7a29b0b87d5c749150abd789973f66d9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7a29b0b87d5c749150abd789973f66d9_JaffaCakes118
Size

440KB
MD5

7a29b0b87d5c749150abd789973f66d9
SHA1

d6a63260c23db3153a31be73264b1187cc40d000
SHA256

a5e2bf028e51e0da0f17ad21309a90afde1890690f1efb39535ecaa74b8b56a3
SHA512

618cc14bb74fa362ece6b3a6a8d260d4c377a0ec455652d8e31d0d9841a7daf05ff70598d6d4585df604adc21cfbfa0f1e256836a0d941fcabcefbd17d6a932a
SSDEEP

12288:YpansG2Lc6LwaCa5uoPKGuN0rBe/fp6F6myDJ/VDL:SanP0fLeKKGuN0rBenpd9/V3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Zcash Miner EBWF's 0.3.4b/miner.exe

Files

7a29b0b87d5c749150abd789973f66d9_JaffaCakes118
.zip
Zcash Miner EBWF's 0.3.4b/Help.txt
Zcash Miner EBWF's 0.3.4b/Start-BitcoinGold.bat
Zcash Miner EBWF's 0.3.4b/Start-ZCash.bat
Zcash Miner EBWF's 0.3.4b/cudart32_80.dll
.dll windows:5 windows x86 arch:x86

4b32cb13a1d12d18a9a2c05e9e82a47d

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

24/05/2016, 00:00

Not After

24/06/2027, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

14:78:1b:c8:62:e8:dc:50:3a:55:93:46:f5:dc:c5:18
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/07/2015, 00:00

Not After

26/07/2018, 23:59

Subject

CN=NVIDIA Corporation,O=NVIDIA Corporation,L=SANTA CLARA,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:c1:5a:f2:13:67:d0:75:8b:ed:dc:ca:11:86:42:de
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

13/07/2015, 00:00

Not After

13/07/2018, 23:59

Subject

CN=NVIDIA Corporation,OU=IT MIIS,O=NVIDIA Corporation,L=Santa Clara,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5f:d6:93:fa:b0:98:e3:f4:67:7b:b8:cb:67:2c:22:9e
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

11/06/2015, 00:00

Not After

29/12/2020, 23:59

Subject

CN=GeoTrust 2048-bit Timestamping Signer 1,O=GeoTrust Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

01/01/1997, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6c:69:4a:f4:69:d0:4f:64:4b:6d:ab:49:70:b0:5e:a1:8a:13:46:84:81:88:be:06:2b:b3:23:2a:fb:60:09:ad
Signer

Actual PE Digest

6c:69:4a:f4:69:d0:4f:64:4b:6d:ab:49:70:b0:5e:a1:8a:13:46:84:81:88:be:06:2b:b3:23:2a:fb:60:09:ad

Digest Algorithm

sha256

PE Digest Matches

true

1c:6c:f0:5e:89:37:ca:63:bc:24:f0:e9:3d:3c:42:97:af:74:06:37
Signer

Actual PE Digest

1c:6c:f0:5e:89:37:ca:63:bc:24:f0:e9:3d:3c:42:97:af:74:06:37

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
FreeLibrary
QueryPerformanceCounter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
GetCurrentProcessId
GetCurrentThreadId
SwitchToThread
GetLastError
GetModuleFileNameA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapCreate
LocalAlloc
GetSystemDirectoryW
LocalFree
GetModuleHandleW
SetLastError
LoadLibraryExW
GetModuleFileNameW
ExitProcess
DecodePointer
EncodePointer
GetCommandLineA
InitializeCriticalSectionAndSpinCount
GetFileType
LoadLibraryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
InterlockedIncrement
InterlockedDecrement
WriteFile
GetStdHandle
IsProcessorFeaturePresent
HeapSize
SetHandleCount
GetStartupInfoW
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
GetTickCount
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
LCMapStringW
MultiByteToWideChar
GetStringTypeW

Exports

Exports

NvOptimusEnablementCuda
__cudaInitManagedRuntime
__cudaInitModule
__cudaRegisterDeviceFunction
__cudaRegisterFatBinary
__cudaRegisterFunction
__cudaRegisterManagedVar
__cudaRegisterPrelinkedFatBinary
__cudaRegisterShared
__cudaRegisterSharedVar
__cudaRegisterSurface
__cudaRegisterTexture
__cudaRegisterVar
__cudaUnregisterFatBinary
cudaArrayGetInfo
cudaBindSurfaceToArray
cudaBindTexture
cudaBindTexture2D
cudaBindTextureToArray
cudaBindTextureToMipmappedArray
cudaChooseDevice
cudaConfigureCall
cudaCreateChannelDesc
cudaCreateSurfaceObject
cudaCreateTextureObject
cudaD3D10GetDevice
cudaD3D10GetDevices
cudaD3D10GetDirect3DDevice
cudaD3D10MapResources
cudaD3D10RegisterResource
cudaD3D10ResourceGetMappedArray
cudaD3D10ResourceGetMappedPitch
cudaD3D10ResourceGetMappedPointer
cudaD3D10ResourceGetMappedSize
cudaD3D10ResourceGetSurfaceDimensions
cudaD3D10ResourceSetMapFlags
cudaD3D10SetDirect3DDevice
cudaD3D10UnmapResources
cudaD3D10UnregisterResource
cudaD3D11GetDevice
cudaD3D11GetDevices
cudaD3D11GetDirect3DDevice
cudaD3D11SetDirect3DDevice
cudaD3D9Begin
cudaD3D9End
cudaD3D9GetDevice
cudaD3D9GetDevices
cudaD3D9GetDirect3DDevice
cudaD3D9MapResources
cudaD3D9MapVertexBuffer
cudaD3D9RegisterResource
cudaD3D9RegisterVertexBuffer
cudaD3D9ResourceGetMappedArray
cudaD3D9ResourceGetMappedPitch
cudaD3D9ResourceGetMappedPointer
cudaD3D9ResourceGetMappedSize
cudaD3D9ResourceGetSurfaceDimensions
cudaD3D9ResourceSetMapFlags
cudaD3D9SetDirect3DDevice
cudaD3D9UnmapResources
cudaD3D9UnmapVertexBuffer
cudaD3D9UnregisterResource
cudaD3D9UnregisterVertexBuffer
cudaDestroySurfaceObject
cudaDestroyTextureObject
cudaDeviceCanAccessPeer
cudaDeviceDisablePeerAccess
cudaDeviceEnablePeerAccess
cudaDeviceGetAttribute
cudaDeviceGetByPCIBusId
cudaDeviceGetCacheConfig
cudaDeviceGetLimit
cudaDeviceGetP2PAttribute
cudaDeviceGetPCIBusId
cudaDeviceGetSharedMemConfig
cudaDeviceGetStreamPriorityRange
cudaDeviceReset
cudaDeviceSetCacheConfig
cudaDeviceSetLimit
cudaDeviceSetSharedMemConfig
cudaDeviceSynchronize
cudaDriverGetVersion
cudaEventCreate
cudaEventCreateWithFlags
cudaEventDestroy
cudaEventElapsedTime
cudaEventQuery
cudaEventRecord
cudaEventRecord_ptsz
cudaEventSynchronize
cudaFree
cudaFreeArray
cudaFreeHost
cudaFreeMipmappedArray
cudaFuncGetAttributes
cudaFuncSetCacheConfig
cudaFuncSetSharedMemConfig
cudaGLGetDevices
cudaGLMapBufferObject
cudaGLMapBufferObjectAsync
cudaGLRegisterBufferObject
cudaGLSetBufferObjectMapFlags
cudaGLSetGLDevice
cudaGLUnmapBufferObject
cudaGLUnmapBufferObjectAsync
cudaGLUnregisterBufferObject
cudaGetChannelDesc
cudaGetDevice
cudaGetDeviceCount
cudaGetDeviceFlags
cudaGetDeviceProperties
cudaGetErrorName
cudaGetErrorString
cudaGetExportTable
cudaGetLastError
cudaGetMipmappedArrayLevel
cudaGetSurfaceObjectResourceDesc
cudaGetSurfaceReference
cudaGetSymbolAddress
cudaGetSymbolSize
cudaGetTextureAlignmentOffset
cudaGetTextureObjectResourceDesc
cudaGetTextureObjectResourceViewDesc
cudaGetTextureObjectTextureDesc
cudaGetTextureReference
cudaGraphicsD3D10RegisterResource
cudaGraphicsD3D11RegisterResource
cudaGraphicsD3D9RegisterResource
cudaGraphicsGLRegisterBuffer
cudaGraphicsGLRegisterImage
cudaGraphicsMapResources
cudaGraphicsResourceGetMappedMipmappedArray
cudaGraphicsResourceGetMappedPointer
cudaGraphicsResourceSetMapFlags
cudaGraphicsSubResourceGetMappedArray
cudaGraphicsUnmapResources
cudaGraphicsUnregisterResource
cudaHostAlloc
cudaHostGetDevicePointer
cudaHostGetFlags
cudaHostRegister
cudaHostUnregister
cudaIpcCloseMemHandle
cudaIpcGetEventHandle
cudaIpcGetMemHandle
cudaIpcOpenEventHandle
cudaIpcOpenMemHandle
cudaLaunch
cudaLaunchKernel
cudaLaunchKernel_ptsz
cudaLaunch_ptsz
cudaMalloc
cudaMalloc3D
cudaMalloc3DArray
cudaMallocArray
cudaMallocHost
cudaMallocManaged
cudaMallocMipmappedArray
cudaMallocPitch
cudaMemAdvise
cudaMemGetInfo
cudaMemPrefetchAsync
cudaMemPrefetchAsync_ptsz
cudaMemRangeGetAttribute
cudaMemRangeGetAttributes
cudaMemcpy
cudaMemcpy2D
cudaMemcpy2DArrayToArray
cudaMemcpy2DArrayToArray_ptds
cudaMemcpy2DAsync
cudaMemcpy2DAsync_ptsz
cudaMemcpy2DFromArray
cudaMemcpy2DFromArrayAsync
cudaMemcpy2DFromArrayAsync_ptsz
cudaMemcpy2DFromArray_ptds
cudaMemcpy2DToArray
cudaMemcpy2DToArrayAsync
cudaMemcpy2DToArrayAsync_ptsz
cudaMemcpy2DToArray_ptds
cudaMemcpy2D_ptds
cudaMemcpy3D
cudaMemcpy3DAsync
cudaMemcpy3DAsync_ptsz
cudaMemcpy3DPeer
cudaMemcpy3DPeerAsync
cudaMemcpy3DPeerAsync_ptsz
cudaMemcpy3DPeer_ptds
cudaMemcpy3D_ptds
cudaMemcpyArrayToArray
cudaMemcpyArrayToArray_ptds
cudaMemcpyAsync
cudaMemcpyAsync_ptsz
cudaMemcpyFromArray
cudaMemcpyFromArrayAsync
cudaMemcpyFromArrayAsync_ptsz
cudaMemcpyFromArray_ptds
cudaMemcpyFromSymbol
cudaMemcpyFromSymbolAsync
cudaMemcpyFromSymbolAsync_ptsz
cudaMemcpyFromSymbol_ptds
cudaMemcpyPeer
cudaMemcpyPeerAsync
cudaMemcpyToArray
cudaMemcpyToArrayAsync
cudaMemcpyToArrayAsync_ptsz
cudaMemcpyToArray_ptds
cudaMemcpyToSymbol
cudaMemcpyToSymbolAsync
cudaMemcpyToSymbolAsync_ptsz
cudaMemcpyToSymbol_ptds
cudaMemcpy_ptds
cudaMemset
cudaMemset2D
cudaMemset2DAsync
cudaMemset2DAsync_ptsz
cudaMemset2D_ptds
cudaMemset3D
cudaMemset3DAsync
cudaMemset3DAsync_ptsz
cudaMemset3D_ptds
cudaMemsetAsync
cudaMemsetAsync_ptsz
cudaMemset_ptds
cudaOccupancyMaxActiveBlocksPerMultiprocessor
cudaOccupancyMaxActiveBlocksPerMultiprocessorWithFlags
cudaPeekAtLastError
cudaPointerGetAttributes
cudaProfilerInitialize
cudaProfilerStart
cudaProfilerStop
cudaRuntimeGetVersion
cudaSetDevice
cudaSetDeviceFlags
cudaSetDoubleForDevice
cudaSetDoubleForHost
cudaSetValidDevices
cudaSetupArgument
cudaStreamAddCallback
cudaStreamAddCallback_ptsz
cudaStreamAttachMemAsync
cudaStreamAttachMemAsync_ptsz
cudaStreamCreate
cudaStreamCreateWithFlags
cudaStreamCreateWithPriority
cudaStreamDestroy
cudaStreamGetFlags
cudaStreamGetFlags_ptsz
cudaStreamGetPriority
cudaStreamGetPriority_ptsz
cudaStreamQuery
cudaStreamQuery_ptsz
cudaStreamSynchronize
cudaStreamSynchronize_ptsz
cudaStreamWaitEvent
cudaStreamWaitEvent_ptsz
cudaThreadExit
cudaThreadGetCacheConfig
cudaThreadGetLimit
cudaThreadSetCacheConfig
cudaThreadSetLimit
cudaThreadSynchronize
cudaUnbindTexture
cudaWGLGetDevice

Sections

.text
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Zcash Miner EBWF's 0.3.4b/cudart64_80.dll
.dll windows:5 windows x64 arch:x64

52a5a93fc9a8a28f27072ecb922043dc

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

24/05/2016, 00:00

Not After

24/06/2027, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

14:78:1b:c8:62:e8:dc:50:3a:55:93:46:f5:dc:c5:18
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/07/2015, 00:00

Not After

26/07/2018, 23:59

Subject

CN=NVIDIA Corporation,O=NVIDIA Corporation,L=SANTA CLARA,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:c1:5a:f2:13:67:d0:75:8b:ed:dc:ca:11:86:42:de
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

13/07/2015, 00:00

Not After

13/07/2018, 23:59

Subject

CN=NVIDIA Corporation,OU=IT MIIS,O=NVIDIA Corporation,L=Santa Clara,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

55:45:ca:02:24:61:90:d9:79:ee:b4:0d:b9:ff:bc:18
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

11/06/2015, 00:00

Not After

29/12/2020, 23:59

Subject

CN=GeoTrust 2048-bit Timestamping Signer 3,O=GeoTrust Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

01/01/1997, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3c:27:67:77:08:20:aa:b2:c4:ae:55:c6:f2:ae:44:ca:be:24:7e:79:8e:4b:99:2c:f1:a7:8e:9b:26:20:be:0f
Signer

Actual PE Digest

3c:27:67:77:08:20:aa:b2:c4:ae:55:c6:f2:ae:44:ca:be:24:7e:79:8e:4b:99:2c:f1:a7:8e:9b:26:20:be:0f

Digest Algorithm

sha256

PE Digest Matches

true

29:98:44:36:b1:84:be:71:b5:29:ed:92:39:45:89:47:41:a5:51:69
Signer

Actual PE Digest

29:98:44:36:b1:84:be:71:b5:29:ed:92:39:45:89:47:41:a5:51:69

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GetProcAddress
FreeLibrary
QueryPerformanceCounter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
GetCurrentProcessId
GetCurrentThreadId
SwitchToThread
GetLastError
GetModuleFileNameA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapCreate
LocalAlloc
GetSystemDirectoryW
LocalFree
SetLastError
LoadLibraryExW
GetModuleFileNameW
ExitProcess
DecodePointer
EncodePointer
FlsSetValue
GetCommandLineA
InitializeCriticalSectionAndSpinCount
GetFileType
LoadLibraryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
TerminateProcess
GetCurrentProcess
FlsGetValue
FlsFree
FlsAlloc
RtlUnwindEx
WriteFile
GetStdHandle
HeapSize
SetHandleCount
GetStartupInfoW
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapSetInformation
GetVersion
GetTickCount
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
MultiByteToWideChar
GetStringTypeW

Exports

Exports

NvOptimusEnablementCuda
__cudaInitManagedRuntime
__cudaInitModule
__cudaRegisterDeviceFunction
__cudaRegisterFatBinary
__cudaRegisterFunction
__cudaRegisterManagedVar
__cudaRegisterPrelinkedFatBinary
__cudaRegisterShared
__cudaRegisterSharedVar
__cudaRegisterSurface
__cudaRegisterTexture
__cudaRegisterVar
__cudaUnregisterFatBinary
cudaArrayGetInfo
cudaBindSurfaceToArray
cudaBindTexture
cudaBindTexture2D
cudaBindTextureToArray
cudaBindTextureToMipmappedArray
cudaChooseDevice
cudaConfigureCall
cudaCreateChannelDesc
cudaCreateSurfaceObject
cudaCreateTextureObject
cudaD3D10GetDevice
cudaD3D10GetDevices
cudaD3D10GetDirect3DDevice
cudaD3D10MapResources
cudaD3D10RegisterResource
cudaD3D10ResourceGetMappedArray
cudaD3D10ResourceGetMappedPitch
cudaD3D10ResourceGetMappedPointer
cudaD3D10ResourceGetMappedSize
cudaD3D10ResourceGetSurfaceDimensions
cudaD3D10ResourceSetMapFlags
cudaD3D10SetDirect3DDevice
cudaD3D10UnmapResources
cudaD3D10UnregisterResource
cudaD3D11GetDevice
cudaD3D11GetDevices
cudaD3D11GetDirect3DDevice
cudaD3D11SetDirect3DDevice
cudaD3D9Begin
cudaD3D9End
cudaD3D9GetDevice
cudaD3D9GetDevices
cudaD3D9GetDirect3DDevice
cudaD3D9MapResources
cudaD3D9MapVertexBuffer
cudaD3D9RegisterResource
cudaD3D9RegisterVertexBuffer
cudaD3D9ResourceGetMappedArray
cudaD3D9ResourceGetMappedPitch
cudaD3D9ResourceGetMappedPointer
cudaD3D9ResourceGetMappedSize
cudaD3D9ResourceGetSurfaceDimensions
cudaD3D9ResourceSetMapFlags
cudaD3D9SetDirect3DDevice
cudaD3D9UnmapResources
cudaD3D9UnmapVertexBuffer
cudaD3D9UnregisterResource
cudaD3D9UnregisterVertexBuffer
cudaDestroySurfaceObject
cudaDestroyTextureObject
cudaDeviceCanAccessPeer
cudaDeviceDisablePeerAccess
cudaDeviceEnablePeerAccess
cudaDeviceGetAttribute
cudaDeviceGetByPCIBusId
cudaDeviceGetCacheConfig
cudaDeviceGetLimit
cudaDeviceGetP2PAttribute
cudaDeviceGetPCIBusId
cudaDeviceGetSharedMemConfig
cudaDeviceGetStreamPriorityRange
cudaDeviceReset
cudaDeviceSetCacheConfig
cudaDeviceSetLimit
cudaDeviceSetSharedMemConfig
cudaDeviceSynchronize
cudaDriverGetVersion
cudaEventCreate
cudaEventCreateWithFlags
cudaEventDestroy
cudaEventElapsedTime
cudaEventQuery
cudaEventRecord
cudaEventRecord_ptsz
cudaEventSynchronize
cudaFree
cudaFreeArray
cudaFreeHost
cudaFreeMipmappedArray
cudaFuncGetAttributes
cudaFuncSetCacheConfig
cudaFuncSetSharedMemConfig
cudaGLGetDevices
cudaGLMapBufferObject
cudaGLMapBufferObjectAsync
cudaGLRegisterBufferObject
cudaGLSetBufferObjectMapFlags
cudaGLSetGLDevice
cudaGLUnmapBufferObject
cudaGLUnmapBufferObjectAsync
cudaGLUnregisterBufferObject
cudaGetChannelDesc
cudaGetDevice
cudaGetDeviceCount
cudaGetDeviceFlags
cudaGetDeviceProperties
cudaGetErrorName
cudaGetErrorString
cudaGetExportTable
cudaGetLastError
cudaGetMipmappedArrayLevel
cudaGetSurfaceObjectResourceDesc
cudaGetSurfaceReference
cudaGetSymbolAddress
cudaGetSymbolSize
cudaGetTextureAlignmentOffset
cudaGetTextureObjectResourceDesc
cudaGetTextureObjectResourceViewDesc
cudaGetTextureObjectTextureDesc
cudaGetTextureReference
cudaGraphicsD3D10RegisterResource
cudaGraphicsD3D11RegisterResource
cudaGraphicsD3D9RegisterResource
cudaGraphicsGLRegisterBuffer
cudaGraphicsGLRegisterImage
cudaGraphicsMapResources
cudaGraphicsResourceGetMappedMipmappedArray
cudaGraphicsResourceGetMappedPointer
cudaGraphicsResourceSetMapFlags
cudaGraphicsSubResourceGetMappedArray
cudaGraphicsUnmapResources
cudaGraphicsUnregisterResource
cudaHostAlloc
cudaHostGetDevicePointer
cudaHostGetFlags
cudaHostRegister
cudaHostUnregister
cudaIpcCloseMemHandle
cudaIpcGetEventHandle
cudaIpcGetMemHandle
cudaIpcOpenEventHandle
cudaIpcOpenMemHandle
cudaLaunch
cudaLaunchKernel
cudaLaunchKernel_ptsz
cudaLaunch_ptsz
cudaMalloc
cudaMalloc3D
cudaMalloc3DArray
cudaMallocArray
cudaMallocHost
cudaMallocManaged
cudaMallocMipmappedArray
cudaMallocPitch
cudaMemAdvise
cudaMemGetInfo
cudaMemPrefetchAsync
cudaMemPrefetchAsync_ptsz
cudaMemRangeGetAttribute
cudaMemRangeGetAttributes
cudaMemcpy
cudaMemcpy2D
cudaMemcpy2DArrayToArray
cudaMemcpy2DArrayToArray_ptds
cudaMemcpy2DAsync
cudaMemcpy2DAsync_ptsz
cudaMemcpy2DFromArray
cudaMemcpy2DFromArrayAsync
cudaMemcpy2DFromArrayAsync_ptsz
cudaMemcpy2DFromArray_ptds
cudaMemcpy2DToArray
cudaMemcpy2DToArrayAsync
cudaMemcpy2DToArrayAsync_ptsz
cudaMemcpy2DToArray_ptds
cudaMemcpy2D_ptds
cudaMemcpy3D
cudaMemcpy3DAsync
cudaMemcpy3DAsync_ptsz
cudaMemcpy3DPeer
cudaMemcpy3DPeerAsync
cudaMemcpy3DPeerAsync_ptsz
cudaMemcpy3DPeer_ptds
cudaMemcpy3D_ptds
cudaMemcpyArrayToArray
cudaMemcpyArrayToArray_ptds
cudaMemcpyAsync
cudaMemcpyAsync_ptsz
cudaMemcpyFromArray
cudaMemcpyFromArrayAsync
cudaMemcpyFromArrayAsync_ptsz
cudaMemcpyFromArray_ptds
cudaMemcpyFromSymbol
cudaMemcpyFromSymbolAsync
cudaMemcpyFromSymbolAsync_ptsz
cudaMemcpyFromSymbol_ptds
cudaMemcpyPeer
cudaMemcpyPeerAsync
cudaMemcpyToArray
cudaMemcpyToArrayAsync
cudaMemcpyToArrayAsync_ptsz
cudaMemcpyToArray_ptds
cudaMemcpyToSymbol
cudaMemcpyToSymbolAsync
cudaMemcpyToSymbolAsync_ptsz
cudaMemcpyToSymbol_ptds
cudaMemcpy_ptds
cudaMemset
cudaMemset2D
cudaMemset2DAsync
cudaMemset2DAsync_ptsz
cudaMemset2D_ptds
cudaMemset3D
cudaMemset3DAsync
cudaMemset3DAsync_ptsz
cudaMemset3D_ptds
cudaMemsetAsync
cudaMemsetAsync_ptsz
cudaMemset_ptds
cudaOccupancyMaxActiveBlocksPerMultiprocessor
cudaOccupancyMaxActiveBlocksPerMultiprocessorWithFlags
cudaPeekAtLastError
cudaPointerGetAttributes
cudaProfilerInitialize
cudaProfilerStart
cudaProfilerStop
cudaRuntimeGetVersion
cudaSetDevice
cudaSetDeviceFlags
cudaSetDoubleForDevice
cudaSetDoubleForHost
cudaSetValidDevices
cudaSetupArgument
cudaStreamAddCallback
cudaStreamAddCallback_ptsz
cudaStreamAttachMemAsync
cudaStreamAttachMemAsync_ptsz
cudaStreamCreate
cudaStreamCreateWithFlags
cudaStreamCreateWithPriority
cudaStreamDestroy
cudaStreamGetFlags
cudaStreamGetFlags_ptsz
cudaStreamGetPriority
cudaStreamGetPriority_ptsz
cudaStreamQuery
cudaStreamQuery_ptsz
cudaStreamSynchronize
cudaStreamSynchronize_ptsz
cudaStreamWaitEvent
cudaStreamWaitEvent_ptsz
cudaThreadExit
cudaThreadGetCacheConfig
cudaThreadGetLimit
cudaThreadSetCacheConfig
cudaThreadSetLimit
cudaThreadSynchronize
cudaUnbindTexture
cudaWGLGetDevice

Sections

.text
Size: 239KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Zcash Miner EBWF's 0.3.4b/miner.cfg
Zcash Miner EBWF's 0.3.4b/miner.exe
.exe windows:6 windows x64 arch:x64

d92107aac696cec8c3688d75a6f497ec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Gomer\Documents\Visual Studio 2013\Projects\equi 0.3.333b\x64\Release\miner.pdb

Imports

winmm

timeGetTime

cudart64_80

cudaConfigureCall
cudaSetupArgument
cudaLaunch
cudaMemcpy
cudaGetSymbolAddress
__cudaRegisterFatBinary
__cudaUnregisterFatBinary
__cudaRegisterVar
__cudaRegisterFunction
cudaDeviceGetPCIBusId
cudaGetDeviceCount
cudaGetDeviceProperties
cudaEventElapsedTime
cudaEventSynchronize
cudaEventCreate
cudaSetDeviceFlags
cudaSetDevice
cudaDeviceReset
cudaEventDestroy
cudaEventRecord
cudaGetErrorString

kernel32

ReleaseMutex
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
CreateMutexA
GetExitCodeThread
GetConsoleScreenBufferInfo
LoadLibraryA
GetLocalTime
GetProcAddress
GetStdHandle
ExpandEnvironmentStringsA
WaitForSingleObject
CreateThread
SetConsoleTextAttribute
Sleep

msvcr120

__set_app_type
exit
_exit
_cexit
__setusermatherr
_initterm_e
_initterm
__initenv
_fmode
_commode
?terminate@@YAXXZ
__crtSetUnhandledExceptionFilter
ceil
_configthreadlocale
_time64
free
malloc
printf
sprintf
strcmp
memcmp
memcpy
memset
sscanf
tolower
vprintf
vsprintf
strstr
__iob_func
_access
fflush
atoi
system
fgets
fopen
rand
srand
fwrite
strtoul
atof
fclose
isspace
strtoll
_errno
isalpha
isdigit
strcspn
realloc
_lock
_unlock
_calloc_crt
__dllonexit
__C_specific_handler
_onexit
__crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__crtCaptureCurrentContext
__crtCapturePreviousContext
_XcptFilter
_amsg_exit
__getmainargs

ws2_32

connect
WSAStartup
setsockopt
gethostbyname
htons
shutdown
recv
bind
socket
closesocket
inet_pton
accept
listen
send

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 505.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nv_fatb
Size: 225KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nvFatBi
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b32cb13a1d12d18a9a2c05e9e82a47d

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7Certificate

Key Usages

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14Certificate

Extended Key Usages

Key Usages

14:78:1b:c8:62:e8:dc:50:3a:55:93:46:f5:dc:c5:18Certificate

Extended Key Usages

Key Usages

61:19:93:e4:00:00:00:00:00:1cCertificate

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

7b:c1:5a:f2:13:67:d0:75:8b:ed:dc:ca:11:86:42:deCertificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

61:19:93:e4:00:00:00:00:00:1cCertificate

Key Usages

5f:d6:93:fa:b0:98:e3:f4:67:7b:b8:cb:67:2c:22:9eCertificate

Extended Key Usages

Key Usages

Certificate

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

6c:69:4a:f4:69:d0:4f:64:4b:6d:ab:49:70:b0:5e:a1:8a:13:46:84:81:88:be:06:2b:b3:23:2a:fb:60:09:adSigner

1c:6c:f0:5e:89:37:ca:63:bc:24:f0:e9:3d:3c:42:97:af:74:06:37Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 193KB - Virtual size: 193KB

.rdata Size: 40KB - Virtual size: 40KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 26KB - Virtual size: 26KB

.reloc Size: 10KB - Virtual size: 10KB

52a5a93fc9a8a28f27072ecb922043dc

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7Certificate

Key Usages

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14Certificate

Extended Key Usages

Key Usages

14:78:1b:c8:62:e8:dc:50:3a:55:93:46:f5:dc:c5:18Certificate

Extended Key Usages

Key Usages

61:19:93:e4:00:00:00:00:00:1cCertificate

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

7b:c1:5a:f2:13:67:d0:75:8b:ed:dc:ca:11:86:42:deCertificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

61:19:93:e4:00:00:00:00:00:1cCertificate

Key Usages

55:45:ca:02:24:61:90:d9:79:ee:b4:0d:b9:ff:bc:18Certificate

Extended Key Usages

Key Usages

Certificate

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

14:78:1b:c8:62:e8:dc:50:3a:55:93:46:f5:dc:c5:18
Certificate

61:19:93:e4:00:00:00:00:00:1c
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

7b:c1:5a:f2:13:67:d0:75:8b:ed:dc:ca:11:86:42:de
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

61:19:93:e4:00:00:00:00:00:1c
Certificate

5f:d6:93:fa:b0:98:e3:f4:67:7b:b8:cb:67:2c:22:9e
Certificate

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

6c:69:4a:f4:69:d0:4f:64:4b:6d:ab:49:70:b0:5e:a1:8a:13:46:84:81:88:be:06:2b:b3:23:2a:fb:60:09:ad
Signer

1c:6c:f0:5e:89:37:ca:63:bc:24:f0:e9:3d:3c:42:97:af:74:06:37
Signer

.text
Size: 193KB - Virtual size: 193KB

.rdata
Size: 40KB - Virtual size: 40KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 26KB - Virtual size: 26KB

.reloc
Size: 10KB - Virtual size: 10KB

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

14:78:1b:c8:62:e8:dc:50:3a:55:93:46:f5:dc:c5:18
Certificate

61:19:93:e4:00:00:00:00:00:1c
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

7b:c1:5a:f2:13:67:d0:75:8b:ed:dc:ca:11:86:42:de
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

61:19:93:e4:00:00:00:00:00:1c
Certificate

55:45:ca:02:24:61:90:d9:79:ee:b4:0d:b9:ff:bc:18
Certificate

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

3c:27:67:77:08:20:aa:b2:c4:ae:55:c6:f2:ae:44:ca:be:24:7e:79:8e:4b:99:2c:f1:a7:8e:9b:26:20:be:0f
Signer

29:98:44:36:b1:84:be:71:b5:29:ed:92:39:45:89:47:41:a5:51:69
Signer

.text
Size: 239KB - Virtual size: 239KB

.rdata
Size: 55KB - Virtual size: 54KB

.data
Size: 5KB - Virtual size: 13KB

.pdata
Size: 13KB - Virtual size: 13KB

.rsrc
Size: 26KB - Virtual size: 26KB

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 22KB - Virtual size: 22KB

.data
Size: 512B - Virtual size: 505.1MB

.pdata
Size: 2KB - Virtual size: 1KB

.nv_fatb
Size: 225KB - Virtual size: 224KB

.nvFatBi
Size: 512B - Virtual size: 24B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 48B