hijackloader | mp[.]exe

Resubmissions

13-06-2024 03:14

240613-drjrtswcqk 10

12-06-2024 14:43

240612-r3q7yayelh 10

Sharing

Copy URL

Twitter E-mail

General

Target

mp.exe
Size

9.2MB
MD5

bbc886e8c9dde33980c382263b7ce8b8
SHA1

a5953c53277cfb3db60f8060fe6d69ca87dc8ee4
SHA256

6f08d25994d6b37a4c711033e6b949ab66c15914952eb4c86efa504f727af635
SHA512

f247523b095cd3259a18ec2866491385326d8ae92b4cba0f068822b06730c9b7a15b9773ac0cd043a7b06655b0fe29d9cca7d6559c4ce0f9241f0abfab592bee
SSDEEP

196608:wssBSXxz17OxBaQR5MetJ05SuN1qpJ1pRONksJp:wssBSXxzIBaQR525do1pRbkp

Score

10^/10

hijackloader

Malware Config

Signatures

Detects HijackLoader (aka IDAT Loader) 1 IoCs

resource	yara_rule
sample	family_hijackloader

Hijackloader family
hijackloader

Files

mp.exe
.exe windows:5 windows x64 arch:x64

2bc599d1162f4cd469cfb907ecf95641

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28-07-2020 00:00

Not After

18-03-2029 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

31:44:3d:85:f3:8e:79:3e:7a:73:bb:0e
Certificate

Issuer

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

01-07-2022 02:29

Not After

01-07-2025 02:29

Subject

CN=Shenzhen Saiboen Software Technology Co.\, Ltd.,OU=Software Development Department,O=Shenzhen Saiboen Software Technology Co.\, Ltd.,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28-07-2020 00:00

Not After

18-03-2029 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

31:44:3d:85:f3:8e:79:3e:7a:73:bb:0e
Certificate

Issuer

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

01-07-2022 02:29

Not After

01-07-2025 02:29

Subject

CN=Shenzhen Saiboen Software Technology Co.\, Ltd.,OU=Software Development Department,O=Shenzhen Saiboen Software Technology Co.\, Ltd.,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

84:5b:3d:0a:e4:8d:8d:3b:b7:4c:b1:57:44:9f:29:2b:a3:fd:3c:b8:0d:3b:b5:aa:ee:82:ed:c6:58:9d:79:ce
Signer

Actual PE Digest

84:5b:3d:0a:e4:8d:8d:3b:b7:4c:b1:57:44:9f:29:2b:a3:fd:3c:b8:0d:3b:b5:aa:ee:82:ed:c6:58:9d:79:ce

Digest Algorithm

sha256

PE Digest Matches

false

92:7f:33:fa:cf:b3:bd:5c:12:34:37:42:06:53:e3:0b:a5:e1:81:75
Signer

Actual PE Digest

92:7f:33:fa:cf:b3:bd:5c:12:34:37:42:06:53:e3:0b:a5:e1:81:75

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

VirtualFree
LoadLibraryExW
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
WritePrivateProfileStructW
LocalFileTimeToFileTime
GetCurrentProcessId
CreateFileMappingW
FlushViewOfFile
SetErrorMode
CreateMutexW
FindFirstFileW
GetModuleFileNameW
VirtualAllocEx
ReadProcessMemory
VirtualFreeEx
CreateProcessW
CreateJobObjectW
CreateIoCompletionPort
SetInformationJobObject
AssignProcessToJobObject
ResumeThread
GetQueuedCompletionStatus
CreateRemoteThread
GetDiskFreeSpaceW
GetDiskFreeSpaceExW
HeapFree
GetProcessHeap
HeapAlloc
lstrcatW
GetTempFileNameW
RtlCaptureContext
OpenMutexW
GetCurrentThreadId
VirtualProtect
WaitForMultipleObjects
GetSystemTime
GetModuleHandleExW
ExitProcess
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwindEx
RaiseException
RtlPcToFileHeader
ReplaceFileA
MoveFileA
SetFilePointerEx
RemoveDirectoryA
GetFileAttributesExA
FindNextFileA
FindFirstFileA
CreateDirectoryA
FormatMessageA
LockFileEx
CreateFileMappingA
UnlockFile
HeapDestroy
HeapCompact
HeapReAlloc
GetVersionExA
LoadLibraryA
GetFileAttributesExW
GetFileAttributesA
GetDiskFreeSpaceA
GetTempPathA
HeapSize
VirtualAlloc
UnlockFileEx
GetFullPathNameA
InitializeCriticalSection
LockFile
HeapCreate
AreFileApisANSI
UnmapViewOfFile
SetVolumeLabelW
GetTempPathW
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
LCMapStringW
CompareStringW
GetTickCount
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCPInfo
DecodePointer
EncodePointer
GetStringTypeW
FindResourceW
LoadResource
GetNumberFormatW
LockResource
SizeofResource
GetModuleHandleA
DeleteCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
TryEnterCriticalSection
MoveFileW
GetFileTime
SetFileTime
GetFileSizeEx
SetFileAttributesW
SystemTimeToFileTime
FormatMessageW
OutputDebugStringA
FlushFileBuffers
MultiByteToWideChar
GetDriveTypeW
GetExitCodeProcess
GetFileAttributesW
MoveFileExW
OutputDebugStringW
lstrcpynW
ExpandEnvironmentStringsW
GetFullPathNameW
GetLongPathNameW
GetEnvironmentVariableW
GetComputerNameW
RemoveDirectoryW
QueryPerformanceCounter
QueryPerformanceFrequency
DuplicateHandle
QueryDosDeviceW
GetLogicalDriveStringsW
TerminateThread
FreeLibrary
LoadLibraryW
GlobalFree
GlobalAlloc
GlobalUnlock
GlobalLock
GetTimeFormatW
GetDateFormatW
FileTimeToSystemTime
GetLocaleInfoW
LocalAlloc
LocalFree
FileTimeToLocalFileTime
GetSystemInfo
GetProcAddress
SetEndOfFile
SetFilePointer
FindFirstFileExW
DeleteFileW
ReadFile
GetFileSize
WriteFile
CreateFileA
GetCurrentProcess
WideCharToMultiByte
DeleteFileA
SetLastError
GetVolumeInformationW
FindClose
FindNextFileW
lstrcmpW
GetStdHandle
GetACP
SetEnvironmentVariableA
MapViewOfFile
OpenFileMappingW
GetModuleHandleW
CreateFileW
DeviceIoControl
UnregisterWaitEx
QueryDepthSList
ReleaseSemaphore
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
TerminateProcess
OpenProcess
lstrlenW
SetEvent
ResetEvent
Sleep
InterlockedPopEntrySList
FlushInstructionCache
LoadLibraryExA
CreateTimerQueue
SignalObjectAndWait
SwitchToThread
CreateDirectoryW
GetVersionExW
GetLastError
CreateThread
GetLocalTime
WaitForSingleObject
CloseHandle
CreateEventW
SetThreadPriority
SetPriorityClass
HeapValidate
GetFileType
SetStdHandle
GetConsoleCP
GetConsoleMode
ReadConsoleW
ExitThread
FreeLibraryAndExitThread
GetCurrentThread
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
WriteConsoleW
FreeEnvironmentStringsW

user32

SendMessageTimeoutW
PostMessageW
PeekMessageW
GetClassNameW
EnumWindows
GetParent
IsWindowVisible
SendMessageW
IsWindow
EnumChildWindows
LoadIconW
SetPropW
EndDialog
EnableWindow
IsWindowEnabled
TranslateMessage
DispatchMessageW
GetWindowThreadProcessId
LoadCursorW
SetClipboardData
UpdateLayeredWindow
TrackPopupMenu
AppendMenuW
GetMenuStringW
CreatePopupMenu
GetSystemMenu
EndPaint
BeginPaint
SetWindowLongPtrW
UnregisterClassW
TrackMouseEvent
ClientToScreen
SetCapture
ReleaseCapture
GetDC
ReleaseDC
SystemParametersInfoW
GetSystemMetrics
SetWindowPlacement
GetWindowPlacement
PtInRect
GetKeyState
EmptyClipboard
ExitWindowsEx
EnumDisplayDevicesW
IsZoomed
UnregisterHotKey
RegisterHotKey
MoveWindow
SetFocus
GetIconInfo
SetWindowPos
PostQuitMessage
GetMessageW
MessageBoxW
GetPropW
GetDesktopWindow
GetWindow
EnumDisplaySettingsW
FindWindowExW
ShowWindow
GetActiveWindow
DestroyWindow
mouse_event
SetCursorPos
ShowCursor
SetActiveWindow
GetWindowLongW
SetWindowLongW
FindWindowW
GetWindowRect
DefWindowProcW
IsIconic
SetForegroundWindow
GetCursorPos
SetMenuDefaultItem
DestroyMenu
EnableMenuItem
LoadStringW
KillTimer
SetTimer
DestroyIcon
CreateWindowExW
RegisterClassExW
RegisterWindowMessageW
CloseClipboard
GetClipboardData
OpenClipboard
SetCursor

gdi32

GetObjectW
EnumFontFamiliesW
CreateCompatibleDC
DeleteDC
SelectObject
DeleteObject
CreateDIBSection

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

ClearEventLogW
CredFree
CredEnumerateW
CredDeleteW
EqualSid
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegCloseKey
RegEnumValueW
RegQueryValueExW
RegCreateKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegOpenKeyW
RegCreateKeyExW
RegEnumKeyExW
RegDeleteKeyW
LookupAccountNameW
ConvertStringSidToSidW
OpenProcessToken
LookupPrivilegeValueW
CloseEventLog
OpenEventLogW
GetTokenInformation
GetUserNameW
RegSetKeySecurity
FreeSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAce
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
RegGetKeySecurity
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
RegUnLoadKeyW
RegLoadKeyW
AdjustTokenPrivileges

shell32

SHGetSpecialFolderPathW
SHGetDesktopFolder
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteExW
SHEmptyRecycleBinW
Shell_NotifyIconW
ExtractIconExW
DragQueryFileW
SHAddToRecentDocs
ShellExecuteW
SHGetFolderPathW
SHGetFileInfoW

ole32

StgIsStorageFile
StgOpenStorageEx
CoSetProxyBlanket
CoInitialize
OleRegGetUserType
CLSIDFromString
PropVariantClear
OleUninitialize
OleInitialize
CoTaskMemFree
CreateStreamOnHGlobal
CoCreateInstance
CoUninitialize
CoInitializeSecurity
CoInitializeEx

oleaut32

VariantTimeToSystemTime
SysAllocString
VariantClear
VariantInit
SysFreeString

gdiplus

GdipCloneImage
GdipDisposeImage
GdipGetImageHorizontalResolution
GdipGetImageVerticalResolution
GdipBitmapSetResolution
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipDrawImageI
GdipLoadImageFromStream
GdipAddPathRectangleI
GdipAddPathLineI
GdipAddPathArcI
GdipCreateLineBrush
GdipDrawImageRectRectI
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipSetPathGradientFocusScales
GdipSetPathGradientPresetBlend
GdipDeleteRegion
GdipCreateRegion
GdipDeleteFont
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdipCreateTexture
GdipCreateLineBrushI
GdipDrawString
GdipCreateSolidFill
GdipSetPenDashArray
GdipGetFontHeightGivenDPI
GdipClosePathFigure
GdipAddPathPolygonI
GdipCloneBrush
GdipAlloc
GdipFree
GdipDeleteBrush
GdipCreatePathGradientFromPath
GdipAddPathPieI
GdipDeletePath
GdipCreatePath
GdiplusStartup
GdipSetPenDashStyle
GdipDeletePen
GdipCreatePen1
GdipSetTextRenderingHint
GdipMeasureString
GdipDeleteGraphics
GdipCreateFromHDC
GdipGetImageWidth
GdipGetImageHeight
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipGraphicsClear
GdipGetDpiX
GdipGetDpiY
GdipSetSmoothingMode
GdipSetClipPath
GdipSetClipRectI
GdipSetClipRegion
GdipGetClip
GdipTranslateWorldTransform
GdipCreateMatrix
GdipDeleteMatrix
GdipDrawLine
GdipDrawImage
GdipTranslateMatrix
GdipRotateMatrix
GdipSetWorldTransform
GdipDrawImageRect
GdipDrawImageRectRect
GdipDrawImagePointRectI
GdipSetImageAttributesGamma
GdipDrawRectangle
GdipFillRectangle
GdipFillRectangleI
GdipFillPath
GdipSetStringFormatTabStops
GdipCloneStringFormat
GdipSetStringFormatMeasurableCharacterRanges
GdipMeasureCharacterRanges
GdipGetRegionScansCount
GdipGetRegionScansI
GdipGetRegionBounds
GdipBitmapLockBits
GdipCreateBitmapFromHBITMAP
GdipGetImagePixelFormat
GdipBitmapUnlockBits
GdipSetPenColor
GdipSetStringFormatFlags
GdipDeleteStringFormat
GdipCreateStringFormat
GdipResetPath

sfc

SfcIsFileProtected

ntdll

RtlVirtualUnwind
RtlLookupFunctionEntry
NtTerminateProcess
NtWriteVirtualMemory

esent

JetCloseTable
JetInit2
JetCloseDatabase
JetEndSession
JetTerm
JetMove
JetDelete
JetRetrieveColumn

wininet

FindNextUrlCacheEntryExW
InternetGetConnectedState
InternetOpenW
InternetSetStatusCallbackW
InternetReadFileExA
InternetReadFileExW
InternetCloseHandle
InternetCheckConnectionW
InternetOpenUrlW
HttpQueryInfoW
DeleteUrlCacheEntryW
FindCloseUrlCache
FindFirstUrlCacheEntryExW

crypt32

CertFindCertificateInStore
CertGetNameStringW
CryptMsgClose
CryptMsgGetParam
CryptQueryObject
CertCloseStore
CertFreeCertificateContext

netapi32

NetApiBufferFree
NetUserEnum

shlwapi

PathIsDirectoryW
SHDeleteValueW
SHDeleteKeyW
PathCanonicalizeW
PathGetDriveNumberW
PathFindExtensionW
PathIsNetworkPathW
PathIsRelativeW
SHStrDupW
PathFileExistsW
PathMatchSpecW
PathStripPathW
PathMatchSpecA

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

comctl32

InitCommonControlsEx

psapi

EnumProcesses
EnumProcessModules
GetProcessImageFileNameW
GetModuleFileNameExW

winmm

timeGetTime

Sections

.text
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 449KB - Virtual size: 484KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

2bc599d1162f4cd469cfb907ecf95641

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47Certificate

Extended Key Usages

Key Usages

31:44:3d:85:f3:8e:79:3e:7a:73:bb:0eCertificate

Extended Key Usages

Key Usages

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47Certificate

Extended Key Usages

Key Usages

31:44:3d:85:f3:8e:79:3e:7a:73:bb:0eCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

84:5b:3d:0a:e4:8d:8d:3b:b7:4c:b1:57:44:9f:29:2b:a3:fd:3c:b8:0d:3b:b5:aa:ee:82:ed:c6:58:9d:79:ceSigner

92:7f:33:fa:cf:b3:bd:5c:12:34:37:42:06:53:e3:0b:a5:e1:81:75Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

gdiplus

sfc

ntdll

esent

wininet

crypt32

netapi32

shlwapi

version

comctl32

psapi

winmm

Sections

.text Size: 4.1MB - Virtual size: 4.1MB

.rdata Size: 1.4MB - Virtual size: 1.4MB

.data Size: 449KB - Virtual size: 484KB

.pdata Size: 186KB - Virtual size: 186KB

.gfids Size: 3KB - Virtual size: 2KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 3.1MB - Virtual size: 3.1MB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47
Certificate

31:44:3d:85:f3:8e:79:3e:7a:73:bb:0e
Certificate

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47
Certificate

31:44:3d:85:f3:8e:79:3e:7a:73:bb:0e
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

84:5b:3d:0a:e4:8d:8d:3b:b7:4c:b1:57:44:9f:29:2b:a3:fd:3c:b8:0d:3b:b5:aa:ee:82:ed:c6:58:9d:79:ce
Signer

92:7f:33:fa:cf:b3:bd:5c:12:34:37:42:06:53:e3:0b:a5:e1:81:75
Signer

.text
Size: 4.1MB - Virtual size: 4.1MB

.rdata
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 449KB - Virtual size: 484KB

.pdata
Size: 186KB - Virtual size: 186KB

.gfids
Size: 3KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 3.1MB - Virtual size: 3.1MB