638ee834451a36ec3ae25f09d8669585_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

638ee834451a36ec3ae25f09d8669585_JaffaCakes118
Size

550KB
MD5

638ee834451a36ec3ae25f09d8669585
SHA1

492b9461910f0f1e38ff1abebe9d56901ef8ed04
SHA256

fb7ca04d5f1d0193e702d04aa288f9fa3fc0fb2f4f690b0df759f41f678385e0
SHA512

2b6901a44f00ba30bf489df5ea2166b8ba13cd6ceb75d10960f4bfb0a09cec918a098f9f67f89784de53901257d22c48e9129515ceab528447c5fda238fff7b4
SSDEEP

6144:TTlO7AnLt1Jwl9NjOGMPBQeT/FOAyAdAyAOUY982DdbJBMmdogGsr6K:TTlO7o3el9NjeqzYCSJBZdogGsr6K

Score

1^/10

Malware Config

Signatures

Files

638ee834451a36ec3ae25f09d8669585_JaffaCakes118
.exe windows:6 windows x86 arch:x86

7181625ba67c2746208e7b5dcc87c182

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4c:d9:e7:55:85:0c:13:72:b4:8d:c1:82:a7:30:8b:ab
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

03/04/2013, 00:00

Not After

01/06/2016, 23:59

Subject

CN=Advanced Micro Devices\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Advanced Micro Devices\, Inc.,L=Sunnyvale,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

fb:bd:55:fe:7f:1f:cd:ec:7e:14:d2:44:c9:07:dc:c3:1b:9e:22:2c
Signer

Actual PE Digest

fb:bd:55:fe:7f:1f:cd:ec:7e:14:d2:44:c9:07:dc:c3:1b:9e:22:2c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\workarea\13.352.1004.1010\install\Monet\Apps\Bin\Win32\B_rel\Setup.pdb

Imports

msi

ord118
ord92
ord160
ord159
ord32
ord8

kernel32

DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
GetTickCount
CopyFileW
GetCurrentProcess
GetSystemTime
GetSystemInfo
GetVersionExW
GetModuleFileNameW
GetProcAddress
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
MultiByteToWideChar
GetLogicalDriveStringsW
LocalFree
CreateEventA
CreateFileW
SetFilePointer
WriteFile
RaiseException
SetUnhandledExceptionFilter
GetCurrentThread
VirtualQuery
FormatMessageW
LoadLibraryW
IsBadWritePtr
ReadFile
SetNamedPipeHandleState
WaitNamedPipeW
FreeLibrary
lstrlenW
IsDebuggerPresent
DecodePointer
EncodePointer
SuspendThread
ResumeThread
SetThreadPriority
CreateEventW
SetEvent
CreateProcessW
GetExitCodeProcess
OpenMutexW
WaitForSingleObject
GetLastError
OutputDebugStringW
GetDriveTypeW
Sleep
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CloseHandle
GetModuleHandleW
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetUserDefaultUILanguage

user32

CreateWindowExW
RegisterClassW
wvsprintfW
LoadStringW
DefWindowProcW
MessageBoxW
InvalidateRect
EndDialog
SendMessageW
GetDlgItem
SetDlgItemTextW
DialogBoxParamW

advapi32

CryptDestroyHash
QueryServiceStatus
OpenServiceW
OpenSCManagerW
ControlService
CloseServiceHandle
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
CryptAcquireContextW
CryptReleaseContext
CryptDeriveKey
CryptDestroyKey
CryptEncrypt
CryptDecrypt
CryptCreateHash
CryptHashData
StartServiceW

shell32

SHGetFolderLocation
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteExW

msvcp110

?fail@ios_base@std@@QBE_NXZ
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@J@Z
?endl@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@1@AAV21@@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ
??Bios_base@std@@QBEPAXXZ
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@H@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?uncaught_exception@std@@YA_NXZ
??Bid@locale@std@@QAEIXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?in@?$codecvt@GDH@std@@QBEHAAHPBD1AAPBDPAG3AAPAG@Z
?out@?$codecvt@GDH@std@@QBEHAAHPBG1AAPBGPAD3AAPAD@Z
?unshift@?$codecvt@GDH@std@@QBEHAAHPAD1AAPAD@Z
?_Getcat@?$codecvt@GDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?widen@?$ctype@G@std@@QBEGD@Z
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ
?getloc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QBE?AVlocale@2@XZ
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGG@Z
?sputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAE_JPBG_J@Z
?setg@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEXPAG00@Z
?setp@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEXPAG0@Z
?_Pninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Init@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEXXZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ
?clear@?$basic_ios@GU?$char_traits@G@std@@@std@@QAEXH_N@Z
?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QAEXH_N@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UAE@XZ
?_Add_vtordisp2@?$basic_ostream@GU?$char_traits@G@std@@@std@@UAEXXZ
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@K@Z
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV12@XZ
?_Add_vtordisp1@?$basic_istream@GU?$char_traits@G@std@@@std@@UAEXXZ
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UAE@XZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Add_vtordisp1@?$basic_ios@GU?$char_traits@G@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAEXXZ
?imbue@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAEXABVlocale@2@@Z
?setbuf@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAEPAV12@PAG_J@Z
?showmanyc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAE_JXZ
?sync@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAEHXZ
?uflow@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAEGXZ
?xsgetn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAE_JPAG_J@Z
?xsputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAE_JPBG_J@Z
?_BADOFF@std@@3_JB
?id@?$codecvt@GDH@std@@2V0locale@2@A
?id@?$ctype@G@std@@2V0locale@2@A
??_7ios_base@std@@6B@
??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@
?good@ios_base@std@@QBE_NXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBE_JXZ
?width@ios_base@std@@QAE_J_J@Z
?_Xruntime_error@std@@YAXPBD@Z
??0_Locinfo@std@@QAE@HPBD@Z
??1_Locinfo@std@@QAE@XZ
?_Getname@_Locinfo@std@@QBEPBDXZ
?_New_Locimp@_Locimp@locale@std@@CAPAV123@_N@Z
?_Makeloc@_Locimp@locale@std@@CAPAV123@ABV_Locinfo@3@HPAV123@PBV23@@Z
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
??7ios_base@std@@QBE_NXZ
?sync_with_stdio@ios_base@std@@SA_N_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?imbue@?$basic_ios@GU?$char_traits@G@std@@@std@@QAE?AVlocale@2@ABV32@@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
?_Add_vtordisp2@?$basic_ostream@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??1?$basic_istream@GU?$char_traits@G@std@@@std@@UAE@XZ
?getline@?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV12@PAG_J@Z
?_Add_vtordisp1@?$basic_istream@DU?$char_traits@D@std@@@std@@UAEXXZ
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Add_vtordisp2@?$basic_ios@GU?$char_traits@G@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z

msvcr110

fopen_s
_fmode
_commode
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_except_handler4_common
?terminate@@YAXXZ
__crtSetUnhandledExceptionFilter
_invoke_watson
_controlfp_s
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
??2@YAPAXI@Z
??3@YAXPAX@Z
memmove
_CxxThrowException
__CxxFrameHandler3
memcpy
vswprintf_s
memcpy_s
fgetwc
fputwc
ungetwc
fclose
fflush
fgetc
fgetpos
fsetpos
_fseeki64
fwrite
setvbuf
ungetc
_lock_file
_unlock_file
??0bad_cast@std@@QAE@PBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
memset
_beginthreadex
_access
_waccess
_wchmod
_wstat64i32
strlen
wcscmp
wcslen
_wmkdir
_wrmdir
wcsncpy_s
_vsnwprintf_s
_wfopen_s
_acmdln
_itoa_s
mbstowcs_s
wcstombs_s
isspace
towupper
towlower
strcmp
wcsrchr
free
malloc
wcstoul
_wtoi
??_V@YAXPAX@Z
fread
fseek
ftell
rewind
__iob_func
putc
wcsncmp
_wtof
_wtol
wcschr
wcscpy_s
wcsstr
_wstrdate_s
_wstrtime_s
__RTDynamicCast
isalpha
_memicmp
printf
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
_XcptFilter
__crtGetShowWindowMode
_amsg_exit
__getmainargs
__set_app_type
exit
_exit
_cexit
_ismbblead

shlwapi

PathIsDirectoryW

mfc110u

ord1938
ord1937
ord12942
ord5575
ord2831
ord4738
ord544
ord497
ord4754
ord1039
ord1135
ord286
ord296
ord1654
ord12151
ord12147
ord1168
ord11830
ord13584
ord14426
ord3791
ord290

comctl32

ord17

wininet

InternetAttemptConnect
InternetGetConnectedState
InternetCheckConnectionW

wsock32

WSACleanup
inet_addr
ioctlsocket
WSAGetLastError
gethostbyaddr
gethostbyname

iphlpapi

GetRTTAndHopCount

Sections

.text
Size: 250KB - Virtual size: 249KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7181625ba67c2746208e7b5dcc87c182

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

4c:d9:e7:55:85:0c:13:72:b4:8d:c1:82:a7:30:8b:abCertificate

Extended Key Usages

Key Usages

61:19:93:e4:00:00:00:00:00:1cCertificate

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

fb:bd:55:fe:7f:1f:cd:ec:7e:14:d2:44:c9:07:dc:c3:1b:9e:22:2cSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msi

kernel32

user32

advapi32

shell32

msvcp110

msvcr110

shlwapi

mfc110u

comctl32

wininet

wsock32

iphlpapi

Sections

.text Size: 250KB - Virtual size: 249KB

.rdata Size: 118KB - Virtual size: 118KB

.data Size: 36KB - Virtual size: 40KB

.rsrc Size: 105KB - Virtual size: 104KB

.reloc Size: 32KB - Virtual size: 31KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

4c:d9:e7:55:85:0c:13:72:b4:8d:c1:82:a7:30:8b:ab
Certificate

61:19:93:e4:00:00:00:00:00:1c
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

fb:bd:55:fe:7f:1f:cd:ec:7e:14:d2:44:c9:07:dc:c3:1b:9e:22:2c
Signer

.text
Size: 250KB - Virtual size: 249KB

.rdata
Size: 118KB - Virtual size: 118KB

.data
Size: 36KB - Virtual size: 40KB

.rsrc
Size: 105KB - Virtual size: 104KB

.reloc
Size: 32KB - Virtual size: 31KB