DW-Artikel-388791[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

DW-Artikel-388791.zip
Size

1.6MB
MD5

b4220dc1a2d2b4962f614a5603f6868f
SHA1

9cc504974d69a5b21b8804e8ba6338efdd6ee8d0
SHA256

9946f4897ec8cde9c10f16773a09614c9463dc5a13511a119b8eab47685f47bf
SHA512

0b63bd148513d6838fb49e7062e87c7b8b063a451fd49e8966be76f6e4dcd1adb04ab83de39b54a8d212c0242264a542f428853bc9715bafb6f2df2d4dbc2ab1
SSDEEP

49152:hJRb/Yl1hYjsX6Dnypz3B6miZZjYDfGqjEe:h3jfwhx6OKC

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ApplicationFiles/Launcher.exe.deploy
unpack001/ApplicationFiles/MyApplication.dll.deploy

Files

DW-Artikel-388791.zip
.zip

Password: dw
ApplicationFiles/Launcher.exe.deploy
.exe windows:4 windows x86 arch:x86

Password: dw

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

/_/artifacts/obj/Launcher/Release/net45/Launcher.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ApplicationFiles/MyApplication.deps.json.deploy
ApplicationFiles/MyApplication.dll.deploy
.exe windows:4 windows x86 arch:x86

Password: dw

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Dev\Projets\MyApplication\MyApplication\obj\Release\net6.0-windows\MyApplication.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ApplicationFiles/MyApplication.dll.manifest
ApplicationFiles/MyApplication.exe.deploy
.exe windows:5 windows x64 arch:x64

Password: dw

b4d72c560bda1b3e51a451f9388cabd3

Code Sign

33:00:00:01:1c:db:6e:99:b7:b6:73:fa:6f:00:00:00:00:01:1c
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/10/2018, 21:07

Not After

10/01/2020, 21:07

Subject

CN=Microsoft Time-Stamp Service,OU=Microsoft America Operations+OU=Thales TSS ESN:D2CD-E310-4AF1,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:b1:dd:ed:ba:54:e9:65:b8:5f:00:01:00:00:01:b1
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/07/2018, 20:11

Not After

26/07/2019, 20:11

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:03:5e:25:1c:99:1f:a3:1e:b8:00:00:00:00:01:03
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/07/2018, 20:08

Not After

26/07/2019, 20:08

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

24:5d:b4:03:f1:1e:78:c7:a3:c4:d6:f4:de:e0:6e:c4:d2:cb:39:0d:77:fb:a6:a5:8d:46:17:00:31:a7:52:52
Signer

Actual PE Digest

24:5d:b4:03:f1:1e:78:c7:a3:c4:d6:f4:de:e0:6e:c4:d2:cb:39:0d:77:fb:a6:a5:8d:46:17:00:31:a7:52:52

Digest Algorithm

sha256

PE Digest Matches

false

9b:cf:0b:11:5e:64:17:af:49:ba:b6:15:58:a1:d1:42:25:a8:d4:98
Signer

Actual PE Digest

9b:cf:0b:11:5e:64:17:af:49:ba:b6:15:58:a1:d1:42:25:a8:d4:98

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\agent\_work\25\s\x64\Release\CPUSTRES64.pdb

Imports

kernel32

GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
SetFilePointerEx
GetConsoleCP
GetTimeZoneInformation
GetStringTypeW
LCMapStringW
GetACP
FreeEnvironmentStringsW
VirtualQuery
VirtualAlloc
GetSystemInfo
QueryPerformanceFrequency
HeapQueryInformation
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
SetConsoleMode
ReadConsoleInputA
GetConsoleMode
ExitProcess
RtlPcToFileHeader
RtlUnwindEx
OutputDebugStringW
GetEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
ResetEvent
GetTempFileNameW
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
GetFileAttributesW
GetProfileIntW
SearchPathW
GetWindowsDirectoryW
FindResourceExW
GetTempPathW
lstrcmpiW
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
DeleteFileW
GetCurrentDirectoryW
FileTimeToSystemTime
VirtualProtect
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
VerifyVersionInfoW
lstrcpyW
VerSetConditionMask
GlobalGetAtomNameW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetVersionExW
WideCharToMultiByte
MultiByteToWideChar
CompareStringW
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleExW
GetModuleFileNameW
FreeResource
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
OutputDebugStringA
SetLastError
CopyFileW
FormatMessageW
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
TerminateThread
SetEvent
GetThreadIdealProcessorEx
SetThreadIdealProcessor
SetThreadAffinityMask
Sleep
GetTickCount
WaitForSingleObject
ResumeThread
SuspendThread
CloseHandle
CreateThread
CreateEventW
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
HeapFree
GetFileType
GetModuleHandleW
LocalFree
GetProcAddress
LoadLibraryW
LocalAlloc
GetStdHandle
SetPriorityClass
GetPriorityClass
SetProcessAffinityMask
GetCurrentProcessId
GetActiveProcessorCount
GetCurrentThread
GetCommandLineW
FindResourceW
LoadResource
LockResource
SizeofResource
GetProcessAffinityMask
SetThreadPriority
GetThreadPriority
GetCurrentProcess
SetStdHandle

user32

RealChildWindowFromPoint
CopyImage
EnumDisplayMonitors
SetLayeredWindowAttributes
GetAsyncKeyState
ReuseDDElParam
UnpackDDElParam
LoadImageW
DestroyIcon
GetWindowThreadProcessId
IntersectRect
InsertMenuItemW
CreatePopupMenu
TranslateAcceleratorW
LoadAcceleratorsW
ReleaseCapture
BringWindowToTop
ShowOwnedPopups
PostQuitMessage
TranslateMessage
GetMessageW
SystemParametersInfoW
GetMenuItemInfoW
DestroyMenu
GetSystemMetrics
MapVirtualKeyW
GetKeyNameTextW
OffsetRect
SetRectEmpty
SendDlgItemMessageA
ClientToScreen
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
CreateDialogIndirectParamW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
IsWindowEnabled
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
GetWindowLongW
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
TrackMouseEvent
IsZoomed
BeginPaint
SetForegroundWindow
FrameRect
EnableWindow
GetClientRect
SendMessageW
GetWindowRect
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
IsIconic
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
CharUpperW
SetCapture
SetTimer
KillTimer
GetSystemMenu
DeleteMenu
SetWindowRgn
MessageBeep
WindowFromPoint
NotifyWinEvent
GetMenuDefaultItem
SetMenuDefaultItem
IsRectEmpty
UpdateLayeredWindow
EnableScrollBar
GetWindowPlacement
DestroyWindow
UnionRect
MonitorFromPoint
SetParent
SetRect
DrawEdge
DrawFrameControl
DrawFocusRect
MapDialogRect
LoadCursorW
GetCursorPos
ScreenToClient
LoadMenuW
GetSubMenu
UpdateWindow
LoadIconW
SetWindowPos
GetSysColorBrush
GetDlgItem
SetCursor
DialogBoxIndirectParamW
SetWindowTextW
EndDialog
InflateRect
UnregisterClassW
DrawStateW
InvalidateRect
FillRect
GetClassNameW
LoadBitmapW
GetParent
GetMenuStringW
GetMenuState
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
GetMessagePos
CopyIcon
GetMessageTime
PostMessageW
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
IsWindow
IsMenu
IsChild
PostThreadMessageW
WaitMessage
GetNextDlgGroupItem
GetIconInfo
HideCaret
InvertRect
DrawIcon
GetDoubleClickTime
IsCharLowerW
MapVirtualKeyExW
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsClipboardFormatAvailable
GetUpdateRect
SubtractRect
CreateMenu
DestroyCursor
GetComboBoxInfo
GetWindowRgn
ModifyMenuW
CharUpperBuffW
RegisterClipboardFormatW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetClassLongPtrW
LockWindowUpdate
SetCursorPos
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawIconEx

gdi32

CreateRectRgn
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
CreatePatternBrush
GetTextExtentPoint32W
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetTextMetricsW
CombineRgn
SetRectRgn
DPtoLP
CreateRoundRectRgn
CreateDIBSection
GetBkColor
Ellipse
Rectangle
SetPixel
Polygon
CreateEllipticRgn
GetTextColor
CreatePolygonRgn
Polyline
EnumFontFamiliesExW
RealizePalette
StretchBlt
SetDIBColorTable
GetRgnBox
OffsetRgn
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
LPtoDP
RoundRect
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceW
CreateHatchBrush
CreatePen
CreateCompatibleDC
BitBlt
CreateBitmap
SetTextColor
SetBkColor
CreateDCW
CopyMetaFileW
GetObjectW
GetStockObject
DeleteObject
CreateSolidBrush
DeleteDC
StartPage
GetDeviceCaps
SetMapMode
StartDocW
CreateFontIndirectW
EndDoc
EndPage

msimg32

TransparentBlt
AlphaBlend

comdlg32

PrintDlgW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumKeyW
RegOpenKeyW
RegEnumKeyExW
RegEnumValueW
RegDeleteValueW
RegCreateKeyExW
RegQueryValueW
RegQueryValueExW
RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegCreateKeyW

shell32

CommandLineToArgvW
DragQueryFileW
DragFinish
SHBrowseForFolderW
SHAppBarMessage
ShellExecuteW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetFileInfoW

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW
PathIsUNCW
PathRemoveFileSpecW
PathStripToRootW
StrFormatKBSizeW
PathFindExtensionW

uxtheme

GetWindowTheme
GetThemeSysColor
IsAppThemed
DrawThemeParentBackground
DrawThemeText
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
OpenThemeData
CloseThemeData
GetThemePartSize
GetThemeColor
GetCurrentThemeName

ole32

IsAccelerator
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleTranslateAccelerator
OleCreateMenuDescriptor
OleLockRunning
CoInitializeEx
CreateStreamOnHGlobal
DoDragDrop
CoDisconnectObject
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
OleDestroyMenuDescriptor

oleaut32

VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
LoadTypeLi
SysStringLen
SysAllocString
SysFreeString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen

gdiplus

GdipBitmapLockBits
GdipDrawImageI
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 667KB - Virtual size: 666KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 535KB - Virtual size: 535KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ApplicationFiles/MyApplication.runtimeconfig.json.deploy
DW-Artikel-388791.application

Sharing

General

Malware Config

Signatures

Files

Password: dw

Password: dw

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 13KB - Virtual size: 13KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

Password: dw

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 3KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 836B

.reloc Size: 512B - Virtual size: 12B

Password: dw

b4d72c560bda1b3e51a451f9388cabd3

Code Sign

33:00:00:01:1c:db:6e:99:b7:b6:73:fa:6f:00:00:00:00:01:1cCertificate

Extended Key Usages

33:00:00:01:b1:dd:ed:ba:54:e9:65:b8:5f:00:01:00:00:01:b1Certificate

Extended Key Usages

61:33:26:1a:00:00:00:00:00:31Certificate

Key Usages

61:16:68:34:00:00:00:00:00:1cCertificate

Extended Key Usages

Key Usages

33:00:00:01:03:5e:25:1c:99:1f:a3:1e:b8:00:00:00:00:01:03Certificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

24:5d:b4:03:f1:1e:78:c7:a3:c4:d6:f4:de:e0:6e:c4:d2:cb:39:0d:77:fb:a6:a5:8d:46:17:00:31:a7:52:52Signer

9b:cf:0b:11:5e:64:17:af:49:ba:b6:15:58:a1:d1:42:25:a8:d4:98Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 667KB - Virtual size: 666KB

.data Size: 28KB - Virtual size: 57KB

.pdata Size: 83KB - Virtual size: 83KB

.rsrc Size: 160KB - Virtual size: 160KB

.reloc Size: 535KB - Virtual size: 535KB

.text
Size: 13KB - Virtual size: 13KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 836B

.reloc
Size: 512B - Virtual size: 12B

33:00:00:01:1c:db:6e:99:b7:b6:73:fa:6f:00:00:00:00:01:1c
Certificate

33:00:00:01:b1:dd:ed:ba:54:e9:65:b8:5f:00:01:00:00:01:b1
Certificate

61:33:26:1a:00:00:00:00:00:31
Certificate

61:16:68:34:00:00:00:00:00:1c
Certificate

33:00:00:01:03:5e:25:1c:99:1f:a3:1e:b8:00:00:00:00:01:03
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

24:5d:b4:03:f1:1e:78:c7:a3:c4:d6:f4:de:e0:6e:c4:d2:cb:39:0d:77:fb:a6:a5:8d:46:17:00:31:a7:52:52
Signer

9b:cf:0b:11:5e:64:17:af:49:ba:b6:15:58:a1:d1:42:25:a8:d4:98
Signer

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 667KB - Virtual size: 666KB

.data
Size: 28KB - Virtual size: 57KB

.pdata
Size: 83KB - Virtual size: 83KB

.rsrc
Size: 160KB - Virtual size: 160KB

.reloc
Size: 535KB - Virtual size: 535KB