2024-03-11_499cd2d1127b41e3169c9c4e57f0dc42_ryuk

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-11_499cd2d1127b41e3169c9c4e57f0dc42_ryuk
Size

19.2MB
MD5

499cd2d1127b41e3169c9c4e57f0dc42
SHA1

c1b11001725acbc886c52fa41a42f5719cbb2f49
SHA256

9df2767ba3bb32dcd0abf293a97d2054c64840b38ef8dd4472092079e3799f0a
SHA512

e553a4e5e65577f781f0be338cab28f2567694c393bd594c1272e878c715340c2af22dcb563dbf3a2d42cfa0f5ea7f84ded0887100934920cdd2755503a26e20
SSDEEP

196608:7NTBGKbeIJ4/qymfzqEsdxcNq93pPFHQAqiTrHRncxx:htTN5Ps/93p9wfifHJc

Score

1^/10

Malware Config

Signatures

Files

2024-03-11_499cd2d1127b41e3169c9c4e57f0dc42_ryuk
.exe windows:5 windows x64 arch:x64

f9f00adb1c807d7b4833189f5762e3e2

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:a5:a1:33:e7:fe:db:53:c8:f1:66:87:cf:bc:4e:db
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

04/04/2023, 00:00

Not After

04/04/2026, 23:59

Subject

SERIALNUMBER=91310110787862412B,CN=上海贝锐信息科技股份有限公司,O=上海贝锐信息科技股份有限公司,ST=上海市,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#0c09e4b88ae6b5b7e5b882,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:a5:a1:33:e7:fe:db:53:c8:f1:66:87:cf:bc:4e:db
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

04/04/2023, 00:00

Not After

04/04/2026, 23:59

Subject

SERIALNUMBER=91310110787862412B,CN=上海贝锐信息科技股份有限公司,O=上海贝锐信息科技股份有限公司,ST=上海市,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#0c09e4b88ae6b5b7e5b882,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7e:d7:78:62:8d:eb:fe:48:32:76:cd:fb:9a:50:51:2e:8a:54:96:2c:31:5a:ac:72:f7:e9:d9:f7:eb:fe:2d:da
Signer

Actual PE Digest

7e:d7:78:62:8d:eb:fe:48:32:76:cd:fb:9a:50:51:2e:8a:54:96:2c:31:5a:ac:72:f7:e9:d9:f7:eb:fe:2d:da

Digest Algorithm

sha256

PE Digest Matches

true

ce:cc:05:0b:18:a7:d7:e3:77:ae:81:ea:a4:a0:91:ef:26:82:20:bd
Signer

Actual PE Digest

ce:cc:05:0b:18:a7:d7:e3:77:ae:81:ea:a4:a0:91:ef:26:82:20:bd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

crypt32

CertOpenStore
CertEnumCertificatesInStore
CertDuplicateCertificateContext
CertGetNameStringW
CertFindCertificateInStore
CryptMsgGetParam
CertCloseStore
CryptQueryObject
CertFreeCertificateContext
CryptMsgClose
CertGetCertificateContextProperty

winmm

timeGetTime

winspool.drv

EnumPrintProcessorsW
ClosePrinter
AddPrinterA
DeletePrinter
EnumPrinterDriversW
OpenPrinterA
GetPrintProcessorDirectoryA

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDeviceInterfaceDetailW
CM_Get_Device_Interface_ListW
SetupDiEnumDeviceInfo
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiSetClassInstallParamsW
SetupDiChangeState
CM_Get_Device_Interface_List_SizeW

hid

HidD_FreePreparsedData
HidD_GetAttributes
HidP_GetCaps
HidD_GetPreparsedData
HidD_GetHidGuid

kernel32

VirtualFree
VirtualAlloc
VirtualAllocEx
FlushInstructionCache
CreateRemoteThread
lstrcpyA
GetSystemTime
GetTempFileNameA
ProcessIdToSessionId
GetLocalTime
DeviceIoControl
CreateFileA
GetSystemDirectoryW
TerminateThread
GlobalSize
GetSystemTimes
CompareFileTime
GetDiskFreeSpaceExW
FreeResource
VirtualQuery
GlobalAddAtomW
WaitForSingleObjectEx
GetConsoleMode
WriteConsoleW
GetProcessAffinityMask
GetThreadPriority
ReadConsoleA
GetEnvironmentVariableW
GlobalMemoryStatus
ConvertThreadToFiber
ConvertFiberToThread
CreateFiber
DeleteFiber
SwitchToFiber
SwitchToThread
CreateWaitableTimerW
SetWaitableTimer
HeapQueryInformation
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
SetEndOfFile
SetStdHandle
GetCurrentDirectoryW
ReadConsoleW
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetACP
VirtualProtect
ExitProcess
SetConsoleCtrlHandler
GetTimeZoneInformation
SetFilePointerEx
GetConsoleCP
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
SetConsoleMode
CreateDirectoryW
GetFileAttributesExW
GetFileType
GetDriveTypeW
LoadLibraryExW
RtlUnwindEx
RtlPcToFileHeader
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
CreateSemaphoreA
CreateEventA
LoadLibraryExA
InterlockedPushEntrySList
InterlockedPopEntrySList
OutputDebugStringW
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
GetLocaleInfoW
LCMapStringW
CompareStringW
GetCPInfo
EncodePointer
GetStringTypeW
DisconnectNamedPipe
PeekNamedPipe
CreateNamedPipeA
SetUnhandledExceptionFilter
RtlCaptureContext
GetLogicalDriveStringsW
GetVolumeInformationW
OpenMutexW
CreateMutexW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetUserDefaultLangID
FileTimeToDosDateTime
GetFileTime
GetSystemDirectoryA
QueryPerformanceCounter
QueryPerformanceFrequency
WriteProcessMemory
GetProcessId
VerSetConditionMask
VerifyVersionInfoW
MoveFileExW
GetExitCodeThread
OpenEventW
GetNativeSystemInfo
SetProcessShutdownParameters
GetCommandLineW
SetPriorityClass
GetModuleHandleA
GetProcAddress
GetTickCount
HeapFree
EnterCriticalSection
ReleaseSemaphore
WaitForMultipleObjects
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
InitializeCriticalSection
WaitForSingleObject
HeapSize
CreateEventW
GetLastError
SetEvent
HeapReAlloc
CloseHandle
RaiseException
ResetEvent
HeapAlloc
DecodePointer
HeapDestroy
DeleteCriticalSection
GetProcessHeap
CreateSemaphoreW
CreateDirectoryA
GetTempPathW
SetLastError
GetExitCodeProcess
LocalAlloc
WritePrivateProfileStringA
WritePrivateProfileStringW
TryEnterCriticalSection
ConnectNamedPipe
GlobalUnlock
MapViewOfFile
CreateFileMappingW
IsBadReadPtr
WideCharToMultiByte
CopyFileW
GetModuleHandleW
CreateProcessW
GetCurrentProcessId
LocalFree
GlobalLock
FindResourceW
LoadResource
FindResourceExW
GetSystemInfo
GlobalFree
Process32FirstW
DeleteFileW
GlobalAlloc
LockResource
GetCurrentThread
Process32NextW
GetTempPathA
CreateToolhelp32Snapshot
GetCommandLineA
GetVersion
UnmapViewOfFile
OpenFileMappingW
GetFileAttributesW
CreateFileW
FindNextFileW
FindClose
GetModuleFileNameW
TerminateProcess
GetFileSizeEx
FindFirstFileW
SizeofResource
GetModuleFileNameA
ReadFile
ReleaseMutex
CreateMutexA
LoadLibraryA
SystemTimeToFileTime
GetVersionExW
GetCurrentProcess
GetFullPathNameW
GetSystemTimeAsFileTime
TlsFree
TlsGetValue
CreateThread
TlsAlloc
Sleep
ResumeThread
SetThreadPriority
TlsSetValue
MultiByteToWideChar
IsDebuggerPresent
FreeLibrary
LoadLibraryW
GetCurrentThreadId
OutputDebugStringA
WriteFile
GetStdHandle

user32

DrawTextW
GetSysColor
GetIconInfo
GetProcessWindowStation
EnumDisplayDevicesA
GetMonitorInfoA
EnumDisplaySettingsA
UnregisterClassW
GetMonitorInfoW
EnumDisplayMonitors
GetDesktopWindow
SetRectEmpty
EnumDisplayDevicesW
InvalidateRect
SetRect
IntersectRect
IsRectEmpty
WindowFromPoint
GetGUIThreadInfo
SwapMouseButton
GetParent
OpenDesktopW
EnumWindows
BlockInput
GetDoubleClickTime
ClientToScreen
RegisterClassW
VkKeyScanW
SetActiveWindow
OffsetRect
ReleaseDC
SetForegroundWindow
SystemParametersInfoW
SetClipboardData
GetWindowDC
GetClipboardData
GetForegroundWindow
AttachThreadInput
EmptyClipboard
CloseClipboard
OpenClipboard
RegisterDeviceNotificationW
IsWindow
ShowWindow
GetKeyboardState
IsWindowVisible
PostMessageW
GetWindowThreadProcessId
GetWindowLongW
GetDC
MessageBoxW
SetWindowLongW
SetLayeredWindowAttributes
PeekMessageW
SetTimer
DispatchMessageW
GetWindowLongPtrW
MsgWaitForMultipleObjects
SendMessageW
SetWindowLongPtrW
SetWindowPos
DestroyWindow
GetWindowRect
FindWindowExW
DefWindowProcW
GetCursorPos
SendInput
LockWorkStation
GetSystemMetrics
MapVirtualKeyW
DrawIcon
GetClientRect
SetPropW
RemovePropW
GetPropW
DrawIconEx
SendMessageTimeoutW
SetClipboardViewer
GetClipboardOwner
GetKeyState
OpenInputDesktop
CloseDesktop
GetThreadDesktop
SetThreadDesktop
GetUserObjectInformationA
SetCursorPos
PtInRect
KillTimer
GetDialogBaseUnits
DialogBoxIndirectParamW
EndDialog
RegisterClipboardFormatA
GetPriorityClipboardFormat
EnumDisplaySettingsW
ChangeDisplaySettingsExA
EnumDisplaySettingsExA
ExitWindowsEx
EnumDisplaySettingsExW
ChangeDisplaySettingsExW
GetUserObjectInformationW
LoadCursorW
GetClipCursor
GetCursorInfo
UnregisterDeviceNotification
GetClassInfoExW
GetClassInfoW
CloseWindow
GetUpdateRgn
PostThreadMessageW
TranslateMessage
RegisterClassExW
CreateWindowExW
CallWindowProcW
GetMessageW
RegisterWindowMessageW
PostQuitMessage
GetRawInputDeviceInfoA
SetWindowsHookExW
RegisterRawInputDevices
UnhookWindowsHookEx
GetRawInputData
CallNextHookEx
GetOpenClipboardWindow
ChangeClipboardChain
RegisterClipboardFormatW

gdi32

MoveToEx
GetDIBits
CreateFontW
LineTo
CreatePen
Rectangle
Ellipse
CreateRectRgn
GetRegionData
BitBlt
StretchBlt
CreateRectRgnIndirect
SelectClipRgn
CombineRgn
GetRgnBox
SetDIBColorTable
GdiFlush
SetDIBitsToDevice
GetBitmapBits
ExtEscape
GetDIBColorTable
CreateDCW
GetPixel
CreateDIBSection
GetStockObject
SetTextColor
SetBkMode
GetObjectW
CreateFontIndirectW
DeleteObject
CreateSolidBrush
GetDeviceCaps
SelectObject
CreateCompatibleDC
DeleteDC

advapi32

OpenProcessToken
MakeAbsoluteSD
MakeSelfRelativeSD
GetSecurityDescriptorLength
GetLengthSid
InitializeAcl
InitializeSecurityDescriptor
FreeSid
CryptEnumProvidersW
CryptSignHashW
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
ReportEventW
RegisterEventSourceW
DeregisterEventSource
RegEnumKeyExW
CryptAcquireContextA
RegQueryInfoKeyW
CryptGenRandom
RegCreateKeyW
EnumServicesStatusW
SetSecurityInfo
BuildTrusteeWithSidW
GetSecurityInfo
QueryServiceStatus
UnlockServiceDatabase
CloseServiceHandle
OpenSCManagerW
LockServiceDatabase
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
QueryServiceStatusEx
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCloseKey
CryptAcquireContextW
SetTokenInformation
SetEntriesInAclW
CreateWellKnownSid
RegCreateKeyExW
CryptCreateHash
RegSetValueExW
CryptDestroyHash
CheckTokenMembership
RegOpenKeyExW
CreateProcessAsUserW
RegDeleteValueW
GetUserNameW
DuplicateTokenEx
RegQueryValueExW
CryptReleaseContext
GetSecurityDescriptorSacl
SetSecurityDescriptorDacl
GetSecurityDescriptorDacl
GetAclInformation
AllocateAndInitializeSid
GetSecurityDescriptorGroup
GetSecurityDescriptorControl
CopySid
GetSecurityDescriptorOwner
IsValidSid
AddAce

shell32

SHGetSpecialFolderPathW
SHGetFileInfoW
ord727
DragQueryPoint
DragQueryFileW
SHCreateDirectoryExA
SHGetFolderPathW
ShellExecuteExW
CommandLineToArgvW

ole32

OleSetClipboard
OleUninitialize
DoDragDrop
ReleaseStgMedium
RegisterDragDrop
OleInitialize
CoInitializeSecurity
StringFromGUID2
CoSetProxyBlanket
CoCreateInstance
CoInitializeEx
CoUninitialize
CoInitialize
CoTaskMemFree
CoTaskMemRealloc
CreateStreamOnHGlobal
CoTaskMemAlloc

oleaut32

VariantClear
SysAllocString
SysAllocStringLen
SysFreeString
VariantInit

shlwapi

PathFileExistsA
PathFileExistsW
PathRemoveFileSpecW
PathRemoveFileSpecA
StrStrIA
PathStripPathW
PathFindExtensionW
SHCreateStreamOnFileW

userenv

CreateEnvironmentBlock

ws2_32

gethostbyname
WSAGetLastError
setsockopt
ioctlsocket
sendto
getsockopt
recv
recvfrom
connect
socket
send
getsockname
shutdown
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
inet_ntoa
getservbyname
htonl
htons
__WSAFDIsSet
select
gethostname
WSACleanup
WSAStartup
accept
bind
closesocket
listen
getpeername

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

iphlpapi

GetAdaptersInfo
GetIpForwardTable

gdiplus

GdipFree
GdipAlloc
GdipCloneImage
GdipGetImageHeight
GdiplusStartup
GdiplusShutdown
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageWidth
GdipDisposeImage
GdipCreateBitmapFromScan0
GdipGetImagePalette
GdipGetImageGraphicsContext
GdipBitmapLockBits
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdipBitmapUnlockBits
GdipGetImagePaletteSize

msimg32

TransparentBlt
AlphaBlend

dbghelp

SymCleanup
SymGetModuleBase64
SymGetModuleInfo64
SymGetLineFromAddr64
SymFunctionTableAccess64
SymInitialize
StackWalk64
SymGetSymFromAddr64

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 12.9MB - Virtual size: 12.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 253KB - Virtual size: 8.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 392KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.custom
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 704KB - Virtual size: 703KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9f00adb1c807d7b4833189f5762e3e2

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

04:a5:a1:33:e7:fe:db:53:c8:f1:66:87:cf:bc:4e:dbCertificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

04:a5:a1:33:e7:fe:db:53:c8:f1:66:87:cf:bc:4e:dbCertificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

7e:d7:78:62:8d:eb:fe:48:32:76:cd:fb:9a:50:51:2e:8a:54:96:2c:31:5a:ac:72:f7:e9:d9:f7:eb:fe:2d:daSigner

ce:cc:05:0b:18:a7:d7:e3:77:ae:81:ea:a4:a0:91:ef:26:82:20:bdSigner

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

winmm

winspool.drv

setupapi

hid

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

userenv

ws2_32

wtsapi32

iphlpapi

gdiplus

msimg32

dbghelp

version

Sections

.text Size: 12.9MB - Virtual size: 12.9MB

.rdata Size: 4.8MB - Virtual size: 4.8MB

.data Size: 253KB - Virtual size: 8.6MB

.pdata Size: 392KB - Virtual size: 392KB

.rodata Size: 33KB - Virtual size: 33KB

.gfids Size: 2KB - Virtual size: 2KB

.tls Size: 512B - Virtual size: 9B

_RDATA Size: 44KB - Virtual size: 43KB

.custom Size: 512B - Virtual size: 408B

.rsrc Size: 704KB - Virtual size: 703KB

.reloc Size: 79KB - Virtual size: 78KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

04:a5:a1:33:e7:fe:db:53:c8:f1:66:87:cf:bc:4e:db
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

04:a5:a1:33:e7:fe:db:53:c8:f1:66:87:cf:bc:4e:db
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

7e:d7:78:62:8d:eb:fe:48:32:76:cd:fb:9a:50:51:2e:8a:54:96:2c:31:5a:ac:72:f7:e9:d9:f7:eb:fe:2d:da
Signer

ce:cc:05:0b:18:a7:d7:e3:77:ae:81:ea:a4:a0:91:ef:26:82:20:bd
Signer

.text
Size: 12.9MB - Virtual size: 12.9MB

.rdata
Size: 4.8MB - Virtual size: 4.8MB

.data
Size: 253KB - Virtual size: 8.6MB

.pdata
Size: 392KB - Virtual size: 392KB

.rodata
Size: 33KB - Virtual size: 33KB

.gfids
Size: 2KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 9B

_RDATA
Size: 44KB - Virtual size: 43KB

.custom
Size: 512B - Virtual size: 408B

.rsrc
Size: 704KB - Virtual size: 703KB

.reloc
Size: 79KB - Virtual size: 78KB