87dc6b0a1ec6afed05e38d5a8c4f324bbcb9e8fa0564d09af6b64e95ad8c2a2c

Sharing

Copy URL Twitter E-mail

General

Target

87dc6b0a1ec6afed05e38d5a8c4f324bbcb9e8fa0564d09af6b64e95ad8c2a2c
Size

3.1MB
MD5

6d2466a3c5047f2c8062360ff1457d88
SHA1

9c173d904b5bb7394e29bf71c7e83e9ad23c7735
SHA256

87dc6b0a1ec6afed05e38d5a8c4f324bbcb9e8fa0564d09af6b64e95ad8c2a2c
SHA512

e3367b414d6c2efacc8d98d0e08b2a48685245e3a511f641b6288e3823184712387b1e5eb8f3fe4734ac424d9c4718cf550d8c18ba916371ee19c06d86f16918
SSDEEP

49152:T46UOZKrduUix13ggggM0a8SvRCNlRuaj3ZgqSRcKEKP/hgYjUPhoQuj56:R6uUYm8SRCJr3ZgqP1ghfUPZ

Score

1^/10

Malware Config

Signatures

Files

87dc6b0a1ec6afed05e38d5a8c4f324bbcb9e8fa0564d09af6b64e95ad8c2a2c
.exe windows:5 windows x86 arch:x86

01a4eaae02e00e331a740a881aeb3856

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

03:7d:bd:10:a3:a2:b8:7a:48:11:b1:1b:44:e5:0a:09
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

15/02/2023, 00:00

Not After

10/05/2024, 23:59

Subject

CN=沧州句号网络科技有限公司,O=沧州句号网络科技有限公司,L=沧州市,ST=河北省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:7d:bd:10:a3:a2:b8:7a:48:11:b1:1b:44:e5:0a:09
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

15/02/2023, 00:00

Not After

10/05/2024, 23:59

Subject

CN=沧州句号网络科技有限公司,O=沧州句号网络科技有限公司,L=沧州市,ST=河北省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b2:bf:14:72:6a:74:af:ed:48:12:8e:0e:c9:2c:f2:29:64:1d:17:50:5e:f7:fe:22:a1:bf:1b:41:4b:2b:31:a2
Signer

Actual PE Digest

b2:bf:14:72:6a:74:af:ed:48:12:8e:0e:c9:2c:f2:29:64:1d:17:50:5e:f7:fe:22:a1:bf:1b:41:4b:2b:31:a2

Digest Algorithm

sha256

PE Digest Matches

false

f2:d0:15:b3:9f:47:b3:62:ed:ba:7f:03:37:57:c5:4a:41:7e:55:aa
Signer

Actual PE Digest

f2:d0:15:b3:9f:47:b3:62:ed:ba:7f:03:37:57:c5:4a:41:7e:55:aa

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
GlobalUnlock
GetFileSize
ReadFile
lstrlenW
LoadLibraryW
GetCurrentDirectoryW
CreateFileW
GetACP
VerSetConditionMask
OpenProcess
MulDiv
VerifyVersionInfoW
ExitProcess
WriteFile
SetFilePointer
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
CreateDirectoryW
GetFileAttributesW
LocalFree
GlobalAlloc
GetLocalTime
lstrcmpiW
lstrcpynW
lstrcpyW
FreeLibrary
DeleteFileW
WaitForMultipleObjects
WaitForSingleObject
VirtualQuery
MoveFileW
InitializeCriticalSection
DeviceIoControl
GetSystemDirectoryA
CreateFileA
GetSystemInfo
GetVersionExW
FindClose
GetDriveTypeW
GetSystemDirectoryW
TerminateProcess
FindNextFileW
FileTimeToSystemTime
GetFileAttributesExW
MoveFileExW
SetErrorMode
LocalAlloc
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
VirtualAlloc
VirtualFree
VirtualProtect
GetNativeSystemInfo
LoadLibraryA
IsBadReadPtr
SignalObjectAndWait
CreateThread
SetThreadPriority
GetStartupInfoW
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetCurrentThread
GetThreadTimes
FreeLibraryAndExitThread
LoadLibraryExW
DuplicateHandle
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
CreateTimerQueue
RtlUnwind
GetTimeZoneInformation
GetModuleHandleExW
GetStdHandle
GetFileType
GetConsoleCP
GetConsoleMode
SetFilePointerEx
ExitThread
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
SetConsoleCtrlHandler
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle
ReadConsoleW
FlushFileBuffers
SetEndOfFile
WriteConsoleW
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
SetEvent
CloseHandle
GetCPInfo
GetLocaleInfoW
LCMapStringW
CompareStringW
EncodePointer
GetModuleHandleW
GetTickCount
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
CreateEventW
SetLastError
QueryPerformanceFrequency
QueryPerformanceCounter
GetStringTypeW
FormatMessageW
TryEnterCriticalSection
InitializeSListHead
GetThreadPriority
GetEnvironmentVariableW
GetFullPathNameW
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetEnvironmentVariableA
CompareFileTime
SleepEx
ReadConsoleA
SetConsoleMode
SwitchToFiber
DeleteFiber
CreateFiber
GlobalMemoryStatus
ConvertFiberToThread
ConvertThreadToFiber
GetSystemTime
IsProcessorFeaturePresent
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringW
IsDebuggerPresent
DeleteCriticalSection
DecodePointer
RaiseException
InitializeCriticalSectionAndSpinCount
GetModuleFileNameA
GetCurrentThreadId
GetCurrentProcessId
GetCommandLineW
Sleep
FreeResource
LockResource
SizeofResource
LoadResource
FindResourceW
GetModuleFileNameW
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
InterlockedIncrement
InterlockedDecrement
GetModuleHandleA
FindFirstFileW
GetProcAddress

user32

SetPropW
GetUserObjectInformationW
GetProcessWindowStation
EnableWindow
GetClassInfoExW
RegisterClassExW
RegisterClassW
CallWindowProcW
DefWindowProcW
wsprintfW
LoadImageW
GetWindow
LoadCursorW
SetCursor
InflateRect
MonitorFromPoint
SetWindowRgn
MessageBoxW
UpdateLayeredWindow
GetWindowRgn
CharPrevW
DrawTextW
FillRect
SetRect
CreatePopupMenu
DestroyMenu
EnableMenuItem
AppendMenuW
TrackPopupMenu
CreateCaret
GetCaretBlinkTime
HideCaret
ShowCaret
SetCaretPos
GetCaretPos
GetParent
SetWindowLongW
GetWindowLongW
PtInRect
IsRectEmpty
OffsetRect
UnionRect
IntersectRect
GetSysColor
MapWindowPoints
ScreenToClient
GetCursorPos
GetWindowRect
GetClientRect
InvalidateRect
GetUpdateRect
EndPaint
BeginPaint
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetKeyState
GetFocus
GetActiveWindow
SetFocus
CharNextW
IsZoomed
IsIconic
IsWindowVisible
DestroyWindow
IsWindow
CreateWindowExW
SendMessageW
DispatchMessageW
TranslateMessage
GetMessageW
ClientToScreen
CreateAcceleratorTableW
GetPropW
InvalidateRgn
GetGUIThreadInfo
UpdateWindow
PrivateExtractIconsW
DestroyIcon
MapVirtualKeyExW
GetKeyNameTextW
GetKeyboardLayout
DrawTextA
wsprintfA
SetForegroundWindow
ShowWindow
SetWindowTextW
IsChild
GetMonitorInfoW
IsWindowEnabled
GetWindowTextLengthW
GetWindowTextW
EqualRect
MonitorFromWindow
MoveWindow
SetWindowPos
GetSystemMetrics
PostMessageW
PostQuitMessage
ReleaseDC
GetDC
DrawIconEx

advapi32

RegCloseKey
RegQueryValueExW
GetUserNameW
RegCreateKeyExW
OpenProcessToken
GetTokenInformation
LookupAccountSidW
RegisterEventSourceW
ReportEventW
CryptAcquireContextW
CryptReleaseContext
CryptDestroyKey
CryptSetHashParam
CryptGetProvParam
CryptGetUserKey
CryptExportKey
CryptDecrypt
CryptCreateHash
CryptDestroyHash
CryptSignHashW
DeregisterEventSource
CryptEnumProvidersW
CryptGenRandom
RegSetValueExW
RegOpenKeyExW

ole32

CoCreateInstance
DoDragDrop
OleDuplicateData
ReleaseStgMedium
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
OleLockRunning
CoInitializeEx
CoUninitialize
CoInitialize

oleaut32

VariantInit
SysAllocString
VariantClear
SysStringByteLen
SysAllocStringByteLen
SysFreeString
VariantCopy

shlwapi

PathStripToRootW
PathFindFileNameW
PathIsDirectoryW
SHDeleteKeyW
PathRemoveFileSpecW
PathFileExistsW
PathCombineW

gdi32

SetTextColor
SetStretchBltMode
StretchBlt
SetBkMode
SetBkColor
MoveToEx
GetDeviceCaps
CreateSolidBrush
CreateFontIndirectW
CreatePen
TextOutW
GdiFlush
CreatePatternBrush
GetTextExtentPointA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetBitmapBits
SetBitmapBits
SelectClipRgn
LineTo
CreateDIBitmap
GetObjectA
GetCharABCWidthsW
GetClipBox
ExtSelectClipRgn
DeleteDC
DeleteObject
GetStockObject
AddFontMemResourceEx
RemoveFontMemResourceEx
Rectangle
RestoreDC
SaveDC
SelectObject
CloseEnhMetaFile
CreateEnhMetaFileW
GetEnhMetaFileHeader
PlayEnhMetaFile
GetTextMetricsW
GetObjectW
SetWindowOrgEx
CreateRoundRectRgn
CreateRectRgn
PtInRegion
CreateDIBSection
CombineRgn
CreatePenIndirect
CreateRectRgnIndirect
GetTextExtentPoint32W

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

dbghelp

MiniDumpWriteDump

urlmon

ObtainUserAgentString

shell32

SHGetFolderPathW
CommandLineToArgvW
ShellExecuteW
SHGetSpecialFolderPathW
SHGetFileInfoW
DragQueryFileW
ShellExecuteExW

comctl32

_TrackMouseEvent
ord17
InitCommonControlsEx

ws2_32

getnameinfo
WSAIoctl
gethostbyname
sendto
recvfrom
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
freeaddrinfo
getaddrinfo
select
__WSAFDIsSet
ioctlsocket
listen
htonl
accept
WSACleanup
shutdown
WSASetLastError
socket
setsockopt
ntohs
WSAStartup
gethostname
closesocket
recv
send
WSAGetLastError
bind
connect
getpeername
getsockname
getsockopt
htons

gdiplus

GdipAlloc
GdipFree
GdipCreatePath
GdipDeletePath
GdipAddPathLine
ord1
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreatePen1
GdipDeletePen
GdipSetPenMode
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipCloneImage
GdipDisposeImage
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetTextRenderingHint
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdiplusShutdown
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipCloneStringFormat
GdipDeleteStringFormat
GdipSetInterpolationMode
GdipDrawRectangleI
GdipDrawPath
GdipFillRectangleI
GdipFillPath
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdiplusStartup
GdipDrawImageRectI
GdipDrawString
GdipMeasureString
GdipStringFormatGetGenericTypographic
GdipSetSmoothingMode

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext

crypt32

CertOpenStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertOpenSystemStoreW
CertGetCertificateContextProperty
CertCloseStore
CertEnumCertificatesInStore
CertFreeCertificateContext
CertGetEnhancedKeyUsage
CertGetIntendedKeyUsage

wldap32

ord147
ord219
ord46
ord14
ord301
ord145
ord133
ord79
ord142
ord167
ord127
ord27
ord26
ord117
ord41
ord208
ord216

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 569KB - Virtual size: 569KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01a4eaae02e00e331a740a881aeb3856

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

03:7d:bd:10:a3:a2:b8:7a:48:11:b1:1b:44:e5:0a:09Certificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

03:7d:bd:10:a3:a2:b8:7a:48:11:b1:1b:44:e5:0a:09Certificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

b2:bf:14:72:6a:74:af:ed:48:12:8e:0e:c9:2c:f2:29:64:1d:17:50:5e:f7:fe:22:a1:bf:1b:41:4b:2b:31:a2Signer

f2:d0:15:b3:9f:47:b3:62:ed:ba:7f:03:37:57:c5:4a:41:7e:55:aaSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

gdi32

version

dbghelp

urlmon

shell32

comctl32

ws2_32

gdiplus

imm32

crypt32

wldap32

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 569KB - Virtual size: 569KB

.data Size: 47KB - Virtual size: 73KB

.rsrc Size: 168KB - Virtual size: 167KB

.reloc Size: 109KB - Virtual size: 108KB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

03:7d:bd:10:a3:a2:b8:7a:48:11:b1:1b:44:e5:0a:09
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

03:7d:bd:10:a3:a2:b8:7a:48:11:b1:1b:44:e5:0a:09
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

b2:bf:14:72:6a:74:af:ed:48:12:8e:0e:c9:2c:f2:29:64:1d:17:50:5e:f7:fe:22:a1:bf:1b:41:4b:2b:31:a2
Signer

f2:d0:15:b3:9f:47:b3:62:ed:ba:7f:03:37:57:c5:4a:41:7e:55:aa
Signer

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 569KB - Virtual size: 569KB

.data
Size: 47KB - Virtual size: 73KB

.rsrc
Size: 168KB - Virtual size: 167KB

.reloc
Size: 109KB - Virtual size: 108KB