ba72056c779401a51188e55d4049fbd0

Sharing

Copy URL Twitter E-mail

General

Target

ba72056c779401a51188e55d4049fbd0
Size

151KB
MD5

ba72056c779401a51188e55d4049fbd0
SHA1

4a5650d5d0a977fb61641db6a8d8de9801ba12e1
SHA256

cbcb45634c6f77a72bb7bc4f119f91469dce2258520fb2c9262161ed7d2b8676
SHA512

1298b9ddfc9cdb914c5ea5c7f2d165de63afaa438daa4ad11a96258aa3d845cee7fe0a44a44086c4f6d1c9ba25492555425c539fd1e3b5bd2542fd337b204c3d
SSDEEP

3072:tDLTTfAhemrPtqrorXMpUVbC8LmtNUvDg7A+YeCiqvIw/bvhuv9zKl:tDLTTA8mkrorXMpKNLmtNU7h+YXFvDhX

Score

1^/10

Malware Config

Signatures

Files

ba72056c779401a51188e55d4049fbd0
.dll windows:6 windows x64 arch:x64

f7c274ca57c00570377f087b5b60239a

Code Sign

0b:28:bf:ca:82:14:e3:73:a1:20:a4:16:94:bd:08:d1
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

12/09/2017, 00:00

Not After

04/09/2019, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Illustrator\, InDesign\, InCopy\, Muse,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

74:67:47:09:69:22:fd:27:69:d9:5e:90:bd:60:fe:4c:1d:38:eb:b6:7b:ea:ee:ab:9c:58:13:df:0d:e3:62:a4
Signer

Actual PE Digest

74:67:47:09:69:22:fd:27:69:d9:5e:90:bd:60:fe:4c:1d:38:eb:b6:7b:ea:ee:ab:9c:58:13:df:0d:e3:62:a4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Development\siriusr14\build\win\releasex64\Required\Workgroup Client.pdb

Imports

pmruntime

??3@YAXPEAX_K@Z
??2@YAPEAX_K@Z

public

??0IDFile@@QEAA@XZ
??0IDFile@@QEAA@AEBV0@@Z
??1IDFile@@UEAA@XZ
??4IDFile@@QEAAAEAV0@AEBV0@@Z
?SetTString@IDFile@@QEAAXPEB_W@Z
?GetExecutionContextSession@@YAPEAVISession@@XZ
??0ResourceFileInfo@WBaseResourceAccess@@QEAA@XZ
??1ResourceFileInfo@WBaseResourceAccess@@QEAA@XZ
??0WBaseResourceAccess@@QEAA@PEAVResourceFileInfo@0@@Z
??1WBaseResourceAccess@@UEAA@XZ
?GetResourceFile@WBaseResourceAccess@@UEAAPEBVIDFile@@XZ
?DoNotify@Command@@MEAAXXZ
?GetDataBase@@YAPEAVIDataBase@@PEBVIPMUnknown@@@Z
?SetTarget@Command@@IEAAXW4PredefinedTarget@1@@Z
??0PMString@@QEAA@AEBV0@@Z
??1PMString@@QEAA@XZ
??4PMString@@QEAAAEAV0@AEBV0@@Z
?SetTranslatable@PMString@@QEAAAEAV1@F@Z
?IsEmpty@PMString@@QEBAFXZ
?kNullString@@3VPMString@@B
?Clear@PMString@@QEAAXXZ
??0CServiceProvider@@QEAA@PEAVIPMUnknown@@@Z
??1CServiceProvider@@UEAA@XZ
?AddRef@CServiceProvider@@UEBAXXZ
?GetServiceIDs@CServiceProvider@@UEAAXAEAV?$K2Vector@V?$IDType@UServiceID_tag@@@@V?$K2Allocator@V?$IDType@UServiceID_tag@@@@@@@@@Z
?HasMultipleIDs@CServiceProvider@@UEBAFXZ
?QueryInterface@CServiceProvider@@UEBAPEAVIPMUnknown@@V?$IDType@UPMIID_tag@@@@@Z
?Release@CServiceProvider@@UEBAXXZ
??8WideString@@QEBAFAEBV0@@Z
??8IDFile@@QEBA_NAEBV0@@Z
?GetObjectModelInstance@@YAPEAVIObjectModel@@XZ
?CreateObject@@YAPEAVIPMUnknown@@V?$IDType@UClassID_tag@@@@V?$IDType@UPMIID_tag@@@@PEBVIObjectModel@@@Z
?GetComponent@URI@@QEBA?AVWideString@@W4Component@1@@Z
??0PMString@@QEAA@XZ
??0PMString@@QEAA@PEBDW4TranslateDuringCall@0@@Z
??0PMString@@QEAA@$$QEAV0@@Z
??8PMString@@QEBAFAEBV0@@Z
??9PMString@@QEBAFAEBV0@@Z
?PMSetGlobalErrorCode@ErrorUtils@@SAXJPEBVPMString@@PEAVIPMUnknown@@0@Z
?GetCurrentFileMimeType@FileTypeRegistry@@SA?AVPMString@@V?$IDType@UFileTypeInfoID_tag@@@@@Z
?GetFileTypeInfoIDForFile@FileTypeRegistry@@SA?AV?$IDType@UFileTypeInfoID_tag@@@@AEBVIDFile@@@Z
?GetUIDRef@@YA?AVUIDRef@@PEBVIPMUnknown@@@Z
??0CDatabaseObserver@@QEAA@XZ
?AttachedTo@CDatabaseObserver@@UEAAXPEAVIDataBase@@@Z
?BeginTransaction@CDatabaseObserver@@UEAAXPEAVIDataBase@@@Z
?DeleteUID@CDatabaseObserver@@UEAAXPEAVIDataBase@@V?$IDType@UUID_tag@@@@V?$IDType@UClassID_tag@@@@@Z
?DestroyDeletedUID@CDatabaseObserver@@UEAAXPEAVIDataBase@@V?$IDType@UUID_tag@@@@@Z
?EndTransaction@CDatabaseObserver@@UEAAXPEAVIDataBase@@@Z
?NewUID@CDatabaseObserver@@UEAAXPEAVIDataBase@@V?$IDType@UUID_tag@@@@V?$IDType@UClassID_tag@@@@@Z
?SetDirty@CDatabaseObserver@@UEAAXPEAVIDataBase@@V?$IDType@UUID_tag@@@@V?$IDType@UClassID_tag@@@@V?$IDType@UImplementationID_tag@@@@F@Z
?UndeleteUID@CDatabaseObserver@@UEAAXPEAVIDataBase@@V?$IDType@UUID_tag@@@@V?$IDType@UClassID_tag@@@@@Z
??9IDFile@@QEBA_NAEBV0@@Z
?push_back@?$K2VectorBase@VWideString@@V?$K2Allocator@VWideString@@@@@K2Internals@@QEAAXAEBVWideString@@@Z
?clear@?$K2VectorBase@VWideString@@V?$K2Allocator@VWideString@@@@@K2Internals@@QEAAXXZ
?clear@UnicodeSavvyString@@QEAAXXZ
?CopyFrom@UnicodeSavvyString@@IEAAXAEBV1@@Z
??0WideString@@QEAA@XZ
??0WideString@@QEAA@PEBGJJ@Z
??0WideString@@QEAA@AEBV0@@Z
??0FileTypeInfo@@QEAA@XZ
??0FileTypeInfo@@QEAA@AEBV0@@Z
??1FileTypeInfo@@QEAA@XZ
?Copy@FileTypeInfo@@AEAAXAEBV1@@Z
??0FileLinkResourceHandler@@QEAA@PEAVIPMUnknown@@@Z
??1FileLinkResourceHandler@@UEAA@XZ
?GetResourceDataType@FileLinkResourceHandler@@UEBA?AVFileTypeInfo@@AEBVUIDRef@@AEBVURI@@@Z
?GetShortResourceName@FileLinkResourceHandler@@UEBA?AVWideString@@AEBVUIDRef@@AEBVURI@@_N@Z
?GetLongResourceName@FileLinkResourceHandler@@UEBA?AVWideString@@AEBVUIDRef@@AEBVURI@@_N@Z
?EditResource@FileLinkResourceHandler@@UEBAJAEBVUIDRef@@AEBVURI@@AEBVAppInfo@@PEAVPMString@@@Z
?CreateFileStreamReadLazy@StreamUtil@@SAPEAVIPMStream@@AEBVIDFile@@KKK@Z
?CreateFileStreamWriteLazy@StreamUtil@@SAPEAVIPMStream@@AEBVIDFile@@KKK@Z
??0URI@@QEAA@AEBV0@@Z
?SetComponent@URI@@QEAAXW4Component@1@AEBVWideString@@@Z
?AddRef@?$CPMUnknown@VILinkResourceHandler@@@@UEBAXXZ
?CanCacheResource@FileLinkResourceHandler@@UEBA_NAEBVUIDRef@@AEBVURI@@@Z
?CanCopyToFile@FileLinkResourceHandler@@UEBA_NAEBVUIDRef@@AEBVURI@@@Z
?CanRevealResource@FileLinkResourceHandler@@UEBA_NAEBVUIDRef@@AEBVURI@@@Z
?SetUpTarget@Command@@MEAAXXZ
?CanRevealResourceInCloudLibraries@FileLinkResourceHandler@@UEBA_NAEBVUIDRef@@AEBVURI@@@Z
?CanUnembedResource@FileLinkResourceHandler@@UEBA_NAEBVUIDRef@@AEBVURI@@@Z
?CopyToFile@FileLinkResourceHandler@@UEBAJAEBVUIDRef@@AEBVURI@@AEAVIDFile@@@Z
?CreateResourceReadWriteStream@FileLinkResourceHandler@@UEBAPEAVIPMStream@@AEBVUIDRef@@AEBVURI@@@Z
?GetResourceStateInfo@FileLinkResourceHandler@@UEBA?AVPMString@@AEBVUIDRef@@AEBVURI@@W4ResourceState@ILinkResource@@W4ResourceStoreState@6@@Z
?QueryInterface@?$CPMUnknown@VILinkResourceHandler@@@@UEBAPEAVIPMUnknown@@V?$IDType@UPMIID_tag@@@@@Z
?Release@?$CPMUnknown@VILinkResourceHandler@@@@UEBAXXZ
?RevealResource@FileLinkResourceHandler@@UEBAJAEBVUIDRef@@AEBVURI@@@Z
?RevealResourceInBridge@FileLinkResourceHandler@@UEBAJAEBVUIDRef@@AEBVURI@@@Z
?RevealResourceInCloudLibraries@FileLinkResourceHandler@@UEBAJAEBVUIDRef@@AEBVURI@@@Z
?CreateCommand@CmdUtils@@SAPEAVICommand@@V?$IDType@UClassID_tag@@@@@Z
?ScheduleCommand@CmdUtils@@SAJPEAVICommand@@W4Priority@2@@Z
??0UIDList@@QEAA@AEBVUIDRef@@@Z
??1UIDList@@QEAA@XZ
??0PMString@@QEAA@AEBVWideString@@@Z
?AsNumber@PMString@@QEAAXJ@Z
?GetAsNumber@PMString@@QEBAJPEAW4ConversionError@1@PEAJ@Z
??0WideString@@QEAA@AEBVPMString@@@Z
??0IDFile@@QEAA@AEBVWideString@@@Z
?ProcessCommand@CmdUtils@@SAJPEAVICommand@@@Z
?BeginAutoUndoSequence@CmdUtils@@SAPEAVIAutoUndoSequence@@PEAVIDataBase@@@Z
?EndAutoUndoSequence@CmdUtils@@SAJPEAVIAutoUndoSequence@@@Z
??0URI@@QEAA@XZ
??4URI@@QEAAAEAV0@AEBV0@@Z
??0IDTime@@QEAA@_K@Z
??1IDTime@@UEAA@XZ
??4IDTime@@QEAAAEAV0@AEBV0@@Z
??8IDTime@@QEBA_NAEBV0@@Z
??0LinkQuery@@QEAA@XZ
??1LinkQuery@@UEAA@XZ
?SetResource@LinkQuery@@QEAAXV?$IDType@UUID_tag@@@@@Z
??4PMString@@QEAAAEAV0@$$QEAV0@@Z
?Translate@PMString@@QEAAFXZ
??0PMString@@QEAA@PEBDW4StringEncoding@0@@Z
?GetShowAlerts@CAlert@@SAFXZ
??0WFileUtility@@QEAA@AEBVIDFile@@@Z
??1WFileUtility@@UEAA@XZ
?GetFileName@WFileUtility@@UEAAXPEAVPMString@@@Z
??0ScriptData@@QEAA@XZ
??1ScriptData@@UEAA@XZ
?GetPMString@ScriptData@@QEBAJAEAVPMString@@@Z
??0CScriptProvider@@IEAA@PEAVIPMUnknown@@@Z
??1CScriptProvider@@MEAA@XZ
?HandleMethod@CScriptProvider@@MEAAJV?$IDType@UScriptID_tag@@@@PEAVIScriptRequestData@@PEAVIScript@@@Z
?AccessParent@CScriptProvider@@MEAAJV?$IDType@UScriptID_tag@@@@PEAVIScriptRequestData@@PEAVIScript@@@Z
?AccessProperties@CScriptProvider@@MEAAXPEAVIScriptRequestData@@PEAVIScript@@@Z
?AccessProperty@CScriptProvider@@MEAAJV?$IDType@UScriptID_tag@@@@PEAVIScriptRequestData@@PEAVIScript@@@Z
?AccessPropertyOnObjects@CScriptProvider@@MEAAXV?$IDType@UScriptID_tag@@@@PEAVIScriptRequestData@@AEBV?$vector@V?$InterfacePtr@VIScript@@@@V?$capture_allocator@V?$InterfacePtr@VIScript@@@@@version_1@adobe@@@version_1@adobe@@@Z
?AddRef@?$CPMUnknown@VIScriptProvider@@@@UEBAXXZ
?GetObjectW@CScriptProvider@@MEAAXPEAVIScriptRequestData@@PEAVIScript@@@Z
?HandleMethodOnObjects@CScriptProvider@@MEAAXV?$IDType@UScriptID_tag@@@@PEAVIScriptRequestData@@AEBV?$vector@V?$InterfacePtr@VIScript@@@@V?$capture_allocator@V?$InterfacePtr@VIScript@@@@@version_1@adobe@@@version_1@adobe@@@Z
?PostAccessProperties@CScriptProvider@@MEAAJPEAVIScriptRequestData@@PEAVIScript@@@Z
?PostAccessProperty@CScriptProvider@@MEAAJV?$IDType@UScriptID_tag@@@@PEAVIScriptRequestData@@PEAVIScript@@@Z
?PreAccessProperties@CScriptProvider@@MEAAJPEAVIScriptRequestData@@PEAVIScript@@@Z
?PreAccessProperty@CScriptProvider@@MEAAJV?$IDType@UScriptID_tag@@@@PEAVIScriptRequestData@@PEAVIScript@@@Z
?QueryInterface@?$CPMUnknown@VIScriptProvider@@@@UEBAPEAVIPMUnknown@@V?$IDType@UPMIID_tag@@@@@Z
?Release@?$CPMUnknown@VIScriptProvider@@@@UEBAXXZ
?push_back@?$K2VectorBase@V?$IDType@UServiceID_tag@@@@V?$K2Allocator@V?$IDType@UServiceID_tag@@@@@@@K2Internals@@QEAAXAEBV?$IDType@UServiceID_tag@@@@@Z
?SetName@Command@@UEAAXAEBVPMString@@@Z
?SetItemList@Command@@UEAAXAEBVUIDList@@@Z
?SetCreatorID@Command@@UEAAXJ@Z
?SetCommandState@Command@@MEAAXW4CommandState@ICommand@@@Z
?SetActive@Command@@UEAAXF@Z
?Release@Command@@UEBAXXZ
?QueryInterface@Command@@UEBAPEAVIPMUnknown@@V?$IDType@UPMIID_tag@@@@@Z
?PreVerify@Command@@MEAAXW4CommandState@ICommand@@@Z
?PostVerify@Command@@MEAAXW4CommandState@ICommand@@@Z
?LowMemIsOK@Command@@UEBAFXZ
?LWDoImmediate@Command@@UEAAXXZ
?IsNameRequired@Command@@UEBAFXZ
?IsLWProcessed@Command@@UEBAEXZ
?IsDone@Command@@UEBAFXZ
?IsActive@Command@@UEBAFXZ
?GetUndoability@Command@@UEBA?AW4Undoability@ICommand@@XZ
?GetTarget@Command@@UEBAAEBVUIDRef@@XZ
?GetName@Command@@UEBAXPEAVPMString@@@Z
??0WideString@@QEAA@PEBDJ@Z
??1WideString@@QEAA@XZ
?QueryUtils@UtilsBoss@@SAPEAVIPMUnknown@@AEBV?$IDType@UPMIID_tag@@@@@Z
?GetItemListReference@Command@@UEBAAEBVUIDList@@XZ
?GetItemList@Command@@UEBAPEBVUIDList@@XZ
?GetCreatorID@Command@@UEBAJXZ
?GetCommandState@Command@@UEBA?AW4CommandState@ICommand@@XZ
?DoImmediate@Command@@UEAAXF@Z
?GetRef@UIDList@@QEBA?AVUIDRef@@J@Z
??0Command@@QEAA@PEAVIPMUnknown@@@Z
??1Command@@UEAA@XZ
?SetUndoability@Command@@UEAAXW4Undoability@ICommand@@@Z
??1URI@@UEAA@XZ
?AddRef@Command@@UEBAXXZ
?CanJoin@Command@@UEBAFPEBVICommand@@@Z
?CreateName@Command@@MEAAPEAVPMString@@XZ
?DoDynamic@Command@@UEAAXXZ
?CanRevealResourceInBridge@FileLinkResourceHandler@@UEBA_NAEBVUIDRef@@AEBVURI@@@Z

afl

??1APath@afl@adobe@@UEAA@XZ
?IsEmpty@APath@afl@adobe@@QEBA_NXZ
?UTF16Count@AString@afl@adobe@@QEBAKXZ
?IsEmpty@AString@afl@adobe@@QEBA_NXZ
?GrabWString@AString@afl@adobe@@QEBAPEBGXZ
?GetPath@AFile@afl@adobe@@QEBA?AVAString@23@_N@Z
?GetNameStr@AFile@afl@adobe@@QEBA?AVAString@23@XZ
?CanOpen@AFile@afl@adobe@@QEBA_NW4AccessMode@123@W4ShareMode@123@@Z
?GetAttribute@AFile@afl@adobe@@QEBA_NW4BoolAttribute@123@@Z
?GetAttribute@AFile@afl@adobe@@QEBA_KW4TimeAttribute@123@@Z
?IsRelative@APath@afl@adobe@@QEBA_NXZ
?GetAttributes@AFile@afl@adobe@@QEBA_NAEAUBoolAttributes@123@_N1@Z
??1AString@afl@adobe@@UEAA@XZ
?Exists@AFile@afl@adobe@@QEBA_NXZ
?HasPath@AFile@afl@adobe@@QEBA_NXZ
?GetPath@AFile@afl@adobe@@QEBA?AVAPath@23@XZ
?CharCount@AString@afl@adobe@@QEBAKXZ

boost_system

?system_category@system@boost@@YAAEBVerror_category@12@XZ
?generic_category@system@boost@@YAAEBVerror_category@12@XZ

kernel32

GetModuleFileNameW
RtlVirtualUnwind
RtlLookupFunctionEntry
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
RtlCaptureContext
InitializeSListHead

msvcp140

?_Xlength_error@std@@YAXPEBD@Z
??0id@locale@std@@QEAA@_K@Z

vcruntime140

__std_terminate
__CxxFrameHandler3
_purecall
_CxxThrowException
memmove
__C_specific_handler
memset
__std_type_info_destroy_list

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_initterm
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn

Exports

Exports

GetPlugIn

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7c274ca57c00570377f087b5b60239a

Code Sign

0b:28:bf:ca:82:14:e3:73:a1:20:a4:16:94:bd:08:d1Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

74:67:47:09:69:22:fd:27:69:d9:5e:90:bd:60:fe:4c:1d:38:eb:b6:7b:ea:ee:ab:9c:58:13:df:0d:e3:62:a4Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

pmruntime

public

afl

boost_system

kernel32

msvcp140

vcruntime140

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 74KB - Virtual size: 73KB

.rdata Size: 57KB - Virtual size: 57KB

.data Size: 4KB - Virtual size: 8KB

.pdata Size: 4KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

0b:28:bf:ca:82:14:e3:73:a1:20:a4:16:94:bd:08:d1
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

74:67:47:09:69:22:fd:27:69:d9:5e:90:bd:60:fe:4c:1d:38:eb:b6:7b:ea:ee:ab:9c:58:13:df:0d:e3:62:a4
Signer

.text
Size: 74KB - Virtual size: 73KB

.rdata
Size: 57KB - Virtual size: 57KB

.data
Size: 4KB - Virtual size: 8KB

.pdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB