534aa0ec82f71710bd6c24391800e270_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

534aa0ec82f71710bd6c24391800e270_NeikiAnalytics
Size

8.8MB
MD5

534aa0ec82f71710bd6c24391800e270
SHA1

476f88cd0cf18d7d787460a7ac7ff498e46420f6
SHA256

77d0495866bce7947264107d34579a2f2ad530dcda4b45dab37297475752b5bd
SHA512

2a940364eec3e3ca309b65bcce9eb314325aaf707fd465e6ae107125b21da67452d3275e3f6e6c6ab5e135306b49f0a72fdbf1819f2d7637ed372284d750b758
SSDEEP

98304:3GrxPmyympo7g7sJeVsxjoHjKrChcsAregZF7P8ogFfGnlZoHMw5+HQuh2kRbdj8:3GrxNC7bJs/HMntQ/X

Score

1^/10

Malware Config

Signatures

Files

534aa0ec82f71710bd6c24391800e270_NeikiAnalytics
.dll windows:6 windows x64 arch:x64

37395597a453e1dc4ebf5ee2d957165b

Code Sign

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4c:fc:1a:5e:14:00:45:3f:59:a4:26:ca:71:f0:aa:6f
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

14/05/2015, 00:00

Not After

07/05/2017, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Photoshop\, Bridge,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

12/01/2016, 00:00

Not After

11/04/2027, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G1,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

23:46:c2:9c:d7:ea:2f:0e:48:fc:f5:43:77:9b:e1:f1:a1:b8:ea:5f
Signer

Actual PE Digest

23:46:c2:9c:d7:ea:2f:0e:48:fc:f5:43:77:9b:e1:f1:a1:b8:ea:5f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\PS18\PS_18.1_Win_x64_Daily_Retail\20170309.r.207\photoshop\main\plugins\acquireexport\s4w\target\win_vc\release64\Save for Web.pdb

Imports

bib

ord5
ord4
ord11

adobexmp

ord2
ord3
ord4
ord5
ord6
ord20
ord24
ord29
ord33
ord37
ord40
ord41
ord44
ord49
ord56
ord60
ord61
ord69
ord77
ord90
ord94
ord96
ord66
ord65
ord62

kernel32

QueryPerformanceCounter
GlobalAlloc
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
FormatMessageW
FormatMessageA
EnumResourceNamesA
SizeofResource
LockResource
FreeResource
GetUserDefaultUILanguage
GlobalLock
GlobalHandle
GlobalUnlock
GlobalMemoryStatus
GetTickCount
QueryPerformanceFrequency
GetCurrentProcessId
GetSystemTimeAsFileTime
GetSystemInfo
GetComputerNameA
GetLocalTime
FileTimeToSystemTime
SystemTimeToFileTime
CompareStringA
GetModuleFileNameA
VerSetConditionMask
VerifyVersionInfoW
GetLocaleInfoA
GetLastError
CompareStringW
GetCurrentThreadId
DeleteFileA
MultiByteToWideChar
DeleteFileW
GetFileAttributesA
WideCharToMultiByte
GetCommandLineW
GetFileAttributesW
lstrcpyW
GetFileAttributesExA
lstrlenW
OutputDebugStringA
GetFileAttributesExW
SetLastError
RemoveDirectoryA
FreeLibrary
GetModuleFileNameW
GetModuleHandleExW
RemoveDirectoryW
CreateFileA
GetProcAddress
LoadLibraryA
LoadLibraryW
CreateActCtxW
ActivateActCtx
DeactivateActCtx
FindActCtxSectionStringW
QueryActCtxW
CreateFileW
CloseHandle
CreateDirectoryA
CreateDirectoryW
FindClose
FindFirstFileW
FindNextFileW
GetCurrentDirectoryA
GetCurrentDirectoryW
GetLogicalDrives
GetTempPathW
GetSystemDirectoryA
GetSystemDirectoryW
GetWindowsDirectoryA
GetWindowsDirectoryW
GetTempPathA
IsDBCSLeadByte
GetProcessHeap
GetCurrentProcess
GetModuleHandleW
FlushFileBuffers
GetFileSize
ReadFile
SetEndOfFile
SetFilePointer
WriteFile
LoadResource
FindResourceA
FindResourceW
Sleep
GetLocaleInfoW
GetDiskFreeSpaceA
GetDiskFreeSpaceW
GlobalFree
GetDriveTypeA
GetDriveTypeW
GetVolumeInformationW
SetErrorMode
GetVolumeInformationA
GetACP
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
HeapSize
HeapFree
HeapReAlloc
HeapAlloc

user32

RegisterClassW
CopyImage
DrawFrameControl
RemovePropW
GetPropW
SetPropW
SetScrollPos
GetWindowRgnBox
SetWindowRgn
MapVirtualKeyW
GetMonitorInfoW
MonitorFromPoint
GetScrollInfo
SetScrollInfo
WindowFromPoint
ScreenToClient
ClientToScreen
InvalidateRect
GetDCEx
TrackPopupMenuEx
CreateWindowExW
GetIconInfo
LoadIconW
GetDC
GetAsyncKeyState
MessageBeep
IsClipboardFormatAvailable
GetDoubleClickTime
DestroyIcon
GetWindowRgn
DrawIconEx
BringWindowToTop
UnregisterClassW
DrawFocusRect
SendMessageA
GetKeyState
KillTimer
SetTimer
FillRect
ScrollDC
DrawTextW
ReleaseCapture
SetCapture
InsertMenuItemA
RemoveMenu
CreateMenu
InsertMenuItemW
GetSysColor
SetMenuItemInfoW
SetMenuItemInfoA
GetMenuItemInfoW
DestroyMenu
IsWindowEnabled
SendMessageW
CallWindowProcW
MoveWindow
SetWindowPos
GetDlgItem
EnableWindow
SetWindowTextW
GetWindowTextW
GetClientRect
GetWindowRect
GetWindowLongPtrW
SetWindowLongPtrW
GetParent
GetCaretBlinkTime
SetCursor
DestroyCursor
CreateIconIndirect
GetUpdateRgn
CharUpperBuffA
CharUpperBuffW
CharLowerBuffA
CharLowerBuffW
SetFocus
GetActiveWindow
GetFocus
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
ShowWindow
IsIconic
TranslateAcceleratorW
GetForegroundWindow
SetForegroundWindow
TranslateMDISysAccel
IsWindowVisible
CharUpperA
EnumChildWindows
EnumWindows
GetClassNameA
GetWindowThreadProcessId
GetDesktopWindow
SetActiveWindow
EnumDisplayMonitors
MessageBoxA
MessageBoxW
GetMessageTime
DefWindowProcW
DestroyWindow
GetWindowPlacement
IsZoomed
GetSystemMetrics
SetMenu
DrawMenuBar
GetSystemMenu
DeleteMenu
UpdateWindow
ReleaseDC
BeginPaint
EndPaint
InvalidateRgn
ValidateRgn
RedrawWindow
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
GetWindowTextLengthW
SetCursorPos
GetCursorPos
MapWindowPoints
EnumThreadWindows
DefFrameProcW
DefMDIChildProcW
SystemParametersInfoW
CreatePopupMenu

advapi32

RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegCreateKeyExW
RegCloseKey

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
DragAcceptFiles
ShellExecuteW
ExtractIconExW

gdiplus

GdipFillPath
GdipFillRectangleI
GdipDrawPath
GdipSetPageUnit
GdipSetSmoothingMode
GdipSetCompositingQuality
GdipDeleteGraphics
GdipCreateFromHDC
GdipFlush
GdipSetPenMode
GdipSetPenLineJoin
GdipSetPenLineCap197819
GdipDeletePen
GdipCreatePen1
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipAddPathEllipseI
GdipAddPathLineI
GdipAddPathEllipse
GdipAddPathBezier
GdipAddPathLine
GdipClosePathFigure
GdipSetPathFillMode
GdipResetPath
GdipDeletePath
GdipCreatePath
GdipFree
GdipAlloc

msvcp140

??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAF@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@F@Z
?id@?$numpunct@D@std@@2V0locale@2@A
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAG@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?id@?$numpunct@_W@std@@2V0locale@2@A
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?classic@locale@std@@SAAEBV12@XZ
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
??Bid@locale@std@@QEAA_KXZ
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
_Mbrtowc
_Getcvt
?_BADOFF@std@@3_JB
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Index@ios_base@std@@0HA
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?uncaught_exception@std@@YA_NXZ
?_Xout_of_range@std@@YAXPEBD@Z
?id@?$ctype@D@std@@2V0locale@2@A
?_Xlength_error@std@@YAXPEBD@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Xbad_alloc@std@@YAXXZ

vcruntime140

_purecall
__std_terminate
memmove
_CxxThrowException
__CxxFrameHandler3
memcpy
memchr
__RTDynamicCast
memcmp
__std_exception_copy
__std_exception_destroy
memset
longjmp
wcschr
__C_specific_handler
wcsstr
__vcrt_InitializeCriticalSectionEx
__std_type_info_destroy_list

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
_set_new_handler
_initterm_e
_initterm
terminate
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_getpid
exit

api-ms-win-crt-string-l1-1-0

strncmp
strncpy
isalnum
wcsncpy
isspace
isdigit
islower
isupper
strspn
toupper
isalpha

api-ms-win-crt-math-l1-1-0

exp
fmin
log
acos
fmax
tan
frexp
sin
cos
atan2
pow
sqrtf
fmod
powf
ceil
sqrt
floor
logf

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
__stdio_common_vsscanf
__acrt_iob_func
__stdio_common_vsprintf
__stdio_common_vsnprintf_s

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh
calloc
realloc

api-ms-win-crt-utility-l1-1-0

qsort
rand
srand

api-ms-win-crt-convert-l1-1-0

atol
_ultoa_s
_ltow
wcstod
strtod

api-ms-win-crt-locale-l1-1-0

localeconv

api-ms-win-crt-time-l1-1-0

_time64
_localtime64
_gmtime64

msimg32

AlphaBlend
TransparentBlt

gdi32

PaintRgn
Rectangle
RoundRect
SelectClipRgn
SetBkMode
StretchBlt
SetStretchBltMode
SetTextAlign
GetTextMetricsW
BeginPath
EndPath
FillPath
WidenPath
GetObjectW
MoveToEx
TextOutW
RestoreDC
SaveDC
CombineRgn
CreateRectRgn
GetClipRgn
GetRegionData
CreateBrushIndirect
ExtCreatePen
CreateFontIndirectA
CreateFontIndirectW
GetObjectA
CreateSolidBrush
CreatePen
CreatePatternBrush
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
LineTo
GetViewportExtEx
GetWindowOrgEx
SetGraphicsMode
GetWorldTransform
SetTextColor
SetWorldTransform
SetWindowOrgEx
SetBrushOrgEx
CreateICW
CreateDCW
GetROP2
GetBkColor
GetBkMode
GetBrushOrgEx
GetCurrentObject
GetTextColor
CreatePalette
RealizePalette
DeleteDC
SelectObject
GetStockObject
GetDeviceCaps
DeleteObject
SelectPalette
CreateDIBSection
SetBkColor
SetROP2
GetTextExtentPoint32W
FrameRgn
GetGraphicsMode
Ellipse

ole32

CoCreateInstance
RegisterDragDrop
RevokeDragDrop

Exports

Exports

EntryEX

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 236KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

37395597a453e1dc4ebf5ee2d957165b

Code Sign

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49Certificate

Extended Key Usages

Key Usages

4c:fc:1a:5e:14:00:45:3f:59:a4:26:ca:71:f0:aa:6fCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13Certificate

Extended Key Usages

Key Usages

23:46:c2:9c:d7:ea:2f:0e:48:fc:f5:43:77:9b:e1:f1:a1:b8:ea:5fSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

bib

adobexmp

kernel32

user32

advapi32

shell32

gdiplus

msvcp140

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-time-l1-1-0

msimg32

gdi32

ole32

Exports

Exports

Sections

.text Size: 4.0MB - Virtual size: 4.0MB

.rdata Size: 1.6MB - Virtual size: 1.6MB

.data Size: 103KB - Virtual size: 232KB

.pdata Size: 236KB - Virtual size: 236KB

.gfids Size: 512B - Virtual size: 44B

.tls Size: 512B - Virtual size: 9B

_RDATA Size: 3KB - Virtual size: 3KB

.rsrc Size: 2.8MB - Virtual size: 2.8MB

.reloc Size: 109KB - Virtual size: 109KB

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

4c:fc:1a:5e:14:00:45:3f:59:a4:26:ca:71:f0:aa:6f
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13
Certificate

23:46:c2:9c:d7:ea:2f:0e:48:fc:f5:43:77:9b:e1:f1:a1:b8:ea:5f
Signer

.text
Size: 4.0MB - Virtual size: 4.0MB

.rdata
Size: 1.6MB - Virtual size: 1.6MB

.data
Size: 103KB - Virtual size: 232KB

.pdata
Size: 236KB - Virtual size: 236KB

.gfids
Size: 512B - Virtual size: 44B

.tls
Size: 512B - Virtual size: 9B

_RDATA
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 2.8MB - Virtual size: 2.8MB

.reloc
Size: 109KB - Virtual size: 109KB