ploutus | kape[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

kape.zip
Size

133.1MB
MD5

16e43eca2d1c9fb1fd68946147ad3025
SHA1

a20d7c99f4953ca5cdb70cb941738dfae7a1b98f
SHA256

95db018c3da57f081886511338ea920272fb9a7e64e1f885a3307e692071b674
SHA512

2d54a91ad606d8d58dd1dee7034a91eb0456a9adab4879c383188f94fa7cc2f5718017c28ead8a38f1335a0bfc165c98e98c4363f26513ca13d82d0ddb9b335d
SSDEEP

3145728:f14qemI2GhAKEaguRqIe9OSJofzo7qN3e0uSdzKlTXc:fWqr6AxqqySJofzo7qN3e0uSzKl7c

Score

10^/10

ploutus

Malware Config

Signatures

Detected Ploutus loader 2 IoCs

Processes:

resource	yara_rule
static1/unpack001/KAPE/Modules/bin/JLECmd.exe	family_ploutus
static1/unpack001/KAPE/Modules/bin/LECmd.exe	family_ploutus

Ploutus family
ploutus

Files

kape.zip
.zip
KAPE/ChangeLog.txt
KAPE/Documentation/DocumentationAndEULA.txt
KAPE/Get-KAPEUpdate.ps1
.ps1
KAPE/Modules/!Disabled/!ALL.mkape
KAPE/Modules/!Disabled/Plaso.mkape
KAPE/Modules/!Disabled/TZWorks_evtwalk64_EventLogs_ApplicationEvents.mkape
KAPE/Modules/!Disabled/Volatility_Disabled.mkape
KAPE/Modules/!Disabled/Volatility_apihooks.mkape
KAPE/Modules/!Disabled/Volatility_dlldump.mkape
KAPE/Modules/!Disabled/Volatility_dumpfiles.mkape
KAPE/Modules/!Disabled/Volatility_filescan.mkape
KAPE/Modules/!Disabled/Volatility_handles.mkape
KAPE/Modules/!Disabled/Volatility_malfind_dump.mkape
KAPE/Modules/!Disabled/Volatility_memdump.mkape
KAPE/Modules/!Disabled/Volatility_mftparser.mkape
KAPE/Modules/!Disabled/Volatility_moddump.mkape
KAPE/Modules/!Disabled/Volatility_procdump.mkape
KAPE/Modules/!Disabled/Volatility_shellbags.mkape
KAPE/Modules/!Disabled/Volatility_timeliner.mkape
KAPE/Modules/Apps/CrowdStrike_CrowdResponse.mkape
KAPE/Modules/Apps/DensityScout.mkape
KAPE/Modules/Apps/DumpIt_Memory.mkape
KAPE/Modules/Apps/Everything_ParseEFU.mkape
KAPE/Modules/Apps/ExifTool.mkape
KAPE/Modules/Apps/GitHub/BMC-Tools_RDPBitmapCacheParser.mkape
KAPE/Modules/Apps/GitHub/BitsParser.mkape
KAPE/Modules/Apps/GitHub/Bulk_extractor.mkape
KAPE/Modules/Apps/GitHub/CCMRUAFinder_RecentlyUsedApps.mkape
KAPE/Modules/Apps/GitHub/Chainsaw.mkape
KAPE/Modules/Apps/GitHub/DHParser.mkape
KAPE/Modules/Apps/GitHub/EvtxHussar.mkape
KAPE/Modules/Apps/GitHub/HatTrickFreenetParser.mkape
KAPE/Modules/Apps/GitHub/Hayabusa/hayabusa_EventStatistics.mkape
KAPE/Modules/Apps/GitHub/Hayabusa/hayabusa_LiveResponse.mkape
KAPE/Modules/Apps/GitHub/Hayabusa/hayabusa_LogonSummary.mkape
KAPE/Modules/Apps/GitHub/Hayabusa/hayabusa_OfflineEventLogs.mkape
KAPE/Modules/Apps/GitHub/Hayabusa/hayabusa_UpdateRules.mkape
KAPE/Modules/Apps/GitHub/INDXRipper.mkape
KAPE/Modules/Apps/GitHub/LevelDBDumper.mkape
KAPE/Modules/Apps/GitHub/Loki_LiveResponse.mkape
KAPE/Modules/Apps/GitHub/Loki_Scan.mkape
KAPE/Modules/Apps/GitHub/ObsidianForensics_Hindsight.mkape
KAPE/Modules/Apps/GitHub/OneDriveExplorer.mkape
KAPE/Modules/Apps/GitHub/PowerShell_Get-ChainsawSigmaRules.mkape
KAPE/Modules/Apps/GitHub/PowerShell_Get-DoSvc4n6.mkape
KAPE/Modules/Apps/GitHub/PowerShell_Get-InjectedThread.mkape
KAPE/Modules/Apps/GitHub/PowerShell_Get-NetworkConnection.mkape
KAPE/Modules/Apps/GitHub/PowerShell_MFTECmd_J-MFTParsing.mkape
KAPE/Modules/Apps/GitHub/PowerShell_Move-KAPEConsoleHost_history.mkape
KAPE/Modules/Apps/GitHub/PowerShell_Netscan.mkape
KAPE/Modules/Apps/GitHub/PowerShell_Signed.mkape
KAPE/Modules/Apps/GitHub/PowerShell_SrumECmd_SRUM-RepairAndParse.mkape
KAPE/Modules/Apps/GitHub/PowerShell_SumECmd_SUM-RepairAndParse.mkape
KAPE/Modules/Apps/GitHub/RegRipper/RegRipper_NTUser-Variable.mkape
KAPE/Modules/Apps/GitHub/RegRipper/RegRipper_NTUser.mkape
KAPE/Modules/Apps/GitHub/RegRipper/RegRipper_SAM.mkape
KAPE/Modules/Apps/GitHub/RegRipper/RegRipper_SECURITY-Variable.mkape
KAPE/Modules/Apps/GitHub/RegRipper/RegRipper_SECURITY.mkape
KAPE/Modules/Apps/GitHub/RegRipper/RegRipper_SOFTWARE-Variable.mkape
KAPE/Modules/Apps/GitHub/RegRipper/RegRipper_SOFTWARE.mkape
KAPE/Modules/Apps/GitHub/RegRipper/RegRipper_SYSTEM-Variable.mkape
KAPE/Modules/Apps/GitHub/RegRipper/RegRipper_SYSTEM.mkape
KAPE/Modules/Apps/GitHub/RegRipper/RegRipper_UsrClass-Variable.mkape
KAPE/Modules/Apps/GitHub/RegRipper/RegRipper_UsrClass.mkape
KAPE/Modules/Apps/GitHub/SEPparser.mkape
KAPE/Modules/Apps/GitHub/SRUMDump.mkape
KAPE/Modules/Apps/GitHub/TeamsParser.mkape
KAPE/Modules/Apps/GitHub/ThumbCacheViewer.mkape
KAPE/Modules/Apps/GitHub/VLSeeRecent_VLCRecentFiles.mkape
KAPE/Modules/Apps/GitHub/Velocidex_WinPmem.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_amcache.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_clipboard.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_cmdline.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_cmdscan.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_connections.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_connscan.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_consoles.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_dlllist.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_driverirp.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_hollowfind.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_idt.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_malfind.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_modscan.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_modules.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_netscan.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_notepad.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_pslist.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_psscan.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_pstree.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_psxview.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_shimcache.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_sockets.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_sockscan.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_ssdt.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_userassist.mkape
KAPE/Modules/Apps/GitHub/Volatility/Volatility_userhandles.mkape
KAPE/Modules/Apps/GitHub/WMI-Parser.mkape
KAPE/Modules/Apps/GitHub/Zircolite_Scan.mkape
KAPE/Modules/Apps/GitHub/Zircolite_Update.mkape
KAPE/Modules/Apps/GitHub/hasherezade_HollowsHunter.mkape
KAPE/Modules/Apps/GitHub/iTunesBackupReader.mkape
KAPE/Modules/Apps/GitHub/log4j-scanner.mkape
KAPE/Modules/Apps/GitHub/mimikatz_NTLMHashes.mkape
KAPE/Modules/Apps/GitHub/reg_hunter/reg_hunter_binary.mkape
KAPE/Modules/Apps/GitHub/reg_hunter/reg_hunter_email.mkape
KAPE/Modules/Apps/GitHub/reg_hunter/reg_hunter_encoding.mkape
KAPE/Modules/Apps/GitHub/reg_hunter/reg_hunter_ip.mkape
KAPE/Modules/Apps/GitHub/reg_hunter/reg_hunter_link.mkape
KAPE/Modules/Apps/GitHub/reg_hunter/reg_hunter_obfuscation.mkape
KAPE/Modules/Apps/GitHub/reg_hunter/reg_hunter_script.mkape
KAPE/Modules/Apps/GitHub/reg_hunter/reg_hunter_shell.mkape
KAPE/Modules/Apps/GitHub/reg_hunter/reg_hunter_shellcode.mkape
KAPE/Modules/Apps/GitHub/reg_hunter/reg_hunter_suspicious.mkape
.ps1
KAPE/Modules/Apps/GitHub/reg_hunter/reg_hunter_unc.mkape
KAPE/Modules/Apps/GitHub/reg_hunter/reg_hunter_url.mkape
KAPE/Modules/Apps/KAPE_Automation.mkape
KAPE/Modules/Apps/Kaspersky_TDSSKiller.mkape
KAPE/Modules/Apps/LogParser/LogParser_ApacheAccessLogs.mkape
KAPE/Modules/Apps/LogParser/LogParser_DetailedNetworkShareAccess.mkape
KAPE/Modules/Apps/LogParser/LogParser_LogonLogoffEvents.mkape
KAPE/Modules/Apps/LogParser/LogParser_RDPUsageEvents.mkape
KAPE/Modules/Apps/LogParser/LogParser_SMBServerAnonymousLogons.mkape
KAPE/Modules/Apps/MagnetForensics_EDD.mkape
KAPE/Modules/Apps/MagnetForensics_RAMCapture.mkape
KAPE/Modules/Apps/McAfeeStinger.mkape
KAPE/Modules/Apps/NTFSLogTracker_$J.mkape
KAPE/Modules/Apps/NTFSLogTracker_$LogFile.mkape
KAPE/Modules/Apps/NirSoft/NirSoft_BrowsingHistoryView.mkape
KAPE/Modules/Apps/NirSoft/NirSoft_FullEventLogView_AllEventLogs.mkape
KAPE/Modules/Apps/NirSoft/NirSoft_FullEventLogView_Application.mkape
KAPE/Modules/Apps/NirSoft/NirSoft_FullEventLogView_PowerShell-Operational.mkape
KAPE/Modules/Apps/NirSoft/NirSoft_FullEventLogView_PrintService-Operational.mkape
KAPE/Modules/Apps/NirSoft/NirSoft_FullEventLogView_ScheduledTasks.mkape
KAPE/Modules/Apps/NirSoft/NirSoft_FullEventLogView_Security.mkape
KAPE/Modules/Apps/NirSoft/NirSoft_FullEventLogView_System.mkape
KAPE/Modules/Apps/NirSoft/NirSoft_TurnedOnTimesView.mkape
KAPE/Modules/Apps/NirSoft/NirSoft_USBDeview.mkape
KAPE/Modules/Apps/PowerShell_5SecondPause.mkape
KAPE/Modules/Apps/PowerShell_log4j.mkape
KAPE/Modules/Apps/SOFELK/SOFELK_Parser_EvtxECmd.mkape
KAPE/Modules/Apps/SOFELK/SOFELK_Parser_LEcmd.mkape
KAPE/Modules/Apps/SOFELK/SOFELK_Parser_MFTECmd_J.mkape
KAPE/Modules/Apps/SOFELK/SOFELK_Parser_MFTECmd_MFT.mkape
KAPE/Modules/Apps/SOFELK/SOFELK_Parser_PECmd.mkape
KAPE/Modules/Apps/SQLite3_TeraCopy_History.mkape
KAPE/Modules/Apps/SQLite3_TeraCopy_Main.mkape
KAPE/Modules/Apps/Snap2HTML.mkape
KAPE/Modules/Apps/SysInternals/SysInternals_Autoruns.mkape
KAPE/Modules/Apps/SysInternals/SysInternals_Handle.mkape
KAPE/Modules/Apps/SysInternals/SysInternals_PsFile.mkape
KAPE/Modules/Apps/SysInternals/SysInternals_PsInfo.mkape
KAPE/Modules/Apps/SysInternals/SysInternals_PsList.mkape
KAPE/Modules/Apps/SysInternals/SysInternals_PsLoggedOn.mkape
KAPE/Modules/Apps/SysInternals/SysInternals_PsService.mkape
KAPE/Modules/Apps/SysInternals/SysInternals_PsTree.mkape
KAPE/Modules/Apps/SysInternals/SysInternals_SigCheck.mkape
KAPE/Modules/Apps/SysInternals/SysInternals_Tcpvcon.mkape
KAPE/Modules/Apps/TZWorks/TZWorks_CAFAE_Registry_System.mkape
KAPE/Modules/Apps/TZWorks/TZWorks_evtwalk64_EventLogs_ScheduledTasks.mkape
KAPE/Modules/Apps/Thor-Lite/Thor-Lite_LiveResponse.mkape
KAPE/Modules/Apps/Thor-Lite/Thor-Lite_LiveResponse_Lookback30days.mkape
KAPE/Modules/Apps/Thor-Lite/Thor-Lite_Scan.mkape
KAPE/Modules/Apps/Thor-Lite/Thor-Lite_Upgrade.mkape
KAPE/Modules/Apps/Thor/Thor_Scan.mkape
KAPE/Modules/Apps/Thor/Thor_Upgrade.mkape
KAPE/Modules/Apps/Winlogbeat_ALL.mkape
KAPE/Modules/Compound/!!ToolSync.mkape
KAPE/Modules/Compound/!EZParser.mkape
KAPE/Modules/Compound/Hayabusa.mkape
KAPE/Modules/Compound/KapeResearch_Registry_JSON.mkape
KAPE/Modules/Compound/LiveResponse_NetSystemInfo.mkape
KAPE/Modules/Compound/LiveResponse_NetworkDetails.mkape
KAPE/Modules/Compound/LiveResponse_ProcessDetails.mkape
KAPE/Modules/Compound/LogParser.mkape
KAPE/Modules/Compound/MFTECmd.mkape
KAPE/Modules/Compound/NTFSLogTracker.mkape
KAPE/Modules/Compound/RECmd_AllBatchFiles.mkape
KAPE/Modules/Compound/RegRipper.mkape
KAPE/Modules/Compound/Reghunter.mkape
KAPE/Modules/Compound/SOFELK_Parser.mkape
KAPE/Modules/Compound/bstrings.mkape
KAPE/Modules/Compound/bstrings_CryptoWallets.mkape
KAPE/Modules/CompoundModuleGuide.guide
KAPE/Modules/CompoundModuleTemplate.template
KAPE/Modules/EZTools/AmcacheParser.mkape
KAPE/Modules/EZTools/AppCompatCacheParser.mkape
KAPE/Modules/EZTools/EvtxECmd/EvtxECmd.mkape
KAPE/Modules/EZTools/EvtxECmd/EvtxECmd_RDP.mkape
KAPE/Modules/EZTools/JLECmd.mkape
KAPE/Modules/EZTools/LECmd.mkape
KAPE/Modules/EZTools/MFTECmd/MFTECmd_$Boot.mkape
KAPE/Modules/EZTools/MFTECmd/MFTECmd_$J.mkape
KAPE/Modules/EZTools/MFTECmd/MFTECmd_$MFT.mkape
KAPE/Modules/EZTools/MFTECmd/MFTECmd_$MFT_DumpResidentFiles.mkape
KAPE/Modules/EZTools/MFTECmd/MFTECmd_$MFT_FileListing.mkape
KAPE/Modules/EZTools/MFTECmd/MFTECmd_$MFT_ProcessMFTSlack.mkape
KAPE/Modules/EZTools/MFTECmd/MFTECmd_$SDS.mkape
KAPE/Modules/EZTools/PECmd.mkape
KAPE/Modules/EZTools/RBCmd.mkape
KAPE/Modules/EZTools/RECmd/RECmd_AllRegExecutablesFoundOrRun.mkape
KAPE/Modules/EZTools/RECmd/RECmd_BCDBootVolume.mkape
KAPE/Modules/EZTools/RECmd/RECmd_BasicSystemInfo.mkape
KAPE/Modules/EZTools/RECmd/RECmd_InstalledSoftware.mkape
KAPE/Modules/EZTools/RECmd/RECmd_Kroll.mkape
KAPE/Modules/EZTools/RECmd/RECmd_RECmd_Batch_MC.mkape
KAPE/Modules/EZTools/RECmd/RECmd_RegistryASEPs.mkape
KAPE/Modules/EZTools/RECmd/RECmd_SoftwareASEPs.mkape
KAPE/Modules/EZTools/RECmd/RECmd_SoftwareClassesASEPs.mkape
KAPE/Modules/EZTools/RECmd/RECmd_SoftwareWoW6432ASEPs.mkape
KAPE/Modules/EZTools/RECmd/RECmd_SystemASEPs.mkape
KAPE/Modules/EZTools/RECmd/RECmd_UserActivity.mkape
KAPE/Modules/EZTools/RECmd/RECmd_UserClassesASEPs.mkape
KAPE/Modules/EZTools/RecentFileCacheParser.mkape
KAPE/Modules/EZTools/SBECmd.mkape
KAPE/Modules/EZTools/SQLECmd/SQLECmd.mkape
KAPE/Modules/EZTools/SQLECmd/SQLECmd_Hunt.mkape
KAPE/Modules/EZTools/SrumECmd.mkape
KAPE/Modules/EZTools/SumECmd.mkape
KAPE/Modules/EZTools/WxTCmd.mkape
KAPE/Modules/EZTools/bstrings/bstrings_AeonWallet.mkape
KAPE/Modules/EZTools/bstrings/bstrings_BitCoinWallet.mkape
KAPE/Modules/EZTools/bstrings/bstrings_Bitlocker.mkape
KAPE/Modules/EZTools/bstrings/bstrings_ByteCoinWallet.mkape
KAPE/Modules/EZTools/bstrings/bstrings_CreditCards.mkape
KAPE/Modules/EZTools/bstrings/bstrings_DashCoinWallet.mkape
KAPE/Modules/EZTools/bstrings/bstrings_DashCoinWallet2.mkape
KAPE/Modules/EZTools/bstrings/bstrings_Email.mkape
KAPE/Modules/EZTools/bstrings/bstrings_FantomCoinWallet.mkape
KAPE/Modules/EZTools/bstrings/bstrings_IPv4.mkape
KAPE/Modules/EZTools/bstrings/bstrings_MACAddresses.mkape
KAPE/Modules/EZTools/bstrings/bstrings_MoneroWallet.mkape
KAPE/Modules/EZTools/bstrings/bstrings_SSN.mkape
KAPE/Modules/EZTools/bstrings/bstrings_SumoKoinWallet.mkape
KAPE/Modules/EZTools/bstrings/bstrings_UNC.mkape
KAPE/Modules/EZTools/bstrings/bstrings_URLs.mkape
KAPE/Modules/EZTools/bstrings/bstrings_USPhone.mkape
KAPE/Modules/EZTools/bstrings/bstrings_WinPath.mkape
KAPE/Modules/EZTools/bstrings/bstrings_ZipCodes.mkape
KAPE/Modules/EZTools/iisGeoLocate.mkape
KAPE/Modules/KapeResearch/KapeResearch_EventLogs_XML.mkape
KAPE/Modules/KapeResearch/KapeResearch_Registry_Amcache_JSON.mkape
KAPE/Modules/KapeResearch/KapeResearch_Registry_BBI_JSON.mkape
KAPE/Modules/KapeResearch/KapeResearch_Registry_BCD-Template_JSON.mkape
KAPE/Modules/KapeResearch/KapeResearch_Registry_COMPONENTS_JSON.mkape
KAPE/Modules/KapeResearch/KapeResearch_Registry_DEFAULT_JSON.mkape
KAPE/Modules/KapeResearch/KapeResearch_Registry_DRIVERS_JSON.mkape
KAPE/Modules/KapeResearch/KapeResearch_Registry_ELAM_JSON.mkape
KAPE/Modules/KapeResearch/KapeResearch_Registry_NTUSER_JSON.mkape
KAPE/Modules/KapeResearch/KapeResearch_Registry_SAM_JSON.mkape
KAPE/Modules/KapeResearch/KapeResearch_Registry_SECURITY_JSON.mkape
KAPE/Modules/KapeResearch/KapeResearch_Registry_SOFTWARE_JSON.mkape
KAPE/Modules/KapeResearch/KapeResearch_Registry_SYSTEM_JSON.mkape
KAPE/Modules/KapeResearch/KapeResearch_Registry_SysCache_JSON.mkape
KAPE/Modules/KapeResearch/KapeResearch_Registry_UsrClass_JSON.mkape
KAPE/Modules/KapeResearch/KapeResearch_Registry_VSMIDK_JSON.mkape
KAPE/Modules/KapeResearch/KapeResearch_Registry_userdiff_JSON.mkape
KAPE/Modules/KapeSync/Sync_EvtxECmd.mkape
KAPE/Modules/KapeSync/Sync_KAPE.mkape
KAPE/Modules/KapeSync/Sync_RECmd.mkape
KAPE/Modules/KapeSync/Sync_SQLECmd.mkape
KAPE/Modules/ModuleGuide.guide
KAPE/Modules/ModuleTemplate.template
KAPE/Modules/Windows/PowerShell_DLL_List.mkape
KAPE/Modules/Windows/PowerShell_Defender_Exclusions.mkape
KAPE/Modules/Windows/PowerShell_NamedPipes.mkape
KAPE/Modules/Windows/PowerShell_NetUserAdministrators.mkape
KAPE/Modules/Windows/PowerShell_ParseScheduledTasks.mkape
.ps1
KAPE/Modules/Windows/PowerShell_ProcessList_CimInstance.mkape
KAPE/Modules/Windows/PowerShell_ProcessList_WMI.mkape
.ps1
KAPE/Modules/Windows/PowerShell_Process_Cmdline.mkape
.ps1
KAPE/Modules/Windows/PowerShell_Startup_Commands.mkape
KAPE/Modules/Windows/PowerShell_WMIRepositoryAuditing.mkape
.ps1
KAPE/Modules/Windows/Windows_ARPCache.mkape
KAPE/Modules/Windows/Windows_DNSCache.mkape
KAPE/Modules/Windows/Windows_GpResult.mkape
KAPE/Modules/Windows/Windows_IPConfig.mkape
KAPE/Modules/Windows/Windows_ManageBDE_BitLockerKeys.mkape
KAPE/Modules/Windows/Windows_ManageBDE_BitLockerStatus.mkape
KAPE/Modules/Windows/Windows_MsInfo.mkape
KAPE/Modules/Windows/Windows_NetStat.mkape
KAPE/Modules/Windows/Windows_Net_Accounts.mkape
KAPE/Modules/Windows/Windows_Net_File.mkape
KAPE/Modules/Windows/Windows_Net_LocalGroup.mkape
KAPE/Modules/Windows/Windows_Net_Session.mkape
KAPE/Modules/Windows/Windows_Net_Share.mkape
KAPE/Modules/Windows/Windows_Net_Start.mkape
KAPE/Modules/Windows/Windows_Net_Use.mkape
KAPE/Modules/Windows/Windows_Net_User.mkape
KAPE/Modules/Windows/Windows_RoutingTable.mkape
KAPE/Modules/Windows/Windows_SystemInfo.mkape
KAPE/Modules/Windows/Windows_nbtstat_NetBIOSCache.mkape
KAPE/Modules/Windows/Windows_nbtstat_NetBIOSSessions.mkape
KAPE/Modules/Windows/Windows_netsh_portproxy.mkape
KAPE/Modules/Windows/Windows_qwinsta_RDPSessions.mkape
KAPE/Modules/Windows/Windows_schtasks.mkape
KAPE/Modules/bin/AmcacheParser.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

47:41:68:c1:e3:67:32:25:f1:dc:d4:ca:f2:b3:90:fc:a5:29:05:bc:64:fd:24:0d:db:96:85:b9:7a:1e:10:02
Signer

Actual PE Digest

47:41:68:c1:e3:67:32:25:f1:dc:d4:ca:f2:b3:90:fc:a5:29:05:bc:64:fd:24:0d:db:96:85:b9:7a:1e:10:02

Digest Algorithm

sha256

PE Digest Matches

true

89:a8:0d:eb:83:02:cb:75:89:cd:49:73:66:79:1e:37:aa:1b:fd:9d
Signer

Actual PE Digest

89:a8:0d:eb:83:02:cb:75:89:cd:49:73:66:79:1e:37:aa:1b:fd:9d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Code\AmcacheParser\AmcacheParser\obj\Release\net462\AmcacheParser.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/AppCompatCacheParser.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23-10-2020 00:00

Not After

22-01-2032 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23-10-2020 00:00

Not After

22-01-2032 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6b:9c:62:f5:43:29:0a:f3:93:2c:ff:69:8a:6b:77:ce:f6:09:6f:49:90:4e:ea:5e:0f:e1:c9:bf:06:9d:98:68
Signer

Actual PE Digest

6b:9c:62:f5:43:29:0a:f3:93:2c:ff:69:8a:6b:77:ce:f6:09:6f:49:90:4e:ea:5e:0f:e1:c9:bf:06:9d:98:68

Digest Algorithm

sha256

PE Digest Matches

true

1f:34:2a:40:41:d2:60:26:7b:0f:61:b9:f3:3e:2e:4f:07:93:54:00
Signer

Actual PE Digest

1f:34:2a:40:41:d2:60:26:7b:0f:61:b9:f3:3e:2e:4f:07:93:54:00

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Code\AppCompatCacheParser\AppCompatCacheParser\obj\Release\net462\AppCompatCacheParser.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/EvtxECmd/EvtxECmd.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fd:e9:bd:d2:95:3c:a6:c2:d4:92:25:d7:c9:77:c9:dc:bc:a4:9b:11:b5:af:26:1c:fd:2f:54:83:13:79:89:0a
Signer

Actual PE Digest

fd:e9:bd:d2:95:3c:a6:c2:d4:92:25:d7:c9:77:c9:dc:bc:a4:9b:11:b5:af:26:1c:fd:2f:54:83:13:79:89:0a

Digest Algorithm

sha256

PE Digest Matches

true

b0:61:81:01:e1:99:a9:ee:44:82:35:c5:f1:5b:b0:63:f2:67:92:1a
Signer

Actual PE Digest

b0:61:81:01:e1:99:a9:ee:44:82:35:c5:f1:5b:b0:63:f2:67:92:1a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Code\evtx\EvtxECmd\obj\Release\net462\EvtxECmd.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/EvtxECmd/Maps/!!!!README.md
KAPE/Modules/bin/EvtxECmd/Maps/!Channel-Name_Provider-Name_EventID.guide
KAPE/Modules/bin/EvtxECmd/Maps/!Channel-Name_Provider-Name_EventID.template
KAPE/Modules/bin/EvtxECmd/Maps/Application_Application-Error_1000.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_Application-Hang_1002.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_CarbonBlackDefense_1.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_CarbonBlackDefense_17.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_CarbonBlackDefense_33.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_CarbonBlackDefense_49.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_Citrix-Desktop-Service_1027.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_Citrix-Desktop-Service_1049.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_CylanceSvc_1.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_CylanceSvc_2.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_ESENT_325.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_ESENT_326.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_ESENT_327.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_HitmanPro-Alert_911.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_MSSQLSERVER_15457.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_MSSQLSERVER_18456.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_MSSQLSERVER_33205.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_McAfee-Endpoint-Security_3.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_MetaFrameEvents_1106.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_Microsoft-Windows-Audit-CVE_1.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_Microsoft-Windows-RestartManager_10002.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_Microsoft-Windows-Winsrv_10001.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_Microsoft-Windows-Winsrv_10002.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_MsiInstaller_1033.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_MsiInstaller_1034.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_MsiInstaller_1040.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_MsiInstaller_1042.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_MsiInstaller_11707.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_MsiInstaller_11708.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_MsiInstaller_11724.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_Sophos-Anti-Virus_32.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_Sophos-System-Protection_42.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_Symantec_4003.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_System-Restore_8194.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_System-Restore_8195.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_System-Restore_8196.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_WSH_0.map
KAPE/Modules/bin/EvtxECmd/Maps/Application_Windows-Error-Reporting_1001.map
KAPE/Modules/bin/EvtxECmd/Maps/COMODO-Client-Security-CEF_File-Rating_3.map
KAPE/Modules/bin/EvtxECmd/Maps/Cisco-AnyConnect-Secure-Mobility-Client_acvpnagent_2039.map
KAPE/Modules/bin/EvtxECmd/Maps/Cisco-AnyConnect-Secure-Mobility-Client_acvpnagent_2048.map
KAPE/Modules/bin/EvtxECmd/Maps/Cisco-AnyConnect-Secure-Mobility-Client_acvpnagent_2072.map
KAPE/Modules/bin/EvtxECmd/Maps/Cisco-AnyConnect-Secure-Mobility-Client_acvpnagent_2079.map
KAPE/Modules/bin/EvtxECmd/Maps/Cisco-AnyConnect-Secure-Mobility-Client_acvpnagent_2085.map
KAPE/Modules/bin/EvtxECmd/Maps/Cisco-AnyConnect-Secure-Mobility-Client_acvpnagent_2086.map
KAPE/Modules/bin/EvtxECmd/Maps/Cisco-AnyConnect-Secure-Mobility-Client_acvpnagent_2127.map
KAPE/Modules/bin/EvtxECmd/Maps/Cisco-AnyConnect-Secure-Mobility-Client_acvpndownloader_5005.map
KAPE/Modules/bin/EvtxECmd/Maps/Cisco-AnyConnect-Secure-Mobility-Client_acvpnui_3021.map
KAPE/Modules/bin/EvtxECmd/Maps/CrowdStrike-Falcon-Sensor-CSFalconService-Operational_CrowdStrike-Falcon-Sensor-CSFalconService_3.map
KAPE/Modules/bin/EvtxECmd/Maps/CrowdStrike-Falcon-Sensor-CSFalconService-Operational_CrowdStrike-Falcon-Sensor-CSFalconService_4.map
KAPE/Modules/bin/EvtxECmd/Maps/Kaspersky-Endpoint-Security_avp_302.map
KAPE/Modules/bin/EvtxECmd/Maps/Kaspersky-Endpoint-Security_avp_362.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-AppID-Operational_Microsoft-Windows-AppID_4004.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-AppLocker-EXE-and-DLL_Microsoft-Windows-AppLocker_8002.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-AppLocker-EXE-and-DLL_Microsoft-Windows-AppLocker_8004.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-AppLocker-MSI-and-Script_Microsoft-Windows-AppLocker_8005.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-AppLocker-MSI-and-Script_Microsoft-Windows-AppLocker_8007.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-AppLocker-PackagedApp-Execution_Microsoft-Windows-AppLocker_8020.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Application-Experience-Program-Compatibility-Assistant_Microsoft-Windows-Program-Compatibility-Assistant_17.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Application-Experience-Program-Telemetry_Microsoft-Windows-Application-Experience_500.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Application-Experience-Program-Telemetry_Microsoft-Windows-Application-Experience_505.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Bits-Client-Operational_Microsoft-Windows-Bits-Client_3.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Bits-Client-Operational_Microsoft-Windows-Bits-Client_4.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Bits-Client-Operational_Microsoft-Windows-Bits-Client_5.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Bits-Client-Operational_Microsoft-Windows-Bits-Client_59.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Bits-Client-Operational_Microsoft-Windows-Bits-Client_60.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Bits-Client-Operational_Microsoft-Windows-Bits-Client_61.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Bits-Client-Operational_Microsoft-Windows-Bits-Client_64.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-DateTimeControlPanel-Operational_Microsoft-Windows-DateTimeControlPanel_20000.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-DeviceSetupManager-Admin_Microsoft-Windows-DeviceSetupManager_100.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-DeviceSetupManager-Admin_Microsoft-Windows-DeviceSetupManager_101.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-DeviceSetupManager-Admin_Microsoft-Windows-DeviceSetupManager_112.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Dhcp-Client-Admin_Microsoft-Windows-Dhcp-Client_50067.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Diagnostics-Performance-Operational_Microsoft-Windows-Diagnostics-Performance_100.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Diagnostics-Performance-Operational_Microsoft-Windows-Diagnostics-Performance_101.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Diagnostics-Performance-Operational_Microsoft-Windows-Diagnostics-Performance_200.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-DriverFrameworks-UserMode-Operational_Microsoft-Windows-DriverFrameworks-UserMode_2100.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-GroupPolicy-Operational_Microsoft-Windows-GroupPolicy_4004.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-GroupPolicy-Operational_Microsoft-Windows-GroupPolicy_4005.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-GroupPolicy-Operational_Microsoft-Windows-GroupPolicy_4016.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-GroupPolicy-Operational_Microsoft-Windows-GroupPolicy_4017.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Hyper-V-VMMS-Admin_Microsoft-Windows-Hyper-V-Worker_13002.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Hyper-V-Worker-Admin_Microsoft-Windows-Hyper-V-Worker_18500.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Hyper-V-Worker-Admin_Microsoft-Windows-Hyper-V-Worker_18502.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Hyper-V-Worker-Admin_Microsoft-Windows-Hyper-V-Worker_18508.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Hyper-V-Worker-Admin_Microsoft-Windows-Hyper-V-Worker_18514.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Kernel-PnP-Configuration_Microsoft-Windows-Kernel-PnP_400.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Kernel-PnP-Configuration_Microsoft-Windows-Kernel-PnP_410.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Kernel-PnP-Configuration_Microsoft-Windows-Kernel-PnP_430.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-NetworkProfile-Operational_Microsoft-Windows-NetworkProfile_10000.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-NetworkProfile-Operational_Microsoft-Windows-NetworkProfile_10001.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Ntfs-Operational_Microsoft-Windows-Ntfs_142.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Ntfs-Operational_Microsoft-Windows-Ntfs_145.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Ntfs-Operational_Microsoft-Windows-Ntfs_146.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Ntfs-Operational_Microsoft-Windows-Ntfs_151.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Ntfs-Operational_Ntfs_55.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Partition-Diagnostic_Microsoft-Windows-Partition_1006.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-PowerShell-Operational_Microsoft-Windows-PowerShell_4100.map
.ps1
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-PowerShell-Operational_Microsoft-Windows-PowerShell_4103.map
.ps1
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-PowerShell-Operational_Microsoft-Windows-PowerShell_4104.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-PrintService-Operational_Microsoft-Windows-PrintService_307.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-PrintService-Operational_Microsoft-Windows-PrintService_316.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-RemoteDesktopServices-RdpCoreTS-Operational_Microsoft-Windows-RemoteDesktopServices-RdpCoreTS_104.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-RemoteDesktopServices-RdpCoreTS-Operational_Microsoft-Windows-RemoteDesktopServices-RdpCoreTS_131.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-RemoteDesktopServices-RdpCoreTS-Operational_Microsoft-Windows-RemoteDesktopServices-RdpCoreTS_140.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-RemoteDesktopServices-RdpCoreTS-Operational_Microsoft-Windows-RemoteDesktopServices-RdpCoreTS_72.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-RemoteDesktopServices-RdpCoreTS-Operational_Microsoft-Windows-RemoteDesktopServices-RdpCoreTS_98.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-SMBServer-Audit_Microsoft-Windows-SMBServer_3000.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-SMBServer-Operational_Microsoft-Windows-SMBServer_1016.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-SMBServer-Operational_Microsoft-Windows-SMBServer_1017.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-SMBServer-Operational_Microsoft-Windows-SMBServer_1020.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-SMBServer-Security_Microsoft-Windows-SMBServer_551.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_28115.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_9701.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_9702.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_9703.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_9704.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_9705.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_9706.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_9707.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_9708.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_9709.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_9710.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_9711.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Shell-Core-Operational_Microsoft-Windows-Shell-Core_9712.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-SmbClient-Connectivity_Microsoft-Windows-SMBClient_30805.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-SmbClient-Connectivity_Microsoft-Windows-SMBClient_30806.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-SmbClient-Connectivity_Microsoft-Windows-SMBClient_30807.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-SmbClient-Security_Microsoft-Windows-SMBClient_31001.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-SmbClient-Security_Microsoft-Windows-SMBClient_31010.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Storage-ClassPnP-Operational_Microsoft-Windows-StorDiag_507.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Storage-ClassPnP-Operational_Microsoft-Windows-Storage-ClassPnP_507.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Storage-Storport-Operational_Microsoft-Windows-StorPort_504.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Storage-Storport-Operational_Microsoft-Windows-StorPort_505.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-StorageSpaces-Driver-Operational_Microsoft-Windows-StorageSpaces-Driver_207.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Storsvc-Diagnostic_Microsoft-Windows-Storsvc_1001.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_1.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_10.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_11.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_12.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_13.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_14.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_15.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_16.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_17.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_18.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_19.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_2.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_20.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_21.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_22.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_23.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_24.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_25.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_26.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_27.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_3.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_4.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_5.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_6.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_7.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_8.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_9.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TZUtil-Operational_Microsoft-Windows-TZUtil_20001.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TaskScheduler-Operational_Microsoft-Windows-TaskScheduler_100.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TaskScheduler-Operational_Microsoft-Windows-TaskScheduler_102.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TaskScheduler-Operational_Microsoft-Windows-TaskScheduler_106.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TaskScheduler-Operational_Microsoft-Windows-TaskScheduler_119.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TaskScheduler-Operational_Microsoft-Windows-TaskScheduler_129.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TaskScheduler-Operational_Microsoft-Windows-TaskScheduler_140.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TaskScheduler-Operational_Microsoft-Windows-TaskScheduler_141.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TaskScheduler-Operational_Microsoft-Windows-TaskScheduler_200.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TaskScheduler-Operational_Microsoft-Windows-TaskScheduler_201.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-Gateway-Operational_Microsoft-Windows-TerminalServices-Gateway_200.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-Gateway-Operational_Microsoft-Windows-TerminalServices-Gateway_300.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-Gateway-Operational_Microsoft-Windows-TerminalServices-Gateway_302.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-Gateway-Operational_Microsoft-Windows-TerminalServices-Gateway_303.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-Gateway-Operational_Microsoft-Windows-TerminalServices-Gateway_312.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-Gateway-Operational_Microsoft-Windows-TerminalServices-Gateway_313.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-LocalSessionManager-Operational_Microsoft-Windows-TerminalServices-LocalSessionManager_21.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-LocalSessionManager-Operational_Microsoft-Windows-TerminalServices-LocalSessionManager_22.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-LocalSessionManager-Operational_Microsoft-Windows-TerminalServices-LocalSessionManager_23.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-LocalSessionManager-Operational_Microsoft-Windows-TerminalServices-LocalSessionManager_24.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-LocalSessionManager-Operational_Microsoft-Windows-TerminalServices-LocalSessionManager_25.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-LocalSessionManager-Operational_Microsoft-Windows-TerminalServices-LocalSessionManager_39.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-LocalSessionManager-Operational_Microsoft-Windows-TerminalServices-LocalSessionManager_40.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-LocalSessionManager-Operational_Microsoft-Windows-TerminalServices-LocalSessionManager_41.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-RDPClient-Operational_Microsoft-Windows-TerminalServices-ClientActiveXCore_1024.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-RDPClient-Operational_Microsoft-Windows-TerminalServices-ClientActiveXCore_1025.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-RDPClient-Operational_Microsoft-Windows-TerminalServices-ClientActiveXCore_1026.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-RDPClient-Operational_Microsoft-Windows-TerminalServices-ClientActiveXCore_1027.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-RDPClient-Operational_Microsoft-Windows-TerminalServices-ClientActiveXCore_1029.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-RDPClient-Operational_Microsoft-Windows-TerminalServices-ClientActiveXCore_1102.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-RDPClient-Operational_Microsoft-Windows-TerminalServices-ClientActiveXCore_1103.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-RDPClient-Operational_Microsoft-Windows-TerminalServices-ClientActiveXCore_1105.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-RemoteConnectionManager-Operational_Microsoft-Windows-TerminalServices-RemoteConnectionManager_1149.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-TerminalServices-RemoteConnectionManager-Operational_Microsoft-Windows-TerminalServices-RemoteConnectionManager_261.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-UniversalTelemetryClient-Operational_Microsoft-Windows-UniversalTelemetryClient_55.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-User-Profile-Service-Operational_Microsoft-Windows-User-Profiles-Service_2.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-User-Profile-Service-Operational_Microsoft-Windows-User-Profiles-Service_4.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-User-Profile-Service-Operational_Microsoft-Windows-User-Profiles-Service_67.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-VHDMP-Operational_Microsoft-Windows-VHDMP_1.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-VHDMP-Operational_Microsoft-Windows-VHDMP_1_Current.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-VHDMP-Operational_Microsoft-Windows-VHDMP_1_Legacy.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-VHDMP-Operational_Microsoft-Windows-VHDMP_2.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-VHDMP-Operational_Microsoft-Windows-VHDMP_2_Current.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-VHDMP-Operational_Microsoft-Windows-VHDMP_2_Legacy.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-VHDMP-Operational_Microsoft-Windows-VHDMP_50_Current.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-VHDMP-Operational_Microsoft-Windows-VHDMP_51_Current.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-WER-Diag-Operational_Microsoft-Windows-WER-Diag_4.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-WLAN-AutoConfig-Operational_Microsoft-Windows-WLAN-AutoConfig_8000.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-WLAN-AutoConfig-Operational_Microsoft-Windows-WLAN-AutoConfig_8001.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-WLAN-AutoConfig-Operational_Microsoft-Windows-WLAN-AutoConfig_8002.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-WLAN-AutoConfig-Operational_Microsoft-Windows-WLAN-AutoConfig_8003.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-WMI-Activity-Operational_Microsoft-Windows-WMI-Activity_5857.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-WMI-Activity-Operational_Microsoft-Windows-WMI-Activity_5858.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-WMI-Activity-Operational_Microsoft-Windows-WMI-Activity_5860.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-WMI-Activity-Operational_Microsoft-Windows-WMI-Activity_5861.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-WPD-MTPClassDriver-Operational_Microsoft-Windows-WPD-MTPClassDriver_1005.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-WinINet-Config-ProxyConfigChanged_Microsoft-Windows-WinINet-Config_5600.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-WinRM-Operational_Microsoft-Windows-WinRM_169.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1000.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1001.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1002.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1003.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1004.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1005.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1006.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1008.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1011.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1013.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1116.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1117.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_1150.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_2000.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_5000.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_5001.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Defender-Operational_Microsoft-Windows-Windows-Defender_5007.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Firewall-With-Advanced-Security-Firewall_Microsoft-Windows-Windows-Firewall-With-Advanced-Security_2003.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Firewall-With-Advanced-Security-Firewall_Microsoft-Windows-Windows-Firewall-With-Advanced-Security_2004.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Firewall-With-Advanced-Security-Firewall_Microsoft-Windows-Windows-Firewall-With-Advanced-Security_2005.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Firewall-With-Advanced-Security-Firewall_Microsoft-Windows-Windows-Firewall-With-Advanced-Security_2006.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Windows-Firewall-With-Advanced-Security-Firewall_Microsoft-Windows-Windows-Firewall-With-Advanced-Security_2011.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Winlogon-Operational_Microsoft-Windows-Winlogon_811.map
KAPE/Modules/bin/EvtxECmd/Maps/Microsoft-Windows-Winlogon-Operational_Microsoft-Windows-Winlogon_812.map
KAPE/Modules/bin/EvtxECmd/Maps/OAlerts_Microsoft-Office-14-Alerts_300.map
KAPE/Modules/bin/EvtxECmd/Maps/OAlerts_Microsoft-Office-15-Alerts_300.map
KAPE/Modules/bin/EvtxECmd/Maps/OAlerts_Microsoft-Office-16-Alerts_300.map
KAPE/Modules/bin/EvtxECmd/Maps/OpenSSH-Operational_OpenSSH_4.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Eventlog_1100.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Eventlog_1102.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4608.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4611.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4616.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4624.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4625.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4634.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4647.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4648.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4656.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4657.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4658.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4661.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4662.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4663.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4672.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4673.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4674.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4688.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4689.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4696.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4697.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4698.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4699.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4700.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4701.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4702.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4703.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4704.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4705.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4706.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4707.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4713.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4716.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4717.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4718.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4719.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4720.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4722.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4723.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4724.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4725.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4726.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4728.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4731.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4732.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4733.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4734.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4735.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4738.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4740.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4741.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4742.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4743.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4764.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4768.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4769.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4770.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4771.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4772.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4773.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4774.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4775.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4776.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4777.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4778.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4779.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4781.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4782.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4793.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4797.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4798.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4799.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4800.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4801.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4802.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_4803.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5136.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5137.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5138.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5139.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5140.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5141.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5142.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5143.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5144.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5145.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5152.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5154.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5156.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5157.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5158.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5159.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_5379.map
KAPE/Modules/bin/EvtxECmd/Maps/Security_Microsoft-Windows-Security-Auditing_6416.map
KAPE/Modules/bin/EvtxECmd/Maps/SentinelOne-Operational_26.map
KAPE/Modules/bin/EvtxECmd/Maps/SentinelOne-Operational_31.map
KAPE/Modules/bin/EvtxECmd/Maps/SentinelOne-Operational_32.map
KAPE/Modules/bin/EvtxECmd/Maps/SentinelOne-Operational_81.map
KAPE/Modules/bin/EvtxECmd/Maps/SentinelOne-Operational_91.map
KAPE/Modules/bin/EvtxECmd/Maps/Splashtop-Splashtop Streamer-Remote Session-Operational_Splashtop-Splashtop Streamer-Remote Session_1000.map
KAPE/Modules/bin/EvtxECmd/Maps/Splashtop-Splashtop Streamer-Remote Session-Operational_Splashtop-Splashtop Streamer-Remote Session_1001.map
KAPE/Modules/bin/EvtxECmd/Maps/Splashtop-Splashtop Streamer-Remote Session-Operational_Splashtop-Splashtop Streamer-Remote Session_1100.map
KAPE/Modules/bin/EvtxECmd/Maps/Splashtop-Splashtop Streamer-Remote Session-Operational_Splashtop-Splashtop Streamer-Remote Session_1101.map
KAPE/Modules/bin/EvtxECmd/Maps/Splashtop-Splashtop Streamer-Remote Session-Operational_Splashtop-Splashtop Streamer-Remote Session_1110.map
KAPE/Modules/bin/EvtxECmd/Maps/Splashtop-Splashtop Streamer-Remote Session-Operational_Splashtop-Splashtop Streamer-Remote Session_1111.map
KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_100.map
KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_101.map
KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_12.map
KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_129.map
KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_2.map
KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_200.map
KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_201.map
KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_202.map
KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_21.map
KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_23.map
KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_24.map
KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_3.map
KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_34054.map
KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_34056.map
KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_51.map
KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_69.map
KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_7.map
KAPE/Modules/bin/EvtxECmd/Maps/Symantec-Endpoint-Protection-Client_Symantec-Endpoint-Protection-Client_80.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Application-Popup_26.map
KAPE/Modules/bin/EvtxECmd/Maps/System_EventLog_6005.map
KAPE/Modules/bin/EvtxECmd/Maps/System_EventLog_6006.map
KAPE/Modules/bin/EvtxECmd/Maps/System_EventLog_6008.map
KAPE/Modules/bin/EvtxECmd/Maps/System_EventLog_6013.map
KAPE/Modules/bin/EvtxECmd/Maps/System_LsaSrv_40960.map
KAPE/Modules/bin/EvtxECmd/Maps/System_LsaSrv_45057.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Antimalware_1116.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-GroupPolicy_1129.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-Audit-CVE_2.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-DistributedCOM_10028.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-DriverFrameworks-UserMode_10000.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-Eventlog_104.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-GroupPolicy_1130.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-GroupPolicy_1500.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-GroupPolicy_1501.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-Kernel-General_1.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-Kernel-General_12.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-Kernel-General_13.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-Kernel-Power_42.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-Power-Troubleshooter_1.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-Time-Service_35.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-Time-Service_37.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-UserPnp_20001.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-UserPnp_20003.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-Winlogon_7001.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Microsoft-Windows-Winlogon_7002.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Service-Control-Manager_7031.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Service-Control-Manager_7034.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Service-Control-Manager_7035.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Service-Control-Manager_7036.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Service-Control-Manager_7040.map
KAPE/Modules/bin/EvtxECmd/Maps/System_Service-Control-Manager_7045.map
KAPE/Modules/bin/EvtxECmd/Maps/System_TermDD_56.map
KAPE/Modules/bin/EvtxECmd/Maps/System_User32_1074.map
KAPE/Modules/bin/EvtxECmd/Maps/Varonis_VrnsCifsQueueReport_5118.map
KAPE/Modules/bin/EvtxECmd/Maps/Varonis_VrnsCifsQueueReport_5120.map
KAPE/Modules/bin/EvtxECmd/Maps/Varonis_VrnsCifsQueue_5129.map
KAPE/Modules/bin/EvtxECmd/Maps/Varonis_VrnsCifsQueue_5138.map
KAPE/Modules/bin/EvtxECmd/Maps/Varonis_VrnsCifsQueue_5140.map
KAPE/Modules/bin/EvtxECmd/Maps/Varonis_VrnsCifsQueue_5172.map
KAPE/Modules/bin/EvtxECmd/Maps/Varonis_VrnsCifsQueue_5176.map
KAPE/Modules/bin/EvtxECmd/Maps/Varonis_VrnsCifsQueue_5213.map
KAPE/Modules/bin/EvtxECmd/Maps/Varonis_VrnsCifsQueue_5214.map
KAPE/Modules/bin/EvtxECmd/Maps/Varonis_VrnsCifsQueue_5220.map
KAPE/Modules/bin/EvtxECmd/Maps/Varonis_VrnsMon_5434.map
KAPE/Modules/bin/EvtxECmd/Maps/Varonis_VrnsSvcFW_900.map
KAPE/Modules/bin/EvtxECmd/Maps/Windows-PowerShell_PowerShell_400.map
KAPE/Modules/bin/EvtxECmd/Maps/Windows-PowerShell_PowerShell_403.map
KAPE/Modules/bin/EvtxECmd/Maps/Windows-PowerShell_PowerShell_600.map
KAPE/Modules/bin/EvtxECmd/Maps/Windows-PowerShell_PowerShell_800.map
KAPE/Modules/bin/EvtxECmd/Maps/adPWDManager_adPWDManager_110.map
KAPE/Modules/bin/JLECmd.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

65:21:4a:3b:f7:6b:58:1b:24:27:b7:9c:a9:f1:ad:fe:dd:79:79:fd:ca:7a:48:ba:d8:f9:03:f1:36:04:01:16
Signer

Actual PE Digest

65:21:4a:3b:f7:6b:58:1b:24:27:b7:9c:a9:f1:ad:fe:dd:79:79:fd:ca:7a:48:ba:d8:f9:03:f1:36:04:01:16

Digest Algorithm

sha256

PE Digest Matches

true

e6:b2:cb:4d:44:90:75:40:aa:3a:95:2b:19:95:82:ff:d8:ef:40:af
Signer

Actual PE Digest

e6:b2:cb:4d:44:90:75:40:aa:3a:95:2b:19:95:82:ff:d8:ef:40:af

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Code\JLECmd\JLECmd\obj\Release\net462\JLECmd.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/LECmd.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a4:55:67:e7:c2:9e:3a:26:97:dc:c0:d2:f0:c6:dd:58:3c:1b:d8:9b:2d:81:27:d1:31:22:82:d7:72:45:0e
Signer

Actual PE Digest

1d:a4:55:67:e7:c2:9e:3a:26:97:dc:c0:d2:f0:c6:dd:58:3c:1b:d8:9b:2d:81:27:d1:31:22:82:d7:72:45:0e

Digest Algorithm

sha256

PE Digest Matches

true

d4:bb:51:95:c7:36:15:20:e0:4a:ae:de:61:90:a8:b8:09:aa:6a:36
Signer

Actual PE Digest

d4:bb:51:95:c7:36:15:20:e0:4a:ae:de:61:90:a8:b8:09:aa:6a:36

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Code\LECmd\LECmd\obj\Release\net462\LECmd.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/MFTECmd.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f3:7c:f8:8c:68:b3:27:01:fe:77:02:cc:3c:b2:98:6f:3c:57:22:08:40:57:fa:c2:9c:4e:e7:33:83:a1:8e:f8
Signer

Actual PE Digest

f3:7c:f8:8c:68:b3:27:01:fe:77:02:cc:3c:b2:98:6f:3c:57:22:08:40:57:fa:c2:9c:4e:e7:33:83:a1:8e:f8

Digest Algorithm

sha256

PE Digest Matches

true

ac:2e:e4:6d:95:ca:20:5d:31:cf:27:da:7f:67:56:78:d3:2b:1a:93
Signer

Actual PE Digest

ac:2e:e4:6d:95:ca:20:5d:31:cf:27:da:7f:67:56:78:d3:2b:1a:93

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Code\MFTECmd\MFTECmd\obj\Release\net462\MFTECmd.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/PECmd.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23-10-2020 00:00

Not After

22-01-2032 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23-10-2020 00:00

Not After

22-01-2032 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8d:73:b7:62:68:24:33:4a:99:30:a7:56:f8:8b:60:aa:5a:5d:6e:d3:2b:0e:81:aa:f4:51:41:1a:0d:de:08:00
Signer

Actual PE Digest

8d:73:b7:62:68:24:33:4a:99:30:a7:56:f8:8b:60:aa:5a:5d:6e:d3:2b:0e:81:aa:f4:51:41:1a:0d:de:08:00

Digest Algorithm

sha256

PE Digest Matches

true

6c:3e:36:16:10:46:aa:0e:f8:26:99:03:25:78:f5:db:ac:53:5e:2f
Signer

Actual PE Digest

6c:3e:36:16:10:46:aa:0e:f8:26:99:03:25:78:f5:db:ac:53:5e:2f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Code\PECmd\PECmd\obj\Release\net462\PECmd.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RBCmd.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4c:51:86:44:59:ff:59:4d:20:3d:2b:65:8a:1a:ef:81:8e:b2:73:98:9f:54:aa:48:a8:1e:c7:77:24:ea:55:08
Signer

Actual PE Digest

4c:51:86:44:59:ff:59:4d:20:3d:2b:65:8a:1a:ef:81:8e:b2:73:98:9f:54:aa:48:a8:1e:c7:77:24:ea:55:08

Digest Algorithm

sha256

PE Digest Matches

true

ca:8b:4d:dc:8e:c0:4c:88:ae:08:e3:b4:c4:00:0f:af:f3:25:c0:5e
Signer

Actual PE Digest

ca:8b:4d:dc:8e:c0:4c:88:ae:08:e3:b4:c4:00:0f:af:f3:25:c0:5e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Code\RBCmd\RBCmd\obj\Release\net462\RBCmd.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 266KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/BatchExamples/!RECmdBatch.guide
KAPE/Modules/bin/RECmd/BatchExamples/!RECmdBatch.template
KAPE/Modules/bin/RECmd/BatchExamples/AllRegExecutablesFoundOrRun.reb
KAPE/Modules/bin/RECmd/BatchExamples/BCDBootVolume.reb
KAPE/Modules/bin/RECmd/BatchExamples/BasicSystemInfo.reb
KAPE/Modules/bin/RECmd/BatchExamples/BatchExample.reb
KAPE/Modules/bin/RECmd/BatchExamples/BatchExampleServices.reb
KAPE/Modules/bin/RECmd/BatchExamples/BatchExampleSysCache.reb
KAPE/Modules/bin/RECmd/BatchExamples/BatchExampleUserAssist.reb
KAPE/Modules/bin/RECmd/BatchExamples/BatchExampleWildCard.reb
KAPE/Modules/bin/RECmd/BatchExamples/BinaryIncludeDemo.reb
KAPE/Modules/bin/RECmd/BatchExamples/InstalledSoftware.reb
KAPE/Modules/bin/RECmd/BatchExamples/Kroll_Batch.md
KAPE/Modules/bin/RECmd/BatchExamples/Kroll_Batch.reb
KAPE/Modules/bin/RECmd/BatchExamples/README.md
KAPE/Modules/bin/RECmd/BatchExamples/RECmd_Batch_MC.reb
KAPE/Modules/bin/RECmd/BatchExamples/RegistryASEPs.reb
KAPE/Modules/bin/RECmd/BatchExamples/SoftwareASEPs.reb
KAPE/Modules/bin/RECmd/BatchExamples/SoftwareClassesASEPs.reb
KAPE/Modules/bin/RECmd/BatchExamples/SoftwareWoW6432ASEPs.reb
KAPE/Modules/bin/RECmd/BatchExamples/SystemASEPs.reb
KAPE/Modules/bin/RECmd/BatchExamples/UserActivity.reb
KAPE/Modules/bin/RECmd/BatchExamples/UserClassesASEPs.reb
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.7-ZipHistory.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c9:68:4f:c4:c6:c1:f2:3d:c2:f8:86:8b:46:24:19:6f:43:ef:a4:73:6e:79:f9:c3:bd:bc:50:be:02:16:9a:80
Signer

Actual PE Digest

c9:68:4f:c4:c6:c1:f2:3d:c2:f8:86:8b:46:24:19:6f:43:ef:a4:73:6e:79:f9:c3:bd:bc:50:be:02:16:9a:80

Digest Algorithm

sha256

PE Digest Matches

true

df:e4:e2:86:e7:48:67:b4:a9:f5:0a:6b:34:b8:f5:49:8a:31:12:48
Signer

Actual PE Digest

df:e4:e2:86:e7:48:67:b4:a9:f5:0a:6b:34:b8:f5:49:8a:31:12:48

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.7-ZipHistory\obj\Release\netstandard2.0\RegistryPlugin.7-ZipHistory.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.Adobe.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:b7:eb:e6:85:3b:46:2e:1e:89:ed:7d:1a:24:7e:ac:85:f1:63:de:02:6e:8a:7c:b2:3e:09:3f:28:1e:7b:cd
Signer

Actual PE Digest

45:b7:eb:e6:85:3b:46:2e:1e:89:ed:7d:1a:24:7e:ac:85:f1:63:de:02:6e:8a:7c:b2:3e:09:3f:28:1e:7b:cd

Digest Algorithm

sha256

PE Digest Matches

true

47:b2:41:e9:61:1f:0c:af:cf:61:ec:87:a0:bb:c5:74:8e:dd:bb:fe
Signer

Actual PE Digest

47:b2:41:e9:61:1f:0c:af:cf:61:ec:87:a0:bb:c5:74:8e:dd:bb:fe

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.Adobe\obj\Release\netstandard2.0\RegistryPlugin.Adobe.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.Amcache-InventoryApplication.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ab:e2:6d:47:75:6e:b1:6f:6d:3e:01:c9:d5:1c:c5:61:a8:67:0f:bc:a6:9d:76:54:2d:fb:ac:29:71:a6:64:5c
Signer

Actual PE Digest

ab:e2:6d:47:75:6e:b1:6f:6d:3e:01:c9:d5:1c:c5:61:a8:67:0f:bc:a6:9d:76:54:2d:fb:ac:29:71:a6:64:5c

Digest Algorithm

sha256

PE Digest Matches

true

01:2e:57:37:63:d7:05:c4:4d:a2:b9:d2:cf:a2:83:7b:2d:8b:40:4a
Signer

Actual PE Digest

01:2e:57:37:63:d7:05:c4:4d:a2:b9:d2:cf:a2:83:7b:2d:8b:40:4a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.Amcache-InventoryApplication\obj\Release\netstandard2.0\RegistryPlugin.Amcache-InventoryApplication.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.Amcache-InventoryApplicationFile.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ab:53:71:9d:62:43:6d:2a:88:df:33:27:38:13:a5:3b:b7:a9:24:fb:ec:eb:5e:f1:15:83:8e:0e:fc:1c:fa:3d
Signer

Actual PE Digest

ab:53:71:9d:62:43:6d:2a:88:df:33:27:38:13:a5:3b:b7:a9:24:fb:ec:eb:5e:f1:15:83:8e:0e:fc:1c:fa:3d

Digest Algorithm

sha256

PE Digest Matches

true

b8:7f:73:05:be:dc:58:08:c8:2a:93:74:73:c1:dc:95:e2:30:62:29
Signer

Actual PE Digest

b8:7f:73:05:be:dc:58:08:c8:2a:93:74:73:c1:dc:95:e2:30:62:29

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.Amcache-InventoryApplicationFile\obj\Release\netstandard2.0\RegistryPlugin.Amcache-InventoryApplicationFile.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.Amcache-InventoryApplicationShortcut.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

25:c2:09:a4:c7:18:38:f9:9f:71:90:48:2d:be:59:70:9c:1a:98:74:7f:4c:01:f4:73:c1:7c:1e:12:23:5f:82
Signer

Actual PE Digest

25:c2:09:a4:c7:18:38:f9:9f:71:90:48:2d:be:59:70:9c:1a:98:74:7f:4c:01:f4:73:c1:7c:1e:12:23:5f:82

Digest Algorithm

sha256

PE Digest Matches

true

48:d1:cb:e4:02:9d:29:32:a7:82:66:53:03:11:ca:2b:3f:81:40:fd
Signer

Actual PE Digest

48:d1:cb:e4:02:9d:29:32:a7:82:66:53:03:11:ca:2b:3f:81:40:fd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.Amcache-InventoryApplicationShortcut\obj\Release\netstandard2.0\RegistryPlugin.Amcache-InventoryApplicationShortcut.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.Amcache-InventoryDeviceContainer.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6f:34:54:6c:26:d5:a0:f2:af:8e:82:03:80:c5:98:b8:fd:e2:27:4c:34:a9:29:0a:4a:14:df:b5:34:91:4d:a5
Signer

Actual PE Digest

6f:34:54:6c:26:d5:a0:f2:af:8e:82:03:80:c5:98:b8:fd:e2:27:4c:34:a9:29:0a:4a:14:df:b5:34:91:4d:a5

Digest Algorithm

sha256

PE Digest Matches

true

12:e5:1c:f2:be:aa:d9:2e:cc:2f:04:6f:a8:7e:73:82:ef:5c:ac:8f
Signer

Actual PE Digest

12:e5:1c:f2:be:aa:d9:2e:cc:2f:04:6f:a8:7e:73:82:ef:5c:ac:8f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.Amcache-InventoryDeviceContainer\obj\Release\netstandard2.0\RegistryPlugin.Amcache-InventoryDeviceContainer.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.Amcache-InventoryDevicePnp.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b2:e2:84:4b:ee:82:78:e9:9d:ca:af:7e:db:e4:5d:fa:83:a0:1c:fe:ab:64:d6:6d:19:ae:2d:d8:84:40:d3:1b
Signer

Actual PE Digest

b2:e2:84:4b:ee:82:78:e9:9d:ca:af:7e:db:e4:5d:fa:83:a0:1c:fe:ab:64:d6:6d:19:ae:2d:d8:84:40:d3:1b

Digest Algorithm

sha256

PE Digest Matches

true

67:47:01:75:80:57:51:a1:eb:16:da:a5:da:6a:ec:e1:7a:b8:37:ef
Signer

Actual PE Digest

67:47:01:75:80:57:51:a1:eb:16:da:a5:da:6a:ec:e1:7a:b8:37:ef

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.Amcache-InventoryDevicePnp\obj\Release\netstandard2.0\RegistryPlugin.Amcache-InventoryDevicePnp.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.Amcache-InventoryDriverBinary.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

21:fd:74:39:2c:62:5a:84:73:a0:59:63:e4:4a:b9:c9:f2:a9:03:b4:84:45:98:2d:7d:41:ba:e2:e6:a7:3b:99
Signer

Actual PE Digest

21:fd:74:39:2c:62:5a:84:73:a0:59:63:e4:4a:b9:c9:f2:a9:03:b4:84:45:98:2d:7d:41:ba:e2:e6:a7:3b:99

Digest Algorithm

sha256

PE Digest Matches

true

b6:e9:00:10:b5:0e:9f:50:f6:1f:45:75:77:9c:9c:9c:7b:88:c0:53
Signer

Actual PE Digest

b6:e9:00:10:b5:0e:9f:50:f6:1f:45:75:77:9c:9c:9c:7b:88:c0:53

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.Amcache-InventoryDriverBinary\obj\Release\netstandard2.0\RegistryPlugin.Amcache-InventoryDriverBinary.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.AppCompatCache.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

41:77:31:5d:fc:69:55:a7:66:c9:45:66:5a:03:d2:62:12:9c:49:ab:76:4d:0a:e5:a6:cc:dc:96:ff:4a:12:13
Signer

Actual PE Digest

41:77:31:5d:fc:69:55:a7:66:c9:45:66:5a:03:d2:62:12:9c:49:ab:76:4d:0a:e5:a6:cc:dc:96:ff:4a:12:13

Digest Algorithm

sha256

PE Digest Matches

true

4e:12:21:2d:f5:f5:1b:6d:ad:22:a3:5b:5d:09:1a:ce:16:ef:84:1b
Signer

Actual PE Digest

4e:12:21:2d:f5:f5:1b:6d:ad:22:a3:5b:5d:09:1a:ce:16:ef:84:1b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.AppCompatCache\obj\Release\netstandard2.0\RegistryPlugin.AppCompatCache.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.AppCompatFlags.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

14:7f:d6:21:bd:07:31:74:73:a8:9f:57:a3:a9:c7:31:f9:c2:32:ca:d8:3c:49:ce:f8:87:0f:0d:cb:aa:28:a5
Signer

Actual PE Digest

14:7f:d6:21:bd:07:31:74:73:a8:9f:57:a3:a9:c7:31:f9:c2:32:ca:d8:3c:49:ce:f8:87:0f:0d:cb:aa:28:a5

Digest Algorithm

sha256

PE Digest Matches

true

18:91:35:0b:32:b5:b7:1a:b0:ec:35:d2:fc:3a:fa:7b:72:be:57:35
Signer

Actual PE Digest

18:91:35:0b:32:b5:b7:1a:b0:ec:35:d2:fc:3a:fa:7b:72:be:57:35

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.AppCompatFlags\obj\Release\netstandard2.0\RegistryPlugin.AppCompatFlags.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.AppCompatFlags2.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b1:b6:c6:94:01:48:0c:4d:47:2a:75:3c:73:df:04:a6:2d:28:c7:19:f1:99:7b:8f:ff:84:6c:ab:49:d3:a2:93
Signer

Actual PE Digest

b1:b6:c6:94:01:48:0c:4d:47:2a:75:3c:73:df:04:a6:2d:28:c7:19:f1:99:7b:8f:ff:84:6c:ab:49:d3:a2:93

Digest Algorithm

sha256

PE Digest Matches

true

f5:94:47:e7:42:61:18:03:f8:7d:f8:fe:e0:51:bb:0f:b4:59:a8:7b
Signer

Actual PE Digest

f5:94:47:e7:42:61:18:03:f8:7d:f8:fe:e0:51:bb:0f:b4:59:a8:7b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.AppCompatFlags2\obj\Release\netstandard2.0\RegistryPlugin.AppCompatFlags2.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.AppPaths.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cd:c8:e5:da:a7:1a:e1:2b:62:a4:db:1d:ff:8d:99:1f:c3:af:27:85:cc:16:47:3d:7b:65:1e:95:c0:c1:19:38
Signer

Actual PE Digest

cd:c8:e5:da:a7:1a:e1:2b:62:a4:db:1d:ff:8d:99:1f:c3:af:27:85:cc:16:47:3d:7b:65:1e:95:c0:c1:19:38

Digest Algorithm

sha256

PE Digest Matches

true

04:fb:88:cd:8b:41:56:76:e4:e2:51:c3:91:20:fc:99:9e:7e:f0:24
Signer

Actual PE Digest

04:fb:88:cd:8b:41:56:76:e4:e2:51:c3:91:20:fc:99:9e:7e:f0:24

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.AppPaths\obj\Release\netstandard2.0\RegistryPlugin.AppPaths.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.Ares.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

37:4b:20:8c:f0:c6:df:c1:7f:d6:55:fd:20:e3:7c:63:bb:a3:f1:3d:f1:b4:5c:9f:11:ad:7f:65:d5:6d:f8:f1
Signer

Actual PE Digest

37:4b:20:8c:f0:c6:df:c1:7f:d6:55:fd:20:e3:7c:63:bb:a3:f1:3d:f1:b4:5c:9f:11:ad:7f:65:d5:6d:f8:f1

Digest Algorithm

sha256

PE Digest Matches

true

04:8d:dd:5e:36:45:70:5d:97:30:b6:73:7b:61:96:67:68:7d:73:cf
Signer

Actual PE Digest

04:8d:dd:5e:36:45:70:5d:97:30:b6:73:7b:61:96:67:68:7d:73:cf

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.Ares\obj\Release\netstandard2.0\RegistryPlugin.Ares.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.BamDam.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

74:eb:99:17:14:95:23:fc:84:d8:a9:24:54:b4:68:2b:16:99:03:e4:4f:28:a6:8f:2d:e3:1a:33:43:a0:2a:94
Signer

Actual PE Digest

74:eb:99:17:14:95:23:fc:84:d8:a9:24:54:b4:68:2b:16:99:03:e4:4f:28:a6:8f:2d:e3:1a:33:43:a0:2a:94

Digest Algorithm

sha256

PE Digest Matches

true

e4:31:2d:d7:4f:02:04:d8:f7:d3:5d:fd:90:57:ee:bf:99:a0:4b:6e
Signer

Actual PE Digest

e4:31:2d:d7:4f:02:04:d8:f7:d3:5d:fd:90:57:ee:bf:99:a0:4b:6e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.Bam\obj\Release\netstandard2.0\RegistryPlugin.BamDam.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.BluetoothServicesBthPort.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b3:dc:56:23:69:9d:b1:df:ad:96:c4:61:79:31:23:c6:38:6a:00:50:96:26:c2:fa:2c:c4:e4:e2:d2:5d:9a:e0
Signer

Actual PE Digest

b3:dc:56:23:69:9d:b1:df:ad:96:c4:61:79:31:23:c6:38:6a:00:50:96:26:c2:fa:2c:c4:e4:e2:d2:5d:9a:e0

Digest Algorithm

sha256

PE Digest Matches

true

60:78:d2:a6:bc:44:af:c9:54:2e:33:0e:cb:07:4a:c8:b1:2d:41:a5
Signer

Actual PE Digest

60:78:d2:a6:bc:44:af:c9:54:2e:33:0e:cb:07:4a:c8:b1:2d:41:a5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.BluetoothServicesBthPort\obj\Release\netstandard2.0\RegistryPlugin.BluetoothServicesBthPort.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.CIDSizeMRU.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e3:ac:a1:3c:54:b3:2b:ee:92:34:6e:e4:48:83:1a:c8:df:6e:78:ea:75:1b:4f:b1:dd:b6:92:62:1f:cf:09:9c
Signer

Actual PE Digest

e3:ac:a1:3c:54:b3:2b:ee:92:34:6e:e4:48:83:1a:c8:df:6e:78:ea:75:1b:4f:b1:dd:b6:92:62:1f:cf:09:9c

Digest Algorithm

sha256

PE Digest Matches

true

fb:a5:b5:63:b8:3b:6c:b0:b8:d0:c4:bc:7c:df:ea:e4:43:3f:24:ac
Signer

Actual PE Digest

fb:a5:b5:63:b8:3b:6c:b0:b8:d0:c4:bc:7c:df:ea:e4:43:3f:24:ac

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.CIDSizeMRU\obj\Release\netstandard2.0\RegistryPlugin.CIDSizeMRU.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.DHCPNetworkHint.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b3:4b:ba:0a:2c:74:40:e5:7b:55:d7:2f:7e:35:78:7f:9b:d0:db:06:fc:b1:80:5f:a4:08:d3:f6:9d:f6:10:7b
Signer

Actual PE Digest

b3:4b:ba:0a:2c:74:40:e5:7b:55:d7:2f:7e:35:78:7f:9b:d0:db:06:fc:b1:80:5f:a4:08:d3:f6:9d:f6:10:7b

Digest Algorithm

sha256

PE Digest Matches

true

99:c5:57:41:1d:77:10:69:a5:77:55:c5:0a:98:c4:df:66:60:4b:45
Signer

Actual PE Digest

99:c5:57:41:1d:77:10:69:a5:77:55:c5:0a:98:c4:df:66:60:4b:45

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.DHCPNetworkHint\obj\Release\netstandard2.0\RegistryPlugin.DHCPNetworkHint.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.DeviceClasses.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

60:29:e9:d0:9e:00:58:5b:1d:0d:8e:6b:d8:ca:eb:74:d1:99:dd:b4:12:d1:14:06:bd:a6:82:49:fa:c3:7a:a2
Signer

Actual PE Digest

60:29:e9:d0:9e:00:58:5b:1d:0d:8e:6b:d8:ca:eb:74:d1:99:dd:b4:12:d1:14:06:bd:a6:82:49:fa:c3:7a:a2

Digest Algorithm

sha256

PE Digest Matches

true

1a:e6:5f:43:e9:c1:25:8f:a4:93:56:c5:4a:1f:96:90:a2:18:ed:af
Signer

Actual PE Digest

1a:e6:5f:43:e9:c1:25:8f:a4:93:56:c5:4a:1f:96:90:a2:18:ed:af

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.DeviceClasses\obj\Release\netstandard2.0\RegistryPlugin.DeviceClasses.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.FeatureUsage.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6b:75:0c:d8:6a:bc:34:1a:4c:e3:74:f8:42:13:a8:0e:b8:c0:11:73:cf:66:1f:7d:a7:2d:dc:87:b5:a9:4f:de
Signer

Actual PE Digest

6b:75:0c:d8:6a:bc:34:1a:4c:e3:74:f8:42:13:a8:0e:b8:c0:11:73:cf:66:1f:7d:a7:2d:dc:87:b5:a9:4f:de

Digest Algorithm

sha256

PE Digest Matches

true

a5:e9:74:8e:a2:b1:78:36:b6:a4:c6:5b:fa:64:e7:cc:b0:6f:c6:34
Signer

Actual PE Digest

a5:e9:74:8e:a2:b1:78:36:b6:a4:c6:5b:fa:64:e7:cc:b0:6f:c6:34

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.FeatureUsage\obj\Release\netstandard2.0\RegistryPlugin.FeatureUsage.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.FileExts.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fb:6b:82:12:04:cc:92:de:c2:40:fd:ed:2a:3d:53:6c:84:b9:6b:08:2e:58:5b:02:5b:79:54:e8:72:78:5f:ee
Signer

Actual PE Digest

fb:6b:82:12:04:cc:92:de:c2:40:fd:ed:2a:3d:53:6c:84:b9:6b:08:2e:58:5b:02:5b:79:54:e8:72:78:5f:ee

Digest Algorithm

sha256

PE Digest Matches

true

55:39:19:55:8b:62:a7:0d:d0:a0:d8:27:13:ad:71:22:cd:45:23:c2
Signer

Actual PE Digest

55:39:19:55:8b:62:a7:0d:d0:a0:d8:27:13:ad:71:22:cd:45:23:c2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.FileExts\obj\Release\netstandard2.0\RegistryPlugin.FileExts.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.FirewallRules.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a4:d9:9a:6a:e8:80:3a:a5:ff:83:43:30:42:e2:19:96:b0:28:1a:a2:aa:d0:64:02:6d:0e:db:d3:af:ac:37:6d
Signer

Actual PE Digest

a4:d9:9a:6a:e8:80:3a:a5:ff:83:43:30:42:e2:19:96:b0:28:1a:a2:aa:d0:64:02:6d:0e:db:d3:af:ac:37:6d

Digest Algorithm

sha256

PE Digest Matches

true

76:5f:04:a3:27:29:a1:19:29:39:66:e1:0f:14:80:1b:df:17:27:4e
Signer

Actual PE Digest

76:5f:04:a3:27:29:a1:19:29:39:66:e1:0f:14:80:1b:df:17:27:4e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.FirewallRules\obj\Release\netstandard2.0\RegistryPlugin.FirewallRules.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.FirstFolder.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

de:df:3d:79:b6:5d:1b:dd:36:60:9e:cf:a9:20:ea:b3:95:17:15:87:d6:56:08:a4:82:28:6e:e2:3e:1d:4d:c4
Signer

Actual PE Digest

de:df:3d:79:b6:5d:1b:dd:36:60:9e:cf:a9:20:ea:b3:95:17:15:87:d6:56:08:a4:82:28:6e:e2:3e:1d:4d:c4

Digest Algorithm

sha256

PE Digest Matches

true

4a:33:f8:c1:ce:f1:cb:ad:b5:f9:96:88:b1:51:ff:51:19:3b:ba:64
Signer

Actual PE Digest

4a:33:f8:c1:ce:f1:cb:ad:b5:f9:96:88:b1:51:ff:51:19:3b:ba:64

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.FirstFolder\obj\Release\netstandard2.0\RegistryPlugin.FirstFolder.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.IconLayouts.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

38:b7:ef:cf:ac:a0:77:2a:82:a4:a2:27:f8:a3:38:12:ef:d8:80:0b:d8:47:40:2f:5f:aa:69:c9:3a:fe:c2:7e
Signer

Actual PE Digest

38:b7:ef:cf:ac:a0:77:2a:82:a4:a2:27:f8:a3:38:12:ef:d8:80:0b:d8:47:40:2f:5f:aa:69:c9:3a:fe:c2:7e

Digest Algorithm

sha256

PE Digest Matches

true

bf:c9:3d:04:63:d0:d2:db:49:e4:ca:1b:06:c2:75:f2:6d:46:ee:39
Signer

Actual PE Digest

bf:c9:3d:04:63:d0:d2:db:49:e4:ca:1b:06:c2:75:f2:6d:46:ee:39

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.IconLayouts\obj\Release\netstandard2.0\RegistryPlugin.IconLayouts.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.JumplistData.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6c:99:df:cb:91:7a:f0:46:0f:f4:80:48:12:e0:55:81:0e:a6:21:07:2f:89:a3:09:f3:90:ab:58:51:1d:47:07
Signer

Actual PE Digest

6c:99:df:cb:91:7a:f0:46:0f:f4:80:48:12:e0:55:81:0e:a6:21:07:2f:89:a3:09:f3:90:ab:58:51:1d:47:07

Digest Algorithm

sha256

PE Digest Matches

true

ae:d5:de:3c:40:2d:0a:f8:64:c1:48:51:cd:9d:13:53:05:53:cd:0f
Signer

Actual PE Digest

ae:d5:de:3c:40:2d:0a:f8:64:c1:48:51:cd:9d:13:53:05:53:cd:0f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.JumplistData\obj\Release\netstandard2.0\RegistryPlugin.JumplistData.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.KnownNetworks.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b9:5d:52:d3:cc:b1:a6:86:d7:e3:41:ed:b8:7c:2f:01:f2:34:3a:5c:71:a9:0c:90:45:da:fb:1c:86:ac:6b:b2
Signer

Actual PE Digest

b9:5d:52:d3:cc:b1:a6:86:d7:e3:41:ed:b8:7c:2f:01:f2:34:3a:5c:71:a9:0c:90:45:da:fb:1c:86:ac:6b:b2

Digest Algorithm

sha256

PE Digest Matches

true

9f:65:c6:d0:d4:4c:12:e5:44:71:31:05:cc:b6:0e:df:1a:3e:45:7b
Signer

Actual PE Digest

9f:65:c6:d0:d4:4c:12:e5:44:71:31:05:cc:b6:0e:df:1a:3e:45:7b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.KnownNetworks\obj\Release\netstandard2.0\RegistryPlugin.KnownNetworks.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.LastVisitedMRU.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c9:05:0f:7f:10:d6:05:96:dd:46:49:24:bf:7b:93:62:c9:ef:b7:bf:53:5b:04:f8:17:cb:00:ab:2c:f3:7a:ab
Signer

Actual PE Digest

c9:05:0f:7f:10:d6:05:96:dd:46:49:24:bf:7b:93:62:c9:ef:b7:bf:53:5b:04:f8:17:cb:00:ab:2c:f3:7a:ab

Digest Algorithm

sha256

PE Digest Matches

true

13:7a:6d:1b:a6:c4:4c:47:01:7e:f9:fd:ee:6c:0e:e4:64:a3:3c:66
Signer

Actual PE Digest

13:7a:6d:1b:a6:c4:4c:47:01:7e:f9:fd:ee:6c:0e:e4:64:a3:3c:66

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.LastVisitedMRU\obj\Release\netstandard2.0\RegistryPlugin.LastVisitedMRU.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.LastVisitedPidlMRU.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

95:a6:82:29:f0:3f:f7:36:c4:a3:c1:0c:cc:2e:d2:a4:27:9d:2d:20:82:0e:df:48:0d:df:51:1b:e7:f5:59:f5
Signer

Actual PE Digest

95:a6:82:29:f0:3f:f7:36:c4:a3:c1:0c:cc:2e:d2:a4:27:9d:2d:20:82:0e:df:48:0d:df:51:1b:e7:f5:59:f5

Digest Algorithm

sha256

PE Digest Matches

true

e3:c2:cb:16:af:42:5e:55:83:ed:a9:f2:64:80:d1:2c:f7:04:93:79
Signer

Actual PE Digest

e3:c2:cb:16:af:42:5e:55:83:ed:a9:f2:64:80:d1:2c:f7:04:93:79

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.LastVisitedPidlMRU\obj\Release\netstandard2.0\RegistryPlugin.LastVisitedPidlMRU.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.MountedDevices.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1f:09:f9:5c:8a:d6:5e:99:23:ef:ff:b6:a6:0e:1d:89:6b:75:e3:c1:9f:b7:8a:dd:94:12:ee:4b:7d:cf:86:cc
Signer

Actual PE Digest

1f:09:f9:5c:8a:d6:5e:99:23:ef:ff:b6:a6:0e:1d:89:6b:75:e3:c1:9f:b7:8a:dd:94:12:ee:4b:7d:cf:86:cc

Digest Algorithm

sha256

PE Digest Matches

true

57:01:32:6c:92:cf:54:0a:76:78:3d:ff:37:63:af:dc:2c:4a:92:a4
Signer

Actual PE Digest

57:01:32:6c:92:cf:54:0a:76:78:3d:ff:37:63:af:dc:2c:4a:92:a4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryExplorer.MountedDevices\obj\Release\netstandard2.0\RegistryPlugin.MountedDevices.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.NetworkAdapters.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:73:7d:63:87:24:8e:26:21:99:76:06:17:a0:33:90:ff:67:88:1a:52:87:3e:cc:88:20:26:c0:61:db:5f:17
Signer

Actual PE Digest

2e:73:7d:63:87:24:8e:26:21:99:76:06:17:a0:33:90:ff:67:88:1a:52:87:3e:cc:88:20:26:c0:61:db:5f:17

Digest Algorithm

sha256

PE Digest Matches

true

cb:93:8e:0f:e9:5c:ac:46:42:b7:42:6c:d2:9d:80:24:9f:46:15:84
Signer

Actual PE Digest

cb:93:8e:0f:e9:5c:ac:46:42:b7:42:6c:d2:9d:80:24:9f:46:15:84

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.NetworkAdapters\obj\Release\netstandard2.0\RegistryPlugin.NetworkAdapters.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.NetworkSettings.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e8:2c:11:aa:b9:e7:67:d7:29:a9:0b:5f:a7:13:ce:64:e9:bd:e7:b8:09:76:58:70:d8:3f:09:c4:e6:da:9b:80
Signer

Actual PE Digest

e8:2c:11:aa:b9:e7:67:d7:29:a9:0b:5f:a7:13:ce:64:e9:bd:e7:b8:09:76:58:70:d8:3f:09:c4:e6:da:9b:80

Digest Algorithm

sha256

PE Digest Matches

true

58:18:6b:bb:0d:3c:ce:15:c3:79:a7:81:f3:a4:dd:de:1d:6b:b6:32
Signer

Actual PE Digest

58:18:6b:bb:0d:3c:ce:15:c3:79:a7:81:f3:a4:dd:de:1d:6b:b6:32

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.NetworkSettings\obj\Release\netstandard2.0\RegistryPlugin.NetworkSettings.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.NetworkSetup2.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6b:c9:58:9c:9f:b6:e4:76:0a:a6:33:f5:8f:fe:26:d6:8c:a4:1a:1b:59:58:1c:97:35:71:88:96:9f:0c:df:3f
Signer

Actual PE Digest

6b:c9:58:9c:9f:b6:e4:76:0a:a6:33:f5:8f:fe:26:d6:8c:a4:1a:1b:59:58:1c:97:35:71:88:96:9f:0c:df:3f

Digest Algorithm

sha256

PE Digest Matches

true

56:24:96:e4:5b:d2:ef:4b:7e:a8:0a:d4:5e:9d:7c:57:a9:5a:af:53
Signer

Actual PE Digest

56:24:96:e4:5b:d2:ef:4b:7e:a8:0a:d4:5e:9d:7c:57:a9:5a:af:53

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.NetworkSetup2\obj\Release\netstandard2.0\RegistryPlugin.NetworkSetup2.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.OfficeMRU.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1e:76:df:15:b8:5a:4d:80:fd:0f:31:92:15:95:01:21:39:e0:c1:2f:65:73:45:9f:75:b9:89:61:49:df:f2:6c
Signer

Actual PE Digest

1e:76:df:15:b8:5a:4d:80:fd:0f:31:92:15:95:01:21:39:e0:c1:2f:65:73:45:9f:75:b9:89:61:49:df:f2:6c

Digest Algorithm

sha256

PE Digest Matches

true

c7:be:60:69:48:8e:f5:23:8f:e3:1c:57:87:3f:0b:52:d0:77:c5:f7
Signer

Actual PE Digest

c7:be:60:69:48:8e:f5:23:8f:e3:1c:57:87:3f:0b:52:d0:77:c5:f7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.OfficeMRU\obj\Release\netstandard2.0\RegistryPlugin.OfficeMRU.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.OpenSaveMRU.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

32:db:b3:61:eb:65:e2:51:41:1e:bd:13:4c:d1:30:50:9c:c1:1f:98:68:80:ea:d9:f2:d8:a6:d9:26:bf:c6:28
Signer

Actual PE Digest

32:db:b3:61:eb:65:e2:51:41:1e:bd:13:4c:d1:30:50:9c:c1:1f:98:68:80:ea:d9:f2:d8:a6:d9:26:bf:c6:28

Digest Algorithm

sha256

PE Digest Matches

true

9a:cf:f2:7f:1a:51:d3:cb:69:cf:e2:a3:bc:9e:5c:13:c5:1c:26:17
Signer

Actual PE Digest

9a:cf:f2:7f:1a:51:d3:cb:69:cf:e2:a3:bc:9e:5c:13:c5:1c:26:17

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.OpenSaveMRU\obj\Release\netstandard2.0\RegistryPlugin.OpenSaveMRU.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.OpenSavePidlMRU.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cb:27:47:e1:98:c6:53:20:dc:71:46:10:31:fd:56:4f:55:bc:05:fa:a1:0a:68:50:a1:5a:36:b7:3d:db:55:8f
Signer

Actual PE Digest

cb:27:47:e1:98:c6:53:20:dc:71:46:10:31:fd:56:4f:55:bc:05:fa:a1:0a:68:50:a1:5a:36:b7:3d:db:55:8f

Digest Algorithm

sha256

PE Digest Matches

true

15:60:a5:07:0c:a6:92:75:11:00:e0:63:96:b3:d8:13:2a:e4:a3:1c
Signer

Actual PE Digest

15:60:a5:07:0c:a6:92:75:11:00:e0:63:96:b3:d8:13:2a:e4:a3:1c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.OpenSavePidlMRU\obj\Release\netstandard2.0\RegistryPlugin.OpenSavePidlMRU.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.Products.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9e:e1:17:b9:da:86:6e:9c:48:c3:a6:41:90:47:b6:28:d7:bc:ba:f9:1b:86:de:95:05:cc:30:a8:92:56:5d:c6
Signer

Actual PE Digest

9e:e1:17:b9:da:86:6e:9c:48:c3:a6:41:90:47:b6:28:d7:bc:ba:f9:1b:86:de:95:05:cc:30:a8:92:56:5d:c6

Digest Algorithm

sha256

PE Digest Matches

true

7d:45:91:dc:14:2c:2e:8b:55:ab:ea:15:09:ba:9c:bd:f4:1b:32:41
Signer

Actual PE Digest

7d:45:91:dc:14:2c:2e:8b:55:ab:ea:15:09:ba:9c:bd:f4:1b:32:41

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.Products\obj\Release\netstandard2.0\RegistryPlugin.Products.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.ProfileList.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b1:cd:42:9a:52:66:a4:d4:d6:72:f0:59:c6:a6:66:60:99:23:39:71:43:fb:90:cf:5c:e2:87:88:0f:81:28:dc
Signer

Actual PE Digest

b1:cd:42:9a:52:66:a4:d4:d6:72:f0:59:c6:a6:66:60:99:23:39:71:43:fb:90:cf:5c:e2:87:88:0f:81:28:dc

Digest Algorithm

sha256

PE Digest Matches

true

5d:aa:ea:0b:32:e1:06:85:e6:76:2f:3e:54:09:37:7e:77:f9:91:1c
Signer

Actual PE Digest

5d:aa:ea:0b:32:e1:06:85:e6:76:2f:3e:54:09:37:7e:77:f9:91:1c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.ProfileList\obj\Release\netstandard2.0\RegistryPlugin.ProfileList.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.RADAR.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6c:ff:a1:cc:f1:f0:e7:50:50:d6:9d:55:ae:8d:73:65:5f:2b:2a:93:7b:2a:2c:98:45:b7:4c:7f:d1:68:c2:b1
Signer

Actual PE Digest

6c:ff:a1:cc:f1:f0:e7:50:50:d6:9d:55:ae:8d:73:65:5f:2b:2a:93:7b:2a:2c:98:45:b7:4c:7f:d1:68:c2:b1

Digest Algorithm

sha256

PE Digest Matches

true

c3:d6:17:a8:a2:0d:db:8c:e0:1b:c5:db:68:49:94:12:33:4f:03:ae
Signer

Actual PE Digest

c3:d6:17:a8:a2:0d:db:8c:e0:1b:c5:db:68:49:94:12:33:4f:03:ae

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.RADAR\obj\Release\netstandard2.0\RegistryPlugin.RADAR.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.RecentApps.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f0:c7:09:fe:69:a9:c7:35:e8:5b:d3:16:17:f7:65:38:32:b7:ed:5e:27:6d:48:d0:59:90:ce:7c:5c:e2:38:70
Signer

Actual PE Digest

f0:c7:09:fe:69:a9:c7:35:e8:5b:d3:16:17:f7:65:38:32:b7:ed:5e:27:6d:48:d0:59:90:ce:7c:5c:e2:38:70

Digest Algorithm

sha256

PE Digest Matches

true

24:60:37:6b:ad:26:b2:0a:0e:52:4b:e0:d3:15:1e:20:1e:ea:18:61
Signer

Actual PE Digest

24:60:37:6b:ad:26:b2:0a:0e:52:4b:e0:d3:15:1e:20:1e:ea:18:61

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.RecentApps\obj\Release\netstandard2.0\RegistryPlugin.RecentApps.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.RecentDocs.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1f:18:12:b6:31:0c:33:47:dd:75:01:dd:14:6b:fd:c6:c5:0f:77:05:61:19:e2:ec:40:22:3d:ea:7b:69:86:47
Signer

Actual PE Digest

1f:18:12:b6:31:0c:33:47:dd:75:01:dd:14:6b:fd:c6:c5:0f:77:05:61:19:e2:ec:40:22:3d:ea:7b:69:86:47

Digest Algorithm

sha256

PE Digest Matches

true

99:5c:46:29:06:5e:df:fa:d7:c1:0c:f6:54:3f:c3:69:4a:8b:d3:56
Signer

Actual PE Digest

99:5c:46:29:06:5e:df:fa:d7:c1:0c:f6:54:3f:c3:69:4a:8b:d3:56

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.RecentDocs\obj\Release\netstandard2.0\RegistryPlugin.RecentDocs.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.RunMRU.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

92:61:27:98:b4:15:85:ae:b2:a6:af:f7:f6:bb:52:76:da:59:bd:63:5d:d4:5b:01:26:91:5b:5d:2d:96:05:0b
Signer

Actual PE Digest

92:61:27:98:b4:15:85:ae:b2:a6:af:f7:f6:bb:52:76:da:59:bd:63:5d:d4:5b:01:26:91:5b:5d:2d:96:05:0b

Digest Algorithm

sha256

PE Digest Matches

true

18:30:53:aa:d2:2a:7f:f9:d1:4a:49:e6:f3:b1:07:4f:4f:2b:0f:dc
Signer

Actual PE Digest

18:30:53:aa:d2:2a:7f:f9:d1:4a:49:e6:f3:b1:07:4f:4f:2b:0f:dc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.RunMRU\obj\Release\netstandard2.0\RegistryPlugin.RunMRU.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.SAM.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c9:8c:8e:2b:ab:ac:b2:63:ce:d7:7e:a4:52:50:a7:de:54:e4:e8:1a:e6:34:94:25:49:df:9b:a3:8b:3d:10:8b
Signer

Actual PE Digest

c9:8c:8e:2b:ab:ac:b2:63:ce:d7:7e:a4:52:50:a7:de:54:e4:e8:1a:e6:34:94:25:49:df:9b:a3:8b:3d:10:8b

Digest Algorithm

sha256

PE Digest Matches

true

7a:fb:5d:6a:9d:d2:44:f9:c6:06:32:49:04:91:80:81:c6:71:d1:0d
Signer

Actual PE Digest

7a:fb:5d:6a:9d:d2:44:f9:c6:06:32:49:04:91:80:81:c6:71:d1:0d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.SAM\obj\Release\netstandard2.0\RegistryPlugin.SAM.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.SAMBuiltin.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

57:1b:66:4c:1c:06:96:ca:aa:30:ed:89:e0:27:81:07:62:a2:d5:aa:7e:33:4a:3f:bf:ba:f0:96:1c:2b:0b:37
Signer

Actual PE Digest

57:1b:66:4c:1c:06:96:ca:aa:30:ed:89:e0:27:81:07:62:a2:d5:aa:7e:33:4a:3f:bf:ba:f0:96:1c:2b:0b:37

Digest Algorithm

sha256

PE Digest Matches

true

e4:0f:b6:98:89:4b:a7:e4:c7:4b:bb:2a:35:5d:cf:60:ea:f3:4b:55
Signer

Actual PE Digest

e4:0f:b6:98:89:4b:a7:e4:c7:4b:bb:2a:35:5d:cf:60:ea:f3:4b:55

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.SAMBuiltin\obj\Release\netstandard2.0\RegistryPlugin.SAMBuiltin.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.SCSI.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:54:5a:0c:85:78:4d:3c:0c:c0:3b:ea:bb:60:61:ab:9e:c2:a0:3f:5e:01:fd:b4:a2:48:f6:cb:2a:e0:d6:4e
Signer

Actual PE Digest

0c:54:5a:0c:85:78:4d:3c:0c:c0:3b:ea:bb:60:61:ab:9e:c2:a0:3f:5e:01:fd:b4:a2:48:f6:cb:2a:e0:d6:4e

Digest Algorithm

sha256

PE Digest Matches

true

b3:d1:65:f1:3f:ba:af:23:72:51:cb:f2:3b:77:89:32:3c:ed:59:bf
Signer

Actual PE Digest

b3:d1:65:f1:3f:ba:af:23:72:51:cb:f2:3b:77:89:32:3c:ed:59:bf

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.SCSI\obj\Release\netstandard2.0\RegistryPlugin.SCSI.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.Services.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

86:28:6e:49:80:2f:2f:b9:69:73:16:69:5d:86:07:14:ab:47:c5:84:d2:51:74:38:03:f6:04:01:88:a8:93:78
Signer

Actual PE Digest

86:28:6e:49:80:2f:2f:b9:69:73:16:69:5d:86:07:14:ab:47:c5:84:d2:51:74:38:03:f6:04:01:88:a8:93:78

Digest Algorithm

sha256

PE Digest Matches

true

2d:1d:ec:ad:e5:99:b4:2a:67:d2:21:c3:f9:92:78:cd:1b:ed:c6:1d
Signer

Actual PE Digest

2d:1d:ec:ad:e5:99:b4:2a:67:d2:21:c3:f9:92:78:cd:1b:ed:c6:1d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.Services\obj\Release\netstandard2.0\RegistryPlugin.Services.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.SyscacheObjectTable.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1a:26:21:fc:5e:a7:7b:3b:26:4a:39:67:c8:ba:0c:7b:eb:59:e7:27:ed:2d:16:3b:25:6c:b1:d4:48:0e:e7:09
Signer

Actual PE Digest

1a:26:21:fc:5e:a7:7b:3b:26:4a:39:67:c8:ba:0c:7b:eb:59:e7:27:ed:2d:16:3b:25:6c:b1:d4:48:0e:e7:09

Digest Algorithm

sha256

PE Digest Matches

true

94:0c:6c:53:57:16:e1:68:16:36:51:01:bc:8a:ff:b6:85:00:7d:0c
Signer

Actual PE Digest

94:0c:6c:53:57:16:e1:68:16:36:51:01:bc:8a:ff:b6:85:00:7d:0c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.SyscacheObjectTable\obj\Release\netstandard2.0\RegistryPlugin.SyscacheObjectTable.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.TaskCache.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5c:d0:7f:e7:d6:6b:ea:f2:72:75:ce:4b:a1:1c:7a:72:ef:c7:87:dd:06:0d:d4:f4:90:77:43:2c:1c:e8:7b:e5
Signer

Actual PE Digest

5c:d0:7f:e7:d6:6b:ea:f2:72:75:ce:4b:a1:1c:7a:72:ef:c7:87:dd:06:0d:d4:f4:90:77:43:2c:1c:e8:7b:e5

Digest Algorithm

sha256

PE Digest Matches

true

b3:eb:1d:55:b7:c4:77:0c:9b:12:66:b0:70:ca:dc:6e:50:aa:86:96
Signer

Actual PE Digest

b3:eb:1d:55:b7:c4:77:0c:9b:12:66:b0:70:ca:dc:6e:50:aa:86:96

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.TaskCache\obj\Release\netstandard2.0\RegistryPlugin.TaskCache.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.TaskFlowShellActivities.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

50:2c:7f:87:cb:83:b6:27:ea:38:5d:d3:58:a9:7f:00:88:94:93:74:ef:bd:1d:36:fa:b8:82:a3:b9:c9:9c:f8
Signer

Actual PE Digest

50:2c:7f:87:cb:83:b6:27:ea:38:5d:d3:58:a9:7f:00:88:94:93:74:ef:bd:1d:36:fa:b8:82:a3:b9:c9:9c:f8

Digest Algorithm

sha256

PE Digest Matches

true

4d:0a:28:d9:d8:72:06:82:b6:2d:de:b6:6e:05:b5:d7:15:78:e2:7b
Signer

Actual PE Digest

4d:0a:28:d9:d8:72:06:82:b6:2d:de:b6:6e:05:b5:d7:15:78:e2:7b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.TaskFlowShellActivities\obj\Release\netstandard2.0\RegistryPlugin.TaskFlowShellActivities.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.Taskband.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c6:11:4e:bc:c8:e2:6d:d3:60:8a:c1:bd:45:fc:a6:98:3f:c2:fc:45:71:b2:ab:8d:80:f0:a0:47:00:f7:a2:2a
Signer

Actual PE Digest

c6:11:4e:bc:c8:e2:6d:d3:60:8a:c1:bd:45:fc:a6:98:3f:c2:fc:45:71:b2:ab:8d:80:f0:a0:47:00:f7:a2:2a

Digest Algorithm

sha256

PE Digest Matches

true

a3:58:c5:79:52:c0:f7:d9:7e:88:89:e9:a4:08:77:2b:00:b6:f5:5f
Signer

Actual PE Digest

a3:58:c5:79:52:c0:f7:d9:7e:88:89:e9:a4:08:77:2b:00:b6:f5:5f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.Taskband\obj\Release\netstandard2.0\RegistryPlugin.Taskband.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.TerminalServerClient.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8f:63:39:2d:bc:5b:55:cd:db:35:d0:15:c7:60:29:82:9f:b5:4e:83:41:fe:5b:c6:66:e3:1e:f2:5c:69:c7:ec
Signer

Actual PE Digest

8f:63:39:2d:bc:5b:55:cd:db:35:d0:15:c7:60:29:82:9f:b5:4e:83:41:fe:5b:c6:66:e3:1e:f2:5c:69:c7:ec

Digest Algorithm

sha256

PE Digest Matches

true

3d:8c:40:33:1a:7e:6b:9e:06:02:2d:49:8a:15:9c:a9:8f:f6:9b:cc
Signer

Actual PE Digest

3d:8c:40:33:1a:7e:6b:9e:06:02:2d:49:8a:15:9c:a9:8f:f6:9b:cc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.TerminalServerClient\obj\Release\netstandard2.0\RegistryPlugin.TerminalServerClient.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.TimeZoneInformation.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

54:ff:96:52:0b:25:7f:87:c3:06:dd:5a:19:27:92:13:03:79:4e:93:e0:c2:5f:05:c0:97:4f:f7:78:c0:13:f9
Signer

Actual PE Digest

54:ff:96:52:0b:25:7f:87:c3:06:dd:5a:19:27:92:13:03:79:4e:93:e0:c2:5f:05:c0:97:4f:f7:78:c0:13:f9

Digest Algorithm

sha256

PE Digest Matches

true

b8:c9:c6:9e:5b:c5:66:3f:da:2d:e3:13:a9:d0:7b:9b:94:7b:95:02
Signer

Actual PE Digest

b8:c9:c6:9e:5b:c5:66:3f:da:2d:e3:13:a9:d0:7b:9b:94:7b:95:02

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.TimeZoneInformation\obj\Release\netstandard2.0\RegistryPlugin.TimeZoneInformation.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.TrustedDocuments.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9e:db:a5:9d:7b:d8:82:8d:55:ea:fa:e1:61:a0:a0:2e:cc:a0:2e:dc:d9:23:0c:f3:a4:22:a7:7a:cc:f2:43:86
Signer

Actual PE Digest

9e:db:a5:9d:7b:d8:82:8d:55:ea:fa:e1:61:a0:a0:2e:cc:a0:2e:dc:d9:23:0c:f3:a4:22:a7:7a:cc:f2:43:86

Digest Algorithm

sha256

PE Digest Matches

true

36:ad:35:77:50:e5:47:78:a1:81:a5:c3:0c:ff:87:1a:60:de:bb:95
Signer

Actual PE Digest

36:ad:35:77:50:e5:47:78:a1:81:a5:c3:0c:ff:87:1a:60:de:bb:95

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.TrustedDocuments\obj\Release\netstandard2.0\RegistryPlugin.TrustedDocuments.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.TypedURLs.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8a:2d:6e:58:e8:98:36:6b:89:cf:6b:62:1f:99:31:b8:9d:74:5f:c9:2f:09:86:2f:62:6b:b8:1d:38:a8:fb:ae
Signer

Actual PE Digest

8a:2d:6e:58:e8:98:36:6b:89:cf:6b:62:1f:99:31:b8:9d:74:5f:c9:2f:09:86:2f:62:6b:b8:1d:38:a8:fb:ae

Digest Algorithm

sha256

PE Digest Matches

true

7e:b5:7a:84:65:27:84:86:86:9a:14:88:17:f2:52:89:56:c7:44:ec
Signer

Actual PE Digest

7e:b5:7a:84:65:27:84:86:86:9a:14:88:17:f2:52:89:56:c7:44:ec

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.TypedURLs\obj\Release\netstandard2.0\RegistryPlugin.TypedURLs.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.USB.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

64:df:a0:e7:fd:15:64:84:d0:6d:b2:01:36:85:08:39:bb:5b:db:e1:23:02:09:7d:f7:6e:e6:4e:b3:d6:bb:1b
Signer

Actual PE Digest

64:df:a0:e7:fd:15:64:84:d0:6d:b2:01:36:85:08:39:bb:5b:db:e1:23:02:09:7d:f7:6e:e6:4e:b3:d6:bb:1b

Digest Algorithm

sha256

PE Digest Matches

true

b0:45:26:76:6a:1f:74:f1:e3:6b:19:d4:4b:3b:c8:47:bd:f8:20:2b
Signer

Actual PE Digest

b0:45:26:76:6a:1f:74:f1:e3:6b:19:d4:4b:3b:c8:47:bd:f8:20:2b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.USB\obj\Release\netstandard2.0\RegistryPlugin.USB.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.USBSTOR.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d3:81:21:3c:d5:00:50:7e:a3:81:d5:0b:51:81:20:91:fd:92:3c:ab:82:ae:5b:85:aa:97:c1:98:9d:39:16:ce
Signer

Actual PE Digest

d3:81:21:3c:d5:00:50:7e:a3:81:d5:0b:51:81:20:91:fd:92:3c:ab:82:ae:5b:85:aa:97:c1:98:9d:39:16:ce

Digest Algorithm

sha256

PE Digest Matches

true

2c:7f:ff:fb:1a:ec:9a:9e:b2:1d:2b:32:d5:6f:3b:9c:2d:43:cc:96
Signer

Actual PE Digest

2c:7f:ff:fb:1a:ec:9a:9e:b2:1d:2b:32:d5:6f:3b:9c:2d:43:cc:96

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.USBSTOR\obj\Release\netstandard2.0\RegistryPlugin.USBSTOR.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.Uninstall.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

21:c1:60:67:ce:a8:f5:e5:13:9c:08:f7:c2:a4:97:53:7e:81:cb:b7:b3:cb:9a:cc:6a:ab:26:22:ce:bb:ef:e8
Signer

Actual PE Digest

21:c1:60:67:ce:a8:f5:e5:13:9c:08:f7:c2:a4:97:53:7e:81:cb:b7:b3:cb:9a:cc:6a:ab:26:22:ce:bb:ef:e8

Digest Algorithm

sha256

PE Digest Matches

true

0f:6d:5e:d7:5e:12:e3:98:41:f5:12:5b:95:fd:eb:ee:35:f6:3d:cd
Signer

Actual PE Digest

0f:6d:5e:d7:5e:12:e3:98:41:f5:12:5b:95:fd:eb:ee:35:f6:3d:cd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.Uninstall\obj\Release\netstandard2.0\RegistryPlugin.Uninstall.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.UserAssist.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

af:2c:2f:81:f5:ec:37:58:0d:e4:7b:ad:03:20:c7:0a:aa:68:a7:ee:9e:b7:f7:44:86:49:7b:64:92:46:e1:39
Signer

Actual PE Digest

af:2c:2f:81:f5:ec:37:58:0d:e4:7b:ad:03:20:c7:0a:aa:68:a7:ee:9e:b7:f7:44:86:49:7b:64:92:46:e1:39

Digest Algorithm

sha256

PE Digest Matches

true

66:34:3f:b0:b9:ec:07:e5:da:bf:92:cc:45:14:cc:5f:04:83:31:09
Signer

Actual PE Digest

66:34:3f:b0:b9:ec:07:e5:da:bf:92:cc:45:14:cc:5f:04:83:31:09

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.UserAssist\obj\Release\netstandard2.0\RegistryPlugin.UserAssist.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.VolumeInfoCache.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

31:45:97:35:9c:49:01:25:15:c6:cd:15:31:18:c5:ad:6a:a5:70:34:b9:79:a5:e4:4b:bf:6e:2e:85:52:85:02
Signer

Actual PE Digest

31:45:97:35:9c:49:01:25:15:c6:cd:15:31:18:c5:ad:6a:a5:70:34:b9:79:a5:e4:4b:bf:6e:2e:85:52:85:02

Digest Algorithm

sha256

PE Digest Matches

true

71:87:22:23:0e:80:19:aa:9e:dd:db:26:73:04:79:30:e8:2c:88:9c
Signer

Actual PE Digest

71:87:22:23:0e:80:19:aa:9e:dd:db:26:73:04:79:30:e8:2c:88:9c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.VolumeInfoCache\obj\Release\netstandard2.0\RegistryPlugin.VolumeInfoCache.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.WinRAR.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3b:c4:e7:40:89:8e:a8:fd:36:4a:9c:32:65:cd:fa:94:45:6f:44:fc:3f:0a:05:69:85:4f:00:75:4f:35:32:62
Signer

Actual PE Digest

3b:c4:e7:40:89:8e:a8:fd:36:4a:9c:32:65:cd:fa:94:45:6f:44:fc:3f:0a:05:69:85:4f:00:75:4f:35:32:62

Digest Algorithm

sha256

PE Digest Matches

true

47:b4:c3:0f:01:90:05:48:49:dd:50:4d:9a:7c:1d:20:c9:f1:9e:96
Signer

Actual PE Digest

47:b4:c3:0f:01:90:05:48:49:dd:50:4d:9a:7c:1d:20:c9:f1:9e:96

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.WinRAR\obj\Release\netstandard2.0\RegistryPlugin.WinRAR.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.WindowsApp.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5d:0e:e8:82:a5:8f:42:b4:82:11:55:00:fb:01:7f:1f:0b:56:f5:a6:42:02:b6:fc:b4:7d:fe:67:29:a9:c1:8f
Signer

Actual PE Digest

5d:0e:e8:82:a5:8f:42:b4:82:11:55:00:fb:01:7f:1f:0b:56:f5:a6:42:02:b6:fc:b4:7d:fe:67:29:a9:c1:8f

Digest Algorithm

sha256

PE Digest Matches

true

4b:0f:df:c2:cc:60:29:5b:e2:1b:95:ef:e1:69:1e:8c:5a:1a:9c:2e
Signer

Actual PE Digest

4b:0f:df:c2:cc:60:29:5b:e2:1b:95:ef:e1:69:1e:8c:5a:1a:9c:2e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.WindowsApp\obj\Release\netstandard2.0\RegistryPlugin.WindowsApp.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.WindowsPortableDevices.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

17:b9:83:6e:9d:5a:bc:31:7b:21:0b:4d:06:51:8c:8a:c5:1d:61:8f:76:f4:df:50:9d:59:2b:22:3e:a6:3f:09
Signer

Actual PE Digest

17:b9:83:6e:9d:5a:bc:31:7b:21:0b:4d:06:51:8c:8a:c5:1d:61:8f:76:f4:df:50:9d:59:2b:22:3e:a6:3f:09

Digest Algorithm

sha256

PE Digest Matches

true

d5:4b:cc:d9:b6:2f:b1:ad:0f:25:a7:5b:77:be:f3:22:7d:87:68:94
Signer

Actual PE Digest

d5:4b:cc:d9:b6:2f:b1:ad:0f:25:a7:5b:77:be:f3:22:7d:87:68:94

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.WindowsPortableDevices\obj\Release\netstandard2.0\RegistryPlugin.WindowsPortableDevices.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/Plugins/RegistryPlugin.WordWheelQuery.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

79:54:9c:e9:a5:f5:0b:ad:f8:65:d0:6a:fd:c5:9d:c3:f3:13:dd:6d:d1:21:2b:6a:73:f5:17:b7:66:f0:21:ec
Signer

Actual PE Digest

79:54:9c:e9:a5:f5:0b:ad:f8:65:d0:6a:fd:c5:9d:c3:f3:13:dd:6d:d1:21:2b:6a:73:f5:17:b7:66:f0:21:ec

Digest Algorithm

sha256

PE Digest Matches

true

ef:8f:5e:0c:a2:cb:4c:c6:3a:41:58:16:b1:ab:ea:2d:36:4f:7a:ce
Signer

Actual PE Digest

ef:8f:5e:0c:a2:cb:4c:c6:3a:41:58:16:b1:ab:ea:2d:36:4f:7a:ce

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Code\RegistryPlugins\RegistryPlugin.WordWheelQuery\obj\Release\netstandard2.0\RegistryPlugin.WordWheelQuery.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RECmd/RECmd.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

59:76:ac:33:d0:08:6f:f5:75:4b:69:31:b6:a6:d7:17:b2:98:c7:49:3e:18:ca:08:d6:32:ce:20:58:64:3e:60
Signer

Actual PE Digest

59:76:ac:33:d0:08:6f:f5:75:4b:69:31:b6:a6:d7:17:b2:98:c7:49:3e:18:ca:08:d6:32:ce:20:58:64:3e:60

Digest Algorithm

sha256

PE Digest Matches

true

16:03:31:b0:74:14:c2:b0:25:2a:25:f7:d3:e5:14:d3:b5:fe:39:d5
Signer

Actual PE Digest

16:03:31:b0:74:14:c2:b0:25:2a:25:f7:d3:e5:14:d3:b5:fe:39:d5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Code\RECmd\RECmd\obj\Release\net462\RECmd.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/RecentFileCacheParser.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

64:98:c7:0a:af:14:de:b1:ff:55:55:3b:bb:c0:a5:e6:d2:2d:e8:d8:a9:f4:9f:07:8f:e7:a6:bf:8d:21:ba:ed
Signer

Actual PE Digest

64:98:c7:0a:af:14:de:b1:ff:55:55:3b:bb:c0:a5:e6:d2:2d:e8:d8:a9:f4:9f:07:8f:e7:a6:bf:8d:21:ba:ed

Digest Algorithm

sha256

PE Digest Matches

true

1a:8b:ae:44:9e:63:11:65:38:c0:a7:82:7f:9b:de:98:4d:49:83:95
Signer

Actual PE Digest

1a:8b:ae:44:9e:63:11:65:38:c0:a7:82:7f:9b:de:98:4d:49:83:95

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Code\RecentFileCacheParser\RecentFileCacheParser\obj\Release\net462\RecentFileCacheParser.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/SBECmd.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23-10-2020 00:00

Not After

22-01-2032 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23-10-2020 00:00

Not After

22-01-2032 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4a:4c:92:87:6c:7f:24:a8:99:ab:30:a7:d5:91:72:03:46:45:b6:6b:6e:b9:31:66:b2:15:0c:8b:3f:42:7a:f7
Signer

Actual PE Digest

4a:4c:92:87:6c:7f:24:a8:99:ab:30:a7:d5:91:72:03:46:45:b6:6b:6e:b9:31:66:b2:15:0c:8b:3f:42:7a:f7

Digest Algorithm

sha256

PE Digest Matches

true

6f:94:aa:db:88:ce:22:c3:7e:bb:cc:19:d1:55:97:4a:bb:a5:b5:3a
Signer

Actual PE Digest

6f:94:aa:db:88:ce:22:c3:7e:bb:cc:19:d1:55:97:4a:bb:a5:b5:3a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Code\ShellBagsExplorer\SBE\obj\Release\net462\SBECmd.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/SQLECmd/Maps/!OS_Application_OptionalDescription.guide
KAPE/Modules/bin/SQLECmd/Maps/!OS_Application_OptionalDescription.template
KAPE/Modules/bin/SQLECmd/Maps/Accounts4_iOS.smap
KAPE/Modules/bin/SQLECmd/Maps/Accounts_iOS.smap
KAPE/Modules/bin/SQLECmd/Maps/ActivitiesCache.smap
KAPE/Modules/bin/SQLECmd/Maps/AddressBook_iOS.smap
KAPE/Modules/bin/SQLECmd/Maps/Android_Calls.smap
KAPE/Modules/bin/SQLECmd/Maps/Android_Contacts2DB.smap
KAPE/Modules/bin/SQLECmd/Maps/Android_Frosting.smap
KAPE/Modules/bin/SQLECmd/Maps/Android_LocalAppState.smap
KAPE/Modules/bin/SQLECmd/Maps/Android_Logs.smap
KAPE/Modules/bin/SQLECmd/Maps/Android_SMS.smap
KAPE/Modules/bin/SQLECmd/Maps/Android_mmssmsDB.smap
KAPE/Modules/bin/SQLECmd/Maps/Calls_Android.smap
KAPE/Modules/bin/SQLECmd/Maps/Calls_iOS.smap
KAPE/Modules/bin/SQLECmd/Maps/CarsDB.smap
KAPE/Modules/bin/SQLECmd/Maps/CellularUsage_iOS.smap
KAPE/Modules/bin/SQLECmd/Maps/Contacts.smap
KAPE/Modules/bin/SQLECmd/Maps/DataUsage_iOS.smap
KAPE/Modules/bin/SQLECmd/Maps/Dropbox_Configurations.smap
KAPE/Modules/bin/SQLECmd/Maps/Dropbox_Filecache.smap
KAPE/Modules/bin/SQLECmd/Maps/Dropbox_Instance.smap
KAPE/Modules/bin/SQLECmd/Maps/Firefox.smap
KAPE/Modules/bin/SQLECmd/Maps/FirefoxCookies.smap
KAPE/Modules/bin/SQLECmd/Maps/FirefoxFormHistory.smap
KAPE/Modules/bin/SQLECmd/Maps/Firefox_Bookmarks.smap
KAPE/Modules/bin/SQLECmd/Maps/Frosting_Android.smap
KAPE/Modules/bin/SQLECmd/Maps/GoogleDriveCloud.smap
KAPE/Modules/bin/SQLECmd/Maps/GoogleDriveSnapshot.smap
KAPE/Modules/bin/SQLECmd/Maps/HealthDb.smap
KAPE/Modules/bin/SQLECmd/Maps/HealthDbSecure.smap
KAPE/Modules/bin/SQLECmd/Maps/HealthDbSecure_iOS.smap
KAPE/Modules/bin/SQLECmd/Maps/HealthDb_iOS.smap
KAPE/Modules/bin/SQLECmd/Maps/Launcher_Android.smap
KAPE/Modules/bin/SQLECmd/Maps/Localappstate_Android.smap
KAPE/Modules/bin/SQLECmd/Maps/Logs_Android.smap
KAPE/Modules/bin/SQLECmd/Maps/Photos-iOS.smap
KAPE/Modules/bin/SQLECmd/Maps/SMS_Android.smap
KAPE/Modules/bin/SQLECmd/Maps/SMS_iOS.smap
KAPE/Modules/bin/SQLECmd/Maps/TeraCopy_History.smap
KAPE/Modules/bin/SQLECmd/Maps/TeraCopy_MainDB.smap
KAPE/Modules/bin/SQLECmd/Maps/TestFiles_CarsDB.smap
KAPE/Modules/bin/SQLECmd/Maps/TestFiles_Contacts.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_4KVideoDownloader_History.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_ActivitiesCache.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Bitdefender_Antiphishing.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Bitdefender_RansomwareRecover.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Bitdefender_cache.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Bitdefender_es.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_AutofillEntries.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_AutofillProfiles.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_Cookies.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_Downloads.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_Favicons.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_HistoryVisits.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_KeywordSearches.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_MaskedCreditCards.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_MediaHistoryPlayback.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_MediaHistoryPlaybackSession.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_NetworkActionPredictor.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_OmniboxShortcuts.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Chrome_TopSites.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_AutofillEntries.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_AutofillProfiles.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_Cookies.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_Downloads.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_Favicons.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_HistoryVisits.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_KeywordSearches.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_MaskedCreditCards.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_MediaHistoryPlayback.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_MediaHistoryPlaybackSession.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_NetworkActionPredictor.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_OmniboxShortcuts.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_ChromiumBrowser_TopSites.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Dropbox_AggregationDBX.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Dropbox_Configurations.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Dropbox_FileCache.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Dropbox_IconDB.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Dropbox_InstanceDB.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Dropbox_NonLocalResources.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Dropbox_RecentItems.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Dropbox_SFJResources.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Dropbox_StarredItems.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Dropbox_SyncHistory.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Dropbox_TrayThumbnails.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_EventTranscriptDB_DataSampling.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_EventTranscriptDB_NoDataSampling.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_FileZilla_Queue.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Firefox_Bookmarks.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Firefox_Cookies.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Firefox_Downloads-Downloads.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Firefox_Downloads-Places.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Firefox_Downloads.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Firefox_Favicons.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Firefox_FormHistory.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Firefox_History.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_GoogleDrive_Changes.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_GoogleDrive_Cloud.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_GoogleDrive_CloudGraphDB.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_GoogleDrive_Snapshot.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_GoogleDrive_SnapshotDB.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_GoogleDrive_SyncConfigDB.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_GoogleDrive_metadata_sqlite_db.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_MicrosoftStickyNotes_NotesDB.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Nessus_Preferences.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Notifications_DB.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_Photos.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_TeraCopy_History.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_TeraCopy_MainDB.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_WPNDatabase_Notifications.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_WPNDatabase_WNSPushChannel.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_WindowsUpdate_StoreDB.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_YourPhone_ContactsDB.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_YourPhone_NotificationsDB.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_YourPhone_PhoneDB-SMSMessages.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_YourPhone_PhotosDB.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_YourPhone_SettingsDB.smap
KAPE/Modules/bin/SQLECmd/Maps/Windows_pCloud.smap
KAPE/Modules/bin/SQLECmd/Maps/iOS_Accounts.smap
KAPE/Modules/bin/SQLECmd/Maps/iOS_Accounts4.smap
KAPE/Modules/bin/SQLECmd/Maps/iOS_Calls.smap
KAPE/Modules/bin/SQLECmd/Maps/iOS_CellularUsage.smap
KAPE/Modules/bin/SQLECmd/Maps/iOS_HealthDb.smap
KAPE/Modules/bin/SQLECmd/Maps/iOS_HealthDb_Secure.smap
KAPE/Modules/bin/SQLECmd/Maps/iOS_Photos.smap
KAPE/Modules/bin/SQLECmd/Maps/iOS_SMS.smap
KAPE/Modules/bin/SQLECmd/SQLECmd.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23-10-2020 00:00

Not After

22-01-2032 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23-10-2020 00:00

Not After

22-01-2032 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ec:da:15:f8:ef:6d:29:92:95:06:39:a3:10:69:d4:ed:7a:63:08:f3:d5:9b:c6:80:63:39:fe:61:b3:1c:97:fa
Signer

Actual PE Digest

ec:da:15:f8:ef:6d:29:92:95:06:39:a3:10:69:d4:ed:7a:63:08:f3:d5:9b:c6:80:63:39:fe:61:b3:1c:97:fa

Digest Algorithm

sha256

PE Digest Matches

true

c6:32:34:3d:7c:1f:76:be:6e:36:3c:a0:78:04:11:b2:b7:9e:42:b5
Signer

Actual PE Digest

c6:32:34:3d:7c:1f:76:be:6e:36:3c:a0:78:04:11:b2:b7:9e:42:b5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Code\SQLECmd\SQLECmd\obj\Release\net462\SQLECmd.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 7.9MB - Virtual size: 7.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/SrumECmd.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:e9:e3:9d:20:c7:a1:74:ae:13:c1:28:ce:9b:fb:4c:7b:ef:70:63:7a:d4:0f:bb:19:36:dd:d7:66:bd:bb:08
Signer

Actual PE Digest

77:e9:e3:9d:20:c7:a1:74:ae:13:c1:28:ce:9b:fb:4c:7b:ef:70:63:7a:d4:0f:bb:19:36:dd:d7:66:bd:bb:08

Digest Algorithm

sha256

PE Digest Matches

true

a0:39:4b:28:73:45:fc:84:49:af:42:55:1a:ba:e3:17:5d:27:c5:e2
Signer

Actual PE Digest

a0:39:4b:28:73:45:fc:84:49:af:42:55:1a:ba:e3:17:5d:27:c5:e2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Code\Srum\SrumECmd\obj\Release\net462\SrumECmd.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/SumECmd.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23-10-2020 00:00

Not After

22-01-2032 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23-10-2020 00:00

Not After

22-01-2032 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b6:d9:c6:d3:34:6b:a2:76:7d:f8:04:18:58:2a:ac:72:b2:73:53:ba:51:b8:d8:85:35:fd:9d:80:c6:7e:c1:ee
Signer

Actual PE Digest

b6:d9:c6:d3:34:6b:a2:76:7d:f8:04:18:58:2a:ac:72:b2:73:53:ba:51:b8:d8:85:35:fd:9d:80:c6:7e:c1:ee

Digest Algorithm

sha256

PE Digest Matches

true

2c:e9:da:66:bf:7e:dc:e3:76:f7:bb:53:5e:e1:65:44:50:51:3c:45
Signer

Actual PE Digest

2c:e9:da:66:bf:7e:dc:e3:76:f7:bb:53:5e:e1:65:44:50:51:3c:45

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Code\Sum\SumECmd\obj\Release\net462\SumECmd.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/WxTCmd.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23-10-2020 00:00

Not After

22-01-2032 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23-10-2020 00:00

Not After

22-01-2032 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6b:ad:87:57:20:d9:0e:bf:80:db:86:10:be:3c:95:e3:ce:20:4a:41:d8:93:c7:c0:09:5a:b6:17:dc:3f:f0:d5
Signer

Actual PE Digest

6b:ad:87:57:20:d9:0e:bf:80:db:86:10:be:3c:95:e3:ce:20:4a:41:d8:93:c7:c0:09:5a:b6:17:dc:3f:f0:d5

Digest Algorithm

sha256

PE Digest Matches

true

45:a4:d7:cf:60:19:ca:e2:38:15:ca:66:f2:7d:aa:eb:21:a4:77:49
Signer

Actual PE Digest

45:a4:d7:cf:60:19:ca:e2:38:15:ca:66:f2:7d:aa:eb:21:a4:77:49

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Imports

mscoree

_CorExeMain

Sections

.text
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Modules/bin/bstrings.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c6:0f:74:ea:3d:89:67:e9:e2:cd:7b:e5:5e:3a:eb:6f:3d:72:b7:b1:25:a0:12:b5:7f:24:bc:2f:72:37:5c:f8
Signer

Actual PE Digest

c6:0f:74:ea:3d:89:67:e9:e2:cd:7b:e5:5e:3a:eb:6f:3d:72:b7:b1:25:a0:12:b5:7f:24:bc:2f:72:37:5c:f8

Digest Algorithm

sha256

PE Digest Matches

true

86:ee:0b:7d:a5:11:f3:30:33:44:39:07:2d:ad:2b:0f:89:42:d3:b8
Signer

Actual PE Digest

86:ee:0b:7d:a5:11:f3:30:33:44:39:07:2d:ad:2b:0f:89:42:d3:b8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Code\bstrings\bstrings\obj\Release\net462\bstrings.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/Targets/!Disabled/AppData.tkape
KAPE/Targets/!Disabled/DirectoryTraversal_AudioFiles.tkape
KAPE/Targets/!Disabled/DirectoryTraversal_ExcelDocuments.tkape
KAPE/Targets/!Disabled/DirectoryTraversal_PDFDocuments.tkape
KAPE/Targets/!Disabled/DirectoryTraversal_PictureFiles.tkape
KAPE/Targets/!Disabled/DirectoryTraversal_SQLiteDatabases.tkape
KAPE/Targets/!Disabled/DirectoryTraversal_VideoFiles.tkape
KAPE/Targets/!Disabled/DirectoryTraversal_WildCardExample.tkape
KAPE/Targets/!Disabled/DirectoryTraversal_WordDocuments.tkape
KAPE/Targets/!Disabled/LiveUserFiles.tkape
KAPE/Targets/Antivirus/AVG.tkape
KAPE/Targets/Antivirus/Avast.tkape
KAPE/Targets/Antivirus/AviraAVLogs.tkape
KAPE/Targets/Antivirus/Bitdefender.tkape
KAPE/Targets/Antivirus/Combofix.tkape
KAPE/Targets/Antivirus/Cybereason.tkape
KAPE/Targets/Antivirus/ESET.tkape
KAPE/Targets/Antivirus/Emsisoft.tkape
KAPE/Targets/Antivirus/FSecure.tkape
KAPE/Targets/Antivirus/HitmanPro.tkape
KAPE/Targets/Antivirus/Malwarebytes.tkape
KAPE/Targets/Antivirus/McAfee.tkape
KAPE/Targets/Antivirus/McAfee_ePO.tkape
KAPE/Targets/Antivirus/RogueKiller.tkape
KAPE/Targets/Antivirus/SUPERAntiSpyware.tkape
KAPE/Targets/Antivirus/SecureAge.tkape
KAPE/Targets/Antivirus/SentinelOne.tkape
KAPE/Targets/Antivirus/Sophos.tkape
KAPE/Targets/Antivirus/Symantec_AV_Logs.tkape
KAPE/Targets/Antivirus/TotalAV.tkape
KAPE/Targets/Antivirus/TrendMicro.tkape
KAPE/Targets/Antivirus/VIPRE.tkape
KAPE/Targets/Antivirus/Webroot.tkape
KAPE/Targets/Antivirus/WinDefendDetectionHist.tkape
KAPE/Targets/Antivirus/WindowsDefender.tkape
KAPE/Targets/Apps/1Password.tkape
KAPE/Targets/Apps/4KVideoDownloader.tkape
KAPE/Targets/Apps/AceText.tkape
KAPE/Targets/Apps/AcronisTrueImage.tkape
KAPE/Targets/Apps/Ammyy.tkape
KAPE/Targets/Apps/AnyDesk.tkape
KAPE/Targets/Apps/AsperaConnect.tkape
KAPE/Targets/Apps/AteraAgent.tkape
KAPE/Targets/Apps/BoxDrive_Metadata.tkape
KAPE/Targets/Apps/BoxDrive_UserFiles.tkape
KAPE/Targets/Apps/CiscoJabber.tkape
KAPE/Targets/Apps/ClipboardMaster.tkape
KAPE/Targets/Apps/ConfluenceLogs.tkape
KAPE/Targets/Apps/DirectoryOpus.tkape
KAPE/Targets/Apps/Discord.tkape
KAPE/Targets/Apps/DoubleCommander.tkape
KAPE/Targets/Apps/Dropbox_Metadata.tkape
KAPE/Targets/Apps/Dropbox_UserFiles.tkape
KAPE/Targets/Apps/EFCommander.tkape
KAPE/Targets/Apps/Evernote.tkape
KAPE/Targets/Apps/Everything (VoidTools).tkape
KAPE/Targets/Apps/ExchangeClientAccess.tkape
KAPE/Targets/Apps/ExchangeCve-2021-26855.tkape
KAPE/Targets/Apps/ExchangeTransport.tkape
KAPE/Targets/Apps/Fences.tkape
KAPE/Targets/Apps/FileZillaClient.tkape
KAPE/Targets/Apps/FileZillaServer.tkape
KAPE/Targets/Apps/FreeCommander.tkape
KAPE/Targets/Apps/FreeDownloadManager.tkape
KAPE/Targets/Apps/FreeFileSync.tkape
KAPE/Targets/Apps/GoogleDriveBackupSync_UserFiles.tkape
KAPE/Targets/Apps/GoogleDrive_Metadata.tkape
KAPE/Targets/Apps/GoogleEarth.tkape
KAPE/Targets/Apps/HeidiSQL.tkape
KAPE/Targets/Apps/HexChat.tkape
KAPE/Targets/Apps/IceChat.tkape
KAPE/Targets/Apps/IrfanView.tkape
KAPE/Targets/Apps/JDownloader2.tkape
KAPE/Targets/Apps/JavaWebCache.tkape
KAPE/Targets/Apps/Kaseya.tkape
KAPE/Targets/Apps/LogMeIn.tkape
KAPE/Targets/Apps/MacriumReflect.tkape
KAPE/Targets/Apps/Mattermost.tkape
KAPE/Targets/Apps/MediaMonkey.tkape
KAPE/Targets/Apps/MicrosoftOneNote.tkape
KAPE/Targets/Apps/MicrosoftStickyNotes.tkape
KAPE/Targets/Apps/MicrosoftTeams.tkape
KAPE/Targets/Apps/MicrosoftToDo.tkape
KAPE/Targets/Apps/MidnightCommander.tkape
KAPE/Targets/Apps/MultiCommander.tkape
KAPE/Targets/Apps/Nessus.tkape
KAPE/Targets/Apps/Notepad++.tkape
KAPE/Targets/Apps/OneCommander.tkape
KAPE/Targets/Apps/OneDrive_Metadata.tkape
KAPE/Targets/Apps/OneDrive_UserFiles.tkape
KAPE/Targets/Apps/OpenSSHClient.tkape
KAPE/Targets/Apps/OpenSSHServer.tkape
KAPE/Targets/Apps/OpenVPNClient.tkape
KAPE/Targets/Apps/OutlookPSTOST.tkape
KAPE/Targets/Apps/PeaZip.tkape
KAPE/Targets/Apps/ProtonVPN.tkape
KAPE/Targets/Apps/Q-Dir.tkape
KAPE/Targets/Apps/QFinderPro (QNAP).tkape
KAPE/Targets/Apps/Radmin.tkape
KAPE/Targets/Apps/RemoteUtilities_app.tkape
KAPE/Targets/Apps/ScreenConnect.tkape
KAPE/Targets/Apps/ShareX.tkape
KAPE/Targets/Apps/SiemensTIA.tkape
KAPE/Targets/Apps/Signal.tkape
KAPE/Targets/Apps/Skype.tkape
KAPE/Targets/Apps/Slack.tkape
KAPE/Targets/Apps/Snagit.tkape
KAPE/Targets/Apps/SpeedCommander.tkape
KAPE/Targets/Apps/Splashtop.tkape
KAPE/Targets/Apps/SublimeText.tkape
KAPE/Targets/Apps/SugarSync.tkape
KAPE/Targets/Apps/SumatraPDF.tkape
KAPE/Targets/Apps/SupremoRemoteDesktop.tkape
KAPE/Targets/Apps/TablacusExplorer.tkape
KAPE/Targets/Apps/TeamViewerLogs.tkape
KAPE/Targets/Apps/Telegram.tkape
KAPE/Targets/Apps/TeraCopy.tkape
KAPE/Targets/Apps/Thunderbird.tkape
KAPE/Targets/Apps/TotalCommander.tkape
KAPE/Targets/Apps/TreeSize.tkape
KAPE/Targets/Apps/Ultraviewer.tkape
KAPE/Targets/Apps/VLC Media Player.tkape
KAPE/Targets/Apps/VMwareInventory.tkape
KAPE/Targets/Apps/VMwareMemory.tkape
KAPE/Targets/Apps/VNCLogs.tkape
KAPE/Targets/Apps/Viber.tkape
KAPE/Targets/Apps/VirtualBoxConfig.tkape
KAPE/Targets/Apps/VirtualBoxLogs.tkape
KAPE/Targets/Apps/VirtualBoxMemory.tkape
KAPE/Targets/Apps/WhatsApp.tkape
KAPE/Targets/Apps/WinSCP.tkape
KAPE/Targets/Apps/WindowsYourPhone.tkape
KAPE/Targets/Apps/XYplorer.tkape
KAPE/Targets/Apps/Zoom.tkape
KAPE/Targets/Apps/iTunesBackup.tkape
KAPE/Targets/Apps/mIRC.tkape
KAPE/Targets/Apps/mRemoteNG.tkape
KAPE/Targets/Apps/pCloudDatabase.tkape
KAPE/Targets/Browsers/BraveBrowser.tkape
KAPE/Targets/Browsers/BrowserCache.tkape
KAPE/Targets/Browsers/Chrome.tkape
KAPE/Targets/Browsers/ChromeExtensions.tkape
KAPE/Targets/Browsers/ChromeFileSystem.tkape
KAPE/Targets/Browsers/Edge.tkape
KAPE/Targets/Browsers/EdgeChromium.tkape
KAPE/Targets/Browsers/Firefox.tkape
KAPE/Targets/Browsers/InternetExplorer.tkape
KAPE/Targets/Browsers/Opera.tkape
KAPE/Targets/Browsers/PuffinSecureBrowser.tkape
KAPE/Targets/Compound/!BasicCollection.tkape
KAPE/Targets/Compound/!SANS_Triage.tkape
KAPE/Targets/Compound/Antivirus.tkape
KAPE/Targets/Compound/CloudStorage_All.tkape
KAPE/Targets/Compound/CloudStorage_Metadata.tkape
KAPE/Targets/Compound/CloudStorage_OneDriveExplorer.tkape
KAPE/Targets/Compound/CombinedLogs.tkape
KAPE/Targets/Compound/EvidenceOfExecution.tkape
KAPE/Targets/Compound/Exchange.tkape
KAPE/Targets/Compound/FTPClients.tkape
KAPE/Targets/Compound/FileExplorerReplacements.tkape
KAPE/Targets/Compound/FileSystem.tkape
KAPE/Targets/Compound/IRCClients.tkape
KAPE/Targets/Compound/KapeTriage.tkape
KAPE/Targets/Compound/MessagingClients.tkape
KAPE/Targets/Compound/MiniTimelineCollection.tkape
KAPE/Targets/Compound/P2PClients.tkape
KAPE/Targets/Compound/RecycleBin.tkape
KAPE/Targets/Compound/RegistryHives.tkape
KAPE/Targets/Compound/RemoteAdmin.tkape
KAPE/Targets/Compound/SOFELK.tkape
KAPE/Targets/Compound/SQLiteDatabases.tkape
KAPE/Targets/Compound/ServerTriage.tkape
KAPE/Targets/Compound/TorrentClients.tkape
KAPE/Targets/Compound/USBDetective.tkape
KAPE/Targets/Compound/UsenetClients.tkape
KAPE/Targets/Compound/VMware.tkape
KAPE/Targets/Compound/VirtualBox.tkape
KAPE/Targets/Compound/WSL.tkape
KAPE/Targets/Compound/WebBrowsers.tkape
KAPE/Targets/Compound/WebServers.tkape
KAPE/Targets/CompoundTargetGuide.guide
KAPE/Targets/CompoundTargetTemplate.template
KAPE/Targets/Logs/ApacheAccessLog.tkape
KAPE/Targets/Logs/IISLogFiles.tkape
KAPE/Targets/Logs/MSSQLErrorLog.tkape
KAPE/Targets/Logs/ManageEngineLogs.tkape
KAPE/Targets/Logs/NGINXLogs.tkape
KAPE/Targets/Logs/PowerShellConsole.tkape
KAPE/Targets/P2P/BitTorrent.tkape
KAPE/Targets/P2P/DC++.tkape
KAPE/Targets/P2P/Freenet.tkape
KAPE/Targets/P2P/FrostWire.tkape
KAPE/Targets/P2P/Gigatribe.tkape
KAPE/Targets/P2P/NZBGet.tkape
KAPE/Targets/P2P/NewsbinPro.tkape
KAPE/Targets/P2P/Newsleecher.tkape
KAPE/Targets/P2P/Nicotine++.tkape
KAPE/Targets/P2P/SABnbzd.tkape
KAPE/Targets/P2P/Shareaza.tkape
KAPE/Targets/P2P/Soulseek.tkape
KAPE/Targets/P2P/Torrents.tkape
KAPE/Targets/P2P/Usenet.tkape
KAPE/Targets/P2P/qBittorrent.tkape
KAPE/Targets/P2P/uTorrent.tkape
KAPE/Targets/TargetGuide.guide
KAPE/Targets/TargetTemplate.template
KAPE/Targets/Windows/$Boot.tkape
KAPE/Targets/Windows/$J.tkape
KAPE/Targets/Windows/$LogFile.tkape
KAPE/Targets/Windows/$MFT.tkape
KAPE/Targets/Windows/$MFTMirr.tkape
KAPE/Targets/Windows/$SDS.tkape
KAPE/Targets/Windows/$T.tkape
KAPE/Targets/Windows/Amcache.tkape
KAPE/Targets/Windows/ApplicationEvents.tkape
KAPE/Targets/Windows/AssetAdvisorLog.tkape
KAPE/Targets/Windows/BCD.tkape
KAPE/Targets/Windows/BITS.tkape
KAPE/Targets/Windows/CertUtil.tkape
KAPE/Targets/Windows/EncapsulationLogging.tkape
KAPE/Targets/Windows/EventLogs-RDP.tkape
KAPE/Targets/Windows/EventLogs.tkape
KAPE/Targets/Windows/EventTraceLogs.tkape
KAPE/Targets/Windows/EventTranscriptDB.tkape
KAPE/Targets/Windows/GroupPolicy.tkape
KAPE/Targets/Windows/LNKFilesAndJumpLists.tkape
KAPE/Targets/Windows/LinuxOnWindowsProfileFiles.tkape
KAPE/Targets/Windows/LogFiles.tkape
KAPE/Targets/Windows/MOF.tkape
KAPE/Targets/Windows/MemoryFiles.tkape
KAPE/Targets/Windows/OfficeAutosave.tkape
KAPE/Targets/Windows/OfficeDiagnostics.tkape
KAPE/Targets/Windows/OfficeDocumentCache.tkape
KAPE/Targets/Windows/Prefetch.tkape
KAPE/Targets/Windows/RDPCache.tkape
KAPE/Targets/Windows/RDPLogs.tkape
KAPE/Targets/Windows/RecentFileCache.tkape
KAPE/Targets/Windows/RecycleBin_DataFiles.tkape
KAPE/Targets/Windows/RecycleBin_InfoFiles.tkape
KAPE/Targets/Windows/RegistryHivesOther.tkape
KAPE/Targets/Windows/RegistryHivesSystem.tkape
KAPE/Targets/Windows/RegistryHivesUser.tkape
KAPE/Targets/Windows/RoamingProfile.tkape
KAPE/Targets/Windows/SDB.tkape
KAPE/Targets/Windows/SRUM.tkape
KAPE/Targets/Windows/SUM.tkape
KAPE/Targets/Windows/ScheduledTasks.tkape
KAPE/Targets/Windows/SignatureCatalog.tkape
KAPE/Targets/Windows/SnipAndSketch.tkape
KAPE/Targets/Windows/StartupFolders.tkape
KAPE/Targets/Windows/StartupInfo.tkape
KAPE/Targets/Windows/Syscache.tkape
KAPE/Targets/Windows/ThumbCache.tkape
KAPE/Targets/Windows/USBDevicesLogs.tkape
KAPE/Targets/Windows/VirtualDisks.tkape
KAPE/Targets/Windows/WBEM.tkape
KAPE/Targets/Windows/WER.tkape
KAPE/Targets/Windows/WSA/WindowsSubsystemforAndroid.tkape
KAPE/Targets/Windows/WSL/Debian.tkape
KAPE/Targets/Windows/WSL/Kali.tkape
KAPE/Targets/Windows/WSL/SUSELinuxEnterpriseServer.tkape
KAPE/Targets/Windows/WSL/Ubuntu.tkape
KAPE/Targets/Windows/WSL/openSUSE.tkape
KAPE/Targets/Windows/WindowsFirewall.tkape
KAPE/Targets/Windows/WindowsIndexSearch.tkape
KAPE/Targets/Windows/WindowsNotificationsDB.tkape
KAPE/Targets/Windows/WindowsOSUpgradeArtifacts.tkape
KAPE/Targets/Windows/WindowsPowerDiagnostics.tkape
KAPE/Targets/Windows/WindowsTelemetryDiagnosticsLegacy.tkape
KAPE/Targets/Windows/WindowsTimeline.tkape
KAPE/Targets/Windows/XPRestorePoints.tkape
KAPE/gkape.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fe:92:2e:c2:6d:8d:95:4f:3d:2e:83:96:06:56:8b:00:f6:88:c6:48:20:97:1e:9f:49:4f:cf:0d:6b:84:0d:fa
Signer

Actual PE Digest

fe:92:2e:c2:6d:8d:95:4f:3d:2e:83:96:06:56:8b:00:f6:88:c6:48:20:97:1e:9f:49:4f:cf:0d:6b:84:0d:fa

Digest Algorithm

sha256

PE Digest Matches

true

44:a8:9a:a7:1b:2f:f2:1b:c7:88:90:3b:c2:92:da:2e:bf:79:ad:98
Signer

Actual PE Digest

44:a8:9a:a7:1b:2f:f2:1b:c7:88:90:3b:c2:92:da:2e:bf:79:ad:98

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

gkape.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 59.8MB - Virtual size: 59.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 366KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KAPE/kape.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2019 00:00

Not After

24-03-2023 23:59

Subject

CN=Eric R. Zimmerman,O=Eric R. Zimmerman,POSTALCODE=46040,STREET=15672 Provincial Ln,L=Fishers,ST=IN,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2f:52:8f:9b:d9:72:bb:c6:bb:fd:e6:78:9f:77:4f:b7:53:95:c5:af:ba:6e:5d:d8:a4:65:31:d3:ac:6c:d0:61
Signer

Actual PE Digest

2f:52:8f:9b:d9:72:bb:c6:bb:fd:e6:78:9f:77:4f:b7:53:95:c5:af:ba:6e:5d:d8:a4:65:31:d3:ac:6c:d0:61

Digest Algorithm

sha256

PE Digest Matches

true

3b:c7:6d:dc:07:03:02:6a:92:e2:fb:45:0f:6b:f7:78:6a:f5:81:9a
Signer

Actual PE Digest

3b:c7:6d:dc:07:03:02:6a:92:e2:fb:45:0f:6b:f7:78:6a:f5:81:9a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Code\kape\kape\obj\Release\net452\kape.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 6.3MB - Virtual size: 6.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9cCertificate

Extended Key Usages

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9cCertificate

Extended Key Usages

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

47:41:68:c1:e3:67:32:25:f1:dc:d4:ca:f2:b3:90:fc:a5:29:05:bc:64:fd:24:0d:db:96:85:b9:7a:1e:10:02Signer

89:a8:0d:eb:83:02:cb:75:89:cd:49:73:66:79:1e:37:aa:1b:fd:9dSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 4.3MB - Virtual size: 4.3MB

.rsrc Size: 174KB - Virtual size: 174KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9cCertificate

Extended Key Usages

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate

Extended Key Usages

Key Usages

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9cCertificate

Extended Key Usages

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

6b:9c:62:f5:43:29:0a:f3:93:2c:ff:69:8a:6b:77:ce:f6:09:6f:49:90:4e:ea:5e:0f:e1:c9:bf:06:9d:98:68Signer

1f:34:2a:40:41:d2:60:26:7b:0f:61:b9:f3:3e:2e:4f:07:93:54:00Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 4.2MB - Virtual size: 4.2MB

.rsrc Size: 99KB - Virtual size: 99KB

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

47:41:68:c1:e3:67:32:25:f1:dc:d4:ca:f2:b3:90:fc:a5:29:05:bc:64:fd:24:0d:db:96:85:b9:7a:1e:10:02
Signer

89:a8:0d:eb:83:02:cb:75:89:cd:49:73:66:79:1e:37:aa:1b:fd:9d
Signer

.text
Size: 4.3MB - Virtual size: 4.3MB

.rsrc
Size: 174KB - Virtual size: 174KB

.reloc
Size: 512B - Virtual size: 12B

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

6b:9c:62:f5:43:29:0a:f3:93:2c:ff:69:8a:6b:77:ce:f6:09:6f:49:90:4e:ea:5e:0f:e1:c9:bf:06:9d:98:68
Signer

1f:34:2a:40:41:d2:60:26:7b:0f:61:b9:f3:3e:2e:4f:07:93:54:00
Signer

.text
Size: 4.2MB - Virtual size: 4.2MB

.rsrc
Size: 99KB - Virtual size: 99KB

.reloc
Size: 512B - Virtual size: 12B

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

fd:e9:bd:d2:95:3c:a6:c2:d4:92:25:d7:c9:77:c9:dc:bc:a4:9b:11:b5:af:26:1c:fd:2f:54:83:13:79:89:0a
Signer

b0:61:81:01:e1:99:a9:ee:44:82:35:c5:f1:5b:b0:63:f2:67:92:1a
Signer

.text
Size: 4.7MB - Virtual size: 4.7MB

.rsrc
Size: 140KB - Virtual size: 140KB

.reloc
Size: 512B - Virtual size: 12B

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

e8:46:33:2d:be:d1:d9:b8:1b:e0:37:d9:8e:20:bc:9c
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

65:21:4a:3b:f7:6b:58:1b:24:27:b7:9c:a9:f1:ad:fe:dd:79:79:fd:ca:7a:48:ba:d8:f9:03:f1:36:04:01:16
Signer

e6:b2:cb:4d:44:90:75:40:aa:3a:95:2b:19:95:82:ff:d8:ef:40:af
Signer