506588dff1415999fb32b7c95bbf86888da6feabaa65e757d1f1d848d029aceb

Sharing

Copy URL Twitter E-mail

General

Target

506588dff1415999fb32b7c95bbf86888da6feabaa65e757d1f1d848d029aceb
Size

9.1MB
MD5

17427ce3d22b31a089ed96c0bee29b86
SHA1

45d7ce22e24c2341d4a475ef0d7d2f7f0c54d4c6
SHA256

506588dff1415999fb32b7c95bbf86888da6feabaa65e757d1f1d848d029aceb
SHA512

11f823a55acc5dc9ae8b9dd7eb464088539d461ec7a1134f6dd7c3fb713a3e118e92ff288c55bcae5c89a158528f64d06c3494c731964d127af6a8e4705b9e43
SSDEEP

196608:XO7h23pEiWSEEAIWXhC2i7fTIkMp0KSumP6YRldgH4/weT3n7j8MARe:XO7NhZDwgo6YRldRrr7jxARe

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 4 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/PanData/script/lib/cjson.dll	acprotect
static1/unpack001/PanData/script/lib/lcurl.dll	acprotect
static1/unpack001/libcurl.dll	acprotect
static1/unpack001/lua53.dll	acprotect

UPX packed file 5 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/PanData/aria2c.exe	upx
static1/unpack001/PanData/script/lib/cjson.dll	upx
static1/unpack001/PanData/script/lib/lcurl.dll	upx
static1/unpack001/libcurl.dll	upx
static1/unpack001/lua53.dll	upx

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack002/out.upx
unpack003/out.upx
unpack004/out.upx
unpack005/out.upx
unpack006/out.upx
unpack001/网盘专属极速.exe

Files

506588dff1415999fb32b7c95bbf86888da6feabaa65e757d1f1d848d029aceb
.zip
Check.ini
PanData/aria2-remote.json
PanData/aria2c.exe
.exe windows:4 windows x86 arch:x86

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:c3:0f:fe:fc:22:bb:28:0f:96:fe:a7:52:51
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

16/03/2016, 00:00

Not After

16/03/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

24/05/2016, 00:00

Not After

24/06/2027, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:cd:17:42:0e:5e:42:ab:8f:c0:9e:7c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G3,O=GlobalSign nv-sa,C=BE

Not Before

01/03/2019, 06:10

Not After

01/03/2021, 03:03

Subject

CN=Changsha Luojin Information Technology Co.\, Ltd.,OU=项目开发部,O=Changsha Luojin Information Technology Co.\, Ltd.,L=Changsha,ST=Hunan,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

63:7d:92:5c:cb:6e:d7:16:43:64:9a:4d
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

01/03/2019, 07:11

Not After

01/03/2021, 07:11

Subject

SERIALNUMBER=91430105MA4Q81A329,CN=Changsha Luojin Information Technology Co.\, Ltd.,OU=项目开发部,O=Changsha Luojin Information Technology Co.\, Ltd.,STREET=开福区四方坪街道双拥路9号长城万富汇大厦9层9038号房（集群注册）,L=Changsha,ST=Hunan,C=CN,1.3.6.1.4.1.311.60.2.1.1=#13084348414e47534841,1.3.6.1.4.1.311.60.2.1.2=#130548554e414e,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

50:67:fa:46:ce:6c:fe:95:15:a6:9e:b2
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/06/2018, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign TSA for Advanced - G3 - 003-02,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:31:89:c6:50:04
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02/08/2011, 10:00

Not After

29/03/2029, 10:00

Subject

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

8f:d0:85:f8:85:4e:0c:9e:62:a1:2b:d5:4f:0b:f1:07:57:44:1d:6b:08:db:f9:e5:d2:7e:07:ab:39:3e:93:a9
Signer

Actual PE Digest

8f:d0:85:f8:85:4e:0c:9e:62:a1:2b:d5:4f:0b:f1:07:57:44:1d:6b:08:db:f9:e5:d2:7e:07:ab:39:3e:93:a9

Digest Algorithm

sha256

PE Digest Matches

true

82:91:11:60:a8:9e:a0:7b:66:1f:e9:2a:62:e6:cb:d6:3c:a3:db:53
Signer

Actual PE Digest

82:91:11:60:a8:9e:a0:7b:66:1f:e9:2a:62:e6:cb:d6:3c:a3:db:53

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 2.9MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 449KB - Virtual size: 449KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PanData/config.ini
PanData/fixlog/1714129089832.txt
PanData/fixlog/1714132418956.txt
PanData/fixlog/1714132485598.txt
PanData/fixlog/1714132604916.txt
PanData/fixlog/1714132809703.txt
PanData/log/20240426185812.log
PanData/log/20240426195342.log
PanData/log/20240426195448.log
PanData/log/20240426195648.log
PanData/log/20240426200016.log
PanData/script/1.jpg
.jpg
PanData/script/1.lua
.js
PanData/script/default/anime_yxdm.lua
.js
PanData/script/default/beta_search.lua
PanData/script/default/raname_07.lua
PanData/script/default/raname_08.lua
PanData/script/default/rename_01.lua
PanData/script/default/rename_02.lua
PanData/script/default/rename_03.lua
PanData/script/default/rename_04.lua
PanData/script/default/rename_05.lua
PanData/script/default/rename_06.lua
PanData/script/default/serach_soupan8.lua
PanData/script/lib/cjson.dll
.dll windows:5 windows x86 arch:x86

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:c3:0f:fe:fc:22:bb:28:0f:96:fe:a7:52:51
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

16/03/2016, 00:00

Not After

16/03/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

24/05/2016, 00:00

Not After

24/06/2027, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:cd:17:42:0e:5e:42:ab:8f:c0:9e:7c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G3,O=GlobalSign nv-sa,C=BE

Not Before

01/03/2019, 06:10

Not After

01/03/2021, 03:03

Subject

CN=Changsha Luojin Information Technology Co.\, Ltd.,OU=项目开发部,O=Changsha Luojin Information Technology Co.\, Ltd.,L=Changsha,ST=Hunan,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

63:7d:92:5c:cb:6e:d7:16:43:64:9a:4d
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

01/03/2019, 07:11

Not After

01/03/2021, 07:11

Subject

SERIALNUMBER=91430105MA4Q81A329,CN=Changsha Luojin Information Technology Co.\, Ltd.,OU=项目开发部,O=Changsha Luojin Information Technology Co.\, Ltd.,STREET=开福区四方坪街道双拥路9号长城万富汇大厦9层9038号房（集群注册）,L=Changsha,ST=Hunan,C=CN,1.3.6.1.4.1.311.60.2.1.1=#13084348414e47534841,1.3.6.1.4.1.311.60.2.1.2=#130548554e414e,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

50:67:fa:46:ce:6c:fe:95:15:a6:9e:b2
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/06/2018, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign TSA for Advanced - G3 - 003-02,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:31:89:c6:50:04
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02/08/2011, 10:00

Not After

29/03/2029, 10:00

Subject

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

b3:ba:09:02:b0:00:f6:59:a1:f3:ed:7f:3c:38:4d:7b:ec:e9:08:22:b2:41:5d:e0:3a:84:b0:6f:01:cc:2b:a4
Signer

Actual PE Digest

b3:ba:09:02:b0:00:f6:59:a1:f3:ed:7f:3c:38:4d:7b:ec:e9:08:22:b2:41:5d:e0:3a:84:b0:6f:01:cc:2b:a4

Digest Algorithm

sha256

PE Digest Matches

true

be:12:7b:7c:a8:5a:89:88:05:e0:5f:ca:3b:7f:ca:96:0d:f6:90:00
Signer

Actual PE Digest

be:12:7b:7c:a8:5a:89:88:05:e0:5f:ca:3b:7f:ca:96:0d:f6:90:00

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

luaopen_cjson
luaopen_cjson_safe

Sections

UPX0
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 57KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PanData/script/lib/lcurl.dll
.dll windows:5 windows x86 arch:x86

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:c3:0f:fe:fc:22:bb:28:0f:96:fe:a7:52:51
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

16/03/2016, 00:00

Not After

16/03/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

24/05/2016, 00:00

Not After

24/06/2027, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:cd:17:42:0e:5e:42:ab:8f:c0:9e:7c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G3,O=GlobalSign nv-sa,C=BE

Not Before

01/03/2019, 06:10

Not After

01/03/2021, 03:03

Subject

CN=Changsha Luojin Information Technology Co.\, Ltd.,OU=项目开发部,O=Changsha Luojin Information Technology Co.\, Ltd.,L=Changsha,ST=Hunan,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

63:7d:92:5c:cb:6e:d7:16:43:64:9a:4d
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

01/03/2019, 07:11

Not After

01/03/2021, 07:11

Subject

SERIALNUMBER=91430105MA4Q81A329,CN=Changsha Luojin Information Technology Co.\, Ltd.,OU=项目开发部,O=Changsha Luojin Information Technology Co.\, Ltd.,STREET=开福区四方坪街道双拥路9号长城万富汇大厦9层9038号房（集群注册）,L=Changsha,ST=Hunan,C=CN,1.3.6.1.4.1.311.60.2.1.1=#13084348414e47534841,1.3.6.1.4.1.311.60.2.1.2=#130548554e414e,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:90:20:77:61:c4:26:dd:94:50:03:0d
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/06/2018, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign TSA for Advanced - G3 - 003-01,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:31:89:c6:50:04
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02/08/2011, 10:00

Not After

29/03/2029, 10:00

Subject

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

b2:ad:b9:02:4e:6b:4f:3c:89:09:f0:c2:1a:38:81:ab:02:76:39:f2:6f:26:5b:ce:87:d3:49:93:32:70:fe:b9
Signer

Actual PE Digest

b2:ad:b9:02:4e:6b:4f:3c:89:09:f0:c2:1a:38:81:ab:02:76:39:f2:6f:26:5b:ce:87:d3:49:93:32:70:fe:b9

Digest Algorithm

sha256

PE Digest Matches

true

8c:f3:7b:40:70:41:6e:dc:34:1b:03:58:a6:6d:7d:63:cb:fd:a0:38
Signer

Actual PE Digest

8c:f3:7b:40:70:41:6e:dc:34:1b:03:58:a6:6d:7d:63:cb:fd:a0:38

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

luaopen_lcurl
luaopen_lcurl_safe

Sections

UPX0
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PanData/share.db
PanData/share.ini
PanData/task.db
PanData/temp/script_3623D3E3CEF04B6373EA48E7F99D6806
PanData/temp/script_56234519A1B35DEECB51CF0C5EE5975A
PanData/temp/script_7EAE609E3FDDEBFCDAC0AE8502A8CA6C
PanData/temp/script_FEF0CE982AAB1746D5A63733A6B18E17
PanData/user.db
libcurl.dll
.dll windows:6 windows x86 arch:x86

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:c3:0f:fe:fc:22:bb:28:0f:96:fe:a7:52:51
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

16/03/2016, 00:00

Not After

16/03/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

24/05/2016, 00:00

Not After

24/06/2027, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:cd:17:42:0e:5e:42:ab:8f:c0:9e:7c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G3,O=GlobalSign nv-sa,C=BE

Not Before

01/03/2019, 06:10

Not After

01/03/2021, 03:03

Subject

CN=Changsha Luojin Information Technology Co.\, Ltd.,OU=项目开发部,O=Changsha Luojin Information Technology Co.\, Ltd.,L=Changsha,ST=Hunan,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

63:7d:92:5c:cb:6e:d7:16:43:64:9a:4d
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

01/03/2019, 07:11

Not After

01/03/2021, 07:11

Subject

SERIALNUMBER=91430105MA4Q81A329,CN=Changsha Luojin Information Technology Co.\, Ltd.,OU=项目开发部,O=Changsha Luojin Information Technology Co.\, Ltd.,STREET=开福区四方坪街道双拥路9号长城万富汇大厦9层9038号房（集群注册）,L=Changsha,ST=Hunan,C=CN,1.3.6.1.4.1.311.60.2.1.1=#13084348414e47534841,1.3.6.1.4.1.311.60.2.1.2=#130548554e414e,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

50:67:fa:46:ce:6c:fe:95:15:a6:9e:b2
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/06/2018, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign TSA for Advanced - G3 - 003-02,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:31:89:c6:50:04
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02/08/2011, 10:00

Not After

29/03/2029, 10:00

Subject

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3b:8a:95:93:c9:45:aa:23:fd:be:aa:a9:42:8f:00:49:ce:eb:50:2a:c6:db:19:9a:e6:31:3e:97:37:ce:09:f7
Signer

Actual PE Digest

3b:8a:95:93:c9:45:aa:23:fd:be:aa:a9:42:8f:00:49:ce:eb:50:2a:c6:db:19:9a:e6:31:3e:97:37:ce:09:f7

Digest Algorithm

sha256

PE Digest Matches

true

fe:18:79:5b:cd:4e:16:46:76:61:4b:3e:d7:03:db:a7:62:5d:18:fa
Signer

Actual PE Digest

fe:18:79:5b:cd:4e:16:46:76:61:4b:3e:d7:03:db:a7:62:5d:18:fa

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_easy_upkeep
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_global_sslset
curl_maprintf
curl_mfprintf
curl_mime_addpart
curl_mime_data
curl_mime_data_cb
curl_mime_encoder
curl_mime_filedata
curl_mime_filename
curl_mime_free
curl_mime_headers
curl_mime_init
curl_mime_name
curl_mime_subparts
curl_mime_type
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_poll
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_pushheader_byname
curl_pushheader_bynum
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_url
curl_url_cleanup
curl_url_dup
curl_url_get
curl_url_set
curl_version
curl_version_info

Sections

UPX0
Size: - Virtual size: 504KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 327KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 663KB - Virtual size: 663KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lua53.dll
.dll windows:5 windows x86 arch:x86

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:c3:0f:fe:fc:22:bb:28:0f:96:fe:a7:52:51
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

16/03/2016, 00:00

Not After

16/03/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

24/05/2016, 00:00

Not After

24/06/2027, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:cd:17:42:0e:5e:42:ab:8f:c0:9e:7c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G3,O=GlobalSign nv-sa,C=BE

Not Before

01/03/2019, 06:10

Not After

01/03/2021, 03:03

Subject

CN=Changsha Luojin Information Technology Co.\, Ltd.,OU=项目开发部,O=Changsha Luojin Information Technology Co.\, Ltd.,L=Changsha,ST=Hunan,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

63:7d:92:5c:cb:6e:d7:16:43:64:9a:4d
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

01/03/2019, 07:11

Not After

01/03/2021, 07:11

Subject

SERIALNUMBER=91430105MA4Q81A329,CN=Changsha Luojin Information Technology Co.\, Ltd.,OU=项目开发部,O=Changsha Luojin Information Technology Co.\, Ltd.,STREET=开福区四方坪街道双拥路9号长城万富汇大厦9层9038号房（集群注册）,L=Changsha,ST=Hunan,C=CN,1.3.6.1.4.1.311.60.2.1.1=#13084348414e47534841,1.3.6.1.4.1.311.60.2.1.2=#130548554e414e,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:90:20:77:61:c4:26:dd:94:50:03:0d
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/06/2018, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign TSA for Advanced - G3 - 003-01,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:31:89:c6:50:04
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02/08/2011, 10:00

Not After

29/03/2029, 10:00

Subject

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

02:b5:27:d5:93:e7:3e:b2:8a:60:a8:7c:b4:24:b9:09:4a:d3:59:1d:0c:0b:6c:7c:f3:38:f0:d8:5d:30:ea:ae
Signer

Actual PE Digest

02:b5:27:d5:93:e7:3e:b2:8a:60:a8:7c:b4:24:b9:09:4a:d3:59:1d:0c:0b:6c:7c:f3:38:f0:d8:5d:30:ea:ae

Digest Algorithm

sha256

PE Digest Matches

true

76:db:65:da:6a:c8:fa:64:35:3c:a7:15:aa:df:39:0b:bd:c1:04:a0
Signer

Actual PE Digest

76:db:65:da:6a:c8:fa:64:35:3c:a7:15:aa:df:39:0b:bd:c1:04:a0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

luaL_addlstring
luaL_addstring
luaL_addvalue
luaL_argerror
luaL_buffinit
luaL_buffinitsize
luaL_callmeta
luaL_checkany
luaL_checkinteger
luaL_checklstring
luaL_checknumber
luaL_checkoption
luaL_checkstack
luaL_checktype
luaL_checkudata
luaL_checkversion_
luaL_error
luaL_execresult
luaL_fileresult
luaL_getmetafield
luaL_getsubtable
luaL_gsub
luaL_len
luaL_loadbufferx
luaL_loadfilex
luaL_loadstring
luaL_newmetatable
luaL_newstate
luaL_openlibs
luaL_optinteger
luaL_optlstring
luaL_optnumber
luaL_prepbuffsize
luaL_pushresult
luaL_pushresultsize
luaL_ref
luaL_requiref
luaL_setfuncs
luaL_setmetatable
luaL_testudata
luaL_tolstring
luaL_traceback
luaL_unref
luaL_where
lua_absindex
lua_arith
lua_atpanic
lua_callk
lua_checkstack
lua_close
lua_compare
lua_concat
lua_copy
lua_createtable
lua_dump
lua_error
lua_gc
lua_getallocf
lua_getfield
lua_getglobal
lua_gethook
lua_gethookcount
lua_gethookmask
lua_geti
lua_getinfo
lua_getlocal
lua_getmetatable
lua_getstack
lua_gettable
lua_gettop
lua_getupvalue
lua_getuservalue
lua_iscfunction
lua_isinteger
lua_isnumber
lua_isstring
lua_isuserdata
lua_isyieldable
lua_len
lua_load
lua_newstate
lua_newthread
lua_newuserdata
lua_next
lua_pcallk
lua_pushboolean
lua_pushcclosure
lua_pushfstring
lua_pushinteger
lua_pushlightuserdata
lua_pushlstring
lua_pushnil
lua_pushnumber
lua_pushstring
lua_pushthread
lua_pushvalue
lua_pushvfstring
lua_rawequal
lua_rawget
lua_rawgeti
lua_rawgetp
lua_rawlen
lua_rawset
lua_rawseti
lua_rawsetp
lua_resume
lua_rotate
lua_setallocf
lua_setfield
lua_setglobal
lua_sethook
lua_seti
lua_setlocal
lua_setmetatable
lua_settable
lua_settop
lua_setupvalue
lua_setuservalue
lua_status
lua_stringtonumber
lua_toboolean
lua_tocfunction
lua_tointegerx
lua_tolstring
lua_tonumberx
lua_topointer
lua_tothread
lua_touserdata
lua_type
lua_typename
lua_upvalueid
lua_upvaluejoin
lua_version
lua_xmove
lua_yieldk
luaopen_base
luaopen_bit32
luaopen_coroutine
luaopen_debug
luaopen_io
luaopen_math
luaopen_os
luaopen_package
luaopen_string
luaopen_table
luaopen_utf8

Sections

UPX0
Size: - Virtual size: 268KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 193KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 331KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
pd/api/init
pd/api/latest
pd/api/script/list
pd/bdlogin.html
.html .js polyglot
使用教程（必看）有视频/1.买家发货信息链接下载好的.png
.png
使用教程（必看）有视频/2.要打开解压好的软件.png
.png
使用教程（必看）有视频/3.复制卡号进去.png
.png
使用教程（必看）有视频/5.下载你自己网盘文件教程01.png
.png
使用教程（必看）有视频/5.下载别人分享的链接02.png
.png
使用教程（必看）有视频/5.下载百度文件的方法.png
.png
使用教程（必看）有视频/6.鼠标右键选择下载.png
.png
使用教程（必看）有视频/接受数据失败（1）解决教程.jpg
.jpg
使用教程（必看）有视频/视频教程.mp4
每天下载量为100G.txt
禁止修改并行任务.txt
网盘专属极速.exe
.exe windows:5 windows x86 arch:x86

49550203287cd76e23698443898b8658

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile

advapi32

GetLengthSid

comctl32

_TrackMouseEvent

comdlg32

GetOpenFileNameW

gdi32

GetTextExtentPoint32W

gdiplus

GdipDeleteStringFormat

imm32

ImmSetCompositionWindow

iphlpapi

GetAdaptersAddresses

libcurl

curl_easy_getinfo

lua53

lua_setmetatable

ole32

OleLockRunning

oleaut32

SysStringByteLen

shell32

SHGetPathFromIDListW

shlwapi

PathStripPathW

user32

TranslateMessage

version

GetFileVersionInfoA

wininet

InternetSetOptionW

winmm

PlaySoundW

ws2_32

shutdown

msvcrt

strncpy

psapi

GetMappedFileNameW

Sections

.text
Size: 4.1MB - Virtual size: 8.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
解决方法和各类问题(必看).txt

Sharing

General

Malware Config

Signatures

Files

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7Certificate

Key Usages

47:c3:0f:fe:fc:22:bb:28:0f:96:fe:a7:52:51Certificate

Extended Key Usages

Key Usages

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14Certificate

Extended Key Usages

Key Usages

06:cd:17:42:0e:5e:42:ab:8f:c0:9e:7cCertificate

Extended Key Usages

Key Usages

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate

Key Usages

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0fCertificate

Extended Key Usages

Key Usages

63:7d:92:5c:cb:6e:d7:16:43:64:9a:4dCertificate

Extended Key Usages

Key Usages

50:67:fa:46:ce:6c:fe:95:15:a6:9e:b2Certificate

Extended Key Usages

Key Usages

04:00:00:00:00:01:31:89:c6:50:04Certificate

Key Usages

04:00:00:00:00:01:21:58:53:08:a2Certificate

Key Usages

8f:d0:85:f8:85:4e:0c:9e:62:a1:2b:d5:4f:0b:f1:07:57:44:1d:6b:08:db:f9:e5:d2:7e:07:ab:39:3e:93:a9Signer

82:91:11:60:a8:9e:a0:7b:66:1f:e9:2a:62:e6:cb:d6:3c:a3:db:53Signer

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 2.9MB

UPX1 Size: 1.8MB - Virtual size: 1.8MB

UPX2 Size: 1024B - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 4.2MB - Virtual size: 4.2MB

.data Size: 14KB - Virtual size: 14KB

.rdata Size: 449KB - Virtual size: 449KB

.bss Size: - Virtual size: 12KB

.idata Size: 8KB - Virtual size: 8KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 8B

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7Certificate

Key Usages

47:c3:0f:fe:fc:22:bb:28:0f:96:fe:a7:52:51Certificate

Extended Key Usages

Key Usages

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14Certificate

Extended Key Usages

Key Usages

06:cd:17:42:0e:5e:42:ab:8f:c0:9e:7cCertificate

Extended Key Usages

Key Usages

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate

Key Usages

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0fCertificate

Extended Key Usages

Key Usages

63:7d:92:5c:cb:6e:d7:16:43:64:9a:4dCertificate

Extended Key Usages

Key Usages

50:67:fa:46:ce:6c:fe:95:15:a6:9e:b2Certificate

Extended Key Usages

Key Usages

04:00:00:00:00:01:31:89:c6:50:04Certificate

Key Usages

04:00:00:00:00:01:21:58:53:08:a2Certificate

Key Usages

b3:ba:09:02:b0:00:f6:59:a1:f3:ed:7f:3c:38:4d:7b:ec:e9:08:22:b2:41:5d:e0:3a:84:b0:6f:01:cc:2b:a4Signer

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

47:c3:0f:fe:fc:22:bb:28:0f:96:fe:a7:52:51
Certificate

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

06:cd:17:42:0e:5e:42:ab:8f:c0:9e:7c
Certificate

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

63:7d:92:5c:cb:6e:d7:16:43:64:9a:4d
Certificate

50:67:fa:46:ce:6c:fe:95:15:a6:9e:b2
Certificate

04:00:00:00:00:01:31:89:c6:50:04
Certificate

04:00:00:00:00:01:21:58:53:08:a2
Certificate

8f:d0:85:f8:85:4e:0c:9e:62:a1:2b:d5:4f:0b:f1:07:57:44:1d:6b:08:db:f9:e5:d2:7e:07:ab:39:3e:93:a9
Signer

82:91:11:60:a8:9e:a0:7b:66:1f:e9:2a:62:e6:cb:d6:3c:a3:db:53
Signer

UPX0
Size: - Virtual size: 2.9MB

UPX1
Size: 1.8MB - Virtual size: 1.8MB

UPX2
Size: 1024B - Virtual size: 4KB

.text
Size: 4.2MB - Virtual size: 4.2MB

.data
Size: 14KB - Virtual size: 14KB

.rdata
Size: 449KB - Virtual size: 449KB

.bss
Size: - Virtual size: 12KB

.idata
Size: 8KB - Virtual size: 8KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

47:c3:0f:fe:fc:22:bb:28:0f:96:fe:a7:52:51
Certificate

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

06:cd:17:42:0e:5e:42:ab:8f:c0:9e:7c
Certificate

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

63:7d:92:5c:cb:6e:d7:16:43:64:9a:4d
Certificate

50:67:fa:46:ce:6c:fe:95:15:a6:9e:b2
Certificate

04:00:00:00:00:01:31:89:c6:50:04
Certificate

04:00:00:00:00:01:21:58:53:08:a2
Certificate

b3:ba:09:02:b0:00:f6:59:a1:f3:ed:7f:3c:38:4d:7b:ec:e9:08:22:b2:41:5d:e0:3a:84:b0:6f:01:cc:2b:a4
Signer

be:12:7b:7c:a8:5a:89:88:05:e0:5f:ca:3b:7f:ca:96:0d:f6:90:00
Signer

UPX0
Size: - Virtual size: 88KB

UPX1
Size: 57KB - Virtual size: 60KB

.rsrc
Size: 1024B - Virtual size: 4KB

.text
Size: 83KB - Virtual size: 82KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 3KB - Virtual size: 5KB

.gfids
Size: 512B - Virtual size: 160B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 4KB - Virtual size: 4KB

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

47:c3:0f:fe:fc:22:bb:28:0f:96:fe:a7:52:51
Certificate

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

06:cd:17:42:0e:5e:42:ab:8f:c0:9e:7c
Certificate

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

63:7d:92:5c:cb:6e:d7:16:43:64:9a:4d
Certificate

33:90:20:77:61:c4:26:dd:94:50:03:0d
Certificate

04:00:00:00:00:01:31:89:c6:50:04
Certificate

04:00:00:00:00:01:21:58:53:08:a2
Certificate

b2:ad:b9:02:4e:6b:4f:3c:89:09:f0:c2:1a:38:81:ab:02:76:39:f2:6f:26:5b:ce:87:d3:49:93:32:70:fe:b9
Signer

8c:f3:7b:40:70:41:6e:dc:34:1b:03:58:a6:6d:7d:63:cb:fd:a0:38
Signer

UPX0
Size: - Virtual size: 160KB

UPX1
Size: 65KB - Virtual size: 68KB

.rsrc
Size: 1024B - Virtual size: 4KB

.text
Size: 116KB - Virtual size: 116KB

.rdata
Size: 59KB - Virtual size: 59KB