2024-02-04_e3fc2cb678afa5b27d623e787462dbfc_ryuk

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-04_e3fc2cb678afa5b27d623e787462dbfc_ryuk
Size

4.5MB
MD5

e3fc2cb678afa5b27d623e787462dbfc
SHA1

812ba8b8189788db47a6b1628185f3280e83e356
SHA256

6290edf893f47fd019eed379875171f36aa12b9f3ae4c65b07e0eb9cb248d69d
SHA512

2c7062a9dbcd8958f254672b350c8851ea4d45a8f1e9126264b8cd4b820dc7499d326a08761989a8fbf06d9f8ec2198cd6a0427ab00eca201f560045494250ef
SSDEEP

98304:rR9VoTPuJy2NgKXfUbKCFLOAkGkzdnEVomFHKnP9:rR9VoTcz8FLOyomFHKnP9

Score

1^/10

Malware Config

Signatures

Files

2024-02-04_e3fc2cb678afa5b27d623e787462dbfc_ryuk
.exe windows:5 windows x64 arch:x64

aa26df0256ac8be61be276367f6dbc3d

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:02:1e:8e:2b:28:a1:90:11:e0:7d:91:02:ba:27:60
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

10/01/2022, 00:00

Not After

11/02/2023, 23:59

Subject

SERIALNUMBER=131111-0131159,CN=GENIANS\, INC.,O=GENIANS\, INC.,L=Anyang-si,ST=Gyeonggi-do,C=KR,1.3.6.1.4.1.311.60.2.1.1=#1309416e79616e672d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

95:46:68:a0:7f:5f:f6:9d:1a:65:9d:7c:b6:7c:ef:d1:0d:24:fd:52:ad:3f:b4:8c:63:04:7e:83:2a:45:f2:ac
Signer

Actual PE Digest

95:46:68:a0:7f:5f:f6:9d:1a:65:9d:7c:b6:7c:ef:d1:0d:24:fd:52:ad:3f:b4:8c:63:04:7e:83:2a:45:f2:ac

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\GeniProject\4.0.1\BETA\agent\Genian\Plugin\VaccineLink\Linkage\GnESTsoft64\x64\Release\GnESTsoft64.pdb

Imports

kernel32

SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
LCMapStringW
GetStringTypeW
WriteConsoleW
GetACP
ExitProcess
IsDebuggerPresent
HeapQueryInformation
GetCommandLineW
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
CreateThread
VirtualQuery
VirtualAlloc
GetSystemInfo
SetStdHandle
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetFileType
RtlUnwindEx
RtlPcToFileHeader
QueryPerformanceFrequency
GetStartupInfoW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
WaitForSingleObjectEx
IsProcessorFeaturePresent
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SearchPathW
GetProfileIntW
GetTempPathW
GetTempFileNameW
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
FindResourceExW
lstrcpyW
VirtualProtect
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
SetErrorMode
GlobalGetAtomNameW
GetFileTime
GetFileSizeEx
GlobalFlags
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetCurrentThread
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
FreeResource
EncodePointer
GetThreadLocale
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
lstrcmpiW
GetModuleHandleExW
OutputDebugStringA
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
SystemTimeToTzSpecificLocalTime
LoadLibraryExW
SetThreadPriority
SetLastError
FindResourceW
MulDiv
GlobalUnlock
GlobalSize
SizeofResource
LockResource
LoadResource
GetProcessHeap
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
HeapFree
lstrlenW
GetTickCount
ResumeThread
SuspendThread
TerminateThread
GlobalLock
WideCharToMultiByte
GetTimeZoneInformation
GetFileAttributesW
SetFileAttributesW
RemoveDirectoryW
CopyFileW
FindNextFileW
GetFileAttributesExW
GetLongPathNameW
GetCurrentDirectoryW
GetSystemDirectoryW
TerminateProcess
CreateDirectoryW
GetModuleFileNameW
ReadProcessMemory
QueryDosDeviceW
DuplicateHandle
GlobalAlloc
GlobalFree
ReadFile
WriteFile
SetNamedPipeHandleState
FlushFileBuffers
GetOverlappedResult
ResetEvent
ConnectNamedPipe
CreateNamedPipeW
DisconnectNamedPipe
WaitNamedPipeW
GetVersionExW
MultiByteToWideChar
OpenProcess
GetLastError
DeleteFileW
ReleaseSemaphore
LocalFree
CreateSemaphoreW
Sleep
GetUserDefaultUILanguage
VerLanguageNameW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileW
GetModuleHandleW
WaitForMultipleObjects
WaitForSingleObject
SetEvent
CreateEventW
FreeLibrary
GetProcAddress
LoadLibraryW
GetSystemTime
OutputDebugStringW
FreeConsole
GetStdHandle
AllocConsole
CloseHandle
GetCurrentProcess
GetCurrentThreadId
CreateFileW
GetCurrentProcessId
GetLocalTime
SetUnhandledExceptionFilter
FormatMessageW
LocalAlloc
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount

user32

InvalidateRect
DeleteMenu
WindowFromPoint
ReleaseCapture
SetCapture
LoadMenuW
MapVirtualKeyW
GetKeyNameTextW
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
OffsetRect
SetRectEmpty
SendDlgItemMessageA
CopyImage
SystemParametersInfoW
InflateRect
GetMenuItemInfoW
DestroyMenu
FillRect
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
RealChildWindowFromPoint
ClientToScreen
IsDialogMessageW
CheckDlgButton
MoveWindow
ShowWindow
LoadCursorW
GetSysColorBrush
ReleaseDC
GetDC
IsWindowEnabled
SetCursor
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
KillTimer
SetTimer
WaitMessage
PostQuitMessage
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
CharNextW
GetWindowLongW
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetClientRect
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
GetMenuDefaultItem
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongPtrW
SetWindowRgn
IsWindow
PostMessageW
LoadImageW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
EnableWindow
GetCapture
SetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
CopyAcceleratorTableW
InvalidateRgn
SetRect
IntersectRect
IsRectEmpty
GetNextDlgGroupItem
MessageBeep
DestroyIcon
TrackMouseEvent
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
CreatePopupMenu
InsertMenuItemW
CharUpperW
GetDesktopWindow
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatW
DrawFocusRect
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
SetWindowLongW
LoadIconW
GetSystemMetrics
MessageBoxW
GetWindowThreadProcessId
GetWindow
IsWindowVisible
SetWindowPos
UpdateWindow
SendMessageW
LoadStringW
CreateDialogIndirectParamW
SetWindowTextW
GetMessageW
TranslateMessage
DispatchMessageW
MsgWaitForMultipleObjects
PeekMessageW
UnregisterClassW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
CharUpperBuffW
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
GetParent
LoadBitmapW
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExW
CallNextHookEx
UnhookWindowsHookEx
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateW
DrawEdge
DrawFrameControl
IsZoomed
GetSystemMenu
SetCursorPos
CopyIcon
FrameRect
DrawIcon
UnionRect
PostThreadMessageW
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
DestroyCursor
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
GetUpdateRect
IsClipboardFormatAvailable
NotifyWinEvent

gdi32

SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
CreateRectRgnIndirect
PatBlt
GetBkColor
GetTextColor
GetRgnBox
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
GetTextMetricsW
EnumFontFamiliesExW
CreateCompatibleBitmap
CreatePalette
GetNearestPaletteIndex
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
SetBkMode
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
DeleteObject
GetObjectW
SetTextColor
SetBkColor
CreateBitmap
GetDeviceCaps
CreateDCW
CopyMetaFileW
GetPaletteEntries
SelectPalette
DeleteDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegQueryValueW
AdjustTokenPrivileges
LookupPrivilegeValueW
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
DuplicateToken
LookupAccountSidW
GetUserNameW
OpenProcessToken
RegDeleteValueW
RegEnumValueW
RegEnumKeyW
RegSetValueExW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
GetTokenInformation
FreeSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetEntriesInAclW
AllocateAndInitializeSid

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFolderPathW
SHGetFileInfoW
DragQueryFileW
DragFinish
SHAppBarMessage
SHGetDesktopFolder
SHGetSpecialFolderLocation
ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

PathMatchSpecW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
StrFormatKBSizeW

uxtheme

GetCurrentThemeName
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
IsAppThemed
GetWindowTheme
GetThemeSysColor

ole32

OleIsCurrentClipboard
CoRegisterMessageFilter
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleFlushClipboard
CoRevokeClassObject
CreateStreamOnHGlobal
OleUninitialize
OleInitialize
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitialize
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoFreeUnusedLibraries
CoInitializeEx

oleaut32

VariantInit
SysAllocString
SysAllocStringLen
VariantChangeType
LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
VariantClear
SysFreeString

oledlg

OleUIBusyW

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

ws2_32

WSASetLastError
WSACleanup
WSAStartup

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 772KB - Virtual size: 772KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa26df0256ac8be61be276367f6dbc3d

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0b:02:1e:8e:2b:28:a1:90:11:e0:7d:91:02:ba:27:60Certificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

95:46:68:a0:7f:5f:f6:9d:1a:65:9d:7c:b6:7c:ef:d1:0d:24:fd:52:ad:3f:b4:8c:63:04:7e:83:2a:45:f2:acSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 772KB - Virtual size: 772KB

.data Size: 32KB - Virtual size: 83KB

.pdata Size: 98KB - Virtual size: 97KB

.gfids Size: 106KB - Virtual size: 105KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 60KB - Virtual size: 59KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0b:02:1e:8e:2b:28:a1:90:11:e0:7d:91:02:ba:27:60
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

95:46:68:a0:7f:5f:f6:9d:1a:65:9d:7c:b6:7c:ef:d1:0d:24:fd:52:ad:3f:b4:8c:63:04:7e:83:2a:45:f2:ac
Signer

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 772KB - Virtual size: 772KB

.data
Size: 32KB - Virtual size: 83KB

.pdata
Size: 98KB - Virtual size: 97KB

.gfids
Size: 106KB - Virtual size: 105KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 60KB - Virtual size: 59KB