2024-05-11_ad23723e0694f7ed58f0dcb22f2c191b_avoslocker_revil

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-11_ad23723e0694f7ed58f0dcb22f2c191b_avoslocker_revil
Size

4.1MB
MD5

ad23723e0694f7ed58f0dcb22f2c191b
SHA1

ddc3e5c898453b3cb70122757ca7bbce975e5ec1
SHA256

b0b7ffb685d639cd17e5e5af0a972ed4ba180ad0f2a027038f7cc124e87f4188
SHA512

0b2aa0c616666f9f1067ad2b29d27262b806be92fe6e5df5eb4355dada161909995293e3dbb280807fd60023357b600dad8768f3df42cde1c3a0e13c534259fc
SSDEEP

98304:lovTo/afOVG+IMfmtkWgJWvJ0pm2UUxdkbhblfQwjqaGb1IzNlOO:iTo/afOVG+IMfmtkWgJWvJ0pm2UUHi4c

Score

1^/10

Malware Config

Signatures

Files

2024-05-11_ad23723e0694f7ed58f0dcb22f2c191b_avoslocker_revil
.exe windows:6 windows x86 arch:x86

ccd1fa1ce52da9524c49121cbe9199e0

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

22:97:b8:88:9b:ff:ed:16:c1:1e:60:38
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

27/07/2022, 06:56

Not After

30/08/2024, 13:54

Subject

SERIALNUMBER=U40100TN2010PTC075961,CN=ZOHO CORPORATION PRIVATE LIMITED,O=ZOHO CORPORATION PRIVATE LIMITED,L=Chennai,ST=Tamil Nadu,C=IN,1.2.840.113549.1.9.1=#0c1470726162687570407a6f686f636f72702e636f6d,1.3.6.1.4.1.311.60.2.1.2=#130a54616d696c204e616475,1.3.6.1.4.1.311.60.2.1.3=#1302494e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

5f:f2:d7:df:bd:80:b9:73:90:87:01:ae:72:b9:6e:14:4a:ce:44:1c
Signer

Actual PE Digest

5f:f2:d7:df:bd:80:b9:73:90:87:01:ae:72:b9:6e:14:4a:ce:44:1c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\File_Transfer\07-May-24\mycomputeractivex\8292488\mycomp\DesktopCentral\ZohoMeetingApp\ZAAudio\ZAAudioClient\bin\Win32\Release\ZAAudioClient.pdb

Imports

ws2_32

getsockname
getpeername
bind
accept
ntohs
WSACleanup
WSAStartup
sendto
setsockopt
shutdown
WSARecv
WSARecvFrom
WSASend
listen
ntohl
getaddrinfo
ioctlsocket
htons
connect
socket
inet_addr
closesocket
freeaddrinfo
recv
WSAIoctl
WSASetLastError
recvfrom
getsockopt
WSASendTo
send
WSAGetLastError

crypt32

CertOpenStore
CertFreeCertificateChain
CertCloseStore
CertGetNameStringA
CertEnumCertificatesInStore
CertOpenSystemStoreW
CertFreeCertificateContext
CertGetCertificateChain
CertCreateCertificateContext
CertGetCertificateContextProperty
CertVerifyCertificateChainPolicy
CertFindCertificateInStore
CertDuplicateCertificateContext

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

GlobalAlloc
GlobalFree
CloseHandle
GetCurrentProcessId
CreateMutexW
ProcessIdToSessionId
FormatMessageW
LocalFree
TryEnterCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
WaitForMultipleObjects
CreateEventW
SetEvent
CreateEventExW
WaitForSingleObject
CreateThread
ResetEvent
GetVersionExW
Sleep
GetCommandLineW
InitializeCriticalSection
MoveFileW
InterlockedDecrement
GetExitCodeThread
FormatMessageA
LocalAlloc
CancelSynchronousIo
OpenEventW
ReadFile
WriteFile
FlushFileBuffers
CreateFileW
GetModuleFileNameW
GetCurrentProcess
WideCharToMultiByte
DeleteCriticalSection
MultiByteToWideChar
GetCurrentThreadId
GetProcessHeap
HeapDestroy
DecodePointer
HeapAlloc
FindResourceW
LoadResource
FindResourceExW
RaiseException
HeapReAlloc
LockResource
GetLastError
HeapSize
InitializeCriticalSectionEx
HeapFree
SizeofResource
GetDriveTypeW
ReadConsoleA
SetConsoleMode
LoadLibraryA
ConvertThreadToFiber
ConvertFiberToThread
GetFileInformationByHandle
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
CreateFiber
DeleteFiber
SwitchToFiber
SystemTimeToFileTime
GetSystemTime
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
SetConsoleCtrlHandler
SetStdHandle
ReadConsoleW
GetFileSizeEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
ExitThread
GetCommandLineA
ExitProcess
WriteConsoleW
GetFileType
GetConsoleMode
GetConsoleCP
FileTimeToSystemTime
GetFullPathNameW
GetStringTypeW
WaitForSingleObjectEx
GetModuleHandleW
GetProcAddress
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
VirtualQuery
QueryPerformanceFrequency
EncodePointer
QueueUserWorkItem
GetModuleHandleExW
DuplicateHandle
SwitchToThread
GetCurrentThread
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetTickCount
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
CreateTimerQueue
SignalObjectAndWait
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibrary
FreeLibraryAndExitThread
GetModuleHandleA
LoadLibraryExW
VirtualAlloc
VirtualProtect
VirtualFree
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
LoadLibraryW
GetTimeZoneInformation
GetEnvironmentVariableW
SetEnvironmentVariableW
GetComputerNameW
GetCurrentDirectoryW
GetLongPathNameW
GetSystemDirectoryW
SetFilePointer
GetStdHandle
DeleteFileW
GetFileAttributesW
GetFileAttributesExW
RemoveDirectoryW
SetEndOfFile
MoveFileExW
FindClose
FindFirstFileW
FindNextFileW
ReleaseMutex
GetHandleInformation
CreateIoCompletionPort
GetQueuedCompletionStatusEx
InitializeSRWLock
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
InitOnceExecuteOnce
GetTickCount64
SetFileCompletionNotificationModes
RtlUnwind
SetFilePointerEx

user32

MessageBoxW
GetUserObjectInformationW
GetProcessWindowStation

advapi32

RegisterEventSourceW
CryptGenRandom
CryptSignHashW
CryptDestroyHash
GetTokenInformation
ConvertSidToStringSidW
FreeSid
OpenProcessToken
CreateWellKnownSid
InitializeSecurityDescriptor
AllocateAndInitializeSid
SetSecurityDescriptorDacl
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
DeregisterEventSource
CryptEnumProvidersW
ReportEventW
CryptAcquireContextW
CryptReleaseContext

shell32

SHGetKnownFolderPath
CommandLineToArgvW

ole32

PropVariantClear
CoTaskMemFree
CoInitializeEx
CoTaskMemAlloc
CoCreateInstance
CoUninitialize

shlwapi

PathFileExistsW
PathRemoveFileSpecW

avrt

AvSetMmThreadCharacteristicsW
AvRevertMmThreadCharacteristics

bcrypt

BCryptGenRandom

Exports

Exports

??0ClientConnection@Connection@@QAE@$$QAV01@@Z
??0ClientConnection@Connection@@QAE@ABV01@@Z
??0ClientConnection@Connection@@QAE@XZ
??0HttpClient@0HttpHandler@@QAE@$$QAV001@@Z
??0HttpClient@0HttpHandler@@QAE@ABV001@@Z
??0HttpClient@0HttpHandler@@QAE@XZ
??0dcSocket@ClientSocket@SocketUtils@@QAE@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N1@Z
??0dcSocket@ClientSocket@SocketUtils@@QAE@XZ
??0dcWebSocket@ClientSocket@SocketUtils@@QAE@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H_N001@Z
??0dcWebSocket@ClientSocket@SocketUtils@@QAE@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H_N0@Z
??0dcWebSocket@ClientSocket@SocketUtils@@QAE@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H_N0H000@Z
??0dcWebSocket@ClientSocket@SocketUtils@@QAE@XZ
??0socketWrapper@ClientSocket@SocketUtils@@QAE@ABV012@@Z
??0socketWrapper@ClientSocket@SocketUtils@@QAE@XZ
??1ClientConnection@Connection@@QAE@XZ
??1HttpClient@0HttpHandler@@QAE@XZ
??1dcSocket@ClientSocket@SocketUtils@@UAE@XZ
??1dcWebSocket@ClientSocket@SocketUtils@@UAE@XZ
??1socketWrapper@ClientSocket@SocketUtils@@UAE@XZ
??4ClientConnection@Connection@@QAEAAV01@$$QAV01@@Z
??4ClientConnection@Connection@@QAEAAV01@ABV01@@Z
??4HttpClient@0HttpHandler@@QAEAAV001@$$QAV001@@Z
??4HttpClient@0HttpHandler@@QAEAAV001@ABV001@@Z
??4socketWrapper@ClientSocket@SocketUtils@@QAEAAV012@ABV012@@Z
??_7ClientConnection@Connection@@6B@
??_7HttpClient@0HttpHandler@@6B@
??_7dcSocket@ClientSocket@SocketUtils@@6BClientConnection@Connection@@@
??_7dcSocket@ClientSocket@SocketUtils@@6BIReferenceCounter@@@
??_7dcWebSocket@ClientSocket@SocketUtils@@6B@
??_7dcWebSocket@ClientSocket@SocketUtils@@6BClientConnection@Connection@@@
??_7dcWebSocket@ClientSocket@SocketUtils@@6BIReferenceCounter@@@
??_7socketWrapper@ClientSocket@SocketUtils@@6BClientConnection@Connection@@@
??_7socketWrapper@ClientSocket@SocketUtils@@6BIReferenceCounter@@@
?DestroySocket@dcSocket@ClientSocket@SocketUtils@@UAEXXZ
?InitSDPOffer@dcWebSocket@ClientSocket@SocketUtils@@UAE_NXZ
?checkSenderThreadStatus@dcSocket@ClientSocket@SocketUtils@@MAE_NXZ
?cleanup@dcWebSocket@ClientSocket@SocketUtils@@UAEXXZ
?close@dcWebSocket@ClientSocket@SocketUtils@@UAEXXZ
?connect@dcWebSocket@ClientSocket@SocketUtils@@UAE_NXZ
?connectViaProxy@dcWebSocket@ClientSocket@SocketUtils@@UAE_NXZ
?getConnectedInterfaceID@socketWrapper@ClientSocket@SocketUtils@@UAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getIsCertValidationNeeded@socketWrapper@ClientSocket@SocketUtils@@UAE_NXZ
?getIsSystemMode@socketWrapper@ClientSocket@SocketUtils@@UAE_NXZ
?getLastError@socketWrapper@ClientSocket@SocketUtils@@UAEHXZ
?getLastErrorMsg@socketWrapper@ClientSocket@SocketUtils@@UAEAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getProxyHostName@socketWrapper@ClientSocket@SocketUtils@@UAEAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getProxyPassword@socketWrapper@ClientSocket@SocketUtils@@UAEAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getProxyPort@socketWrapper@ClientSocket@SocketUtils@@UAEHXZ
?getProxyUserName@socketWrapper@ClientSocket@SocketUtils@@UAEAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getServerHostName@socketWrapper@ClientSocket@SocketUtils@@UAEAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getServerPort@socketWrapper@ClientSocket@SocketUtils@@UAEHXZ
?initSocketConfigurations@dcWebSocket@ClientSocket@SocketUtils@@AAE_NXZ
?initialize@dcWebSocket@ClientSocket@SocketUtils@@UAEXXZ
?isProxyEnabled@socketWrapper@ClientSocket@SocketUtils@@UAE_NXZ
?isSecureMode@socketWrapper@ClientSocket@SocketUtils@@UAE_NXZ
?isSocketLive@dcWebSocket@ClientSocket@SocketUtils@@UAE_NXZ
?receiveBytes@dcWebSocket@ClientSocket@SocketUtils@@UAEHPAEH@Z
?receiveString@dcWebSocket@ClientSocket@SocketUtils@@UAEHPADH@Z
?sendBytes@dcWebSocket@ClientSocket@SocketUtils@@UAEHPAEH@Z
?sendBytesAsync@dcSocket@ClientSocket@SocketUtils@@UAE_NPAEH@Z
?sendFrameAsync@dcSocket@ClientSocket@SocketUtils@@UAEXAAV?$SmartPtr@VDataFrame@@@@@Z
?sendString@dcWebSocket@ClientSocket@SocketUtils@@UAEHPAD@Z
?sendString@dcWebSocket@ClientSocket@SocketUtils@@UAEHPADH@Z
?sendStringAsync@dcSocket@ClientSocket@SocketUtils@@UAE_NPAD@Z
?sendStringAsync@dcSocket@ClientSocket@SocketUtils@@UAE_NPADH@Z
?sendVectorAsync@dcSocket@ClientSocket@SocketUtils@@UAEXAAV?$vector@DV?$allocator@D@std@@@std@@@Z
?setCandidate@dcWebSocket@ClientSocket@SocketUtils@@UAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setCandidateReceiver@dcWebSocket@ClientSocket@SocketUtils@@UAE_NP6A_NPAD@Z@Z
?setConnectionDetails@socketWrapper@ClientSocket@SocketUtils@@UAEXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H_N0H00_J@Z
?setConnectionDetails@socketWrapper@ClientSocket@SocketUtils@@UAEXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H_N@Z
?setConnectionMode@socketWrapper@ClientSocket@SocketUtils@@UAEX_N@Z
?setDataChannelStateReceiver@dcWebSocket@ClientSocket@SocketUtils@@UAE_NP6A_NPAD@Z@Z
?setErrorReceiver@dcWebSocket@ClientSocket@SocketUtils@@UAE_NP6A_NHPBD@Z@Z
?setIsCertValidationNeeded@socketWrapper@ClientSocket@SocketUtils@@UAEX_N@Z
?setIsSystemMode@socketWrapper@ClientSocket@SocketUtils@@UAEX_N@Z
?setLastError@dcSocket@ClientSocket@SocketUtils@@MAEXH@Z
?setLastError@dcSocket@ClientSocket@SocketUtils@@MAEXHAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setLastError@socketWrapper@ClientSocket@SocketUtils@@MAEXH@Z
?setLastError@socketWrapper@ClientSocket@SocketUtils@@MAEXHAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setLastWinErrorCode@socketWrapper@ClientSocket@SocketUtils@@MAEXH@Z
?setLoggerConfigurations@dcSocket@ClientSocket@SocketUtils@@UAEXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N@Z
?setPocoObjectReferences@dcWebSocket@ClientSocket@SocketUtils@@AAEXXZ
?setProxyDetails@socketWrapper@ClientSocket@SocketUtils@@UAEXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H00@Z
?setProxyHostName@socketWrapper@ClientSocket@SocketUtils@@UAEXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setProxyPassword@socketWrapper@ClientSocket@SocketUtils@@UAEXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setProxyPort@socketWrapper@ClientSocket@SocketUtils@@UAEXH@Z
?setProxySwitch@socketWrapper@ClientSocket@SocketUtils@@UAEX_N@Z
?setProxyUserName@socketWrapper@ClientSocket@SocketUtils@@UAEXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setSDPHandShakeMessage@dcWebSocket@ClientSocket@SocketUtils@@UAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setSDPReceiver@dcWebSocket@ClientSocket@SocketUtils@@UAE_NP6A_NPAD@Z@Z
?setServerEndpoint@dcSocket@ClientSocket@SocketUtils@@UAEXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setServerHostName@socketWrapper@ClientSocket@SocketUtils@@UAEXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setServerPort@socketWrapper@ClientSocket@SocketUtils@@UAEXH@Z
?setTurnInfo@dcWebSocket@ClientSocket@SocketUtils@@UAEXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@00@Z
?shutDownSocket@dcWebSocket@ClientSocket@SocketUtils@@UAEXXZ

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 943KB - Virtual size: 943KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccd1fa1ce52da9524c49121cbe9199e0

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

22:97:b8:88:9b:ff:ed:16:c1:1e:60:38Certificate

Extended Key Usages

Key Usages

5f:f2:d7:df:bd:80:b9:73:90:87:01:ae:72:b9:6e:14:4a:ce:44:1cSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

crypt32

version

kernel32

user32

advapi32

shell32

ole32

shlwapi

avrt

bcrypt

Exports

Exports

Sections

.text Size: 2.9MB - Virtual size: 2.9MB

.rdata Size: 943KB - Virtual size: 943KB

.data Size: 54KB - Virtual size: 75KB

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 148KB - Virtual size: 148KB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

22:97:b8:88:9b:ff:ed:16:c1:1e:60:38
Certificate

5f:f2:d7:df:bd:80:b9:73:90:87:01:ae:72:b9:6e:14:4a:ce:44:1c
Signer

.text
Size: 2.9MB - Virtual size: 2.9MB

.rdata
Size: 943KB - Virtual size: 943KB

.data
Size: 54KB - Virtual size: 75KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 148KB - Virtual size: 148KB