2024-01-27_86f8193cb4477600ff9486d6c491523b_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-27_86f8193cb4477600ff9486d6c491523b_icedid
Size

2.1MB
MD5

86f8193cb4477600ff9486d6c491523b
SHA1

79a53c06118db1d528e072c6c466ae0e6b87fce6
SHA256

7b071b9ffe9b620c0618c4ef7baea225fd02ce50491cea2c516b35cf05b90db2
SHA512

fe7449cb645dcaa56c05d72647062b592979d2e90b173d46386322169a95ca5baafd83abc5d7b2f2a3e8a0358c11ef7ddef9434d1be22782795f7488e0c03782
SSDEEP

24576:nP2EnPOW+D4DRRb8Lmxt8aIY5bPL2J7M+9REYZH19ohgcmtqUyDair:nP5mWZRRcmAaI6bPV+dLldyN

Score

1^/10

Malware Config

Signatures

Files

2024-01-27_86f8193cb4477600ff9486d6c491523b_icedid
.exe windows:5 windows x86 arch:x86

3cdc40540a9b9bdd30e26aca4f7965be

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

24/05/2016, 00:00

Not After

24/06/2027, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

57:b2:45:71:79:c8:ef:44:0e:31:be:22:5a:26:e9:36
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

24/05/2016, 00:00

Not After

23/07/2019, 23:59

Subject

CN=Fujian NetDragon Computer Network Information Technology Co.\,Ltd,OU=Research and development department,O=Fujian NetDragon Computer Network Information Technology Co.\,Ltd,L=Fuzhou,ST=Fujian,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

57:b2:45:71:79:c8:ef:44:0e:31:be:22:5a:26:e9:36
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

24/05/2016, 00:00

Not After

23/07/2019, 23:59

Subject

CN=Fujian NetDragon Computer Network Information Technology Co.\,Ltd,OU=Research and development department,O=Fujian NetDragon Computer Network Information Technology Co.\,Ltd,L=Fuzhou,ST=Fujian,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:a7:cf:5d:07:07:24:ac:89:e7:9a:3a
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

19/02/2018, 00:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign TSA for Advanced - G2

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:31:89:c6:50:04
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02/08/2011, 10:00

Not After

29/03/2029, 10:00

Subject

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d2:bc:7d:b6:f3:49:4b:70:d3:9f:0b:06:ff:ad:21:81:f8:da:3e:da:99:b5:09:d0:27:69:ee:cc:75:3c:22:8f
Signer

Actual PE Digest

d2:bc:7d:b6:f3:49:4b:70:d3:9f:0b:06:ff:ad:21:81:f8:da:3e:da:99:b5:09:d0:27:69:ee:cc:75:3c:22:8f

Digest Algorithm

sha256

PE Digest Matches

true

ab:1d:7f:18:cc:b5:7d:ac:6d:91:fd:06:aa:ec:5b:49:15:f5:dc:1d
Signer

Actual PE Digest

ab:1d:7f:18:cc:b5:7d:ac:6d:91:fd:06:aa:ec:5b:49:15:f5:dc:1d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\Gerrit\release-101ppt1009\Update\Release\Update.pdb

Imports

kernel32

HeapFree
HeapReAlloc
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
FatalAppExitA
VirtualAlloc
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
RaiseException
RtlUnwind
GetStartupInfoW
GetFileTime
GetFileSizeEx
GetFileAttributesW
SetFileAttributesW
SetFileTime
LocalFileTimeToFileTime
GetProcessHeap
GetDriveTypeA
HeapAlloc
VerifyVersionInfoA
ExpandEnvironmentStringsA
PeekNamedPipe
SleepEx
FindNextFileW
FindFirstChangeNotificationA
GetLogicalDriveStringsA
FindCloseChangeNotification
GetLogicalDriveStringsW
FindFirstChangeNotificationW
GetFileInformationByHandle
AreFileApisANSI
GetWindowsDirectoryW
RemoveDirectoryW
SetCurrentDirectoryW
MoveFileA
SearchPathA
GetShortPathNameA
GetTempPathW
GetSystemDirectoryA
GetSystemDirectoryW
GetWindowsDirectoryA
CreateDirectoryW
SearchPathW
GetTempFileNameW
GetFullPathNameA
GetCurrentDirectoryA
FormatMessageA
SetFilePointerEx
ResetEvent
ReleaseSemaphore
CreateSemaphoreA
CreateEventA
CompareFileTime
GetTempPathA
GetTempFileNameA
CopyFileA
FindResourceA
VirtualProtect
FindNextFileA
CreateFileMappingA
GetLocalTime
SetFileAttributesA
RemoveDirectoryA
FindFirstFileA
CreateDirectoryA
UnmapViewOfFile
MoveFileExA
DeleteFileA
OutputDebugStringA
OpenFileMappingW
WaitForMultipleObjects
WritePrivateProfileStringA
GetPrivateProfileStringA
SetCurrentDirectoryA
CreateProcessA
GetFileAttributesA
GetPrivateProfileIntA
MapViewOfFile
CreateThread
VerSetConditionMask
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
CreateFileW
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiW
GetStringTypeExW
DeleteFileW
MoveFileW
GetCurrentDirectoryW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
lstrlenA
GetAtomNameW
GlobalGetAtomNameW
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
CreateEventW
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetCurrentProcessId
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
LoadLibraryW
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GetModuleHandleA
FreeLibrary
InterlockedDecrement
GetModuleHandleW
GetProcAddress
SetLastError
CopyFileW
GlobalSize
FormatMessageW
LocalFree
lstrlenW
MulDiv
WideCharToMultiByte
OutputDebugStringW
MultiByteToWideChar
CreateMutexW
GetLastError
GetCommandLineW
GetModuleFileNameW
CreateProcessW
CloseHandle
Sleep
ExitProcess
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
SizeofResource
FindResourceW
LoadResource
LockResource
ExitThread
InterlockedCompareExchange

user32

SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
LoadMenuW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
CheckDlgButton
IsWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
LockWindowUpdate
CheckRadioButton
GetDlgItemInt
GetDlgItemTextW
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
IsDialogMessageW
SetWindowTextW
MoveWindow
IsWindowEnabled
ScrollWindowEx
GetWindowThreadProcessId
EndDialog
GetNextDlgTabItem
GetFocus
CreateDialogIndirectParamW
LoadBitmapW
GetClientRect
InvalidateRect
EnableWindow
PtInRect
DrawIcon
SendMessageW
IsIconic
GetWindowRect
CharNextA
CharPrevA
CharToOemA
CharUpperA
CharLowerW
CharLowerA
CharPrevExA
MessageBoxA
SendMessageA
LoadIconW
PostMessageW
SetRect
GetActiveWindow
GetDesktopWindow
ValidateRect
GetCursorPos
TranslateMessage
GetMessageW
SetCursor
ShowOwnedPopups
GetSysColorBrush
LoadCursorW
UnregisterClassW
InflateRect
GetMenuItemInfoW
DestroyMenu
SystemParametersInfoW
GetDialogBaseUnits
DeleteMenu
SetCapture
WindowFromPoint
ReleaseCapture
WaitMessage
DestroyIcon
CharUpperW
SetRectEmpty
TranslateAcceleratorW
BringWindowToTop
CreatePopupMenu
InsertMenuItemW
LoadAcceleratorsW
GetMenuBarInfo
ReuseDDElParam
UnpackDDElParam
SetTimer
KillTimer
GetKeyNameTextW
MapVirtualKeyW
IsRectEmpty
GetSystemMenu
SetParent
UnionRect
GetDCEx
GetSystemMetrics
ShowWindow
PostQuitMessage
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuW
GetMenuItemID
AppendMenuW
GetMenuStringW
GetMenuState
UnhookWindowsHookEx
FillRect
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
ScreenToClient
TrackPopupMenu
GetKeyState
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
GetSysColor
GetWindow
GetWindowPlacement
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
SetWindowLongW
GetWindowLongW
GetMenu
CopyRect
CallWindowProcW
DefWindowProcW
GetDlgCtrlID
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
GetParent
AdjustWindowRectEx
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
MessageBoxW
UpdateWindow
IsWindowVisible
ShowScrollBar
SetForegroundWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
SetMenu

gdi32

MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
DeleteObject
SelectClipRgn
GetClipRgn
CreateRectRgn
SelectClipPath
GetObjectW
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocW
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
LineTo
IntersectClipRect
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
CreateBitmap
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
GetDCOrgEx
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetTextExtentPoint32W
GetTextMetricsW
GetCharWidthW
StretchDIBits
CreateCompatibleBitmap
GetBkColor
ArcTo
OffsetClipRgn
ExcludeClipRect
GetClipBox
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
BitBlt
CreateDCW
CopyMetaFileW
CreateCompatibleDC
CreateFontIndirectW
SelectObject
CreateFontW
PolyDraw
GetDeviceCaps

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

CryptEncrypt
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptAcquireContextA
CryptImportKey
CryptReleaseContext
CryptDestroyKey
RegDeleteValueW
RegSetValueExW
RegCreateKeyW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegSetValueW
RegCloseKey
CryptCreateHash

shell32

DragQueryFileW
SHGetSpecialFolderPathA
CommandLineToArgvW
ExtractIconW
SHGetFileInfoW
DragFinish
ShellExecuteA

shlwapi

PathRemoveExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathFileExistsA
PathRemoveFileSpecW

ole32

CoDisconnectObject
CoCreateInstance
CoTreatAsClass
StringFromCLSID
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
StringFromGUID2
CreateStreamOnHGlobal
CLSIDFromString
CoUninitialize
CoInitializeEx
OleDuplicateData

oleaut32

SysAllocString
VarBstrFromDate
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
VarDateFromStr
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
SysStringByteLen
SysAllocStringByteLen
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString

gdiplus

GdipCreateFromHDC
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDrawImageRectRect
GdipImageGetFrameDimensionsList

iphlpapi

GetAdaptersInfo

ws2_32

recvfrom
sendto
getaddrinfo
freeaddrinfo
accept
getsockopt
bind
ntohs
getsockname
WSAIoctl
WSAGetLastError
__WSAFDIsSet
WSASetLastError
WSAStartup
WSACleanup
ioctlsocket
connect
inet_addr
htons
setsockopt
recv
socket
closesocket
gethostbyname
send
select
listen
gethostname
getpeername

wldap32

ord22
ord26
ord30
ord200
ord32
ord211
ord79
ord33
ord301
ord27
ord41
ord46
ord143
ord60
ord35
ord50

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 625KB - Virtual size: 625KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3cdc40540a9b9bdd30e26aca4f7965be

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7Certificate

Key Usages

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14Certificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

57:b2:45:71:79:c8:ef:44:0e:31:be:22:5a:26:e9:36Certificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

57:b2:45:71:79:c8:ef:44:0e:31:be:22:5a:26:e9:36Certificate

Extended Key Usages

Key Usages

0c:a7:cf:5d:07:07:24:ac:89:e7:9a:3aCertificate

Extended Key Usages

Key Usages

04:00:00:00:00:01:31:89:c6:50:04Certificate

Key Usages

d2:bc:7d:b6:f3:49:4b:70:d3:9f:0b:06:ff:ad:21:81:f8:da:3e:da:99:b5:09:d0:27:69:ee:cc:75:3c:22:8fSigner

ab:1d:7f:18:cc:b5:7d:ac:6d:91:fd:06:aa:ec:5b:49:15:f5:dc:1dSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

gdiplus

iphlpapi

ws2_32

wldap32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 215KB - Virtual size: 215KB

.data Size: 21KB - Virtual size: 53KB

.rsrc Size: 625KB - Virtual size: 625KB

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

57:b2:45:71:79:c8:ef:44:0e:31:be:22:5a:26:e9:36
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

57:b2:45:71:79:c8:ef:44:0e:31:be:22:5a:26:e9:36
Certificate

0c:a7:cf:5d:07:07:24:ac:89:e7:9a:3a
Certificate

04:00:00:00:00:01:31:89:c6:50:04
Certificate

d2:bc:7d:b6:f3:49:4b:70:d3:9f:0b:06:ff:ad:21:81:f8:da:3e:da:99:b5:09:d0:27:69:ee:cc:75:3c:22:8f
Signer

ab:1d:7f:18:cc:b5:7d:ac:6d:91:fd:06:aa:ec:5b:49:15:f5:dc:1d
Signer

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 215KB - Virtual size: 215KB

.data
Size: 21KB - Virtual size: 53KB

.rsrc
Size: 625KB - Virtual size: 625KB