Extracted

• XClientt (1).exe

  .exe windows:4 windows x86 arch:x86

  f34d5f2d4577ed6d9ceec516c1f5a744

  
  

  Code Sign

  Certificate

  Issuer

  CN=Thinkst Root CA,OU=Thinkst Applied Research CA,O=Thinkst Applied Research,C=ZA

  Not Before

  07/05/2024, 04:56

  Not After

  07/05/2034, 04:56

  Subject

  CN=Microsoft Windows,O=Microsoft Corporation,C=US

  Extended Key Usages

  ExtKeyUsageServerAuth

  ExtKeyUsageClientAuth

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageKeyEncipherment

  KeyUsageDataEncipherment

  KeyUsageKeyAgreement

  f6:2e:cc:38:d5:61:58:c6:13:2f:96:71:21:80:47:d2:63:b9:e2:b9:92:74:7a:99:49:c0:24:9c:4a:27:a3:86

  Signer

  Actual PE Digest

  f6:2e:cc:38:d5:61:58:c6:13:2f:96:71:21:80:47:d2:63:b9:e2:b9:92:74:7a:99:49:c0:24:9c:4a:27:a3:86

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  mscoree

  _CorExeMain

  Sections

  .text

  Size: 35KB - Virtual size: 34KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 12B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ