8f4a392bf47746cad1aeadba8dc6f7bb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8f4a392bf47746cad1aeadba8dc6f7bb_JaffaCakes118
Size

1.8MB
MD5

8f4a392bf47746cad1aeadba8dc6f7bb
SHA1

61eee45d10f9ff5f4951b255c19ff636c0e8c8ac
SHA256

70673e529e95271d2fed7851f126bc093521e92b6be1f391438f7f0274a3df4b
SHA512

824e46af5796de1b4348dae97dc9d30086b6f7a47544a87ba4195d6050b53d3806cecad93fda85a74f043cd5ae492b1856f0901327bdc4b24a748eb01c721a4c
SSDEEP

49152:f1rLUIABxDGA8uRWkWbjdOpn1Elg/8Qg:drIn3DGURWbg1L8

Score

1^/10

Malware Config

Signatures

Files

8f4a392bf47746cad1aeadba8dc6f7bb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2663a473bfc116bb4ceb69c496e16e05

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

dd:e4:29:e0:e7:b2:be:99:92:c1:64:49:09:e5:82:13:6b:68:19:48
Signer

Actual PE Digest

dd:e4:29:e0:e7:b2:be:99:92:c1:64:49:09:e5:82:13:6b:68:19:48

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\CQS\branches\CQT_Video\Source\VideoEditor\Output\Pdb\VideoEditor.pdb

Imports

ws2_32

socket
inet_addr
htons
closesocket
connect
setsockopt
recv
send
ntohl
htonl

psapi

GetModuleFileNameExW
GetMappedFileNameW

gdiplus

GdipLoadImageFromFile
GdipFree
GdipAlloc
GdipGetFontHeightGivenDPI
GdipGetImageWidth
GdipGetImageHeight
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipCreateFont
GdipDeleteFont
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipDisposeImage

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

trae_qt

TRAE_DestroyEngine
TRAE_CreateEngine

comctl32

InitCommonControlsEx

common

?CreateObjectFromDllFile@Com@Util@@YGJPB_WABU_GUID@@1PAPAXPAUIUnknown@@@Z
?InitPlatformCoreConfig@Boot@Util@@YAHXZ
?SetMainAndLogicThreadId@Misc@Util@@YAXKK@Z
?GetSession@TXLog@@YAKXZ
?GetLCID@NLS@@YAKXZ
?ClearDeadQueue@Misc@Util@@YAXXZ
?SetBugReportUin@TXBugReport@@YAXK@Z
?SetBugReportFlag@TXBugReport@@YAHK@Z
?InitPlatformGFConfig@Boot@Util@@YAHXZ
?OnExitCoreCenter@Misc@Util@@YAXXZ
?OnExitWinMain@Misc@Util@@YAXXZ
?InitPlatformI18NConfig@Boot@Util@@YAHXZ
?InitPlatformFileSystem@Boot@Util@@YAHXZ
?GetExeDir@Sys@Util@@YA?AVCTXStringW@@XZ
?InitBugReport@TXBugReport@@YAXPB_W000GGKHHKKP6GHPAUtagBugReportInfo@1@PBD200PAPAXPAKPAX@Z@Z
?GetAt@CTXStringW@@QBE_WH@Z
??1CTXStringW@@QAE@XZ
??M@YA_NABVCTXStringW@@0@Z
??0CTXStringW@@QAE@ABV0@@Z
??0CTXStringW@@QAE@PB_W@Z
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
??0CTXStringW@@QAE@XZ
??1CTXBSTR@@QAE@XZ
??BCTXBSTR@@QBEPA_WXZ
??0CTXBSTR@@QAE@ABVCTXStringW@@@Z
??0CTXStringW@@QAE@PA_W@Z
??0CTXStringW@@QAE@H@Z
?GetBuffer@CTXStringW@@QAEPA_WXZ
?Format@CTXStringW@@QAAXPB_WZZ
??4CTXStringW@@QAEAAV0@ABV0@@Z
?ConvertToPureFile@FS@@YA?AVCTXStringW@@PB_W@Z
??4CTXStringW@@QAEAAV0@PB_W@Z
?Truncate@CTXStringW@@QAEXH@Z
?ReverseFind@CTXStringW@@QBEH_W@Z
?GetBuffer@CTXStringW@@QAEPA_WH@Z
?TXLog_DoTXLogVW@@YAXPAUtagLogObj@@PB_W1PAD@Z
?SetInterval@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?EraseTimerCallback@TXTimer@@YAHPAUITXTimerCallback@@I@Z
??H@YA?AVCTXStringW@@PB_WABV0@@Z
??YCTXStringW@@QAEAAV0@PB_W@Z
??BCTXStringW@@QBEPB_WXZ
?TXAssert@@YAHPB_W0H@Z
??7CTXStringW@@QBE_NXZ
??H@YA?AVCTXStringW@@ABV0@0@Z
??0CTXStringW@@QAE@UtagEN@@PBDH@Z
?GetLength@CTXStringW@@QBEHXZ
?GetPlatformCore@Core@Util@@YAHPAPAUITXCore@@@Z
??ICTXBSTR@@QAEPAPA_WXZ
?IsEmpty@CTXBSTR@@QAEHXZ
??0CTXBSTR@@QAE@PB_W@Z
??0CTXBSTR@@QAE@XZ
??4CTXStringW@@QAEAAV0@PA_W@Z
?GetBSTR@CTXStringW@@QBEPA_WXZ
??8@YA_NABVCTXStringW@@0@Z
?InitPlatform@CoreCenter@Util@@YAHPA_W@Z
?Append@CTXStringW@@QAEXABV1@@Z
?Compare@CTXStringW@@QBEHPB_W@Z
?Empty@CTXStringW@@QAEXXZ
?Left@CTXStringW@@QBE?AV1@H@Z
?Format@CTXTime@@QBE?AVCTXStringW@@PB_W@Z
??0CTXTime@@QAE@ABU_SYSTEMTIME@@H@Z
?ReleaseBuffer@CTXStringW@@QAEXH@Z
?Mid@CTXStringW@@QBE?AV1@HH@Z
?Find@CTXStringW@@QBEH_WH@Z
?Find@CTXStringW@@QBEHPB_WH@Z
?MakeLower@CTXStringW@@QAEAAV1@XZ
?TrimRight@CTXStringW@@QAEAAV1@XZ
?TrimLeft@CTXStringW@@QAEAAV1@XZ
?IsEmpty@CTXStringW@@QBE_NXZ
??YCTXStringW@@QAEAAV0@ABV0@@Z
??9@YA_NABVCTXStringW@@PB_W@Z
?Right@CTXStringW@@QBE?AV1@H@Z
??4CTXStringA@@QAEAAV0@PBD@Z
?Mid@CTXStringA@@QBE?AV1@H@Z
?ReleaseBuffer@CTXStringA@@QAEXH@Z
?GetBuffer@CTXStringA@@QAEPADH@Z
??1CTXStringA@@QAE@XZ
??4CTXStringA@@QAEAAV0@ABV0@@Z
?Left@CTXStringA@@QBE?AV1@H@Z
?GetLength@CTXStringA@@QBEHXZ
??0CTXStringA@@QAE@XZ
??YCTXStringW@@QAEAAV0@_W@Z
?Mid@CTXStringW@@QBE?AV1@H@Z
??0CTXStringA@@QAE@PBD@Z
?GetBufferSetLength@CTXStringW@@QAEPA_WH@Z
??0CTXStringW@@QAE@ABVCTXBSTR@@@Z
?Append@CTXStringW@@QAEXPB_W@Z
ord10
ord4
ord6
ord5
?SetTimeout@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
??YCTXBSTR@@QAEAAV0@PB_W@Z
?Format@CTXStringA@@QAAXPBDZZ
??M@YA_NABVCTXStringA@@0@Z
?Length@CTXBSTR@@QBEIXZ
??4CTXBSTR@@QAEAAV0@PB_W@Z
?SetAt@CTXStringW@@QAEXH_W@Z
?GetTXDataStr@Data@Util@@YAHPAUITXDataRead@@PB_WAAVCTXStringW@@@Z
??H@YA?AVCTXStringW@@_WABV0@@Z
?GetParentDir@FS@Util@@YA?AVCTXStringW@@V3@@Z
?OnUninitCom@Misc@Util@@YAXXZ

gf

?RawCreateGFElementByXtml@GF@Util@@YAJPA_WPAPAUIGFElement@@PAU3@0H@Z
?SetCustomObjectFactory@GF@Util@@YAXP6AHABU_GUID@@0PAPAX@Z@Z
?ExtractOleDDData@GF@Util@@YA_NPAUIDataObject@@AAIAAPAE@Z
?FreeOleDDData@GF@Util@@YAXAAPAE@Z
?CreateDropSource@GF@Util@@YA_NPAPAUIDropSource@@PAPAUIDataObject@@IPAE@Z
?CreateObject@GF@Util@@YAJABU_GUID@@0PAPAX@Z

xgraphic32

LockTextureBits
CreateTexture
UnlockTextureBits

tinyxml

?ToElement@TiXmlNode@@UBEPBVTiXmlElement@@XZ
?LoadXML@TiXmlDocument@@QAE_NPADHW4TiXmlEncoding@@@Z
?FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@PBD@Z
?IterateChildren@TiXmlNode@@QBEPBV1@PBV1@@Z
?Value@TiXmlNode@@QBEPBDXZ
??1TiXmlDocument@@UAE@XZ
?FirstChildElement@TiXmlNode@@QBEPBVTiXmlElement@@PBD@Z
?Attribute@TiXmlElement@@QBEPBDPBD@Z
?Accept@TiXmlDocument@@UBE_NPAVTiXmlVisitor@@@Z
?Clone@TiXmlDocument@@MBEPAVTiXmlNode@@XZ
?ToDeclaration@TiXmlNode@@UBEPBVTiXmlDeclaration@@XZ
?ToDeclaration@TiXmlNode@@UAEPAVTiXmlDeclaration@@XZ
?ToText@TiXmlNode@@UBEPBVTiXmlText@@XZ
?ToText@TiXmlNode@@UAEPAVTiXmlText@@XZ
?ToUnknown@TiXmlNode@@UBEPBVTiXmlUnknown@@XZ
?ToUnknown@TiXmlNode@@UAEPAVTiXmlUnknown@@XZ
?ToComment@TiXmlNode@@UBEPBVTiXmlComment@@XZ
?ToComment@TiXmlNode@@UAEPAVTiXmlComment@@XZ
??0TiXmlDocument@@QAE@XZ
?Print@TiXmlDocument@@UBEXPAU_iobuf@@H@Z
?Parse@TiXmlDocument@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?ToDocument@TiXmlDocument@@UAEPAV1@XZ
?ToDocument@TiXmlDocument@@UBEPBV1@XZ
?ToElement@TiXmlNode@@UAEPAVTiXmlElement@@XZ
?LoadFile@TiXmlDocument@@QAE_NPAU_iobuf@@W4TiXmlEncoding@@@Z

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetSystemTimeAsFileTime
HeapSetInformation
VirtualFree
DecodePointer
EncodePointer
InterlockedPopEntrySList
VirtualAlloc
IsDebuggerPresent
IsProcessorFeaturePresent
InterlockedPushEntrySList
HeapSize
HeapReAlloc
HeapDestroy
LocalFree
InterlockedExchange
OutputDebugStringA
CreateThread
GetCommandLineW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
TerminateProcess
LoadLibraryExW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateFileMappingW
GetLogicalDriveStringsW
QueryDosDeviceW
GetEnvironmentVariableW
SetEnvironmentVariableW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteFileW
WideCharToMultiByte
GetTempFileNameW
GetTempPathW
GetLastError
MultiByteToWideChar
lstrlenA
GetPrivateProfileIntW
GetTickCount
GetModuleFileNameW
GetModuleHandleW
CloseHandle
WaitForSingleObject
CreateProcessW
QueryPerformanceCounter
GetCurrentThreadId
InterlockedIncrement
OutputDebugStringW
GetFileSize
CreateFileW
SetEvent
OpenEventW
InterlockedDecrement
GetPrivateProfileStringW
RaiseException
InitializeCriticalSectionAndSpinCount
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
GetProcAddress
lstrlenW
lstrcmpiW
GetCurrentThread
GetCurrentProcess
ReleaseMutex
CreateMutexW
OpenMutexW
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
InterlockedCompareExchange
SetLastError
GetHandleInformation
ResetEvent
WriteFile
SetEndOfFile
SetFilePointer
HeapAlloc
GetFileAttributesW
CreateDirectoryW
CreateEventW
HeapFree
GetProcessHeap
FlushInstructionCache
ReadFile
SetThreadPriority
TerminateThread
WaitForMultipleObjects
LoadLibraryW
FreeLibrary
Sleep
GetCurrentProcessId
GetVersionExW
VirtualFreeEx
ReadProcessMemory
VirtualAllocEx
OpenProcess
GetVersion

user32

MonitorFromRect
GetMonitorInfoW
SetFocus
GetForegroundWindow
IsIconic
AttachThreadInput
GetParent
GetWindow
GetClientRect
LoadIconW
RegisterWindowMessageW
GetDoubleClickTime
SetTimer
LoadMenuW
GetSubMenu
DestroyMenu
SetMenuDefaultItem
SetForegroundWindow
TrackPopupMenu
GetWindowThreadProcessId
SendMessageW
MapWindowPoints
CopyRect
FindWindowW
SystemParametersInfoW
GetClassNameW
GetWindowRect
PeekMessageW
CallWindowProcW
RegisterClassExW
DefWindowProcW
CreateWindowExW
DestroyWindow
LoadCursorW
GetClassInfoExW
ShowWindow
GetDesktopWindow
GetMessageW
TranslateMessage
DispatchMessageW
PostMessageW
GetWindowLongW
SetWindowLongW
IsWindow
SetWindowPos
MoveWindow
GetCursorPos
PtInRect
GetDC
CharNextW
EnumChildWindows
UnregisterClassA
EnableWindow
PostThreadMessageW
SetWindowTextW
SendMessageTimeoutW
EnumWindows
KillTimer

gdi32

DeleteObject
EnumFontFamiliesExW
GetObjectW

comdlg32

GetOpenFileNameW

advapi32

RegOpenKeyExW
RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegEnumKeyExW
SetNamedSecurityInfoA
RegCreateKeyExW

shell32

SHAppBarMessage
Shell_NotifyIconW
SHGetFileInfoW
ShellExecuteW

ole32

CoTaskMemFree
StringFromCLSID
CoLoadLibrary
OleUninitialize
OleInitialize
CoReleaseServerProcess
CoAddRefServerProcess
CoInitialize
CoCreateInstance
CoUninitialize
CoInitializeEx

oleaut32

SysFreeString
SysAllocString
SysStringLen
VariantInit
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
DispCallFunc
VariantClear

atl100

ord31
ord58
ord43
ord11
ord10
ord30
ord44
ord64
ord32

shlwapi

PathAppendW
PathFindFileNameW
StrCatW

msvcp100

?_Orphan_all@_Container_base12@std@@QAEXXZ
?_Xfunc@tr1@std@@YAXXZ
?_Swap_all@_Container_base0@std@@QAEXAAU12@@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ
?_Xlength_error@std@@YAXPBD@Z
??0_Container_base12@std@@QAE@XZ
?max@?$numeric_limits@I@std@@SAIXZ
?max@?$numeric_limits@K@std@@SAKXZ
?min@?$numeric_limits@K@std@@SAKXZ
_Inf
_Nan
_FNan
_FInf
??1_Container_base12@std@@QAE@XZ

msvcr100

wprintf
_wcsnicmp
_vsnwprintf
vswprintf_s
_vscwprintf
isxdigit
toupper
_wtoi64
ferror
_fseeki64
_ftelli64
fopen
tolower
strstr
vsprintf_s
fwrite
wcsrchr
clock
_wfopen
ftell
srand
wcsnlen
_wsplitpath_s
wcstoul
_wtoi
rand
fread
fseek
memchr
strnlen
_beginthreadex
_snwprintf
_atoi64
_wfopen_s
fclose
strncpy_s
_vsnwprintf_s
_swprintf
strcpy_s
sprintf_s
swprintf_s
memmove_s
wcscpy_s
wmemcpy_s
malloc
_waccess
_snwprintf_s
wcsncpy_s
_time64
printf
_recalloc
calloc
free
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
__wargv
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
memmove
??2@YAPAXI@Z
memset
_purecall
__iob_func
fprintf
memcpy_s
_invoke_watson
_controlfp_s
wcsncpy
_wcsicmp
_errno
_time32
_snprintf_s
feof
fgetc
_vsnprintf_s
__CxxFrameHandler3
memcpy
??_V@YAXPAX@Z
??3@YAXPAX@Z
__argc
_lock
__dllonexit
_unlock
__RTDynamicCast
strtod
strchr
strtol
strtoul
_strtoui64
_strtoi64
ldiv
_snprintf
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
??8type_info@@QBE_NABV0@@Z
??0bad_cast@std@@QAE@ABV01@@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_vsnprintf
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
_initterm_e
atoi
sprintf
fflush
setlocale
wcstombs
vfprintf
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
_except_handler4_common
?terminate@@YAXXZ
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
??1exception@std@@UAE@XZ
_onexit
??0exception@std@@QAE@XZ

wininet

HttpAddRequestHeadersW
InternetQueryOptionW
InternetErrorDlg
HttpSendRequestW
InternetReadFileExA
InternetSetStatusCallbackW
InternetOpenW
InternetCloseHandle
InternetCrackUrlW
HttpOpenRequestW
HttpSendRequestExW
InternetConnectW
HttpQueryInfoW
HttpEndRequestW
InternetWriteFile

dbghelp

SymCleanup
SymLoadModule64
SymGetModuleBase64
SymFunctionTableAccess64
SymGetOptions
SymSetOptions
StackWalk64
SymGetModuleInfo64
SymGetSearchPath
SymGetSymFromAddr64
SymInitialize

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 245KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 234KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2663a473bfc116bb4ceb69c496e16e05

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fdCertificate

Extended Key Usages

Key Usages

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0eCertificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

dd:e4:29:e0:e7:b2:be:99:92:c1:64:49:09:e5:82:13:6b:68:19:48Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

psapi

gdiplus

version

trae_qt

comctl32

common

gf

xgraphic32

tinyxml

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

atl100

shlwapi

msvcp100

msvcr100

wininet

dbghelp

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 245KB - Virtual size: 245KB

.data Size: 23KB - Virtual size: 30KB

.rsrc Size: 234KB - Virtual size: 233KB

.reloc Size: 148KB - Virtual size: 147KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

dd:e4:29:e0:e7:b2:be:99:92:c1:64:49:09:e5:82:13:6b:68:19:48
Signer

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 245KB - Virtual size: 245KB

.data
Size: 23KB - Virtual size: 30KB

.rsrc
Size: 234KB - Virtual size: 233KB

.reloc
Size: 148KB - Virtual size: 147KB