分辨率设置[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

分辨率设置.exe
Size

674KB
MD5

2920bd00f98e07714f63f0e331838954
SHA1

c192c9074cc975836f896f2f52617d3cd132cfeb
SHA256

285ec4209e5f657cd1a9cfdbad0ee6df43b235365fe19e7ec01d2cfa033c3c93
SHA512

02fb0d8a870f4ddeda8e4adacf5e11e20a2038837bf3a7cfbb71c34ab8848100ce325ba4d2c1a5d16f7e40b769bfeafc5a5365840e6f61ea4112e69e8f33b5c0
SSDEEP

12288:DFkpihORj8YHd7s4G94i9u4q4ov2/MI8Ecg0i7FodEi4LZmytL:DFkplimo4GKiIcFodv4rL

Score

1^/10

Malware Config

Signatures

Files

分辨率设置.exe
.exe windows:4 windows x86 arch:x86

d5f269f627f705d6f5c4c8e3a45c86af

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7f:ed:4d:73:9d:a5:b4:a5:3f:8d:0f:05:33:05:9c:7a
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

08/06/2012, 00:00

Not After

08/06/2015, 23:59

Subject

CN=Chengdu Xishanju Interactive Entertainment Co. Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Chengdu Xishanju Interactive Entertainment Co. Ltd,L=chengdu,ST=sichuan,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d4:1e:dc:6c:df:f5:7b:a8:bf:f5:c7:be:c2:aa:d3:d1:8d:52:9e:82
Signer

Actual PE Digest

d4:1e:dc:6c:df:f5:7b:a8:bf:f5:c7:be:c2:aa:d3:d1:8d:52:9e:82

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\dailybuilder\sourcecode\malai\sourcecode\gameworld\product\release\client\jxonline.pdb

Imports

gdiplus

GdiplusShutdown
GdiplusStartup

ddraw

DirectDrawCreateEx
DirectDrawCreate

psapi

GetModuleBaseNameA
EnumProcessModules

mfc80

ord3174
ord1122
ord620
ord591
ord1084
ord1955
ord1971
ord6144
ord1283
ord3244
ord2094
ord4100
ord784
ord3195
ord3171
ord4234
ord1547
ord2089
ord4098
ord1483
ord1931
ord1892
ord2899
ord2468
ord1482
ord782
ord3683
ord4541
ord757
ord566
ord3333
ord4481
ord2838
ord5566
ord5213
ord5230
ord4568
ord3948
ord5226
ord5224
ord2931
ord1920
ord3832
ord5382
ord6219
ord5102
ord1010
ord3806
ord5583
ord2018
ord2063
ord4326
ord6276
ord3801
ord6278
ord4014
ord4038
ord5570
ord1054
ord2248
ord1191
ord1614
ord760
ord1917
ord3989
ord4104
ord1968
ord5866
ord1185
ord745
ord629
ord557
ord384
ord3397
ord5716
ord6006
ord911
ord907
ord1489
ord2902
ord6118
ord299
ord6703
ord3684
ord709
ord501
ord2264
ord6062
ord5888
ord3180
ord5719
ord5921
ord5401
ord5414
ord5588
ord5523
ord5647
ord5642
ord5727
ord6037
ord6057
ord4161
ord6054
ord5608
ord6060
ord5611
ord2527
ord6065
ord5833
ord2654
ord4888
ord3423
ord3164
ord4232
ord1545
ord2086
ord3761
ord559
ord5613
ord2367
ord753
ord563
ord4951
ord3934
ord589
ord330
ord6255
ord1009
ord326
ord3163
ord4001
ord4123
ord5641
ord502
ord2075
ord3287
ord3469
ord3952
ord5625
ord1439
ord5323
ord383
ord3286
ord6288
ord3439
ord5089
ord504
ord710
ord2903
ord380
ord3201
ord2702
ord2703
ord5493
ord1198
ord313
ord715
ord3292
ord1581
ord1643
ord3139
ord3596
ord3908
ord3997
ord4108
ord4081
ord2271
ord1486
ord6180
ord6174
ord5563
ord5529
ord2292
ord2451
ord5490
ord3389
ord865
ord6013
ord908
ord5491
ord4109
ord3229
ord4237
ord1570
ord2091
ord4099
ord1484
ord1933
ord6266
ord1397
ord657
ord5059
ord4564
ord3489
ord3651
ord658
ord3230
ord2958
ord4238
ord2092
ord6120
ord2794
ord5634
ord3401
ord2873
ord642
ord3214
ord4236
ord1558
ord1637
ord2090
ord5640
ord1966
ord2370
ord2657
ord3795
ord6223
ord4761
ord2160
ord2719
ord2866
ord3348
ord3255
ord5331
ord6297
ord1181
ord5320
ord6286
ord6754
ord6752
ord3307
ord1587
ord731
ord3337
ord1161
ord4118
ord5985
ord1192
ord1160
ord2263
ord6282
ord1425
ord1187
ord747
ord2882
ord2272
ord5873
ord3879
ord3875
ord2372
ord6090
ord2168
ord2321
ord2164
ord4115
ord4320
ord1903
ord3641
ord265
ord4125
ord1395
ord266
ord3302
ord347
ord1279
ord5637
ord602
ord1929
ord3161
ord762
ord1063
ord2368
ord354
ord4035
ord2131
ord2322
ord1123
ord304
ord5731
ord781
ord1934
ord4353
ord297
ord1280
ord876
ord6067
ord6236
ord1794
ord1793
ord578
ord587
ord4212
ord4735
ord4580
ord605
ord3204
ord3210
ord2095
ord1591
ord6725
ord5915
ord1402
ord4240
ord5214
ord2991
ord4261
ord3317
ord5182
ord4890
ord2020
ord1671
ord1670
ord1551
ord6724
ord5912
ord1620
ord1617
ord3946
ord1401
ord4244
ord5152
ord1908
ord5073
ord6275
ord4185
ord5203
ord3403
ord4722
ord4282
ord1600
ord5960
ord5235
ord5233
ord923
ord928
ord932
ord930
ord934
ord2390
ord2410
ord2394
ord2400
ord2398
ord2396
ord2413
ord2408
ord2392
ord2415
ord2403
ord2385
ord2387
ord2405
ord2178
ord2172
ord1522
ord6279
ord3802
ord6277
ord3345
ord4967
ord1362
ord5175
ord1964
ord1656
ord1655
ord1599
ord5200
ord2537
ord2731
ord2835
ord4307
ord2714
ord2862
ord2540
ord2646
ord2533
ord3718
ord3719
ord3709
ord2644
ord3949
ord4486
ord4262
ord3182
ord572
ord310
ord741
ord764
ord6119
ord1207

msvcr80

isspace
isprint
_setmbcp
isalpha
_vsnprintf_s
fputs
sscanf
fprintf
fputc
memmove
atof
_itoa
_ltoa
tolower
isalnum
strstr
strncmp
_mbsnbicmp
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_except_handler4_common
?terminate@@YAXXZ
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
exit
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
memmove_s
memcpy_s
printf
_mktime64
atol
_beginthreadex
strchr
_mbsnbcpy
strftime
fopen
fgets
atoi
fclose
remove
strrchr
strcat_s
_recalloc
calloc
malloc
wcslen
wcscpy_s
_resetstkoflw
free
strncpy_s
_localtime64_s
_time32
srand
_time64
strcat
strncpy
strcpy_s
rename
_findfirst32
_findnext32
_findclose
memcmp
memcpy
_access
_snprintf
strcpy
_mbsicmp
sprintf
_purecall
_stricmp
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
_invalid_parameter_noinfo
labs
strlen
strcmp
memset
sprintf_s
__CxxFrameHandler3
_controlfp_s

kernel32

GetPrivateProfileIntA
FindNextFileA
GetPrivateProfileSectionA
FreeResource
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
LockResource
SizeofResource
LoadResource
FindResourceA
MulDiv
ResumeThread
ResetEvent
SetEvent
WritePrivateProfileStringA
GetVersionExA
MoveFileA
GlobalReAlloc
GlobalSize
SetLastError
DeviceIoControl
CreateFileA
SetPriorityClass
GetCurrentProcess
GetSystemDirectoryA
GetDiskFreeSpaceExA
InterlockedCompareExchange
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GlobalMemoryStatusEx
GetModuleFileNameA
LocalFree
LocalAlloc
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
Sleep
GetLastError
GetModuleHandleA
CloseHandle
DeleteFileA
GetTickCount
InterlockedDecrement
GlobalMemoryStatus
GetPrivateProfileStringA
FormatMessageA
WaitForSingleObject
CreateEventA
LoadLibraryA
FreeLibrary
GetSystemInfo
CreateThread
OpenSemaphoreA
CreateSemaphoreA
FindClose
FindFirstFileA
GetPrivateProfileSectionNamesA
CreateProcessA
GetStartupInfoA
GetTempPathA
InterlockedExchange
GetVersion
GetEnvironmentVariableW
MultiByteToWideChar
GetEnvironmentVariableA
CompareStringW
CompareStringA
WideCharToMultiByte
lstrlenW
GetStringTypeExW
GetStringTypeExA
lstrcmpiW
lstrcmpiA
lstrlenA
GetProcAddress
CreateDirectoryA
TerminateProcess
OpenProcess
MapViewOfFile
HeapFree
GetProcessHeap
GetACP
GetLocaleInfoA
GetThreadLocale
GetExitCodeThread
CreateFileMappingA

user32

DrawStateA
OffsetRect
InflateRect
GetSubMenu
TrackPopupMenuEx
GetActiveWindow
SetCursor
GetNextDlgTabItem
DestroyIcon
DestroyCursor
FillRect
SetTimer
LockWindowUpdate
IsWindow
WindowFromPoint
CopyRect
GrayStringA
DrawTextExA
GetSysColor
CreateIconIndirect
GetIconInfo
LoadMenuA
FrameRect
IsRectEmpty
LoadCursorA
RedrawWindow
DrawTextA
TabbedTextOutA
GetKeyState
SetCapture
DestroyMenu
SetRect
UpdateWindow
ScreenToClient
SetParent
GetScrollInfo
GetWindow
GetClassInfoA
GetFocus
ClientToScreen
PtInRect
SendMessageA
EnableWindow
LoadImageA
LoadBitmapA
GetCapture
EnumDisplayDevicesA
KillTimer
ReleaseCapture
DrawFocusRect
PostThreadMessageA
CharUpperA
CharUpperW
CharLowerA
CharLowerW
FindWindowA
SetForegroundWindow
MsgWaitForMultipleObjectsEx
GetMessageA
PostQuitMessage
GetWindowLongA
DefWindowProcA
UpdateLayeredWindow
RegisterClassExA
CreateWindowExA
GetDC
ReleaseDC
PeekMessageA
TranslateMessage
DispatchMessageA
DestroyWindow
GetCursorPos
CreatePopupMenu
AppendMenuA
LoadIconA
ShowWindow
CallWindowProcA
SetWindowLongA
SetWindowTextA
MessageBoxA
GetSystemMetrics
SetWindowRgn
GetWindowRect
GetClientRect
GetClassNameA
InvalidateRect
PostMessageA
GetParent

gdi32

DeleteObject
GetDeviceCaps
CreateDIBSection
GetBkColor
DPtoLP
GetViewportExtEx
GetWindowExtEx
GetMapMode
LPtoDP
CreateBitmap
PtVisible
RectVisible
TextOutA
ExtTextOutA
CreateCompatibleBitmap
SetStretchBltMode
SetTextColor
SetBkColor
CreateFontA
GetDIBColorTable
SetDIBColorTable
GetPaletteEntries
CreatePalette
CreateFontIndirectA
GetTextExtentPoint32A
CreateSolidBrush
RealizePalette
SelectPalette
SetRectRgn
CreateRectRgnIndirect
Rectangle
CreatePen
CreateCompatibleDC
GetObjectA
CreateRectRgn
GetPixel
GetDIBits
GetStockObject
SetPixel
BitBlt
CombineRgn
StretchBlt
Escape
SelectObject
DeleteDC

advapi32

RegSetValueExA
RegOpenKeyA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegFlushKey
RegOpenKeyExA

shell32

SHFileOperationA
ShellExecuteExA
ShellExecuteA
Shell_NotifyIconA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA

comctl32

FlatSB_EnableScrollBar
_TrackMouseEvent
InitializeFlatSB

shlwapi

PathRemoveFileSpecA

ole32

OleUninitialize
OleInitialize
OleDraw
CreateStreamOnHGlobal
OleSetContainedObject
CoUninitialize
CoInitialize
CoCreateInstance
CoCreateGuid
StgCreateDocfileOnILockBytes
OleCreate
CreateILockBytesOnHGlobal

oleaut32

SysFreeString
SysAllocString
GetErrorInfo
VariantClear
VariantChangeType
VariantInit
SetErrorInfo
CreateErrorInfo
OleLoadPicture

msvcp80

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IPBD@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?empty@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE_NXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?bad@ios_base@std@@QBE_NXZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@AAD@Z
?eof@ios_base@std@@QBE_NXZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIPBD@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?at@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@D@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

iphlpapi

GetAdaptersInfo

wininet

InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetOpenA
InternetSetOptionA
HttpQueryInfoA
InternetCloseHandle

engine

Misc_CRC32
g_OpenTabFile
g_CreateIniFile
??1KThread@@QAE@XZ
??0KThread@@QAE@XZ
?Destroy@KThread@@QAEHXZ
?Create@KThread@@QAEHP6AXPAX@Z0@Z
_g_GetColorValue
g_OpenIniFile
g_SetRootPath
g_SetFindFileMode
?KG_EDStringToMD5String@@YAHQADQBD@Z
g_StrCatLen
g_ExtractFileName
g_CreateFile
g_OpenFile
g_StrCpyLen
g_GetRootPath
?GetTopIndex@KJxScript@@QAEHXZ
?SetTopIndex@KJxScript@@QAEHH@Z
g_CreatePath
?KGLogPrintf@@YAHW4KGLOG_PRIORITY@@QBDZZ
g_LoadPackageFiles
g_ClearPackageFiles
g_StrLen
?PushTable@KJxScript@@QAEHXZ
?PushString@KJxScript@@QAEHPBD@Z
?SetTableField@KJxScript@@QAEHPBD@Z
?SetTableIndex@KJxScript@@QAEHH@Z

ws2_32

ntohl
getsockopt
WSASendTo
WSARecvFrom
ioctlsocket
bind
WSAAccept
htonl
listen
htons
WSAConnect
inet_addr
gethostbyname
getsockname
inet_ntoa
ntohs
WSASend
WSACleanup
WSAStartup
WSAGetLastError
WSASocketA
closesocket
WSAWaitForMultipleEvents
WSAEventSelect
shutdown
setsockopt
WSARecv
WSAEnumNetworkEvents

Sections

.text
Size: 480KB - Virtual size: 479KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5f269f627f705d6f5c4c8e3a45c86af

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

7f:ed:4d:73:9d:a5:b4:a5:3f:8d:0f:05:33:05:9c:7aCertificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

d4:1e:dc:6c:df:f5:7b:a8:bf:f5:c7:be:c2:aa:d3:d1:8d:52:9e:82Signer

Headers

File Characteristics

PDB Paths

Imports

gdiplus

ddraw

psapi

mfc80

msvcr80

kernel32

user32

gdi32

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

msvcp80

version

iphlpapi

wininet

engine

ws2_32

Sections

.text Size: 480KB - Virtual size: 479KB

.rdata Size: 100KB - Virtual size: 99KB

.data Size: 8KB - Virtual size: 17KB

.rsrc Size: 76KB - Virtual size: 74KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

7f:ed:4d:73:9d:a5:b4:a5:3f:8d:0f:05:33:05:9c:7a
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

d4:1e:dc:6c:df:f5:7b:a8:bf:f5:c7:be:c2:aa:d3:d1:8d:52:9e:82
Signer

.text
Size: 480KB - Virtual size: 479KB

.rdata
Size: 100KB - Virtual size: 99KB

.data
Size: 8KB - Virtual size: 17KB

.rsrc
Size: 76KB - Virtual size: 74KB