beb64b13a4d002da6dbda249ada69271b17e2265098b7633a3a0caab6b3ed3f9

Sharing

Copy URL Twitter E-mail

General

Target

beb64b13a4d002da6dbda249ada69271b17e2265098b7633a3a0caab6b3ed3f9
Size

26.9MB
MD5

f2bdfb8163fafa1a4f147520d91645a1
SHA1

d6677e8a16c67d39c04ebb2ef36fb93e55ae2746
SHA256

beb64b13a4d002da6dbda249ada69271b17e2265098b7633a3a0caab6b3ed3f9
SHA512

4aa9502ed281bd87db0dfe9717aea5935309ff95c4e5801c2ff1a794a21b81d5bf39fc008c0922e5cbec8ed8e10abf7166f8acff5797e42caed130cefc22ac56
SSDEEP

393216:OuHo7kmdA93ePNYuxPlIN1o5ihAbJsv6tWKFdu9C1O9URSggLVHJh6QCQcDdtunq:I7kmS93eWuTSj5CQchRYM

Score

1^/10

Malware Config

Signatures

Files

beb64b13a4d002da6dbda249ada69271b17e2265098b7633a3a0caab6b3ed3f9
.exe windows:5 windows x86 arch:x86

ddb01dc28139d344207daee568c4554e

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

18:39:af:85:74:aa:0e:80:c3:71:d9:80:34:61:dd:7b
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

13/01/2022, 00:00

Not After

12/01/2025, 23:59

Subject

CN=ADLICE,O=ADLICE,ST=Loire-Atlantique,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2f:6e:53:3c:e0:ce:23:74:7a:01:9d:7f:9d:e1:91:87:68:44:a2:28
Signer

Actual PE Digest

2f:6e:53:3c:e0:ce:23:74:7a:01:9d:7f:9d:e1:91:87:68:44:a2:28

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Adlice\RogueKillerQt\RelWithDebInfo\RogueKiller.pdb

Imports

opengl32

glReadPixels
glScissor
glStencilFunc
glStencilMask
glStencilOp
glTexImage2D
glTexParameterf
glTexParameterfv
glTexParameteri
glTexParameteriv
glTexSubImage2D
glViewport
glPolygonOffset
glPixelStorei
glLineWidth
glIsTexture
glIsEnabled
glHint
glGetTexParameteriv
glGetTexParameterfv
glGetString
glGetIntegerv
glGetFloatv
glGetError
glGetBooleanv
glGenTextures
glFrontFace
glFlush
glFinish
glEnable
glDrawElements
glDrawArrays
glDisable
glDepthRange
glDepthMask
glDepthFunc
glDeleteTextures
glCullFace
glCopyTexSubImage2D
glCopyTexImage2D
glColorMask
glClearStencil
glClearDepth
glClearColor
glClear
glBlendFunc
glBindTexture

ws2_32

WSAIoctl
getaddrinfo
freeaddrinfo
getnameinfo

winmm

PlaySoundW

netapi32

NetUserGetInfo
NetApiBufferFree

kernel32

GetCurrentThread
ResumeThread
GetModuleFileNameA
GetEnvironmentVariableW
OutputDebugStringA
GetVersionExA
RaiseException
CreateThread
OpenThread
WriteProcessMemory
CreateRemoteThread
Module32FirstW
Module32NextW
InterlockedDecrement
DeviceIoControl
DefineDosDeviceW
QueryDosDeviceW
LocalAlloc
VirtualAlloc
VirtualFree
GetFileInformationByHandle
GetFileType
SetFilePointerEx
lstrcmpiW
lstrlenW
GetDiskFreeSpaceW
IsBadReadPtr
IsBadWritePtr
GetVolumeNameForVolumeMountPointW
GetVolumePathNameW
lstrcmpA
lstrcpyW
SetFilePointer
QueueUserWorkItem
GlobalAlloc
GlobalFree
LoadLibraryExW
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
GetStdHandle
SwitchToFiber
DeleteFiber
CreateFiber
QueryPerformanceCounter
GetSystemTimeAsFileTime
ConvertFiberToThread
ConvertThreadToFiber
LoadLibraryA
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
FormatMessageA
InitializeCriticalSection
SleepEx
QueryPerformanceFrequency
GetSystemDirectoryA
VerifyVersionInfoA
ExpandEnvironmentStringsA
CreateFileMappingA
SwitchToThread
IsValidLanguageGroup
IsValidLocale
GetUserDefaultLangID
CheckRemoteDebuggerPresent
GlobalUnlock
GlobalLock
GlobalSize
CompareStringW
GetUserDefaultLCID
GetLocalTime
WaitForSingleObjectEx
SetThreadPriority
GetThreadPriority
OutputDebugStringW
LCMapStringW
GetUserGeoID
GetUserDefaultUILanguage
GetStartupInfoW
GetLogicalDrives
SetEndOfFile
GetTickCount
FindFirstChangeNotificationW
FindNextChangeNotification
FindFirstFileExW
GetTimeZoneInformation
GetGeoInfoW
GetVolumeInformationW
GetLongPathNameW
GetLocaleInfoW
GetModuleFileNameW
GetDriveTypeW
CloseHandle
OpenProcess
ReadProcessMemory
LockFileEx
UnlockFile
HeapCompact
DeleteFileA
FlushViewOfFile
GetFileAttributesA
GetDiskFreeSpaceA
GetTempPathA
HeapValidate
UnlockFileEx
LockFile
AreFileApisANSI
VirtualQueryEx
CreateFileA
HeapCreate
GetFileSize
GetPrivateProfileStringW
HeapDestroy
InterlockedIncrement
FindResourceW
SizeofResource
LoadResource
LockResource
GetFileSizeEx
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
WriteConsoleW
SetEnvironmentVariableA
HeapSize
EnumSystemLocalesW
GetACP
HeapReAlloc
GetConsoleCP
SetStdHandle
GetFullPathNameA
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
SetConsoleCtrlHandler
InterlockedPushEntrySList
IsDebuggerPresent
InitializeSListHead
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetCPInfo
DecodePointer
EncodePointer
GetStringTypeW
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
GetTempFileNameW
GetTempPathW
CreateMutexW
ReleaseMutex
GetProcessHeap
HeapFree
HeapAlloc
GetVersionExW
VerSetConditionMask
CancelIo
WaitNamedPipeW
CreateNamedPipeW
PeekNamedPipe
SetNamedPipeHandleState
DisconnectNamedPipe
ConnectNamedPipe
SetHandleInformation
FlushFileBuffers
ReadFile
WriteFile
GetOverlappedResult
GetModuleHandleW
FindCloseChangeNotification
GetThreadLocale
MoveFileExW
MoveFileW
CopyFileW
FindNextFileW
FindFirstFileW
DeleteFileW
GetFileAttributesExW
GetFileAttributesW
SetFileAttributesW
CreateFileW
RemoveDirectoryW
CreateDirectoryW
GetFileTime
FindClose
GetFullPathNameW
ExpandEnvironmentStringsW
GetShortPathNameW
CreateEventW
WaitForMultipleObjects
ResetEvent
SetEvent
Thread32Next
Thread32First
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
TerminateJobObject
AssignProcessToJobObject
CreateJobObjectW
CreateProcessW
DuplicateHandle
WaitForSingleObject
SetLastError
TerminateThread
GetProcessId
GetExitCodeProcess
TerminateProcess
GetProcessTimes
GetComputerNameW
GetCurrentDirectoryW
GetSystemDirectoryW
FormatMessageW
GetSystemTimes
GetSystemInfo
Sleep
SetErrorMode
GetCurrentProcessId
GetCurrentProcess
GetCommandLineW
LocalFree
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryW
GetLastError
FreeLibrary
DeleteCriticalSection
TryEnterCriticalSection
GetProcAddress
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetDateFormatW
GetTimeFormatW
CompareFileTime
FileTimeToSystemTime
SystemTimeToFileTime
TzSpecificLocalTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetSystemTime
ExitProcess
GetModuleHandleA
GetConsoleWindow
lstrcmpW
GetCurrencyFormatW

user32

SetParent
GetAncestor
GetKeyboardLayoutList
UnregisterClassW
GetClassInfoW
RegisterClassExW
GetFocus
GetClientRect
GetCursorPos
ChildWindowFromPointEx
GetSysColorBrush
LoadImageW
GetMonitorInfoW
EnumDisplayMonitors
GetCursor
SetCursorPos
GetParent
GetDesktopWindow
SetWindowLongW
GetWindowLongW
LoadCursorW
CreateCursor
GetCursorInfo
TrackMouseEvent
GetMessageExtraInfo
GetWindowTextW
RealGetWindowClassW
TranslateMessage
DispatchMessageW
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetTimer
KillTimer
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
CharNextExA
CreateWindowExW
DefWindowProcW
SendMessageW
RegisterWindowMessageW
EnableMenuItem
GetSystemMenu
GetIconInfo
ScreenToClient
ClientToScreen
DrawIconEx
GetDC
ReleaseDC
SetCursor
AdjustWindowRectEx
GetWindowRect
SetWindowTextW
DestroyCursor
GetClassNameW
EnumChildWindows
CharNextW
DestroyWindow
GetSystemMetrics
InvalidateRect
GetWindowThreadProcessId
DestroyIcon
GetSysColor
SystemParametersInfoW
SetWindowRgn
MessageBoxW
CreateIconIndirect
ExitWindowsEx
PostMessageW
ShowWindow
EnumWindows
GetProcessWindowStation
GetUserObjectInformationW
SendMessageA
FindWindowA
GetDoubleClickTime
GetCaretBlinkTime
MessageBeep
IsChild
FlashWindowEx
MoveWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
IsWindowVisible
IsIconic
SetFocus
GetCapture
SetCapture
ReleaseCapture
GetForegroundWindow
LoadIconW
SetClipboardViewer
ChangeClipboardChain
RegisterClipboardFormatW
GetAsyncKeyState
GetKeyboardLayout
CreateCaret
DestroyCaret
HideCaret
SetCaretPos
PeekMessageW
IsZoomed
GetKeyState
GetKeyboardState
ToAscii
ToUnicode
MapVirtualKeyW
GetMenu
TrackPopupMenuEx
SetMenuItemInfoW
NotifyWinEvent
RegisterClassW
GetClipboardFormatNameW
GetUpdateRect
EndPaint
BeginPaint
SetForegroundWindow

gdi32

CreateDIBSection
SelectObject
GetDIBits
DeleteObject
DeleteDC
CreateCompatibleDC
RemoveFontMemResourceEx
GetTextMetricsW
GetTextFaceW
ChoosePixelFormat
DescribePixelFormat
CombineRgn
SetPixelFormat
SwapBuffers
GetBitmapBits
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetGlyphOutlineW
GetOutlineTextMetricsW
GetTextExtentPoint32W
GetCharABCWidthsI
SetBkMode
SetTextColor
SetWorldTransform
CreateRectRgn
GetRegionData
SelectClipRgn
GdiFlush
CreateBitmap
GetObjectW
BitBlt
OffsetRgn
GetDeviceCaps
CreateCompatibleBitmap
CreateDCW
EnumFontFamiliesExW
CreateFontIndirectW
GetFontData
GetStockObject
AddFontResourceExW
RemoveFontResourceExW
GetPixelFormat
AddFontMemResourceEx
ExtTextOutW
SetGraphicsMode
SetTextAlign

shell32

Shell_NotifyIconW
CommandLineToArgvW
SHGetMalloc
ShellExecuteExW
ord51
SHGetFolderPathW
SHGetFileInfoW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderPathW
ShellExecuteW

ole32

CoTaskMemRealloc
CoCreateInstance
CoSetProxyBlanket
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleInitialize
OleUninitialize
CoInitialize
OleSetClipboard
StringFromCLSID
CoInitializeSecurity
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoCreateGuid
StringFromGUID2
OleGetClipboard
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
ReleaseStgMedium
CoGetMalloc
CoTaskMemAlloc

oleaut32

VarUI4FromStr
SystemTimeToVariantTime
VariantChangeType
SysAllocStringLen
VariantClear
VariantInit
SysStringLen
SysFreeString
SysAllocString

advapi32

RegEnumKeyExW
RegDeleteValueW
StartServiceW
SetServiceObjectSecurity
QueryServiceStatusEx
QueryServiceStatus
QueryServiceConfig2W
QueryServiceConfigW
OpenServiceW
OpenSCManagerW
EnumServicesStatusW
EnumDependentServicesW
DeleteService
CreateServiceW
ControlService
CloseServiceHandle
ChangeServiceConfig2W
ChangeServiceConfigW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
ReportEventW
RegisterEventSourceW
DeregisterEventSource
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
DuplicateTokenEx
CreateProcessAsUserW
RegEnumValueW
RegQueryInfoKeyW
DuplicateToken
GetUserNameW
GetTokenInformation
AllocateAndInitializeSid
FreeSid
InitializeAcl
CryptAcquireContextW
CryptReleaseContext
InitializeSecurityDescriptor
IsValidSecurityDescriptor
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner
CheckTokenMembership
SetEntriesInAclW
IsValidSid
GetLengthSid
CopySid
LookupAccountSidW
LookupAccountNameW
ConvertSidToStringSidW
ConvertStringSidToSidW
GetAce
RegGetKeySecurity
RegSetKeySecurity
GetExplicitEntriesFromAclW
GetNamedSecurityInfoW
SetNamedSecurityInfoW
GetSecurityInfo
LookupPrivilegeValueA
RegFlushKey
CryptDestroyKey
CryptGenRandom
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

wininet

InternetGetConnectedState

shlwapi

PathQuoteSpacesW
PathIsNetworkPathW
PathRemoveArgsW
PathRemoveBackslashW
PathRemoveBlanksW
PathRemoveExtensionW
PathRemoveFileSpecW
PathSearchAndQualifyW
PathUnquoteSpacesW
PathUnExpandEnvStringsW
StrFormatByteSizeW
StrDupW
StrCmpIW
PathIsRelativeW
PathIsPrefixW
PathIsDirectoryW
PathGetDriveNumberW
PathGetArgsW
PathFindFileNameW
PathFindExtensionW
PathFileExistsW
PathCommonPrefixW
PathAppendW
PathAddBackslashW
AssocQueryStringW

psapi

GetProcessImageFileNameW
GetModuleFileNameExW
GetModuleBaseNameW
GetModuleInformation

ntdll

NtQueryVirtualMemory
RtlUnwind
memcmp
islower
isupper
bsearch
wcsncmp
wcstombs
strpbrk
strtol
atoi
_stricmp
wcsstr
_strnicmp
strtoul
strspn
strcmp
strrchr
strncpy
qsort
NtQuerySystemInformation
NtQueryKey
NtCreateKey
NtSetValueKey
NtDeleteValueKey
NtDeleteKey
NtOpenKey
_wtoi64
strcspn
_wcsicmp
memchr
tolower
isalnum
toupper
isspace
strstr
isdigit
wcsrchr
floor
strchr
ceil
strncmp
memset
memcpy
memmove
isprint
towupper
NtUnloadDriver
NtLoadDriver
RtlInitUnicodeString
wcschr

wsock32

getsockopt
getsockname
inet_ntoa
ntohs
WSAStartup
WSAGetLastError
recv
send
WSASetLastError
accept
bind
closesocket
connect
listen
setsockopt
socket
getpeername
htons
__WSAFDIsSet
select
htonl
recvfrom
sendto
gethostname
WSAAsyncSelect
shutdown
WSACleanup

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock
LoadUserProfileW
UnloadUserProfile
GetProfilesDirectoryW

wtsapi32

WTSQueryUserToken
WTSFreeMemory
WTSEnumerateSessionsW

mpr

WNetGetConnectionW

crypt32

CryptQueryObject
CryptMsgClose
CryptMsgGetParam
CertCloseStore
CertGetCertificateContextProperty
CertDuplicateCertificateContext
CertEnumCertificatesInStore
CertOpenStore
CryptDecodeObject
CertGetNameStringW
CertNameToStrW
CertFreeCertificateContext
CertFindCertificateInStore

wintrust

CryptCATAdminAcquireContext
CryptCATAdminEnumCatalogFromHash
CryptCATAdminCalcHashFromFileHandle
CryptCATCatalogInfoFromContext
WinVerifyTrust
CryptCATAdminReleaseCatalogContext
CryptCATAdminReleaseContext

imm32

ImmGetCompositionStringW
ImmGetDefaultIMEWnd
ImmGetContext
ImmReleaseContext
ImmAssociateContext
ImmNotifyIME
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetVirtualKey

Sections

.text
Size: 13.8MB - Virtual size: 13.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 229KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 681KB - Virtual size: 680KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ddb01dc28139d344207daee568c4554e

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

18:39:af:85:74:aa:0e:80:c3:71:d9:80:34:61:dd:7bCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

2f:6e:53:3c:e0:ce:23:74:7a:01:9d:7f:9d:e1:91:87:68:44:a2:28Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

opengl32

ws2_32

winmm

netapi32

kernel32

user32

gdi32

shell32

ole32

oleaut32

advapi32

version

wininet

shlwapi

psapi

ntdll

wsock32

userenv

wtsapi32

mpr

crypt32

wintrust

imm32

Sections

.text Size: 13.8MB - Virtual size: 13.8MB

.rdata Size: 6.4MB - Virtual size: 6.4MB

.data Size: 229KB - Virtual size: 405KB

.qtmetad Size: 1024B - Virtual size: 588B

.tls Size: 512B - Virtual size: 13B

.gfids Size: 1024B - Virtual size: 548B

_RDATA Size: 512B - Virtual size: 292B

.rsrc Size: 5.9MB - Virtual size: 5.9MB

.reloc Size: 681KB - Virtual size: 680KB

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

18:39:af:85:74:aa:0e:80:c3:71:d9:80:34:61:dd:7b
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

2f:6e:53:3c:e0:ce:23:74:7a:01:9d:7f:9d:e1:91:87:68:44:a2:28
Signer

.text
Size: 13.8MB - Virtual size: 13.8MB

.rdata
Size: 6.4MB - Virtual size: 6.4MB

.data
Size: 229KB - Virtual size: 405KB

.qtmetad
Size: 1024B - Virtual size: 588B

.tls
Size: 512B - Virtual size: 13B

.gfids
Size: 1024B - Virtual size: 548B

_RDATA
Size: 512B - Virtual size: 292B

.rsrc
Size: 5.9MB - Virtual size: 5.9MB

.reloc
Size: 681KB - Virtual size: 680KB