a9894176885622f130ea8c8b6e14f328

Sharing

Copy URL Twitter E-mail

General

Target

a9894176885622f130ea8c8b6e14f328
Size

2.1MB
MD5

a9894176885622f130ea8c8b6e14f328
SHA1

3a97de9c1f654d5865606ec21095279debb60f7e
SHA256

54fede1b8246bb2f890718181c1c06ca468e11324052707105e46d1323a81a46
SHA512

4bf88474ee773a4509cdbd0f703d933d70325373ced54bac7d3d0d82b5e31cd63ad02e508809a82333c0c23c37ebfa2852fe9a8494ca11e739dd7eafe37d4585
SSDEEP

49152:lp4FaT++4dmNJFf6DZWqQftO1lJbE1Eryowe7DbMIThN:uS+jyIdWqQFh0/weznTh

Score

1^/10

Malware Config

Signatures

Files

a9894176885622f130ea8c8b6e14f328
.exe windows:5 windows x86 arch:x86

1bcdc3e37965fbe98dfecda593f37250

Code Sign

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

40:da:13:11:2b:80:d1:d3:7f:f5:a9:fb:49:11:6e:e7
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

04/01/2010, 00:00

Not After

13/01/2012, 23:59

Subject

CN=MetaQuotes Software Corp.,OU=SOFTWARE DEVELOPMENT,O=MetaQuotes Software Corp.,L=Nassau,ST=none,C=BS

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

a7:1a:7d:d7:39:1f:53:ed:22:9e:b7:0f:7f:40:53:48:5b:25:50:ae
Signer

Actual PE Digest

a7:1a:7d:d7:39:1f:53:ed:22:9e:b7:0f:7f:40:53:48:5b:25:50:ae

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

listen
shutdown
WSACreateEvent
WSAEventSelect
WSACloseEvent
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
bind
WSAIoctl
setsockopt
getpeername
ioctlsocket
WSASend
WSARecv
gethostbyname
htons
WSAGetLastError
WSASocketW
closesocket
gethostname
inet_addr
WSAResetEvent
inet_ntoa

kernel32

GetModuleHandleA
GetVersionExA
LoadLibraryA
GlobalFindAtomW
GlobalGetAtomNameW
SetFileTime
GetFileTime
GetTempFileNameW
GetFullPathNameW
GetDiskFreeSpaceW
GetCurrentDirectoryW
GlobalFlags
LocalAlloc
LocalFree
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
MoveFileW
GetStringTypeExW
GetThreadLocale
lstrcmpiW
LockFile
GlobalAddAtomW
GetShortPathNameW
LocalFileTimeToFileTime
GetFileSizeEx
lstrlenA
FindResourceExW
SetErrorMode
GetStartupInfoW
ExitProcess
HeapCompact
UnhandledExceptionFilter
IsDebuggerPresent
ExitThread
CreateThread
HeapAlloc
HeapFree
RtlUnwind
VirtualQuery
HeapReAlloc
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
LCMapStringW
LCMapStringA
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
CreateFileA
lstrlenW
GlobalDeleteAtom
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryExW
CompareStringA
lstrcmpW
CreateProcessW
SetFileAttributesW
OpenMutexW
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
DosDateTimeToFileTime
TerminateProcess
FormatMessageW
MulDiv
FreeResource
EnumResourceNamesW
GetTempPathW
IsValidCodePage
GlobalFree
GlobalAlloc
GlobalUnlock
GlobalLock
SetLastError
GetModuleHandleW
GetDiskFreeSpaceExW
VirtualProtect
ResumeThread
GetThreadContext
SuspendThread
OpenThread
GetCurrentThreadId
CompareStringW
GetFileInformationByHandle
FileTimeToSystemTime
FileTimeToLocalFileTime
MoveFileExW
CopyFileW
FindResourceW
LoadResource
LockResource
SizeofResource
TryEnterCriticalSection
WaitForMultipleObjects
InterlockedDecrement
TerminateThread
SetEndOfFile
InterlockedIncrement
SetEvent
ResetEvent
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
RemoveDirectoryW
GetSystemTimeAsFileTime
QueryPerformanceCounter
FlushFileBuffers
DeleteFileW
GetFileAttributesExW
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
FindClose
FindNextFileW
FindFirstFileW
RaiseException
GetSystemDefaultLCID
GetExitCodeProcess
OpenProcess
CreateMutexW
Sleep
InterlockedCompareExchange
InterlockedExchange
CreateEventW
PostQueuedCompletionStatus
CreateIoCompletionPort
DuplicateHandle
SleepEx
GetExitCodeThread
GetQueuedCompletionStatus
SetPriorityClass
SetUnhandledExceptionFilter
GetLongPathNameW
GetModuleFileNameW
EnterCriticalSection
DeviceIoControl
MultiByteToWideChar
GetSystemDirectoryW
GetVolumeInformationW
GlobalMemoryStatusEx
GetLocalTime
GetVersionExW
LoadLibraryW
GetProcAddress
FreeLibrary
GetSystemInfo
CreateToolhelp32Snapshot
GetCurrentProcessId
Module32FirstW
WideCharToMultiByte
Module32NextW
ReadProcessMemory
GetCurrentThread
GetCurrentProcess
GetFileSize
SetFilePointer
GetLastError
ReadFile
VirtualAlloc
VirtualFree
GetFileAttributesW
CreateDirectoryW
CreateFileW
WriteFile
CloseHandle
WaitForSingleObject
InterlockedExchangeAdd
GetTickCount
UnlockFile
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

ReuseDDElParam
UnpackDDElParam
CharUpperW
PostThreadMessageW
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
UnregisterClassW
LockWindowUpdate
GetMessageTime
TrackPopupMenu
SetMenu
GetScrollPos
GetMenuItemID
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
SetWindowPlacement
CallWindowProcW
GetMenu
IntersectRect
SystemParametersInfoA
GetWindowPlacement
ShowOwnedPopups
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
CreateDialogIndirectParamW
DestroyWindow
GetNextDlgTabItem
EndDialog
SetWindowsHookExW
CallNextHookEx
GetMessageW
ValidateRect
SetPropW
GetPropW
RemovePropW
GetAsyncKeyState
GetWindowTextLengthW
SetFocus
MoveWindow
IsDialogMessageW
SetDlgItemTextW
SetDlgItemInt
SendDlgItemMessageW
GetDlgItemInt
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatW
GetLastActivePopup
IsWindowEnabled
PeekMessageW
PostQuitMessage
WindowFromPoint
InsertMenuW
LoadAcceleratorsW
GetComboBoxInfo
SetRectEmpty
TranslateAcceleratorW
FrameRect
CopyImage
CheckMenuItem
IsZoomed
IsChild
GetDCEx
ClientToScreen
IsRectEmpty
EndDeferWindowPos
BeginDeferWindowPos
LoadMenuW
FillRect
TrackMouseEvent
SetCursor
SetWindowLongW
DestroyCursor
GetSubMenu
ModifyMenuW
GetDlgCtrlID
LoadStringW
GetKeyState
GetFocus
SetClipboardData
EmptyClipboard
LoadCursorW
OemToCharA
CloseClipboard
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
DispatchMessageW
TranslateMessage
ReleaseCapture
GetMessagePos
GetCapture
SetCapture
SetRect
DrawFocusRect
EnableMenuItem
DeleteMenu
SystemParametersInfoW
DrawEdge
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuItemCount
ScreenToClient
GetCursorPos
GetActiveWindow
GetDesktopWindow
GetSysColorBrush
UnregisterHotKey
RegisterHotKey
InflateRect
GetSysColor
LoadImageW
PtInRect
ReleaseDC
GetDC
CharLowerBuffW
CharUpperBuffW
OffsetRect
GetParent
DestroyIcon
LoadIconW
KillTimer
SetTimer
GetWindowLongW
SetWindowPos
InvalidateRect
RedrawWindow
CopyRect
IsWindowVisible
MapWindowPoints
IsWindow
GetDlgItem
EnableWindow
GetWindow
DrawFrameControl
GetClientRect
GetWindowRect
EndMenu
PostMessageW
GetWindowThreadProcessId
SendMessageW
BringWindowToTop
InsertMenuItemW
CreatePopupMenu
SetParent
GetSystemMenu
AppendMenuW
GetMenuStringW
DestroyMenu
SetForegroundWindow
ShowWindow
SendDlgItemMessageA
WinHelpW
GetClassLongW
GetForegroundWindow
GetTopWindow
DefWindowProcW
UnhookWindowsHookEx
IsIconic
SendMessageTimeoutW
GetWindowTextW
GetClassNameW
UpdateWindow
EnumWindows
RegisterWindowMessageW
GetSystemMetrics
MessageBoxW
SetWindowTextW
SetActiveWindow

gdi32

PtVisible
RectVisible
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreateBitmap
GetWindowExtEx
RestoreDC
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
GetCharWidthW
StretchDIBits
GetRgnBox
SaveDC
ExcludeClipRect
CreatePatternBrush
GetPixel
PatBlt
EnumFontFamiliesW
CreateFontW
SelectClipRgn
GetViewportExtEx
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetBkColor
GetBkColor
GetStockObject
SelectObject
DeleteObject
EnumFontFamiliesExW
CreateRectRgnIndirect
GetTextColor
CreateEllipticRgnIndirect
SetWorldTransform
GetWorldTransform
SetGraphicsMode
GetViewportOrgEx
Arc
PaintRgn
CreatePolygonRgn
GetObjectW
BitBlt
CreateCompatibleDC
Ellipse
CreateSolidBrush
TextOutW
TextOutA
GetTextExtentPoint32A
Rectangle
Polygon
GetTextExtentPoint32W
GetDeviceCaps
SelectPalette
CreateFontIndirectW
GetClipRgn
CreateRectRgn
CreateBrushIndirect
ExtCreatePen
RealizePalette
CreatePalette
CreatePen
GetTextMetricsW
CreateCompatibleBitmap
SetBkMode

msimg32

AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

CryptEncrypt
RegCreateKeyW
RegSetValueW
SetFileSecurityW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
StartServiceW
ControlService
QueryServiceStatusEx
QueryServiceConfig2W
DeleteService
CreateServiceW
ChangeServiceConfig2W
CryptDecrypt
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
RegCloseKey
CryptImportKey
CryptAcquireContextW
CryptDestroyKey
CryptReleaseContext
OpenProcessToken
GetTokenInformation
GetFileSecurityW
GetSecurityDescriptorDacl
GetAclInformation
GetAce
EqualSid
QueryServiceStatus
CloseServiceHandle
QueryServiceConfigW
OpenServiceW
EnumServicesStatusW
OpenSCManagerW
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerW
SetServiceStatus
RegOpenKeyExW
RegQueryValueExW

shell32

ShellExecuteExW
ShellExecuteW
DragFinish
DragQueryFileW
SHGetFileInfoW
ExtractIconW
SHGetFolderPathW

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW
PathStripToRootW
PathIsURLW
PathIsUNCW

oledlg

OleUIBusyW

ole32

OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoGetClassObject
CoTaskMemAlloc
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoUninitialize
CLSIDFromString
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CLSIDFromProgID

oleaut32

SysStringLen
SysAllocString
SafeArrayDestroy
OleCreateFontIndirect
VariantInit
VariantChangeType
VariantClear
VariantCopy
SysAllocStringLen
SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime

wsock32

WSASetLastError
WSAStartup
WSACleanup

dbghelp

SymGetModuleBase64
StackWalk64
SymLoadModule64
SymInitialize
SymSetOptions
SymFunctionTableAccess64
SymGetOptions

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Exports

Exports

�42Fs�4�%�W +H��GCe��Q�� U�oj!SGNL?��ր��T@h��P��bKgl� h�� p�+[ �E�Qbf�cH��l�f�z��o�@��<�g��I��J��i0s$L�)yx�r��V��u��\��Vm�@V�M��.|�o�̖oR �Mό��g�KH64��_��"3JT�Ă+ �է�o䬔�}�+mߧ�ڛ_�֐��W"�M��Ӟ�� ^�)c�vRۺ��f�@��1��;��>A+Ȱ4eK��Ok�zx�j[�O�#�,��]��-f��a�dlS��WY��ECBϪĈ_o�ȷ��%h�y/"��~#SB��č�C� 2��u>��$T�9�_E��7g.1�->��|�S�ñ��i'�U9޵�-�+��,/��>^��C`�be�:�~4�䐁UU��,Z�ֱ6/��ݬ��_��ѢƼ��@� � �S��6�x��T ��L��C��H�3�n�T��a�̤;�v�h��C�{��5��W{z�*S�]g�zy��p�In�3X5�Vw? ��unOQFI��Sh��L'zd\��M�x� w�y�l�1��_��x�i�� d^.�麁Կ<��a�LšhJ�J�%�%*��3�Ѫ�i�Ib�2_ކ�C�$L��=�(�o�R�b��*��=��8�?�zɇg]��7=��EP��t�~׀B�x�RS��ͪ�֗�,��7�t4-|�O��?��I��T��4R��>o�V(��چ�7�+;�ܻ�Z� ��t�FUK�ɦ�Ė u��J�~w��q\)Y-Y�E�r�ϐ�)�V��,� e�>�z��<[�*>�-^��>6��W��C4��٥ʤ�D��^�Σ;�#�B� �e�$`�BeKh�}˄��C��r��9�$��/GF��u��/Cy}y�-_�k��~e�4ur:�ef�A >�y��x�FV×W�O��s��4��%�>t��ƣi��L݉1Y�F���'�a�!+V�� #ଵ��8+ib�K�� Z��:��14��k��\�xib��;�G/�G�Q�8b��8Kj�� XX��pQ<��r�5�? ��2G�G��otk��al�u;��U��Ǘ�� Y�`�_a��v|��8xN��<�b��z�Z�ѡ@Ӗ��53�au��H� ��:x��E��}��.��Q�n]�qHdH�Z<��:� mJ^�,eqA�1�p��)�V��P�^Lgb��{��y��:�h�ߎa�_�q!;\��s�wo��~آ��@�� n��A��P8�E~�J��|�T3�»z0�J��i#��mâ��6��_=}��[V�ָ'jA�m�/��IH�x�M�v��y�K��$8tT�6^|��0!�v`T{��@]��*��e�U��x:i�U��J@��Q��~�^�k��Z^��l��I��p��F��e6�O��1.5�%�$4h��f��U� �B#TO/��b�ȧ�\�[M��!��? �D�� ^cƌT�V�m�� *b}�RY#b[��O�7��N �sl`@%/E��13v�/١;Z�e;�8�p7��_ �ɨ��A#ӵ]N�4� %mx�e�}��y�a��8Q��V�� ɓRm�|R�x��WDX�(�P��=߽ZP="@�&�Ka��r|_��YQ��oU>��P{ئ�bv��ջ�?��<i��!#�f�]�K��"��{��C��O;�)��8X��Ҥ��88��]�3�eT�K�}Iلo��aJ� �Ⱦ��a��:'��R��,ʎ,v�G� ��@��o��M]��֔6� ��vF��O�� u��8�+Ԥ*Қ��/��|��5 %�T�8�|��n;�SH~��57��b��n�D�4}��Y��I�k�!Ð��K��b��r��<��j퇒e3wt��q`J��wj5��և�-�dt�F�[# |��<V�TA�V�y��}��J�DW;�� DѼ�D�Am��}��w"��Ԗ/׉\�[H(��%�/m�m®�B&��M��5��]�s�hE�,��'H��K+�7 ��X9��f�i�`��Y��1(Ĵc�+&�x�eB�Y=8GEL�$&��@F�Ӛdƴz��:L��ٖ�=C��^D��d�]� TL��x��p��f'��*gw��-��X|�RB��&�$�^�K��r�#��X5��7_S��h3��<�͇1�?h�$x[��ӏ��%��*��͙,˺@��-([4r��"�/�M��; �$P<�G��!��Q�;��?�� ɟ ��_��h�l�M#o�Tv;lJ��HG[�ʆ4�x��u7��\y}�^-*��YM�f��|o��C'��w�ӎ@��q6r�u��W��4h��0N�(��K��iqCL��mA��2�H��|��9��h-�#�h��>�Z��'{{K�0#)9��N�<��1dӛ �C�u��h8��> �V�E�⏒3V��S�� b��_��3EJŒSU��m��k��2g)�Kl�E�b = �̕�{rj�}X�f&��KJ��!��ɓ7�*3��.�"7W��j8\{��Oz.M\�B�泒v��-�{��g�/�rkh�>��!��!�'�:>��+42\ >�Bd�s|�Y }��{f駍��HG�� CM.P破��4@ �Kb�k��p��'pE-��d�k)Qˡ��@��w�#{�5��O�ǰ��])7u��H��h��V��aF��㥲�4�;��U��L�f�qꙎ��!Փ��5-�.�k>T��7�O��B��m��FȌ��ߟNyn��&�

Sections

.text
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 813KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cod0
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cod1
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 533KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1bcdc3e37965fbe98dfecda593f37250

Code Sign

0aCertificate

Extended Key Usages

Key Usages

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

40:da:13:11:2b:80:d1:d3:7f:f5:a9:fb:49:11:6e:e7Certificate

Extended Key Usages

a7:1a:7d:d7:39:1f:53:ed:22:9e:b7:0f:7f:40:53:48:5b:25:50:aeSigner

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wsock32

dbghelp

version

Exports

Exports

Sections

.text Size: - Virtual size: 1.6MB

.rdata Size: - Virtual size: 303KB

.data Size: - Virtual size: 813KB

.cod0 Size: - Virtual size: 1.1MB

.tls Size: 512B - Virtual size: 24B

.cod1 Size: 2.0MB - Virtual size: 2.0MB

.rsrc Size: 57KB - Virtual size: 533KB

0a
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

40:da:13:11:2b:80:d1:d3:7f:f5:a9:fb:49:11:6e:e7
Certificate

a7:1a:7d:d7:39:1f:53:ed:22:9e:b7:0f:7f:40:53:48:5b:25:50:ae
Signer

.text
Size: - Virtual size: 1.6MB

.rdata
Size: - Virtual size: 303KB

.data
Size: - Virtual size: 813KB

.cod0
Size: - Virtual size: 1.1MB

.tls
Size: 512B - Virtual size: 24B

.cod1
Size: 2.0MB - Virtual size: 2.0MB

.rsrc
Size: 57KB - Virtual size: 533KB