f7f42ff00ddcb34b4bd543ca5e470e39bfb0f90394de4661b372078f1f0408fc

Sharing

Copy URL Twitter E-mail

General

Target

f7f42ff00ddcb34b4bd543ca5e470e39bfb0f90394de4661b372078f1f0408fc
Size

4.1MB
MD5

c32e6b63d01aa15663369c742a6cc464
SHA1

0ca0e9cddd1bd0cf6712061503f5bb86609e4842
SHA256

f7f42ff00ddcb34b4bd543ca5e470e39bfb0f90394de4661b372078f1f0408fc
SHA512

d92afb2689ecf3ffb471731a9b51ab1eef4892ba1e325ef8e0b3db5c2c89cf8cb6357efdccf440a4125a6e9a63abf6c27cbae0ea4163824acaa0b9f017d38953
SSDEEP

98304:jjezfWnQE225WlxBP1FTHPwY7hSzmL26WPm4I4pDyZ:Xe8QEOtFozl6WPm4lFm

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/out.upx

Files

f7f42ff00ddcb34b4bd543ca5e470e39bfb0f90394de4661b372078f1f0408fc
.exe windows:6 windows x64 arch:x64

Code Sign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

71:ad:92:61:da:e4:5d:07:90:9e:1c:c8
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

03/04/2023, 10:36

Not After

28/05/2024, 14:36

Subject

SERIALNUMBER=HE430957,CN=POINT B LTD,O=POINT B LTD,STREET=NICOLAOU PENTADROMOS CENTER\, Floor 10\, Flat/Office 1001A BLOCK B,L=Limassol,ST=Limassol,C=CY,1.3.6.1.4.1.311.60.2.1.3=#13024359,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f5:3d:2e:77:b4:dd:66:79:03:cc:96:d1:92:1b:51:bd:17:e3:f7:28:e6:f6:e0:1c:50:3a:da:f1:56:be:fd:80
Signer

Actual PE Digest

f5:3d:2e:77:b4:dd:66:79:03:cc:96:d1:92:1b:51:bd:17:e3:f7:28:e6:f6:e0:1c:50:3a:da:f1:56:be:fd:80

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 20.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Exports

Exports

?_log_cached_ptr@?3??gdi_CRgnToCRect@@9@9
?_log_cached_ptr@?3??gdi_CRgnToRect@@9@9
?_log_cached_ptr@?3??gdi_RgnToCRect@@9@9
?_log_cached_ptr@?7??gdi_CRgnToCRect@@9@9
AcceptSecurityContext
AcquireCredentialsHandleA
AcquireCredentialsHandleW
ApplyControlToken
Bitmap_Alloc
Bitmap_SetDimensions
Bitmap_SetRectangle
CompleteAuthToken
DecryptMessage
EncryptMessage
EnumerateSecurityPackagesA
EnumerateSecurityPackagesW
ExportSecurityContext
FreeContextBuffer
FreeRDP_InitWtsApi
Glyph_Alloc
ImpersonateSecurityContext
ImportSecurityContextA
ImportSecurityContextW
InitSecurityInterfaceA
InitSecurityInterfaceW
InitializeSecurityContextA
InitializeSecurityContextW
MakeSignature
Pointer_Alloc
QueryContextAttributesA
QueryContextAttributesW
QueryCredentialsAttributesA
QueryCredentialsAttributesW
QuerySecurityContextToken
QuerySecurityPackageInfoA
QuerySecurityPackageInfoW
RevertSecurityContext
SetContextAttributesA
SetContextAttributesW
VerifySignature
WTSChannelGetHandleById
WTSChannelGetHandleByName
WTSChannelGetId
WTSChannelGetIdByHandle
WTSChannelGetName
WTSChannelGetOptions
WTSChannelSetHandleById
WTSChannelSetHandleByName
WTSGetAcceptedChannelNames
WTSIsChannelJoinedById
WTSIsChannelJoinedByName
WTSVirtualChannelManagerCheckFileDescriptor
WTSVirtualChannelManagerGetDrdynvcState
WTSVirtualChannelManagerGetEventHandle
WTSVirtualChannelManagerGetFileDescriptor
WTSVirtualChannelManagerIsChannelJoined
WTSVirtualChannelManagerSetDVCCreationCallback
_ber_sizeof_length
audio_format_compatible
audio_format_compute_time_length
audio_format_copy
audio_format_free
audio_format_get_tag_string
audio_format_new
audio_format_print
audio_format_read
audio_format_write
audio_formats_free
audio_formats_new
audio_formats_print
avc420_compress
avc420_decompress
avc444_compress
avc444_decompress
ber_read_BOOL
ber_read_application_tag
ber_read_bit_string
ber_read_contextual_tag
ber_read_enumerated
ber_read_integer
ber_read_integer_length
ber_read_length
ber_read_octet_string_tag
ber_read_sequence_tag
ber_read_universal_tag
ber_sizeof_contextual_tag
ber_sizeof_integer
ber_sizeof_octet_string
ber_sizeof_sequence
ber_sizeof_sequence_tag
ber_write_BOOL
ber_write_application_tag
ber_write_contextual_tag
ber_write_enumerated
ber_write_integer
ber_write_length
ber_write_octet_string
ber_write_octet_string_tag
ber_write_sequence_tag
ber_write_universal_tag
bitmap_cache_free
bitmap_cache_new
bitmap_cache_register_callbacks
bitmap_interleaved_context_free
bitmap_interleaved_context_new
bitmap_interleaved_context_reset
brush_cache_free
brush_cache_get
brush_cache_new
brush_cache_put
brush_cache_register_callbacks
cache_free
cache_new
certificate_data_free
certificate_data_match
certificate_data_new
certificate_data_print
certificate_data_replace
certificate_get_stored_data
certificate_store_free
certificate_store_new
checkChannelErrorEvent
clearChannelError
clear_compress
clear_context_free
clear_context_new
clear_context_reset
clear_decompress
client_auto_reconnect
client_auto_reconnect_ex
client_cli_authenticate
client_cli_gw_authenticate
client_cli_present_gateway_message
client_cli_verify_certificate
client_cli_verify_certificate_ex
client_cli_verify_changed_certificate
client_cli_verify_changed_certificate_ex
codecs_free
codecs_new
connectErrorCode
crypto_base64_decode
crypto_base64_encode
crypto_cert_dns_names_free
crypto_cert_fingerprint
crypto_cert_fingerprint_by_hash
crypto_cert_free
crypto_cert_get_dns_names
crypto_cert_get_email
crypto_cert_get_public_key
crypto_cert_get_signature_alg
crypto_cert_get_upn
crypto_cert_hash
crypto_cert_issuer
crypto_cert_print_info
crypto_cert_read
crypto_cert_subject
crypto_cert_subject_alt_name
crypto_cert_subject_alt_name_free
crypto_cert_subject_common_name
crypto_get_certificate_data
crypto_reverse
crypto_rsa_private_decrypt
crypto_rsa_private_encrypt
crypto_rsa_public_decrypt
crypto_rsa_public_encrypt
freerdp_abort_connect
freerdp_addin_replace_argument
freerdp_addin_replace_argument_value
freerdp_addin_set_argument
freerdp_addin_set_argument_value
freerdp_assistance_bin_to_hex_string
freerdp_assistance_construct_expert_blob
freerdp_assistance_encrypt_pass_stub
freerdp_assistance_file_free
freerdp_assistance_file_new
freerdp_assistance_generate_pass_stub
freerdp_assistance_get_encrypted_pass_stub
freerdp_assistance_hex_string_to_bin
freerdp_assistance_parse_file
freerdp_assistance_parse_file_buffer
freerdp_assistance_populate_settings_from_assistance_file
freerdp_assistance_print_file
freerdp_assistance_set_connection_string2
freerdp_bitmap_compress
freerdp_bitmap_compress_planar
freerdp_bitmap_planar_context_free
freerdp_bitmap_planar_context_new
freerdp_bitmap_planar_context_reset
freerdp_channel_add_init_handle_data
freerdp_channel_add_open_handle_data
freerdp_channel_get_init_handle_data
freerdp_channel_get_open_handle_data
freerdp_channel_remove_init_handle_data
freerdp_channel_remove_open_handle_data
freerdp_channels_addin_list_free
freerdp_channels_attach
freerdp_channels_check_fds
freerdp_channels_client_find_static_entry
freerdp_channels_client_load
freerdp_channels_client_load_ex
freerdp_channels_data
freerdp_channels_detach
freerdp_channels_get_event_handle
freerdp_channels_get_fds
freerdp_channels_get_id_by_name
freerdp_channels_get_name_by_id
freerdp_channels_get_static_channel_interface
freerdp_channels_list_addins
freerdp_channels_load_plugin
freerdp_channels_load_static_addin_entry
freerdp_channels_process_pending_messages
freerdp_check_event_handles
freerdp_check_fds
freerdp_client_add_device_channel
freerdp_client_add_dynamic_channel
freerdp_client_add_static_channel
freerdp_client_codecs_prepare
freerdp_client_codecs_reset
freerdp_client_context_free
freerdp_client_context_new
freerdp_client_get_instance
freerdp_client_get_thread
freerdp_client_load_addins
freerdp_client_parse_rdp_file
freerdp_client_parse_rdp_file_buffer
freerdp_client_parse_rdp_file_buffer_ex
freerdp_client_parse_rdp_file_ex
freerdp_client_populate_rdp_file_from_settings
freerdp_client_populate_settings_from_rdp_file
freerdp_client_print_buildconfig
freerdp_client_print_command_line_help
freerdp_client_print_command_line_help_ex
freerdp_client_print_version
freerdp_client_rdp_file_free
freerdp_client_rdp_file_get_integer_option
freerdp_client_rdp_file_get_string_option
freerdp_client_rdp_file_new
freerdp_client_rdp_file_new_ex
freerdp_client_rdp_file_set_callback_context
freerdp_client_rdp_file_set_integer_option
freerdp_client_rdp_file_set_string_option
freerdp_client_settings_command_line_status_print
freerdp_client_settings_command_line_status_print_ex
freerdp_client_settings_parse_assistance_file
freerdp_client_settings_parse_command_line
freerdp_client_settings_parse_command_line_arguments
freerdp_client_settings_parse_connection_file
freerdp_client_settings_parse_connection_file_buffer
freerdp_client_settings_write_connection_file
freerdp_client_start
freerdp_client_stop
freerdp_client_write_rdp_file
freerdp_client_write_rdp_file_buffer
freerdp_codepages_free
freerdp_connect
freerdp_context_free
freerdp_context_new
freerdp_device_clone
freerdp_device_collection_add
freerdp_device_collection_find
freerdp_device_collection_find_type
freerdp_device_collection_free
freerdp_disconnect
freerdp_disconnect_before_reconnect
freerdp_display_send_monitor_layout
freerdp_dsp_context_free
freerdp_dsp_context_new
freerdp_dsp_context_reset
freerdp_dsp_decode
freerdp_dsp_encode
freerdp_dsp_supports_format
freerdp_dynamic_channel_clone
freerdp_dynamic_channel_collection_add
freerdp_dynamic_channel_collection_find
freerdp_dynamic_channel_collection_free
freerdp_error_info
freerdp_focus_required
freerdp_free
freerdp_get_build_config
freerdp_get_build_date
freerdp_get_build_revision
freerdp_get_disconnect_ultimatum
freerdp_get_dynamic_addin_install_path
freerdp_get_error_base_category
freerdp_get_error_base_name
freerdp_get_error_base_string
freerdp_get_error_connect_category
freerdp_get_error_connect_name
freerdp_get_error_connect_string
freerdp_get_error_info_category
freerdp_get_error_info_name
freerdp_get_error_info_string
freerdp_get_event_handles
freerdp_get_fds
freerdp_get_last_error
freerdp_get_last_error_category
freerdp_get_last_error_name
freerdp_get_last_error_string
freerdp_get_library_install_path
freerdp_get_logon_error_info_data
freerdp_get_logon_error_info_type
freerdp_get_message_queue
freerdp_get_message_queue_event_handle
freerdp_get_param_bool
freerdp_get_param_int
freerdp_get_param_string
freerdp_get_param_uint32
freerdp_get_param_uint64
freerdp_get_state
freerdp_get_stats
freerdp_get_transport_sent
freerdp_get_version
freerdp_get_version_string
freerdp_glyph_convert
freerdp_heartbeat_send_heartbeat_pdu
freerdp_image_copy
freerdp_image_copy_from_icon_data
freerdp_image_copy_from_monochrome
freerdp_image_copy_from_pointer_data
freerdp_image_fill
freerdp_image_scale
freerdp_input_send_extended_mouse_event
freerdp_input_send_focus_in_event
freerdp_input_send_keyboard_event
freerdp_input_send_keyboard_event_ex
freerdp_input_send_keyboard_pause_event
freerdp_input_send_mouse_event
freerdp_input_send_synchronize_event
freerdp_input_send_unicode_keyboard_event
freerdp_keyboard_get_layout_id_from_name
freerdp_keyboard_get_layout_name_from_id
freerdp_keyboard_get_layouts
freerdp_keyboard_get_matching_codepages
freerdp_keyboard_layouts_free
freerdp_load_channel_addin_entry
freerdp_load_dynamic_addin
freerdp_load_dynamic_channel_addin_entry
freerdp_message_queue_process_message
freerdp_message_queue_process_pending_messages
freerdp_nego_get_routing_token
freerdp_new
freerdp_nla_impersonate
freerdp_nla_revert_to_self
freerdp_parse_hostname
freerdp_parse_username
freerdp_passphrase_read
freerdp_performance_flags_make
freerdp_performance_flags_split
freerdp_planar_switch_bgr
freerdp_rail_support_flags_to_string
freerdp_rdpsnd_get_context
freerdp_reconnect
freerdp_register_addin_provider
freerdp_send_error_info
freerdp_set_connection_type
freerdp_set_error_info
freerdp_set_focus
freerdp_set_gateway_usage_method
freerdp_set_last_error
freerdp_set_last_error_ex
freerdp_set_param_bool
freerdp_set_param_int
freerdp_set_param_string
freerdp_set_param_uint32
freerdp_set_param_uint64
freerdp_settings_clone
freerdp_settings_copy
freerdp_settings_free
freerdp_settings_get_bool
freerdp_settings_get_int16
freerdp_settings_get_int32
freerdp_settings_get_int64
freerdp_settings_get_key_for_name
freerdp_settings_get_name_for_key
freerdp_settings_get_pointer
freerdp_settings_get_string
freerdp_settings_get_type_for_key
freerdp_settings_get_type_for_name
freerdp_settings_get_uint16
freerdp_settings_get_uint32
freerdp_settings_get_uint64
freerdp_settings_new
freerdp_settings_set_bool
freerdp_settings_set_int16
freerdp_settings_set_int32
freerdp_settings_set_int64
freerdp_settings_set_string
freerdp_settings_set_uint16
freerdp_settings_set_uint32
freerdp_settings_set_uint64
freerdp_settings_set_value_for_name
freerdp_shall_disconnect
freerdp_state_string
freerdp_static_channel_clone
freerdp_static_channel_collection_add
freerdp_static_channel_collection_find
freerdp_static_channel_collection_free
freerdp_target_net_addresses_copy
freerdp_target_net_addresses_free
freerdp_update_gateway_usage_method
gdi_BitBlt
gdi_CRectToCRgn
gdi_CRectToRgn
gdi_CRgnToCRect
gdi_CRgnToRect
gdi_CopyOverlap
gdi_CopyRect
gdi_CreateBitmap
gdi_CreateBitmapEx
gdi_CreateCompatibleBitmap
gdi_CreateCompatibleDC
gdi_CreateDC
gdi_CreatePen
gdi_CreateRect
gdi_CreateRectRgn
gdi_DeleteDC
gdi_DeleteObject
gdi_Ellipse
gdi_EqualRgn
gdi_FillRect
gdi_GetDC
gdi_GetPenColor
gdi_GetPixel
gdi_GetPointer
gdi_InvalidateRegion
gdi_PolyPolygon
gdi_Polygon
gdi_PtInRect
gdi_RectToCRgn
gdi_RectToRgn
gdi_Rectangle
gdi_RgnToCRect
gdi_RgnToRect
gdi_SelectObject
gdi_SetPixel
gdi_SetRect
gdi_SetRectRgn
gdi_SetRgn
gdi_decode_color
gdi_free
gdi_get_pixel_format
gdi_init
gdi_init_ex
gdi_resize
gdi_resize_ex
gdi_rop3_code
gdi_rop3_code_string
gdi_rop3_string
gdi_send_suppress_output
getChannelError
getChannelErrorDescription
getChannelErrorEventHandle
glyph_cache_free
glyph_cache_new
glyph_cache_register_callbacks
graphics_free
graphics_new
graphics_register_bitmap
graphics_register_glyph
graphics_register_pointer
h264_context_free
h264_context_new
h264_context_reset
interleaved_compress
interleaved_decompress
license_send_valid_client_error_packet
mappedGeometryRef
mappedGeometryUnref
metrics_free
metrics_new
metrics_write_bytes
mppc_compress
mppc_context_free
mppc_context_new
mppc_context_reset
mppc_decompress
mppc_set_compression_level
ncrush_compress
ncrush_context_free
ncrush_context_new
ncrush_context_reset
ncrush_decompress
nine_grid_cache_free
nine_grid_cache_new
nine_grid_cache_register_callbacks
nsc_compose_message
nsc_context_free
nsc_context_new
nsc_context_reset
nsc_context_set_parameters
nsc_context_set_pixel_format
nsc_decompose_message
nsc_process_message
offscreen_cache_free
offscreen_cache_get
offscreen_cache_new
offscreen_cache_register_callbacks
palette_cache_free
palette_cache_new
palette_cache_register_callbacks

Sections

.text
Size: 8.1MB - Virtual size: 8.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 405KB - Virtual size: 14.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 255KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 389KB - Virtual size: 389KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

71:ad:92:61:da:e4:5d:07:90:9e:1c:c8Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

f5:3d:2e:77:b4:dd:66:79:03:cc:96:d1:92:1b:51:bd:17:e3:f7:28:e6:f6:e0:1c:50:3a:da:f1:56:be:fd:80Signer

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 20.6MB

UPX1 Size: 4.0MB - Virtual size: 4.0MB

.rsrc Size: 17KB - Virtual size: 20KB

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

.text Size: 8.1MB - Virtual size: 8.1MB

.rodata Size: 4KB - Virtual size: 4KB

.rdata Size: 1.5MB - Virtual size: 1.5MB

.data Size: 405KB - Virtual size: 14.3MB

.pdata Size: 255KB - Virtual size: 254KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 389KB - Virtual size: 389KB

.reloc Size: 46KB - Virtual size: 46KB

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

71:ad:92:61:da:e4:5d:07:90:9e:1c:c8
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

f5:3d:2e:77:b4:dd:66:79:03:cc:96:d1:92:1b:51:bd:17:e3:f7:28:e6:f6:e0:1c:50:3a:da:f1:56:be:fd:80
Signer

UPX0
Size: - Virtual size: 20.6MB

UPX1
Size: 4.0MB - Virtual size: 4.0MB

.rsrc
Size: 17KB - Virtual size: 20KB

.text
Size: 8.1MB - Virtual size: 8.1MB

.rodata
Size: 4KB - Virtual size: 4KB

.rdata
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 405KB - Virtual size: 14.3MB

.pdata
Size: 255KB - Virtual size: 254KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 389KB - Virtual size: 389KB

.reloc
Size: 46KB - Virtual size: 46KB