15ba1e76005d5bad9cb5bb2d1065f745_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

15ba1e76005d5bad9cb5bb2d1065f745_JaffaCakes118
Size

2.2MB
MD5

15ba1e76005d5bad9cb5bb2d1065f745
SHA1

91e606b16f6c26cb49c957ad5359e2525eafef75
SHA256

092132e98bdbb9373842729aca6d7e091a7053affd3aa839ac5b8367dbe378d7
SHA512

75c2164083ee130598b839353083a32b2bcfe14f37134a5a3f599c718e854a5c84038e2d905c4b8440e6e4d1317ad39312c53fd29c8882b3529564db5d0b5f46
SSDEEP

49152:rcRsCPpxTWP1vCNPjZq+UzrBbujDgo5fsS:rcRs2pxTWNCNPjW/pkU8fsS

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
sample	vmprotect

Files

15ba1e76005d5bad9cb5bb2d1065f745_JaffaCakes118
.exe windows:5 windows x86 arch:x86

578f17a0ba36befd71d99ff0c30e7ca8

Code Sign

5d:54:09:35:a9:98:aa:b6:8e:a2:28:9c:fd:1f:af:a5
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Not Before

07/03/2016, 01:55

Not After

07/05/2018, 01:55

Subject

CN=海南掘金网络科技有限公司,O=海南掘金网络科技有限公司,L=海口市,ST=海南省,C=CN,1.2.840.113549.1.9.1=#0c0e77616e6c694035346e622e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftKernelCodeSigning

Key Usages

KeyUsageDigitalSignature

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

46:bb:b3:40:fa:b9:c1:79:28:93:8c:93:da:10:86:79
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

19:c2:85:30:e9:3b:36
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17/09/2006, 22:46

Not After

31/12/2019, 23:59

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:10:3c:ba:2e:78:45:0b:cc:73:9b:af:fb:0a:73:c5
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Not Before

07/03/2016, 01:36

Not After

07/05/2018, 01:36

Subject

CN=海南掘金网络科技有限公司,O=海南掘金网络科技有限公司,L=海口市,ST=海南省,C=CN,1.2.840.113549.1.9.1=#0c0e77616e6c694035346e622e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftKernelCodeSigning

Key Usages

KeyUsageDigitalSignature

37:a6:0e:92:5f:23:f8:0c:fd:cd:97:65:92:98:c3:54
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/11/2014, 00:58

Not After

08/11/2029, 00:58

Subject

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

19:c2:85:30:e9:3b:36
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17/09/2006, 22:46

Not After

31/12/2019, 23:59

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6a:0f:db:e6:78:b3:1e:23:2c:ba:5a:e1:4d:9d:bf:1b
Certificate

Issuer

CN=WoSign Time Stamping Services CA G2,O=WoSign CA Limited,C=CN

Not Before

08/04/2015, 01:00

Not After

08/04/2023, 01:00

Subject

CN=WoSign Time Stamping Signer G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0f:db:e6:78:b3:1e:23:2c:ba:5a:e1:4d:9d:bf:1b
Certificate

Issuer

CN=WoSign Time Stamping Services CA G2,O=WoSign CA Limited,C=CN

Not Before

08/04/2015, 01:00

Not After

08/04/2023, 01:00

Subject

CN=WoSign Time Stamping Signer G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

51:ec:ef:d7:72:99:ba:1a:dd:28:02:43:1e:86:e2:0e
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/04/2015, 00:58

Not After

08/04/2025, 00:58

Subject

CN=WoSign Time Stamping Services CA G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

13:1b:e0:72:32:df:8b:e9:c0:66:8f:7b:2c:49:35:f7:51:33:aa:e9:20:3b:5d:10:5e:e9:14:46:31:18:5e:45
Signer

Actual PE Digest

13:1b:e0:72:32:df:8b:e9:c0:66:8f:7b:2c:49:35:f7:51:33:aa:e9:20:3b:5d:10:5e:e9:14:46:31:18:5e:45

Digest Algorithm

sha256

PE Digest Matches

true

80:d0:0b:36:4f:6a:bc:49:de:11:f4:80:3c:61:89:54:0c:37:ac:82
Signer

Actual PE Digest

80:d0:0b:36:4f:6a:bc:49:de:11:f4:80:3c:61:89:54:0c:37:ac:82

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
GlobalFree
GetModuleHandleW
lstrcmpA
CompareStringA
FormatMessageA
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
GlobalDeleteAtom
FreeResource
FindResourceA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrcmpW
LoadLibraryW
InitializeCriticalSectionAndSpinCount
GetVersionExA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
SetThreadPriority
ResumeThread
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
GetThreadLocale
lstrcmpiA
DeleteFileA
WriteFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
FileTimeToSystemTime
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetCurrentDirectoryA
GetSystemDirectoryW
lstrcpyA
GlobalFlags
GetACP
GetCPInfo
GetOEMCP
SetErrorMode
GetFileAttributesExA
FileTimeToLocalFileTime
GlobalSize
GetFileAttributesA
GetFileSizeEx
GetFileTime
GetTempFileNameA
GetTempPathA
GetWindowsDirectoryA
GetNumberFormatA
GetProfileIntA
SearchPathA
VirtualProtect
GetUserDefaultLCID
FindResourceExW
EncodePointer
DecodePointer
HeapFree
ExitThread
CreateThread
UnhandledExceptionFilter
IsDebuggerPresent
SetConsoleCtrlHandler
HeapAlloc
GetSystemTimeAsFileTime
FindFirstFileExA
FindNextFileA
GetTimeFormatA
GetDateFormatA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapReAlloc
RtlUnwind
RaiseException
VirtualQuery
ExitProcess
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
SetHandleCount
GetStdHandle
IsProcessorFeaturePresent
HeapCreate
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
IsValidCodePage
LCMapStringW
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeW
CompareStringW
WriteConsoleW
EnumSystemLocalesA
IsValidLocale
CreateFileW
SetEnvironmentVariableA
LocalFree
lstrlenW
MulDiv
lstrlenA
GlobalAlloc
GlobalLock
GlobalUnlock
ActivateActCtx
GetModuleHandleA
DeactivateActCtx
SetLastError
DeleteCriticalSection
CancelIo
InterlockedExchange
GetTickCount
SetEvent
GetQueuedCompletionStatus
InterlockedDecrement
InterlockedIncrement
GetSystemInfo
CreateIoCompletionPort
PostQueuedCompletionStatus
CreateEventA
VirtualAlloc
VirtualFree
GetLastError
MultiByteToWideChar
WaitForSingleObject
LeaveCriticalSection
TerminateProcess
FreeLibrary
GetCurrentProcessId
GetCurrentProcess
GetProcAddress
GetCurrentThreadId
LoadLibraryA
SetUnhandledExceptionFilter
Sleep
ReadFile
SetFilePointer
GetFileSize
CreateFileA
OutputDebugStringA
FindResourceW
LoadResource
LockResource
SizeofResource
CloseHandle
WideCharToMultiByte
EnterCriticalSection
InitializeCriticalSection
LoadLibraryExA
GetModuleFileNameA
GetProcessHeap
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

MapVirtualKeyA
GetSysColorBrush
LoadCursorA
SetCapture
WindowFromPoint
LoadCursorW
ReleaseCapture
WaitMessage
DeleteMenu
SetRectEmpty
EnumDisplayMonitors
SetLayeredWindowAttributes
RealChildWindowFromPoint
KillTimer
CharNextA
OffsetRect
CopyAcceleratorTableA
IsRectEmpty
SetRect
IntersectRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
CopyImage
SetWindowRgn
NotifyWinEvent
GetAsyncKeyState
IsZoomed
UnionRect
EnableScrollBar
UpdateLayeredWindow
MonitorFromPoint
IsMenu
SetMenuDefaultItem
GetMenuDefaultItem
DestroyIcon
UnregisterClassA
TranslateAcceleratorA
BringWindowToTop
InsertMenuItemA
LoadAcceleratorsA
LoadImageA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
SetParent
DestroyAcceleratorTable
SetClassLongA
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetCursorPos
LockWindowUpdate
RegisterClipboardFormatA
InvertRect
HideCaret
GetIconInfo
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
FrameRect
CopyIcon
CharUpperBuffA
PostThreadMessageA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
TranslateMessage
GetUpdateRect
GetDoubleClickTime
IsCharLowerA
MapVirtualKeyExA
SubtractRect
DestroyCursor
GetWindowRgn
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
IsWindowVisible
ValidateRect
UpdateWindow
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
GetKeyNameTextA
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
PtInRect
GetSysColor
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
InflateRect
CopyRect
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
RegisterWindowMessageA
GetWindow
SetWindowContextHelpId
GetParent
MapDialogRect
SetWindowPos
PostQuitMessage
GetMenuState
GetMenuStringA
GetMenuItemID
GetMenuItemCount
GetSubMenu
RemoveMenu
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetWindowThreadProcessId
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
SetScrollRange
CheckMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
EnableWindow
LoadIconW
GetSystemMenu
AppendMenuA
SendMessageA
LoadMenuW
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SetTimer
CharUpperA
InvalidateRect
DrawStateA
ShowOwnedPopups
SetCursor
DeferWindowPos
GetMessageA
TrackPopupMenu
GetKeyState
IsClipboardFormatAvailable
SetMenu
GetMessagePos
InsertMenuA
CreateMenu
ScreenToClient
GetWindowLongA
SetWindowLongA
GetWindowRect
PostMessageA
GetCursorPos
CreatePopupMenu

advapi32

RegCloseKey
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA

shell32

SHAppBarMessage
DragQueryFileA
DragFinish
SHGetFileInfoA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteA

msimg32

AlphaBlend
TransparentBlt

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW

oledlg

ord8

gdiplus

GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdiplusStartup
GdiplusShutdown

ws2_32

WSASend
gethostbyname
inet_ntoa
WSAStartup
WSACleanup
WSASocketA
WSAGetLastError
WSACreateEvent
closesocket
WSAEventSelect
htons
bind
listen
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
accept
setsockopt
WSAIoctl
socket
WSACloseEvent
gethostname
WSARecv

pdh

PdhOpenQueryA
PdhCloseQuery
PdhAddCounterA
PdhCollectQueryData
PdhGetFormattedCounterValue

wininet

InternetOpenA
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
InternetCloseHandle
InternetConnectA

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

gdi32

SetLayout
DeleteObject
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetPixelV
SetBkMode
RestoreDC
SaveDC
CreateBitmap
GetTextFaceA
SetBkColor
SetTextColor
GetTextExtentPoint32A
ExtTextOutA
BitBlt
CreateCompatibleDC
CreateFontIndirectA
GetObjectA
CreateDCA
GetDeviceCaps
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
SetPaletteEntries
ExtFloodFill
EnumFontFamiliesExA
Rectangle
SetPixel
StretchBlt
SetDIBColorTable
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Ellipse
Polyline
CreateEllipticRgn
CreatePolygonRgn
CreateDIBSection
CreateRoundRectRgn
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
GetRgnBox
GetTextColor
GetBkColor
GetTextCharsetInfo
EnumFontFamiliesA
GetTextMetricsA
CreateCompatibleBitmap
CreateDIBitmap
PatBlt
CreateRectRgnIndirect
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
TextOutA
Escape
SelectObject
SetViewportOrgEx
SetWindowExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
CopyMetaFileA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetFileTitleA

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
CoRevokeClassObject
OleGetClipboard
CoInitializeEx
CoLockObjectExternal
RevokeDragDrop
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoUninitialize
CoInitialize
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
RegisterDragDrop
CoRegisterMessageFilter

oleaut32

SysAllocString
VariantCopy
OleCreateFontIndirect
VarBstrFromDate
SysFreeString
SysAllocStringByteLen
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen

Sections

.text
Size: - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 695KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 788KB - Virtual size: 798KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

578f17a0ba36befd71d99ff0c30e7ca8

Code Sign

5d:54:09:35:a9:98:aa:b6:8e:a2:28:9c:fd:1f:af:a5Certificate

Extended Key Usages

Key Usages

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4cCertificate

Extended Key Usages

Key Usages

46:bb:b3:40:fa:b9:c1:79:28:93:8c:93:da:10:86:79Certificate

Extended Key Usages

Key Usages

19:c2:85:30:e9:3b:36Certificate

Key Usages

56:10:3c:ba:2e:78:45:0b:cc:73:9b:af:fb:0a:73:c5Certificate

Extended Key Usages

Key Usages

37:a6:0e:92:5f:23:f8:0c:fd:cd:97:65:92:98:c3:54Certificate

Extended Key Usages

Key Usages

19:c2:85:30:e9:3b:36Certificate

Key Usages

6a:0f:db:e6:78:b3:1e:23:2c:ba:5a:e1:4d:9d:bf:1bCertificate

Extended Key Usages

Key Usages

6a:0f:db:e6:78:b3:1e:23:2c:ba:5a:e1:4d:9d:bf:1bCertificate

Extended Key Usages

Key Usages

51:ec:ef:d7:72:99:ba:1a:dd:28:02:43:1e:86:e2:0eCertificate

Extended Key Usages

Key Usages

13:1b:e0:72:32:df:8b:e9:c0:66:8f:7b:2c:49:35:f7:51:33:aa:e9:20:3b:5d:10:5e:e9:14:46:31:18:5e:45Signer

80:d0:0b:36:4f:6a:bc:49:de:11:f4:80:3c:61:89:54:0c:37:ac:82Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msimg32

comctl32

shlwapi

oledlg

gdiplus

ws2_32

pdh

wininet

oleacc

imm32

winmm

gdi32

winspool.drv

comdlg32

ole32

oleaut32

Sections

.text Size: - Virtual size: 1.4MB

.rdata Size: - Virtual size: 312KB

.data Size: - Virtual size: 62KB

.vmp0 Size: - Virtual size: 695KB

.vmp1 Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 512B - Virtual size: 252B

.rsrc Size: 788KB - Virtual size: 798KB

5d:54:09:35:a9:98:aa:b6:8e:a2:28:9c:fd:1f:af:a5
Certificate

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

46:bb:b3:40:fa:b9:c1:79:28:93:8c:93:da:10:86:79
Certificate

19:c2:85:30:e9:3b:36
Certificate

56:10:3c:ba:2e:78:45:0b:cc:73:9b:af:fb:0a:73:c5
Certificate

37:a6:0e:92:5f:23:f8:0c:fd:cd:97:65:92:98:c3:54
Certificate

19:c2:85:30:e9:3b:36
Certificate

6a:0f:db:e6:78:b3:1e:23:2c:ba:5a:e1:4d:9d:bf:1b
Certificate

6a:0f:db:e6:78:b3:1e:23:2c:ba:5a:e1:4d:9d:bf:1b
Certificate

51:ec:ef:d7:72:99:ba:1a:dd:28:02:43:1e:86:e2:0e
Certificate

13:1b:e0:72:32:df:8b:e9:c0:66:8f:7b:2c:49:35:f7:51:33:aa:e9:20:3b:5d:10:5e:e9:14:46:31:18:5e:45
Signer

80:d0:0b:36:4f:6a:bc:49:de:11:f4:80:3c:61:89:54:0c:37:ac:82
Signer

.text
Size: - Virtual size: 1.4MB

.rdata
Size: - Virtual size: 312KB

.data
Size: - Virtual size: 62KB

.vmp0
Size: - Virtual size: 695KB

.vmp1
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 512B - Virtual size: 252B

.rsrc
Size: 788KB - Virtual size: 798KB