f78f57805311c6cfbebbe231d874306e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f78f57805311c6cfbebbe231d874306e_JaffaCakes118
Size

4.6MB
MD5

f78f57805311c6cfbebbe231d874306e
SHA1

31495fdc27dd19cb5c38a0361a86ea0e537d5afa
SHA256

3a10e400b1b56dc8db1ec53a487afe96eff92a5b924be6ea62e15529bf1480a0
SHA512

2c914991b504f2d9eae7fea996608aaf17217e926ba6011145cd265d81cc7407eb4c82a6d0e9f10ea55d4051204e5ca6ca836b187e9d37f7ea6bc0efbb379605
SSDEEP

49152:jYyX9vRfwrErjVHwODowBpkm8v12M3wnGT/svTrK8ryIdUlMO0pWBaVqsf+SEicC:XjTRN+THovaa4BaVqzr/2

Score

1^/10

Malware Config

Signatures

Files

f78f57805311c6cfbebbe231d874306e_JaffaCakes118
.exe windows:6 windows x64 arch:x64

3de51b0bdc6fa2362482f23062e4b6f3

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

76:a3:c3:d3:ab:0c:3e:95:36:c5:06:ae
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

26/02/2019, 19:10

Not After

26/02/2022, 19:10

Subject

CN=McAfee\, LLC,O=McAfee\, LLC,L=Santa Clara,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:00:46:69:50:a6:04:a9:d9:70:e8:1d:d2:4d:41:9f
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

27/05/2021, 09:55

Not After

28/06/2032, 09:55

Subject

CN=Globalsign TSA for Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

20/02/2019, 00:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

13:a1:91:c0:eb:27:ae:85:ea:99:d7:29:14:b6:91:e4
Certificate

Issuer

CN=McAfee Code Signing CA 2,O=McAfee\, Inc.,L=Santa Clara,ST=CA,C=US

Not Before

12/03/2021, 00:00

Not After

11/03/2024, 23:59

Subject

CN=McAfee\, LLC,OU=Engineering,O=McAfee\, LLC,POSTALCODE=95054,STREET=2821 Mission College Blvd,L=Santa Clara,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

ca:c1:f1:dd:01:7e:80:f1:2b:4d:17:c1:69:6d:9b:a5
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

27/10/2014, 00:00

Not After

26/10/2024, 23:59

Subject

CN=McAfee Code Signing CA 2,O=McAfee\, Inc.,L=Santa Clara,ST=CA,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:44:b7:3f:fc:ef:5a:cf:a2:7a:00:00:00:00:00:44
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/07/2015, 21:03

Not After

22/07/2025, 21:03

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:00:46:69:50:a6:04:a9:d9:70:e8:1d:d2:4d:41:9f
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

27/05/2021, 09:55

Not After

28/06/2032, 09:55

Subject

CN=Globalsign TSA for Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

20/02/2019, 00:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ae:b8:44:b0:d3:51:15:c3:aa:80:c1:5b:6b:71:d9:1f:ca:3f:d1:8a:3a:35:a9:27:f4:97:9a:9c:7b:4e:cc:27
Signer

Actual PE Digest

ae:b8:44:b0:d3:51:15:c3:aa:80:c1:5b:6b:71:d9:1f:ca:3f:d1:8a:3a:35:a9:27:f4:97:9a:9c:7b:4e:cc:27

Digest Algorithm

sha256

PE Digest Matches

true

ae:b8:44:b0:d3:51:15:c3:aa:80:c1:5b:6b:71:d9:1f:ca:3f:d1:8a:3a:35:a9:27:f4:97:9a:9c:7b:4e:cc:27
Signer

Actual PE Digest

ae:b8:44:b0:d3:51:15:c3:aa:80:c1:5b:6b:71:d9:1f:ca:3f:d1:8a:3a:35:a9:27:f4:97:9a:9c:7b:4e:cc:27

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\B\T\3983a825-06d6-4fab-853f-4c8b89147f20\build\x64\Release\MfeAVSvc.pdb

Imports

psapi

EnumProcessModules
GetModuleInformation
GetModuleFileNameExW

kernel32

ResetEvent
GetCurrentThread
GetVersionExW
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
EnterCriticalSection
LeaveCriticalSection
ProcessIdToSessionId
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
LoadLibraryW
SignalObjectAndWait
GetDateFormatW
FreeLibraryAndExitThread
GetThreadTimes
CreateTimerQueue
GetStartupInfoW
ResumeThread
WaitForMultipleObjects
OpenEventW
SetPriorityClass
GetExitCodeThread
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
InitializeSListHead
LCMapStringW
CompareStringW
GetLogicalDrives
GetDriveTypeW
QueueUserAPC
WaitForMultipleObjectsEx
Sleep
GetCPInfo
EncodePointer
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SleepConditionVariableSRW
WakeAllConditionVariable
GetStringTypeW
TryAcquireSRWLockShared
QueryPerformanceFrequency
QueryPerformanceCounter
SwitchToThread
CreateSemaphoreW
TerminateThread
ReleaseSemaphore
CreateWaitableTimerW
CancelWaitableTimer
SetWaitableTimer
InitializeCriticalSectionAndSpinCount
RaiseException
GetModuleHandleExA
CreateDirectoryW
MoveFileExW
QueueUserWorkItem
GetSystemTime
SystemTimeToFileTime
GetProcessId
GetThreadId
CreateFileW
WerRegisterRuntimeExceptionModule
GetLocalTime
InterlockedPopEntrySList
InitOnceBeginInitialize
InterlockedPushEntrySList
LocalFree
DeleteFileW
FindFirstFileW
FindNextFileW
GetTickCount
FindClose
InitOnceComplete
InitializeCriticalSection
RtlPcToFileHeader
InterlockedFlushSList
AreFileApisANSI
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetModuleHandleExW
SetDefaultDllDirectories
SetEndOfFile
RemoveDirectoryW
GetFileAttributesExW
GetDiskFreeSpaceExW
TryEnterCriticalSection
LoadLibraryExA
VirtualProtect
PulseEvent
QueryDepthSList
GetTempPathA
SetFileAttributesA
DeleteFileA
ReplaceFileW
CopyFileW
GlobalAddAtomW
UnlockFileEx
LockFileEx
GetCurrentProcess
GlobalFindAtomW
GetWindowsDirectoryW
AcquireSRWLockShared
GetSystemDirectoryW
TerminateProcess
OpenProcess
WaitForSingleObjectEx
SetEvent
CreateEventExW
AcquireSRWLockExclusive
GetFileAttributesW
ReleaseSRWLockShared
GetUserDefaultLCID
ReleaseSRWLockExclusive
lstrlenA
GetCurrentProcessId
CreateEventW
UnregisterWaitEx
GetModuleFileNameA
lstrcpyA
lstrcatA
RtlUnwindEx
GetCurrentThreadId
ExitThread
GetFileSize
ReadFile
InitializeSRWLock
GetCommandLineW
CloseHandle
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetFinalPathNameByHandleW
GetFullPathNameW
GetVolumePathNameW
WTSGetActiveConsoleSessionId
WaitForSingleObject
OutputDebugStringW
GetSystemTimeAsFileTime
GetFileTime
VerSetConditionMask
VerifyVersionInfoW
WriteFile
GetFileSizeEx
LocalAlloc
GetModuleHandleA
FormatMessageA
FindVolumeClose
FindFirstVolumeW
GetVolumePathNamesForVolumeNameW
FindNextVolumeW
CloseThreadpoolWork
CloseThreadpool
CloseThreadpoolCleanupGroup
CreateThreadpool
SetThreadpoolThreadMaximum
SetThreadpoolThreadMinimum
CreateThreadpoolCleanupGroup
CreateThreadpoolWork
WaitForThreadpoolWorkCallbacks
CloseThreadpoolCleanupGroupMembers
SubmitThreadpoolWork
CreateThread
RtlUnwind
ReadProcessMemory
GetExitCodeProcess
GetCurrentDirectoryW
MultiByteToWideChar
GetSystemTimes
GetEnvironmentVariableW
GetSystemInfo
SetThreadPriority
SetThreadPriorityBoost
GetThreadPriority
GetPriorityClass
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
FreeLibrary
LoadLibraryExW
SetLastError
ExitProcess
IsDebuggerPresent
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
SetFilePointer
ExpandEnvironmentStringsW
FindFirstFileExW
GetLogicalDriveStringsW
GetVolumeInformationW
SetConsoleCtrlHandler
GetVolumeNameForVolumeMountPointW
GetTickCount64
GetFileType
HeapAlloc
SetFileAttributesW
HeapReAlloc
GetLastError
HeapSize
WerSetFlags
RtlCaptureContext
SetErrorMode
RaiseFailFastException
HeapSetInformation
IsProcessorFeaturePresent
SetDllDirectoryW
SetUnhandledExceptionFilter
FormatMessageW
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceW
Module32FirstW
Module32NextW
QueryFullProcessImageNameW
GetProcessTimes
lstrlenW
QueryUnbiasedInterruptTime
GetFileInformationByHandleEx
DeviceIoControl
ReOpenFile
CompareStringOrdinal
OpenFileById
SetFileInformationByHandle
InitializeCriticalSectionEx
HeapFree
PeekNamedPipe
GetConsoleMode
ReadConsoleW
GetConsoleCP
GetStdHandle
GetCommandLineA
TrySubmitThreadpoolCallback
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
FlushFileBuffers
SetStdHandle
DuplicateHandle
GetProcessIdOfThread
IsValidCodePage
CreateProcessW
OpenThread
GetACP
GetLocaleInfoW
GetThreadUILanguage
GetSystemPreferredUILanguages
GetTimeFormatEx
GetDateFormatEx
GetOEMCP
MoveFileW
GetLargePageMinimum
GetNativeSystemInfo
VirtualQuery
VirtualFree
VirtualAlloc
MapViewOfFileEx
UnmapViewOfFile
CreateFileMappingW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
WriteConsoleW
GetTempFileNameA
K32GetModuleFileNameExW
GetVolumeInformationByHandleW
GetFileInformationByHandle
WaitForThreadpoolTimerCallbacks
IsThreadpoolTimerSet
SetFilePointerEx
CloseThreadpoolTimer
SetThreadpoolTimer
CreateThreadpoolTimer

oleaut32

SafeArrayGetVartype
SafeArrayCopy
VariantTimeToSystemTime
VariantCopy
VariantClear
VariantChangeType
SafeArrayGetUBound
VariantInit
SysStringByteLen
VarBstrCmp
VariantCopyInd
SysAllocStringByteLen
LoadTypeLibEx
DispInvoke
DispGetIDsOfNames
LoadRegTypeLi
SafeArrayDestroy
SafeArrayCreate
SafeArrayPutElement
SafeArrayGetElement
SystemTimeToVariantTime
SysAllocStringLen
SafeArrayUnlock
SysStringLen
SafeArrayLock
SafeArrayRedim
LoadTypeLi
RegisterTypeLi
UnRegisterTypeLi
SafeArrayGetDim
SysAllocString
SysFreeString
SafeArrayGetLBound

ole32

CoDisconnectObject
CoFreeUnusedLibrariesEx
CoResumeClassObjects
CoInitializeSecurity
CoUninitialize
StringFromGUID2
CoCreateGuid
CLSIDFromString
CoInitializeEx
CoAddRefServerProcess
CoReleaseServerProcess
CoTaskMemRealloc
CoSetProxyBlanket
CoCreateFreeThreadedMarshaler
CoCreateInstance
CoTaskMemFree
CoGetClassObject
CoRevertToSelf
CoTaskMemAlloc
CoImpersonateClient
CoRegisterClassObject
CoRevokeClassObject

advapi32

CryptAcquireContextW
CryptCreateHash
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
AllocateLocallyUniqueId
DuplicateTokenEx
CreateProcessAsUserW
LookupPrivilegeValueW
AdjustTokenPrivileges
EqualSid
AllocateAndInitializeSid
FreeSid
DeleteService
OpenServiceW
OpenSCManagerW
RegDeleteValueW
CloseServiceHandle
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegFlushKey
RegGetKeySecurity
RegSetKeySecurity
StartTraceW
EnableTraceEx2
RegisterTraceGuidsW
UnregisterTraceGuids
TraceEvent
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
GetTraceLoggerHandle
ControlTraceW
GetTraceEnableLevel
RegDeleteKeyValueW
RegCreateKeyW
InitiateSystemShutdownW
GetTraceEnableFlags
ConvertSidToStringSidW
GetTokenInformation
RegGetValueW
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyExA
RevertToSelf
ImpersonateLoggedOnUser
OpenProcessToken
RegCreateKeyExW
RegDeleteKeyW
RegQueryValueExA
CryptHashData
RegNotifyChangeKeyValue
ConvertStringSidToSidW
RegSetValueExW
MakeAbsoluteSD
InitializeSecurityDescriptor
OpenThreadToken
GetAclInformation
SetThreadToken
InitializeAcl
AddAce
SetSecurityDescriptorDacl
GetLengthSid
CopySid
IsValidSid
GetSidSubAuthority
InitializeSid
GetSidLengthRequired
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
GetSecurityDescriptorControl

user32

IsWindowUnicode
EnableWindow
DefWindowProcW
MsgWaitForMultipleObjectsEx
MsgWaitForMultipleObjects
IsWindowEnabled
GetWindowLongPtrW
SetWindowLongPtrW
WaitForInputIdle
UnregisterClassW
WaitMessage
ExitWindowsEx
DispatchMessageW
GetSystemMetrics
ReplyMessage
SetTimer
UnregisterDeviceNotification
DestroyWindow
CreateWindowExW
RegisterDeviceNotificationW
RegisterClassExW
AttachThreadInput
SendMessageW
PostThreadMessageW
KillTimer
PostMessageW
GetMessageW
PeekMessageW
PostQuitMessage
TranslateMessage

shlwapi

StrStrIW
SHGetValueW
PathFileExistsW
SHDeleteValueW
PathRemoveFileSpecA
PathRemoveExtensionA
PathFindFileNameA
PathFileExistsA
PathAddExtensionA
ord12
PathIsNetworkPathW
PathAppendW
PathFindExtensionW
SHCreateStreamOnFileEx
PathRemoveFileSpecW
PathStripToRootW
SHDeleteKeyW
SHSetValueW

shell32

SHCreateDirectoryExW
SHGetKnownFolderPath
CommandLineToArgvW
Shell_NotifyIconW

rpcrt4

UuidCreate
RpcServerInqCallAttributesW

Exports

Exports

get_event_dispatcher_impl

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 203KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3de51b0bdc6fa2362482f23062e4b6f3

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate

Key Usages

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cdCertificate

Extended Key Usages

Key Usages

76:a3:c3:d3:ab:0c:3e:95:36:c5:06:aeCertificate

Extended Key Usages

Key Usages

01:00:46:69:50:a6:04:a9:d9:70:e8:1d:d2:4d:41:9fCertificate

Extended Key Usages

Key Usages

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate

Key Usages

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fcCertificate

Key Usages

04:00:00:00:00:01:21:58:53:08:a2Certificate

Key Usages

13:a1:91:c0:eb:27:ae:85:ea:99:d7:29:14:b6:91:e4Certificate

Extended Key Usages

Key Usages

ca:c1:f1:dd:01:7e:80:f1:2b:4d:17:c1:69:6d:9b:a5Certificate

Extended Key Usages

Key Usages

33:00:00:00:44:b7:3f:fc:ef:5a:cf:a2:7a:00:00:00:00:00:44Certificate

Extended Key Usages

Key Usages

01:00:46:69:50:a6:04:a9:d9:70:e8:1d:d2:4d:41:9fCertificate

Extended Key Usages

Key Usages

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate

Key Usages

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fcCertificate

Key Usages

04:00:00:00:00:01:21:58:53:08:a2Certificate

Key Usages

ae:b8:44:b0:d3:51:15:c3:aa:80:c1:5b:6b:71:d9:1f:ca:3f:d1:8a:3a:35:a9:27:f4:97:9a:9c:7b:4e:cc:27Signer

ae:b8:44:b0:d3:51:15:c3:aa:80:c1:5b:6b:71:d9:1f:ca:3f:d1:8a:3a:35:a9:27:f4:97:9a:9c:7b:4e:cc:27Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

psapi

kernel32

oleaut32

ole32

advapi32

user32

shlwapi

shell32

rpcrt4

Exports

Exports

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 203KB - Virtual size: 229KB

.pdata Size: 129KB - Virtual size: 129KB

_RDATA Size: 512B - Virtual size: 148B

.rsrc Size: 190KB - Virtual size: 190KB

.reloc Size: 43KB - Virtual size: 42KB

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

76:a3:c3:d3:ab:0c:3e:95:36:c5:06:ae
Certificate

01:00:46:69:50:a6:04:a9:d9:70:e8:1d:d2:4d:41:9f
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

04:00:00:00:00:01:21:58:53:08:a2
Certificate

13:a1:91:c0:eb:27:ae:85:ea:99:d7:29:14:b6:91:e4
Certificate

ca:c1:f1:dd:01:7e:80:f1:2b:4d:17:c1:69:6d:9b:a5
Certificate

33:00:00:00:44:b7:3f:fc:ef:5a:cf:a2:7a:00:00:00:00:00:44
Certificate

01:00:46:69:50:a6:04:a9:d9:70:e8:1d:d2:4d:41:9f
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

04:00:00:00:00:01:21:58:53:08:a2
Certificate

ae:b8:44:b0:d3:51:15:c3:aa:80:c1:5b:6b:71:d9:1f:ca:3f:d1:8a:3a:35:a9:27:f4:97:9a:9c:7b:4e:cc:27
Signer

ae:b8:44:b0:d3:51:15:c3:aa:80:c1:5b:6b:71:d9:1f:ca:3f:d1:8a:3a:35:a9:27:f4:97:9a:9c:7b:4e:cc:27
Signer

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 203KB - Virtual size: 229KB

.pdata
Size: 129KB - Virtual size: 129KB

_RDATA
Size: 512B - Virtual size: 148B

.rsrc
Size: 190KB - Virtual size: 190KB

.reloc
Size: 43KB - Virtual size: 42KB