Extracted

• Winver.exe.bin

  .exe windows:6 windows x64 arch:x64

  4f2f006e2ecf7172ad368f8289dc96c1

  
  

  Code Sign

  64:33:51:d3:c7:38:9f:08

  Certificate

  Issuer

  CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US

  Not Before

  24-06-2016 20:44

  Not After

  24-06-2031 20:44

  Subject

  CN=SSL.com Code Signing Intermediate CA RSA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  42:4f:08:5f:42:16:fd:91:7a:4b:0b:e9:69:82:a4:d9

  Certificate

  Issuer

  CN=SSL.com Code Signing Intermediate CA RSA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

  Not Before

  19-05-2023 14:28

  Not After

  17-05-2024 14:28

  Subject

  CN=RUNSWITHSCISSORS LTD,O=RUNSWITHSCISSORS LTD,L=Cheadle,C=GB

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  21:ed:dc:9e:a2:26:af:c5:7e:bc:b7:94:25:43:b1:31:c2:57:b0:82

  Signer

  Actual PE Digest

  21:ed:dc:9e:a2:26:af:c5:7e:bc:b7:94:25:43:b1:31:c2:57:b0:82

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Imports

  kernel32

  WriteFile

  WriteConsoleW

  WerSetFlags

  WerGetFlags

  WaitForMultipleObjects

  WaitForSingleObject

  VirtualQuery

  VirtualFree

  VirtualAlloc

  TlsAlloc

  SwitchToThread

  SuspendThread

  SetWaitableTimer

  SetUnhandledExceptionFilter

  SetProcessPriorityBoost

  SetEvent

  SetErrorMode

  SetConsoleCtrlHandler

  ResumeThread

  RaiseFailFastException

  PostQueuedCompletionStatus

  LoadLibraryW

  LoadLibraryExW

  SetThreadContext

  GetThreadContext

  GetSystemInfo

  GetSystemDirectoryA

  GetStdHandle

  GetQueuedCompletionStatusEx

  GetProcessAffinityMask

  GetProcAddress

  GetErrorMode

  GetEnvironmentStringsW

  GetCurrentThreadId

  GetConsoleMode

  FreeEnvironmentStringsW

  ExitProcess

  DuplicateHandle

  CreateWaitableTimerExW

  CreateThread

  CreateIoCompletionPort

  CreateFileA

  CreateEventA

  CloseHandle

  AddVectoredExceptionHandler

  Sections

  .text

  Size: 2.5MB - Virtual size: 2.5MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 2.5MB - Virtual size: 2.5MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 250KB - Virtual size: 621KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 57KB - Virtual size: 57KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .xdata

  Size: 512B - Virtual size: 168B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .idata

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .reloc

  Size: 45KB - Virtual size: 45KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  .symtab

  Size: 512B - Virtual size: 4B

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ