6482008eb8425e4c96700a33cb5459d6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6482008eb8425e4c96700a33cb5459d6_JaffaCakes118
Size

3.1MB
MD5

6482008eb8425e4c96700a33cb5459d6
SHA1

8ca994bd2df7b0168210d41b10752dd56c786883
SHA256

09174dbee9548f7c8fd4fedd0494b5baa591d56a31318a2e2fa7bb26415e2d84
SHA512

172b023385368ea92555124e9b97d26e8c85c7152dbd009a51bdf83106bb835826e37cf6917c876715701bc1f5b0cd1432673614d9fa39097218be4d82deab8b
SSDEEP

49152:TXjdusm7EGqbOinfg50DvlcS+7AWO07Tp7jp2+xUtgmcQ+3S5GIT+DlX8Z/a1Khl:TXYSb650DvSS+7AWOehpVGtf+2

Score

1^/10

Malware Config

Signatures

Files

6482008eb8425e4c96700a33cb5459d6_JaffaCakes118
.dll windows:5 windows x86 arch:x86

a3ccfa3c5cd7eff18325fb6f759488fa

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:70:a1:7d:75:6f:ec:88:85:9a:29:46:be:d7:69:44
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/05/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:40:74:8d:43:58:a1:47:81:d6:a9:c3:07:b3:aa:9c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

38:68:19:5f:5e:f8:34:96:aa:d6:ab:1d:7c:c8:19:dd:26:06:3d:c4:f1:7d:fc:46:3b:84:4d:54:03:c3:10:11
Signer

Actual PE Digest

38:68:19:5f:5e:f8:34:96:aa:d6:ab:1d:7c:c8:19:dd:26:06:3d:c4:f1:7d:fc:46:3b:84:4d:54:03:c3:10:11

Digest Algorithm

sha256

PE Digest Matches

true

c0:19:23:a4:eb:73:62:1f:8d:48:58:ac:30:9e:0d:65:58:a9:7f:29
Signer

Actual PE Digest

c0:19:23:a4:eb:73:62:1f:8d:48:58:ac:30:9e:0d:65:58:a9:7f:29

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\branches\5.10.2\Rhino\Safe\Bin\Win32\release\pdb\Optimize.pdb

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

psapi

GetProcessImageFileNameW

kernel32

SizeofResource
HeapDestroy
RaiseException
GetLastError
HeapSize
LockResource
DecodePointer
DeleteCriticalSection
LocalFree
WaitForSingleObject
OpenProcess
TerminateProcess
SetProcessWorkingSetSize
CloseHandle
CreateMutexW
SystemTimeToTzSpecificLocalTime
GetProcessTimes
FileTimeToSystemTime
InitializeCriticalSectionAndSpinCount
WriteFile
CreateFileW
GetLocalTime
GetCurrentThreadId
VirtualQuery
GetLogicalDriveStringsW
QueryDosDeviceW
GetUserDefaultLangID
GetModuleHandleExW
ReleaseMutex
FreeLibrary
GetCurrentProcess
GetModuleHandleW
LoadLibraryW
GetProcAddress
IsProcessorFeaturePresent
IsDebuggerPresent
HeapAlloc
LoadResource
FindResourceW
FindResourceExW
HeapReAlloc
GetEnvironmentVariableW
GetCurrentProcessId
GetModuleFileNameW
InterlockedDecrement
InterlockedIncrement
GetProcessHeap
HeapFree
GetPrivateProfileStringW
InterlockedExchange
GlobalMemoryStatusEx
GetSystemTimes
WaitForMultipleObjects
QueryPerformanceCounter
GetSystemTimeAsFileTime
OutputDebugStringW
GetShortPathNameW
GetFileAttributesExW
SetFilePointer
FindFirstFileW
EncodePointer
FormatMessageW
GetFileSizeEx
LoadLibraryA
SetLastError
DeviceIoControl
ExpandEnvironmentStringsW
SearchPathW
TryEnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
Sleep
OpenMutexW
ResumeThread
SetEvent
ResetEvent
CreateEventW
OpenEventW
InterlockedExchangeAdd
GetDriveTypeW
CreateProcessW
GetExitCodeProcess
GetVersionExW
GetFileAttributesW
lstrlenW
lstrcmpiW
lstrcatW
lstrcpyW
GetSystemInfo
LoadLibraryExW
WideCharToMultiByte
GetACP
MultiByteToWideChar
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetDiskFreeSpaceW
GetVolumeInformationW
FindClose
FindNextFileW
GetFullPathNameW
GetTempFileNameW
MoveFileExW
CreateDirectoryW
SetFileTime
GetSystemDirectoryW
CopyFileW
GetTempPathW
GetCurrentDirectoryW
GetLongPathNameW
MoveFileW
SetCurrentDirectoryW
RemoveDirectoryW
GetWindowsDirectoryW
DeleteFileW
SetFileAttributesW
GetFileSize
SetEndOfFile
ReadFile
GetFileTime
GlobalAlloc
GetComputerNameExW
GlobalFree
FileTimeToDosDateTime
DosDateTimeToFileTime
SystemTimeToFileTime
FileTimeToLocalFileTime
GetSystemTime
LocalFileTimeToFileTime
GetTickCount

user32

UnregisterClassW

advapi32

FreeSid
SetEntriesInAclW
AllocateAndInitializeSid
LookupPrivilegeValueW
SetNamedSecurityInfoW
GetTokenInformation
OpenProcessToken
LookupPrivilegeNameW
CloseServiceHandle
SetFileSecurityW
GetFileSecurityW
EnumServicesStatusExW
QueryServiceConfigW
QueryServiceConfig2W
ControlService
ChangeServiceConfigW
ChangeServiceConfig2W
OpenServiceW
OpenSCManagerW
DeleteService
RegCloseKey
RegOpenKeyExW
AdjustTokenPrivileges

shell32

CommandLineToArgvW
SHGetPathFromIDListW
SHGetFolderPathW

ole32

StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoInitializeSecurity
CLSIDFromString

oleaut32

SysAllocString
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen

msvcp120

?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
_Nan
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_C_str@?$_Yarn@D@std@@QBEPBDXZ
?width@ios_base@std@@QAE_J_J@Z
?width@ios_base@std@@QBE_JXZ
?flags@ios_base@std@@QBEHXZ
?fail@ios_base@std@@QBE_NXZ
?good@ios_base@std@@QBE_NXZ
?rdstate@ios_base@std@@QBEHXZ
??Bios_base@std@@QBE_NXZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Getname@_Locinfo@std@@QBEPBDXZ
??0_Locinfo@std@@QAE@HPBD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?id@?$codecvt@DDH@std@@2V0locale@2@A
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?global@locale@std@@SA?AV12@ABV12@@Z
?_New_Locimp@_Locimp@locale@std@@CAPAV123@_N@Z
?_Makeloc@_Locimp@locale@std@@CAPAV123@ABV_Locinfo@3@HPAV123@PBV23@@Z
?uncaught_exception@std@@YA_NXZ
?_Xruntime_error@std@@YAXPBD@Z
?_BADOFF@std@@3_JB
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??1_Locinfo@std@@QAE@XZ
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
??1_Facet_base@std@@UAE@XZ
??Bid@locale@std@@QAEIXZ
?_Incref@facet@locale@std@@UAEXXZ
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
??0facet@locale@std@@IAE@I@Z
??1facet@locale@std@@MAE@XZ
?is@?$ctype@_W@std@@QBE_NF_W@Z
?tolower@?$ctype@_W@std@@QBE_W_W@Z
?tolower@?$ctype@_W@std@@QBEPB_WPA_WPB_W@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?c_str@?$_Yarn@D@std@@QBEPBDXZ
??_7_Facet_base@std@@6B@
_Wcsxfrm
_Wcscoll
??_7facet@locale@std@@6B@
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?id@?$collate@_W@std@@2V0locale@2@A
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?id@?$ctype@_W@std@@2V0locale@2@A
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Swap_all@_Container_base0@std@@QAEXAAU12@@Z
??0_Container_base12@std@@QAE@XZ
??1_Container_base12@std@@QAE@XZ
?_Orphan_all@_Container_base12@std@@QAEXXZ
?_Orphan_all@_Container_base0@std@@QAEXXZ
??0id@locale@std@@QAE@I@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
??7ios_base@std@@QBE_NXZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEDD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?setf@ios_base@std@@QAEHHH@Z
?setf@ios_base@std@@QAEHH@Z
_Inf
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??0_Locinfo@std@@QAE@PBD@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

msvcr120

_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
__clean_type_info_names_internal
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__CxxFrameHandler3
_except_handler4_common
_unlock
_lock
wcsncpy
isalnum
wcstoul
_wcsicmp
swscanf_s
sscanf
_splitpath_s
_stricmp
sprintf
_wcsnicmp
tolower
memchr
_lock_file
setvbuf
fsetpos
fgetc
fflush
_fseeki64
fgetpos
strstr
ungetc
_unlock_file
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
fputc
?terminate@@YAXXZ
_errno
calloc
_vswprintf_c_l
_wtoi
_localtime64
_mktime64
_beginthreadex
_time64
srand
rand
towupper
_vsnwprintf
wcsstr
towlower
wcschr
fwrite
rewind
_wfopen_s
fclose
fseek
ftell
fread
fopen
wcsrchr
atoi
strchr
??0exception@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
atof
toupper
realloc
memcpy_s
wcsnlen
malloc
free
wmemcpy_s
memmove_s
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
??_V@YAXPAX@Z
??2@YAPAXI@Z
_hypot
??3@YAXPAX@Z
_except1
memmove
_recalloc
memset
memcpy
abort
modf
sprintf_s
__iob_func
localeconv
fprintf
_dtest
strpbrk
_CxxThrowException
__RTDynamicCast
_purecall

shlwapi

SHEnumValueW
PathIsNetworkPathW
PathFindFileNameW
PathRemoveFileSpecW

Exports

Exports

RCVBusGetModuleCount
RCVBusQueryModule
RCVBusReleaseModule

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 461KB - Virtual size: 460KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a3ccfa3c5cd7eff18325fb6f759488fa

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

0d:70:a1:7d:75:6f:ec:88:85:9a:29:46:be:d7:69:44Certificate

Extended Key Usages

Key Usages

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bdCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

01:40:74:8d:43:58:a1:47:81:d6:a9:c3:07:b3:aa:9cCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

38:68:19:5f:5e:f8:34:96:aa:d6:ab:1d:7c:c8:19:dd:26:06:3d:c4:f1:7d:fc:46:3b:84:4d:54:03:c3:10:11Signer

c0:19:23:a4:eb:73:62:1f:8d:48:58:ac:30:9e:0d:65:58:a9:7f:29Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

psapi

kernel32

user32

advapi32

shell32

ole32

oleaut32

msvcp120

msvcr120

shlwapi

Exports

Exports

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 461KB - Virtual size: 460KB

.data Size: 78KB - Virtual size: 81KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 154KB - Virtual size: 154KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

0d:70:a1:7d:75:6f:ec:88:85:9a:29:46:be:d7:69:44
Certificate

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

01:40:74:8d:43:58:a1:47:81:d6:a9:c3:07:b3:aa:9c
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

38:68:19:5f:5e:f8:34:96:aa:d6:ab:1d:7c:c8:19:dd:26:06:3d:c4:f1:7d:fc:46:3b:84:4d:54:03:c3:10:11
Signer

c0:19:23:a4:eb:73:62:1f:8d:48:58:ac:30:9e:0d:65:58:a9:7f:29
Signer

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 461KB - Virtual size: 460KB

.data
Size: 78KB - Virtual size: 81KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 154KB - Virtual size: 154KB