-12-2020 23:59

Subject

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06-08-2003 00:00

Not After

05-08-2013 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:da:b8:d9:f7:db:7d:a2:9d:a5:10:a8:65:9c:ec:65
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

28-05-2009 08:50

Not After

04-06-2010 13:12

Subject

CN=NOSIBAY,OU=Secure Application Development Team+OU=Provided by TBS INTERNET http://www.tbs-certificats.com/,O=NOSIBAY,L=Montpellier,ST=Herault,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCrackUrlA
InternetConnectA
InternetGetConnectedState
InternetCanonicalizeUrlW
InternetCanonicalizeUrlA
InternetCloseHandle
InternetErrorDlg
InternetOpenA
HttpEndRequestA
HttpSendRequestExA
HttpSendRequestA
InternetSetOptionA
HttpOpenRequestA
InternetQueryOptionA
HttpQueryInfoA
InternetReadFileExA
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable
UnlockUrlCacheEntryStream
RetrieveUrlCacheEntryStreamA
InternetAttemptConnect
GetUrlCacheEntryInfoA

winmm

PlaySoundA

msi

ord173
ord217

kernel32

CopyFileA
SetLastError
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
EnumResourceLanguagesA
ConvertDefaultLocale
SuspendThread
GetProfileIntA
GetPrivateProfileIntA
WritePrivateProfileStringA
SetErrorMode
GlobalFlags
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
GetFileTime
GetFullPathNameA
GetDiskFreeSpaceA
MoveFileA
GlobalSize
LockFile
UnlockFile
SetEndOfFile
GetShortPathNameA
FileTimeToLocalFileTime
LocalFileTimeToFileTime
LocalUnlock
LocalLock
ExitProcess
RtlUnwind
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
HeapReAlloc
GetDriveTypeA
GetTimeFormatA
GetDateFormatA
GetStartupInfoA
GetCommandLineA
TerminateProcess
GetFullPathNameW
ExitThread
SetStdHandle
HeapSize
SetConsoleCtrlHandler
SetUnhandledExceptionFilter
FatalAppExitA
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
SetHandleCount
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentDirectoryW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
IsBadReadPtr
IsBadCodePtr
GetLocaleInfoW
SetEnvironmentVariableA
lstrcpynA
FreeResource
FlushInstructionCache
MulDiv
GlobalFree
lstrcmpA
GetWindowsDirectoryA
SetFileTime
DosDateTimeToFileTime
DuplicateHandle
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetFileType
GetFileInformationByHandle
GetLocalTime
SystemTimeToFileTime
GetFileSize
SetFilePointer
FileTimeToDosDateTime
FileTimeToSystemTime
GetUserDefaultLangID
GetVolumeInformationA
GlobalMemoryStatus
GetStdHandle
CreateProcessA
GetExitCodeProcess
CreatePipe
SetHandleInformation
GetTickCount
RemoveDirectoryA
DeleteFileA
CreateThread
SetThreadPriority
ResumeThread
CreateSemaphoreA
GetExitCodeThread
InterlockedCompareExchange
ReleaseSemaphore
SignalObjectAndWait
PulseEvent
LocalAlloc
ExpandEnvironmentStringsA
GetStringTypeExW
GetStringTypeExA
GetEnvironmentVariableW
GetEnvironmentVariableA
CompareStringW
CompareStringA
lstrcmpiW
lstrcmpiA
GetVersion
lstrcatA
AllocConsole
FreeConsole
GetTempPathA
GetTempFileNameA
lstrcpyA
GetCurrentProcessId
GlobalAlloc
GlobalLock
GlobalUnlock
MoveFileExA
QueryPerformanceFrequency
QueryPerformanceCounter
FindFirstFileA
FindResourceExA
GetPrivateProfileStringA
GetSystemTime
GetCurrentThreadId
GetModuleHandleA
SetProcessWorkingSetSize
SetCurrentDirectoryA
GetFileSizeEx
SetFilePointerEx
WriteFile
ReadFile
SetFileAttributesA
CreateFileA
FormatMessageA
LocalFree
CreateDirectoryA
lstrlenW
GetModuleFileNameA
OutputDebugStringA
FindNextFileA
FindClose
ReleaseMutex
CreateMutexA
WaitForSingleObject
TerminateThread
WaitForSingleObjectEx
ResetEvent
SetEvent
CloseHandle
CreateEventA
InterlockedDecrement
InterlockedIncrement
GetCurrentDirectoryA
GetFileAttributesA
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
GetLastError
RaiseException
lstrlenA
GetCurrentProcess
GetCurrentThread
LoadLibraryA
GetProcAddress
FreeLibrary
WideCharToMultiByte
DeleteCriticalSection
InitializeCriticalSection
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetProcessHeap
FlushFileBuffers
Sleep

user32

UnpackDDElParam
WindowFromPoint
WaitMessage
GetNextDlgGroupItem
MessageBeep
PostThreadMessageA
GetTabbedTextExtentA
UnionRect
GetDCEx
LockWindowUpdate
GetSystemMenu
SetParent
SetMenuItemBitmaps
ModifyMenuA
GetMenuCheckMarkDimensions
LoadBitmapA
WinHelpA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
IsChild
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
UpdateWindow
GetMenu
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
RegisterClassA
SetWindowPlacement
DefWindowProcA
GetWindowPlacement
GetWindowTextLengthA
GetFocus
ScrollWindowEx
SetFocus
MoveWindow
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
SendDlgItemMessageA
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
GetMenuStringA
RemoveMenu
GetActiveWindow
CreateDialogIndirectParamA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
DrawIconEx
GetIconInfo
CallNextHookEx
EqualRect
GetSysColorBrush
RegisterClassExA
GetCapture
DrawFrameControl
IsRectEmpty
SetActiveWindow
IsMenu
GetClassInfoA
DestroyCursor
IntersectRect
FrameRect
InflateRect
DrawStateA
CreateWindowExA
SetWindowPos
GetMessagePos
ReuseDDElParam
TrackPopupMenu
SetMenuDefaultItem
LoadMenuA
GetSubMenu
GetMenuItemID
GetClassNameA
LoadIconA
SetRectEmpty
SetRect
GetWindow
GetWindowLongA
RegisterClipboardFormatA
CallWindowProcA
SetWindowLongA
UpdateLayeredWindow
IsZoomed
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetWindowRgn
SetCapture
SetCursor
ReleaseCapture
EndPaint
BeginPaint
GetKeyState
DrawFocusRect
GetAncestor
GetParent
RedrawWindow
ReleaseDC
GetDC
MonitorFromWindow
GetLastInputInfo
GetForegroundWindow
MonitorFromRect
GetMonitorInfoA
ShowWindow
DestroyWindow
GetSysColor
InsertMenuA
GetMenuState
DeleteMenu
CopyRect
GetThreadDesktop
GetUserObjectInformationA
CharUpperW
CharUpperA
CharLowerW
CharLowerA
IsWindow
GetSystemMetrics
DrawIcon
LoadImageA
DestroyIcon
MessageBoxA
GetCursorPos
EnumWindows
GetWindowTextA
GetMenuItemCount
EnableMenuItem
AppendMenuA
CheckMenuItem
ClientToScreen
FindWindowExA
LoadStringA
GetAsyncKeyState
RegisterShellHookWindow
CreatePopupMenu
PostQuitMessage
DeregisterShellHookWindow
LoadAcceleratorsA
InsertMenuItemA
BringWindowToTop
SetMenu
TranslateAcceleratorA
GetDialogBaseUnits
InvalidateRgn
CopyAcceleratorTableA
IsClipboardFormatAvailable
CharNextA
SetWindowContextHelpId
MapDialogRect
wsprintfA
UnhookWindowsHookEx
SetWindowsHookExA
SystemParametersInfoA
FindWindowA
GetWindowThreadProcessId
AllowSetForegroundWindow
SendMessageTimeoutA
LoadCursorA
SetForegroundWindow
KillTimer
SetTimer
IsWindowVisible
ScreenToClient
GetWindowRect
IsIconic
PtInRect
GetDesktopWindow
GetClientRect
OffsetRect
ShowOwnedPopups
DestroyMenu
GetMenuItemInfoA
ValidateRect
MapVirtualKeyA
GetKeyNameTextA
GetWindowDC
EnumChildWindows
FillRect
InvalidateRect
RegisterWindowMessageA
UnregisterClassA
SendMessageA
PeekMessageA
PostMessageA
EnableWindow
GetMessageA
TranslateMessage
DispatchMessageA
MonitorFromPoint

gdi32

SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateDIBPatternBrushPt
CreatePatternBrush
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
LineTo
ExtCreatePen
CreateHatchBrush
CreateRectRgnIndirect
PatBlt
CreateEllipticRgn
DPtoLP
LPtoDP
Ellipse
ScaleViewportExtEx
GetMapMode
GetTextMetricsA
GetCharWidthA
StretchDIBits
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateDCA
CopyMetaFileA
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
StartDocA
GetWindowExtEx
GetViewportExtEx
SelectClipPath
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
PtInRegion
OffsetRgn
GetDIBColorTable
StretchBlt
CreateRectRgn
CombineRgn
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateCompatibleBitmap
CreateFontA
GetBkColor
GetTextColor
GetTextExtentPoint32A
CreatePen
BitBlt
CreateSolidBrush
GetStockObject
CreateFontIndirectA
CreateDIBSection
DeleteObject
GetObjectA
SetDIBColorTable
SelectObject
DeleteDC
SetTextAlign
SetRectRgn
CreateCompatibleDC
FrameRgn
EqualRgn
CreateRoundRectRgn
CreatePolygonRgn
GetDeviceCaps
CreateICA
GetDIBits
ExtCreateRegion
GetRgnBox
GetPixel
MoveToEx

msimg32

TransparentBlt
AlphaBlend

comdlg32

ReplaceTextA
GetOpenFileNameA
GetFileTitleA
FindTextA
PageSetupDlgA
CommDlgExtendedError
PrintDlgA
GetSaveFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA
GetJobA

advapi32

SetFileSecurityA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegQueryInfoKeyA
GetUserNameA
GetTokenInformation
OpenProcessToken
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
RegEnumKeyExA
RegEnumValueA
RegSetValueA
RegOpenKeyA
RegCreateKeyA
GetFileSecurityA
RegCloseKey
RegQueryValueA
RegEnumKeyA
IsTextUnicode

shell32

SHGetFileInfoA
SHFileOperationA
SHGetSpecialFolderPathA
ShellExecuteA
ShellExecuteExA
SHGetDesktopFolder
Shell_NotifyIconA
SHAppBarMessage
ExtractIconA
DragAcceptFiles
DragQueryFileA
DragFinish

comctl32

ord17
InitCommonControlsEx
ImageList_GetImageCount
ImageList_Add
ImageList_AddMasked
ImageList_GetIcon
ImageList_Draw
ImageList_SetBkColor
ImageList_GetIconSize
ord13
ImageList_Read
ImageList_Write
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge
ImageList_GetImageInfo

shlwapi

PathFindExtensionA
SHCreateStreamOnFileA
PathFindExtensionW
PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
UrlGetPartA
PathIsUNCA

oledlg

ord8

ole32

WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
CreateBindCtx
ReleaseStgMedium
OleDuplicateData
WriteFmtUserTypeStg
CoLockObjectExternal
RevokeDragDrop
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleGetClipboard
SetConvertStg
CoDisconnectObject
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoInitialize
RegisterDragDrop
CoUninitialize
CoCreateInstance
CreateStreamOnHGlobal
CLSIDFromString
CoTaskMemFree
ProgIDFromCLSID
CoCreateGuid
CoRevokeClassObject
CoRegisterClassObject
StringFromGUID2
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
OleDraw
OleRun
CoTaskMemAlloc
CLSIDFromProgID

oleaut32

SafeArrayCreate
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayUnlock
SafeArrayLock
RegisterTypeLi
UnRegisterTypeLi
SysReAllocStringLen
VectorFromBstr
VarUdateFromDate
CreateErrorInfo
SetErrorInfo
VariantCopy
SysStringByteLen
SysAllocStringByteLen
VarBstrCmp
SysStringLen
LoadTypeLi
LoadRegTypeLi
VariantChangeType
SysAllocStringLen
VariantInit
SysAllocString
VariantClear
SafeArrayDestroy
GetErrorInfo
DispCallFunc
SystemTimeToVariantTime
OleCreateFontIndirect
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
VarDateFromStr
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
SafeArrayCreateVector
SysFreeString

urlmon

CoInternetGetSession
FindMimeFromData

gdiplus

GdipMeasureString
GdipSetTextRenderingHint
GdipAddPathArc
GdipFillPath
GdipDrawString
GdipClosePathFigure
GdipSetStringFormatTrimming
GdipSetStringFormatAlign
GdipCreateFont
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFontFamilyFromName
GdipDeletePath
GdipCreatePath
GdipDeleteStringFormat
GdipCreateStringFormat
GdipCloneBrush
GdipCreateSolidFill
GdipCreateFromHDC
GdipFillRectangleI
GdipDeleteBrush
GdipCreateBitmapFromHBITMAP
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipSaveImageToFile
GdipCreateBitmapFromStreamICM
GdipAddPathLine
GdipCreateBitmapFromStream
GdipDeleteFont
GdipCloneImage
GdipAlloc
GdipDrawImageI
GdipGetImageGraphicsContext
GdipGetImageHeight
GdipDeleteGraphics
GdipDisposeImage
GdipGetImageWidth
GdipFree
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdiplusShutdown

ws2_32

WSAGetLastError
sendto
inet_ntoa
setsockopt
socket
htons
inet_addr
gethostbyname
recvfrom

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

iphlpapi

GetAdaptersInfo

Exports

Exports

GetName

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 676KB - Virtual size: 674KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc29cbf01eb31e903ba652051e3dab09

Code Sign

01Certificate

0aCertificate

Extended Key Usages

Key Usages

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

7b:da:b8:d9:f7:db:7d:a2:9d:a5:10:a8:65:9c:ec:65Certificate

Extended Key Usages

Signer

Headers

File Characteristics

Imports

wininet

winmm

msi

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

gdiplus

ws2_32

version

iphlpapi

Exports

Exports

Sections

.text Size: 3.5MB - Virtual size: 3.5MB

.rdata Size: 676KB - Virtual size: 674KB

.data Size: 24KB - Virtual size: 41KB

.rsrc Size: 124KB - Virtual size: 123KB

01
Certificate

0a
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

7b:da:b8:d9:f7:db:7d:a2:9d:a5:10:a8:65:9c:ec:65
Certificate

.text
Size: 3.5MB - Virtual size: 3.5MB

.rdata
Size: 676KB - Virtual size: 674KB

.data
Size: 24KB - Virtual size: 41KB

.rsrc
Size: 124KB - Virtual size: 123KB