Process[.]L_o[.]Pro-14[.]0[.]0[.]40[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Process.L_o.Pro-14.0.0.40.zip
Size

4.5MB
MD5

8a2ed6e620c6e190324bbd83b012a265
SHA1

8e58cc00f0c18ef38bcd95351c584e32facaf90d
SHA256

892ebd06031562aa2bf0621ea2732fad2dc5e87fe76b3a36955009b6585d1d50
SHA512

950686b9d6358ed8bf3744b11c324e60f9bf0a11288964db5ab44e533bc48eedb2f090b80169d3d3a4f4eae1ab56a799ec3d40c838bf6bb0e89dec325589d8f3
SSDEEP

98304:HIADc3JY7F4kaDuXE6AVfolw0//tWof9ZMi+Zt5vVuLOiITBPqACozA:bDc3O7mkMuX2olw0dPZxat5voLY9yjo8

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Process.Lasso.Pro-14.0.0.40.exe
unpack002/$PLUGINSDIR/BrandingURL.dll
unpack002/$PLUGINSDIR/nsDialogs.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
static1/unpack001/Process.Lasso.Pro-14.0.0.40.exe	nsis_installer_1
static1/unpack001/Process.Lasso.Pro-14.0.0.40.exe	nsis_installer_2

Files

Process.L_o.Pro-14.0.0.40.zip
.zip
Process.Lasso.Pro-14.0.0.40.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/CPUEater.exe
.exe windows:6 windows x64 arch:x64

232dd24912b961a002280dd98949b378

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:ee:9f:fc:66:04:55:22:e7:d3:83:0c:4c:97:ca:1f:d7:25:c0:42:23:22:b2:15:d9:85:ca:38:fe:77:76:82
Signer

Actual PE Digest

0a:ee:9f:fc:66:04:55:22:e7:d3:83:0c:4c:97:ca:1f:d7:25:c0:42:23:22:b2:15:d9:85:ca:38:fe:77:76:82

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\pl\output\CPUEater.pdb

Imports

comctl32

InitCommonControlsEx
ord17

kernel32

DecodePointer
GetSystemTimeAsFileTime
GetThreadPriority
SetThreadPriorityBoost
GetCurrentThread
SetThreadPriority
ExitProcess
LoadLibraryW
MultiByteToWideChar
SetPriorityClass
GetPriorityClass
OpenMutexW
TerminateProcess
GetExitCodeProcess
WaitForSingleObject
GetModuleHandleW
GetModuleFileNameW
CreateProcessW
GetFileAttributesW
GetStartupInfoW
CreateThread
InitializeCriticalSection
GetCurrentProcess
SetEvent
OpenEventW
CreateEventW
CloseHandle
OpenProcess
InitializeCriticalSectionEx
FindResourceExW
LockResource
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
GetNumaNodeProcessorMask
GetNumaHighestNodeNumber
DeleteCriticalSection
LoadResource
FindResourceW
GetLastError
WriteConsoleW
LocalFree
WideCharToMultiByte
GetProcAddress
CreateFileW
VerifyVersionInfoW
VerSetConditionMask
GetLogicalProcessorInformationEx
GetActiveProcessorCount
GetActiveProcessorGroupCount
GetUserDefaultUILanguage
FreeLibrary
GetFileSize
GetCurrentProcessId
SetLastError
GetVolumeNameForVolumeMountPointW
DeleteFileW
GlobalAlloc
GlobalLock
GlobalUnlock
GetSystemInfo
Sleep
GetTickCount
GetFileTime
ReadFile
WriteFile
FlushFileBuffers
SetEndOfFile
FindNextFileW
EnterCriticalSection
LeaveCriticalSection
LocalAlloc
InitializeCriticalSectionAndSpinCount
K32GetModuleBaseNameW
GetVersionExW
MulDiv
LocalLock
LocalUnlock
IsDebuggerPresent
OutputDebugStringW
RaiseException
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
GetCurrentThreadId
GetStringTypeW
LoadLibraryExW
QueryPerformanceCounter
EncodePointer
GetCPInfo
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
GetStdHandle
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
SetFilePointerEx
FindClose
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetConsoleOutputCP
GetConsoleMode

user32

GetDialogBaseUnits
DrawTextW
DestroyIcon
FillRect
IsWindow
GetClassNameW
EnableMenuItem
GetSystemMenu
SetWindowPos
GetWindowRect
MoveWindow
GetParent
WinHelpW
RedrawWindow
GetAsyncKeyState
GetSysColor
CreateDialogIndirectParamW
PeekMessageW
IsDialogMessageW
WaitMessage
DestroyWindow
BeginPaint
GetClientRect
GetWindowLongPtrW
SetWindowLongPtrW
SendMessageW
PostMessageW
ShowWindow
IsWindowEnabled
GetSystemMetrics
MessageBeep
EndPaint
GetWindow
OpenClipboard
GetWindowTextW
RegisterClassExW
DefWindowProcW
PostQuitMessage
KillTimer
DispatchMessageW
TranslateMessage
GetMessageW
LoadStringW
SetForegroundWindow
GetDlgItemInt
IsWindowVisible
SetTimer
SystemParametersInfoW
CreateWindowExW
AllowSetForegroundWindow
SetDlgItemInt
LoadIconW
EndDialog
DialogBoxParamW
MessageBoxW
GetDlgItem
SetDlgItemTextW
IsDlgButtonChecked
GetDlgItemTextW
CheckDlgButton
SetFocus
EnableWindow
GetLastActivePopup
GetActiveWindow
SetRect
SetWindowTextW
CloseClipboard
SetClipboardData
DrawIcon
GetWindowLongW
SetWindowLongW
EmptyClipboard

gdi32

CreateDCW
SetTextColor
DeleteObject
GetTextExtentPoint32W
SelectObject
DeleteDC
SetBkColor
CreateSolidBrush
CreateFontIndirectW

advapi32

RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExW
RegCloseKey
RegCreateKeyExW

oleaut32

VariantClear
SysFreeString

rpcrt4

UuidFromStringW

shell32

SHGetSpecialFolderPathW
SHCreateDirectoryExW

ole32

IIDFromString
StringFromGUID2

Sections

.text
Size: 303KB - Virtual size: 303KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/Insights.exe
.exe windows:6 windows x64 arch:x64

74360a6a8e7273df476c18c8a08facab

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:18:56:aa:e7:6a:35:2a:9c:d8:ab:39:5d:46:bd:5e:f3:3a:70:6b:27:aa:a1:54:86:d5:85:2c:5a:d8:8b:82
Signer

Actual PE Digest

61:18:56:aa:e7:6a:35:2a:9c:d8:ab:39:5d:46:bd:5e:f3:3a:70:6b:27:aa:a1:54:86:d5:85:2c:5a:d8:8b:82

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\dev\projs\ProcessSupervisor\output\Insights.pdb

Imports

rpcrt4

UuidFromStringW
UuidCreate

kernel32

GetActiveProcessorCount
DeleteCriticalSection
DecodePointer
GetLastError
InitializeCriticalSectionEx
GetCurrentProcess
SetPriorityClass
FileTimeToSystemTime
FileTimeToLocalFileTime
TerminateThread
CreateThread
GetFileAttributesW
OpenMutexW
WaitForSingleObject
ReleaseMutex
CreateMutexW
SetEvent
CreateEventW
CloseHandle
GetLocalTime
GetLogicalProcessorInformationEx
GetSystemTimeAsFileTime
FindResourceW
FindResourceExW
LoadResource
LockResource
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
GetModuleHandleW
ExitProcess
LoadLibraryW
GetActiveProcessorGroupCount
GetCurrentThreadId
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
FindClose
SetFilePointerEx
CompareStringOrdinal
LoadLibraryExW
VirtualProtect
GetProcAddress
LocalFree
MultiByteToWideChar
WideCharToMultiByte
CreateFileW
VerifyVersionInfoW
VerSetConditionMask
GetUserDefaultUILanguage
FreeLibrary
GetModuleFileNameW
GetFileSize
GetStartupInfoW
OpenEventW
GetCurrentProcessId
SetLastError
WinExec
GetVolumeNameForVolumeMountPointW
DeleteFileW
GlobalAlloc
GlobalLock
GlobalUnlock
ResetEvent
IsBadWritePtr
GetSystemInfo
GetFileTime
K32GetModuleBaseNameW
GetDateFormatW
GetTimeFormatW
InitializeCriticalSection
Sleep
GetTickCount
ReadFile
WriteFile
FlushFileBuffers
SetEndOfFile
FindNextFileW
SystemTimeToFileTime
GetVersionExW
MulDiv
LocalAlloc
LocalLock
LocalUnlock
SetThreadPriority
GetCurrentThread
SetThreadPriorityBoost
GetPriorityClass
GetThreadPriority
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
GetNumaHighestNodeNumber
GetNumaNodeProcessorMask
IsDebuggerPresent
OutputDebugStringW
RaiseException
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
GetStringTypeW
QueryPerformanceCounter
EncodePointer
GetCPInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
WakeAllConditionVariable
SleepConditionVariableSRW
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
GetStdHandle
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW

user32

OffsetRect
GetMenuItemInfoW
DrawTextW
GetSystemMetrics
FindWindowW
GetWindowTextW
EnableWindow
GetWindowLongW
SetWindowLongW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetWindowLongPtrW
GetWindowLongPtrW
IsDlgButtonChecked
CheckDlgButton
SetDlgItemInt
GetMenuBarInfo
SetRect
GetActiveWindow
GetLastActivePopup
MessageBeep
DrawIcon
GetDialogBaseUnits
DestroyIcon
IsWindow
GetClassNameW
EnableMenuItem
GetSystemMenu
SetFocus
SetWindowPos
MoveWindow
GetParent
KillTimer
WinHelpW
GetAsyncKeyState
GetWindow
CreateDialogIndirectParamW
PeekMessageW
IsDialogMessageW
GetSysColor
DispatchMessageW
WaitMessage
GetMessageW
LoadImageW
IsWindowEnabled
SendMessageW
LoadStringW
SetPropW
MessageBoxW
GetWindowRect
GetDlgItemInt
RedrawWindow
GetDlgItemTextW
PostQuitMessage
EndPaint
BeginPaint
DefWindowProcW
DestroyWindow
CreateWindowExW
RegisterClassExW
TrackPopupMenu
GetCursorPos
GetSubMenu
DialogBoxParamW
SetForegroundWindow
EndDialog
FillRect
GetClientRect
PostMessageW
SetTimer
SystemParametersInfoW
SetMenu
LoadMenuW
SetWindowTextW
LoadIconW
LoadBitmapW
CheckMenuItem
GetMenu
SetDlgItemTextW
GetDlgItem
ShowWindow
TranslateMessage

gdi32

SetBkColor
CreateFontIndirectW
DeleteDC
SelectObject
SetTextColor
CreateSolidBrush
DeleteObject
GetTextExtentPoint32W
CreateDCW

advapi32

RegDeleteKeyW
RegEnumValueW
RegCreateKeyExW
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW
RegCloseKey
RegQueryValueExW
RegSetValueExW

shell32

SHGetSpecialFolderPathW
SHCreateDirectoryExW
ShellExecuteW

oleaut32

VariantClear

comctl32

InitCommonControlsEx
ord410
ord413
ord17

uxtheme

SetWindowTheme
DrawThemeBackground
OpenThemeData
GetThemeColor
CloseThemeData
IsThemeActive
DrawThemeText

shlwapi

SHDeleteKeyW

wininet

InternetCanonicalizeUrlW
InternetCloseHandle
InternetReadFile
InternetOpenUrlW
InternetOpenW

ole32

StringFromGUID2
IIDFromString

Sections

.text
Size: 390KB - Virtual size: 389KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/InstallHelper.exe
.exe windows:6 windows x64 arch:x64

60c11ab408fef17943543671f0133ec5

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

20:97:47:8e:73:7f:fa:99:16:7d:12:8a:27:c4:d0:b6:d9:4f:5e:de:22:62:5d:5c:ae:2c:62:35:5a:60:e9:ee
Signer

Actual PE Digest

20:97:47:8e:73:7f:fa:99:16:7d:12:8a:27:c4:d0:b6:d9:4f:5e:de:22:62:5d:5c:ae:2c:62:35:5a:60:e9:ee

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\pl\output\InstallHelper.pdb

Imports

comctl32

InitCommonControlsEx
ord17

kernel32

InitializeCriticalSection
RemoveDirectoryW
VerifyVersionInfoW
Sleep
CreateDirectoryW
GetVersionExW
CopyFileW
GetCurrentProcessId
CreateEventW
MultiByteToWideChar
GetSystemTimeAsFileTime
GetFileTime
GetSystemInfo
GetExitCodeProcess
GetModuleHandleW
ExitProcess
LoadLibraryW
TerminateThread
CreateThread
MoveFileW
DeleteFileW
GetFileAttributesW
WaitForSingleObject
ReleaseMutex
CloseHandle
SetEndOfFile
CreateFileW
WriteFile
ReadFile
GetFileSize
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
FindResourceW
LoadResource
FindResourceExW
HeapReAlloc
LockResource
SetEvent
GetLastError
HeapSize
InitializeCriticalSectionEx
GetEnvironmentVariableW
HeapFree
SizeofResource
GetLogicalProcessorInformationEx
GetActiveProcessorCount
VerSetConditionMask
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
SetStdHandle
LocalFree
WideCharToMultiByte
GetProcAddress
GetCurrentProcess
OpenProcess
CreateToolhelp32Snapshot
GetActiveProcessorGroupCount
TerminateProcess
Process32FirstW
Process32NextW
FormatMessageW
GetModuleFileNameW
GetStartupInfoW
CreateProcessW
SetLastError
GetVolumeNameForVolumeMountPointW
GetSystemDirectoryW
GetSystemWow64DirectoryW
GlobalAlloc
GlobalLock
GlobalUnlock
K32GetModuleBaseNameW
GetUserDefaultUILanguage
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
GetTickCount
MoveFileExW
FlushFileBuffers
FindNextFileW
MulDiv
LocalAlloc
LocalLock
LocalUnlock
InitializeCriticalSectionAndSpinCount
GetProcessTimes
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
GetCurrentThreadId
GetStringTypeW
LoadLibraryExW
QueryPerformanceCounter
EncodePointer
GetCPInfo
IsDebuggerPresent
OutputDebugStringW
RaiseException
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
GetStdHandle
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
GetFileSizeEx
SetFilePointerEx
FindClose
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW

user32

MessageBeep
BeginPaint
DrawIcon
EndPaint
GetSysColor
GetDialogBaseUnits
SystemParametersInfoW
DrawTextW
LoadIconW
DestroyIcon
FillRect
IsWindow
GetClassNameW
EnableMenuItem
GetSystemMenu
SetFocus
SetWindowPos
SetForegroundWindow
MoveWindow
GetParent
SetTimer
KillTimer
WinHelpW
RedrawWindow
GetAsyncKeyState
CreateDialogIndirectParamW
PeekMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
WaitMessage
GetActiveWindow
DestroyWindow
SetRect
GetLastActivePopup
GetWindowThreadProcessId
GetWindow
GetWindowTextW
IsWindowVisible
EnumWindows
GetWindowLongPtrW
CloseClipboard
SetClipboardData
EmptyClipboard
GetClientRect
CreateWindowExW
GetSystemMetrics
EndDialog
FindWindowW
DialogBoxParamW
GetDlgItem
SetDlgItemTextW
IsDlgButtonChecked
GetDlgItemTextW
CheckDlgButton
EnableWindow
ShowWindow
GetWindowRect
SendMessageW
SetWindowLongPtrW
MessageBoxW
LoadStringW
SetWindowTextW
PostMessageW
OpenClipboard
PostQuitMessage

advapi32

RegSetValueExW
CreateServiceW
StartServiceW
ControlService
QueryServiceStatus
RegEnumKeyExW
RegQueryInfoKeyW
DeleteService
NotifyBootConfigStatus
ChangeServiceConfigW
QueryServiceConfigW
CloseServiceHandle
OpenServiceW
OpenSCManagerW
RegOpenKeyExW
OpenProcessToken
GetTokenInformation
GetSidSubAuthority
RegDeleteKeyExW
GetUserNameW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExW
ChangeServiceConfig2W
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
LookupAccountSidW
LookupPrivilegeValueW
AdjustTokenPrivileges
RegEnumKeyW
GetSidSubAuthorityCount

shell32

ShellExecuteExW
SHCreateDirectoryExW
SHGetSpecialFolderPathW
SHBrowseForFolderW
SHGetPathFromIDListW

ole32

StringFromGUID2
IIDFromString
CoCreateInstance
CoInitializeEx
CoUninitialize
CoInitializeSecurity

oleaut32

SysFreeString
VariantClear
VariantInit
SysAllocString

shlwapi

SHDeleteKeyW

rpcrt4

UuidFromStringW

gdi32

CreateDCW
SetBkColor
DeleteObject
GetTextExtentPoint32W
SelectObject
CreateFontIndirectW
DeleteDC
SetTextColor
CreateSolidBrush

Sections

.text
Size: 395KB - Virtual size: 394KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/LogViewer.exe
.exe windows:6 windows x64 arch:x64

cc36a2f18051da76ebec6151edd7c7f2

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9e:ab:f1:40:06:9f:48:0f:8e:09:66:ea:e6:4f:c2:cc:90:e3:95:9a:2f:1d:7a:4b:43:63:05:27:e1:2f:ac:77
Signer

Actual PE Digest

9e:ab:f1:40:06:9f:48:0f:8e:09:66:ea:e6:4f:c2:cc:90:e3:95:9a:2f:1d:7a:4b:43:63:05:27:e1:2f:ac:77

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\dev\projs\ProcessSupervisor\output\LogViewer.pdb

Imports

kernel32

GetFileTime
TerminateThread
CreateThread
DeleteFileW
GetFileAttributesW
OpenMutexW
WaitForSingleObject
ReleaseMutex
SetEndOfFile
CreateFileW
WriteFile
ReadFile
CompareFileTime
GetFileSize
MultiByteToWideChar
SetEvent
OpenEventW
CreateEventW
CloseHandle
FindResourceW
FindResourceExW
LoadResource
LockResource
FindFirstChangeNotificationW
WaitForMultipleObjects
Sleep
FindNextChangeNotification
FindCloseChangeNotification
GlobalAlloc
WriteConsoleW
GetConsoleMode
DeleteCriticalSection
DecodePointer
InitializeCriticalSectionEx
GetLastError
GlobalUnlock
SetFilePointer
GlobalLock
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
GetConsoleOutputCP
FlushFileBuffers
SetStdHandle
GetModuleHandleW
ExitProcess
LoadLibraryW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetTimeZoneInformation
SetFilePointerEx
CompareStringOrdinal
LoadLibraryExW
VirtualProtect
GetProcAddress
LocalFree
WideCharToMultiByte
GetCurrentProcess
GetUserDefaultUILanguage
FreeLibrary
GetModuleFileNameW
GetStartupInfoW
GetCurrentProcessId
SetLastError
WinExec
SystemTimeToFileTime
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
GetDateFormatW
GetTimeFormatW
IsDebuggerPresent
OutputDebugStringW
RaiseException
GetCurrentThreadId
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
GetStringTypeW
QueryPerformanceCounter
WakeAllConditionVariable
SleepConditionVariableSRW
GetLocaleInfoEx
EncodePointer
LCMapStringEx
CompareStringEx
GetCPInfo
GetSystemTimeAsFileTime
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetStdHandle
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW

user32

GetMenuBarInfo
OffsetRect
GetMenuItemInfoW
InvalidateRect
SetDlgItemTextW
PostQuitMessage
EndPaint
BeginPaint
DefWindowProcW
PostMessageW
DialogBoxParamW
GetWindowTextW
GetWindowTextLengthW
SetTimer
SystemParametersInfoW
SetWindowLongPtrW
GetWindowInfo
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetKeyState
SetWindowPos
GetWindowDC
UpdateWindow
ShowWindow
CreateWindowExW
RegisterClassExW
LoadCursorW
LoadIconW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
LoadAcceleratorsW
CallWindowProcW
FillRect
GetClientRect
SetWindowTextW
RedrawWindow
SetPropW
EndDialog
MessageBoxW
LoadStringW
GetSysColor
SendMessageW
GetWindowRect

gdi32

CreateFontIndirectW
GetTextExtentPoint32W
SetBkColor
SetTextColor
CreateSolidBrush
DeleteObject

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegQueryValueExW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW

shell32

SHGetStockIconInfo
ShellExecuteW
SHGetSpecialFolderPathW
SHCreateDirectoryExW

comctl32

ord413
ord410

uxtheme

DrawThemeText
DrawThemeBackground
CloseThemeData
SetWindowTheme
IsThemeActive
OpenThemeData
GetThemeColor

oleaut32

VariantClear

Sections

.text
Size: 444KB - Virtual size: 444KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 269KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/ProcessGovernor.exe
.exe windows:6 windows x64 arch:x64

f43d794eb38694fa05c8366f0853d4e2

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9e:ce:d3:15:f1:39:cd:3f:d2:36:45:74:c6:3b:ab:6c:08:25:e0:12:bf:3a:25:64:77:43:36:9a:d3:26:d8:fc
Signer

Actual PE Digest

9e:ce:d3:15:f1:39:cd:3f:d2:36:45:74:c6:3b:ab:6c:08:25:e0:12:bf:3a:25:64:77:43:36:9a:d3:26:d8:fc

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\pl\output\ProcessGovernor.pdb

Imports

kernel32

GetDateFormatEx
OpenEventW
GetVersionExW
ReleaseMutex
OpenProcess
CreateEventW
Sleep
GetTickCount64
SetEvent
FileTimeToSystemTime
GetCurrentThread
TerminateThread
DeleteFileW
LoadLibraryW
CreateThread
ResetEvent
FileTimeToLocalFileTime
GetCurrentDirectoryW
SetThreadPriorityBoost
GetProcAddress
GetFileSize
ExitProcess
GetComputerNameW
GetCurrentProcessId
CreateProcessW
SetThreadExecutionState
GetModuleHandleW
FreeLibrary
GetSystemTime
GetTickCount
GetProcessTimes
SetUnhandledExceptionFilter
GlobalMemoryStatusEx
FindFirstChangeNotificationW
FindCloseChangeNotification
FindNextChangeNotification
SetEndOfFile
SetFilePointer
InitializeCriticalSection
SetThreadPriority
SetProcessShutdownParameters
WaitForMultipleObjects
GetProcessAffinityMask
GetTimeFormatEx
WriteFile
SetProcessAffinityMask
GetCurrentProcess
GetCommandLineW
SetPriorityClass
ReadFile
CreateDirectoryW
SetProcessPriorityBoost
LeaveCriticalSection
EnterCriticalSection
GetSystemInfo
CloseHandle
MultiByteToWideChar
GetFileAttributesW
InitializeCriticalSectionAndSpinCount
GetFileTime
GetSystemTimeAsFileTime
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
FindResourceW
LoadResource
FindResourceExW
CreateMutexW
HeapReAlloc
LockResource
GetActiveProcessorGroupCount
GetActiveProcessorCount
CreateToolhelp32Snapshot
Thread32First
Thread32Next
OpenThread
SetThreadGroupAffinity
FormatMessageW
GetProcessGroupAffinity
LocalFree
WideCharToMultiByte
VerifyVersionInfoW
GetLastError
GetPriorityClass
SetProcessWorkingSetSize
TerminateProcess
GetLogicalProcessorInformationEx
GetHandleInformation
GetUserDefaultUILanguage
GetModuleFileNameW
GetStartupInfoW
ProcessIdToSessionId
SetLastError
GetVolumeNameForVolumeMountPointW
MoveFileW
GetSystemDirectoryW
GlobalAlloc
GlobalLock
GlobalUnlock
GetProcessPriorityBoost
ResumeThread
GetLocalTime
OpenMutexW
K32GetModuleBaseNameW
GetDateFormatW
GetTimeFormatW
GetCurrentThreadId
SuspendThread
GetExitCodeThread
MoveFileExW
FlushFileBuffers
FindNextFileW
LocalAlloc
MulDiv
LocalLock
LocalUnlock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
WaitForSingleObjectEx
LoadLibraryExW
GetStringTypeW
EncodePointer
QueryPerformanceCounter
WakeAllConditionVariable
SleepConditionVariableSRW
CompareStringEx
GetCPInfo
LCMapStringEx
IsDebuggerPresent
OutputDebugStringW
RaiseException
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetStdHandle
GetCommandLineA
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileSizeEx
SetFilePointerEx
GetTimeZoneInformation
FindClose
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetConsoleOutputCP
GetConsoleMode
WriteConsoleW
HeapSize
CreateFileW
WaitForSingleObject
InitializeCriticalSectionEx
HeapFree
SizeofResource
VerSetConditionMask
GetLocaleInfoEx

user32

SetRect
GetActiveWindow
GetLastActivePopup
MessageBeep
BeginPaint
DrawIcon
EndPaint
GetSysColor
GetDialogBaseUnits
SystemParametersInfoW
DrawTextW
LoadIconW
DestroyIcon
FillRect
IsWindow
GetClassNameW
EnableMenuItem
GetSystemMenu
SetFocus
SetWindowPos
SetForegroundWindow
GetWindowRect
MoveWindow
SetTimer
KillTimer
WinHelpW
RedrawWindow
GetAsyncKeyState
PeekMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
WaitMessage
PostQuitMessage
DestroyWindow
EnumWindows
IsWindowVisible
GetWindow
SendMessageW
GetSystemMetrics
GetClientRect
LoadStringW
wvsprintfW
GetWindowLongPtrW
SetWindowLongPtrW
SetWindowTextW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EnableWindow
GetWindowTextW
CheckDlgButton
CreateDialogIndirectParamW
MessageBoxW
GetDlgItem
GetParent
PostMessageW
GetForegroundWindow
GetWindowThreadProcessId
GetLastInputInfo

advapi32

DuplicateTokenEx
EnumServicesStatusExW
StartServiceW
QueryServiceStatus
QueryServiceConfigW
CloseServiceHandle
OpenServiceW
GetUserNameW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegQueryValueExW
RegSetValueExW
GetTokenInformation
ControlService
ConvertStringSidToSidW
SetTokenInformation
GetLengthSid
CreateProcessAsUserW
LookupAccountSidW
GetSidSubAuthorityCount
GetSidSubAuthority
RegDeleteKeyW
RegQueryInfoKeyW
RegEnumKeyExW
OpenSCManagerW

shell32

ShellExecuteExW
SHGetSpecialFolderPathW
ShellExecuteW
SHCreateDirectoryExW

oleaut32

SysFreeString
VariantClear

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

shlwapi

SHDeleteKeyW

pdh

PdhCloseQuery
PdhCollectQueryData
PdhAddEnglishCounterW
PdhGetFormattedCounterValue
PdhRemoveCounter
PdhOpenQueryW

dbghelp

MiniDumpWriteDump

rpcrt4

UuidCreate
UuidFromStringW

gdi32

SetTextColor
SetBkColor
SelectObject
DeleteDC
CreateFontIndirectW
CreateDCW
CreateSolidBrush
DeleteObject
GetTextExtentPoint32W

ole32

StringFromGUID2
IIDFromString

Sections

.text
Size: 798KB - Virtual size: 798KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 226KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/ProcessLasso.exe
.exe windows:6 windows x64 arch:x64

12ab1cdff104d496260bae930be6bce7

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c3:c6:94:ac:e0:84:1f:6a:2e:7f:af:9a:a7:63:cc:fa:f3:ba:56:cc:fb:51:69:b7:ef:9e:32:49:24:0d:65:f2
Signer

Actual PE Digest

c3:c6:94:ac:e0:84:1f:6a:2e:7f:af:9a:a7:63:cc:fa:f3:ba:56:cc:fb:51:69:b7:ef:9e:32:49:24:0d:65:f2

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\dev\projs\ProcessSupervisor\output\ProcessLasso.pdb

Imports

comctl32

ord412
ImageList_Remove
ord17
ImageList_Destroy
ImageList_Create
ImageList_ReplaceIcon
ord410
ord413
InitCommonControlsEx

gdiplus

GdiplusStartup
GdiplusShutdown
GdipDrawRectangleI
GdipAlloc
GdipSetPenDashStyle
GdipFree
GdipCreateFromHDC
GdipDeleteGraphics
GdipDeletePen
GdipCreatePen1
GdipDrawLineI

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

MoveFileExW
GetFileSize
VerSetConditionMask
GetCurrentProcessId
SystemTimeToFileTime
GlobalMemoryStatusEx
CreateProcessW
SetThreadExecutionState
GetModuleHandleW
CopyFileW
VerifyVersionInfoW
IsBadReadPtr
QueryPerformanceCounter
OpenMutexW
GetProcessTimes
CreateMutexW
WideCharToMultiByte
GetProcAddress
TerminateProcess
LoadLibraryW
FreeLibrary
SetThreadPriority
ExitThread
GetCurrentThread
SetThreadPriorityBoost
CreateDirectoryW
SetPriorityClass
SetProcessShutdownParameters
GetVersionExW
GetTickCount64
SetUnhandledExceptionFilter
GlobalAlloc
GlobalLock
GlobalUnlock
EnterCriticalSection
CompareFileTime
ReadFile
GetStartupInfoW
GetExitCodeProcess
GetFileTime
GetSystemTimeAsFileTime
GetProcessHeap
ExitProcess
DeleteCriticalSection
HeapDestroy
DecodePointer
FindNextChangeNotification
GetCurrentDirectoryW
FileTimeToLocalFileTime
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
ResetEvent
GetACP
IsValidCodePage
FindFirstFileExW
HeapAlloc
GetTimeZoneInformation
SetFilePointerEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
GetFileType
GetStdHandle
GetModuleHandleExW
FreeLibraryAndExitThread
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlPcToFileHeader
RtlUnwindEx
InitializeSListHead
IsProcessorFeaturePresent
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RaiseException
OutputDebugStringW
IsDebuggerPresent
GetCPInfo
CompareStringEx
SleepConditionVariableSRW
WakeAllConditionVariable
LCMapStringEx
CreateThread
GetSystemInfo
CloseHandle
DeleteFileW
QueryPerformanceFrequency
FindCloseChangeNotification
GetActiveProcessorGroupCount
TerminateThread
FileTimeToSystemTime
SetEvent
Sleep
MultiByteToWideChar
CreateEventW
OpenProcess
FindFirstChangeNotificationW
GetSystemDirectoryW
ReleaseMutex
OpenEventW
GetFileAttributesW
InitializeCriticalSection
SetFilePointer
LeaveCriticalSection
WaitForMultipleObjects
GetCurrentProcess
GetOEMCP
FindResourceW
LoadResource
FindResourceExW
HeapReAlloc
LockResource
GetLastError
HeapSize
CreateFileW
WaitForSingleObject
InitializeCriticalSectionEx
HeapFree
SizeofResource
GetCommandLineW
GetLocaleInfoEx
EncodePointer
WaitForSingleObjectEx
TryAcquireSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetStringTypeW
GetExitCodeThread
SuspendThread
GetCurrentThreadId
LocalUnlock
LocalLock
LocalAlloc
MulDiv
GetTimeFormatW
GetDateFormatW
GetNumaNodeProcessorMask
K32GetModuleBaseNameW
FindNextFileW
FindFirstFileW
SetEndOfFile
FlushFileBuffers
WriteFile
GetTickCount
GetLocalTime
ResumeThread
GetProcessPriorityBoost
InitializeCriticalSectionAndSpinCount
GetThreadPriority
RemoveDirectoryW
MoveFileW
GetVolumeNameForVolumeMountPointW
WinExec
SetLastError
ProcessIdToSessionId
GetModuleFileNameW
FindClose
GetUserDefaultUILanguage
IsBadWritePtr
CompareStringOrdinal
LoadLibraryExW
VirtualProtect
LocalFree
SetProcessAffinityMask
CreateToolhelp32Snapshot
Thread32First
OpenThread
SetThreadGroupAffinity
Thread32Next
GetProcessAffinityMask
GetProcessGroupAffinity
SetProcessPriorityBoost
GetPriorityClass
SetProcessWorkingSetSize
GetLogicalProcessorInformationEx
GetActiveProcessorCount
GetNumaHighestNodeNumber

user32

SetWindowLongPtrW
SendMessageW
EndDialog
SetWindowTextW
GetWindowLongPtrW
SetTimer
IsDialogMessageW
WaitMessage
CreateDialogIndirectParamW
GetAsyncKeyState
SetDlgItemTextW
GetDlgItemTextW
GetDlgItem
KillTimer
DialogBoxParamW
UpdateWindow
EnableWindow
PeekMessageW
WinHelpW
GetKeyState
GetClassLongPtrW
OpenClipboard
CloseClipboard
EmptyClipboard
SetClipboardData
GetMessageW
LoadAcceleratorsW
DispatchMessageW
TranslateAcceleratorW
TranslateMessage
IsIconic
GetWindowTextLengthW
IsDlgButtonChecked
GetDlgItemInt
SetDlgItemInt
GetWindowTextW
SetDlgItemTextA
CheckDlgButton
GetMenuItemInfoW
DefWindowProcW
LoadMenuW
GetWindowRect
GetMenu
DestroyWindow
GetDC
IsWindowVisible
SetWindowPos
FillRect
CreateWindowExW
DeleteMenu
ScreenToClient
CreatePopupMenu
SetClassLongPtrW
RegisterClassExW
TrackPopupMenu
GetSubMenu
ShowWindow
GetClassInfoW
RedrawWindow
DestroyIcon
GetWindowInfo
ClientToScreen
SetMenuItemInfoW
TrackMouseEvent
GetSysColor
LoadBitmapW
DestroyMenu
SetFocus
LoadIconW
GetParent
LoadCursorW
DrawMenuBar
CheckMenuItem
GetClientRect
AppendMenuW
DrawTextW
PostQuitMessage
EnableMenuItem
SystemParametersInfoW
RegisterWindowMessageW
SetForegroundWindow
LoadImageW
InvalidateRect
ReleaseDC
GetCursorPos
BeginPaint
EndPaint
PostMessageW
MessageBoxW
SetPropW
FrameRect
GetMenuBarInfo
OffsetRect
IntersectRect
LoadStringW
GetSystemMetrics
GetWindowThreadProcessId
GetWindow
EnumWindows
GetWindowLongW
SetWindowLongW
IsWindowEnabled
SetRect
GetActiveWindow
GetLastActivePopup
MessageBeep
DrawIcon
GetDialogBaseUnits
IsWindow
GetClassNameW
GetSystemMenu
MoveWindow
FindWindowW

gdi32

BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GetStockObject
CreateRoundRectRgn
DeleteDC
TextOutW
GetTextExtentPoint32W
SetBkMode
LineTo
CreatePen
MoveToEx
DeleteObject
CreateBitmap
CreateFontIndirectW
FillRgn
SetTextColor
SetBkColor
CreateSolidBrush
Ellipse
GetObjectW
CreateDCW

comdlg32

GetSaveFileNameW
ChooseColorW
GetOpenFileNameW

advapi32

RegOpenKeyExW
GetSidSubAuthorityCount
LookupAccountSidW
RegEnumKeyExW
RegQueryInfoKeyW
EnumServicesStatusExW
ControlService
QueryServiceStatus
QueryServiceConfigW
RegDeleteKeyW
ChangeServiceConfigW
StartServiceW
CloseServiceHandle
OpenServiceW
OpenSCManagerW
GetSidSubAuthority
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
SetSecurityDescriptorDacl
RegCloseKey
RegCreateKeyExW
RegSetValueExW
InitializeSecurityDescriptor
GetUserNameW
RegQueryValueExW
RegDeleteValueW
GetTokenInformation

shell32

SHGetStockIconInfo
ShellExecuteExW
SHGetKnownFolderPath
SHGetSpecialFolderPathW
ord178
SHCreateDirectoryExW
ExtractAssociatedIconW
ShellExecuteW
SHQueryUserNotificationState
Shell_NotifyIconW

ole32

CoInitializeEx
CoTaskMemFree
CoUninitialize
CoCreateInstance
IIDFromString
CoInitializeSecurity
StringFromGUID2

oleaut32

VariantClear
VariantInit
SysAllocString
SysFreeString

pdh

PdhCloseQuery
PdhAddEnglishCounterW
PdhRemoveCounter
PdhCollectQueryData
PdhOpenQueryW
PdhGetFormattedCounterValue

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

shlwapi

SHDeleteKeyW

dbghelp

MiniDumpWriteDump

uxtheme

DrawThemeText
SetWindowTheme
OpenThemeData
GetThemeColor
CloseThemeData
IsThemeActive
DrawThemeBackground

rpcrt4

UuidCreate
UuidFromStringW

wininet

InternetCanonicalizeUrlW
InternetOpenW
InternetCloseHandle
InternetOpenUrlW
InternetReadFile

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 233KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 249KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/ProcessLassoLauncher.exe
.exe windows:6 windows x64 arch:x64

57d3dfd0d74accc835dfeb836d8e80e4

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c5:89:84:74:1a:24:cd:4b:eb:8b:a9:e8:57:ef:93:66:70:be:fa:af:ae:d2:34:0a:04:50:ea:c7:4b:ca:15:b3
Signer

Actual PE Digest

c5:89:84:74:1a:24:cd:4b:eb:8b:a9:e8:57:ef:93:66:70:be:fa:af:ae:d2:34:0a:04:50:ea:c7:4b:ca:15:b3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\pl\output\ProcessLassoLauncher.pdb

Imports

kernel32

VerSetConditionMask
VerifyVersionInfoW
GetModuleFileNameW
CreateFileW
CloseHandle
GetCurrentProcess
GetStartupInfoW
CreateProcessW
GetCurrentProcessId
OpenProcess
SetLastError
GetProcAddress
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetCurrentThreadId
QueryPerformanceCounter
GetSystemTimeAsFileTime
IsDebuggerPresent
OutputDebugStringW
RaiseException
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetModuleHandleExW
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
SetFilePointerEx
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
MultiByteToWideChar
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetStringTypeW
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
WriteConsoleW
DeleteCriticalSection
GetLastError
InitializeCriticalSectionEx
FindResourceW
FindResourceExW
LoadResource
LockResource
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
FreeLibrary
RtlVirtualUnwind
HeapDestroy
GetModuleHandleW
ExitProcess
LoadLibraryW

user32

MessageBoxW
PostMessageW
FindWindowW

advapi32

OpenProcessToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority

shell32

ShellExecuteExW

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 226KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/QuickUpgrade.exe
.exe windows:6 windows x64 arch:x64

8512917e1c00b2532f1722576b97c5de

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ba:e3:b2:6b:8b:46:c5:2f:8c:13:81:9a:81:74:69:55:8d:c9:ef:47:a0:ba:cd:f5:68:75:08:54:24:3d:69:da
Signer

Actual PE Digest

ba:e3:b2:6b:8b:46:c5:2f:8c:13:81:9a:81:74:69:55:8d:c9:ef:47:a0:ba:cd:f5:68:75:08:54:24:3d:69:da

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\dev\projs\ProcessSupervisor\output\QuickUpgrade.pdb

Imports

kernel32

GetActiveProcessorGroupCount
GetLogicalProcessorInformationEx
GetActiveProcessorCount
DeleteCriticalSection
InitializeCriticalSectionEx
CopyFileW
FreeLibrary
GetStartupInfoW
CreateProcessW
CreateThread
Sleep
OpenEventW
CreateEventW
SetEvent
SetCurrentDirectoryW
MultiByteToWideChar
GetLastError
GetFileAttributesW
GetSystemInfo
LoadLibraryW
GetModuleHandleW
ExitProcess
GetSystemTimeAsFileTime
GetExitCodeProcess
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
WaitForSingleObject
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
CloseHandle
GetTempPathW
WriteFile
RemoveDirectoryW
DeleteFileW
CreateFileW
CreateDirectoryW
LocalFree
WideCharToMultiByte
GetProcAddress
VerifyVersionInfoW
VerSetConditionMask
GetCurrentProcess
LoadLibraryExW
GetUserDefaultUILanguage
GetModuleFileNameW
GetCurrentProcessId
OpenProcess
SetLastError
WinExec
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
TerminateThread
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
TerminateProcess
GetProcessTimes
IsDebuggerPresent
OutputDebugStringW
RaiseException
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
QueryPerformanceCounter
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
RtlPcToFileHeader
RtlUnwindEx
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
GetStdHandle
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
SetFilePointerEx
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetStringTypeW
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
WriteConsoleW

user32

GetWindowThreadProcessId
MessageBoxW
SendMessageW
PostMessageW
DialogBoxParamW
EndDialog
GetDlgItem
SetDlgItemTextW
GetWindow
IsWindowVisible
EnumWindows
EnableWindow
ShowWindow
CreateWindowExW
LoadStringW

advapi32

StartServiceW
QueryServiceStatus
ChangeServiceConfigW
OpenProcessToken
GetTokenInformation
CloseServiceHandle
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegSetValueExW
GetSidSubAuthorityCount
GetSidSubAuthority
OpenSCManagerW
OpenServiceW

shell32

ShellExecuteW
ShellExecuteExW
SHGetSpecialFolderPathW

ole32

CoInitialize

oleaut32

SysFreeString
VariantClear
SysAllocString

wininet

InternetCloseHandle
InternetOpenW
InternetReadFile
InternetOpenUrlW

wintrust

WinVerifyTrust

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 227KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/ThreadRacer.exe
.exe windows:6 windows x64 arch:x64

ab54d1be84f60bd7a46d170d7adc13ad

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:c7:fb:e9:31:6f:a9:62:4d:40:a0:12:c5:8a:67:c9:e6:bd:a2:34:72:cb:ac:57:9e:2f:58:cf:1e:89:5d:6e
Signer

Actual PE Digest

07:c7:fb:e9:31:6f:a9:62:4d:40:a0:12:c5:8a:67:c9:e6:bd:a2:34:72:cb:ac:57:9e:2f:58:cf:1e:89:5d:6e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\pl\output\ThreadRacer.exe.pdb

Imports

kernel32

SetThreadAffinityMask
SetThreadPriority
GetCurrentThread
CreateThread
Sleep
CreateEventW
WaitForSingleObject
SetEvent
CloseHandle
GetLogicalProcessorInformationEx
GetActiveProcessorCount
GetActiveProcessorGroupCount
GetNumaHighestNodeNumber
GetUserDefaultUILanguage
GetFileAttributesW
FreeLibrary
LocalFree
GetModuleFileNameW
CreateFileW
GetFileSize
GetCurrentProcess
GetStartupInfoW
GetCurrentProcessId
SetLastError
GetProcAddress
DeleteFileW
WideCharToMultiByte
GetNumaNodeProcessorMask
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
ReadFile
WriteFile
DeleteCriticalSection
SetEndOfFile
FindNextFileW
IsDebuggerPresent
OutputDebugStringW
RaiseException
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
GetCurrentThreadId
GetStringTypeW
LoadLibraryExW
QueryPerformanceCounter
EncodePointer
GetCPInfo
GetSystemTimeAsFileTime
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
RtlPcToFileHeader
RtlUnwindEx
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
GetStdHandle
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
SetFilePointerEx
FindClose
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetConsoleOutputCP
GetConsoleMode
WriteConsoleW
InitializeCriticalSectionEx
GetLastError
DecodePointer
LoadLibraryW
FindResourceW
SizeofResource
LockResource
LoadResource
GetModuleHandleW
FindResourceExW
ExitProcess
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
FlushFileBuffers
HeapDestroy

user32

GetWindowLongPtrW
SetWindowLongPtrW
IsWindowEnabled
SetWindowTextW
SetWindowLongW
GetWindowLongW
GetWindowTextW
PostMessageW
LoadStringW
ShowWindow
EnableWindow
IsDlgButtonChecked
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
SetDlgItemInt
GetDlgItem
EndDialog
DialogBoxParamW
SendMessageW
MessageBoxW
GetClientRect
GetDlgItemInt
SetForegroundWindow
SetFocus

ole32

CoInitialize

comctl32

ord17
InitCommonControlsEx

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

oleaut32

VariantClear

Sections

.text
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/TweakScheduler.exe
.exe windows:6 windows x64 arch:x64

9d7de62ff5aa58a83dc400e101a3a2d5

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:9e:90:73:27:7f:c5:25:5c:32:bb:86:a2:66:22:c6:52:9b:04:48:b9:f1:b0:98:15:39:39:74:fe:28:27:e9
Signer

Actual PE Digest

0a:9e:90:73:27:7f:c5:25:5c:32:bb:86:a2:66:22:c6:52:9b:04:48:b9:f1:b0:98:15:39:39:74:fe:28:27:e9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\pl\output\TweakScheduler.exe.bsc

Imports

comctl32

InitCommonControlsEx

kernel32

GetLogicalProcessorInformationEx
GetNumaHighestNodeNumber
RtlUnwind
OutputDebugStringW
GetVersionExW
GetCurrentProcess
GetExitCodeProcess
GetFileTime
GetSystemTimeAsFileTime
CloseHandle
MultiByteToWideChar
GetFileAttributesW
CreateFileW
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
ExitProcess
LoadLibraryW
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
FindResourceW
LoadResource
FindResourceExW
GetSystemInfo
HeapReAlloc
LockResource
GetLastError
HeapSize
InitializeCriticalSectionEx
GetActiveProcessorGroupCount
HeapFree
IsBadWritePtr
SizeofResource
GetActiveProcessorCount
WriteConsoleW
ReadConsoleW
GetConsoleMode
GetUserDefaultUILanguage
FreeLibrary
LocalFree
FormatMessageW
VerSetConditionMask
VerifyVersionInfoW
GetShortPathNameW
GetLongPathNameW
GetModuleFileNameW
GetFileSize
GetStartupInfoW
CreateProcessW
ProcessIdToSessionId
OpenEventW
GetCurrentProcessId
OpenProcess
SetLastError
GetProcAddress
WinExec
GetVolumeNameForVolumeMountPointW
MoveFileW
RemoveDirectoryW
CopyFileW
DeleteFileW
CreateDirectoryW
GetSystemDirectoryW
GetSystemWow64DirectoryW
GlobalAlloc
GlobalLock
GlobalUnlock
WideCharToMultiByte
ReadFile
GetHandleInformation
WaitForMultipleObjects
EnterCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
Sleep
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentThreadId
InitializeSListHead
RaiseException
TryAcquireSRWLockExclusive
QueryPerformanceFrequency
FormatMessageA
SetFileInformationByHandle
GetTempPathW
InitOnceExecuteOnce
CreateEventExW
CreateSemaphoreExW
FlushProcessWriteBuffers
GetCurrentProcessorNumber
GetTickCount64
FreeLibraryWhenCallbackReturns
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWait
GetFileInformationByHandleEx
CreateSymbolicLinkW
GetLocaleInfoEx
RtlUnwindEx
RtlPcToFileHeader
InterlockedPushEntrySList
InterlockedFlushSList
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetModuleHandleExW
GetStdHandle
WriteFile
GetCurrentThread
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
SetConsoleCtrlHandler
SetStdHandle
GetStringTypeW
GetFileSizeEx
SetFilePointerEx
FlushFileBuffers
GetConsoleOutputCP

user32

CloseClipboard
GetIconInfo
InvalidateRect
GetSystemMetrics
UnregisterClassW
LoadStringW
MessageBoxW
GetDlgItem
GetClientRect
FindWindowW
SetClipboardData
EmptyClipboard
GetWindowThreadProcessId
GetWindowTextW
OpenClipboard
ReleaseDC
GetWindowLongW
PostMessageW
EndDialog
SetWindowTextW
ShowWindow
wvsprintfW
ExitWindowsEx
SetDlgItemTextW
IsDlgButtonChecked
CheckDlgButton
DialogBoxParamW
EnableWindow
CreateWindowExW
SendMessageW
GetDC
SetWindowLongW

advapi32

RegSetValueExW
StartServiceW
ConvertStringSidToSidW
ControlService
QueryServiceStatus
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegEnumValueW
RegEnumKeyW
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
DuplicateTokenEx
NotifyBootConfigStatus
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCloseKey
EnumServicesStatusExW
OpenProcessToken
RegOpenKeyExW
RegQueryValueExW
SetTokenInformation
GetLengthSid
CreateProcessAsUserW
GetUserNameW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
QueryServiceConfigW
ChangeServiceConfigW

shell32

SHGetKnownFolderPath
SHGetStockIconInfo
SHChangeNotify
SHGetSpecialFolderPathW
SHCreateDirectoryExW
ShellExecuteExW
ShellExecuteW

ole32

CLSIDFromString
CoTaskMemFree

oleaut32

SysAllocString
SysFreeString

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlW
InternetOpenW
InternetCanonicalizeUrlW

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

shlwapi

SHDeleteKeyW

gdi32

GetTextExtentPoint32W
GetObjectW
DeleteObject
SelectObject

Sections

.text
Size: 444KB - Virtual size: 443KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

memcpy_
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/bitsumsessionagent.exe
.exe windows:6 windows x64 arch:x64

a7701cdb73805c1b95559d6cb505e04d

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6c:0c:3d:78:b9:86:df:a9:13:5d:6b:0d:db:e7:d5:17:10:c7:08:64:a7:58:65:aa:ae:04:6f:04:02:a4:7f:95
Signer

Actual PE Digest

6c:0c:3d:78:b9:86:df:a9:13:5d:6b:0d:db:e7:d5:17:10:c7:08:64:a7:58:65:aa:ae:04:6f:04:02:a4:7f:95

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\dev\projs\ProcessSupervisor\x64\Release\bitsumsessionagent.pdb

Imports

kernel32

HeapReAlloc
FindResourceExW
LoadResource
FindResourceW
HeapAlloc
HeapDestroy
DeleteCriticalSection
GetProcessHeap
SetPriorityClass
GetCurrentProcess
OutputDebugStringW
WaitForSingleObject
OpenEventW
ReleaseMutex
CreateEventW
ProcessIdToSessionId
SetEvent
CloseHandle
LoadLibraryW
GetProcAddress
GetCurrentProcessId
SetThreadExecutionState
FreeLibrary
LockResource
GetLastError
HeapSize
InitializeCriticalSectionEx
HeapFree
CreateMutexW
SizeofResource
WriteConsoleW
CreateFileW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetFilePointerEx
GetStringTypeW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
IsDebuggerPresent
RaiseException
EnterCriticalSection
LeaveCriticalSection
LocalFree
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
TryAcquireSRWLockExclusive
WaitForSingleObjectEx
GetExitCodeThread
RtlUnwindEx
RtlPcToFileHeader
SetLastError
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
GetStdHandle
WriteFile
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP

user32

GetMessageW
DefWindowProcW
GetLastInputInfo
DestroyWindow
MessageBoxW
GetWindowThreadProcessId
SendMessageW
RegisterClassExW
DispatchMessageW
SetTimer
GetForegroundWindow
TranslateMessage
LoadCursorW
PostQuitMessage
CreateWindowExW

advapi32

RegCloseKey
RegQueryValueExW
RegCreateKeyExW

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/pl-update.cmd
$EXEDIR/Portable Process Lasso 64/pl.cmd
$EXEDIR/Portable Process Lasso 64/plActivate.exe
.exe windows:6 windows x64 arch:x64

6165000e7b95b0dd4f16b61f6896a823

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d2:d1:11:fd:11:33:76:a6:92:d2:aa:6a:51:ab:c3:03:8d:ee:16:6a:bf:5f:93:71:f3:3f:64:37:37:09:73:2b
Signer

Actual PE Digest

d2:d1:11:fd:11:33:76:a6:92:d2:aa:6a:51:ab:c3:03:8d:ee:16:6a:bf:5f:93:71:f3:3f:64:37:37:09:73:2b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\dev\projs\ProcessSupervisor\output\plActivate.pdb

Imports

kernel32

FreeLibrary
GetModuleFileNameW
CreateFileW
CloseHandle
GetCurrentProcess
GetStartupInfoW
GetCurrentProcessId
SetLastError
GetProcAddress
WideCharToMultiByte
GetSystemInfo
IsBadWritePtr
GetSystemTimeAsFileTime
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
IsDebuggerPresent
OutputDebugStringW
RaiseException
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetCurrentThreadId
QueryPerformanceCounter
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetModuleHandleExW
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
SetFilePointerEx
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetStringTypeW
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
WriteConsoleW
DeleteCriticalSection
GetLastError
InitializeCriticalSectionEx
FindResourceW
FindResourceExW
LoadResource
LockResource
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
GetUserDefaultUILanguage
GetModuleHandleW
ExitProcess
LoadLibraryW

wininet

InternetCloseHandle
InternetOpenW
InternetOpenUrlW
InternetCanonicalizeUrlW
InternetReadFile

advapi32

RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW

Sections

.text
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/pl_rsrc_bulgarian.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1b:d1:84:47:43:35:f7:e5:18:d6:11:17:cd:90:63:7c:a6:9f:0f:86:fa:a2:f1:a6:97:24:66:3f:7c:26:6b:65
Signer

Actual PE Digest

1b:d1:84:47:43:35:f7:e5:18:d6:11:17:cd:90:63:7c:a6:9f:0f:86:fa:a2:f1:a6:97:24:66:3f:7c:26:6b:65

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\dev\projs\ProcessSupervisor\output\pl_rsrc_bulgarian.pdb

Sections

.rdata
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/pl_rsrc_chinese.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6e:1b:34:4b:4b:14:a9:88:25:47:c1:82:51:44:12:2f:a6:a2:6d:dd:63:53:9d:c7:10:d6:67:3b:00:1e:34:e5
Signer

Actual PE Digest

6e:1b:34:4b:4b:14:a9:88:25:47:c1:82:51:44:12:2f:a6:a2:6d:dd:63:53:9d:c7:10:d6:67:3b:00:1e:34:e5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\dev\projs\ProcessSupervisor\output\pl_rsrc_chinese.pdb

Sections

.rdata
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/pl_rsrc_chinese_traditional.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

86:8f:6f:40:11:4c:6c:79:ed:5c:16:d4:65:6d:3b:08:c5:f4:b3:e5:c2:17:8d:5e:50:33:05:64:93:f1:d1:d9
Signer

Actual PE Digest

86:8f:6f:40:11:4c:6c:79:ed:5c:16:d4:65:6d:3b:08:c5:f4:b3:e5:c2:17:8d:5e:50:33:05:64:93:f1:d1:d9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\dev\projs\ProcessSupervisor\output\pl_rsrc_chinese_traditional.pdb

Sections

.rdata
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/pl_rsrc_english.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

55:db:53:15:44:30:2f:f9:37:ee:d8:e0:39:76:d7:4c:d9:7a:0c:33:81:90:ef:7b:9d:16:fd:87:49:67:ce:0c
Signer

Actual PE Digest

55:db:53:15:44:30:2f:f9:37:ee:d8:e0:39:76:d7:4c:d9:7a:0c:33:81:90:ef:7b:9d:16:fd:87:49:67:ce:0c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.rdata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/pl_rsrc_finnish.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

48:0f:83:e4:ee:04:9f:d1:82:93:b5:70:d5:db:32:4f:14:9f:a2:36:59:0d:75:af:97:56:fa:ed:fc:da:8b:24
Signer

Actual PE Digest

48:0f:83:e4:ee:04:9f:d1:82:93:b5:70:d5:db:32:4f:14:9f:a2:36:59:0d:75:af:97:56:fa:ed:fc:da:8b:24

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\pl\output\pl_rsrc_finnish.pdb

Sections

.rdata
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/pl_rsrc_french.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

54:69:38:bb:15:74:35:4a:bb:51:ee:0e:5e:d2:91:a4:05:05:27:2b:ff:21:6d:b9:2d:23:da:3b:76:80:05:bc
Signer

Actual PE Digest

54:69:38:bb:15:74:35:4a:bb:51:ee:0e:5e:d2:91:a4:05:05:27:2b:ff:21:6d:b9:2d:23:da:3b:76:80:05:bc

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\dev\projs\ProcessSupervisor\output\pl_rsrc_french.pdb

Sections

.rdata
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/pl_rsrc_german.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:3c:be:71:d9:0b:32:3e:a1:62:a9:a0:22:a5:11:af:8d:ec:95:ae:74:88:67:08:0a:d0:4c:41:24:03:1f:f4
Signer

Actual PE Digest

61:3c:be:71:d9:0b:32:3e:a1:62:a9:a0:22:a5:11:af:8d:ec:95:ae:74:88:67:08:0a:d0:4c:41:24:03:1f:f4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\dev\projs\ProcessSupervisor\output\pl_rsrc_german.pdb

Sections

.rdata
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/pl_rsrc_italian.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ba:82:23:fe:10:e6:bc:80:f3:f1:c4:68:79:f7:82:e3:01:ac:3c:0a:ce:fb:95:d7:71:f5:75:57:6c:da:d2:99
Signer

Actual PE Digest

ba:82:23:fe:10:e6:bc:80:f3:f1:c4:68:79:f7:82:e3:01:ac:3c:0a:ce:fb:95:d7:71:f5:75:57:6c:da:d2:99

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\pl\output\pl_rsrc_italian.pdb

Sections

.rdata
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/pl_rsrc_japanese.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ae:cc:ea:cd:cc:52:23:49:9c:0c:66:10:96:14:53:8f:5f:df:d4:20:8b:cf:43:6f:7d:a7:0a:7e:81:3a:8a:87
Signer

Actual PE Digest

ae:cc:ea:cd:cc:52:23:49:9c:0c:66:10:96:14:53:8f:5f:df:d4:20:8b:cf:43:6f:7d:a7:0a:7e:81:3a:8a:87

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\dev\projs\ProcessSupervisor\output\pl_rsrc_japanese.pdb

Sections

.rdata
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/pl_rsrc_korean.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f9:26:b7:71:bd:22:a3:7f:31:ed:a1:fd:24:1f:99:ec:a1:be:e0:9f:5d:3b:bf:ac:8e:2e:4e:e5:bb:24:02:3c
Signer

Actual PE Digest

f9:26:b7:71:bd:22:a3:7f:31:ed:a1:fd:24:1f:99:ec:a1:be:e0:9f:5d:3b:bf:ac:8e:2e:4e:e5:bb:24:02:3c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\dev\projs\ProcessSupervisor\output\pl_rsrc_korean.pdb

Sections

.rdata
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/pl_rsrc_polish.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

00:04:3c:0a:06:a1:94:dc:2c:fa:50:7f:a4:42:08:65:76:aa:5b:e6:27:3f:f8:55:40:aa:3e:bd:32:0b:d1:8f
Signer

Actual PE Digest

00:04:3c:0a:06:a1:94:dc:2c:fa:50:7f:a4:42:08:65:76:aa:5b:e6:27:3f:f8:55:40:aa:3e:bd:32:0b:d1:8f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\pl\output\pl_rsrc_polish.pdb

Sections

.rdata
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/pl_rsrc_ptbr.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

72:ce:d1:39:98:55:7a:b0:98:c1:1e:39:f3:64:c1:37:47:8d:b8:dd:12:b8:41:38:90:05:ed:e4:c5:ae:85:f3
Signer

Actual PE Digest

72:ce:d1:39:98:55:7a:b0:98:c1:1e:39:f3:64:c1:37:47:8d:b8:dd:12:b8:41:38:90:05:ed:e4:c5:ae:85:f3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\pl\output\pl_rsrc_ptbr.pdb

Sections

.rdata
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/pl_rsrc_russian.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

68:8b:d8:39:c5:7a:b1:fc:73:dd:f5:cd:c1:fe:b6:76:91:c9:8c:ea:d6:04:57:43:85:16:91:20:fc:4b:83:fb
Signer

Actual PE Digest

68:8b:d8:39:c5:7a:b1:fc:73:dd:f5:cd:c1:fe:b6:76:91:c9:8c:ea:d6:04:57:43:85:16:91:20:fc:4b:83:fb

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\pl\output\pl_rsrc_russian.pdb

Sections

.rdata
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/pl_rsrc_slovenian.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:48:9c:83:df:f6:d1:f2:59:e3:50:58:e9:05:0a:14:9f:79:47:10:6f:f5:46:6e:66:52:1f:f3:a1:ec:ed:ac
Signer

Actual PE Digest

2e:48:9c:83:df:f6:d1:f2:59:e3:50:58:e9:05:0a:14:9f:79:47:10:6f:f5:46:6e:66:52:1f:f3:a1:ec:ed:ac

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\dev\projs\ProcessSupervisor\output\pl_rsrc_slovenian.pdb

Sections

.rdata
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/pl_rsrc_spanish.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ce:b8:88:43:60:a4:1f:90:89:da:04:69:47:82:b6:61:f3:c4:df:6f:f2:a6:e5:c7:c3:ce:bd:ac:6d:6a:93:5d
Signer

Actual PE Digest

ce:b8:88:43:60:a4:1f:90:89:da:04:69:47:82:b6:61:f3:c4:df:6f:f2:a6:e5:c7:c3:ce:bd:ac:6d:6a:93:5d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\dev\projs\ProcessSupervisor\output\pl_rsrc_spanish.pdb

Sections

.rdata
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/srvstub.exe
.exe windows:6 windows x64 arch:x64

7d94c4c800ab23365817607fc3a91c3a

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:ef:e6:29:c4:33:d1:73:9a:db:e7:11:1e:72:77:ee:a6:16:7f:5c:22:6b:06:17:6e:8d:bf:f0:89:eb:ab:3d
Signer

Actual PE Digest

03:ef:e6:29:c4:33:d1:73:9a:db:e7:11:1e:72:77:ee:a6:16:7f:5c:22:6b:06:17:6e:8d:bf:f0:89:eb:ab:3d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\pl\output\srvstub.pdb

Imports

kernel32

SetEvent
WaitForSingleObject
CreateEventW
OpenEventW
Sleep
WaitForMultipleObjects
GetCurrentProcess
TerminateProcess
GetExitCodeProcess
CreateThread
ExitThread
CreateProcessW
GetProcessHeap
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
MultiByteToWideChar
GetLastError
InitializeCriticalSectionEx
DeleteCriticalSection
WriteConsoleW
CreateFileW
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetStartupInfoW
CloseHandle
IsDebuggerPresent
OutputDebugStringW
RaiseException
EnterCriticalSection
LeaveCriticalSection
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlPcToFileHeader
RtlUnwindEx
SetLastError
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
GetFileType
SetStdHandle
GetStringTypeW
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx

advapi32

SetServiceStatus
RegisterServiceCtrlHandlerW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
StartServiceCtrlDispatcherW

Sections

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/start-governor.bat
$EXEDIR/Portable Process Lasso 64/stop-governor.bat
$EXEDIR/Portable Process Lasso 64/testlasso.exe
.exe windows:6 windows x64 arch:x64

2c5d2a94a5f323639094dc74dadda94b

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3e:a6:a0:97:12:9c:79:58:b7:84:b4:cc:e7:1d:e3:70:42:7c:b8:0d:1f:13:ce:ce:6d:00:ac:e5:9c:60:8c:fd
Signer

Actual PE Digest

3e:a6:a0:97:12:9c:79:58:b7:84:b4:cc:e7:1d:e3:70:42:7c:b8:0d:1f:13:ce:ce:6d:00:ac:e5:9c:60:8c:fd

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\pl\output\testlasso.pdb

Imports

kernel32

GetActiveProcessorCount
GetActiveProcessorGroupCount
GetModuleFileNameW
GetModuleHandleW
CreateFileW
CloseHandle
GetStartupInfoW
CreateProcessW
GetCurrentProcessId
SetLastError
GetProcAddress
LoadLibraryW
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
ExitProcess
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetCurrentThreadId
QueryPerformanceCounter
GetSystemTimeAsFileTime
RtlUnwind
IsDebuggerPresent
OutputDebugStringW
RaiseException
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetModuleHandleExW
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
GetFileSizeEx
SetFilePointerEx
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
MultiByteToWideChar
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetStringTypeW
GetConsoleMode
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleW
FlushFileBuffers
GetConsoleOutputCP
ReadFile
WriteConsoleW
WaitForMultipleObjects
SetProcessAffinityMask
GetCurrentThread
SetThreadPriorityBoost
GetCurrentProcess
GetPriorityClass
Sleep
TerminateThread
CreateThread
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetProcessHeap
DeleteCriticalSection
HeapDestroy
HeapAlloc
HeapReAlloc
GetLastError
GetLogicalProcessorInformationEx
HeapSize
InitializeCriticalSectionEx
HeapFree

shell32

SHQueryUserNotificationState

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 64/vistammsc.exe
.exe windows:6 windows x64 arch:x64

0cef9d1aafb2d1c862fe37ea5858d18a

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e1:9b:31:ca:d2:4a:c6:b8:77:9f:f5:c0:a6:80:24:f9:c1:ad:0d:b0:08:f9:36:ea:3f:73:72:97:e3:78:c0:f3
Signer

Actual PE Digest

e1:9b:31:ca:d2:4a:c6:b8:77:9f:f5:c0:a6:80:24:f9:c1:ad:0d:b0:08:f9:36:ea:3f:73:72:97:e3:78:c0:f3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\pl\output\vistammsc.exe.pdb

Imports

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

kernel32

GetActiveProcessorCount
GetActiveProcessorGroupCount
CreateProcessW
GetStartupInfoW
GetWindowsDirectoryW
GetVersionExW
OutputDebugStringW
DeleteCriticalSection
DecodePointer
GetLogicalProcessorInformationEx
InitializeCriticalSectionEx
GetLastError
MultiByteToWideChar
GetSystemTimeAsFileTime
CreateFileW
CloseHandle
GetExitCodeProcess
WaitForSingleObject
GetModuleHandleW
ExitProcess
LoadLibraryW
FindResourceW
FindResourceExW
LoadResource
LockResource
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
GetUserDefaultUILanguage
FreeLibrary
LocalFree
GetModuleFileNameW
GetFileSize
GetCurrentProcess
GetCurrentProcessId
SetLastError
GetProcAddress
DeleteFileW
GlobalAlloc
GlobalLock
GlobalUnlock
WideCharToMultiByte
ReadFile
GetNumaHighestNodeNumber
GetNumaNodeProcessorMask
HeapSize
LocalAlloc
LocalLock
LocalUnlock
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
Sleep
CreateEventW
SetEvent
WriteFile
FlushFileBuffers
SetEndOfFile
FindNextFileW
IsDebuggerPresent
RaiseException
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
GetCurrentThreadId
GetStringTypeW
LoadLibraryExW
QueryPerformanceCounter
EncodePointer
GetCPInfo
HeapDestroy
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
GetStdHandle
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
SetFilePointerEx
FindClose
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetConsoleOutputCP
GetConsoleMode
WriteConsoleW
GetSystemInfo
MulDiv

user32

DrawIcon
EndPaint
GetSysColor
GetDialogBaseUnits
SystemParametersInfoW
GetSystemMetrics
DrawTextW
LoadIconW
DestroyIcon
FillRect
IsWindow
GetClassNameW
EnableMenuItem
GetSystemMenu
SetWindowPos
SetForegroundWindow
GetWindowRect
MoveWindow
GetParent
SetTimer
KillTimer
WinHelpW
RedrawWindow
GetAsyncKeyState
GetWindow
CreateDialogIndirectParamW
PeekMessageW
MessageBeep
TranslateMessage
DispatchMessageW
WaitMessage
PostQuitMessage
DestroyWindow
SetRect
SetFocus
GetWindowLongPtrW
SetWindowLongPtrW
IsDlgButtonChecked
CheckDlgButton
IsWindowEnabled
CreateWindowExW
GetClientRect
SetWindowTextW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
SetWindowLongW
GetWindowLongW
GetWindowTextW
BeginPaint
GetLastActivePopup
IsDialogMessageW
GetActiveWindow
MessageBoxW
LoadStringW
ShowWindow
SendMessageW
DialogBoxParamW
GetDlgItem
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
EndDialog
EnableWindow
PostMessageW
GetDlgItemInt

comdlg32

GetSaveFileNameW

advapi32

RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegCloseKey
RegQueryValueExW

oleaut32

VariantClear

comctl32

InitCommonControlsEx

gdi32

DeleteObject
CreateDCW
CreateFontIndirectW
DeleteDC
SetBkColor
SetTextColor
CreateSolidBrush
SelectObject
GetTextExtentPoint32W

Sections

.text
Size: 214KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 86/CPUEater.exe
.exe windows:6 windows x86 arch:x86

6c40464ff42e5b863f7885c9305d8232

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d9:db:c3:35:24:7b:ba:cb:03:c7:c6:e8:e9:cb:5b:fb:f5:1d:54:c9:24:4d:3f:a1:b2:56:b8:58:02:cd:e2:56
Signer

Actual PE Digest

d9:db:c3:35:24:7b:ba:cb:03:c7:c6:e8:e9:cb:5b:fb:f5:1d:54:c9:24:4d:3f:a1:b2:56:b8:58:02:cd:e2:56

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\pl\output\CPUEater.pdb

Imports

comctl32

ord17
InitCommonControlsEx

kernel32

DecodePointer
GetSystemTimeAsFileTime
GetThreadPriority
SetThreadPriorityBoost
SetThreadPriority
GetCurrentThread
LoadLibraryW
ExitProcess
MultiByteToWideChar
GetModuleHandleW
GetModuleFileNameW
OpenProcess
GetPriorityClass
SetPriorityClass
GetStartupInfoW
CreateProcessW
CreateThread
GetExitCodeProcess
TerminateProcess
GetCurrentProcess
OpenEventW
CreateEventW
OpenMutexW
WaitForSingleObject
SetEvent
InitializeCriticalSection
CloseHandle
GetFileAttributesW
GetNumaNodeProcessorMask
GetNumaHighestNodeNumber
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
WriteConsoleW
LocalFree
WideCharToMultiByte
GetProcAddress
CreateFileW
VerifyVersionInfoW
VerSetConditionMask
GetLogicalProcessorInformationEx
GetActiveProcessorCount
GetActiveProcessorGroupCount
DeleteFileW
GetFileSize
GetVolumeNameForVolumeMountPointW
SetLastError
GetCurrentProcessId
GlobalAlloc
GlobalUnlock
GlobalLock
FindNextFileW
FlushFileBuffers
GetFileTime
ReadFile
SetEndOfFile
WriteFile
Sleep
GetSystemInfo
GetTickCount
FreeLibrary
GetUserDefaultUILanguage
EnterCriticalSection
LeaveCriticalSection
LocalAlloc
InitializeCriticalSectionAndSpinCount
GetVersionExW
LocalLock
LocalUnlock
MulDiv
K32GetModuleBaseNameW
IsDebuggerPresent
OutputDebugStringW
RaiseException
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
GetCurrentThreadId
GetStringTypeW
LoadLibraryExW
QueryPerformanceCounter
EncodePointer
GetCPInfo
WakeAllConditionVariable
SleepConditionVariableSRW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
RtlUnwind
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
GetStdHandle
GetFileType
LCMapStringW
SetFilePointerEx
FindClose
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetConsoleOutputCP
GetConsoleMode

user32

GetAsyncKeyState
GetSystemMenu
EnableMenuItem
DrawIcon
DrawTextW
BeginPaint
EndPaint
RedrawWindow
GetWindowRect
MessageBeep
GetSysColor
FillRect
SetRect
GetParent
GetDialogBaseUnits
GetLastActivePopup
GetWindow
DestroyIcon
IsDialogMessageW
WinHelpW
SetWindowPos
SendMessageW
PostMessageW
ShowWindow
DialogBoxParamW
GetClientRect
GetSystemMetrics
GetActiveWindow
MoveWindow
GetClassNameW
OpenClipboard
CloseClipboard
SetClipboardData
DestroyWindow
EmptyClipboard
KillTimer
RegisterClassExW
PostQuitMessage
DefWindowProcW
DispatchMessageW
TranslateMessage
GetMessageW
LoadStringW
SystemParametersInfoW
LoadIconW
AllowSetForegroundWindow
SetForegroundWindow
SetTimer
GetDlgItemInt
SetDlgItemInt
IsWindowVisible
CreateWindowExW
SetWindowLongW
GetWindowLongW
MessageBoxW
IsWindowEnabled
EnableWindow
SetFocus
IsDlgButtonChecked
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItem
EndDialog
IsWindow
WaitMessage
PeekMessageW
GetWindowTextW
CreateDialogIndirectParamW
SetWindowTextW

gdi32

CreateSolidBrush
SetTextColor
SelectObject
GetTextExtentPoint32W
DeleteObject
DeleteDC
SetBkColor
CreateDCW
CreateFontIndirectW

advapi32

RegQueryInfoKeyW
RegEnumKeyExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW

oleaut32

VariantClear
SysFreeString

rpcrt4

UuidFromStringW

shell32

SHGetSpecialFolderPathW
SHCreateDirectoryExW

ole32

IIDFromString
StringFromGUID2

Sections

.text
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$EXEDIR/Portable Process Lasso 86/pl-update.cmd
$EXEDIR/Portable Process Lasso 86/pl.cmd
$EXEDIR/Portable Process Lasso 86/start-governor.bat
$EXEDIR/Portable Process Lasso 86/stop-governor.bat
$PLUGINSDIR/Aero.dll
.dll windows:6 windows x86 arch:x86

3863c2a1ff3d5db5d3cecc7c23714e97

Code Sign

33:30:0c:1c:03:b2:50:bf:53:e2:3d:da:31:bd:aa
Certificate

Issuer

CN=diakov.soft

Not Before

10/10/2020, 10:39

Not After

08/01/2021, 21:00

Subject

CN=diakov.soft

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

24/05/2016, 00:00

Not After

24/06/2027, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

05:3a:61:03:d8:aa:8d:41:12:7c:e3:d0:f6:25:21:f4:96:ae:f7:e5
Signer

Actual PE Digest

05:3a:61:03:d8:aa:8d:41:12:7c:e3:d0:f6:25:21:f4:96:ae:f7:e5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
lstrcpyA
lstrcpynA
MultiByteToWideChar
LoadLibraryA
lstrlenA
lstrcmpiA
GlobalFree
GlobalAlloc
GetProcAddress
GetVersion

user32

SetWindowTextA
GetWindowTextW
GetWindowTextLengthA
GetClientRect
GetWindowRect
MapWindowPoints
GetSysColorBrush
FillRect
GetWindowLongA
SetWindowLongA
EnumChildWindows
wsprintfA
GetPropA
SetPropA
InvalidateRect
EndPaint
BeginPaint
GetDlgItem
SetWindowPos
ShowWindow
IsWindow
CallWindowProcA
SendMessageA
SetWindowTextW

gdi32

CreateCompatibleDC
CreateSolidBrush
DeleteDC
DeleteObject
PatBlt
RestoreDC
SaveDC
SelectObject
SetLayout
CreateDIBSection
BitBlt

Exports

Exports

Apply

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/BrandingURL.dll
.dll windows:4 windows x86 arch:x86

135de77644e2add2fd9dd8176740e7e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GlobalFree

user32

GetWindowRect
SetCapture
InvalidateRect
SendMessageA
GetCapture
ClientToScreen
EnableWindow
LoadImageA
SetPropA
SetWindowLongA
GetWindowLongA
GetDlgItem
PtInRect
ReleaseCapture
SetCursor
GetPropA
CallWindowProcA
RedrawWindow

gdi32

GetObjectA
SetTextColor
CreateFontIndirectA

shell32

ShellExecuteA

Exports

Exports

Set
Unload

Sections

.text
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 839B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

9b6b6a7858e17fb0b17e1c1428330343

Code Sign

33:30:0c:1c:03:b2:50:bf:53:e2:3d:da:31:bd:aa
Certificate

Issuer

CN=diakov.soft

Not Before

10/10/2020, 10:39

Not After

08/01/2021, 21:00

Subject

CN=diakov.soft

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

24/05/2016, 00:00

Not After

24/06/2027, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0c:ef:07:d4:8b:79:f8:26:5d:fc:1f:a4:84:09:f7:98:4e:20:66:18
Signer

Actual PE Digest

0c:ef:07:d4:8b:79:f8:26:5d:fc:1f:a4:84:09:f7:98:4e:20:66:18

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GetACP
lstrlenA
lstrcmpA
lstrcpynA
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc

user32

SetWindowTextA
SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
LoadIconA
SendMessageA
ShowWindow
GetDC

gdi32

CreateFontIndirectA
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 697B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Code Sign

33:30:0c:1c:03:b2:50:bf:53:e2:3d:da:31:bd:aa
Certificate

Issuer

CN=diakov.soft

Not Before

10/10/2020, 10:39

Not After

08/01/2021, 21:00

Subject

CN=diakov.soft

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

24/05/2016, 00:00

Not After

24/06/2027, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

ef:57:50:85:4a:2b:8d:e7:3a:4d:39:1e:27:77:6a:19:aa:e6:d3:c7
Signer

Actual PE Digest

ef:57:50:85:4a:2b:8d:e7:3a:4d:39:1e:27:77:6a:19:aa:e6:d3:c7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/eng-r.bmp
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

1e2884056e655f2b7bc5a904e352fc80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetFileAttributesA
lstrcmpiA
MulDiv
lstrlenA
HeapFree
GetCurrentDirectoryA
HeapAlloc
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
GetProcessHeap
SetCurrentDirectoryA

user32

GetPropA
DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
RemovePropA
CharPrevA
GetWindowLongA
DrawTextA
GetWindowTextA
GetDlgItem
SetWindowLongA
SetWindowPos
CreateDialogParamA
MapWindowPoints
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
MapDialogRect
GetClientRect
CharNextA
SendMessageA
DrawFocusRect

gdi32

SetTextColor

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/peng-r.bmp
$PLUGINSDIR/prus-r.bmp
$PLUGINSDIR/rus-r.bmp
CPUEater.exe
.exe windows:6 windows x64 arch:x64

232dd24912b961a002280dd98949b378

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:ee:9f:fc:66:04:55:22:e7:d3:83:0c:4c:97:ca:1f:d7:25:c0:42:23:22:b2:15:d9:85:ca:38:fe:77:76:82
Signer

Actual PE Digest

0a:ee:9f:fc:66:04:55:22:e7:d3:83:0c:4c:97:ca:1f:d7:25:c0:42:23:22:b2:15:d9:85:ca:38:fe:77:76:82

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\pl\output\CPUEater.pdb

Imports

comctl32

InitCommonControlsEx
ord17

kernel32

DecodePointer
GetSystemTimeAsFileTime
GetThreadPriority
SetThreadPriorityBoost
GetCurrentThread
SetThreadPriority
ExitProcess
LoadLibraryW
MultiByteToWideChar
SetPriorityClass
GetPriorityClass
OpenMutexW
TerminateProcess
GetExitCodeProcess
WaitForSingleObject
GetModuleHandleW
GetModuleFileNameW
CreateProcessW
GetFileAttributesW
GetStartupInfoW
CreateThread
InitializeCriticalSection
GetCurrentProcess
SetEvent
OpenEventW
CreateEventW
CloseHandle
OpenProcess
InitializeCriticalSectionEx
FindResourceExW
LockResource
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
GetNumaNodeProcessorMask
GetNumaHighestNodeNumber
DeleteCriticalSection
LoadResource
FindResourceW
GetLastError
WriteConsoleW
LocalFree
WideCharToMultiByte
GetProcAddress
CreateFileW
VerifyVersionInfoW
VerSetConditionMask
GetLogicalProcessorInformationEx
GetActiveProcessorCount
GetActiveProcessorGroupCount
GetUserDefaultUILanguage
FreeLibrary
GetFileSize
GetCurrentProcessId
SetLastError
GetVolumeNameForVolumeMountPointW
DeleteFileW
GlobalAlloc
GlobalLock
GlobalUnlock
GetSystemInfo
Sleep
GetTickCount
GetFileTime
ReadFile
WriteFile
FlushFileBuffers
SetEndOfFile
FindNextFileW
EnterCriticalSection
LeaveCriticalSection
LocalAlloc
InitializeCriticalSectionAndSpinCount
K32GetModuleBaseNameW
GetVersionExW
MulDiv
LocalLock
LocalUnlock
IsDebuggerPresent
OutputDebugStringW
RaiseException
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
GetCurrentThreadId
GetStringTypeW
LoadLibraryExW
QueryPerformanceCounter
EncodePointer
GetCPInfo
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
GetStdHandle
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
SetFilePointerEx
FindClose
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetConsoleOutputCP
GetConsoleMode

user32

GetDialogBaseUnits
DrawTextW
DestroyIcon
FillRect
IsWindow
GetClassNameW
EnableMenuItem
GetSystemMenu
SetWindowPos
GetWindowRect
MoveWindow
GetParent
WinHelpW
RedrawWindow
GetAsyncKeyState
GetSysColor
CreateDialogIndirectParamW
PeekMessageW
IsDialogMessageW
WaitMessage
DestroyWindow
BeginPaint
GetClientRect
GetWindowLongPtrW
SetWindowLongPtrW
SendMessageW
PostMessageW
ShowWindow
IsWindowEnabled
GetSystemMetrics
MessageBeep
EndPaint
GetWindow
OpenClipboard
GetWindowTextW
RegisterClassExW
DefWindowProcW
PostQuitMessage
KillTimer
DispatchMessageW
TranslateMessage
GetMessageW
LoadStringW
SetForegroundWindow
GetDlgItemInt
IsWindowVisible
SetTimer
SystemParametersInfoW
CreateWindowExW
AllowSetForegroundWindow
SetDlgItemInt
LoadIconW
EndDialog
DialogBoxParamW
MessageBoxW
GetDlgItem
SetDlgItemTextW
IsDlgButtonChecked
GetDlgItemTextW
CheckDlgButton
SetFocus
EnableWindow
GetLastActivePopup
GetActiveWindow
SetRect
SetWindowTextW
CloseClipboard
SetClipboardData
DrawIcon
GetWindowLongW
SetWindowLongW
EmptyClipboard

gdi32

CreateDCW
SetTextColor
DeleteObject
GetTextExtentPoint32W
SelectObject
DeleteDC
SetBkColor
CreateSolidBrush
CreateFontIndirectW

advapi32

RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExW
RegCloseKey
RegCreateKeyExW

oleaut32

VariantClear
SysFreeString

rpcrt4

UuidFromStringW

shell32

SHGetSpecialFolderPathW
SHCreateDirectoryExW

ole32

IIDFromString
StringFromGUID2

Sections

.text
Size: 303KB - Virtual size: 303KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Insights.exe
.exe windows:6 windows x64 arch:x64

74360a6a8e7273df476c18c8a08facab

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:18:56:aa:e7:6a:35:2a:9c:d8:ab:39:5d:46:bd:5e:f3:3a:70:6b:27:aa:a1:54:86:d5:85:2c:5a:d8:8b:82
Signer

Actual PE Digest

61:18:56:aa:e7:6a:35:2a:9c:d8:ab:39:5d:46:bd:5e:f3:3a:70:6b:27:aa:a1:54:86:d5:85:2c:5a:d8:8b:82

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\dev\projs\ProcessSupervisor\output\Insights.pdb

Imports

rpcrt4

UuidFromStringW
UuidCreate

kernel32

GetActiveProcessorCount
DeleteCriticalSection
DecodePointer
GetLastError
InitializeCriticalSectionEx
GetCurrentProcess
SetPriorityClass
FileTimeToSystemTime
FileTimeToLocalFileTime
TerminateThread
CreateThread
GetFileAttributesW
OpenMutexW
WaitForSingleObject
ReleaseMutex
CreateMutexW
SetEvent
CreateEventW
CloseHandle
GetLocalTime
GetLogicalProcessorInformationEx
GetSystemTimeAsFileTime
FindResourceW
FindResourceExW
LoadResource
LockResource
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
GetModuleHandleW
ExitProcess
LoadLibraryW
GetActiveProcessorGroupCount
GetCurrentThreadId
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
FindClose
SetFilePointerEx
CompareStringOrdinal
LoadLibraryExW
VirtualProtect
GetProcAddress
LocalFree
MultiByteToWideChar
WideCharToMultiByte
CreateFileW
VerifyVersionInfoW
VerSetConditionMask
GetUserDefaultUILanguage
FreeLibrary
GetModuleFileNameW
GetFileSize
GetStartupInfoW
OpenEventW
GetCurrentProcessId
SetLastError
WinExec
GetVolumeNameForVolumeMountPointW
DeleteFileW
GlobalAlloc
GlobalLock
GlobalUnlock
ResetEvent
IsBadWritePtr
GetSystemInfo
GetFileTime
K32GetModuleBaseNameW
GetDateFormatW
GetTimeFormatW
InitializeCriticalSection
Sleep
GetTickCount
ReadFile
WriteFile
FlushFileBuffers
SetEndOfFile
FindNextFileW
SystemTimeToFileTime
GetVersionExW
MulDiv
LocalAlloc
LocalLock
LocalUnlock
SetThreadPriority
GetCurrentThread
SetThreadPriorityBoost
GetPriorityClass
GetThreadPriority
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
GetNumaHighestNodeNumber
GetNumaNodeProcessorMask
IsDebuggerPresent
OutputDebugStringW
RaiseException
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
GetStringTypeW
QueryPerformanceCounter
EncodePointer
GetCPInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
WakeAllConditionVariable
SleepConditionVariableSRW
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
GetStdHandle
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW

user32

OffsetRect
GetMenuItemInfoW
DrawTextW
GetSystemMetrics
FindWindowW
GetWindowTextW
EnableWindow
GetWindowLongW
SetWindowLongW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetWindowLongPtrW
GetWindowLongPtrW
IsDlgButtonChecked
CheckDlgButton
SetDlgItemInt
GetMenuBarInfo
SetRect
GetActiveWindow
GetLastActivePopup
MessageBeep
DrawIcon
GetDialogBaseUnits
DestroyIcon
IsWindow
GetClassNameW
EnableMenuItem
GetSystemMenu
SetFocus
SetWindowPos
MoveWindow
GetParent
KillTimer
WinHelpW
GetAsyncKeyState
GetWindow
CreateDialogIndirectParamW
PeekMessageW
IsDialogMessageW
GetSysColor
DispatchMessageW
WaitMessage
GetMessageW
LoadImageW
IsWindowEnabled
SendMessageW
LoadStringW
SetPropW
MessageBoxW
GetWindowRect
GetDlgItemInt
RedrawWindow
GetDlgItemTextW
PostQuitMessage
EndPaint
BeginPaint
DefWindowProcW
DestroyWindow
CreateWindowExW
RegisterClassExW
TrackPopupMenu
GetCursorPos
GetSubMenu
DialogBoxParamW
SetForegroundWindow
EndDialog
FillRect
GetClientRect
PostMessageW
SetTimer
SystemParametersInfoW
SetMenu
LoadMenuW
SetWindowTextW
LoadIconW
LoadBitmapW
CheckMenuItem
GetMenu
SetDlgItemTextW
GetDlgItem
ShowWindow
TranslateMessage

gdi32

SetBkColor
CreateFontIndirectW
DeleteDC
SelectObject
SetTextColor
CreateSolidBrush
DeleteObject
GetTextExtentPoint32W
CreateDCW

advapi32

RegDeleteKeyW
RegEnumValueW
RegCreateKeyExW
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW
RegCloseKey
RegQueryValueExW
RegSetValueExW

shell32

SHGetSpecialFolderPathW
SHCreateDirectoryExW
ShellExecuteW

oleaut32

VariantClear

comctl32

InitCommonControlsEx
ord410
ord413
ord17

uxtheme

SetWindowTheme
DrawThemeBackground
OpenThemeData
GetThemeColor
CloseThemeData
IsThemeActive
DrawThemeText

shlwapi

SHDeleteKeyW

wininet

InternetCanonicalizeUrlW
InternetCloseHandle
InternetReadFile
InternetOpenUrlW
InternetOpenW

ole32

StringFromGUID2
IIDFromString

Sections

.text
Size: 390KB - Virtual size: 389KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
InstallHelper.exe
.exe windows:6 windows x64 arch:x64

60c11ab408fef17943543671f0133ec5

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

20:97:47:8e:73:7f:fa:99:16:7d:12:8a:27:c4:d0:b6:d9:4f:5e:de:22:62:5d:5c:ae:2c:62:35:5a:60:e9:ee
Signer

Actual PE Digest

20:97:47:8e:73:7f:fa:99:16:7d:12:8a:27:c4:d0:b6:d9:4f:5e:de:22:62:5d:5c:ae:2c:62:35:5a:60:e9:ee

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\pl\output\InstallHelper.pdb

Imports

comctl32

InitCommonControlsEx
ord17

kernel32

InitializeCriticalSection
RemoveDirectoryW
VerifyVersionInfoW
Sleep
CreateDirectoryW
GetVersionExW
CopyFileW
GetCurrentProcessId
CreateEventW
MultiByteToWideChar
GetSystemTimeAsFileTime
GetFileTime
GetSystemInfo
GetExitCodeProcess
GetModuleHandleW
ExitProcess
LoadLibraryW
TerminateThread
CreateThread
MoveFileW
DeleteFileW
GetFileAttributesW
WaitForSingleObject
ReleaseMutex
CloseHandle
SetEndOfFile
CreateFileW
WriteFile
ReadFile
GetFileSize
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
FindResourceW
LoadResource
FindResourceExW
HeapReAlloc
LockResource
SetEvent
GetLastError
HeapSize
InitializeCriticalSectionEx
GetEnvironmentVariableW
HeapFree
SizeofResource
GetLogicalProcessorInformationEx
GetActiveProcessorCount
VerSetConditionMask
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
SetStdHandle
LocalFree
WideCharToMultiByte
GetProcAddress
GetCurrentProcess
OpenProcess
CreateToolhelp32Snapshot
GetActiveProcessorGroupCount
TerminateProcess
Process32FirstW
Process32NextW
FormatMessageW
GetModuleFileNameW
GetStartupInfoW
CreateProcessW
SetLastError
GetVolumeNameForVolumeMountPointW
GetSystemDirectoryW
GetSystemWow64DirectoryW
GlobalAlloc
GlobalLock
GlobalUnlock
K32GetModuleBaseNameW
GetUserDefaultUILanguage
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
GetTickCount
MoveFileExW
FlushFileBuffers
FindNextFileW
MulDiv
LocalAlloc
LocalLock
LocalUnlock
InitializeCriticalSectionAndSpinCount
GetProcessTimes
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
GetCurrentThreadId
GetStringTypeW
LoadLibraryExW
QueryPerformanceCounter
EncodePointer
GetCPInfo
IsDebuggerPresent
OutputDebugStringW
RaiseException
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
GetStdHandle
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
GetFileSizeEx
SetFilePointerEx
FindClose
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW

user32

MessageBeep
BeginPaint
DrawIcon
EndPaint
GetSysColor
GetDialogBaseUnits
SystemParametersInfoW
DrawTextW
LoadIconW
DestroyIcon
FillRect
IsWindow
GetClassNameW
EnableMenuItem
GetSystemMenu
SetFocus
SetWindowPos
SetForegroundWindow
MoveWindow
GetParent
SetTimer
KillTimer
WinHelpW
RedrawWindow
GetAsyncKeyState
CreateDialogIndirectParamW
PeekMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
WaitMessage
GetActiveWindow
DestroyWindow
SetRect
GetLastActivePopup
GetWindowThreadProcessId
GetWindow
GetWindowTextW
IsWindowVisible
EnumWindows
GetWindowLongPtrW
CloseClipboard
SetClipboardData
EmptyClipboard
GetClientRect
CreateWindowExW
GetSystemMetrics
EndDialog
FindWindowW
DialogBoxParamW
GetDlgItem
SetDlgItemTextW
IsDlgButtonChecked
GetDlgItemTextW
CheckDlgButton
EnableWindow
ShowWindow
GetWindowRect
SendMessageW
SetWindowLongPtrW
MessageBoxW
LoadStringW
SetWindowTextW
PostMessageW
OpenClipboard
PostQuitMessage

advapi32

RegSetValueExW
CreateServiceW
StartServiceW
ControlService
QueryServiceStatus
RegEnumKeyExW
RegQueryInfoKeyW
DeleteService
NotifyBootConfigStatus
ChangeServiceConfigW
QueryServiceConfigW
CloseServiceHandle
OpenServiceW
OpenSCManagerW
RegOpenKeyExW
OpenProcessToken
GetTokenInformation
GetSidSubAuthority
RegDeleteKeyExW
GetUserNameW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExW
ChangeServiceConfig2W
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
LookupAccountSidW
LookupPrivilegeValueW
AdjustTokenPrivileges
RegEnumKeyW
GetSidSubAuthorityCount

shell32

ShellExecuteExW
SHCreateDirectoryExW
SHGetSpecialFolderPathW
SHBrowseForFolderW
SHGetPathFromIDListW

ole32

StringFromGUID2
IIDFromString
CoCreateInstance
CoInitializeEx
CoUninitialize
CoInitializeSecurity

oleaut32

SysFreeString
VariantClear
VariantInit
SysAllocString

shlwapi

SHDeleteKeyW

rpcrt4

UuidFromStringW

gdi32

CreateDCW
SetBkColor
DeleteObject
GetTextExtentPoint32W
SelectObject
CreateFontIndirectW
DeleteDC
SetTextColor
CreateSolidBrush

Sections

.text
Size: 395KB - Virtual size: 394KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
LogViewer.exe
.exe windows:6 windows x64 arch:x64

cc36a2f18051da76ebec6151edd7c7f2

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9e:ab:f1:40:06:9f:48:0f:8e:09:66:ea:e6:4f:c2:cc:90:e3:95:9a:2f:1d:7a:4b:43:63:05:27:e1:2f:ac:77
Signer

Actual PE Digest

9e:ab:f1:40:06:9f:48:0f:8e:09:66:ea:e6:4f:c2:cc:90:e3:95:9a:2f:1d:7a:4b:43:63:05:27:e1:2f:ac:77

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\dev\projs\ProcessSupervisor\output\LogViewer.pdb

Imports

kernel32

GetFileTime
TerminateThread
CreateThread
DeleteFileW
GetFileAttributesW
OpenMutexW
WaitForSingleObject
ReleaseMutex
SetEndOfFile
CreateFileW
WriteFile
ReadFile
CompareFileTime
GetFileSize
MultiByteToWideChar
SetEvent
OpenEventW
CreateEventW
CloseHandle
FindResourceW
FindResourceExW
LoadResource
LockResource
FindFirstChangeNotificationW
WaitForMultipleObjects
Sleep
FindNextChangeNotification
FindCloseChangeNotification
GlobalAlloc
WriteConsoleW
GetConsoleMode
DeleteCriticalSection
DecodePointer
InitializeCriticalSectionEx
GetLastError
GlobalUnlock
SetFilePointer
GlobalLock
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
GetConsoleOutputCP
FlushFileBuffers
SetStdHandle
GetModuleHandleW
ExitProcess
LoadLibraryW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetTimeZoneInformation
SetFilePointerEx
CompareStringOrdinal
LoadLibraryExW
VirtualProtect
GetProcAddress
LocalFree
WideCharToMultiByte
GetCurrentProcess
GetUserDefaultUILanguage
FreeLibrary
GetModuleFileNameW
GetStartupInfoW
GetCurrentProcessId
SetLastError
WinExec
SystemTimeToFileTime
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
GetDateFormatW
GetTimeFormatW
IsDebuggerPresent
OutputDebugStringW
RaiseException
GetCurrentThreadId
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
GetStringTypeW
QueryPerformanceCounter
WakeAllConditionVariable
SleepConditionVariableSRW
GetLocaleInfoEx
EncodePointer
LCMapStringEx
CompareStringEx
GetCPInfo
GetSystemTimeAsFileTime
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetStdHandle
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW

user32

GetMenuBarInfo
OffsetRect
GetMenuItemInfoW
InvalidateRect
SetDlgItemTextW
PostQuitMessage
EndPaint
BeginPaint
DefWindowProcW
PostMessageW
DialogBoxParamW
GetWindowTextW
GetWindowTextLengthW
SetTimer
SystemParametersInfoW
SetWindowLongPtrW
GetWindowInfo
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetKeyState
SetWindowPos
GetWindowDC
UpdateWindow
ShowWindow
CreateWindowExW
RegisterClassExW
LoadCursorW
LoadIconW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
LoadAcceleratorsW
CallWindowProcW
FillRect
GetClientRect
SetWindowTextW
RedrawWindow
SetPropW
EndDialog
MessageBoxW
LoadStringW
GetSysColor
SendMessageW
GetWindowRect

gdi32

CreateFontIndirectW
GetTextExtentPoint32W
SetBkColor
SetTextColor
CreateSolidBrush
DeleteObject

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegQueryValueExW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW

shell32

SHGetStockIconInfo
ShellExecuteW
SHGetSpecialFolderPathW
SHCreateDirectoryExW

comctl32

ord413
ord410

uxtheme

DrawThemeText
DrawThemeBackground
CloseThemeData
SetWindowTheme
IsThemeActive
OpenThemeData
GetThemeColor

oleaut32

VariantClear

Sections

.text
Size: 444KB - Virtual size: 444KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 269KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProcessGovernor.exe
.exe windows:6 windows x64 arch:x64

f43d794eb38694fa05c8366f0853d4e2

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9e:ce:d3:15:f1:39:cd:3f:d2:36:45:74:c6:3b:ab:6c:08:25:e0:12:bf:3a:25:64:77:43:36:9a:d3:26:d8:fc
Signer

Actual PE Digest

9e:ce:d3:15:f1:39:cd:3f:d2:36:45:74:c6:3b:ab:6c:08:25:e0:12:bf:3a:25:64:77:43:36:9a:d3:26:d8:fc

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\pl\output\ProcessGovernor.pdb

Imports

kernel32

GetDateFormatEx
OpenEventW
GetVersionExW
ReleaseMutex
OpenProcess
CreateEventW
Sleep
GetTickCount64
SetEvent
FileTimeToSystemTime
GetCurrentThread
TerminateThread
DeleteFileW
LoadLibraryW
CreateThread
ResetEvent
FileTimeToLocalFileTime
GetCurrentDirectoryW
SetThreadPriorityBoost
GetProcAddress
GetFileSize
ExitProcess
GetComputerNameW
GetCurrentProcessId
CreateProcessW
SetThreadExecutionState
GetModuleHandleW
FreeLibrary
GetSystemTime
GetTickCount
GetProcessTimes
SetUnhandledExceptionFilter
GlobalMemoryStatusEx
FindFirstChangeNotificationW
FindCloseChangeNotification
FindNextChangeNotification
SetEndOfFile
SetFilePointer
InitializeCriticalSection
SetThreadPriority
SetProcessShutdownParameters
WaitForMultipleObjects
GetProcessAffinityMask
GetTimeFormatEx
WriteFile
SetProcessAffinityMask
GetCurrentProcess
GetCommandLineW
SetPriorityClass
ReadFile
CreateDirectoryW
SetProcessPriorityBoost
LeaveCriticalSection
EnterCriticalSection
GetSystemInfo
CloseHandle
MultiByteToWideChar
GetFileAttributesW
InitializeCriticalSectionAndSpinCount
GetFileTime
GetSystemTimeAsFileTime
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
FindResourceW
LoadResource
FindResourceExW
CreateMutexW
HeapReAlloc
LockResource
GetActiveProcessorGroupCount
GetActiveProcessorCount
CreateToolhelp32Snapshot
Thread32First
Thread32Next
OpenThread
SetThreadGroupAffinity
FormatMessageW
GetProcessGroupAffinity
LocalFree
WideCharToMultiByte
VerifyVersionInfoW
GetLastError
GetPriorityClass
SetProcessWorkingSetSize
TerminateProcess
GetLogicalProcessorInformationEx
GetHandleInformation
GetUserDefaultUILanguage
GetModuleFileNameW
GetStartupInfoW
ProcessIdToSessionId
SetLastError
GetVolumeNameForVolumeMountPointW
MoveFileW
GetSystemDirectoryW
GlobalAlloc
GlobalLock
GlobalUnlock
GetProcessPriorityBoost
ResumeThread
GetLocalTime
OpenMutexW
K32GetModuleBaseNameW
GetDateFormatW
GetTimeFormatW
GetCurrentThreadId
SuspendThread
GetExitCodeThread
MoveFileExW
FlushFileBuffers
FindNextFileW
LocalAlloc
MulDiv
LocalLock
LocalUnlock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
WaitForSingleObjectEx
LoadLibraryExW
GetStringTypeW
EncodePointer
QueryPerformanceCounter
WakeAllConditionVariable
SleepConditionVariableSRW
CompareStringEx
GetCPInfo
LCMapStringEx
IsDebuggerPresent
OutputDebugStringW
RaiseException
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetStdHandle
GetCommandLineA
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileSizeEx
SetFilePointerEx
GetTimeZoneInformation
FindClose
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetConsoleOutputCP
GetConsoleMode
WriteConsoleW
HeapSize
CreateFileW
WaitForSingleObject
InitializeCriticalSectionEx
HeapFree
SizeofResource
VerSetConditionMask
GetLocaleInfoEx

user32

SetRect
GetActiveWindow
GetLastActivePopup
MessageBeep
BeginPaint
DrawIcon
EndPaint
GetSysColor
GetDialogBaseUnits
SystemParametersInfoW
DrawTextW
LoadIconW
DestroyIcon
FillRect
IsWindow
GetClassNameW
EnableMenuItem
GetSystemMenu
SetFocus
SetWindowPos
SetForegroundWindow
GetWindowRect
MoveWindow
SetTimer
KillTimer
WinHelpW
RedrawWindow
GetAsyncKeyState
PeekMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
WaitMessage
PostQuitMessage
DestroyWindow
EnumWindows
IsWindowVisible
GetWindow
SendMessageW
GetSystemMetrics
GetClientRect
LoadStringW
wvsprintfW
GetWindowLongPtrW
SetWindowLongPtrW
SetWindowTextW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EnableWindow
GetWindowTextW
CheckDlgButton
CreateDialogIndirectParamW
MessageBoxW
GetDlgItem
GetParent
PostMessageW
GetForegroundWindow
GetWindowThreadProcessId
GetLastInputInfo

advapi32

DuplicateTokenEx
EnumServicesStatusExW
StartServiceW
QueryServiceStatus
QueryServiceConfigW
CloseServiceHandle
OpenServiceW
GetUserNameW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegQueryValueExW
RegSetValueExW
GetTokenInformation
ControlService
ConvertStringSidToSidW
SetTokenInformation
GetLengthSid
CreateProcessAsUserW
LookupAccountSidW
GetSidSubAuthorityCount
GetSidSubAuthority
RegDeleteKeyW
RegQueryInfoKeyW
RegEnumKeyExW
OpenSCManagerW

shell32

ShellExecuteExW
SHGetSpecialFolderPathW
ShellExecuteW
SHCreateDirectoryExW

oleaut32

SysFreeString
VariantClear

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

shlwapi

SHDeleteKeyW

pdh

PdhCloseQuery
PdhCollectQueryData
PdhAddEnglishCounterW
PdhGetFormattedCounterValue
PdhRemoveCounter
PdhOpenQueryW

dbghelp

MiniDumpWriteDump

rpcrt4

UuidCreate
UuidFromStringW

gdi32

SetTextColor
SetBkColor
SelectObject
DeleteDC
CreateFontIndirectW
CreateDCW
CreateSolidBrush
DeleteObject
GetTextExtentPoint32W

ole32

StringFromGUID2
IIDFromString

Sections

.text
Size: 798KB - Virtual size: 798KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 226KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProcessLasso.exe
.exe windows:6 windows x64 arch:x64

12ab1cdff104d496260bae930be6bce7

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c3:c6:94:ac:e0:84:1f:6a:2e:7f:af:9a:a7:63:cc:fa:f3:ba:56:cc:fb:51:69:b7:ef:9e:32:49:24:0d:65:f2
Signer

Actual PE Digest

c3:c6:94:ac:e0:84:1f:6a:2e:7f:af:9a:a7:63:cc:fa:f3:ba:56:cc:fb:51:69:b7:ef:9e:32:49:24:0d:65:f2

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\dev\projs\ProcessSupervisor\output\ProcessLasso.pdb

Imports

comctl32

ord412
ImageList_Remove
ord17
ImageList_Destroy
ImageList_Create
ImageList_ReplaceIcon
ord410
ord413
InitCommonControlsEx

gdiplus

GdiplusStartup
GdiplusShutdown
GdipDrawRectangleI
GdipAlloc
GdipSetPenDashStyle
GdipFree
GdipCreateFromHDC
GdipDeleteGraphics
GdipDeletePen
GdipCreatePen1
GdipDrawLineI

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

MoveFileExW
GetFileSize
VerSetConditionMask
GetCurrentProcessId
SystemTimeToFileTime
GlobalMemoryStatusEx
CreateProcessW
SetThreadExecutionState
GetModuleHandleW
CopyFileW
VerifyVersionInfoW
IsBadReadPtr
QueryPerformanceCounter
OpenMutexW
GetProcessTimes
CreateMutexW
WideCharToMultiByte
GetProcAddress
TerminateProcess
LoadLibraryW
FreeLibrary
SetThreadPriority
ExitThread
GetCurrentThread
SetThreadPriorityBoost
CreateDirectoryW
SetPriorityClass
SetProcessShutdownParameters
GetVersionExW
GetTickCount64
SetUnhandledExceptionFilter
GlobalAlloc
GlobalLock
GlobalUnlock
EnterCriticalSection
CompareFileTime
ReadFile
GetStartupInfoW
GetExitCodeProcess
GetFileTime
GetSystemTimeAsFileTime
GetProcessHeap
ExitProcess
DeleteCriticalSection
HeapDestroy
DecodePointer
FindNextChangeNotification
GetCurrentDirectoryW
FileTimeToLocalFileTime
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
ResetEvent
GetACP
IsValidCodePage
FindFirstFileExW
HeapAlloc
GetTimeZoneInformation
SetFilePointerEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
GetFileType
GetStdHandle
GetModuleHandleExW
FreeLibraryAndExitThread
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlPcToFileHeader
RtlUnwindEx
InitializeSListHead
IsProcessorFeaturePresent
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RaiseException
OutputDebugStringW
IsDebuggerPresent
GetCPInfo
CompareStringEx
SleepConditionVariableSRW
WakeAllConditionVariable
LCMapStringEx
CreateThread
GetSystemInfo
CloseHandle
DeleteFileW
QueryPerformanceFrequency
FindCloseChangeNotification
GetActiveProcessorGroupCount
TerminateThread
FileTimeToSystemTime
SetEvent
Sleep
MultiByteToWideChar
CreateEventW
OpenProcess
FindFirstChangeNotificationW
GetSystemDirectoryW
ReleaseMutex
OpenEventW
GetFileAttributesW
InitializeCriticalSection
SetFilePointer
LeaveCriticalSection
WaitForMultipleObjects
GetCurrentProcess
GetOEMCP
FindResourceW
LoadResource
FindResourceExW
HeapReAlloc
LockResource
GetLastError
HeapSize
CreateFileW
WaitForSingleObject
InitializeCriticalSectionEx
HeapFree
SizeofResource
GetCommandLineW
GetLocaleInfoEx
EncodePointer
WaitForSingleObjectEx
TryAcquireSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetStringTypeW
GetExitCodeThread
SuspendThread
GetCurrentThreadId
LocalUnlock
LocalLock
LocalAlloc
MulDiv
GetTimeFormatW
GetDateFormatW
GetNumaNodeProcessorMask
K32GetModuleBaseNameW
FindNextFileW
FindFirstFileW
SetEndOfFile
FlushFileBuffers
WriteFile
GetTickCount
GetLocalTime
ResumeThread
GetProcessPriorityBoost
InitializeCriticalSectionAndSpinCount
GetThreadPriority
RemoveDirectoryW
MoveFileW
GetVolumeNameForVolumeMountPointW
WinExec
SetLastError
ProcessIdToSessionId
GetModuleFileNameW
FindClose
GetUserDefaultUILanguage
IsBadWritePtr
CompareStringOrdinal
LoadLibraryExW
VirtualProtect
LocalFree
SetProcessAffinityMask
CreateToolhelp32Snapshot
Thread32First
OpenThread
SetThreadGroupAffinity
Thread32Next
GetProcessAffinityMask
GetProcessGroupAffinity
SetProcessPriorityBoost
GetPriorityClass
SetProcessWorkingSetSize
GetLogicalProcessorInformationEx
GetActiveProcessorCount
GetNumaHighestNodeNumber

user32

SetWindowLongPtrW
SendMessageW
EndDialog
SetWindowTextW
GetWindowLongPtrW
SetTimer
IsDialogMessageW
WaitMessage
CreateDialogIndirectParamW
GetAsyncKeyState
SetDlgItemTextW
GetDlgItemTextW
GetDlgItem
KillTimer
DialogBoxParamW
UpdateWindow
EnableWindow
PeekMessageW
WinHelpW
GetKeyState
GetClassLongPtrW
OpenClipboard
CloseClipboard
EmptyClipboard
SetClipboardData
GetMessageW
LoadAcceleratorsW
DispatchMessageW
TranslateAcceleratorW
TranslateMessage
IsIconic
GetWindowTextLengthW
IsDlgButtonChecked
GetDlgItemInt
SetDlgItemInt
GetWindowTextW
SetDlgItemTextA
CheckDlgButton
GetMenuItemInfoW
DefWindowProcW
LoadMenuW
GetWindowRect
GetMenu
DestroyWindow
GetDC
IsWindowVisible
SetWindowPos
FillRect
CreateWindowExW
DeleteMenu
ScreenToClient
CreatePopupMenu
SetClassLongPtrW
RegisterClassExW
TrackPopupMenu
GetSubMenu
ShowWindow
GetClassInfoW
RedrawWindow
DestroyIcon
GetWindowInfo
ClientToScreen
SetMenuItemInfoW
TrackMouseEvent
GetSysColor
LoadBitmapW
DestroyMenu
SetFocus
LoadIconW
GetParent
LoadCursorW
DrawMenuBar
CheckMenuItem
GetClientRect
AppendMenuW
DrawTextW
PostQuitMessage
EnableMenuItem
SystemParametersInfoW
RegisterWindowMessageW
SetForegroundWindow
LoadImageW
InvalidateRect
ReleaseDC
GetCursorPos
BeginPaint
EndPaint
PostMessageW
MessageBoxW
SetPropW
FrameRect
GetMenuBarInfo
OffsetRect
IntersectRect
LoadStringW
GetSystemMetrics
GetWindowThreadProcessId
GetWindow
EnumWindows
GetWindowLongW
SetWindowLongW
IsWindowEnabled
SetRect
GetActiveWindow
GetLastActivePopup
MessageBeep
DrawIcon
GetDialogBaseUnits
IsWindow
GetClassNameW
GetSystemMenu
MoveWindow
FindWindowW

gdi32

BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GetStockObject
CreateRoundRectRgn
DeleteDC
TextOutW
GetTextExtentPoint32W
SetBkMode
LineTo
CreatePen
MoveToEx
DeleteObject
CreateBitmap
CreateFontIndirectW
FillRgn
SetTextColor
SetBkColor
CreateSolidBrush
Ellipse
GetObjectW
CreateDCW

comdlg32

GetSaveFileNameW
ChooseColorW
GetOpenFileNameW

advapi32

RegOpenKeyExW
GetSidSubAuthorityCount
LookupAccountSidW
RegEnumKeyExW
RegQueryInfoKeyW
EnumServicesStatusExW
ControlService
QueryServiceStatus
QueryServiceConfigW
RegDeleteKeyW
ChangeServiceConfigW
StartServiceW
CloseServiceHandle
OpenServiceW
OpenSCManagerW
GetSidSubAuthority
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
SetSecurityDescriptorDacl
RegCloseKey
RegCreateKeyExW
RegSetValueExW
InitializeSecurityDescriptor
GetUserNameW
RegQueryValueExW
RegDeleteValueW
GetTokenInformation

shell32

SHGetStockIconInfo
ShellExecuteExW
SHGetKnownFolderPath
SHGetSpecialFolderPathW
ord178
SHCreateDirectoryExW
ExtractAssociatedIconW
ShellExecuteW
SHQueryUserNotificationState
Shell_NotifyIconW

ole32

CoInitializeEx
CoTaskMemFree
CoUninitialize
CoCreateInstance
IIDFromString
CoInitializeSecurity
StringFromGUID2

oleaut32

VariantClear
VariantInit
SysAllocString
SysFreeString

pdh

PdhCloseQuery
PdhAddEnglishCounterW
PdhRemoveCounter
PdhCollectQueryData
PdhOpenQueryW
PdhGetFormattedCounterValue

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

shlwapi

SHDeleteKeyW

dbghelp

MiniDumpWriteDump

uxtheme

DrawThemeText
SetWindowTheme
OpenThemeData
GetThemeColor
CloseThemeData
IsThemeActive
DrawThemeBackground

rpcrt4

UuidCreate
UuidFromStringW

wininet

InternetCanonicalizeUrlW
InternetOpenW
InternetCloseHandle
InternetOpenUrlW
InternetReadFile

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 233KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 249KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProcessLassoLauncher.exe
.exe windows:6 windows x64 arch:x64

57d3dfd0d74accc835dfeb836d8e80e4

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c5:89:84:74:1a:24:cd:4b:eb:8b:a9:e8:57:ef:93:66:70:be:fa:af:ae:d2:34:0a:04:50:ea:c7:4b:ca:15:b3
Signer

Actual PE Digest

c5:89:84:74:1a:24:cd:4b:eb:8b:a9:e8:57:ef:93:66:70:be:fa:af:ae:d2:34:0a:04:50:ea:c7:4b:ca:15:b3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\pl\output\ProcessLassoLauncher.pdb

Imports

kernel32

VerSetConditionMask
VerifyVersionInfoW
GetModuleFileNameW
CreateFileW
CloseHandle
GetCurrentProcess
GetStartupInfoW
CreateProcessW
GetCurrentProcessId
OpenProcess
SetLastError
GetProcAddress
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetCurrentThreadId
QueryPerformanceCounter
GetSystemTimeAsFileTime
IsDebuggerPresent
OutputDebugStringW
RaiseException
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetModuleHandleExW
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
SetFilePointerEx
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
MultiByteToWideChar
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetStringTypeW
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
WriteConsoleW
DeleteCriticalSection
GetLastError
InitializeCriticalSectionEx
FindResourceW
FindResourceExW
LoadResource
LockResource
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
FreeLibrary
RtlVirtualUnwind
HeapDestroy
GetModuleHandleW
ExitProcess
LoadLibraryW

user32

MessageBoxW
PostMessageW
FindWindowW

advapi32

OpenProcessToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority

shell32

ShellExecuteExW

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 226KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QuickUpgrade.exe
.exe windows:6 windows x64 arch:x64

8512917e1c00b2532f1722576b97c5de

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ba:e3:b2:6b:8b:46:c5:2f:8c:13:81:9a:81:74:69:55:8d:c9:ef:47:a0:ba:cd:f5:68:75:08:54:24:3d:69:da
Signer

Actual PE Digest

ba:e3:b2:6b:8b:46:c5:2f:8c:13:81:9a:81:74:69:55:8d:c9:ef:47:a0:ba:cd:f5:68:75:08:54:24:3d:69:da

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\dev\projs\ProcessSupervisor\output\QuickUpgrade.pdb

Imports

kernel32

GetActiveProcessorGroupCount
GetLogicalProcessorInformationEx
GetActiveProcessorCount
DeleteCriticalSection
InitializeCriticalSectionEx
CopyFileW
FreeLibrary
GetStartupInfoW
CreateProcessW
CreateThread
Sleep
OpenEventW
CreateEventW
SetEvent
SetCurrentDirectoryW
MultiByteToWideChar
GetLastError
GetFileAttributesW
GetSystemInfo
LoadLibraryW
GetModuleHandleW
ExitProcess
GetSystemTimeAsFileTime
GetExitCodeProcess
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
WaitForSingleObject
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
CloseHandle
GetTempPathW
WriteFile
RemoveDirectoryW
DeleteFileW
CreateFileW
CreateDirectoryW
LocalFree
WideCharToMultiByte
GetProcAddress
VerifyVersionInfoW
VerSetConditionMask
GetCurrentProcess
LoadLibraryExW
GetUserDefaultUILanguage
GetModuleFileNameW
GetCurrentProcessId
OpenProcess
SetLastError
WinExec
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
TerminateThread
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
TerminateProcess
GetProcessTimes
IsDebuggerPresent
OutputDebugStringW
RaiseException
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
QueryPerformanceCounter
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
RtlPcToFileHeader
RtlUnwindEx
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
GetStdHandle
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
SetFilePointerEx
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetStringTypeW
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
WriteConsoleW

user32

GetWindowThreadProcessId
MessageBoxW
SendMessageW
PostMessageW
DialogBoxParamW
EndDialog
GetDlgItem
SetDlgItemTextW
GetWindow
IsWindowVisible
EnumWindows
EnableWindow
ShowWindow
CreateWindowExW
LoadStringW

advapi32

StartServiceW
QueryServiceStatus
ChangeServiceConfigW
OpenProcessToken
GetTokenInformation
CloseServiceHandle
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegSetValueExW
GetSidSubAuthorityCount
GetSidSubAuthority
OpenSCManagerW
OpenServiceW

shell32

ShellExecuteW
ShellExecuteExW
SHGetSpecialFolderPathW

ole32

CoInitialize

oleaut32

SysFreeString
VariantClear
SysAllocString

wininet

InternetCloseHandle
InternetOpenW
InternetReadFile
InternetOpenUrlW

wintrust

WinVerifyTrust

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 227KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ThreadRacer.exe
.exe windows:6 windows x64 arch:x64

ab54d1be84f60bd7a46d170d7adc13ad

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:c7:fb:e9:31:6f:a9:62:4d:40:a0:12:c5:8a:67:c9:e6:bd:a2:34:72:cb:ac:57:9e:2f:58:cf:1e:89:5d:6e
Signer

Actual PE Digest

07:c7:fb:e9:31:6f:a9:62:4d:40:a0:12:c5:8a:67:c9:e6:bd:a2:34:72:cb:ac:57:9e:2f:58:cf:1e:89:5d:6e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\pl\output\ThreadRacer.exe.pdb

Imports

kernel32

SetThreadAffinityMask
SetThreadPriority
GetCurrentThread
CreateThread
Sleep
CreateEventW
WaitForSingleObject
SetEvent
CloseHandle
GetLogicalProcessorInformationEx
GetActiveProcessorCount
GetActiveProcessorGroupCount
GetNumaHighestNodeNumber
GetUserDefaultUILanguage
GetFileAttributesW
FreeLibrary
LocalFree
GetModuleFileNameW
CreateFileW
GetFileSize
GetCurrentProcess
GetStartupInfoW
GetCurrentProcessId
SetLastError
GetProcAddress
DeleteFileW
WideCharToMultiByte
GetNumaNodeProcessorMask
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
ReadFile
WriteFile
DeleteCriticalSection
SetEndOfFile
FindNextFileW
IsDebuggerPresent
OutputDebugStringW
RaiseException
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
GetCurrentThreadId
GetStringTypeW
LoadLibraryExW
QueryPerformanceCounter
EncodePointer
GetCPInfo
GetSystemTimeAsFileTime
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
RtlPcToFileHeader
RtlUnwindEx
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
GetStdHandle
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
SetFilePointerEx
FindClose
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetConsoleOutputCP
GetConsoleMode
WriteConsoleW
InitializeCriticalSectionEx
GetLastError
DecodePointer
LoadLibraryW
FindResourceW
SizeofResource
LockResource
LoadResource
GetModuleHandleW
FindResourceExW
ExitProcess
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
FlushFileBuffers
HeapDestroy

user32

GetWindowLongPtrW
SetWindowLongPtrW
IsWindowEnabled
SetWindowTextW
SetWindowLongW
GetWindowLongW
GetWindowTextW
PostMessageW
LoadStringW
ShowWindow
EnableWindow
IsDlgButtonChecked
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
SetDlgItemInt
GetDlgItem
EndDialog
DialogBoxParamW
SendMessageW
MessageBoxW
GetClientRect
GetDlgItemInt
SetForegroundWindow
SetFocus

ole32

CoInitialize

comctl32

ord17
InitCommonControlsEx

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

oleaut32

VariantClear

Sections

.text
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TweakScheduler.exe
.exe windows:6 windows x64 arch:x64

9d7de62ff5aa58a83dc400e101a3a2d5

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:9e:90:73:27:7f:c5:25:5c:32:bb:86:a2:66:22:c6:52:9b:04:48:b9:f1:b0:98:15:39:39:74:fe:28:27:e9
Signer

Actual PE Digest

0a:9e:90:73:27:7f:c5:25:5c:32:bb:86:a2:66:22:c6:52:9b:04:48:b9:f1:b0:98:15:39:39:74:fe:28:27:e9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\pl\output\TweakScheduler.exe.bsc

Imports

comctl32

InitCommonControlsEx

kernel32

GetLogicalProcessorInformationEx
GetNumaHighestNodeNumber
RtlUnwind
OutputDebugStringW
GetVersionExW
GetCurrentProcess
GetExitCodeProcess
GetFileTime
GetSystemTimeAsFileTime
CloseHandle
MultiByteToWideChar
GetFileAttributesW
CreateFileW
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
ExitProcess
LoadLibraryW
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
FindResourceW
LoadResource
FindResourceExW
GetSystemInfo
HeapReAlloc
LockResource
GetLastError
HeapSize
InitializeCriticalSectionEx
GetActiveProcessorGroupCount
HeapFree
IsBadWritePtr
SizeofResource
GetActiveProcessorCount
WriteConsoleW
ReadConsoleW
GetConsoleMode
GetUserDefaultUILanguage
FreeLibrary
LocalFree
FormatMessageW
VerSetConditionMask
VerifyVersionInfoW
GetShortPathNameW
GetLongPathNameW
GetModuleFileNameW
GetFileSize
GetStartupInfoW
CreateProcessW
ProcessIdToSessionId
OpenEventW
GetCurrentProcessId
OpenProcess
SetLastError
GetProcAddress
WinExec
GetVolumeNameForVolumeMountPointW
MoveFileW
RemoveDirectoryW
CopyFileW
DeleteFileW
CreateDirectoryW
GetSystemDirectoryW
GetSystemWow64DirectoryW
GlobalAlloc
GlobalLock
GlobalUnlock
WideCharToMultiByte
ReadFile
GetHandleInformation
WaitForMultipleObjects
EnterCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
Sleep
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentThreadId
InitializeSListHead
RaiseException
TryAcquireSRWLockExclusive
QueryPerformanceFrequency
FormatMessageA
SetFileInformationByHandle
GetTempPathW
InitOnceExecuteOnce
CreateEventExW
CreateSemaphoreExW
FlushProcessWriteBuffers
GetCurrentProcessorNumber
GetTickCount64
FreeLibraryWhenCallbackReturns
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWait
GetFileInformationByHandleEx
CreateSymbolicLinkW
GetLocaleInfoEx
RtlUnwindEx
RtlPcToFileHeader
InterlockedPushEntrySList
InterlockedFlushSList
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetModuleHandleExW
GetStdHandle
WriteFile
GetCurrentThread
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
SetConsoleCtrlHandler
SetStdHandle
GetStringTypeW
GetFileSizeEx
SetFilePointerEx
FlushFileBuffers
GetConsoleOutputCP

user32

CloseClipboard
GetIconInfo
InvalidateRect
GetSystemMetrics
UnregisterClassW
LoadStringW
MessageBoxW
GetDlgItem
GetClientRect
FindWindowW
SetClipboardData
EmptyClipboard
GetWindowThreadProcessId
GetWindowTextW
OpenClipboard
ReleaseDC
GetWindowLongW
PostMessageW
EndDialog
SetWindowTextW
ShowWindow
wvsprintfW
ExitWindowsEx
SetDlgItemTextW
IsDlgButtonChecked
CheckDlgButton
DialogBoxParamW
EnableWindow
CreateWindowExW
SendMessageW
GetDC
SetWindowLongW

advapi32

RegSetValueExW
StartServiceW
ConvertStringSidToSidW
ControlService
QueryServiceStatus
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegEnumValueW
RegEnumKeyW
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
DuplicateTokenEx
NotifyBootConfigStatus
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCloseKey
EnumServicesStatusExW
OpenProcessToken
RegOpenKeyExW
RegQueryValueExW
SetTokenInformation
GetLengthSid
CreateProcessAsUserW
GetUserNameW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
QueryServiceConfigW
ChangeServiceConfigW

shell32

SHGetKnownFolderPath
SHGetStockIconInfo
SHChangeNotify
SHGetSpecialFolderPathW
SHCreateDirectoryExW
ShellExecuteExW
ShellExecuteW

ole32

CLSIDFromString
CoTaskMemFree

oleaut32

SysAllocString
SysFreeString

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlW
InternetOpenW
InternetCanonicalizeUrlW

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

shlwapi

SHDeleteKeyW

gdi32

GetTextExtentPoint32W
GetObjectW
DeleteObject
SelectObject

Sections

.text
Size: 444KB - Virtual size: 443KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

memcpy_
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bitsumsessionagent.exe
.exe windows:6 windows x64 arch:x64

a7701cdb73805c1b95559d6cb505e04d

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6c:0c:3d:78:b9:86:df:a9:13:5d:6b:0d:db:e7:d5:17:10:c7:08:64:a7:58:65:aa:ae:04:6f:04:02:a4:7f:95
Signer

Actual PE Digest

6c:0c:3d:78:b9:86:df:a9:13:5d:6b:0d:db:e7:d5:17:10:c7:08:64:a7:58:65:aa:ae:04:6f:04:02:a4:7f:95

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\dev\projs\ProcessSupervisor\x64\Release\bitsumsessionagent.pdb

Imports

kernel32

HeapReAlloc
FindResourceExW
LoadResource
FindResourceW
HeapAlloc
HeapDestroy
DeleteCriticalSection
GetProcessHeap
SetPriorityClass
GetCurrentProcess
OutputDebugStringW
WaitForSingleObject
OpenEventW
ReleaseMutex
CreateEventW
ProcessIdToSessionId
SetEvent
CloseHandle
LoadLibraryW
GetProcAddress
GetCurrentProcessId
SetThreadExecutionState
FreeLibrary
LockResource
GetLastError
HeapSize
InitializeCriticalSectionEx
HeapFree
CreateMutexW
SizeofResource
WriteConsoleW
CreateFileW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetFilePointerEx
GetStringTypeW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
IsDebuggerPresent
RaiseException
EnterCriticalSection
LeaveCriticalSection
LocalFree
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
TryAcquireSRWLockExclusive
WaitForSingleObjectEx
GetExitCodeThread
RtlUnwindEx
RtlPcToFileHeader
SetLastError
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
GetStdHandle
WriteFile
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP

user32

GetMessageW
DefWindowProcW
GetLastInputInfo
DestroyWindow
MessageBoxW
GetWindowThreadProcessId
SendMessageW
RegisterClassExW
DispatchMessageW
SetTimer
GetForegroundWindow
TranslateMessage
LoadCursorW
PostQuitMessage
CreateWindowExW

advapi32

RegCloseKey
RegQueryValueExW
RegCreateKeyExW

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
pl-update.cmd
pl.cmd
plActivate.exe
.exe windows:6 windows x64 arch:x64

6165000e7b95b0dd4f16b61f6896a823

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d2:d1:11:fd:11:33:76:a6:92:d2:aa:6a:51:ab:c3:03:8d:ee:16:6a:bf:5f:93:71:f3:3f:64:37:37:09:73:2b
Signer

Actual PE Digest

d2:d1:11:fd:11:33:76:a6:92:d2:aa:6a:51:ab:c3:03:8d:ee:16:6a:bf:5f:93:71:f3:3f:64:37:37:09:73:2b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\dev\projs\ProcessSupervisor\output\plActivate.pdb

Imports

kernel32

FreeLibrary
GetModuleFileNameW
CreateFileW
CloseHandle
GetCurrentProcess
GetStartupInfoW
GetCurrentProcessId
SetLastError
GetProcAddress
WideCharToMultiByte
GetSystemInfo
IsBadWritePtr
GetSystemTimeAsFileTime
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
IsDebuggerPresent
OutputDebugStringW
RaiseException
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetCurrentThreadId
QueryPerformanceCounter
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetModuleHandleExW
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
SetFilePointerEx
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetStringTypeW
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
WriteConsoleW
DeleteCriticalSection
GetLastError
InitializeCriticalSectionEx
FindResourceW
FindResourceExW
LoadResource
LockResource
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
GetUserDefaultUILanguage
GetModuleHandleW
ExitProcess
LoadLibraryW

wininet

InternetCloseHandle
InternetOpenW
InternetOpenUrlW
InternetCanonicalizeUrlW
InternetReadFile

advapi32

RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW

Sections

.text
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
pl_rsrc_bulgarian.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1b:d1:84:47:43:35:f7:e5:18:d6:11:17:cd:90:63:7c:a6:9f:0f:86:fa:a2:f1:a6:97:24:66:3f:7c:26:6b:65
Signer

Actual PE Digest

1b:d1:84:47:43:35:f7:e5:18:d6:11:17:cd:90:63:7c:a6:9f:0f:86:fa:a2:f1:a6:97:24:66:3f:7c:26:6b:65

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\dev\projs\ProcessSupervisor\output\pl_rsrc_bulgarian.pdb

Sections

.rdata
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pl_rsrc_chinese.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6e:1b:34:4b:4b:14:a9:88:25:47:c1:82:51:44:12:2f:a6:a2:6d:dd:63:53:9d:c7:10:d6:67:3b:00:1e:34:e5
Signer

Actual PE Digest

6e:1b:34:4b:4b:14:a9:88:25:47:c1:82:51:44:12:2f:a6:a2:6d:dd:63:53:9d:c7:10:d6:67:3b:00:1e:34:e5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\dev\projs\ProcessSupervisor\output\pl_rsrc_chinese.pdb

Sections

.rdata
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pl_rsrc_chinese_traditional.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

86:8f:6f:40:11:4c:6c:79:ed:5c:16:d4:65:6d:3b:08:c5:f4:b3:e5:c2:17:8d:5e:50:33:05:64:93:f1:d1:d9
Signer

Actual PE Digest

86:8f:6f:40:11:4c:6c:79:ed:5c:16:d4:65:6d:3b:08:c5:f4:b3:e5:c2:17:8d:5e:50:33:05:64:93:f1:d1:d9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\dev\projs\ProcessSupervisor\output\pl_rsrc_chinese_traditional.pdb

Sections

.rdata
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pl_rsrc_english.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

55:db:53:15:44:30:2f:f9:37:ee:d8:e0:39:76:d7:4c:d9:7a:0c:33:81:90:ef:7b:9d:16:fd:87:49:67:ce:0c
Signer

Actual PE Digest

55:db:53:15:44:30:2f:f9:37:ee:d8:e0:39:76:d7:4c:d9:7a:0c:33:81:90:ef:7b:9d:16:fd:87:49:67:ce:0c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.rdata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pl_rsrc_finnish.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

48:0f:83:e4:ee:04:9f:d1:82:93:b5:70:d5:db:32:4f:14:9f:a2:36:59:0d:75:af:97:56:fa:ed:fc:da:8b:24
Signer

Actual PE Digest

48:0f:83:e4:ee:04:9f:d1:82:93:b5:70:d5:db:32:4f:14:9f:a2:36:59:0d:75:af:97:56:fa:ed:fc:da:8b:24

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\pl\output\pl_rsrc_finnish.pdb

Sections

.rdata
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pl_rsrc_french.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

54:69:38:bb:15:74:35:4a:bb:51:ee:0e:5e:d2:91:a4:05:05:27:2b:ff:21:6d:b9:2d:23:da:3b:76:80:05:bc
Signer

Actual PE Digest

54:69:38:bb:15:74:35:4a:bb:51:ee:0e:5e:d2:91:a4:05:05:27:2b:ff:21:6d:b9:2d:23:da:3b:76:80:05:bc

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\dev\projs\ProcessSupervisor\output\pl_rsrc_french.pdb

Sections

.rdata
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pl_rsrc_german.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:3c:be:71:d9:0b:32:3e:a1:62:a9:a0:22:a5:11:af:8d:ec:95:ae:74:88:67:08:0a:d0:4c:41:24:03:1f:f4
Signer

Actual PE Digest

61:3c:be:71:d9:0b:32:3e:a1:62:a9:a0:22:a5:11:af:8d:ec:95:ae:74:88:67:08:0a:d0:4c:41:24:03:1f:f4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\dev\projs\ProcessSupervisor\output\pl_rsrc_german.pdb

Sections

.rdata
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pl_rsrc_italian.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ba:82:23:fe:10:e6:bc:80:f3:f1:c4:68:79:f7:82:e3:01:ac:3c:0a:ce:fb:95:d7:71:f5:75:57:6c:da:d2:99
Signer

Actual PE Digest

ba:82:23:fe:10:e6:bc:80:f3:f1:c4:68:79:f7:82:e3:01:ac:3c:0a:ce:fb:95:d7:71:f5:75:57:6c:da:d2:99

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\pl\output\pl_rsrc_italian.pdb

Sections

.rdata
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pl_rsrc_japanese.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ae:cc:ea:cd:cc:52:23:49:9c:0c:66:10:96:14:53:8f:5f:df:d4:20:8b:cf:43:6f:7d:a7:0a:7e:81:3a:8a:87
Signer

Actual PE Digest

ae:cc:ea:cd:cc:52:23:49:9c:0c:66:10:96:14:53:8f:5f:df:d4:20:8b:cf:43:6f:7d:a7:0a:7e:81:3a:8a:87

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\dev\projs\ProcessSupervisor\output\pl_rsrc_japanese.pdb

Sections

.rdata
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pl_rsrc_korean.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f9:26:b7:71:bd:22:a3:7f:31:ed:a1:fd:24:1f:99:ec:a1:be:e0:9f:5d:3b:bf:ac:8e:2e:4e:e5:bb:24:02:3c
Signer

Actual PE Digest

f9:26:b7:71:bd:22:a3:7f:31:ed:a1:fd:24:1f:99:ec:a1:be:e0:9f:5d:3b:bf:ac:8e:2e:4e:e5:bb:24:02:3c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\dev\projs\ProcessSupervisor\output\pl_rsrc_korean.pdb

Sections

.rdata
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pl_rsrc_polish.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

00:04:3c:0a:06:a1:94:dc:2c:fa:50:7f:a4:42:08:65:76:aa:5b:e6:27:3f:f8:55:40:aa:3e:bd:32:0b:d1:8f
Signer

Actual PE Digest

00:04:3c:0a:06:a1:94:dc:2c:fa:50:7f:a4:42:08:65:76:aa:5b:e6:27:3f:f8:55:40:aa:3e:bd:32:0b:d1:8f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\pl\output\pl_rsrc_polish.pdb

Sections

.rdata
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pl_rsrc_ptbr.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

72:ce:d1:39:98:55:7a:b0:98:c1:1e:39:f3:64:c1:37:47:8d:b8:dd:12:b8:41:38:90:05:ed:e4:c5:ae:85:f3
Signer

Actual PE Digest

72:ce:d1:39:98:55:7a:b0:98:c1:1e:39:f3:64:c1:37:47:8d:b8:dd:12:b8:41:38:90:05:ed:e4:c5:ae:85:f3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\pl\output\pl_rsrc_ptbr.pdb

Sections

.rdata
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pl_rsrc_russian.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

68:8b:d8:39:c5:7a:b1:fc:73:dd:f5:cd:c1:fe:b6:76:91:c9:8c:ea:d6:04:57:43:85:16:91:20:fc:4b:83:fb
Signer

Actual PE Digest

68:8b:d8:39:c5:7a:b1:fc:73:dd:f5:cd:c1:fe:b6:76:91:c9:8c:ea:d6:04:57:43:85:16:91:20:fc:4b:83:fb

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\pl\output\pl_rsrc_russian.pdb

Sections

.rdata
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pl_rsrc_slovenian.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:48:9c:83:df:f6:d1:f2:59:e3:50:58:e9:05:0a:14:9f:79:47:10:6f:f5:46:6e:66:52:1f:f3:a1:ec:ed:ac
Signer

Actual PE Digest

2e:48:9c:83:df:f6:d1:f2:59:e3:50:58:e9:05:0a:14:9f:79:47:10:6f:f5:46:6e:66:52:1f:f3:a1:ec:ed:ac

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\dev\projs\ProcessSupervisor\output\pl_rsrc_slovenian.pdb

Sections

.rdata
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pl_rsrc_spanish.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ce:b8:88:43:60:a4:1f:90:89:da:04:69:47:82:b6:61:f3:c4:df:6f:f2:a6:e5:c7:c3:ce:bd:ac:6d:6a:93:5d
Signer

Actual PE Digest

ce:b8:88:43:60:a4:1f:90:89:da:04:69:47:82:b6:61:f3:c4:df:6f:f2:a6:e5:c7:c3:ce:bd:ac:6d:6a:93:5d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\dev\projs\ProcessSupervisor\output\pl_rsrc_spanish.pdb

Sections

.rdata
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
srvstub.exe
.exe windows:6 windows x64 arch:x64

7d94c4c800ab23365817607fc3a91c3a

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:ef:e6:29:c4:33:d1:73:9a:db:e7:11:1e:72:77:ee:a6:16:7f:5c:22:6b:06:17:6e:8d:bf:f0:89:eb:ab:3d
Signer

Actual PE Digest

03:ef:e6:29:c4:33:d1:73:9a:db:e7:11:1e:72:77:ee:a6:16:7f:5c:22:6b:06:17:6e:8d:bf:f0:89:eb:ab:3d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\pl\output\srvstub.pdb

Imports

kernel32

SetEvent
WaitForSingleObject
CreateEventW
OpenEventW
Sleep
WaitForMultipleObjects
GetCurrentProcess
TerminateProcess
GetExitCodeProcess
CreateThread
ExitThread
CreateProcessW
GetProcessHeap
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
MultiByteToWideChar
GetLastError
InitializeCriticalSectionEx
DeleteCriticalSection
WriteConsoleW
CreateFileW
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetStartupInfoW
CloseHandle
IsDebuggerPresent
OutputDebugStringW
RaiseException
EnterCriticalSection
LeaveCriticalSection
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlPcToFileHeader
RtlUnwindEx
SetLastError
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
GetFileType
SetStdHandle
GetStringTypeW
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx

advapi32

SetServiceStatus
RegisterServiceCtrlHandlerW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
StartServiceCtrlDispatcherW

Sections

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
start-governor.bat
stop-governor.bat
testlasso.exe
.exe windows:6 windows x64 arch:x64

2c5d2a94a5f323639094dc74dadda94b

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3e:a6:a0:97:12:9c:79:58:b7:84:b4:cc:e7:1d:e3:70:42:7c:b8:0d:1f:13:ce:ce:6d:00:ac:e5:9c:60:8c:fd
Signer

Actual PE Digest

3e:a6:a0:97:12:9c:79:58:b7:84:b4:cc:e7:1d:e3:70:42:7c:b8:0d:1f:13:ce:ce:6d:00:ac:e5:9c:60:8c:fd

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\pl\output\testlasso.pdb

Imports

kernel32

GetActiveProcessorCount
GetActiveProcessorGroupCount
GetModuleFileNameW
GetModuleHandleW
CreateFileW
CloseHandle
GetStartupInfoW
CreateProcessW
GetCurrentProcessId
SetLastError
GetProcAddress
LoadLibraryW
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
ExitProcess
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetCurrentThreadId
QueryPerformanceCounter
GetSystemTimeAsFileTime
RtlUnwind
IsDebuggerPresent
OutputDebugStringW
RaiseException
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetModuleHandleExW
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
GetFileSizeEx
SetFilePointerEx
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
MultiByteToWideChar
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetStringTypeW
GetConsoleMode
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleW
FlushFileBuffers
GetConsoleOutputCP
ReadFile
WriteConsoleW
WaitForMultipleObjects
SetProcessAffinityMask
GetCurrentThread
SetThreadPriorityBoost
GetCurrentProcess
GetPriorityClass
Sleep
TerminateThread
CreateThread
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetProcessHeap
DeleteCriticalSection
HeapDestroy
HeapAlloc
HeapReAlloc
GetLastError
GetLogicalProcessorInformationEx
HeapSize
InitializeCriticalSectionEx
HeapFree

shell32

SHQueryUserNotificationState

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
vistammsc.exe
.exe windows:6 windows x64 arch:x64

0cef9d1aafb2d1c862fe37ea5858d18a

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/02/2023, 00:00

Not After

08/03/2025, 23:59

Subject

SERIALNUMBER=000681038,CN=Bitsum LLC,O=Bitsum LLC,L=Morristown,ST=Tennessee,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130954656e6e6573736565,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e1:9b:31:ca:d2:4a:c6:b8:77:9f:f5:c0:a6:80:24:f9:c1:ad:0d:b0:08:f9:36:ea:3f:73:72:97:e3:78:c0:f3
Signer

Actual PE Digest

e1:9b:31:ca:d2:4a:c6:b8:77:9f:f5:c0:a6:80:24:f9:c1:ad:0d:b0:08:f9:36:ea:3f:73:72:97:e3:78:c0:f3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\pl\output\vistammsc.exe.pdb

Imports

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

kernel32

GetActiveProcessorCount
GetActiveProcessorGroupCount
CreateProcessW
GetStartupInfoW
GetWindowsDirectoryW
GetVersionExW
OutputDebugStringW
DeleteCriticalSection
DecodePointer
GetLogicalProcessorInformationEx
InitializeCriticalSectionEx
GetLastError
MultiByteToWideChar
GetSystemTimeAsFileTime
CreateFileW
CloseHandle
GetExitCodeProcess
WaitForSingleObject
GetModuleHandleW
ExitProcess
LoadLibraryW
FindResourceW
FindResourceExW
LoadResource
LockResource
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
GetUserDefaultUILanguage
FreeLibrary
LocalFree
GetModuleFileNameW
GetFileSize
GetCurrentProcess
GetCurrentProcessId
SetLastError
GetProcAddress
DeleteFileW
GlobalAlloc
GlobalLock
GlobalUnlock
WideCharToMultiByte
ReadFile
GetNumaHighestNodeNumber
GetNumaNodeProcessorMask
HeapSize
LocalAlloc
LocalLock
LocalUnlock
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
Sleep
CreateEventW
SetEvent
WriteFile
FlushFileBuffers
SetEndOfFile
FindNextFileW
IsDebuggerPresent
RaiseException
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
GetCurrentThreadId
GetStringTypeW
LoadLibraryExW
QueryPerformanceCounter
EncodePointer
GetCPInfo
HeapDestroy
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
GetStdHandle
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
SetFilePointerEx
FindClose
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetConsoleOutputCP
GetConsoleMode
WriteConsoleW
GetSystemInfo
MulDiv

user32

DrawIcon
EndPaint
GetSysColor
GetDialogBaseUnits
SystemParametersInfoW
GetSystemMetrics
DrawTextW
LoadIconW
DestroyIcon
FillRect
IsWindow
GetClassNameW
EnableMenuItem
GetSystemMenu
SetWindowPos
SetForegroundWindow
GetWindowRect
MoveWindow
GetParent
SetTimer
KillTimer
WinHelpW
RedrawWindow
GetAsyncKeyState
GetWindow
CreateDialogIndirectParamW
PeekMessageW
MessageBeep
TranslateMessage
DispatchMessageW
WaitMessage
PostQuitMessage
DestroyWindow
SetRect
SetFocus
GetWindowLongPtrW
SetWindowLongPtrW
IsDlgButtonChecked
CheckDlgButton
IsWindowEnabled
CreateWindowExW
GetClientRect
SetWindowTextW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
SetWindowLongW
GetWindowLongW
GetWindowTextW
BeginPaint
GetLastActivePopup
IsDialogMessageW
GetActiveWindow
MessageBoxW
LoadStringW
ShowWindow
SendMessageW
DialogBoxParamW
GetDlgItem
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
EndDialog
EnableWindow
PostMessageW
GetDlgItemInt

comdlg32

GetSaveFileNameW

advapi32

RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegCloseKey
RegQueryValueExW

oleaut32

VariantClear

comctl32

InitCommonControlsEx

gdi32

DeleteObject
CreateDCW
CreateFontIndirectW
DeleteDC
SetBkColor
SetTextColor
CreateSolidBrush
SelectObject
GetTextExtentPoint32W

Sections

.text
Size: 214KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Распаковка английской версии.cmd
Распаковка русской версии.cmd
Установка английской версии.cmd
Установка русской версии.cmd

Sharing

General

Malware Config

Signatures

Files

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 92KB

.rsrc Size: 77KB - Virtual size: 76KB

232dd24912b961a002280dd98949b378

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

0a:ee:9f:fc:66:04:55:22:e7:d3:83:0c:4c:97:ca:1f:d7:25:c0:42:23:22:b2:15:d9:85:ca:38:fe:77:76:82Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

gdi32

advapi32

oleaut32

rpcrt4

shell32

ole32

Sections

.text Size: 303KB - Virtual size: 303KB

.rdata Size: 84KB - Virtual size: 84KB

.data Size: 5KB - Virtual size: 30KB

.pdata Size: 11KB - Virtual size: 10KB

_RDATA Size: 512B - Virtual size: 500B

.rsrc Size: 72KB - Virtual size: 72KB

.reloc Size: 2KB - Virtual size: 2KB

74360a6a8e7273df476c18c8a08facab

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

61:18:56:aa:e7:6a:35:2a:9c:d8:ab:39:5d:46:bd:5e:f3:3a:70:6b:27:aa:a1:54:86:d5:85:2c:5a:d8:8b:82Signer

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 92KB

.rsrc
Size: 77KB - Virtual size: 76KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

0a:ee:9f:fc:66:04:55:22:e7:d3:83:0c:4c:97:ca:1f:d7:25:c0:42:23:22:b2:15:d9:85:ca:38:fe:77:76:82
Signer

.text
Size: 303KB - Virtual size: 303KB

.rdata
Size: 84KB - Virtual size: 84KB

.data
Size: 5KB - Virtual size: 30KB

.pdata
Size: 11KB - Virtual size: 10KB

_RDATA
Size: 512B - Virtual size: 500B

.rsrc
Size: 72KB - Virtual size: 72KB

.reloc
Size: 2KB - Virtual size: 2KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

61:18:56:aa:e7:6a:35:2a:9c:d8:ab:39:5d:46:bd:5e:f3:3a:70:6b:27:aa:a1:54:86:d5:85:2c:5a:d8:8b:82
Signer

.text
Size: 390KB - Virtual size: 389KB

.rdata
Size: 97KB - Virtual size: 96KB

.data
Size: 17KB - Virtual size: 44KB

.pdata
Size: 13KB - Virtual size: 12KB

_RDATA
Size: 512B - Virtual size: 500B

.rsrc
Size: 226KB - Virtual size: 226KB

.reloc
Size: 2KB - Virtual size: 2KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

20:97:47:8e:73:7f:fa:99:16:7d:12:8a:27:c4:d0:b6:d9:4f:5e:de:22:62:5d:5c:ae:2c:62:35:5a:60:e9:ee
Signer

.text
Size: 395KB - Virtual size: 394KB

.rdata
Size: 106KB - Virtual size: 105KB

.data
Size: 17KB - Virtual size: 46KB

.pdata
Size: 13KB - Virtual size: 12KB

_RDATA
Size: 512B - Virtual size: 500B

.rsrc
Size: 226KB - Virtual size: 226KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0b:49:4d:7d:f0:20:97:10:7b:90:65:02:51:33:fe:92
Certificate