48e12f6287aa9295a0a719c0d27f0112_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

48e12f6287aa9295a0a719c0d27f0112_JaffaCakes118
Size

5.0MB
MD5

48e12f6287aa9295a0a719c0d27f0112
SHA1

e04701259c63cb7bd7e1b5a430639be8eeb3c2a2
SHA256

33a68f1eb80ff5e2ca413c81ea4c39ebe87c7ad33076a23b73d064705291707b
SHA512

0b007638fd097fbff9c401ef642e581551a75f561ae02973e9a0ff00b50ce01f62d16067ab41adcf6837166a085446de9ff20f1cbb03977a209e53f67acabade
SSDEEP

98304:s34Z6KAsQAYg9/pJ2ydPqHyO1mXruDgpEhzsVSjg:sIZGAY2p2Dlcl

Score

1^/10

Malware Config

Signatures

Files

48e12f6287aa9295a0a719c0d27f0112_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4c27906f59631d68260552132e5f089e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

50:28:4b:e9:ab:1a:22:9c:8f:2c:9f:dd:7b:7e:4a:e4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

13/03/2016, 00:00

Not After

26/08/2017, 23:59

Subject

CN=Qingdao Ruanmei Network Technology Co.\,Ltd.,OU=IT,O=Qingdao Ruanmei Network Technology Co.\,Ltd.,L=Qingdao,ST=Shandong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5a:de:81:b0:3a:cc:dd:91:fa:96:e7:89:18:ad:f6:e7
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

05/01/2016, 00:00

Not After

23/08/2017, 23:59

Subject

CN=Qingdao Ruanmei Network Technology Co.\,Ltd.,OU=IT,O=Qingdao Ruanmei Network Technology Co.\,Ltd.,L=Qingdao,ST=Shandong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5f:d6:93:fa:b0:98:e3:f4:67:7b:b8:cb:67:2c:22:9e
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

11/06/2015, 00:00

Not After

29/12/2020, 23:59

Subject

CN=GeoTrust 2048-bit Timestamping Signer 1,O=GeoTrust Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

01/01/1997, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0f:61:22:03:c7:77:ac:94:6e:ed:b0:2a:be:44:5a:89:29:5e:7c:e5:66:e6:a8:3a:4d:f6:0c:ec:8c:ca:5b:54
Signer

Actual PE Digest

0f:61:22:03:c7:77:ac:94:6e:ed:b0:2a:be:44:5a:89:29:5e:7c:e5:66:e6:a8:3a:4d:f6:0c:ec:8c:ca:5b:54

Digest Algorithm

sha256

PE Digest Matches

true

f5:6d:f1:12:06:6a:98:bd:ca:d9:da:90:61:d2:97:2d:6a:06:00:91
Signer

Actual PE Digest

f5:6d:f1:12:06:6a:98:bd:ca:d9:da:90:61:d2:97:2d:6a:06:00:91

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\RuanMei\PCMaster\bin\Release\pcmaster.pdb

Imports

urlmon

URLDownloadToFileW

kernel32

CreateThread
WaitForSingleObject
GetTickCount
lstrcmpiW
lstrcpyW
GetSystemDirectoryW
GetWindowsDirectoryW
GetVersionExW
LoadLibraryExA
LoadLibraryExW
BeginUpdateResourceA
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
GetSystemTimeAsFileTime
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
FileTimeToSystemTime
QueryPerformanceCounter
QueryPerformanceFrequency
InterlockedDecrement
InterlockedIncrement
GlobalMemoryStatusEx
VirtualAllocEx
VirtualFreeEx
GetLongPathNameW
GetProcessTimes
SetProcessWorkingSetSize
OpenProcess
TerminateProcess
SetUnhandledExceptionFilter
CreateRemoteThread
TerminateThread
GetExitCodeThread
SetLastError
GetOverlappedResult
ReadProcessMemory
WriteProcessMemory
SetEvent
GetFileSizeEx
SetEndOfFile
FindClose
GetFileTime
WinExec
MulDiv
GetSystemTime
GetLocalTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
CreatePipe
MapViewOfFile
UnmapViewOfFile
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcpynW
lstrcpyA
CreateMutexW
CreateEventW
OpenEventW
CreateFileMappingW
OpenFileMappingW
CreateProcessW
GetStartupInfoW
GetCommandLineW
ExpandEnvironmentStringsW
OutputDebugStringA
OutputDebugStringW
WritePrivateProfileStringW
GetTempPathW
GetTempFileNameW
SetCurrentDirectoryW
GetDiskFreeSpaceExW
CreateDirectoryW
RemoveDirectoryW
GetFullPathNameW
QueryDosDeviceA
CreateFileA
SetFileAttributesW
GetFileAttributesW
DeleteFileA
DeleteFileW
FindFirstFileW
FindNextFileW
CopyFileW
MoveFileA
MoveFileW
MoveFileExW
WaitNamedPipeW
GetVolumeInformationW
CancelIo
ReadDirectoryChangesW
IsBadCodePtr
GetComputerNameW
GetSystemPowerStatus
GlobalFree
FindNextVolumeA
GetVolumePathNamesForVolumeNameA
WTSGetActiveConsoleSessionId
IsWow64Process
GetLocaleInfoW
GetNumberFormatW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
Module32FirstW
Module32NextW
LocalFree
LocalAlloc
SetFilePointer
ReadFile
WriteFile
GetFileSize
FreeResource
IsBadReadPtr
SetDllDirectoryW
LoadLibraryW
GetModuleHandleW
GetSystemInfo
Sleep
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ResumeThread
SuspendThread
GetThreadContext
GetThreadPriority
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
IsProcessorFeaturePresent
VirtualFree
FormatMessageW
GetCPInfo
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CompareStringW
SetThreadPriority
OpenThread
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
LCMapStringW
GetStringTypeW
UnhandledExceptionFilter
ResetEvent
VirtualQuery
VirtualProtect
VirtualAlloc
FlushInstructionCache
GetProcAddress
GetThreadSelectorEntry
GetCurrentThread
WideCharToMultiByte
FindResourceExW
FindResourceW
SizeofResource
WaitForSingleObjectEx
IsBadStringPtrW
GetUserDefaultUILanguage
RtlUnwind
InterlockedFlushSList
GetStdHandle
GetFileType
GetModuleFileNameA
GetModuleHandleExW
WriteConsoleW
GetFullPathNameA
ExitThread
FreeLibraryAndExitThread
ExitProcess
GetACP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetConsoleCP
SetConsoleCtrlHandler
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
GetTimeZoneInformation
FindFirstFileExA
HeapDestroy
HeapAlloc
HeapReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
FindFirstVolumeA
FreeLibrary
LoadResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
RaiseException
LockResource
DecodePointer
MultiByteToWideChar
CreateFileW
GetDriveTypeW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetModuleFileNameW
lstrlenW
lstrcatW
CloseHandle
DeviceIoControl
GetLogicalDrives
GetCurrentDirectoryW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
HeapFree
HeapSize
FindNextFileA
FindFirstFileExW
GetProcessHeap
GetLastError
IsDebuggerPresent

gdi32

GetTextMetricsW
CreateRoundRectRgn
RestoreDC
SaveDC
SetWindowOrgEx
OffsetRgn
PtInRegion
GetBitmapBits
SetBitmapBits
SetDIBColorTable
CreateDIBSection
CreateRectRgn
CreateRectRgnIndirect
GetCharABCWidthsW
GetClipBox
GetTextExtentPoint32W
LineTo
RoundRect
SelectClipRgn
ExtSelectClipRgn
StretchBlt
MoveToEx
TextOutW
GdiFlush
CreatePatternBrush
CreateDCW
CombineRgn
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
SetStretchBltMode
CreatePen
GetObjectW
SetTextColor
SetBkMode
SetBkColor
SelectObject
Rectangle
GetStockObject
GetDIBits
GetDeviceCaps
DeleteObject
DeleteDC
CreateSolidBrush
BitBlt

comdlg32

GetOpenFileNameW

shell32

SHGetPathFromIDListW
CommandLineToArgvW
SHFileOperationW
ShellExecuteExW
Shell_NotifyIconW
SHGetFileInfoW
SHGetFolderPathW
SHGetSpecialFolderPathW
SHGetMalloc
SHBrowseForFolderW
SHChangeNotify
ShellExecuteW

ole32

CoInitializeEx
CoGetClassObject
CoInitializeSecurity
CoSetProxyBlanket
StringFromCLSID
CLSIDFromString
CreateILockBytesOnHGlobal
ReleaseStgMedium
OleDuplicateData
OleSetContainedObject
OleCreateStaticFromData
StgCreateDocfileOnILockBytes
StgCreateDocfile
CLSIDFromProgID
StringFromGUID2
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
PropVariantClear
OleInitialize
OleUninitialize
OleLockRunning
CreateStreamOnHGlobal
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysFreeString
GetErrorInfo
VariantChangeType
CreateErrorInfo
SetErrorInfo
SysAllocString
VariantClear
SysAllocStringLen
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantInit
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
DispCallFunc
OleCreateFontIndirect

shlwapi

PathFindExtensionW
SHDeleteKeyW
PathFindFileNameW
PathFileExistsA
PathAppendA
SHStrDupW
StrStrIA
PathFileExistsW
PathAppendW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

mprapi

MprConfigGetFriendlyName
MprConfigServerConnect

iphlpapi

GetNetworkParams
GetInterfaceInfo
GetAdaptersInfo
GetPerAdapterInfo

winhttp

WinHttpOpenRequest
WinHttpOpen
WinHttpConnect
WinHttpSetTimeouts
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpQueryHeaders

wininet

InternetOpenUrlW
InternetOpenW
InternetCloseHandle
InternetSetOptionW
InternetConnectW
InternetReadFile
InternetWriteFile
HttpOpenRequestW
HttpSendRequestW
HttpSendRequestExW
HttpEndRequestW
HttpQueryInfoW
InternetSetCookieW
InternetGetCookieW
InternetGetCookieExW
InternetCheckConnectionW
GetUrlCacheEntryInfoW

userenv

CreateEnvironmentBlock

wtsapi32

WTSQueryUserToken

psapi

GetModuleFileNameExW
EnumProcessModules
GetModuleInformation

powrprof

SetSuspendState
GetPwrCapabilities
IsPwrHibernateAllowed

crypt32

CertFindCertificateInStore
CryptMsgGetParam
CryptDecodeObject
CryptProtectData
CryptQueryObject
CertGetNameStringW

gdiplus

GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateHICONFromBitmap
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipSaveImageToStream
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipSetPenWidth
GdipDeletePen
GdipCreatePen1
GdipCreateSolidFill
GdipReleaseDC
GdipCloneBrush
GdipFree
GdipAlloc
GdipSetSmoothingMode
GdipSetTextRenderingHint
GdipFillPieI
GdipDrawImageI
GdipDrawImageRect
GdipDrawImageRectI
GdipDrawImageRectRectI
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipCreateFontFromDC
GdipCreateFontFromLogfontW
GdipDeleteFont
GdipDrawString
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatTrimming
GdipSetImageAttributesColorKeys
GdipSetStringFormatHotkeyPrefix
GdipDrawLineI
GdipSetInterpolationMode
GdipDeleteBrush
GdipGraphicsClear
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipMeasureString
GdipDrawPath
GdipSetPenDashStyle
GdipAddPathArcI
GdipAddPathLineI
GdipDeletePath
GdipCreatePath
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdiplusShutdown
GdiplusStartup
GdipSaveGraphics
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipSetImageAttributesWrapMode
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePaletteSize
GdipGetImagePalette
GdipSaveImageToFile
GdipDrawRectangleI

netapi32

NetUserSetInfo
NetApiBufferFree
NetUserGetInfo

pdh

PdhCloseQuery
PdhGetFormattedCounterValue
PdhOpenQueryW
PdhAddCounterW
PdhCollectQueryData
PdhRemoveCounter

wintrust

WinVerifyTrust

dbghelp

MiniDumpWriteDump

comctl32

ord17
_TrackMouseEvent

imm32

ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 905KB - Virtual size: 904KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 225KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c27906f59631d68260552132e5f089e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

50:28:4b:e9:ab:1a:22:9c:8f:2c:9f:dd:7b:7e:4a:e4Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

5a:de:81:b0:3a:cc:dd:91:fa:96:e7:89:18:ad:f6:e7Certificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

5f:d6:93:fa:b0:98:e3:f4:67:7b:b8:cb:67:2c:22:9eCertificate

Extended Key Usages

Key Usages

Certificate

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0f:61:22:03:c7:77:ac:94:6e:ed:b0:2a:be:44:5a:89:29:5e:7c:e5:66:e6:a8:3a:4d:f6:0c:ec:8c:ca:5b:54Signer

f5:6d:f1:12:06:6a:98:bd:ca:d9:da:90:61:d2:97:2d:6a:06:00:91Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

urlmon

kernel32

gdi32

comdlg32

shell32

ole32

oleaut32

shlwapi

version

mprapi

iphlpapi

winhttp

wininet

userenv

wtsapi32

psapi

powrprof

crypt32

gdiplus

netapi32

pdh

wintrust

dbghelp

comctl32

imm32

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 905KB - Virtual size: 904KB

.data Size: 225KB - Virtual size: 234KB

.tls Size: 512B - Virtual size: 13B

.gfids Size: 2KB - Virtual size: 2KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 169KB - Virtual size: 168KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

50:28:4b:e9:ab:1a:22:9c:8f:2c:9f:dd:7b:7e:4a:e4
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

5a:de:81:b0:3a:cc:dd:91:fa:96:e7:89:18:ad:f6:e7
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

5f:d6:93:fa:b0:98:e3:f4:67:7b:b8:cb:67:2c:22:9e
Certificate

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0f:61:22:03:c7:77:ac:94:6e:ed:b0:2a:be:44:5a:89:29:5e:7c:e5:66:e6:a8:3a:4d:f6:0c:ec:8c:ca:5b:54
Signer

f5:6d:f1:12:06:6a:98:bd:ca:d9:da:90:61:d2:97:2d:6a:06:00:91
Signer

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 905KB - Virtual size: 904KB

.data
Size: 225KB - Virtual size: 234KB

.tls
Size: 512B - Virtual size: 13B

.gfids
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 169KB - Virtual size: 168KB