MCASShip565Upgrade[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

MCASShip565Upgrade.zip
Size

25.6MB
MD5

a9aae2209cf829d8de1c1c0b0cb570ce
SHA1

6597eed6762469038d06c645ba1a96a209153f05
SHA256

6ae1723c58d08a8c32199b00d1c6dca89da9d736087f7d5555efb528775246d2
SHA512

402a37037200d5c2a3703dd1a65e4732bf75cc24ea2989c71d113987642e6bea4dc0150b2da01e013ee18395880a05a3c0d232195b603d730659eb67ba1b2600
SSDEEP

786432:jQCnUMOiyZnLyVkoFu2WuZ/xwzK7ukipGoNpRjuewR:k4XOiWnOVq9zuokoDRae2

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MCASShip565Upgrade/KLSM_MCAS_Upgrade565.exe
unpack001/MCASShip565Upgrade/MCAS_Client_565/Application Files/AniShipAcct_5_6_5_6/SigPlusNET.dll.deploy

Files

MCASShip565Upgrade.zip
.zip
MCASShip565Upgrade/KLSM_MCAS_Upgrade565.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MCASShip565Upgrade/MCAS_Client_565/AniShipAcct.application
MCASShip565Upgrade/MCAS_Client_565/Application Files/AniShipAcct_5_6_5_6/AniShipAcct.application
MCASShip565Upgrade/MCAS_Client_565/Application Files/AniShipAcct_5_6_5_6/AniShipAcct.exe.config.deploy
.xml
MCASShip565Upgrade/MCAS_Client_565/Application Files/AniShipAcct_5_6_5_6/AniShipAcct.exe.deploy
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

5c:d8:be:a4:07:40:0b:a5:4f:73:bc:d1:42:62:c1:8c
Certificate

Issuer

CN=ACERDS\\DS-ACER

Not Before

10/07/2023, 00:41

Not After

09/07/2024, 06:41

Subject

CN=ACERDS\\DS-ACER

3d:b7:70:16:bf:4c:e6:70:8d:8b:74:ef:3c:e6:ee:f8:54:d3:37:85:90:d2:32:62:f2:09:ae:56:34:76:ad:f8
Signer

Actual PE Digest

3d:b7:70:16:bf:4c:e6:70:8d:8b:74:ef:3c:e6:ee:f8:54:d3:37:85:90:d2:32:62:f2:09:ae:56:34:76:ad:f8

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 9.6MB - Virtual size: 9.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MCASShip565Upgrade/MCAS_Client_565/Application Files/AniShipAcct_5_6_5_6/AniShipAcct.exe.manifest
MCASShip565Upgrade/MCAS_Client_565/Application Files/AniShipAcct_5_6_5_6/Microsoft.ReportViewer.Common.dll.deploy
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:00:59:d6:73:cd:51:8e:f0:22:c5:00:00:00:00:00:59
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2014, 17:13

Not After

23/08/2015, 17:13

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:00:ca:6c:d5:32:12:35:c4:e1:55:00:01:00:00:00:ca
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/04/2014, 17:39

Not After

22/07/2015, 17:39

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1a
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/09/2013, 17:41

Not After

24/12/2014, 17:41

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4c:96:54:44:5b:aa:12:bf:8a:b2:f1:25:86:91:95:8a:3b:a3:6a:30:5a:d0:1b:88:6c:f7:3b:a4:c3:df:23:bd
Signer

Actual PE Digest

4c:96:54:44:5b:aa:12:bf:8a:b2:f1:25:86:91:95:8a:3b:a3:6a:30:5a:d0:1b:88:6c:f7:3b:a4:c3:df:23:bd

Digest Algorithm

sha256

PE Digest Matches

true

07:e1:ed:98:ee:41:42:f7:d6:bb:63:66:1d:d1:69:5e:af:87:aa:02
Signer

Actual PE Digest

07:e1:ed:98:ee:41:42:f7:d6:bb:63:66:1d:d1:69:5e:af:87:aa:02

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Microsoft.ReportViewer.Common.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8.3MB - Virtual size: 8.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MCASShip565Upgrade/MCAS_Client_565/Application Files/AniShipAcct_5_6_5_6/Microsoft.ReportViewer.DataVisualization.dll.deploy
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:00:5a:ed:2f:f4:e4:20:99:3f:3a:00:00:00:00:00:5a
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2014, 17:13

Not After

23/08/2015, 17:13

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:00:ca:6c:d5:32:12:35:c4:e1:55:00:01:00:00:00:ca
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/04/2014, 17:39

Not After

22/07/2015, 17:39

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1a
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/09/2013, 17:41

Not After

24/12/2014, 17:41

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ff:19:0c:5e:cc:97:2a:96:2c:13:25:82:a2:63:f2:e3:88:08:07:e8:16:fc:2d:83:f9:35:79:69:ad:27:11:90
Signer

Actual PE Digest

ff:19:0c:5e:cc:97:2a:96:2c:13:25:82:a2:63:f2:e3:88:08:07:e8:16:fc:2d:83:f9:35:79:69:ad:27:11:90

Digest Algorithm

sha256

PE Digest Matches

true

c0:94:c8:a7:d1:b5:92:29:d6:58:48:73:fa:23:33:11:82:c1:8c:74
Signer

Actual PE Digest

c0:94:c8:a7:d1:b5:92:29:d6:58:48:73:fa:23:33:11:82:c1:8c:74

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Microsoft.ReportViewer.DataVisualization.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MCASShip565Upgrade/MCAS_Client_565/Application Files/AniShipAcct_5_6_5_6/Microsoft.ReportViewer.ProcessingObjectModel.dll.deploy
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:00:59:d6:73:cd:51:8e:f0:22:c5:00:00:00:00:00:59
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2014, 17:13

Not After

23/08/2015, 17:13

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:00:ca:6c:d5:32:12:35:c4:e1:55:00:01:00:00:00:ca
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/04/2014, 17:39

Not After

22/07/2015, 17:39

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1a
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/09/2013, 17:41

Not After

24/12/2014, 17:41

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dc:f8:fd:df:7d:74:6c:74:ae:b4:eb:fc:f3:98:e3:06:35:27:6d:03:9f:a7:cd:3d:59:66:bc:c5:74:e4:7f:01
Signer

Actual PE Digest

dc:f8:fd:df:7d:74:6c:74:ae:b4:eb:fc:f3:98:e3:06:35:27:6d:03:9f:a7:cd:3d:59:66:bc:c5:74:e4:7f:01

Digest Algorithm

sha256

PE Digest Matches

true

ef:23:ef:1d:27:10:0f:5e:10:dd:61:1d:b9:91:69:b4:dd:a3:63:4b
Signer

Actual PE Digest

ef:23:ef:1d:27:10:0f:5e:10:dd:61:1d:b9:91:69:b4:dd:a3:63:4b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Microsoft.ReportViewer.ProcessingObjectModel.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MCASShip565Upgrade/MCAS_Client_565/Application Files/AniShipAcct_5_6_5_6/Microsoft.ReportViewer.WinForms.dll.deploy
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:00:4c:a1:e8:4d:cc:b4:74:7b:3b:00:00:00:00:00:4c
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/11/2013, 22:11

Not After

11/02/2015, 22:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:00:ca:6c:d5:32:12:35:c4:e1:55:00:01:00:00:00:ca
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/04/2014, 17:39

Not After

22/07/2015, 17:39

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1a
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/09/2013, 17:41

Not After

24/12/2014, 17:41

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4d:5f:00:dc:75:00:55:2a:bc:ac:82:fc:89:88:a1:01:9e:d3:96:b0:7c:9b:a2:a0:95:cd:65:73:2a:2b:01:be
Signer

Actual PE Digest

4d:5f:00:dc:75:00:55:2a:bc:ac:82:fc:89:88:a1:01:9e:d3:96:b0:7c:9b:a2:a0:95:cd:65:73:2a:2b:01:be

Digest Algorithm

sha256

PE Digest Matches

true

50:1c:f9:14:cc:3c:e1:f6:0d:18:b3:41:ee:5b:cb:f4:69:7a:dd:62
Signer

Actual PE Digest

50:1c:f9:14:cc:3c:e1:f6:0d:18:b3:41:ee:5b:cb:f4:69:7a:dd:62

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Microsoft.ReportViewer.WinForms.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 524KB - Virtual size: 521KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MCASShip565Upgrade/MCAS_Client_565/Application Files/AniShipAcct_5_6_5_6/Microsoft.SqlServer.Types.dll.deploy
.dll windows:6 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:00:33:e5:27:86:a3:0e:4a:2a:80:00:00:00:00:00:33
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

27/03/2013, 20:08

Not After

27/06/2014, 20:08

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:00:b0:11:af:0a:8b:d0:3b:9f:dd:00:01:00:00:00:b0
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/01/2013, 22:33

Not After

24/04/2014, 22:33

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/07/2012, 00:14

Not After

07/10/2013, 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7d:68:1e:8a:cb:93:be:69:e0:9d:68:85:bd:af:f0:76:6d:52:75:be:fe:d3:4f:27:cc:ec:c5:11:f1:93:f5:c8
Signer

Actual PE Digest

7d:68:1e:8a:cb:93:be:69:e0:9d:68:85:bd:af:f0:76:6d:52:75:be:fe:d3:4f:27:cc:ec:c5:11:f1:93:f5:c8

Digest Algorithm

sha256

PE Digest Matches

true

38:b7:cb:ee:2a:d8:8f:38:01:0f:6c:55:7c:ac:09:19:69:32:c7:52
Signer

Actual PE Digest

38:b7:cb:ee:2a:d8:8f:38:01:0f:6c:55:7c:ac:09:19:69:32:c7:52

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Microsoft.SqlServer.Types.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 356KB - Virtual size: 356KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MCASShip565Upgrade/MCAS_Client_565/Application Files/AniShipAcct_5_6_5_6/SigPlusNET.dll.deploy
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Usr\Topaz\Src\SigLibSharp\SigPlusNET\obj\Release\SigPlusNET.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 225KB - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MCASShip565Upgrade/MCAS_Client_565/Application Files/AniShipAcct_5_6_5_6/main.ico.deploy
MCASShip565Upgrade/MCAS_Client_565/Install.htm
MCASShip565Upgrade/MCAS_Client_565/setup.exe
.exe windows:5 windows x86 arch:x86

bc6227cc297eafe8b983449b17c815c6

Code Sign

5c:d8:be:a4:07:40:0b:a5:4f:73:bc:d1:42:62:c1:8c
Certificate

Issuer

CN=ACERDS\\DS-ACER

Not Before

10/07/2023, 00:41

Not After

09/07/2024, 06:41

Subject

CN=ACERDS\\DS-ACER

d7:34:4f:f4:f1:a4:42:36:60:91:03:05:08:81:b6:b1:0e:b6:c9:27:51:98:01:0f:fd:fb:f3:73:12:ea:07:76
Signer

Actual PE Digest

d7:34:4f:f4:f1:a4:42:36:60:91:03:05:08:81:b6:b1:0e:b6:c9:27:51:98:01:0f:fd:fb:f3:73:12:ea:07:76

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

setup.pdb

Imports

kernel32

GetNativeSystemInfo
EndUpdateResourceW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
SetEvent
CreateEventW
LoadResource
LockResource
SizeofResource
FindResourceW
GetEnvironmentVariableW
ExpandEnvironmentStringsW
CreateDirectoryW
DeleteFileW
GetFileAttributesW
GetTempFileNameW
ReadFile
GetTempPathW
GetCurrentProcess
OpenProcess
GetSystemDirectoryW
GetWindowsDirectoryW
GetVersionExW
GetModuleFileNameW
GlobalAlloc
GlobalFree
LocalFree
FormatMessageW
CopyFileW
GetDateFormatW
GetTimeFormatW
CompareStringW
WideCharToMultiByte
GetVersion
GetModuleHandleW
RaiseException
InitializeCriticalSectionAndSpinCount
GetCurrentProcessId
Sleep
HeapSetInformation
SetFilePointer
GetDiskFreeSpaceExW
CreateFileW
DeleteCriticalSection
CreateThread
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
lstrlenW
SetEndOfFile
MulDiv
GetTickCount
GetExitCodeProcess
LoadLibraryW
GetSystemInfo
SwitchToThread
FindNextFileW
UpdateResourceA
BeginUpdateResourceA
FindResourceA
lstrlenA
DeleteFileA
CreateFileA
UpdateResourceW
BeginUpdateResourceW
GetEnvironmentVariableA
ReadConsoleW
WriteConsoleW
SetStdHandle
HeapReAlloc
LCMapStringW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
OutputDebugStringW
LoadLibraryExW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
HeapSize
GetOEMCP
GetACP
IsValidCodePage
IsDebuggerPresent
IsProcessorFeaturePresent
HeapAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
FindFirstFileW
FindClose
GetProcAddress
FreeLibrary
WaitForSingleObject
GetLastError
CloseHandle
WriteFile
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
LoadLibraryExA
GetCommandLineW
RtlUnwind
GetCPInfo
HeapFree
SetLastError
GetCurrentThreadId
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
GetProcessHeap
GetStdHandle
GetFileType

gdi32

GetStockObject
EnumFontFamiliesExW
DeleteObject
CreateFontIndirectW
GetObjectW
GetTextMetricsW
SelectObject
GetTextExtentPoint32W
GetDeviceCaps
DeleteDC
CreateCompatibleDC

ole32

CoUninitialize
CoInitialize

secur32

GetComputerObjectNameW

shell32

ShellExecuteExW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteW
ShellExecuteA

user32

SystemParametersInfoW
IsDialogMessageW
LoadImageW
LoadIconW
LoadCursorW
SetClassLongW
ScreenToClient
GetWindowRect
GetClientRect
SetWindowTextW
ShowScrollBar
SetForegroundWindow
EnableWindow
GetFocus
SetFocus
SendDlgItemMessageW
SetDlgItemTextW
GetDlgItem
CreateDialogIndirectParamW
CreateDialogParamW
MoveWindow
ShowWindow
DestroyWindow
SendMessageW
SendMessageA
PeekMessageW
DispatchMessageW
TranslateMessage
ExitWindowsEx
MessageBoxW
ReleaseDC
GetDC
DrawTextW
GetSystemMetrics
GetDialogBaseUnits
MessageBoxA
SetCursor
MsgWaitForMultipleObjects

crypt32

CertGetCertificateChain
CertFreeCertificateChain
CertVerifyCertificateChainPolicy

wininet

InternetCrackUrlW
InternetCombineUrlW

msi

ord8
ord78
ord150
ord92

Exports

Exports

_DecodePointerInternal@4
_EncodePointerInternal@4

Sections

.text
Size: 323KB - Virtual size: 323KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MCASShip565Upgrade/Ops_Guide/Ship Portage Bill and Master Cash System Operation Manual.pdf
.pdf

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 55KB - Virtual size: 55KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

5c:d8:be:a4:07:40:0b:a5:4f:73:bc:d1:42:62:c1:8cCertificate

3d:b7:70:16:bf:4c:e6:70:8d:8b:74:ef:3c:e6:ee:f8:54:d3:37:85:90:d2:32:62:f2:09:ae:56:34:76:ad:f8Signer

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 9.6MB - Virtual size: 9.6MB

.rsrc Size: 128KB - Virtual size: 127KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:00:59:d6:73:cd:51:8e:f0:22:c5:00:00:00:00:00:59Certificate

Extended Key Usages

33:00:00:00:ca:6c:d5:32:12:35:c4:e1:55:00:01:00:00:00:caCertificate

Extended Key Usages

61:33:26:1a:00:00:00:00:00:31Certificate

Key Usages

61:16:68:34:00:00:00:00:00:1cCertificate

Extended Key Usages

Key Usages

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1aCertificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

4c:96:54:44:5b:aa:12:bf:8a:b2:f1:25:86:91:95:8a:3b:a3:6a:30:5a:d0:1b:88:6c:f7:3b:a4:c3:df:23:bdSigner

07:e1:ed:98:ee:41:42:f7:d6:bb:63:66:1d:d1:69:5e:af:87:aa:02Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 8.3MB - Virtual size: 8.3MB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:00:5a:ed:2f:f4:e4:20:99:3f:3a:00:00:00:00:00:5aCertificate

Extended Key Usages

33:00:00:00:ca:6c:d5:32:12:35:c4:e1:55:00:01:00:00:00:caCertificate

Extended Key Usages

61:33:26:1a:00:00:00:00:00:31Certificate

Key Usages

61:16:68:34:00:00:00:00:00:1cCertificate

Extended Key Usages

Key Usages

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1aCertificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

ff:19:0c:5e:cc:97:2a:96:2c:13:25:82:a2:63:f2:e3:88:08:07:e8:16:fc:2d:83:f9:35:79:69:ad:27:11:90Signer

c0:94:c8:a7:d1:b5:92:29:d6:58:48:73:fa:23:33:11:82:c1:8c:74Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 5.1MB - Virtual size: 5.1MB

.text
Size: 55KB - Virtual size: 55KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 12B

5c:d8:be:a4:07:40:0b:a5:4f:73:bc:d1:42:62:c1:8c
Certificate

3d:b7:70:16:bf:4c:e6:70:8d:8b:74:ef:3c:e6:ee:f8:54:d3:37:85:90:d2:32:62:f2:09:ae:56:34:76:ad:f8
Signer

.text
Size: 9.6MB - Virtual size: 9.6MB

.rsrc
Size: 128KB - Virtual size: 127KB

.reloc
Size: 512B - Virtual size: 12B

33:00:00:00:59:d6:73:cd:51:8e:f0:22:c5:00:00:00:00:00:59
Certificate

33:00:00:00:ca:6c:d5:32:12:35:c4:e1:55:00:01:00:00:00:ca
Certificate

61:33:26:1a:00:00:00:00:00:31
Certificate

61:16:68:34:00:00:00:00:00:1c
Certificate

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1a
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

4c:96:54:44:5b:aa:12:bf:8a:b2:f1:25:86:91:95:8a:3b:a3:6a:30:5a:d0:1b:88:6c:f7:3b:a4:c3:df:23:bd
Signer

07:e1:ed:98:ee:41:42:f7:d6:bb:63:66:1d:d1:69:5e:af:87:aa:02
Signer

.text
Size: 8.3MB - Virtual size: 8.3MB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 12B

33:00:00:00:5a:ed:2f:f4:e4:20:99:3f:3a:00:00:00:00:00:5a
Certificate

33:00:00:00:ca:6c:d5:32:12:35:c4:e1:55:00:01:00:00:00:ca
Certificate

61:33:26:1a:00:00:00:00:00:31
Certificate

61:16:68:34:00:00:00:00:00:1c
Certificate

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1a
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

ff:19:0c:5e:cc:97:2a:96:2c:13:25:82:a2:63:f2:e3:88:08:07:e8:16:fc:2d:83:f9:35:79:69:ad:27:11:90
Signer

c0:94:c8:a7:d1:b5:92:29:d6:58:48:73:fa:23:33:11:82:c1:8c:74
Signer

.text
Size: 5.1MB - Virtual size: 5.1MB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 12B

33:00:00:00:59:d6:73:cd:51:8e:f0:22:c5:00:00:00:00:00:59
Certificate

33:00:00:00:ca:6c:d5:32:12:35:c4:e1:55:00:01:00:00:00:ca
Certificate

61:33:26:1a:00:00:00:00:00:31
Certificate

61:16:68:34:00:00:00:00:00:1c
Certificate

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1a
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

dc:f8:fd:df:7d:74:6c:74:ae:b4:eb:fc:f3:98:e3:06:35:27:6d:03:9f:a7:cd:3d:59:66:bc:c5:74:e4:7f:01
Signer

ef:23:ef:1d:27:10:0f:5e:10:dd:61:1d:b9:91:69:b4:dd:a3:63:4b
Signer

.text
Size: 96KB - Virtual size: 93KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 12B

33:00:00:00:4c:a1:e8:4d:cc:b4:74:7b:3b:00:00:00:00:00:4c
Certificate

33:00:00:00:ca:6c:d5:32:12:35:c4:e1:55:00:01:00:00:00:ca
Certificate

61:33:26:1a:00:00:00:00:00:31
Certificate

61:16:68:34:00:00:00:00:00:1c
Certificate

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1a
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

4d:5f:00:dc:75:00:55:2a:bc:ac:82:fc:89:88:a1:01:9e:d3:96:b0:7c:9b:a2:a0:95:cd:65:73:2a:2b:01:be
Signer

50:1c:f9:14:cc:3c:e1:f6:0d:18:b3:41:ee:5b:cb:f4:69:7a:dd:62
Signer

.text
Size: 524KB - Virtual size: 521KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 12B

33:00:00:00:33:e5:27:86:a3:0e:4a:2a:80:00:00:00:00:00:33
Certificate

33:00:00:00:b0:11:af:0a:8b:d0:3b:9f:dd:00:01:00:00:00:b0
Certificate

61:33:26:1a:00:00:00:00:00:31
Certificate

61:16:68:34:00:00:00:00:00:1c
Certificate

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate