D:\work\893f00f663353e48\bin\x86\MinSizeRel\JsisPlugins.pdb
Overview
overview
8Static
static
320a6c6e35c...d2.exe
windows7-x64
820a6c6e35c...d2.exe
windows10-2004-x64
8$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDIR/Midex.dll
windows7-x64
6$PLUGINSDIR/Midex.dll
windows10-2004-x64
6$PLUGINSDIR/jsis.dll
windows7-x64
3$PLUGINSDIR/jsis.dll
windows10-2004-x64
3$PLUGINSDI...ON.dll
windows7-x64
3$PLUGINSDI...ON.dll
windows10-2004-x64
3$_106_.dll
windows7-x64
1$_106_.dll
windows10-2004-x64
1Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe
Resource
win7-20240419-en
windows7-x64
26 signatures
150 seconds
Behavioral task
behavioral2
Sample
20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe
Resource
win10v2004-20240426-en
windows10-2004-x64
28 signatures
150 seconds
Behavioral task
behavioral3
Sample
$PLUGINSDIR/JsisPlugins.dll
Resource
win7-20240215-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral4
Sample
$PLUGINSDIR/JsisPlugins.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral5
Sample
$PLUGINSDIR/Midex.dll
Resource
win7-20240221-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral6
Sample
$PLUGINSDIR/Midex.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral7
Sample
$PLUGINSDIR/jsis.dll
Resource
win7-20240220-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral8
Sample
$PLUGINSDIR/jsis.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral9
Sample
$PLUGINSDIR/nsJSON.dll
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral10
Sample
$PLUGINSDIR/nsJSON.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral11
Sample
$_106_.dll
Resource
win7-20240508-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral12
Sample
$_106_.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
60feb08011db31607cee2a5bc1f2206f.bin
-
Size
5.7MB
-
MD5
a4c48ed377b61710572fc0f8f4324ef9
-
SHA1
7b81f42b8838235fe0e91476a57aa25b54645969
-
SHA256
bc1d98077dbead8e5889fdfef34c13b120f0d4bedf4d2a8fa2281b7aa05ecdf1
-
SHA512
88cb97c8b9b4d5e4a04d6d8d9cfdd25b65a00ab1929a49500cdfc55815b7729bdebc665395e645ebdb8a965f7c1c91a5820c432ac5fea4cd6b525a82e7814de2
-
SSDEEP
98304:ZFeOBSf4eaTg78RShUHWlmRT9+w1fC9BPDMnHWlV1iYrFPoPGc5bmxmjsG7pOKF4:jTHeaTg78RmUHWlmRJlMDPDA6QwFQPGf
Score
3/10
Malware Config
Signatures
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource unpack001/20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe unpack002/$PLUGINSDIR/JsisPlugins.dll
Files
-
60feb08011db31607cee2a5bc1f2206f.bin.zip
Password: infected
-
20a6c6e35c32583f23b8701d14233fccec6fc68d6fc78dcffbb4da1c53b6b9d2.exe.exe windows:4 windows x86 arch:x86
Password: infected
24f4223e271413c25abad52fd456a9bc
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ExitProcess
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
SetCurrentDirectoryW
GetFileAttributesW
SetEnvironmentVariableW
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
GetVersion
SetErrorMode
lstrlenW
lstrcpynW
CopyFileW
MoveFileW
GlobalLock
CreateThread
GetLastError
CreateDirectoryW
CreateProcessW
RemoveDirectoryW
lstrcmpiA
GetTempFileNameW
WriteFile
lstrcpyA
MoveFileExW
lstrcatW
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
lstrcmpiW
lstrcmpW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
ExpandEnvironmentStringsW
GlobalFree
GlobalUnlock
GetDiskFreeSpaceW
GlobalAlloc
DeleteFileW
FindFirstFileW
FindNextFileW
FindClose
SetFilePointer
ReadFile
MulDiv
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
WritePrivateProfileStringW
FreeLibrary
GetPrivateProfileStringW
GetModuleHandleW
LoadLibraryExW
user32
GetWindowRect
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongW
SetCursor
LoadCursorW
CheckDlgButton
GetMessagePos
CallWindowProcW
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
ScreenToClient
EnableMenuItem
GetDlgItem
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharPrevW
CharNextA
wsprintfA
DispatchMessageW
PeekMessageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
SystemParametersInfoW
EndDialog
RegisterClassW
DialogBoxParamW
CreateWindowExW
GetClassInfoW
DestroyWindow
CharNextW
ExitWindowsEx
SetWindowTextW
LoadImageW
SetTimer
ShowWindow
PostQuitMessage
wsprintfW
SetWindowLongW
FindWindowExW
IsWindow
CreatePopupMenu
AppendMenuW
GetSystemMetrics
DrawTextW
EndPaint
CreateDialogParamW
SendMessageTimeoutW
SetForegroundWindow
gdi32
SelectObject
SetTextColor
SetBkMode
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
GetDeviceCaps
SetBkColor
shell32
ShellExecuteExW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFileInfoW
SHFileOperationW
SHBrowseForFolderW
advapi32
AdjustTokenPrivileges
RegCreateKeyExW
RegOpenKeyExW
SetFileSecurityW
OpenProcessToken
LookupPrivilegeValueW
RegEnumValueW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegEnumKeyW
comctl32
ImageList_Create
ImageList_AddMasked
ord17
ImageList_Destroy
ole32
OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance
Sections
.text Size: 25KB - Virtual size: 25KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 128KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 380KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 131KB - Virtual size: 130KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/JsisPlugins.dll.dll windows:6 windows x86 arch:x86
Password: infected
bcb2b0b7e3ad7db4b14b8c68c2a9f8c2
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
kernel32
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
VirtualAlloc
VirtualFree
WriteFile
ResetEvent
GetCurrentThreadId
CreatePipe
CloseHandle
ReadFile
LoadLibraryW
GetProcAddress
FindResourceW
FileTimeToSystemTime
CompareFileTime
GetFileSizeEx
SizeofResource
LockResource
LoadResource
LoadLibraryExW
GetModuleHandleW
FreeLibrary
CreateFileW
InitializeCriticalSectionEx
GetLastError
RaiseException
DecodePointer
OutputDebugStringW
WideCharToMultiByte
MultiByteToWideChar
lstrcpyW
lstrcpynW
GlobalFree
GlobalAlloc
VerifyVersionInfoW
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
ReadConsoleW
GetConsoleMode
GetConsoleCP
EnumSystemLocalesW
GetUserDefaultLCID
GetACP
CreateProcessW
GetThreadPriority
SetThreadPriority
CreateEventW
WaitForSingleObject
DeleteCriticalSection
SetEvent
IsValidLocale
GetLocaleInfoW
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
ReleaseSRWLockShared
AcquireSRWLockShared
TryAcquireSRWLockExclusive
TryAcquireSRWLockShared
GetCPInfoExW
GetStringTypeW
InitOnceBeginInitialize
InitOnceComplete
WaitForSingleObjectEx
Sleep
SwitchToThread
GetExitCodeThread
GetNativeSystemInfo
QueryPerformanceCounter
QueryPerformanceFrequency
FormatMessageA
LocalFree
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
FindClose
FindFirstFileExW
FindNextFileW
GetDiskFreeSpaceExW
GetFileAttributesW
GetFileAttributesExW
GetFileInformationByHandle
GetFinalPathNameByHandleW
GetFullPathNameW
SetEndOfFile
SetFileAttributesW
SetFileInformationByHandle
SetFilePointerEx
SetFileTime
GetTempPathW
AreFileApisANSI
DeviceIoControl
CreateDirectoryExW
CopyFileW
MoveFileExW
CreateHardLinkW
GetFileInformationByHandleEx
CreateSymbolicLinkW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
InitOnceExecuteOnce
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
CreateEventExW
CreateSemaphoreExW
FlushProcessWriteBuffers
GetCurrentProcessorNumber
GetSystemTimeAsFileTime
GetTickCount64
FreeLibraryWhenCallbackReturns
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWait
EncodePointer
CompareStringEx
GetCPInfo
LCMapStringEx
GetLocaleInfoEx
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
InitializeSListHead
GetCommandLineW
GetFileTime
SetLastError
GetExitCodeProcess
GetProcessId
OpenProcess
GetSystemDirectoryW
IsWow64Process
GetModuleFileNameW
LocalAlloc
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetVolumePathNameW
GetVolumeNameForVolumeMountPointW
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
GetVersion
FindResourceExW
FlushFileBuffers
GetTickCount
GetSystemTime
SystemTimeToFileTime
GetFileSize
LockFileEx
UnlockFile
HeapCompact
GetSystemInfo
DeleteFileW
DeleteFileA
LoadLibraryA
CreateFileA
FlushViewOfFile
GetFileAttributesA
GetDiskFreeSpaceA
FormatMessageW
GetTempPathA
HeapValidate
CreateMutexW
UnlockFileEx
GetFullPathNameA
SetFilePointer
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
HeapCreate
InitializeCriticalSection
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitProcess
GetModuleHandleExW
CreateThread
ExitThread
ResumeThread
FreeLibraryAndExitThread
GetCurrentThread
SetConsoleCtrlHandler
GetStdHandle
GetFileType
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
VerSetConditionMask
user32
FindWindowExW
GetWindowThreadProcessId
SendMessageTimeoutW
UnregisterClassW
wsprintfW
IsWindowVisible
IsWindow
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
EnumWindows
GetWindowLongW
MessageBoxW
GetWindowRect
EnableMenuItem
GetSystemMenu
SetDlgItemTextW
GetDlgItem
SetWindowPos
MoveWindow
ShowWindow
PostQuitMessage
DefWindowProcW
PostMessageW
DispatchMessageW
TranslateMessage
GetMessageW
GetShellWindow
LoadCursorW
GetMonitorInfoW
MonitorFromPoint
RegisterClassExW
CreateWindowExW
SetWindowLongW
RegisterWindowMessageW
ole32
CoCreateGuid
OleInitialize
OleUninitialize
StringFromGUID2
CoCreateInstance
CoTaskMemFree
crypt32
CryptHashCertificate
CertFreeCertificateContext
CertFindCertificateInStore
CertCloseStore
CryptMsgGetParam
CryptMsgClose
CryptQueryObject
wintrust
WinVerifyTrust
shell32
ord680
SHGetKnownFolderPath
SHCreateItemFromParsingName
ShellExecuteExW
oleaut32
VariantInit
VariantCopy
SysFreeString
SysAllocString
VariantClear
VariantTimeToSystemTime
advapi32
ConvertStringSidToSidA
RegCloseKey
RegCreateKeyExW
RegCreateKeyTransactedW
RegDeleteKeyExW
RegDeleteKeyTransactedW
RegDeleteValueW
RegOpenKeyExW
RegOpenKeyTransactedW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
RegEnumKeyExW
RegEnumValueW
OpenProcessToken
AdjustTokenPrivileges
DuplicateTokenEx
LookupPrivilegeValueW
CreateProcessWithTokenW
ConvertStringSecurityDescriptorToSecurityDescriptorW
CopySid
GetLengthSid
GetTokenInformation
IsValidSid
LookupAccountNameA
ConvertSidToStringSidA
shlwapi
AssocQueryStringA
secur32
GetUserNameExW
rpcrt4
UuidToStringA
UuidCreate
UuidFromStringA
wtsapi32
WTSFreeMemory
WTSQuerySessionInformationA
Exports
Exports
nsisBrowser_Chrome_GetActiveDaysInPeriod
nsisBrowser_Chrome_GetLastVisitTimestamp
nsisBrowser_Chrome_GetTotalVisitsInPeriod
nsisBrowser_Chrome_GetUniqueVisitsInPeriod
nsisBrowser_EdgeV2_GetActiveDaysInPeriod
nsisBrowser_EdgeV2_GetLastVisitTimestamp
nsisBrowser_EdgeV2_GetTotalVisitsInPeriod
nsisBrowser_EdgeV2_GetUniqueVisitsInPeriod
nsisBrowser_Edge_GetSearchEngines
nsisBrowser_Mozilla_GetActiveDaysInPeriod
nsisBrowser_Mozilla_GetLastVisitTimestamp
nsisBrowser_Mozilla_GetTotalVisitsInPeriod
nsisBrowser_Mozilla_GetUniqueVisitsInPeriod
nsisBrowser_Mozilla_Mozlz4DecompressFileToFile
nsisBrowser_Msie_GetActiveDaysInPeriod
nsisBrowser_Msie_GetLastVisitTimestamp
nsisBrowser_Msie_GetTotalVisitsInPeriod
nsisBrowser_Msie_GetUniqueVisitsInPeriod
nsisBrowser_Opera_GetActiveDaysInPeriod
nsisBrowser_Opera_GetLastVisitTimestamp
nsisBrowser_Opera_GetTotalVisitsInPeriod
nsisBrowser_Opera_GetUniqueVisitsInPeriod
nsisBrowser_SafeZone_GetActiveDaysInPeriod
nsisBrowser_SafeZone_GetLastVisitTimestamp
nsisBrowser_SafeZone_GetLogActivityCount
nsisBrowser_SafeZone_GetTotalVisitsInPeriod
nsisBrowser_SafeZone_GetUniqueVisitsInPeriod
nsisPlugin_GetLoggingSeverity
nsisPlugin_Help
nsisPlugin_Init
nsisPlugin_RegisterLoggingCallback
nsisPlugin_SetLoggingSeverity
nsisPlugin_TestLoggingCallback
nsisSciterUI_AnimateBuffers
nsisSciterUI_AppendValue
nsisSciterUI_CenterWindowOnPrimaryDisplay
nsisSciterUI_ChangeDefaultValue
nsisSciterUI_ChangeLanguage
nsisSciterUI_ChangeOverrideValue
nsisSciterUI_ChangeProgressTask
nsisSciterUI_ChangeValue
nsisSciterUI_HideWindow
nsisSciterUI_HideWindowBorder
nsisSciterUI_Init
nsisSciterUI_LoadPage
nsisSciterUI_MessageBox
nsisSciterUI_MinimizeWindow
nsisSciterUI_Reset
nsisSciterUI_RestoreWindow
nsisSciterUI_ShowWindow
nsisSciterUI_ShowWindowBorder
nsisSciterUI_Shutdown
nsisSciterUI_SwapBuffers
nsisSciterUI_TriggerUpdate
nsisSciterUI_WaitForSingleEvent
nsisSystem_Hardware_GetMidexUuid
nsisSystem_Process_Close
nsisSystem_Process_Count
nsisSystem_Process_DeleteSelf
nsisSystem_Process_DeleteSelfEx
nsisSystem_Process_Exists
nsisSystem_Process_Terminate
nsisSystem_SchTasks_Process
nsisUtilities_OSUtils_CreateProcess
nsisUtilities_OSUtils_CreateProcessFromTrustedExecutable
nsisUtilities_OSUtils_CreateProcessFromTrustedExecutableEx
nsisUtilities_OSUtils_CreateProcessUnelevated
nsisUtilities_OSUtils_CreateRestrictedFolder
nsisUtilities_OSUtils_GetOsBuild
nsisUtilities_OSUtils_GetOsFullVersion
nsisUtilities_OSUtils_GetOsVersion
nsisUtilities_OSUtils_HasVisibleWindow
nsisUtilities_OSUtils_IsPinnedToTaskbar
nsisUtilities_OSUtils_UnpinShortcut
nsisUtilities_OSUtils_VerifyTrust
nsisUtilities_OSUtils_VerifyTrustEx
nsisUtilities_TagData_Extract
Sections
.text Size: 1.5MB - Virtual size: 1.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 458KB - Virtual size: 457KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 49KB - Virtual size: 60KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 72KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/Midex.dll.dll windows:5 windows x86 arch:x86
Password: infected
a41019eae6c79e0cc9e9c9ed3b9687a0
Code Sign
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29/04/2021, 00:00Not After28/04/2036, 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
04:35:60:3f:7a:88:8a:e1:6c:05:b0:0f:15:3c:c6:fcCertificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before16/09/2022, 00:00Not After17/09/2025, 23:59SubjectCN=AVG Technologies USA\, LLC,O=AVG Technologies USA\, LLC,L=Redwood City,ST=California,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14/07/2023, 00:00Not After13/10/2034, 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23/03/2022, 00:00Not After22/03/2037, 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/08/2022, 00:00Not After09/11/2031, 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
12:81:f9:e6:d9:a4:57:a3:f2:bb:99:b7:a4:ca:1e:b0:a5:e8:55:b4:52:f6:07:ac:68:c3:f1:64:e6:da:e5:74Signer
Actual PE Digest12:81:f9:e6:d9:a4:57:a3:f2:bb:99:b7:a4:ca:1e:b0:a5:e8:55:b4:52:f6:07:ac:68:c3:f1:64:e6:da:e5:74Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
D:\work\3db0bf373ac3fc9b\Release Midex\Midex.pdb
Imports
kernel32
lstrcpynW
MultiByteToWideChar
GlobalAlloc
WideCharToMultiByte
HeapFree
EnterCriticalSection
DeviceIoControl
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetVolumePathNameW
CreateFileW
GetSystemDirectoryW
UnmapViewOfFile
HeapSize
GetVersion
GetVolumeNameForVolumeMountPointW
GetLastError
HeapReAlloc
CloseHandle
RaiseException
HeapAlloc
DecodePointer
HeapDestroy
GetProcAddress
DeleteCriticalSection
GetProcessHeap
GetModuleHandleW
MapViewOfFile
WriteConsoleW
FlushFileBuffers
SetFilePointerEx
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
RtlUnwind
InterlockedFlushSList
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetACP
GetStdHandle
GetFileType
GetStringTypeW
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
WriteFile
GetConsoleCP
GetConsoleMode
user32
wsprintfW
Exports
Exports
midex
Sections
.text Size: 78KB - Virtual size: 78KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/jsis.dll.dll windows:5 windows x86 arch:x86
Password: infected
5809b57e871b146bd3a9782d4448492e
Code Sign
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29/04/2021, 00:00Not After28/04/2036, 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
04:35:60:3f:7a:88:8a:e1:6c:05:b0:0f:15:3c:c6:fcCertificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before16/09/2022, 00:00Not After17/09/2025, 23:59SubjectCN=AVG Technologies USA\, LLC,O=AVG Technologies USA\, LLC,L=Redwood City,ST=California,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14/07/2023, 00:00Not After13/10/2034, 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23/03/2022, 00:00Not After22/03/2037, 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/08/2022, 00:00Not After09/11/2031, 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
06:bd:9b:e3:0f:48:13:da:2c:a7:63:f0:bd:b1:ba:f5:04:e1:00:b6:88:aa:8c:44:5b:cb:c6:1d:f5:f7:49:83Signer
Actual PE Digest06:bd:9b:e3:0f:48:13:da:2c:a7:63:f0:bd:b1:ba:f5:04:e1:00:b6:88:aa:8c:44:5b:cb:c6:1d:f5:f7:49:83Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
D:\work\f369f300b8043bce\plugins\src\jsis\build\Release Unicode\jsis.pdb
Imports
uxtheme
SetWindowTheme
shlwapi
StrStrA
StrStrIW
StrStrIA
StrStrW
wininet
InternetQueryOptionW
InternetReadFile
HttpQueryInfoW
HttpSendRequestW
HttpOpenRequestW
InternetSetOptionW
InternetCrackUrlW
InternetCloseHandle
InternetOpenW
InternetConnectW
kernel32
lstrlenW
CreateFileW
GetFileAttributesW
MultiByteToWideChar
WideCharToMultiByte
lstrcpynW
lstrcpyW
GetStdHandle
AllocConsole
FreeConsole
AttachConsole
ExitProcess
SetUnhandledExceptionFilter
SetErrorMode
SetFilePointer
GetLocalTime
lstrcmpW
FindClose
FindFirstFileW
FindNextFileW
GetLocaleInfoW
GetUserDefaultUILanguage
CloseHandle
DeleteFileW
FreeLibrary
GetProcAddress
GetVersion
LocalAlloc
LocalFree
GetCurrentProcess
GetExitCodeProcess
GetProcessId
WaitForSingleObject
GetTickCount
lstrcmpiW
LoadLibraryW
CreateProcessW
WTSGetActiveConsoleSessionId
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetLongPathNameW
OpenProcess
ReleaseMutex
GetSystemTime
SystemTimeToFileTime
CreateMutexW
GetModuleFileNameW
GetModuleHandleW
GetCommandLineW
GetTempPathW
GetTempFileNameW
SetCurrentDirectoryW
GetCurrentDirectoryW
MoveFileExW
GetVersionExA
IsWow64Process
GetGeoInfoW
ReadFile
lstrlenA
SetLastError
IsDebuggerPresent
CheckRemoteDebuggerPresent
WriteFile
GetFileSize
lstrcatW
GetLastError
GlobalFree
GlobalReAlloc
GlobalAlloc
lstrcpynA
GetUserGeoID
user32
SetFocus
GetSystemMetrics
GetSystemMenu
EnableMenuItem
SetForegroundWindow
LockSetForegroundWindow
GetWindowTextW
GetClientRect
GetWindowRect
SetCursor
HideCaret
GetWindowLongW
SetWindowLongW
LoadCursorW
DestroyIcon
LoadImageW
SystemParametersInfoW
CharUpperW
GetCursorPos
DestroyCaret
ScreenToClient
DefWindowProcW
CallWindowProcW
IsWindow
DrawTextExW
GetDC
ReleaseDC
MapWindowPoints
MapDialogRect
GetWindowPlacement
IsWindowVisible
GetParent
SendMessageW
MessageBoxW
wsprintfW
wsprintfA
wvsprintfW
SetWindowPos
ShowWindow
SendMessageTimeoutW
TrackMouseEvent
CharLowerW
GetWindowThreadProcessId
EnumWindows
GetKeyState
AllowSetForegroundWindow
gdi32
GetCharWidthW
SelectObject
GetTextExtentPoint32W
GetDeviceCaps
DeleteObject
advapi32
LookupAccountNameW
LookupAccountSidW
FreeSid
AllocateAndInitializeSid
IsValidSid
CreateWellKnownSid
GetTokenInformation
OpenProcessToken
RegQueryValueExW
RegEnumKeyW
GetUserNameW
RegSetValueExW
RegCreateKeyW
ConvertStringSidToSidW
ConvertSidToStringSidW
CheckTokenMembership
DuplicateTokenEx
CreateProcessAsUserW
RegCloseKey
RegOpenKeyExW
shell32
SHGetFolderPathW
ShellExecuteExW
ole32
CoCreateGuid
StringFromGUID2
Exports
Exports
Int64Op
nsAddExStyle
nsAddFatalTrackingParam
nsAddInternalLogAnonymizeRule
nsAddInternalLogFilter
nsAddStyle
nsBumpWindow
nsCharCodeAt
nsCharLower
nsCharUpper
nsClearFatalTrackingParams
nsClearInternalLog
nsClearLoadedText
nsCloseLog
nsCloseTrace
nsConsoleAppend
nsConsoleAttach
nsConsoleDetach
nsConsoleLog
nsCrash
nsCreateMutex
nsDamm
nsDebugEnter
nsDebugLeave
nsDestructureMsgfilter
nsDetectVM
nsDu2px
nsEnableClose
nsEscapeNonAscii
nsExecAsync
nsExecAsyncClose
nsExecAsyncGetExitCode
nsExecAsyncGetPid
nsExecLogonUser
nsExtractTagData
nsFatal
nsFindProcessWindow
nsFreeBitmap
nsFreeIcon
nsGetClientSize
nsGetCommandLine
nsGetCurSelText
nsGetCurrentDirectory
nsGetCurrentProcess
nsGetDPI
nsGetDiskUsage
nsGetGeoCountryCode
nsGetInternalLogMessage
nsGetLocalTime
nsGetLocaleInfo
nsGetLogonSid
nsGetLongPathName
nsGetOwnerSid
nsGetParentWindow
nsGetPosition
nsGetProcessInfo
nsGetScreenSize
nsGetSize
nsGetSystemTime
nsGetTextExtent
nsGetUnixTimeString
nsGetUnixTimeStringLocal
nsGetUserDefaultGeoName
nsGetUserDefaultUILanguage
nsGetUserNameFromSid
nsGetUtcTimeString
nsGetWindowLong
nsGetWindowPos
nsGetWindowSize
nsGetWindowText
nsGetWindowsVersion
nsGetWorkArea
nsHideCaret
nsI18nAddSupportedLanguage
nsI18nChooseLcid
nsI18nGetChromiumLocale
nsI18nGetComboBoxSelectedLanguage
nsI18nLcidToLocale
nsI18nPopulateComboBox
nsI18nSortLanguagesByName
nsI18nTranslateLangName
nsInetAddParam
nsInetAddRawPostData
nsInetReset
nsInetSend
nsInit
nsInitLog
nsInitTrace
nsIsElevated
nsIsMaximized
nsIsMinimized
nsIsVisible
nsIsWow64Process
nsJsisStashLocalVars
nsJsisUnstashLocalVars
nsJsonify
nsLoadAndSetImage
nsLoadRichEdit
nsLoadTextFromFile
nsLockSetForegroundWindow
nsLogMessage
nsLogNsisStack
nsLstrcmp
nsLstrcmpi
nsMaximize
nsMessageBox
nsMinimize
nsMoveFileEx
nsMuiLoadImage
nsOwnerIsAdmin
nsPostInternalLog
nsPx2du
nsRelaunch
nsRelaunchClose
nsRelaunchWait
nsReleaseMutex
nsRemoveExStyle
nsRemoveStyle
nsRemoveWindowTheme
nsReopenLog
nsReopenTrace
nsReplaceInLoadedText
nsRestore
nsRichEditBuilderAddLink
nsRichEditBuilderAddText
nsRichEditBuilderEnd
nsRichEditBuilderLoadString
nsRichEditBuilderSetAlignment
nsRichEditBuilderSetColor
nsRichEditBuilderSetColorHex
nsRichEditBuilderSetFontSize
nsRichEditBuilderSetHighlight
nsRichEditBuilderSetHighlightHex
nsRichEditBuilderStart
nsRichEditClearSelection
nsRichEditDisableTextSelection
nsRichEditLoadFile
nsRichEditSetLinkHandler
nsRichEditSupportTabOrder
nsSaveLoadedText
nsSetClientSize
nsSetCurrentDirectory
nsSetFatalExitCode
nsSetFatalMessage
nsSetFatalTrackingUrl
nsSetFocus
nsSetInternalLogLevel
nsSetMouseCursor
nsSetPosition
nsSetSize
nsSetStretchedButtonImage
nsSetStretchedImage
nsSetWindowCursor
nsSetWindowLong
nsSetWindowPos
nsStackDelete
nsStackInsert
nsStackRead
nsStackSize
nsSubclass
nsSuppressCrashDialog
nsTrackMouseEvent
nsUnsubclass
nsUuid
nsWaitForProcess
nsWriteRegMultiSz
Sections
.text Size: 67KB - Virtual size: 67KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 32KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 704B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/nsJSON.dll.dll windows:5 windows x86 arch:x86
Password: infected
8338bb74c0af59997e6958029dda6f79
Code Sign
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29/04/2021, 00:00Not After28/04/2036, 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
04:35:60:3f:7a:88:8a:e1:6c:05:b0:0f:15:3c:c6:fcCertificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before16/09/2022, 00:00Not After17/09/2025, 23:59SubjectCN=AVG Technologies USA\, LLC,O=AVG Technologies USA\, LLC,L=Redwood City,ST=California,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14/07/2023, 00:00Not After13/10/2034, 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23/03/2022, 00:00Not After22/03/2037, 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/08/2022, 00:00Not After09/11/2031, 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ef:c0:a8:43:f5:17:d0:b9:d9:05:ef:f6:b1:c1:f1:16:c3:fe:aa:61:d2:d4:ba:a0:13:97:3b:4b:27:14:94:37Signer
Actual PE Digestef:c0:a8:43:f5:17:d0:b9:d9:05:ef:f6:b1:c1:f1:16:c3:fe:aa:61:d2:d4:ba:a0:13:97:3b:4b:27:14:94:37Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
D:\work\7c64e6304ba228bc\Plugins\nsJSON.pdb
Imports
wininet
HttpSendRequestW
InternetOpenW
InternetQueryDataAvailable
InternetCloseHandle
InternetConnectW
InternetSetOptionW
InternetReadFile
HttpAddRequestHeadersW
InternetCrackUrlW
HttpQueryInfoW
HttpOpenRequestW
kernel32
lstrcmpW
lstrcpynW
GetExitCodeProcess
CreateProcessW
CreateThread
lstrcatW
GetLastError
FormatMessageW
GetModuleHandleA
WaitForSingleObject
CreatePipe
SetHandleInformation
ReadFile
lstrlenW
WriteFile
lstrlenA
CreateFileW
MultiByteToWideChar
GlobalAlloc
GlobalFree
CloseHandle
GetFileSize
WideCharToMultiByte
lstrcpyW
lstrcmpiW
GlobalReAlloc
user32
MsgWaitForMultipleObjectsEx
TranslateMessage
IsCharAlphaNumericW
wsprintfW
PeekMessageW
PostMessageW
DispatchMessageW
ole32
StringFromGUID2
CoCreateGuid
Exports
Exports
Delete
Get
GetJsisMember
JsisArrayPush
JsisArrayToStack
JsisCreateHandle
JsisInit
Quote
Serialize
Set
SetEscape
SetJsisMembers
Sort
Wait
Sections
.text Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 36B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 720B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$_106_.dll windows:6 windows x86 arch:x86
Password: infected
Code Sign
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29/04/2021, 00:00Not After28/04/2036, 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
04:35:60:3f:7a:88:8a:e1:6c:05:b0:0f:15:3c:c6:fcCertificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before16/09/2022, 00:00Not After17/09/2025, 23:59SubjectCN=AVG Technologies USA\, LLC,O=AVG Technologies USA\, LLC,L=Redwood City,ST=California,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14/07/2023, 00:00Not After13/10/2034, 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23/03/2022, 00:00Not After22/03/2037, 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/08/2022, 00:00Not After09/11/2031, 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
e0:2c:a4:34:4a:2d:ad:38:04:38:1d:bc:13:dd:6b:4e:a1:ed:ea:ee:ab:59:9c:39:8e:54:08:43:93:92:13:ccSigner
Actual PE Digeste0:2c:a4:34:4a:2d:ad:38:04:38:1d:bc:13:dd:6b:4e:a1:ed:ea:ee:ab:59:9c:39:8e:54:08:43:93:92:13:ccDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
D:\work\d58bb94b48143cdc\Contrib\build\out\x86\MinSizeRel\sciterui.pdb
Sections
.rdata Size: 512B - Virtual size: 284B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 6.4MB - Virtual size: 6.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ