Extracted

Extracted

• 3b4fd27963299abc233c54a490f43448514eea440d432a671a7d890bb11a6248

  .exe windows:4 windows x86 arch:x86

  61259b55b8912888e90f516ca08dc514

  
  

  Code Sign

  08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9

  Certificate

  Issuer

  CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  29-04-2021 00:00

  Not After

  28-04-2036 23:59

  Subject

  CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  03:aa:64:92:de:9d:96:a9:0a:4b:ca:97:be:ad:b4:4a

  Certificate

  Issuer

  CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

  Not Before

  13-05-2022 00:00

  Not After

  14-05-2025 23:59

  Subject

  CN=Notepad\+\+,O=Notepad\+\+,L=Saint Cloud,ST=Ile-de-France,C=FR

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16

  Certificate

  Issuer

  CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

  Not Before

  14-07-2023 00:00

  Not After

  13-10-2034 23:59

  Subject

  CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b

  Certificate

  Issuer

  CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  23-03-2022 00:00

  Not After

  22-03-2037 23:59

  Subject

  CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a

  Certificate

  Issuer

  CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  01-08-2022 00:00

  Not After

  09-11-2031 23:59

  Subject

  CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  02:03:08:49:c1:0e:6f:47:07:71:32:d8:06:a9:b4:d0:a6:5f:f8:45:2b:b8:dd:82:39:35:78:a4:64:4a:e2:95

  Signer

  Actual PE Digest

  02:03:08:49:c1:0e:6f:47:07:71:32:d8:06:a9:b4:d0:a6:5f:f8:45:2b:b8:dd:82:39:35:78:a4:64:4a:e2:95

  Digest Algorithm

  sha256

  PE Digest Matches

  false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  advapi32

  RegCreateKeyExW

  RegEnumKeyW

  RegQueryValueExW

  RegSetValueExW

  RegCloseKey

  RegDeleteValueW

  RegDeleteKeyW

  AdjustTokenPrivileges

  LookupPrivilegeValueW

  OpenProcessToken

  SetFileSecurityW

  RegOpenKeyExW

  RegEnumValueW

  shell32

  SHGetSpecialFolderLocation

  SHFileOperationW

  SHBrowseForFolderW

  SHGetPathFromIDListW

  ShellExecuteExW

  SHGetFileInfoW

  ole32

  OleInitialize

  OleUninitialize

  CoCreateInstance

  IIDFromString

  CoTaskMemFree

  comctl32

  ord17

  ImageList_Create

  ImageList_Destroy

  ImageList_AddMasked

  user32

  GetClientRect

  EndPaint

  DrawTextW

  IsWindowEnabled

  DispatchMessageW

  wsprintfA

  CharNextA

  CharPrevW

  MessageBoxIndirectW

  GetDlgItemTextW

  SetDlgItemTextW

  GetSystemMetrics

  FillRect

  AppendMenuW

  TrackPopupMenu

  OpenClipboard

  SetClipboardData

  CloseClipboard

  IsWindowVisible

  CallWindowProcW

  GetMessagePos

  CheckDlgButton

  LoadCursorW

  SetCursor

  GetSysColor

  SetWindowPos

  GetWindowLongW

  PeekMessageW

  SetClassLongW

  GetSystemMenu

  EnableMenuItem

  GetWindowRect

  ScreenToClient

  EndDialog

  RegisterClassW

  SystemParametersInfoW

  CreateWindowExW

  GetClassInfoW

  DialogBoxParamW

  CharNextW

  ExitWindowsEx

  DestroyWindow

  CreateDialogParamW

  SetTimer

  SetWindowTextW

  PostQuitMessage

  SetForegroundWindow

  ShowWindow

  wsprintfW

  SendMessageTimeoutW

  FindWindowExW

  IsWindow

  GetDlgItem

  SetWindowLongW

  LoadImageW

  GetDC

  ReleaseDC

  EnableWindow

  InvalidateRect

  SendMessageW

  DefWindowProcW

  BeginPaint

  EmptyClipboard

  CreatePopupMenu

  gdi32

  SetBkMode

  SetBkColor

  GetDeviceCaps

  CreateFontIndirectW

  CreateBrushIndirect

  DeleteObject

  SetTextColor

  SelectObject

  kernel32

  GetExitCodeProcess

  WaitForSingleObject

  GetModuleHandleA

  GetProcAddress

  GetSystemDirectoryW

  lstrcatW

  Sleep

  lstrcpyA

  WriteFile

  GetTempFileNameW

  lstrcmpiA

  RemoveDirectoryW

  CreateProcessW

  CreateDirectoryW

  GetLastError

  CreateThread

  GlobalLock

  GlobalUnlock

  GetDiskFreeSpaceW

  WideCharToMultiByte

  lstrcpynW

  lstrlenW

  SetErrorMode

  GetVersionExW

  GetCommandLineW

  GetTempPathW

  GetWindowsDirectoryW

  SetEnvironmentVariableW

  CopyFileW

  ExitProcess

  GetCurrentProcess

  GetModuleFileNameW

  GetFileSize

  CreateFileW

  GetTickCount

  MulDiv

  SetFileAttributesW

  GetFileAttributesW

  SetCurrentDirectoryW

  MoveFileW

  GetFullPathNameW

  GetShortPathNameW

  SearchPathW

  CompareFileTime

  SetFileTime

  CloseHandle

  lstrcmpiW

  lstrcmpW

  ExpandEnvironmentStringsW

  GlobalFree

  GlobalAlloc

  GetModuleHandleW

  LoadLibraryExW

  MoveFileExW

  FreeLibrary

  WritePrivateProfileStringW

  GetPrivateProfileStringW

  lstrlenA

  MultiByteToWideChar

  ReadFile

  SetFilePointer

  FindClose

  FindNextFileW

  FindFirstFileW

  DeleteFileW

  Sections

  .text

  Size: 26KB - Virtual size: 25KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 5KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 1KB - Virtual size: 128KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .ndata

  Size: - Virtual size: 108KB

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 152KB - Virtual size: 152KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

• $PLUGINSDIR/InstallOptions.dll

  .dll windows:4 windows x86 arch:x86

  4b45b7e00344a87332fbd12653854d1a

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  Imports

  kernel32

  GetCurrentDirectoryW

  GlobalUnlock

  GlobalLock

  GetModuleHandleW

  CloseHandle

  SetEndOfFile

  SetCurrentDirectoryW

  GetPrivateProfileStringW

  GetPrivateProfileIntW

  MultiByteToWideChar

  ReadFile

  GetFileSize

  CreateFileW

  lstrcmpiW

  lstrcatW

  lstrcpynW

  WritePrivateProfileStringW

  lstrlenW

  lstrcpyW

  GlobalFree

  GlobalAlloc

  WriteFile

  SetFilePointer

  user32

  LoadCursorW

  SetWindowRgn

  GetDlgCtrlID

  CloseClipboard

  DrawFocusRect

  OpenClipboard

  DrawTextW

  SetCursor

  LoadIconW

  LoadImageW

  SetWindowLongW

  CreateWindowExW

  MapDialogRect

  SetWindowPos

  GetWindowRect

  CreateDialogParamW

  GetClientRect

  ShowWindow

  GetSystemMenu

  EnableWindow

  GetDlgItem

  DestroyIcon

  DestroyWindow

  DispatchMessageW

  TranslateMessage

  GetMessageW

  IsDialogMessageW

  CallWindowProcW

  PostMessageW

  MessageBoxW

  GetSysColor

  CharNextW

  wsprintfW

  GetWindowTextW

  SetWindowTextW

  SendMessageW

  GetWindowLongW

  EnableMenuItem

  PtInRect

  MapWindowPoints

  GetClipboardData

  gdi32

  SetTextColor

  DeleteObject

  CombineRgn

  CreateRectRgn

  GetDIBits

  SelectObject

  CreateCompatibleDC

  GetObjectW

  shell32

  SHGetDesktopFolder

  SHGetPathFromIDListW

  ShellExecuteW

  SHBrowseForFolderW

  comdlg32

  GetOpenFileNameW

  GetSaveFileNameW

  CommDlgExtendedError

  ole32

  CoTaskMemFree

  Exports

  Exports

  dialog

  initDialog

  make_unicode

  show

  Sections

  .text

  Size: 7KB - Virtual size: 7KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 2KB - Virtual size: 19KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 512B - Virtual size: 152B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• $PLUGINSDIR/System.dll

  .dll windows:4 windows x86 arch:x86

  fc0224e99e736751432961db63a41b76

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  Imports

  kernel32

  GetModuleHandleW

  GlobalFree

  GlobalSize

  lstrcpynW

  lstrcpyW

  GetProcAddress

  WideCharToMultiByte

  VirtualFree

  FreeLibrary

  lstrlenW

  LoadLibraryW

  GlobalAlloc

  MultiByteToWideChar

  VirtualAlloc

  VirtualProtect

  GetLastError

  user32

  wsprintfW

  ole32

  StringFromGUID2

  CLSIDFromString

  Exports

  Exports

  Alloc

  Call

  Copy

  Free

  Get

  Int64Op

  Store

  StrAlloc

  Sections

  .text

  Size: 8KB - Virtual size: 8KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 1024B - Virtual size: 867B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 120B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .reloc

  Size: 1024B - Virtual size: 662B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• $PLUGINSDIR/ioSpecial.ini
• $PLUGINSDIR/modern-header.bmp
• $PLUGINSDIR/modern-wizard.bmp
• $PLUGINSDIR/nsDialogs.dll

  .dll windows:4 windows x86 arch:x86

  6b5c4f7d679059f68f1269aad3a5cecd

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  Imports

  kernel32

  GetFileAttributesW

  lstrcpyW

  MulDiv

  lstrlenW

  HeapFree

  GetCurrentDirectoryW

  lstrcmpiW

  GetProcessHeap

  HeapReAlloc

  GlobalFree

  lstrcpynW

  GlobalAlloc

  SetCurrentDirectoryW

  HeapAlloc

  user32

  DestroyWindow

  CallWindowProcW

  SetCursor

  LoadCursorW

  GetPropW

  CharPrevW

  DrawFocusRect

  GetWindowLongW

  DrawTextW

  GetClientRect

  SetWindowLongW

  GetDlgItem

  GetSysColor

  SetWindowPos

  CreateDialogParamW

  MapDialogRect

  GetWindowRect

  SetPropW

  CreateWindowExW

  IsWindow

  SetTimer

  KillTimer

  DispatchMessageW

  TranslateMessage

  GetMessageW

  IsDialogMessageW

  ShowWindow

  wsprintfW

  CharNextW

  SendMessageW

  MapWindowPoints

  RemovePropW

  GetWindowTextW

  gdi32

  SetTextColor

  shell32

  SHBrowseForFolderW

  SHGetPathFromIDListW

  comdlg32

  GetSaveFileNameW

  GetOpenFileNameW

  CommDlgExtendedError

  ole32

  CoTaskMemFree

  Exports

  Exports

  Create

  CreateControl

  CreateItem

  CreateTimer

  GetUserData

  KillTimer

  OnBack

  OnChange

  OnClick

  OnNotify

  SelectFileDialog

  SelectFolderDialog

  SetRTL

  SetUserData

  Show

  Sections

  .text

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 512B - Virtual size: 152B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 1024B - Virtual size: 638B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ