hijackloader | snss2[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

snss2.exe
Size

7.7MB
MD5

3a856193d7f5204896257205ffbe19bf
SHA1

a9f0f06ca0828076b76edd913e5c8429d7bb2ca3
SHA256

8ab04f749508030f388cbbe218bfaf32490673793c066d4e1002b6ad56f78c1e
SHA512

0d3a2468f130e1431e7ef57f0021e14ecc91399addf6f6648cb689d45bd162f0f3a9931807aa4c69e341a3e49bbe63a9c04dbc841cfc7c4b36c023f7e114b63a
SSDEEP

98304:3RjBDuX7yiW2cTYuVEWilcAiKS6m4goQ1v5zzG1GM2h8LH7Bil63eAo3YLhQL7IC:3R1D1iQT3fnIGMZ7Bil63r6YLEurIvZf

Score

10^/10

hijackloader

Malware Config

Signatures

Detects HijackLoader (aka IDAT Loader) 1 IoCs

Processes:

resource yara_rule

sample family_hijackloader
Hijackloader family
hijackloader

resource	yara_rule
sample	family_hijackloader

Files

snss2.exe
.exe windows:5 windows x86 arch:x86

450bb1fbb4effde3b036914d2b595d0f

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28-07-2020 00:00

Not After

18-03-2029 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

31:44:3d:85:f3:8e:79:3e:7a:73:bb:0e
Certificate

Issuer

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

01-07-2022 02:29

Not After

01-07-2025 02:29

Subject

CN=Shenzhen Saiboen Software Technology Co.\, Ltd.,OU=Software Development Department,O=Shenzhen Saiboen Software Technology Co.\, Ltd.,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28-07-2020 00:00

Not After

18-03-2029 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

31:44:3d:85:f3:8e:79:3e:7a:73:bb:0e
Certificate

Issuer

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

01-07-2022 02:29

Not After

01-07-2025 02:29

Subject

CN=Shenzhen Saiboen Software Technology Co.\, Ltd.,OU=Software Development Department,O=Shenzhen Saiboen Software Technology Co.\, Ltd.,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e1:5f:61:fd:9f:79:f3:15:88:63:a4:ad:af:2c:37:c0:a6:03:8a:f0:70:ec:0f:e9:a6:61:09:e4:d7:23:c9:ae
Signer

Actual PE Digest

e1:5f:61:fd:9f:79:f3:15:88:63:a4:ad:af:2c:37:c0:a6:03:8a:f0:70:ec:0f:e9:a6:61:09:e4:d7:23:c9:ae

Digest Algorithm

sha256

PE Digest Matches

false

da:b2:e4:bb:5e:b6:e0:5d:a2:a7:12:5c:5b:b1:33:97:b2:be:18:15
Signer

Actual PE Digest

da:b2:e4:bb:5e:b6:e0:5d:a2:a7:12:5c:5b:b1:33:97:b2:be:18:15

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
LoadLibraryExW
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
WritePrivateProfileStructW
LocalFileTimeToFileTime
GetCurrentProcessId
SetErrorMode
FlushViewOfFile
CreateMutexW
CreateFileMappingW
FindFirstFileW
InterlockedDecrement
GetModuleFileNameW
VirtualAllocEx
VirtualFreeEx
ReadProcessMemory
CreateIoCompletionPort
GetQueuedCompletionStatus
ResumeThread
CreateProcessW
CreateJobObjectW
AssignProcessToJobObject
SetInformationJobObject
CreateRemoteThread
GetDiskFreeSpaceW
GetDiskFreeSpaceExW
HeapAlloc
HeapFree
GetProcessHeap
lstrcatW
GetTempFileNameW
OpenMutexW
GetCurrentThreadId
VirtualProtect
WaitForMultipleObjects
GetSystemTime
InterlockedPopEntrySList
FlushFileBuffers
MultiByteToWideChar
GetDriveTypeW
GetExitCodeProcess
GetFileAttributesW
MoveFileExW
OutputDebugStringW
VirtualAlloc
MoveFileW
SetFileTime
WriteConsoleW
GetFileTime
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetCurrentThread
FreeLibraryAndExitThread
ExitThread
ReadConsoleW
GetConsoleMode
GetConsoleCP
SetStdHandle
GetFileType
lstrcpynW
SetEnvironmentVariableA
GetACP
GetStdHandle
GetModuleHandleExW
ExitProcess
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
RaiseException
ReplaceFileA
MoveFileA
SetFilePointerEx
RemoveDirectoryA
GetFileAttributesExA
FindNextFileA
FindFirstFileA
CreateDirectoryA
InitializeCriticalSection
AreFileApisANSI
HeapCreate
InterlockedCompareExchange
LockFile
GetFullPathNameA
UnlockFileEx
HeapValidate
HeapSize
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
LoadLibraryA
GetVersionExA
HeapReAlloc
HeapCompact
HeapDestroy
UnlockFile
CreateFileMappingA
LockFileEx
GetFileSizeEx
SetFileAttributesW
FormatMessageW
SystemTimeToFileTime
FreeEnvironmentStringsW
OutputDebugStringA
GetComputerNameW
GetFullPathNameW
ExpandEnvironmentStringsW
GetEnvironmentVariableW
GetLongPathNameW
QueryPerformanceFrequency
QueryPerformanceCounter
RemoveDirectoryW
QueryDosDeviceW
LoadLibraryW
GetLogicalDriveStringsW
DuplicateHandle
TerminateThread
FreeLibrary
GlobalFree
GlobalAlloc
GlobalUnlock
GlobalLock
GetDateFormatW
GetTimeFormatW
GetLocaleInfoW
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalFree
LocalAlloc
GetSystemInfo
GetProcAddress
FindFirstFileExW
SetFilePointer
SetEndOfFile
DeleteFileW
ReadFile
GetFileSize
WideCharToMultiByte
DeleteFileA
CreateFileA
WriteFile
SetLastError
GetVolumeInformationW
FindNextFileW
lstrcmpW
FindClose
FormatMessageA
UnmapViewOfFile
SetVolumeLabelW
GetTempPathW
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
LCMapStringW
UnregisterWaitEx
QueryDepthSList
ReleaseSemaphore
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
CompareStringW
GetTickCount
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCPInfo
DecodePointer
EncodePointer
GetStringTypeW
GetNumberFormatW
FindResourceW
SizeofResource
LoadResource
LockResource
GetModuleHandleA
GetLogicalDrives
DeleteCriticalSection
TryEnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
OpenFileMappingW
MapViewOfFile
CreateFileW
DeviceIoControl
TerminateProcess
OpenProcess
GetVersionExW
CreateDirectoryW
CreateEventW
lstrlenW
GetLocalTime
CloseHandle
Sleep
WaitForSingleObject
ResetEvent
SetEvent
GetLastError
CreateThread
SetPriorityClass
SetThreadPriority
GetCurrentProcess
FlushInstructionCache
LoadLibraryExA
CreateTimerQueue
SignalObjectAndWait
SwitchToThread

user32

DefWindowProcW
RegisterClassExW
CreateWindowExW
IsIconic
SetTimer
KillTimer
RegisterWindowMessageW
EnableMenuItem
SetMenuDefaultItem
SetActiveWindow
PtInRect
TrackMouseEvent
SetCapture
GetClipboardData
CloseClipboard
OpenClipboard
SetCursor
GetSystemMetrics
SystemParametersInfoW
ReleaseDC
GetDC
LoadCursorW
GetWindowThreadProcessId
ExitWindowsEx
EmptyClipboard
EnumDisplaySettingsW
EnumDisplayDevicesW
DestroyMenu
GetKeyState
SetForegroundWindow
GetWindowRect
GetCursorPos
GetWindowLongW
SetWindowLongW
ReleaseCapture
ClientToScreen
UnregisterClassW
UpdateLayeredWindow
GetMenuStringW
FindWindowW
DestroyIcon
LoadStringW
wsprintfW
DestroyWindow
mouse_event
ShowCursor
SetCursorPos
GetActiveWindow
ShowWindow
FindWindowExW
SendMessageTimeoutW
GetPropW
GetDesktopWindow
GetSystemMenu
CreatePopupMenu
AppendMenuW
TrackPopupMenu
BeginPaint
EndPaint
SetClipboardData
LoadIconW
SetPropW
DispatchMessageW
TranslateMessage
GetClassNameW
EnumWindows
EnumChildWindows
GetParent
IsWindowVisible
IsWindow
SendMessageW
PeekMessageW
MoveWindow
IsWindowEnabled
EnableWindow
EndDialog
IsZoomed
SetWindowPlacement
GetWindowPlacement
UnregisterHotKey
RegisterHotKey
SetFocus
GetWindow
GetIconInfo
SetWindowPos
PostQuitMessage
GetMessageW
MessageBoxW
PostMessageW

gdi32

CreateCompatibleDC
GetObjectW
DeleteObject
EnumFontFamiliesW
SelectObject
CreateDIBSection
DeleteDC

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

AllocateAndInitializeSid
CryptReleaseContext
CryptAcquireContextA
DuplicateTokenEx
CreateProcessAsUserW
EqualSid
SetTokenInformation
CredEnumerateW
CredDeleteW
CredFree
RegCloseKey
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegSetValueExW
RegEnumKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegOpenKeyW
RegCreateKeyExW
RegEnumKeyExW
OpenEventLogW
CloseEventLog
ClearEventLogW
GetUserNameW
GetTokenInformation
RegSetKeySecurity
RegGetKeySecurity
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAce
InitializeAcl
GetLengthSid
FreeSid
CryptGenRandom
GetSidSubAuthorityCount
GetSidSubAuthority
GetSidIdentifierAuthority
ConvertStringSidToSidW
RegUnLoadKeyW
RegLoadKeyW
LookupPrivilegeValueW
LookupAccountNameW
AdjustTokenPrivileges
OpenProcessToken
RegDeleteKeyW

shell32

ShellExecuteW
ShellExecuteExW
SHEmptyRecycleBinW
SHBrowseForFolderW
SHFileOperationW
SHGetDesktopFolder
SHGetPathFromIDListW
DragQueryFileW
SHGetFolderPathW
SHGetSpecialFolderPathW
Shell_NotifyIconW
SHAddToRecentDocs
ExtractIconExW
SHGetFileInfoW

ole32

StgIsStorageFile
StgOpenStorageEx
CoSetProxyBlanket
CoInitialize
OleRegGetUserType
CLSIDFromString
OleUninitialize
OleInitialize
PropVariantClear
CoTaskMemFree
CreateStreamOnHGlobal
CoCreateInstance
CoInitializeSecurity
CoInitializeEx
CoUninitialize

oleaut32

VariantClear
VariantInit
VariantTimeToSystemTime
SysFreeString
SysAllocString

gdiplus

GdipAlloc
GdipFree
GdipCreatePath
GdipDeleteBrush
GdipCreatePathGradientFromPath
GdipDeletePath
GdipCloneBrush
GdipResetPath
GdiplusStartup
GdipSetPenDashStyle
GdipDeletePen
GdipCreatePen1
GdipSetTextRenderingHint
GdipMeasureString
GdipDeleteGraphics
GdipCreateFromHDC
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipDeleteStringFormat
GdipCreateStringFormat
GdipClosePathFigure
GdipAddPathPolygonI
GdipGetFontHeightGivenDPI
GdipSetPenDashArray
GdipCreateTexture
GdipCreateSolidFill
GdipCreateLineBrushI
GdipDrawString
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdipDeleteFont
GdipCreateRegion
GdipGetImageHeight
GdipDrawImageI
GdipBitmapSetResolution
GdipCreateBitmapFromScan0
GdipGetImageVerticalResolution
GdipGetImageHorizontalResolution
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipAddPathRectangleI
GdipAddPathLineI
GdipAddPathArcI
GdipCreateLineBrush
GdipDrawImageRectRectI
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipCreateMatrix
GdipDeleteMatrix
GdipTranslateMatrix
GdipRotateMatrix
GdipSetImageAttributesGamma
GdipSetSmoothingMode
GdipSetWorldTransform
GdipTranslateWorldTransform
GdipGetDpiX
GdipGetDpiY
GdipDrawLine
GdipDrawRectangle
GdipGraphicsClear
GdipFillRectangle
GdipFillRectangleI
GdipFillPath
GdipDrawImage
GdipDrawImageRect
GdipDrawImagePointRectI
GdipDrawImageRectRect
GdipSetClipRectI
GdipSetClipPath
GdipSetClipRegion
GdipGetClip
GdipGetRegionBounds
GdipGetRegionScansCount
GdipGetRegionScansI
GdipMeasureCharacterRanges
GdipCloneStringFormat
GdipSetStringFormatTabStops
GdipSetStringFormatMeasurableCharacterRanges
GdipSetPenColor
GdipGetImagePixelFormat
GdipCreateBitmapFromHBITMAP
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipSetPathGradientFocusScales
GdipSetPathGradientPresetBlend
GdipGetImageWidth
GdipDeleteRegion
GdipAddPathPieI

sfc

SfcIsFileProtected

ntdll

NtTerminateProcess
NtWriteVirtualMemory

esent

JetMove
JetRetrieveColumn
JetTerm
JetDelete
JetCloseTable
JetCloseDatabase
JetEndSession
JetInit2

wininet

InternetOpenUrlW
InternetReadFileExA
InternetReadFileExW
InternetSetStatusCallbackW
HttpQueryInfoW
InternetCloseHandle
InternetGetConnectedState
DeleteUrlCacheEntryW
FindFirstUrlCacheEntryExW
FindNextUrlCacheEntryExW
FindCloseUrlCache
InternetOpenW
InternetCheckConnectionW

crypt32

CertGetNameStringW
CertFreeCertificateContext
CertFindCertificateInStore
CertCloseStore
CryptQueryObject
CryptMsgClose
CryptDecodeObject
CryptMsgGetParam

netapi32

NetUserEnum
NetApiBufferFree

shlwapi

SHDeleteValueW
SHDeleteKeyW
PathGetDriveNumberW
PathCanonicalizeW
PathIsNetworkPathW
PathFindExtensionW
PathIsRelativeW
SHStrDupW
PathMatchSpecA
PathStripPathW
PathMatchSpecW
PathFileExistsW
PathIsDirectoryW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

comctl32

InitCommonControlsEx

psapi

EnumProcesses
GetModuleFileNameExW
GetProcessImageFileNameW
EnumProcessModules

winmm

timeGetTime

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 823KB - Virtual size: 823KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 451KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

450bb1fbb4effde3b036914d2b595d0f

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47Certificate

Extended Key Usages

Key Usages

31:44:3d:85:f3:8e:79:3e:7a:73:bb:0eCertificate

Extended Key Usages

Key Usages

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47Certificate

Extended Key Usages

Key Usages

31:44:3d:85:f3:8e:79:3e:7a:73:bb:0eCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

e1:5f:61:fd:9f:79:f3:15:88:63:a4:ad:af:2c:37:c0:a6:03:8a:f0:70:ec:0f:e9:a6:61:09:e4:d7:23:c9:aeSigner

da:b2:e4:bb:5e:b6:e0:5d:a2:a7:12:5c:5b:b1:33:97:b2:be:18:15Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

gdiplus

sfc

ntdll

esent

wininet

crypt32

netapi32

shlwapi

version

comctl32

psapi

winmm

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

.rdata Size: 823KB - Virtual size: 823KB

.data Size: 107KB - Virtual size: 451KB

.gfids Size: 3KB - Virtual size: 2KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 4.1MB - Virtual size: 4.1MB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47
Certificate

31:44:3d:85:f3:8e:79:3e:7a:73:bb:0e
Certificate

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47
Certificate

31:44:3d:85:f3:8e:79:3e:7a:73:bb:0e
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

e1:5f:61:fd:9f:79:f3:15:88:63:a4:ad:af:2c:37:c0:a6:03:8a:f0:70:ec:0f:e9:a6:61:09:e4:d7:23:c9:ae
Signer

da:b2:e4:bb:5e:b6:e0:5d:a2:a7:12:5c:5b:b1:33:97:b2:be:18:15
Signer

.text
Size: 2.7MB - Virtual size: 2.7MB

.rdata
Size: 823KB - Virtual size: 823KB

.data
Size: 107KB - Virtual size: 451KB

.gfids
Size: 3KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 4.1MB - Virtual size: 4.1MB