VirusShare_a376bf1104af61ba7731ddb593fa90ae

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_a376bf1104af61ba7731ddb593fa90ae
Size

84KB
MD5

a376bf1104af61ba7731ddb593fa90ae
SHA1

aea6cb220b7379bc4b7c5cb83997218ab7144eaf
SHA256

3e52adad6574bafcf25de3cb9967e2e9a1545898e9ba686fc449e4fe7ffa432f
SHA512

2f059e2574e301532bd39d9d1daeac568790bbaca690b9e514b9319befa3f08782cfc9a7970e0df79cc986992983504479c346ba3a525bbe7f6b2ab4403d1689
SSDEEP

768:/KrqgHN13edH4eSROPPt8i0lLOFPFMFMFiIFQp44fX0:/2DN1ewUt8LQdGGtFQg

Score

1^/10

Malware Config

Signatures

Files

VirusShare_a376bf1104af61ba7731ddb593fa90ae
.exe windows:4 windows x86 arch:x86

c98a51f7b9ab9703fa5fdc92fdcba1bb

Code Sign

13:5a:64:1c:91:50:99:b4:4f:25:ae:9d:87:12:ec:84
Certificate

Issuer

CN=2 7M7AJMBD75667I68EB8A5BCLKIF8EFDL66FD9IIH88D89979569EHGG7EBD6BH99FD7K9F6J978JDAIBDDBL69AB56M87D97II666JDJGGCBHBFE9B6MLK8FBA8CJBB5AMAD6I9JMIBMMKIJB5IK5B985J76BIKHEHHMEF79FKHC97FDB8FBBBJEMHDAIK7K9JG9KEME8L76EBHK95CLIBC7JGIK6KMFHGEEDDMB8755JGMFHM6G6LKIFF97BKCMIKEJJCFDCAE59MFBHM59CBBA5M57GJIAJGCGA7HK9DGCLC56LAE9IM9I7DKF7EH5IDL9FB9GF778LG5HGJFHMM8AHDDKLLMI5ADF5JF5K9C8DDFCCD799C9BLD959FJ9FDB8AMAE66LFIF5FFMIBGBFBDDBH98HCMHDAMABGIBFE5EMHK8J68GJMHMJ899BB88IIH8K7L9BFEH9CFEE676H6BJAFD6H9JCG67KAM78L7EEMEEGLIGD9EK7CD976ELDEELEB6E9G7B9G56KF6LB5FMGD8ME7H7GGKK86IHIH8C5LM8F8I7AEC8CDGLDFDFHIFGLJAKB7G65IH8LM6FIIECLCDFLGH6JGL6F5AGAHBI8EG6965GMLD5LLLALHCHGJGMMHBA7L5KCIBBAAAFBD57ICMG9CIA8D89JKBGK7JME8F5AB7JMA687785HK56IHHHG58LJEHD869GKGDGKBIA56J5M8IL9A596J7LJL855IB8MBMF669565I8E5E7JKDKC9C6MMF7GK9C7FL5C5KD5ED6L78F7J9D7FE858IDBC7C5M7EH79AALABEFHI8957BC5HKJ7FGFGK589FFE5HEC6HGK5DC88K9EHFMJ58F5CLHEDHHJ5CKKAICEF9HBLIKMDA65AMCC9B66IEEFAFIL685GI699KK89DKDMBH8L9DGJFGDLM696CJCA5FI8BB5MKJJ7C7KJD59A8IK8B8FGGBE69H87DB87695FA5AKAB67CCLLMHEGMI8I8766K7BLGHG8D8AK7ALEJDH5B68J8H6CMLAFLJ5JAADJ6FD7F9JDDEAHC68JJ7LBJI76FHIHKJJILMD7E88JADH9MAD5KL7AMJ9JF6LFBBACBBJGIEM5I6GE8FBF86A65JIH89JK5HMJFHIHD9DGL6MCADGD8DGLF56DBFG876AIAKIGJKBIGD9AHMDAL7EAE98IHCDD8A9KMMM6ADI9B77HMGDH875MKJCKE9CKJG5EF6DLCE7K9L5CKFGLBE9MGDBKJCALJMAMM8BBKAC7MJAG8BAMCB8F8GAG5D5B7I96CCEJEB5AMKAIM9AJ8IHDM9GKEL99MJBGMMJ6DKFCBM8DEIKLMLGEEIB589HLDFD7CML6KE9AKA5H69FJJMFKH6KAE5KM76ML5FF95FFHKLJH7BDGB79LCIIIKL89DKE5J6A6CJEKBLD5CDMCMI6DGJA6MD65ALBACIEEIDD57CKEIALKGMDDHIMMCCJHEJLD8KGGJD77DGG8M8EEM8J9LJKIBBDM6G7K7HMKE6HMDICEB6DGAHAAKD8EH79K95DIJHFM6AI6H5J679IDGL6F9LK8LC5IC8E6F7GLHC9HFH7JIIKIE878LLMD65I76KFGAF7MKDFM57KMJ5H795DEKG8L7J8KK785HBMH6MFIHF85MMD8HKL9AKCGDE67GK9DLMLL8KBHLD9JA8K5F79CDJ7J875ACA87L5HH5IG9F87AIJMH5C68LA688DE8AAJM8LMFGHAFB8ILF9AMMA589IFCIF5GF8AE6B86AALHDJ697IIDMBF89M7K5BJMIK8BCLJAAH8CJHK8MLFC886BKCKHJK7ICIFHI78BAFBA59ILJLE5FEKM9M7KD67JAIJE9JFKJ77GB6BMDDH9FL5IF7K666L8CCIHIF6FJ6EEFI85MKGGC7JFBL8KA5BBIHFHJ8JG8ILMBLG7CK8JL57J7KKEFMBMF7LMECGA8L9FK76G7HJLE8LKFMK7M7HMAJKGJMEB5KJJL8G7GA75DF5EGLIE5HMFDBJF5J8G9E7M5IDCF5BMD57LBJAB8JJAIKGFCHBBC8C5CDGHGH5B6ALAK9J5DKIL55E7GFE5AL6JL96CKJ5EACKCFD5ID56FB59C9AACL55KLKFA9AKG59D658MDDG7GKFIEBL5G9FEGH5MB7H8GFI5EJG85E68GLMGAFAMLG6B9LIKJKM8A6MK9IGFK9I9FLMHCDECMCFEG6KJ96IE6AL75LDCBKMCHGM876GDG7GGDAAADC579FGKJBMCGBAEBIHKH5H66EBEAB5HIJEBK586MBEHEA7DCBGK6JJ9JDDFCG6AA9A6KBJG7C6KILMMLCGFMC6JEM5DJ9BAMM6EIKEA775II7CG798MLEIDA9JBBLMIG9685GFJ89CIHEM5IB9C9EMLCG5JH56HFH68KA8IHHFFH9AGF8BEMCMHCFCJ8GHMAK9L89GGBEICDAMJJFEE5K589IBF5B5EGGD9JC7KAMBJF6GJMCAL57DLM5F58H8LGL6B9D5IGCEICK5IHHKGC9F569E8DECLILLLJIFF6CKE7CLJ5HJMBJHI9F6JAG5MGLB5E7ACDGF5FALLAH9JK797EBFH5A7D79C5CAEAKMBBEGML68L8H8H96M6AID8LEFDK5EG9HCC8C9JH856ICEBLF55DAJDCAHFJKI85H7DCEFALIKDDACJMI8DACGA8AD9E6DGDJDJELJA8AIBGFIF7JDKECK79DME7I5E8AK99BHI5CJF7577M6JB5G7BG8BM5G9CJIM7KDFFK7BD7CI76AEFAMHD887I7AHJHKFCLGHI5IKM87E7KBMG89DMH9IDK6GDBLGBF6IAHILCBC5IGFG9KM6AJFKBI6KM57957H696MAK5ABIHC8EMFG68GC659L5K8GKD9JH9ELGMGBI6HEAF77K99BL8A5A67AJK8GH6KLKDLGDMEFI6E69ECJG7GLGE7IDMKMBDFC67FAH99EICCHL8B8E9F9HAHIJJAJL8HLA5I8AJEHGKAKFEJKC86MC6G7FKCJDLBK8FAIMCAE8MDMKHFDH865EGM5I5JAB876JFM7GJIGKKLBEGIKAI5KLF6E6ELBIEJAKB969DBKE6CHCBKMFJCEEEF5H6LGLADHFED6FLL5ICEF9IGJEJBKAKC6BIIB9JDAF7F9HGD9B9I7KC5HHCJ98LIAA69F6ADEAIDAEJCKM97777965KCI8M5EALLKIJBJB7HH7I98GEGM5C5C7IJ8A97IHG7EICBJ7HICDEMILEMKBI6D558KGIM6ALLEC5LBE5HAI8IBL9GD7EE7C7HL9DLKEK8B9CKBL9FGLFMJ95LABMKDCJ6599FD95GBJC8M7L6E9HD88EJC6AIGHA5EKMKELBHCFF9DHKIFJ78FAK9DAG6MD9LD89KKE7G58EG8FCK9KFDCLHJL6M7MDFMEDI59E7BE8G9J9BDDGGM8ILLJF8EA5K75ML7LMEIH8A95JJFMCICD8JHKM6MILJ8MM875DKB6KK6HI9GMC957L97BBCFBCGG5ILCL67FKMBEM9G9E5C97CB5BMJJ9D7JCHAD8BGDM7LFLLBD9EDIFFHKE7I8GD8J87D7FF9MI8FD5L7CCCDEII9L8MIHMACELEDEJC6JDL7KIL7IM6CL5LCABL6FLDEFL89855HDL6DFI8L6EL8B6FMMG85B8MLC5IGGA787EEAJLDDHADFJGH7CB9IIGA8ALFD557KMD87K758I98BAFLE9CDAKCED9IAADGJGHEMFEHIJ7MG6AL97EC8H5H98MEBIFICGM5JMIILFEFDBCMBBAH5HKKE95HDA78LD88GIKKD5B68EG5A6B7B89D65KE7B9MH9DIE6AFI8LLDL8GKDAAHJD868EL77B5HBJ5C65HJE7A 3

Not Before

19/12/2012, 04:49

Not After

31/12/2039, 23:59

Subject

CN=2 7M7AJMBD75667I68EB8A5BCLKIF8EFDL66FD9IIH88D89979569EHGG7EBD6BH99FD7K9F6J978JDAIBDDBL69AB56M87D97II666JDJGGCBHBFE9B6MLK8FBA8CJBB5AMAD6I9JMIBMMKIJB5IK5B985J76BIKHEHHMEF79FKHC97FDB8FBBBJEMHDAIK7K9JG9KEME8L76EBHK95CLIBC7JGIK6KMFHGEEDDMB8755JGMFHM6G6LKIFF97BKCMIKEJJCFDCAE59MFBHM59CBBA5M57GJIAJGCGA7HK9DGCLC56LAE9IM9I7DKF7EH5IDL9FB9GF778LG5HGJFHMM8AHDDKLLMI5ADF5JF5K9C8DDFCCD799C9BLD959FJ9FDB8AMAE66LFIF5FFMIBGBFBDDBH98HCMHDAMABGIBFE5EMHK8J68GJMHMJ899BB88IIH8K7L9BFEH9CFEE676H6BJAFD6H9JCG67KAM78L7EEMEEGLIGD9EK7CD976ELDEELEB6E9G7B9G56KF6LB5FMGD8ME7H7GGKK86IHIH8C5LM8F8I7AEC8CDGLDFDFHIFGLJAKB7G65IH8LM6FIIECLCDFLGH6JGL6F5AGAHBI8EG6965GMLD5LLLALHCHGJGMMHBA7L5KCIBBAAAFBD57ICMG9CIA8D89JKBGK7JME8F5AB7JMA687785HK56IHHHG58LJEHD869GKGDGKBIA56J5M8IL9A596J7LJL855IB8MBMF669565I8E5E7JKDKC9C6MMF7GK9C7FL5C5KD5ED6L78F7J9D7FE858IDBC7C5M7EH79AALABEFHI8957BC5HKJ7FGFGK589FFE5HEC6HGK5DC88K9EHFMJ58F5CLHEDHHJ5CKKAICEF9HBLIKMDA65AMCC9B66IEEFAFIL685GI699KK89DKDMBH8L9DGJFGDLM696CJCA5FI8BB5MKJJ7C7KJD59A8IK8B8FGGBE69H87DB87695FA5AKAB67CCLLMHEGMI8I8766K7BLGHG8D8AK7ALEJDH5B68J8H6CMLAFLJ5JAADJ6FD7F9JDDEAHC68JJ7LBJI76FHIHKJJILMD7E88JADH9MAD5KL7AMJ9JF6LFBBACBBJGIEM5I6GE8FBF86A65JIH89JK5HMJFHIHD9DGL6MCADGD8DGLF56DBFG876AIAKIGJKBIGD9AHMDAL7EAE98IHCDD8A9KMMM6ADI9B77HMGDH875MKJCKE9CKJG5EF6DLCE7K9L5CKFGLBE9MGDBKJCALJMAMM8BBKAC7MJAG8BAMCB8F8GAG5D5B7I96CCEJEB5AMKAIM9AJ8IHDM9GKEL99MJBGMMJ6DKFCBM8DEIKLMLGEEIB589HLDFD7CML6KE9AKA5H69FJJMFKH6KAE5KM76ML5FF95FFHKLJH7BDGB79LCIIIKL89DKE5J6A6CJEKBLD5CDMCMI6DGJA6MD65ALBACIEEIDD57CKEIALKGMDDHIMMCCJHEJLD8KGGJD77DGG8M8EEM8J9LJKIBBDM6G7K7HMKE6HMDICEB6DGAHAAKD8EH79K95DIJHFM6AI6H5J679IDGL6F9LK8LC5IC8E6F7GLHC9HFH7JIIKIE878LLMD65I76KFGAF7MKDFM57KMJ5H795DEKG8L7J8KK785HBMH6MFIHF85MMD8HKL9AKCGDE67GK9DLMLL8KBHLD9JA8K5F79CDJ7J875ACA87L5HH5IG9F87AIJMH5C68LA688DE8AAJM8LMFGHAFB8ILF9AMMA589IFCIF5GF8AE6B86AALHDJ697IIDMBF89M7K5BJMIK8BCLJAAH8CJHK8MLFC886BKCKHJK7ICIFHI78BAFBA59ILJLE5FEKM9M7KD67JAIJE9JFKJ77GB6BMDDH9FL5IF7K666L8CCIHIF6FJ6EEFI85MKGGC7JFBL8KA5BBIHFHJ8JG8ILMBLG7CK8JL57J7KKEFMBMF7LMECGA8L9FK76G7HJLE8LKFMK7M7HMAJKGJMEB5KJJL8G7GA75DF5EGLIE5HMFDBJF5J8G9E7M5IDCF5BMD57LBJAB8JJAIKGFCHBBC8C5CDGHGH5B6ALAK9J5DKIL55E7GFE5AL6JL96CKJ5EACKCFD5ID56FB59C9AACL55KLKFA9AKG59D658MDDG7GKFIEBL5G9FEGH5MB7H8GFI5EJG85E68GLMGAFAMLG6B9LIKJKM8A6MK9IGFK9I9FLMHCDECMCFEG6KJ96IE6AL75LDCBKMCHGM876GDG7GGDAAADC579FGKJBMCGBAEBIHKH5H66EBEAB5HIJEBK586MBEHEA7DCBGK6JJ9JDDFCG6AA9A6KBJG7C6KILMMLCGFMC6JEM5DJ9BAMM6EIKEA775II7CG798MLEIDA9JBBLMIG9685GFJ89CIHEM5IB9C9EMLCG5JH56HFH68KA8IHHFFH9AGF8BEMCMHCFCJ8GHMAK9L89GGBEICDAMJJFEE5K589IBF5B5EGGD9JC7KAMBJF6GJMCAL57DLM5F58H8LGL6B9D5IGCEICK5IHHKGC9F569E8DECLILLLJIFF6CKE7CLJ5HJMBJHI9F6JAG5MGLB5E7ACDGF5FALLAH9JK797EBFH5A7D79C5CAEAKMBBEGML68L8H8H96M6AID8LEFDK5EG9HCC8C9JH856ICEBLF55DAJDCAHFJKI85H7DCEFALIKDDACJMI8DACGA8AD9E6DGDJDJELJA8AIBGFIF7JDKECK79DME7I5E8AK99BHI5CJF7577M6JB5G7BG8BM5G9CJIM7KDFFK7BD7CI76AEFAMHD887I7AHJHKFCLGHI5IKM87E7KBMG89DMH9IDK6GDBLGBF6IAHILCBC5IGFG9KM6AJFKBI6KM57957H696MAK5ABIHC8EMFG68GC659L5K8GKD9JH9ELGMGBI6HEAF77K99BL8A5A67AJK8GH6KLKDLGDMEFI6E69ECJG7GLGE7IDMKMBDFC67FAH99EICCHL8B8E9F9HAHIJJAJL8HLA5I8AJEHGKAKFEJKC86MC6G7FKCJDLBK8FAIMCAE8MDMKHFDH865EGM5I5JAB876JFM7GJIGKKLBEGIKAI5KLF6E6ELBIEJAKB969DBKE6CHCBKMFJCEEEF5H6LGLADHFED6FLL5ICEF9IGJEJBKAKC6BIIB9JDAF7F9HGD9B9I7KC5HHCJ98LIAA69F6ADEAIDAEJCKM97777965KCI8M5EALLKIJBJB7HH7I98GEGM5C5C7IJ8A97IHG7EICBJ7HICDEMILEMKBI6D558KGIM6ALLEC5LBE5HAI8IBL9GD7EE7C7HL9DLKEK8B9CKBL9FGLFMJ95LABMKDCJ6599FD95GBJC8M7L6E9HD88EJC6AIGHA5EKMKELBHCFF9DHKIFJ78FAK9DAG6MD9LD89KKE7G58EG8FCK9KFDCLHJL6M7MDFMEDI59E7BE8G9J9BDDGGM8ILLJF8EA5K75ML7LMEIH8A95JJFMCICD8JHKM6MILJ8MM875DKB6KK6HI9GMC957L97BBCFBCGG5ILCL67FKMBEM9G9E5C97CB5BMJJ9D7JCHAD8BGDM7LFLLBD9EDIFFHKE7I8GD8J87D7FF9MI8FD5L7CCCDEII9L8MIHMACELEDEJC6JDL7KIL7IM6CL5LCABL6FLDEFL89855HDL6DFI8L6EL8B6FMMG85B8MLC5IGGA787EEAJLDDHADFJGH7CB9IIGA8ALFD557KMD87K758I98BAFLE9CDAKCED9IAADGJGHEMFEHIJ7MG6AL97EC8H5H98MEBIFICGM5JMIILFEFDBCMBBAH5HKKE95HDA78LD88GIKKD5B68EG5A6B7B89D65KE7B9MH9DIE6AFI8LLDL8GKDAAHJD868EL77B5HBJ5C65HJE7A 3

Extended Key Usages

ExtKeyUsageCodeSigning

63:39:44:58:04:37:8f:16:fc:18:2b:c1:99:19:b1:bd:04:dc:71:05
Signer

Actual PE Digest

63:39:44:58:04:37:8f:16:fc:18:2b:c1:99:19:b1:bd:04:dc:71:05

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCommandLineW
VirtualAlloc
GetWindowsDirectoryW
lstrlenW
GetSystemWindowsDirectoryW
LocalFree
LocalAlloc
GetCurrentProcess
GetLastError
WaitForMultipleObjects
CreateThread
GetCurrentThreadId
OpenEventW
CreateEventW
SetEvent
CreateMutexW
SetLastError
lstrcmpW
GetVersionExW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleA
GetStartupInfoA
lstrcatW
GetNumberFormatW
lstrcpyW
LoadLibraryA
CreateHardLinkA
VirtualQueryEx
GetCurrencyFormatA
FindFirstVolumeW
CreateFileMappingW
SetConsoleDisplayMode
IsSystemResumeAutomatic
Process32NextW
GetTapeStatus
_llseek
ReadConsoleInputA
lstrcpy
ReadFileEx
ExpandEnvironmentStringsW
DeleteVolumeMountPointW
UnlockFileEx
GetTempFileNameA
Module32First
FreeUserPhysicalPages
CopyFileA
GetDefaultCommConfigW
CancelDeviceWakeupRequest
CreateTimerQueue
InterlockedIncrement
CreateRemoteThread
FatalAppExitW
CreateConsoleScreenBuffer
FoldStringW
CommConfigDialogW
SetThreadAffinityMask
MapUserPhysicalPagesScatter
WriteConsoleInputW
SetMessageWaitingIndicator
PostQueuedCompletionStatus
GetModuleHandleW
GetPrivateProfileSectionW
GetThreadSelectorEntry

user32

GetWindowThreadProcessId

gdi32

GetStockObject
SetTextAlign
SelectObject
SetTextColor
SetBkColor
GetTextExtentPoint32W
ExtTextOutW

msvcrt

_vsnprintf
_except_handler3
_c_exit
_exit
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_vsnwprintf
__set_app_type
_controlfp
setlocale
mbstowcs
gets
_mbscspn
__iscsymf
_rmtmp
__unDNameEx
atoi
wcspbrk
_Getdays
putwc
_aexit_rtn
sqrt
_errno
_j1
isalpha
fopen
_findnext
_memicmp
_fpclass
vwprintf
iswcntrl
_ftol
_ftime
_setjmp
strpbrk
rename
strftime
_itoa
_CIsin
memcpy
_atodbl
_stati64
_wfindfirsti64
_ultow
wcsrchr
memset
_wchmod
malloc
getenv
_ismbbprint
_endthreadex
__p__winver
_Strftime
__p__winmajor
_winminor
__unDName
_findfirsti64
_adj_fprem
strtod
__isascii
_chgsign
wcstok
_wopen
free
_snwprintf
_wfindnext
strtol
_mbsupr
_mbsspnp
__p__wenviron
_strlwr
iswgraph
_adj_fdivr_m32
__STRINGTOLD
_isnan
_wfsopen
_mbctombb
_wsetlocale
_mbclen
difftime
time
_assert
_wspawnlpe
_isatty
log10
_lrotr
fputwc
_strnicmp
_findclose
_mbsnicoll
_wutime
strtok
_mbscpy
_ui64toa
fprintf
_wstati64
_adj_fdivr_m64
_wfindfirst64
ferror
freopen
_daylight
_mbsicoll

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c98a51f7b9ab9703fa5fdc92fdcba1bb

Code Sign

13:5a:64:1c:91:50:99:b4:4f:25:ae:9d:87:12:ec:84Certificate

Extended Key Usages

63:39:44:58:04:37:8f:16:fc:18:2b:c1:99:19:b1:bd:04:dc:71:05Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

advapi32

Sections

.text Size: 47KB - Virtual size: 46KB

.data Size: 6KB - Virtual size: 6KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 968B

13:5a:64:1c:91:50:99:b4:4f:25:ae:9d:87:12:ec:84
Certificate

63:39:44:58:04:37:8f:16:fc:18:2b:c1:99:19:b1:bd:04:dc:71:05
Signer

.text
Size: 47KB - Virtual size: 46KB

.data
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 968B