RtkAudUService64[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

RtkAudUService64.exe
Size

1.2MB
MD5

268452d644d29e5f96f0f18b06ee71b1
SHA1

1af5ed98ab51bd4f36edec7669f659ed3777b251
SHA256

e5d92e3ac3a7a6364dfbb107890b21277e9ee2aa43915a20e92cc4cfe84bd57d
SHA512

493270275a6f24c532bf727d1b533d1826b55f214604ad17ba569855f558ab90dc33133fe3745f4888c186d1657a04644d98dad5930daa91b57d7bf2ef909ad6
SSDEEP

24576:fD4yFKqPyHwImH0MS5s7doqLUz8KwcOd4K0c4F7qeg:L4qyHpC0HydzLUzecOeK0c4F7qeg

Score

1^/10

Malware Config

Signatures

Files

RtkAudUService64.exe
.exe windows:6 windows x64 arch:x64

246fb6bfc2c85d43c8d7700b3b71fa94

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:20:4d:b4:00:00:00:00:00:27
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:45

Not After

15/04/2021, 19:55

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:fc:fa:c0:8e:21:6a:1c:1f:da:a6:b7:7b:b2:d6:6e
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

06/01/2020, 00:00

Not After

06/01/2022, 12:00

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=HSINCHU,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:b5:21:3f:ca:1e:4a:a0:3d:e4:00:00:00:00:00:b5
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/12/2020, 22:15

Not After

02/12/2021, 22:15

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e7:24:b1:42:60:77:ac:2c:05:e2:8c:87:8c:f3:66:aa:81:c2:c1:19:2f:07:57:62:50:4f:4f:d3:87:b9:52:1b
Signer

Actual PE Digest

e7:24:b1:42:60:77:ac:2c:05:e2:8c:87:8c:f3:66:aa:81:c2:c1:19:2f:07:57:62:50:4f:4f:d3:87:b9:52:1b

Digest Algorithm

sha256

PE Digest Matches

true

24:94:15:1e:36:78:3f:cb:45:f3:0c:b5:4f:d5:18:a1:c3:c0:c8:98
Signer

Actual PE Digest

24:94:15:1e:36:78:3f:cb:45:f3:0c:b5:4f:d5:18:a1:c3:c0:c8:98

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

F:\proj_20210316_RtkAudUService_Chunyung\20210316\Release\x64\RtkAudUService64.pdb

Imports

oleaut32

SafeArrayUnaccessData
BSTR_UserMarshal64
SysFreeString
SafeArrayAccessData
BSTR_UserSize64
SysAllocStringLen
SafeArrayPutElement
LoadTypeLibEx
BSTR_UserFree64
LPSAFEARRAY_UserMarshal
SafeArrayCreateVector
LPSAFEARRAY_UserUnmarshal64
BSTR_UserMarshal
BSTR_UserUnmarshal
LPSAFEARRAY_UserMarshal64
LPSAFEARRAY_UserFree64
LPSAFEARRAY_UserUnmarshal
LPSAFEARRAY_UserFree
BSTR_UserUnmarshal64
SysAllocString
LPSAFEARRAY_UserSize
VariantInit
BSTR_UserSize
BSTR_UserFree
VariantCopy
LPSAFEARRAY_UserSize64
VariantClear

rpcrt4

RpcServerRegisterIf3
NdrClientCall3
NdrServerCallAll
NdrServerCall2
NdrCStdStubBuffer2_Release
NdrCStdStubBuffer_Release
CStdStubBuffer_Invoke
RpcServerInqBindings
RpcEpRegisterW
RpcServerListen
RpcServerUnregisterIf
RpcEpUnregister
RpcBindingVectorFree
RpcServerUseProtseqEpW
NdrStubForwardingFunction
IUnknown_AddRef_Proxy
CStdStubBuffer_DebugServerQueryInterface
NdrOleFree
CStdStubBuffer_AddRef
CStdStubBuffer_Connect
CStdStubBuffer_IsIIDSupported
NdrStubCall3
IUnknown_QueryInterface_Proxy
IUnknown_Release_Proxy
CStdStubBuffer_CountRefs
CStdStubBuffer_Disconnect
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_QueryInterface
NdrOleAllocate

api-ms-win-core-com-l1-1-0

CoUninitialize
CoRegisterClassObject
CoInitializeEx
CoFreeUnusedLibrariesEx
CoSetProxyBlanket
CoCreateInstance
CoTaskMemFree
PropVariantClear
CoRevokeClassObject
StringFromGUID2
StringFromCLSID
CLSIDFromString
CoInitializeSecurity

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapAlloc
HeapFree
HeapSize
HeapDestroy
HeapReAlloc

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpW
lstrlenW
lstrcmpA
lstrcpyW

api-ms-win-core-file-l1-1-0

ReadFile
FileTimeToLocalFileTime
QueryDosDeviceW
CreateFileW
WriteFile
GetFileAttributesW
DeleteFileW

api-ms-win-core-timezone-l1-1-0

FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation

api-ms-win-core-datetime-l1-1-0

GetDateFormatW
GetTimeFormatW

api-ms-win-core-libraryloader-l1-2-0

LockResource
FindResourceExW
SizeofResource
GetProcAddress
GetModuleHandleA
GetModuleFileNameW
GetModuleHandleW
LoadStringW
LoadResource
LoadLibraryExW
FreeLibrary

api-ms-win-core-synch-l1-1-0

CreateEventW
WaitForSingleObject
InitializeCriticalSectionEx
ResetEvent
SetWaitableTimer
DeleteCriticalSection
LeaveCriticalSection
CreateMutexW
CreateEventExW
SetEvent
EnterCriticalSection
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
CancelWaitableTimer
InitializeCriticalSection

api-ms-win-core-libraryloader-l1-2-1

FindResourceW
LoadLibraryW

api-ms-win-core-sysinfo-l1-1-0

GetSystemTime
GetLocalTime
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetTickCount

api-ms-win-core-string-l1-1-0

WideCharToMultiByte
GetStringTypeW
MultiByteToWideChar

api-ms-win-core-processthreads-l1-1-1

OpenProcess
IsProcessorFeaturePresent

api-ms-win-core-processthreads-l1-1-0

TlsFree
TlsGetValue
CreateThread
TlsSetValue
OpenProcessToken
CreateProcessAsUserW
GetCurrentProcess
GetStartupInfoW
TlsAlloc
SetProcessShutdownParameters
TerminateProcess
GetCurrentThreadId
ProcessIdToSessionId
CreateProcessW
GetExitCodeProcess
GetCurrentProcessId
SwitchToThread

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
RaiseException
UnhandledExceptionFilter
GetLastError
SetLastError

api-ms-win-core-registry-l1-1-0

RegOpenKeyExW
RegNotifyChangeKeyValue
RegDeleteValueW
RegCloseKey
RegQueryInfoKeyW
RegEnumValueW
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegGetValueW
RegSetKeySecurity
RegGetKeySecurity

api-ms-win-core-registry-l2-1-0

RegDeleteKeyW
RegCreateKeyW

api-ms-win-devices-config-l1-1-1

CM_Get_Device_ID_List_SizeW
CM_Open_DevNode_Key
CM_Get_Parent
CM_Locate_DevNodeW
CM_Get_Device_ID_ListW

api-ms-win-core-debug-l1-1-0

OutputDebugStringA
IsDebuggerPresent
OutputDebugStringW

api-ms-win-core-synch-l1-2-0

Sleep

ext-ms-win-shell32-shellfolders-l1-1-0

SHGetFolderPathW
SHGetSpecialFolderPathW

api-ms-win-core-privateprofile-l1-1-0

GetProfileIntW

api-ms-win-core-file-l1-2-0

GetTempPathW

api-ms-win-core-localization-l1-2-0

LCMapStringW
FormatMessageW

api-ms-win-core-heap-l2-1-0

LocalFree
LocalAlloc

api-ms-win-core-heap-obsolete-l1-1-0

LocalSize

api-ms-win-core-kernel32-legacy-l1-1-0

GetSystemPowerStatus
WTSGetActiveConsoleSessionId

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects
CreateWaitableTimerW

api-ms-win-security-base-l1-1-0

SetTokenInformation
GetAclInformation
DuplicateTokenEx
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
AdjustTokenPrivileges
AllocateAndInitializeSid
FreeSid
AddAce
GetAce
AddAccessAllowedAceEx
InitializeAcl
GetSecurityDescriptorDacl
CreateWellKnownSid
GetLengthSid

api-ms-win-core-namedpipe-l1-1-0

ConnectNamedPipe
DisconnectNamedPipe
CreateNamedPipeW

api-ms-win-security-sddl-l1-1-0

ConvertSidToStringSidW

api-ms-win-core-io-l1-1-0

DeviceIoControl

api-ms-win-security-base-l1-2-2

DeriveCapabilitySidsFromName

api-ms-win-security-provider-l1-1-0

SetEntriesInAclW

api-ms-win-core-registry-l1-1-1

RegSetKeyValueW

bcrypt

BCryptCloseAlgorithmProvider
BCryptImportKeyPair
BCryptEncrypt
BCryptDestroyKey
BCryptOpenAlgorithmProvider

api-ms-win-service-core-l1-1-0

RegisterServiceCtrlHandlerExW
SetServiceStatus
StartServiceCtrlDispatcherW

api-ms-win-service-management-l1-1-0

DeleteService
OpenSCManagerW
CloseServiceHandle
OpenServiceW
CreateServiceW

api-ms-win-service-winsvc-l1-1-0

QueryServiceStatus
ControlService

api-ms-win-service-management-l2-1-0

QueryServiceStatusEx

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-appmodel-runtime-l1-1-1

FindPackagesByPackageFamily

api-ms-win-mm-misc-l1-1-0

mmioCreateChunk
mmioWrite
mmioSetInfo
mmioAdvance
mmioDescend
mmioGetInfo
mmioOpenW
mmioRead
mmioSeek
mmioAscend
mmioClose

api-ms-win-core-toolhelp-l1-1-0

Process32FirstW
Process32NextW
CreateToolhelp32Snapshot

api-ms-win-security-lsalookup-l2-1-0

LookupPrivilegeValueW

userenv

CreateEnvironmentBlock

api-ms-win-core-psapi-l1-1-0

QueryFullProcessImageNameW

api-ms-win-core-memory-l1-1-0

ReadProcessMemory

crypt32

CertFindCertificateInStore
CertGetNameStringW
CertFreeCertificateContext
CertCloseStore
CryptMsgClose
CryptMsgGetParam
CryptQueryObject
CryptDecodeObject

api-ms-win-core-threadpool-l1-2-0

CreateThreadpoolWork
SubmitThreadpoolWork

api-ms-win-eventing-classicprovider-l1-1-0

GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
TraceMessage
RegisterTraceGuidsW

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstanceIdW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupDiGetDevicePropertyW

wtsapi32

WTSQueryUserToken
WTSRegisterSessionNotification

kernel32

WriteProfileStringW
WinExec

user32

TranslateMessage
DispatchMessageW
SetWindowsHookExW
UnhookWindowsHookEx
GetMessageW
UnregisterDeviceNotification
RegisterDeviceNotificationW
RegisterClassW
KillTimer
GetClassNameA
CallNextHookEx
SendInput
SetWinEventHook
UnhookWinEvent
CreateWindowExW
SendMessageW
LoadCursorW
LoadIconW
ShowWindow
SetTimer
DefWindowProcW
FindWindowExW
RegisterPowerSettingNotification

advapi32

GetUserNameW
ReportEventW
DeregisterEventSource
RegisterEventSourceW

ole32

CoInitialize

avrt

AvSetMmThreadCharacteristicsW
AvRevertMmThreadCharacteristics

ntdll

NtQueryInformationProcess

wininet

InternetOpenW
InternetOpenUrlW
InternetReadFile
InternetCloseHandle

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo
exit
_configure_wide_argv
_seh_filter_exe
_initialize_onexit_table
_errno
_set_app_type
_resetstkoflw
_register_thread_local_exe_atexit_callback
_c_exit
_cexit
_initialize_wide_environment
_exit
_invalid_parameter_noinfo_noreturn
terminate
_get_wide_winmain_command_line
_initterm
_crt_atexit
_register_onexit_function
_initterm_e
abort

api-ms-win-crt-string-l1-1-0

wcsncmp
towupper
strcspn
wcscat_s
iswspace
__strncnt
wcstok_s
wcscspn
wcsspn
wcscpy_s
_wcsupr_s
strcpy_s
_wcsicmp
wmemcpy_s
wcsnlen
isupper
_wcsdup
islower

api-ms-win-crt-stdio-l1-1-0

ungetwc
fputwc
_flushall
__stdio_common_vsprintf_s
__stdio_common_vsprintf
fread
_wfopen_s
_set_fmode
fputs
fflush
fputws
__p__commode
fgetwc
fclose
fgets
fseek
_wfsopen
ungetc
__acrt_iob_func
__stdio_common_vfwprintf
__stdio_common_vfprintf_s
setvbuf
__stdio_common_vswprintf_s
__stdio_common_vfprintf
fgetc
_fseeki64
_get_stream_buffer_pointers
__stdio_common_vswprintf
fsetpos
fgetpos
fwrite
fputc

api-ms-win-crt-heap-l1-1-0

malloc
realloc
_recalloc
calloc
free
_callnewh
_set_new_mode

api-ms-win-crt-convert-l1-1-0

_itow_s
wcstol
_wtoi
wcstoul

api-ms-win-crt-math-l1-1-0

asinf
powf
frexp
log10f
atan2f
__setusermatherr

api-ms-win-crt-locale-l1-1-0

___lc_locale_name_func
setlocale
_unlock_locales
_lock_locales
___lc_codepage_func
___mb_cur_max_func
__pctype_func
_configthreadlocale
localeconv

api-ms-win-crt-multibyte-l1-1-0

_mbsstr
_mbschr

shlwapi

PathFileExistsW

api-ms-win-core-rtlsupport-l1-1-0

RtlUnwind
RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlPcToFileHeader

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file

Sections

.text
Size: 645KB - Virtual size: 644KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 371KB - Virtual size: 370KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

246fb6bfc2c85d43c8d7700b3b71fa94

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

61:20:4d:b4:00:00:00:00:00:27Certificate

Key Usages

0b:fc:fa:c0:8e:21:6a:1c:1f:da:a6:b7:7b:b2:d6:6eCertificate

Extended Key Usages

Key Usages

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06Certificate

Extended Key Usages

Key Usages

33:00:00:00:b5:21:3f:ca:1e:4a:a0:3d:e4:00:00:00:00:00:b5Certificate

Extended Key Usages

61:0b:aa:c1:00:00:00:00:00:09Certificate

Key Usages

e7:24:b1:42:60:77:ac:2c:05:e2:8c:87:8c:f3:66:aa:81:c2:c1:19:2f:07:57:62:50:4f:4f:d3:87:b9:52:1bSigner

24:94:15:1e:36:78:3f:cb:45:f3:0c:b5:4f:d5:18:a1:c3:c0:c8:98Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

oleaut32

rpcrt4

api-ms-win-core-com-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-string-obsolete-l1-1-0

api-ms-win-core-file-l1-1-0

api-ms-win-core-timezone-l1-1-0

api-ms-win-core-datetime-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-libraryloader-l1-2-1

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-processthreads-l1-1-1

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-registry-l1-1-0

api-ms-win-core-registry-l2-1-0

api-ms-win-devices-config-l1-1-1

api-ms-win-core-debug-l1-1-0

api-ms-win-core-synch-l1-2-0

ext-ms-win-shell32-shellfolders-l1-1-0

api-ms-win-core-privateprofile-l1-1-0

api-ms-win-core-file-l1-2-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-heap-l2-1-0

api-ms-win-core-heap-obsolete-l1-1-0

api-ms-win-core-kernel32-legacy-l1-1-0

api-ms-win-core-synch-l1-2-1

api-ms-win-security-base-l1-1-0

api-ms-win-core-namedpipe-l1-1-0

api-ms-win-security-sddl-l1-1-0

api-ms-win-core-io-l1-1-0

api-ms-win-security-base-l1-2-2

api-ms-win-security-provider-l1-1-0

api-ms-win-core-registry-l1-1-1

bcrypt

api-ms-win-service-core-l1-1-0

api-ms-win-service-management-l1-1-0

api-ms-win-service-winsvc-l1-1-0

api-ms-win-service-management-l2-1-0

api-ms-win-core-util-l1-1-0

api-ms-win-appmodel-runtime-l1-1-1

api-ms-win-mm-misc-l1-1-0

api-ms-win-core-toolhelp-l1-1-0

api-ms-win-security-lsalookup-l2-1-0

userenv

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

61:20:4d:b4:00:00:00:00:00:27
Certificate

0b:fc:fa:c0:8e:21:6a:1c:1f:da:a6:b7:7b:b2:d6:6e
Certificate

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

33:00:00:00:b5:21:3f:ca:1e:4a:a0:3d:e4:00:00:00:00:00:b5
Certificate

61:0b:aa:c1:00:00:00:00:00:09
Certificate

e7:24:b1:42:60:77:ac:2c:05:e2:8c:87:8c:f3:66:aa:81:c2:c1:19:2f:07:57:62:50:4f:4f:d3:87:b9:52:1b
Signer

24:94:15:1e:36:78:3f:cb:45:f3:0c:b5:4f:d5:18:a1:c3:c0:c8:98
Signer

.text
Size: 645KB - Virtual size: 644KB

.orpc
Size: 512B - Virtual size: 148B

.rdata
Size: 371KB - Virtual size: 370KB

.data
Size: 15KB - Virtual size: 26KB

.pdata
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 139KB - Virtual size: 138KB

.reloc
Size: 7KB - Virtual size: 7KB