135e476aaab42c8bccc54b7b12ed9b50_NEIKI

Sharing

Copy URL Twitter E-mail

General

Target

135e476aaab42c8bccc54b7b12ed9b50_NEIKI
Size

6.0MB
MD5

135e476aaab42c8bccc54b7b12ed9b50
SHA1

4a82a3450136e7868c273182d34b156b4c2950d5
SHA256

1eac8ea0ab295f2e3b1cd734ed0e7253dae2f1df5755a19b14c73b2d8f14b8d5
SHA512

3d7cd202ea58242397ecbf9276207852dc97777a7190d04457d3197ec43af9fea2190656c0e4a21caf9e99cd4b4b84f932ce9ad78320bbe314977d37928a899b
SSDEEP

98304:cLLbzI7o/Es8OOj4GJ1/4wpp+7NrMstXr+yx2+k/jM3aU0NgfZyXurNgaEw2ry:SI7qvOj3VkXTx2+kr/U1fI+ZEPry

Score

1^/10

Malware Config

Signatures

Files

135e476aaab42c8bccc54b7b12ed9b50_NEIKI
.exe windows:6 windows x86 arch:x86

9156a8286a1390a9bd473a084d254dcf

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:e0:60:09:dd:bd:ab:c8:ec:96:4f:27:b3:2a:bf:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

28/12/2021, 00:00

Not After

09/01/2024, 23:59

Subject

SERIALNUMBER=91430100MA4QK63M25,CN=长沙六都网络科技有限公司,O=长沙六都网络科技有限公司,L=长沙市,ST=湖南省,C=CN,1.3.6.1.4.1.311.60.2.1.1=#0c21e995bfe6b299e9ab98e696b0e68a80e69cafe4baa7e4b89ae5bc80e58f91e58cba,1.3.6.1.4.1.311.60.2.1.2=#0c09e6b996e58d97e79c81,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

35:93:e7:13:9b:a8:c4:94:e0:72:b1:5d:33:d3:bb:21:83:a2:33:7c:52:22:18:5f:5d:b1:de:4e:96:51:a5:ba
Signer

Actual PE Digest

35:93:e7:13:9b:a8:c4:94:e0:72:b1:5d:33:d3:bb:21:83:a2:33:7c:52:22:18:5f:5d:b1:de:4e:96:51:a5:ba

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\GG\HaoYou\Output\HYSW\steamok.pdb

Imports

kernel32

VirtualQueryEx
CreateFileMappingA
CreateDirectoryA
GetFileSize
Wow64EnableWow64FsRedirection
CreateEventW
SetEvent
ResetEvent
GetEnvironmentVariableA
GlobalAddAtomW
GetSystemDirectoryA
GetDiskFreeSpaceExA
WriteFile
SetFileTime
SetFilePointer
DuplicateHandle
GetFileType
DosDateTimeToFileTime
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
SetLastError
SetUnhandledExceptionFilter
UnregisterWaitEx
QueryDepthSList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualFree
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SignalObjectAndWait
CreateTimerQueue
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
ReadConsoleInputW
SetConsoleMode
SetStdHandle
GetTimeZoneInformation
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetCurrentProcessId
GetDateFormatW
MoveFileExW
SetEnvironmentVariableW
GetFullPathNameW
ReadConsoleW
GetConsoleMode
GetConsoleCP
SetConsoleCtrlHandler
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
VirtualAlloc
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
MulDiv
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
TlsGetValue
GetCurrentThread
GetCurrentThreadId
SetDllDirectoryW
SetCurrentDirectoryW
GlobalMemoryStatusEx
GetSystemPowerStatus
CreateDirectoryW
GetDriveTypeW
ReadProcessMemory
GetExitCodeProcess
OpenFileMappingA
LocalFree
LocalAlloc
GetCommandLineW
OpenMutexW
OpenFileMappingW
ReleaseMutex
CreateMutexW
FormatMessageA
GetACP
GlobalUnlock
GlobalLock
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
OutputDebugStringA
ExitProcess
FreeResource
WritePrivateProfileSectionW
FindResourceW
LoadResource
FindResourceExW
DeleteFileW
LockResource
CopyFileA
GetPrivateProfileSectionNamesW
LeaveCriticalSection
EnterCriticalSection
SizeofResource
CreateThread
DeviceIoControl
GetTickCount
GetPrivateProfileStringA
WinExec
GetSystemTime
CreateProcessA
Module32NextW
WideCharToMultiByte
GetModuleHandleW
VirtualProtect
VirtualQuery
TlsAlloc
LoadLibraryExA
SleepEx
QueryPerformanceFrequency
VerifyVersionInfoA
CreateProcessW
SystemTimeToFileTime
GetCPInfo
GetStringTypeW
AreFileApisANSI
SetFilePointerEx
SetEndOfFile
GetFileInformationByHandle
GetFileAttributesExW
FindFirstFileExW
EncodePointer
SwitchToThread
FormatMessageW
RemoveDirectoryA
GetStartupInfoA
GetLogicalDriveStringsA
GetCurrentDirectoryW
GetLocalTime
Module32FirstW
SetFileAttributesA
WritePrivateProfileStringA
GetSystemInfo
CloseHandle
Process32FirstW
GlobalAlloc
DeleteFileA
InitializeSListHead
GetSystemTimeAsFileTime
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
UnhandledExceptionFilter
GlobalMemoryStatus
FindNextFileW
CopyFileW
FlushConsoleInputBuffer
GetStdHandle
GetFileSizeEx
ExpandEnvironmentStringsA
WaitForSingleObjectEx
QueryPerformanceCounter
LoadLibraryA
FileTimeToSystemTime
CreateFileA
Process32NextW
Wow64RevertWow64FsRedirection
Sleep
GetPrivateProfileStringW
MultiByteToWideChar
CreateToolhelp32Snapshot
GetLogicalDriveStringsW
OpenProcess
GetModuleHandleA
GetVersionExW
CreateFileW
WaitForSingleObject
FindClose
CreatePipe
FindNextFileA
GetModuleFileNameW
TerminateProcess
GetPrivateProfileIntW
Wow64DisableWow64FsRedirection
GetCurrentProcess
WritePrivateProfileStringW
FindFirstFileA
GetModuleFileNameA
ReadFile
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
InitializeCriticalSection
HeapFree
LoadLibraryExW
FreeLibrary
GetProcAddress
LoadLibraryW
GetTimeFormatW
OutputDebugStringW

user32

GetPropW
SetPropW
LoadImageW
GetClassInfoExW
RegisterClassW
CallWindowProcW
PostQuitMessage
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
GetGUIThreadInfo
InvalidateRgn
CreateAcceleratorTableW
SetRect
FillRect
CharPrevW
GetSysColor
SetCaretPos
ShowCaret
HideCaret
CreateCaret
EnableWindow
GetCaretPos
SetWindowRgn
UnregisterHotKey
CreatePopupMenu
TrackPopupMenu
OffsetRect
ClientToScreen
AttachThreadInput
RegisterHotKey
GetForegroundWindow
LoadIconW
SetCapture
AppendMenuW
SystemParametersInfoW
ReleaseCapture
IsIconic
GetCursorPos
GetWindowRgn
FindWindowA
ShowWindowAsync
MapVirtualKeyW
keybd_event
GetSystemMetrics
BlockInput
ClipCursor
SendMessageA
mouse_event
SetCursorPos
IsWindowVisible
GetParent
MonitorFromWindow
GetMonitorInfoW
GetDesktopWindow
MessageBoxA
FlashWindow
BringWindowToTop
wsprintfW
SetForegroundWindow
PostMessageW
FindWindowW
SetTimer
ShowWindow
IsWindow
MoveWindow
SendMessageW
OpenClipboard
CloseClipboard
EmptyClipboard
SetClipboardData
GetWindowLongW
SetWindowPos
SetWindowLongW
GetClientRect
GetDC
DrawTextW
ReleaseDC
MessageBoxW
GetWindowThreadProcessId
GetWindowRect
GetClassNameA
GetWindowTextA
EnumWindows
GetProcessWindowStation
GetUserObjectInformationW
DefWindowProcW
RegisterClassExW
CreateWindowExW
DestroyWindow
LoadCursorW
GetMessageW
TranslateMessage
DispatchMessageW
CharNextW
SetFocus
GetActiveWindow
GetFocus
GetKeyState
KillTimer
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
ScreenToClient
MapWindowPoints
IntersectRect
UnionRect
IsRectEmpty
PtInRect
GetWindow
wvsprintfW
SetCursor
IsZoomed
GetCaretBlinkTime

gdi32

GetObjectW
SetBkMode
CreateCompatibleBitmap
ExtTextOutW
TextOutW
MoveToEx
SetStretchBltMode
StretchBlt
SetBkColor
ExtSelectClipRgn
SelectClipRgn
RoundRect
LineTo
GetTextExtentPoint32W
GetClipBox
GetCharABCWidthsW
CreateRectRgnIndirect
CreatePenIndirect
CombineRgn
CreateSolidBrush
CreatePatternBrush
CreateRoundRectRgn
SetWindowOrgEx
GetTextMetricsW
SaveDC
RestoreDC
Rectangle
GetStockObject
CreatePen
CreateFontIndirectW
GetObjectA
GdiFlush
SetTextColor
CreateRectRgn
PtInRegion
GetPixel
BitBlt
SelectObject
CreateDIBSection
CreateCompatibleDC
CreateFontW
GetDeviceCaps
DeleteDC
DeleteObject

advapi32

CryptGetUserKey
RegEnumKeyExA
RegQueryValueExW
RegEnumValueA
RegOpenKeyExW
RegOpenKeyExA
OpenProcessToken
RegSetValueExA
RegSetValueExW
RegCreateKeyExW
RegCreateKeyExA
RegQueryValueExA
RegQueryInfoKeyW
RegCloseKey
RegEnableReflectionKey
AdjustTokenPrivileges
RegDisableReflectionKey
LookupPrivilegeValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
InitializeSecurityDescriptor
SetSecurityDescriptorSacl
SetSecurityDescriptorDacl
GetSecurityDescriptorSacl
RegEnumKeyA
OpenThreadToken
CryptEnumProvidersA
CryptSignHashA
CryptDecrypt
CryptExportKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
ReportEventA
RegisterEventSourceA
DeregisterEventSource
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGenRandom
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextA

shell32

CommandLineToArgvW
ShellExecuteExW
SHFileOperationW
ShellExecuteA
SHGetSpecialFolderPathA
ShellExecuteW
Shell_NotifyIconW
SHGetSpecialFolderPathW

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CreateStreamOnHGlobal
OleLockRunning
CLSIDFromProgID
CLSIDFromString

dbghelp

MakeSureDirectoryPathExists

shlwapi

PathFileExistsW
PathFileExistsA
StrStrIA
PathFindExtensionW
PathRemoveFileSpecW
PathFindFileNameW
StrCpyW
PathIsDirectoryW
StrStrA
SHDeleteKeyW
PathIsDirectoryA
PathRemoveFileSpecA
PathFindFileNameA

gdiplus

GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipDeleteFont
GdipGetFamily
GdipCreateFontFromLogfontA
GdipGetImageEncoders
GdipCreateBitmapFromHBITMAP
GdipGetImageEncodersSize
GdipCreateBitmapFromScan0
GdipImageGetFrameCount
GdiplusStartup
GdiplusShutdown
GdipGetImageHeight
GdipCloneImage
GdipAlloc
GdipCreateFontFromDC
GdipFree
GdipGetImageWidth
GdipSaveImageToFile
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipDisposeImage
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipCloneBrush
GdipDeleteBrush
GdipCreateLineBrushI
GdipGetImageGraphicsContext
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetCompositingQuality
GdipSetSmoothingMode
GdipSetPixelOffsetMode
GdipSetTextRenderingHint
GdipSetInterpolationMode
GdipGraphicsClear
GdipDrawImage
GdipDrawImageRectI
GdipDeleteFontFamily
GdipDrawString

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoW
GetFileVersionInfoA
GetFileVersionInfoSizeW
VerQueryValueW

iphlpapi

GetAdaptersInfo

wininet

InternetOpenW
InternetCloseHandle
InternetReadFile
DeleteUrlCacheEntryA
DeleteUrlCacheEntryW
InternetOpenUrlW

crypt32

CryptMsgGetParam
CertFindCertificateInStore
CertGetNameStringW
CertOpenStore
CertEnumCertificatesInStore
CryptStringToBinaryA
CryptQueryObject
CryptMsgClose
CertGetNameStringA
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CertGetCertificateChain
CertGetCertificateContextProperty
CertCloseStore
CertAddCertificateContextToStore
CertFreeCertificateContext
CertDuplicateCertificateContext
CertFreeCertificateChain

ws2_32

gethostbyname
getservbyname
socket
WSAGetLastError
htonl
shutdown
setsockopt
ioctlsocket
htons
recv
send
freeaddrinfo
getaddrinfo
WSAIoctl
ntohs
getsockopt
getsockname
getpeername
bind
WSASetLastError
WSACleanup
__WSAFDIsSet
closesocket
select
WSAStartup
connect

dxgi

CreateDXGIFactory

pdh

PdhSetCounterScaleFactor
PdhGetFormattedCounterValue
PdhAddCounterW
PdhCloseQuery
PdhOpenQueryW
PdhCollectQueryData
PdhRemoveCounter

ntdll

VerSetConditionMask

urlmon

URLDownloadToFileA
URLDownloadToFileW

imm32

ImmSetCompositionWindow
ImmSetCompositionFontW
ImmReleaseContext
ImmGetContext

comctl32

ord17
_TrackMouseEvent

oleaut32

VariantClear
VariantInit
SysFreeString
SysAllocString

Exports

Exports

?BindingNetbar@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UBindingNetbarDto@@@Z
?CreateStringByParam@BLC_Net@@YA_NV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@00PAVHttpParamsI@1@AAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@3@@Z
?CurlGetData@BLC_Net@@YA?AW4HTTPRETDATAENUM@1@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0AAV34@1H0@Z
?CurlGetDataWithSign@BLC_Net@@YA?AW4HTTPRETDATAENUM@1@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0AAV34@V?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@4@1H0@Z
?CurlPostData@BLC_Net@@YA?AW4HTTPRETDATAENUM@1@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0AAV34@1H0@Z
?CurlPostDataWithSign@BLC_Net@@YA?AW4HTTPRETDATAENUM@1@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0AAV34@V?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@4@1H0@Z
?Curl_DownloadFile@BLC_Net@@YA?AW4DW_STATE@1@PBD0@Z
?FindSteamPathReportMessage@@YA_NUMSGObject@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetKey@@YA_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetNetbarBusiness@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV12@AAH1@Z
?GetParaForGGJiaSu@@YA_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetParaForTQ@@YA_NAA_NAAH1@Z
?GetSteamAccePara@@YA_NAAV?$map@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V12@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V12@@std@@@2@@std@@@Z
?IfNetbarReportMessage@@YA_NUMSGObject@@@Z
?NetbarSpecialSet@@YA_NV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?ReportMessage@@YA_NUMSGObject@@@Z

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 602KB - Virtual size: 601KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9156a8286a1390a9bd473a084d254dcf

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0a:e0:60:09:dd:bd:ab:c8:ec:96:4f:27:b3:2a:bf:92Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

35:93:e7:13:9b:a8:c4:94:e0:72:b1:5d:33:d3:bb:21:83:a2:33:7c:52:22:18:5f:5d:b1:de:4e:96:51:a5:baSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

dbghelp

shlwapi

gdiplus

version

iphlpapi

wininet

crypt32

ws2_32

dxgi

pdh

ntdll

urlmon

imm32

comctl32

oleaut32

Exports

Exports

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 602KB - Virtual size: 601KB

.data Size: 61KB - Virtual size: 97KB

.rsrc Size: 2.8MB - Virtual size: 2.8MB

.reloc Size: 132KB - Virtual size: 131KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0a:e0:60:09:dd:bd:ab:c8:ec:96:4f:27:b3:2a:bf:92
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

35:93:e7:13:9b:a8:c4:94:e0:72:b1:5d:33:d3:bb:21:83:a2:33:7c:52:22:18:5f:5d:b1:de:4e:96:51:a5:ba
Signer

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 602KB - Virtual size: 601KB

.data
Size: 61KB - Virtual size: 97KB

.rsrc
Size: 2.8MB - Virtual size: 2.8MB

.reloc
Size: 132KB - Virtual size: 131KB