493a3ff0d232607d1ea3ea3e401645427f40234ac94bc8f15ed0066919621fcd

Sharing

Copy URL

Twitter E-mail

General

Target

493a3ff0d232607d1ea3ea3e401645427f40234ac94bc8f15ed0066919621fcd
Size

2.5MB
MD5

dc105339eaa14e6ed8d43df473438962
SHA1

b52f0bc890aada60e9f3882e3c9f8be80ad090c7
SHA256

493a3ff0d232607d1ea3ea3e401645427f40234ac94bc8f15ed0066919621fcd
SHA512

60fd0639e5d4c157eeec5f648bf2caa1c6be6d1822a0c0203d525cc9a7547a81d44ed76a0e5d59cd13f62e87f94a78c08581354cd0d4a24848460105ee8ff896
SSDEEP

49152:zeHk9G74eJSZSiMqUd6orn91pdC+BGIotTO9WsG:KH8G74eJLYU/n9zosxWP

Score

1^/10

Malware Config

Signatures

Files

493a3ff0d232607d1ea3ea3e401645427f40234ac94bc8f15ed0066919621fcd
.dll windows:5 windows x86 arch:x86

f49ad09c28a7fd0a9aacd4f313edc1d1

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-01-2021 00:00

Not After

06-01-2031 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19-05-2020 00:00

Not After

18-05-2023 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18-04-2012 12:00

Not After

18-04-2027 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19-05-2020 00:00

Not After

18-05-2023 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18-04-2012 12:00

Not After

18-04-2027 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-01-2021 00:00

Not After

06-01-2031 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

27:01:74:cf:05:06:f4:ec:fc:d6:7c:45:75:e3:9b:9c:b2:0b:4b:31:8c:ac:47:62:85:8b:74:7d:7a:0f:8e:3c
Signer

Actual PE Digest

27:01:74:cf:05:06:f4:ec:fc:d6:7c:45:75:e3:9b:9c:b2:0b:4b:31:8c:ac:47:62:85:8b:74:7d:7a:0f:8e:3c

Digest Algorithm

sha256

PE Digest Matches

false

a8:88:44:ab:7e:86:0c:12:94:ec:ad:e5:33:9a:bc:21:d3:98:86:ec
Signer

Actual PE Digest

a8:88:44:ab:7e:86:0c:12:94:ec:ad:e5:33:9a:bc:21:d3:98:86:ec

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

G:\Work\2345Soft\rcimage\bin\Win32\Release\pdb\2345Image.pdb

Imports

gdiplus

GdipDrawImageRectI
GdipCreateSolidFill
GdipCreateBitmapFromHBITMAP
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipDeleteBrush
GdipGetPropertyItem
GdipImageGetFrameDimensionsCount
GdipGetImageThumbnail
GdipGetImagePixelFormat
GdipGetImageType
GdipImageRotateFlip
GdipSetCompositingQuality
GdipGetImageHeight
GdipFree
GdipCloneBitmapAreaI
GdipGetImageGraphicsContext
GdipDrawImageRectRect
GdipSetPixelOffsetMode
GdipSetPageUnit
GdipSetInterpolationMode
GdipGetImagePaletteSize
GdipCreateBitmapFromScan0
GdipGetImageVerticalResolution
GdipDeleteGraphics
GdipImageSelectActiveFrame
GdipRemovePropertyItem
GdipLoadImageFromFile
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipBitmapLockBits
GdipImageGetFrameDimensionsList
GdipCreateFromHDC
GdipImageGetFrameCount
GdipCreateTexture
GdipSetPropertyItem
GdipGetImageRawFormat
GdipCloneBrush
GdipFillRectangleI
GdipGetImagePalette
GdipGetImageHorizontalResolution
GdipGetImageWidth
GdipCreateBitmapFromFile
GdipSaveImageToStream
GdipGetPropertyItemSize
GdipSaveImageToFile
GdipReleaseDC
GdipCloneImage
GdipAlloc
GdipGetDC
GdipDisposeImage
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromGdiDib

freeimage

_FreeImage_CloseMemory@4
?APNG_IdentifyApng@@YG_NPB_WPAH@Z
_FreeImage_Allocate@24
_FreeImage_CopyICCProfile@8
_FreeImage_FIFSupportsExportType@8
_FreeImage_OpenMemory@8
_FreeImage_FIFSupportsNoPixels@4
_FreeImage_Clone@4
_FreeImage_SaveToMemory@16
_FreeImage_FIFSupportsExportBPP@8
_FreeImage_FakeSaveToMemory@16
_FreeImage_FIFSupportsWriting@4
_FreeImage_Paste@20
_FreeImage_GetICCProfile@4
_FreeImage_HasPixels@4
_FreeImage_AcquireMemory@12
_FreeImage_GetScanLine@8
?LoadAPNG_from_file@@YGPAUAPNGDATA@@PB_W_NPAH@Z
?APNG_Destroy@@YGXPAUAPNGDATA@@@Z
?APNG_Clone@@YGPAUAPNGDATA@@PBU1@@Z
_FreeImage_SaveU@16
_FreeImage_AllocateT@28
_FreeImage_GetBPP@4
_FreeImage_GetWidth@4
_FreeImage_GetColorType@4
_FreeImage_GetPitch@4
_FreeImage_Unload@4
_FreeImage_GetHeight@4
_FreeImage_GetBits@4
_FreeImage_GetImageType@4

freeimageplus

?findFirstMetadata@fipMetadataFind@@QAEHW4FREE_IMAGE_MDMODEL@@AAVfipImage@@AAVfipTag@@@Z
??0fipWinImage@@QAE@W4FREE_IMAGE_TYPE@@III@Z
??1fipWinImage@@UAE@XZ
?clear@fipWinImage@@UAEXXZ
?isValid@fipWinImage@@UBEHXZ
??4fipWinImage@@QAEAAV0@ABV0@@Z
?copyFromBitmap@fipWinImage@@QAEHPAUHBITMAP__@@@Z
??1fipMetadataFind@@UAE@XZ
?drawEx@fipWinImage@@QBEXPAUHDC__@@AAUtagRECT@@1HPAUtagRGBQUAD@@PAUFIBITMAP@@@Z
??0fipTag@@QAE@XZ
??1fipTag@@UAE@XZ
?isValid@fipTag@@UBEHXZ
?getValue@fipTag@@QBEPBXXZ
?setValue@fipTag@@QAEHPBX@Z
?toString@fipTag@@QBEPBDW4FREE_IMAGE_MDMODEL@@PAD@Z
??0fipMetadataFind@@QAE@XZ
?setMetadata@fipImage@@QAEHW4FREE_IMAGE_MDMODEL@@PBDAAVfipTag@@@Z
?getMetadata@fipImage@@QBEHW4FREE_IMAGE_MDMODEL@@PBDAAVfipTag@@@Z
?rescale@fipImage@@QAEHIIW4FREE_IMAGE_FILTER@@@Z
?flipVertical@fipImage@@QAEHXZ
?flipHorizontal@fipImage@@QAEHXZ
?rotate@fipImage@@QAEHNPBX@Z
?setFileBkColor@fipImage@@QAEHPAUtagRGBQUAD@@@Z
?isTransparent@fipImage@@QBEHXZ
?convertTo32Bits@fipImage@@QAEHXZ
?convertTo16Bits555@fipImage@@QAEHXZ
?accessPixels@fipImage@@QBEPAEXZ
?hasThumbnail@fipImage@@QBEHXZ
?setThumbnail@fipImage@@QAEHABV1@@Z
?getThumbnail@fipImage@@QBEHAAV1@@Z
?isGrayscale@fipImage@@QBEHXZ
?getColorType@fipImage@@QBE?AW4FREE_IMAGE_COLOR_TYPE@@XZ
?getVerticalResolution@fipImage@@QBENXZ
?getHorizontalResolution@fipImage@@QBENXZ
??0fipImage@@QAE@W4FREE_IMAGE_TYPE@@III@Z
?getBitsPerPixel@fipImage@@QBEIXZ
?getInfo@fipImage@@QAEPAUtagBITMAPINFO@@XZ
?getScanWidth@fipImage@@QBEIXZ
?getHeight@fipImage@@QBEIXZ
?getWidth@fipImage@@QBEIXZ
?getImageType@fipImage@@QBE?AW4FREE_IMAGE_TYPE@@XZ
?loadFromMemory@fipImage@@QAEHAAVfipMemoryIO@@HPAVILoadImageCallBack@@@Z
?loadU@fipImage@@QAEHPB_WHPAVILoadImageCallBack@@@Z
?identifyFIFU@fipImage@@SA?AW4FREE_IMAGE_FORMAT@@PB_W@Z
?copySubImage@fipImage@@QBEHAAV1@HHHH@Z
??1fipMemoryIO@@UAE@XZ
??0fipMemoryIO@@QAE@PAEK@Z
?copyToClipboard@fipWinImage@@QBEHPAUHWND__@@@Z
?convertTo24Bits@fipImage@@QAEHXZ
?isValid@fipImage@@UBEHXZ
??4fipImage@@QAEAAV0@PAUFIBITMAP@@@Z
?clear@fipImage@@UAEXXZ
??1fipImage@@UAE@XZ
??BfipImage@@QAEPAUFIBITMAP@@XZ

kernel32

GetSystemTimeAsFileTime
OutputDebugStringW
GetCurrentProcessId
IsDebuggerPresent
InitializeSListHead
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventA
WaitForSingleObjectEx
GetModuleHandleExA
SetErrorMode
GetModuleFileNameA
GetNativeSystemInfo
ReadFile
SetFilePointer
CloseHandle
InitializeCriticalSectionAndSpinCount
GetLastError
DeleteCriticalSection
TlsGetValue
GetSystemInfo
InterlockedDecrement
GlobalSize
GlobalLock
InterlockedIncrement
GlobalUnlock
InterlockedExchangeAdd
WaitForSingleObject
ResumeThread
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
MultiByteToWideChar
WideCharToMultiByte
FindFirstFileW
GetLongPathNameW
CreateFileW
GetFileAttributesExW
CreateEventW
SetEvent
ResetEvent
GetFileSize
FindClose
GetTempPathW
GetFileAttributesW
GetCurrentThread
SetFileAttributesW
DeleteFileW
GetWindowsDirectoryW
MoveFileExW
GetTempFileNameW
MoveFileW
GetCurrentThreadId
GlobalAlloc
GetProcAddress
GetCurrentProcess
GetModuleFileNameW
LoadLibraryW
FreeLibrary
IsBadReadPtr
ExitProcess
lstrlenA
TlsSetValue
TlsAlloc
TlsFree
QueryPerformanceCounter
LoadLibraryA
SwitchToThread
GetEnvironmentVariableA
lstrcmpA
GetProcessAffinityMask

user32

GetDC
CopyRect
SetRect
ReleaseDC
OpenClipboard
CloseClipboard
SetClipboardData

gdi32

BitBlt
SaveDC
SetStretchBltMode
StretchDIBits
DeleteObject
DeleteDC
CreateCompatibleDC
SelectObject
CreateCompatibleBitmap
GetObjectW
CreateDIBitmap
RestoreDC
SetDIBitsToDevice
GetDIBits
GetClipBox
CreateDIBSection

ole32

CreateStreamOnHGlobal
GetHGlobalFromStream

msvcp140

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrCopyException@@YAXPAXPBX1@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?uncaught_exception@std@@YA_NXZ
?_Xbad_alloc@std@@YAXXZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

crypt32

CryptStringToBinaryA

vcruntime140

__std_type_info_name
__RTtypeid
_except_handler4_common
strrchr
__std_type_info_destroy_list
_CxxThrowException
memset
memmove
wcsrchr
longjmp
wcsstr
wcschr
strchr
strstr
_purecall
__std_type_info_compare
__std_exception_copy
__std_exception_destroy
__CxxFrameHandler3
memcpy
memchr
_setjmp3
__CxxLongjmpUnwind
__std_terminate

api-ms-win-crt-runtime-l1-1-0

_register_onexit_function
exit
strerror
terminate
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_invalid_parameter_noinfo_noreturn
_beginthreadex
_initialize_onexit_table
abort
_execute_onexit_table
_initterm_e
_initterm
_crt_atexit
_cexit
_invalid_parameter_noinfo
_errno

api-ms-win-crt-stdio-l1-1-0

_wfopen
fopen
fread
fseek
__stdio_common_vswprintf
fclose
ftell
_setmode
_open
_read
_write
_close
rewind
fputc
ferror
fflush
getc
fgets
fwrite
__stdio_common_vfscanf
feof
__stdio_common_vsprintf
fputs
_lseek
tmpnam
__stdio_common_vsscanf
__stdio_common_vfprintf
__acrt_iob_func

api-ms-win-crt-convert-l1-1-0

atof
atoi
strtod
strtol

api-ms-win-crt-heap-l1-1-0

calloc
realloc
_callnewh
malloc
free

api-ms-win-crt-string-l1-1-0

isprint
_wcsicmp
strncpy
toupper
isspace
isdigit
tolower
isalpha
strtok
towlower
towupper
_strdup
_wcsdup
strncpy_s
strncmp
_wcsnicmp
isxdigit

api-ms-win-crt-utility-l1-1-0

ldiv
bsearch
rand
qsort

api-ms-win-crt-filesystem-l1-1-0

_unlink

api-ms-win-crt-math-l1-1-0

_libm_sse2_sqrt_precise
ceil
floor
_libm_sse2_log_precise
_libm_sse2_exp_precise
_libm_sse2_cos_precise
__libm_sse2_sinf
__libm_sse2_exp
_CIatan2
_libm_sse2_sin_precise
_libm_sse2_pow_precise
_except1

api-ms-win-crt-environment-l1-1-0

getenv

Exports

Exports

CreateImageFactory

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 330KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 624KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f49ad09c28a7fd0a9aacd4f313edc1d1

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2Certificate

Extended Key Usages

Key Usages

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06Certificate

Extended Key Usages

Key Usages

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9eCertificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

27:01:74:cf:05:06:f4:ec:fc:d6:7c:45:75:e3:9b:9c:b2:0b:4b:31:8c:ac:47:62:85:8b:74:7d:7a:0f:8e:3cSigner

a8:88:44:ab:7e:86:0c:12:94:ec:ad:e5:33:9a:bc:21:d3:98:86:ecSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gdiplus

freeimage

freeimageplus

kernel32

user32

gdi32

ole32

msvcp140

crypt32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-environment-l1-1-0

Exports

Exports

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 330KB - Virtual size: 330KB

.data Size: 53KB - Virtual size: 624KB

_RDATA Size: 4KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 66KB - Virtual size: 66KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

27:01:74:cf:05:06:f4:ec:fc:d6:7c:45:75:e3:9b:9c:b2:0b:4b:31:8c:ac:47:62:85:8b:74:7d:7a:0f:8e:3c
Signer

a8:88:44:ab:7e:86:0c:12:94:ec:ad:e5:33:9a:bc:21:d3:98:86:ec
Signer

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 330KB - Virtual size: 330KB

.data
Size: 53KB - Virtual size: 624KB

_RDATA
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 66KB - Virtual size: 66KB