2024-02-20_66daf0fabf51da68a5a083cb93688d3f_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-20_66daf0fabf51da68a5a083cb93688d3f_mafia
Size

7.4MB
MD5

66daf0fabf51da68a5a083cb93688d3f
SHA1

2d3d1bb35bb13d1bc4b1b932a25d609d4a88c359
SHA256

e2869531e3d67e22baba0df0ff7ae82842bd34640a2c9c05793563f5b1db4631
SHA512

9ab1d5ac336e65e89b1c049257117423aebd168f05413061ee36fcd70eb9e69ea94f8deae1d27263c840b09d42b537cc1b36046dea02ac1cfb8f47415c25ef35
SSDEEP

196608:+bZrXlXQ/p4Gdko+Xxk8s8axgTkY/lNIqc/LwL9fXMt3zt5FKTRLRBpMTHjNd/KX:+bZrB4+hk8sCIqc/LS

Score

1^/10

Malware Config

Signatures

Files

2024-02-20_66daf0fabf51da68a5a083cb93688d3f_mafia
.exe windows:5 windows x86 arch:x86

ba47416ee319a6746d1367d8131dc507

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

34:4e:d5:57:20:d5:ed:ec:49:f4:2f:ce:37:db:2b:6d
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

17/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:bf:02:ca:35:70:a9:71:95:be:a7:d2:a4:fb:b0:8c
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

19/01/2013, 00:00

Not After

20/03/2014, 23:59

Subject

CN=iztel Corp.,OU=Dev. Team,O=iztel Corp.,L=Anyang-si,ST=Gyeonggi-do,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3b:d1:6b:ee:45:46:15:7c:3a:48:b4:29:f7:2b:b6:bd:6b:12:a2:a1
Signer

Actual PE Digest

3b:d1:6b:ee:45:46:15:7c:3a:48:b4:29:f7:2b:b6:bd:6b:12:a2:a1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
GetFullPathNameA
GetModuleFileNameW
MoveFileA
RemoveDirectoryA
SetFileAttributesA
FindNextFileA
DeleteFileA
WideCharToMultiByte
CreateProcessA
TerminateProcess
GetExitCodeProcess
Process32Next
OpenProcess
Process32First
Module32Next
Module32First
CreateToolhelp32Snapshot
GetComputerNameA
ReadFile
CopyFileA
CopyFileW
CreateFileW
InterlockedPopEntrySList
VirtualFree
InterlockedPushEntrySList
InterlockedCompareExchange
GetProcessHeap
WriteConsoleW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
CompareStringW
GetCurrentDirectoryW
PeekNamedPipe
GetFileInformationByHandle
GetConsoleMode
GetConsoleCP
SetHandleCount
HeapCreate
GetStdHandle
GetFileAttributesW
GetVersion
SetThreadPriority
GetCurrentThread
GetThreadPriority
ReadDirectoryChangesW
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
GetFileAttributesA
GetCurrentProcess
ResetEvent
CreateEventA
GetLogicalDrives
GetDriveTypeA
GetDiskFreeSpaceExA
GetTimeFormatA
GetDateFormatA
CreateDirectoryA
FindResourceExW
lstrcpynA
GetThreadLocale
CompareStringA
GetVolumeInformationA
GetTimeZoneInformation
FindClose
FindFirstFileA
GetNumberFormatA
LocalFree
FormatMessageA
RaiseException
SetEvent
ExpandEnvironmentStringsA
WritePrivateProfileStringA
GetCurrentDirectoryA
MulDiv
FreeResource
FindResourceA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
InterlockedDecrement
InterlockedIncrement
lstrlenA
WriteFile
CreateFileA
lstrcpyA
MultiByteToWideChar
GetTickCount
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoW
LCMapStringW
IsProcessorFeaturePresent
IsValidCodePage
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetFileType
SetStdHandle
HeapQueryInformation
SetFileTime
VirtualQuery
GetSystemInfo
GlobalSize
GetCurrentThreadId
CreateMutexA
GetPrivateProfileStringA
GetVersionExA
ActivateActCtx
GetModuleHandleA
DeactivateActCtx
SetLastError
GetWindowsDirectoryA
InitializeCriticalSectionAndSpinCount
FreeLibrary
GetProcAddress
GetLastError
LoadLibraryA
SetCurrentDirectoryA
GetModuleFileNameA
VirtualAlloc
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineA
ResumeThread
DeleteCriticalSection
WaitForSingleObject
Sleep
FileTimeToLocalFileTime
FileTimeToSystemTime
CloseHandle
GetFileTime
GetFileSize
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
FindResourceW
LoadResource
LockResource
SetEnvironmentVariableA
GetDriveTypeW
CreateThread
ExitThread
HeapReAlloc
FindFirstFileExA
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
ExitProcess
DecodePointer
EncodePointer
GetUserDefaultLCID
SearchPathA
GetProfileIntA
GetTempPathA
GetTempFileNameA
SetErrorMode
GetSystemDirectoryW
GetOEMCP
GetCPInfo
GetACP
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetFileSizeEx
GetFileAttributesExA
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
VirtualProtect
GetPrivateProfileIntA
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
InterlockedExchange
lstrcmpA
GetModuleHandleW
SuspendThread
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryW
lstrcmpW
ReleaseActCtx
CreateActCtxW
GetCurrentProcessId
lstrlenW
GetLocalTime
CancelIo
SetEndOfFile
SetFilePointer
ReleaseSemaphore
CreateSemaphoreA
SystemTimeToFileTime
FlushInstructionCache
MoveFileExA
HeapSize
SizeofResource

advapi32

RegQueryValueA
RegEnumValueA
RegEnumKeyExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegDeleteKeyA
RegEnumKeyA

user32

DestroyIcon
GetSystemMetrics
LoadIconA
LoadIconW
LoadImageA
EnumWindows
SetForegroundWindow
SendMessageTimeoutA
GetWindow
GetClassNameA
IsWindowVisible
GetSystemMenu
AppendMenuA
MapWindowPoints
GetWindowLongA
SetWindowLongA
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardViewer
GetAsyncKeyState
IsIconic
DrawIcon
IsZoomed
GetCursorPos
GetClipboardOwner
IsClipboardFormatAvailable
GetClipboardData
ExitWindowsEx
EnableMenuItem
UpdateWindow
GetForegroundWindow
GetFocus
CreatePopupMenu
SetRectEmpty
ShowWindow
GetUpdateRect
FillRect
OffsetRect
InflateRect
PtInRect
GetParent
ClientToScreen
ScreenToClient
LoadBitmapW
SetCapture
ReleaseCapture
GetWindowDC
GetSysColor
DrawFrameControl
UnregisterClassA
RealChildWindowFromPoint
CharUpperA
ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatA
PostQuitMessage
ValidateRect
MapVirtualKeyA
GetKeyNameTextA
CharNextA
ReleaseDC
LoadCursorA
SetCursor
GetSysColorBrush
GetDoubleClickTime
RegisterWindowMessageA
GetKeyState
CopyImage
GetDC
DrawIconEx
SetRect
DrawFocusRect
DrawStateA
GetMessagePos
MessageBeep
DestroyMenu
GetMenuItemInfoA
LoadAcceleratorsA
FrameRect
SubtractRect
IsRectEmpty
TranslateAcceleratorA
CreateWindowExA
GetWindowPlacement
SystemParametersInfoA
IntersectRect
GetClassInfoA
DefWindowProcA
IsWindow
GetActiveWindow
WindowFromPoint
SetWindowRgn
ChildWindowFromPointEx
GetCapture
DestroyCursor
CharUpperBuffA
CopyIcon
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
MonitorFromPoint
UpdateLayeredWindow
MapVirtualKeyExA
IsCharLowerA
LoadImageW
SetClipboardData
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
SetClassLongA
DestroyAcceleratorTable
SetParent
UnpackDDElParam
ReuseDDElParam
InsertMenuItemA
BringWindowToTop
NotifyWinEvent
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
WaitMessage
InvalidateRect
GetSubMenu
LoadMenuW
RedrawWindow
SendMessageA
GrayStringA
DrawTextExA
TabbedTextOutA
EnableWindow
PostMessageA
KillTimer
SetTimer
GetDesktopWindow
GetWindowRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
CheckMenuItem
WinHelpA
IsChild
SetWindowsHookExA
CallNextHookEx
SetPropA
GetPropA
RemovePropA
GetTopWindow
GetMessageTime
DrawTextA
GetClientRect
LoadBitmapA
CopyRect
CopyAcceleratorTableA
InvalidateRgn
DeleteMenu
EnumDisplayMonitors
SetLayeredWindowAttributes
GetIconInfo
EndDeferWindowPos
SetWindowPos
GetWindowTextA
GetWindowTextLengthA
GetComboBoxInfo
CallWindowProcA
GetDlgItem
IsDialogMessageA
CreateMenu
SetMenuDefaultItem
UnionRect
DispatchMessageA
TranslateMessage
PeekMessageA
MsgWaitForMultipleObjects
GetMessageA
PostThreadMessageA
RegisterClassA
DestroyWindow
GetNextDlgGroupItem
LoadMenuA
ModifyMenuA
SetMenuItemInfoA
DrawEdge
InsertMenuA
FindWindowA
RegisterClassExA
GetScrollInfo
GetWindowRgn
GetClassLongA
ScrollWindow
DeferWindowPos
BeginDeferWindowPos
AdjustWindowRectEx
IsMenu
GetMonitorInfoA
MonitorFromWindow
RemoveMenu
GetMenuItemCount
GetMenuItemID
GetMenuStringA
GetMenuState
BeginPaint
EndPaint
MessageBoxA
IsWindowEnabled
GetLastActivePopup
GetWindowThreadProcessId
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
SetActiveWindow
UnhookWindowsHookEx
SetFocus
SetScrollPos
GetScrollPos
CheckDlgButton
SendDlgItemMessageA
SetWindowTextA
GetDlgCtrlID
MoveWindow
GetMenu
SetWindowPlacement
SetScrollInfo
EqualRect
GetClassInfoExA
ShowScrollBar
GetScrollRange
SetScrollRange
SetMenu
TrackPopupMenu
LoadCursorW

gdi32

CreateDIBSection
DeleteObject
DeleteDC
SelectObject
CreateBrushIndirect
StretchBlt
CreateFontIndirectA
CreateFontA
GetObjectA
CreatePen
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetTextExtentPoint32A
BitBlt
GetBkColor
GetViewportExtEx
GetWindowExtEx
GetMapMode
CreateCompatibleBitmap
CreateCompatibleDC
GetTextColor
GetStockObject
GetBitmapBits
GetPixel
SetBkColor
SetBkMode
CreateSolidBrush
GetDIBits
RealizePalette
RestoreDC
SetDIBitsToDevice
SetStretchBltMode
CreateRectRgnIndirect
SaveDC
SetRectRgn
GetWindowOrgEx
CopyMetaFileA
CreateDCA
SetPolyFillMode
SetROP2
SetMapMode
ExcludeClipRect
IntersectClipRect
EnumFontsA
SelectClipRgn
PatBlt
GetBitmapDimensionEx
SetBitmapDimensionEx
GetTextExtentExPointA
GetDeviceCaps
Rectangle
GetTextMetricsA
DPtoLP
GetClipBox
CreateRectRgn
FrameRgn
FillRgn
CombineRgn
OffsetRgn
CreateRoundRectRgn
SetTextColor
CreatePolygonRgn
CreateBitmap
GetTextFaceA
SetPixelV
SetPaletteEntries
ExtFloodFill
GetBoundsRect
PtInRegion
GetViewportOrgEx
LPtoDP
SetPixel
SetDIBColorTable
Polygon
Ellipse
Polyline
CreateEllipticRgn
GetSystemPaletteEntries
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
EnumFontFamiliesExA
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
GetRgnBox
CreateHatchBrush
GetObjectType
SelectPalette
CreatePatternBrush
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
ExtSelectClipRgn

shell32

ShellExecuteA
SHGetFileInfoA
SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA
Shell_NotifyIconA
SHCreateDirectoryExA
FindExecutableA
SHAppBarMessage
DragQueryFileA
DragFinish
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteExA
SHGetSpecialFolderPathA

version

GetFileVersionInfoA
VerQueryValueW
GetFileVersionInfoSizeA

ws2_32

WSAGetLastError
WSARecv
WSASend
WSASocketA
WSAAccept

diconclient

?GetLastMurekaAPIError@DiconAPI@@YAHXZ
?UploadCheck@DiconAPI@@YAHPBD00PAUt__CHECK_RESULT@1@KP6GIKPAD@ZK@Z
?RegistVideoHash@DiconAPI@@YAHPBD0IPAX@Z
?FreeConnection@DiconAPI@@YAXPAX@Z
?GetConnection@DiconAPI@@YAPAXXZ
?SetLogDealState@DiconAPI@@YAX_J00KPAD@Z
?DownloadComplete@DiconAPI@@YAH_K@Z
?DownloadCheckByKey@DiconAPI@@YAHPAUt_DOWNLOAD_CHECK_INFO@1@P6GIPBUt_BuyParam@1@PAX@Z2HPAUt__CHECK_RESULT@1@@Z
?CheckVideoHash@DiconAPI@@YAIPBDPAX@Z
?SetMainWindow@DiconAPI@@YAHPAVCWnd@@@Z
?Init@DiconAPI@@YAHPBD00@Z
?IsInit@DiconAPI@@YAHXZ
?IsXMovie@DiconAPI@@YAHPBD@Z

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comctl32

ImageList_GetIconSize
_TrackMouseEvent
ImageList_Draw
InitCommonControlsEx
ImageList_Destroy

shlwapi

PathIsRelativeA
PathStripToRootA
StrFormatByteSizeW
PathFileExistsA
PathFindExtensionA
PathFindFileNameA
PathIsUNCA
PathRemoveFileSpecW
PathRemoveFileSpecA

ole32

OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
DoDragDrop
CoCreateInstance
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitializeEx
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleDuplicateData
ReleaseStgMedium
CoTaskMemFree
CoCreateGuid
CoUninitialize
CoInitialize
OleSetContainedObject
OleCreateStaticFromData
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
CoTaskMemAlloc

oleaut32

SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
VariantClear
SafeArrayDestroy
SysFreeString
SysAllocStringLen
OleLoadPicture
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString
SysStringLen
SysAllocStringByteLen
VariantChangeType
VariantInit
OleCreateFontIndirect
VariantCopy
VarBstrFromDate

oledlg

ord8

urlmon

URLDownloadToFileA

wsock32

bind
htonl
listen
sendto
recvfrom
ntohs
inet_ntoa
select
__WSAFDIsSet
getsockname
setsockopt
ntohl
socket
htons
ioctlsocket
closesocket
connect
send
recv
gethostname
gethostbyname
inet_addr
WSACleanup
WSAStartup

sqlite3

sqlite3_exec
sqlite3_finalize
sqlite3_step
sqlite3_prepare
sqlite3_column_text
sqlite3_column_int
sqlite3_column_int64
sqlite3_last_insert_rowid
sqlite3_free
sqlite3_open_v2
sqlite3_column_count
sqlite3_vmprintf
sqlite3_close

gdiplus

GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipBitmapLockBits

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA
InternetCloseHandle
InternetOpenA
InternetConnectA
HttpOpenRequestA
InternetSetOptionA
HttpAddRequestHeadersA
HttpSendRequestA
InternetOpenUrlA
DeleteUrlCacheEntry
InternetReadFile
HttpQueryInfoA

netapi32

Netbios

apclient

?GetHostDataA@CAPClient@@QAEPAV?$vector@Ut_HOST_INFO@@V?$allocator@Ut_HOST_INFO@@@std@@@std@@XZ
??1CAPClient@@QAE@XZ
?GetHostList@CAPClient@@QAEHPBD0G@Z
??0CAPClient@@QAE@XZ

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winmm

PlaySoundA

comdlg32

GetFileTitleA

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 492KB - Virtual size: 492KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 250KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba47416ee319a6746d1367d8131dc507

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

34:4e:d5:57:20:d5:ed:ec:49:f4:2f:ce:37:db:2b:6dCertificate

Key Usages

38:bf:02:ca:35:70:a9:71:95:be:a7:d2:a4:fb:b0:8cCertificate

Extended Key Usages

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5eCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

3b:d1:6b:ee:45:46:15:7c:3a:48:b4:29:f7:2b:b6:bd:6b:12:a2:a1Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

shell32

version

ws2_32

diconclient

msimg32

winspool.drv

comctl32

shlwapi

ole32

oleaut32

oledlg

urlmon

wsock32

sqlite3

gdiplus

wininet

netapi32

apclient

oleacc

imm32

winmm

comdlg32

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 492KB - Virtual size: 492KB

.data Size: 38KB - Virtual size: 76KB

.rsrc Size: 4.5MB - Virtual size: 4.5MB

.reloc Size: 250KB - Virtual size: 250KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

34:4e:d5:57:20:d5:ed:ec:49:f4:2f:ce:37:db:2b:6d
Certificate

38:bf:02:ca:35:70:a9:71:95:be:a7:d2:a4:fb:b0:8c
Certificate

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

3b:d1:6b:ee:45:46:15:7c:3a:48:b4:29:f7:2b:b6:bd:6b:12:a2:a1
Signer

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 492KB - Virtual size: 492KB

.data
Size: 38KB - Virtual size: 76KB

.rsrc
Size: 4.5MB - Virtual size: 4.5MB

.reloc
Size: 250KB - Virtual size: 250KB