2024-06-13_2d7c76104ac8b841fc906ea8eb2c2874_floxif_mafia_revil_skypams

Sharing

Copy URL

Twitter E-mail

General

Target

2024-06-13_2d7c76104ac8b841fc906ea8eb2c2874_floxif_mafia_revil_skypams
Size

21.7MB
MD5

2d7c76104ac8b841fc906ea8eb2c2874
SHA1

25c1c10d659f6fd365ffcf5e3fc14be12199ff70
SHA256

28d7b41305ca6b1426d1df79156956a93dd407611fd982de4c00855c235dc075
SHA512

7d252cd61056af8ca0077b215e390ad513e3ff468fdd43f4fd33884f3dfb2e119b98f2cdbc5554d9301a0d63d446a41da484bc5def34ff1c431fac02955b1957
SSDEEP

393216:FysOOBAq6z0zGLJsv6tWKFdu9CsJK08fSGSBKi:FbhBxJqdf47

Score

1^/10

Malware Config

Signatures

Files

2024-06-13_2d7c76104ac8b841fc906ea8eb2c2874_floxif_mafia_revil_skypams
.exe windows:5 windows x86 arch:x86

fb9a612fcbf2dcdaeee04f93588a30f9

Code Sign

05:d3:ac:4a:89:44:68:9e:10:38:0a:ae:2b:1b:fe:be
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

21-06-2018 00:00

Not After

22-07-2021 12:00

Subject

CN=Adlice,O=Adlice,L=Sautron,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2014 00:00

Not After

22-10-2024 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2021 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

82:28:99:5e:21:ef:81:5b:82:d2:bc:8a:3c:13:f2:45:45:b3:0f:ff
Signer

Actual PE Digest

82:28:99:5e:21:ef:81:5b:82:d2:bc:8a:3c:13:f2:45:45:b3:0f:ff

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Adlice\RogueKillerQt\Release\RogueKillerQt.pdb

Imports

kernel32

GetDriveTypeA
FileTimeToLocalFileTime
GetCPInfo
SetHandleCount
InitializeCriticalSectionAndSpinCount
SetStdHandle
SetEnvironmentVariableA
GetConsoleCP
ExitThread
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
VirtualQuery
GetEnvironmentStringsW
FindFirstFileExA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapSetInformation
FreeEnvironmentStringsW
IsProcessorFeaturePresent
GetCommandLineA
DecodePointer
EncodePointer
GetStringTypeW
LCMapStringW
ReadConsoleInputA
InterlockedExchange
GlobalFree
LoadLibraryExW
RaiseException
FlushConsoleInputBuffer
GlobalMemoryStatus
FindCloseChangeNotification
FindFirstChangeNotificationW
FindNextChangeNotification
VirtualQueryEx
CreateMutexA
ExpandEnvironmentStringsA
PeekNamedPipe
GetVersion
AddVectoredExceptionHandler
RemoveVectoredExceptionHandler
VerifyVersionInfoA
SleepEx
GetVolumeNameForVolumeMountPointW
SetConsoleCtrlHandler
lstrlenW
IsBadWritePtr
GetVolumePathNameW
WaitForMultipleObjectsEx
GetCompressedFileSizeW
IsBadReadPtr
GetFileSizeEx
GetStdHandle
WriteConsoleW
SetConsoleMode
GetConsoleMode
BackupSeek
BackupRead
OpenEventW
CreateEventW
WaitForMultipleObjects
ResetEvent
TerminateThread
CloseHandle
WaitForSingleObject
DeleteFileA
AreFileApisANSI
GetTempPathA
GetDiskFreeSpaceA
CreateFileMappingA
LockFileEx
HeapSize
HeapValidate
HeapCreate
GetFileAttributesA
HeapDestroy
GetSystemTimeAsFileTime
GetProcessHeap
UnlockFileEx
LockFile
FlushViewOfFile
UnlockFile
InterlockedCompareExchange
HeapFree
HeapAlloc
TryEnterCriticalSection
HeapCompact
CreateFileA
HeapReAlloc
GetFullPathNameA
LockResource
SizeofResource
LoadResource
FindResourceW
SuspendThread
GetVersionExA
OutputDebugStringA
lstrcmpiW
IsDebuggerPresent
GetModuleFileNameA
FormatMessageA
lstrcpyW
LocalAlloc
lstrcmpA
GetDiskFreeSpaceExW
QueryDosDeviceW
Module32NextW
Module32FirstW
CreateRemoteThread
GetThreadLocale
GetShortPathNameW
GetComputerNameW
GetTempFileNameW
SetFileAttributesW
GetDiskFreeSpaceW
SetFilePointer
GetFileSize
WriteProcessMemory
TerminateJobObject
CreateToolhelp32Snapshot
Process32NextW
OpenThread
Process32FirstW
SetLastError
Thread32Next
TerminateProcess
GetExitCodeProcess
AssignProcessToJobObject
Thread32First
GetProcessTimes
CreateJobObjectW
CompareStringW
GetUserDefaultLCID
GetCurrentProcessId
LocalFree
GetCommandLineW
TlsFree
TlsSetValue
GetCurrentThreadId
GetSystemInfo
SwitchToThread
Sleep
SetThreadPriority
GetCurrentThread
TlsAlloc
TlsGetValue
GetLastError
ResumeThread
GetThreadPriority
CreateThread
DuplicateHandle
GetCurrentProcess
GetLocalTime
GetSystemTime
GetConsoleWindow
OutputDebugStringW
GetProcAddress
VerifyVersionInfoW
GetVersionExW
FormatMessageW
WaitForSingleObjectEx
QueryPerformanceFrequency
GetModuleHandleW
GetTickCount
QueryPerformanceCounter
GetStartupInfoW
GetModuleFileNameW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFileInformationByHandle
SetErrorMode
FindClose
FindFirstFileW
CreateFileW
CreateDirectoryW
RemoveDirectoryW
GetFileAttributesW
CopyFileW
MoveFileW
DeleteFileW
LoadLibraryW
DeviceIoControl
GetFullPathNameW
GetLongPathNameW
GetTempPathW
GetCurrentDirectoryW
GetLogicalDrives
GetFileAttributesExW
GetCurrencyFormatW
GetDateFormatW
GetTimeFormatW
GetLocaleInfoW
GetUserDefaultUILanguage
GetSystemDirectoryW
MultiByteToWideChar
WideCharToMultiByte
FlushFileBuffers
GetFileType
SetFilePointerEx
ReadFile
WriteFile
MoveFileExW
SetEndOfFile
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
GetGeoInfoW
GetUserGeoID
GetTimeZoneInformation
FreeLibrary
FindNextFileW
FindFirstFileExW
OpenProcess
LoadLibraryA
GetModuleHandleA
ExitProcess
GetVolumeInformationW
GetDriveTypeW
ReadProcessMemory
lstrcmpW
IsValidLocale
IsValidLanguageGroup
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GetUserDefaultLangID
ExpandEnvironmentStringsW
CreateProcessW
CheckRemoteDebuggerPresent
InterlockedIncrement
InterlockedDecrement
CreateMutexW
ReleaseMutex
VirtualFree
VirtualAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SystemTimeToFileTime
CompareFileTime
TzSpecificLocalTimeToSystemTime
SetEvent

user32

MessageBoxA
DrawIconEx
GetIconInfo
ReleaseDC
GetDC
SendMessageA
FindWindowA
GetForegroundWindow
GetProcessWindowStation
GetUserObjectInformationW
ExitWindowsEx
EnumWindows
RealGetWindowClassW
GetWindowTextW
GetCursor
CreateCursor
CreateIconIndirect
SetCursorPos
GetCursorInfo
GetMessageExtraInfo
TrackMouseEvent
EnumDisplayMonitors
GetMonitorInfoW
UnregisterClassW
SetTimer
KillTimer
PeekMessageW
UnhookWindowsHookEx
DestroyWindow
CallNextHookEx
PostMessageW
GetQueueStatus
SetWindowsHookExW
DefWindowProcW
GetWindowLongW
RegisterClassW
SetWindowLongW
CreateWindowExW
DispatchMessageW
TranslateMessage
MsgWaitForMultipleObjectsEx
CharNextExA
MessageBoxW
SystemParametersInfoW
GetSystemMenu
EnableMenuItem
GetSystemMetrics
DestroyIcon
SendMessageW
GetWindowThreadProcessId
RegisterWindowMessageW
GetSysColor
SetWindowRgn
MessageBeep
GetDoubleClickTime
GetCaretBlinkTime
ScreenToClient
GetClientRect
GetKeyboardLayoutList
GetParent
ChildWindowFromPointEx
GetFocus
GetCursorPos
ClientToScreen
RegisterClassExW
LoadImageW
GetClassInfoW
GetSysColorBrush
GetCapture
GetDesktopWindow
GetAncestor
IsWindowVisible
IsChild
NotifyWinEvent
ReleaseCapture
SetCursor
FlashWindowEx
InvalidateRect
SetWindowPos
ShowWindow
GetWindowRect
GetWindowPlacement
AdjustWindowRectEx
SetWindowTextW
SetFocus
SetForegroundWindow
SetCapture
EndPaint
BeginPaint
GetUpdateRect
SetParent
MoveWindow
SetWindowPlacement
IsIconic
RegisterClipboardFormatW
GetClipboardFormatNameW
ToUnicode
GetKeyState
TrackPopupMenuEx
SetMenuItemInfoW
IsZoomed
MapVirtualKeyW
GetKeyboardState
GetMenu
ToAscii
LoadIconW
SetCaretPos
DestroyCaret
HideCaret
CreateCaret
ChangeClipboardChain
SetClipboardViewer
DestroyCursor
GetAsyncKeyState
LoadCursorW

gdi32

SelectClipRgn
GetRegionData
GdiFlush
CreateRectRgn
CombineRgn
AddFontResourceExW
GetTextMetricsW
AddFontMemResourceEx
SetPixelFormat
ChoosePixelFormat
SwapBuffers
DescribePixelFormat
GetPixelFormat
CreateCompatibleBitmap
CreateDCW
GetOutlineTextMetricsW
GetGlyphOutlineW
GetTextExtentPoint32W
BitBlt
SetGraphicsMode
GetCharABCWidthsFloatW
GetCharABCWidthsI
GetCharABCWidthsW
ExtTextOutW
SetTextAlign
SetBkMode
SetTextColor
GetTextFaceW
CreateCompatibleDC
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
GetDIBits
GetDeviceCaps
OffsetRgn
GetStockObject
CreateBitmap
GetFontData
CreateFontIndirectW
EnumFontFamiliesExW
GetObjectW
RemoveFontMemResourceEx
SetWorldTransform
RemoveFontResourceExW
GetBitmapBits

opengl32

glEnable
glFlush
glDrawElements
glDrawArrays
glDisable
glDepthMask
glDepthFunc
glDeleteTextures
glCullFace
glCopyTexSubImage2D
glCopyTexImage2D
glColorMask
glClearStencil
glClearColor
glClear
glBlendFunc
glBindTexture
glFinish
glFrontFace
glGenTextures
glGetBooleanv
glClearDepth
glDepthRange
glViewport
glTexSubImage2D
glTexParameteriv
glTexParameteri
glTexParameterfv
glTexParameterf
glTexImage2D
glStencilOp
glStencilMask
glStencilFunc
glScissor
glReadPixels
glPolygonOffset
glGetError
glGetFloatv
glGetIntegerv
glGetString
glGetTexParameterfv
glPixelStorei
glLineWidth
glIsTexture
glIsEnabled
glHint
glGetTexParameteriv

ntdll

_CIcos
_CIsin
VerSetConditionMask
_aulldvrm
strncpy
_allrem
isspace
_allshl
strrchr
strchr
strncmp
memset
_chkstk
_CIpow
_aulldiv
_alldiv
_allmul
memmove
memcpy
_allshr
_atoi64
NtQueryVirtualMemory
_stricmp
isupper
islower
isgraph
toupper
strstr
isdigit
_aullshr
_CIsqrt
sprintf
sscanf
_CIlog
wcsrchr
wcsncmp
strtol
_snprintf
bsearch
strtoul
qsort
NtUnloadDriver
RtlInitUnicodeString
NtLoadDriver
_wcsicmp
tolower
_wtoi64
strcspn
isalnum
wcsstr
NtQueryKey
NtOpenKey
NtDeleteValueKey
isprint
atoi
strspn
strcmp
_strnicmp
_vsnprintf
wcstombs
strpbrk
_vsnwprintf
RtlUnwind
isxdigit
isalpha
NtDeleteKey
NtQuerySystemInformation
strlen
memcmp
memchr
ceil
_aullrem
floor
NtSetValueKey

advapi32

SetSecurityDescriptorOwner
InitializeSecurityDescriptor
AdjustTokenPrivileges
LookupPrivilegeValueW
InitializeAcl
AllocateAndInitializeSid
SetEntriesInAclW
IsValidSecurityDescriptor
CheckTokenMembership
RegLoadKeyW
RegUnLoadKeyW
GetUserNameW
GetExplicitEntriesFromAclW
QueryServiceConfigW
ControlService
EnumServicesStatusW
QueryServiceStatus
StartServiceW
ChangeServiceConfig2W
QueryServiceConfig2W
OpenServiceW
EnumDependentServicesW
OpenSCManagerW
DeleteService
CloseServiceHandle
CreateServiceW
LookupPrivilegeValueA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
LookupAccountNameW
ConvertSidToStringSidW
GetInheritanceSourceW
FreeInheritedFromArray
ConvertStringSidToSidW
SetNamedSecurityInfoW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumValueW
RegFlushKey
RegCreateKeyExW
RegQueryInfoKeyW
RegEnumKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegGetKeySecurity
SetSecurityDescriptorDacl
OpenProcessToken
GetTokenInformation
GetLengthSid
CopySid
FreeSid
GetNamedSecurityInfoW
IsValidSid
RegSetKeySecurity

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

wsock32

listen
accept
recvfrom
sendto
gethostbyname
connect
socket
closesocket
getpeername
getsockopt
htons
inet_ntoa
ntohs
getsockname
setsockopt
send
recv
select
WSAGetLastError
__WSAFDIsSet
WSASetLastError
WSAStartup
WSACleanup
gethostname
bind
WSAAsyncSelect
shutdown

crypt32

CertCloseStore
CertFindCertificateInStore
CertFreeCertificateContext
CertGetNameStringW
CryptQueryObject
CertNameToStrW
CryptDecodeObject
CryptMsgClose
CryptMsgGetParam

wintrust

CryptCATAdminReleaseCatalogContext
CryptCATAdminCalcHashFromFileHandle
CryptCATAdminReleaseContext
CryptCATCatalogInfoFromContext
CryptCATAdminEnumCatalogFromHash
WinVerifyTrust
CryptCATAdminAcquireContext

psapi

GetProcessImageFileNameW
GetModuleFileNameExW
GetMappedFileNameW
GetModuleBaseNameW

userenv

GetProfilesDirectoryW

wininet

InternetCrackUrlW

winhttp

WinHttpReceiveResponse
WinHttpSetOption
WinHttpSendRequest
WinHttpConnect
WinHttpCloseHandle
WinHttpQueryHeaders
WinHttpQueryDataAvailable
WinHttpOpen
WinHttpOpenRequest
WinHttpReadData

shlwapi

PathCanonicalizeW
PathAddBackslashW
PathGetDriveNumberW
PathRemoveBlanksW
PathFileExistsW
PathIsRootW
PathAppendW
PathCommonPrefixW
PathUnquoteSpacesW
PathQuoteSpacesW
PathRemoveArgsW
PathMakePrettyW
StrCmpIW
StrDupW
StrCmpNIW
PathFindFileNameW
PathIsRelativeW
PathGetArgsW
PathFindExtensionW
PathIsDirectoryW
PathUnExpandEnvStringsW
PathIsPrefixW
PathRemoveExtensionW
PathIsNetworkPathW
AssocQueryStringW
PathSearchAndQualifyW

shell32

SHGetSpecialFolderPathW
Shell_NotifyIconW
ShellExecuteW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetMalloc
SHBrowseForFolderW
ShellExecuteExW
SHGetFolderPathW
CommandLineToArgvW

ole32

CoSetProxyBlanket
CoInitializeEx
CoInitializeSecurity
CoTaskMemAlloc
CoGetMalloc
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
OleGetClipboard
ReleaseStgMedium
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance
CoInitialize
CoUninitialize
CoCreateGuid
StringFromCLSID

ws2_32

WSAIoctl

oleaut32

VariantClear
SystemTimeToVariantTime
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocString

imm32

ImmAssociateContext
ImmGetCompositionStringW
ImmGetDefaultIMEWnd
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetVirtualKey
ImmGetContext
ImmNotifyIME
ImmReleaseContext

winmm

PlaySoundW

Exports

Exports

ud_decode
ud_disassemble
ud_get_user_opaque_data
ud_init
ud_input_end
ud_input_skip
ud_insn_asm
ud_insn_hex
ud_insn_len
ud_insn_mnemonic
ud_insn_off
ud_insn_opr
ud_insn_ptr
ud_lookup_mnemonic
ud_opr_is_gpr
ud_opr_is_sreg
ud_set_asm_buffer
ud_set_input_buffer
ud_set_input_file
ud_set_input_hook
ud_set_mode
ud_set_pc
ud_set_sym_resolver
ud_set_syntax
ud_set_user_opaque_data
ud_set_vendor
ud_translate_intel
yr_compiler_add_file
yr_compiler_add_string
yr_compiler_create
yr_compiler_define_boolean_variable
yr_compiler_define_float_variable
yr_compiler_define_integer_variable
yr_compiler_define_string_variable
yr_compiler_destroy
yr_compiler_get_current_file_name
yr_compiler_get_error_message
yr_compiler_get_rules
yr_compiler_set_callback
yr_filemap_map
yr_filemap_map_ex
yr_filemap_map_fd
yr_filemap_unmap
yr_filemap_unmap_fd
yr_finalize
yr_finalize_thread
yr_get_configuration
yr_get_tidx
yr_hash_table_add
yr_hash_table_add_raw_key
yr_hash_table_clean
yr_hash_table_create
yr_hash_table_destroy
yr_hash_table_lookup
yr_hash_table_lookup_raw_key
yr_initialize
yr_object_print_data
yr_rules_define_boolean_variable
yr_rules_define_float_variable
yr_rules_define_integer_variable
yr_rules_define_string_variable
yr_rules_destroy
yr_rules_load
yr_rules_load_stream
yr_rules_save
yr_rules_save_stream
yr_rules_scan_fd
yr_rules_scan_file
yr_rules_scan_mem
yr_rules_scan_mem_blocks
yr_rules_scan_proc
yr_set_configuration
yr_set_tidx
z_adler32
z_adler32_combine
z_adler32_combine64
z_compress
z_compress2
z_compressBound
z_crc32
z_crc32_combine
z_crc32_combine64
z_deflate
z_deflateBound
z_deflateCopy
z_deflateEnd
z_deflateInit2_
z_deflateInit_
z_deflateParams
z_deflatePrime
z_deflateReset
z_deflateSetDictionary
z_deflateSetHeader
z_deflateTune
z_get_crc_table
z_inflate
z_inflateCopy
z_inflateEnd
z_inflateGetHeader
z_inflateInit2_
z_inflateInit_
z_inflateMark
z_inflatePrime
z_inflateReset
z_inflateReset2
z_inflateSetDictionary
z_inflateSync
z_inflateSyncPoint
z_inflateUndermine
z_uncompress
z_zError
z_zlibCompileFlags
z_zlibVersion

Sections

.text
Size: 10.6MB - Virtual size: 10.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 323KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 609KB - Virtual size: 609KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb9a612fcbf2dcdaeee04f93588a30f9

Code Sign

05:d3:ac:4a:89:44:68:9e:10:38:0a:ae:2b:1b:fe:beCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate

Extended Key Usages

Key Usages

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate

Extended Key Usages

Key Usages

82:28:99:5e:21:ef:81:5b:82:d2:bc:8a:3c:13:f2:45:45:b3:0f:ffSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

opengl32

ntdll

advapi32

version

wsock32

crypt32

wintrust

psapi

userenv

wininet

winhttp

shlwapi

shell32

ole32

ws2_32

oleaut32

imm32

winmm

Exports

Exports

Sections

.text Size: 10.6MB - Virtual size: 10.6MB

.rdata Size: 4.8MB - Virtual size: 4.8MB

.data Size: 323KB - Virtual size: 376KB

.qtmetad Size: 512B - Virtual size: 272B

.rsrc Size: 5.3MB - Virtual size: 5.3MB

.reloc Size: 609KB - Virtual size: 609KB

05:d3:ac:4a:89:44:68:9e:10:38:0a:ae:2b:1b:fe:be
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

82:28:99:5e:21:ef:81:5b:82:d2:bc:8a:3c:13:f2:45:45:b3:0f:ff
Signer

.text
Size: 10.6MB - Virtual size: 10.6MB

.rdata
Size: 4.8MB - Virtual size: 4.8MB

.data
Size: 323KB - Virtual size: 376KB

.qtmetad
Size: 512B - Virtual size: 272B

.rsrc
Size: 5.3MB - Virtual size: 5.3MB

.reloc
Size: 609KB - Virtual size: 609KB