RtkAudUService64[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

RtkAudUService64.exe
Size

1.1MB
MD5

5602c196c3b8941f7a13a3e681f10cdf
SHA1

18facc0b50269adc3f278226028b8e1434325b1e
SHA256

1b48f887ec660ef2df6fd3a1d539e83fdb17ce5c82a277dea81d272d825f1132
SHA512

c74fb77bddfcb5fa4c159f2a6ad9328c4d214facd6c58ec47c6205fb6cf6e755bb96c5e4e0fd80e1bf1e79af7bad070f90c864b89f469701900b35d2f9e57a87
SSDEEP

24576:9FGKmRATZUSeCwi9WDLn3zrfn+yMplScC3qes:fGtANWCPWDL3Hfn+yY4cC3qes

Score

1^/10

Malware Config

Signatures

Files

RtkAudUService64.exe
.exe windows:6 windows x64 arch:x64

df2ea6e79fdcca00da7f6201e488c744

Code Sign

61:20:4d:b4:00:00:00:00:00:27
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:45

Not After

15/04/2021, 19:55

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:59:58:f8:a9:0b:14:fa:25:43:6b:89:fb:30:76:60
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

03/01/2019, 00:00

Not After

06/01/2022, 12:00

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=HSINCHU,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:98:13:94:6f:a0:74:32:60:ca:00:00:00:00:00:98
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/03/2020, 17:48

Not After

05/03/2021, 17:48

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8f:c8:60:66:b8:b6:e1:84:35:18:7d:a0:26:77:08:48:04:33:1c:32:92:22:61:3a:83:aa:56:6a:79:16:0a:96
Signer

Actual PE Digest

8f:c8:60:66:b8:b6:e1:84:35:18:7d:a0:26:77:08:48:04:33:1c:32:92:22:61:3a:83:aa:56:6a:79:16:0a:96

Digest Algorithm

sha256

PE Digest Matches

true

8f:c8:60:66:b8:b6:e1:84:35:18:7d:a0:26:77:08:48:04:33:1c:32:92:22:61:3a:83:aa:56:6a:79:16:0a:96
Signer

Actual PE Digest

8f:c8:60:66:b8:b6:e1:84:35:18:7d:a0:26:77:08:48:04:33:1c:32:92:22:61:3a:83:aa:56:6a:79:16:0a:96

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\HD_Audio\20201109\Release\x64\RtkAudUService64.pdb

Imports

oleaut32

SysAllocStringLen
SafeArrayUnaccessData
SafeArrayAccessData
BSTR_UserMarshal64
SafeArrayCreateVector
VariantClear
VariantInit
SysAllocString
LPSAFEARRAY_UserSize64
BSTR_UserSize64
BSTR_UserFree64
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserUnmarshal64
BSTR_UserMarshal
VariantCopy
BSTR_UserUnmarshal
LPSAFEARRAY_UserMarshal64
LPSAFEARRAY_UserFree64
LPSAFEARRAY_UserUnmarshal
LPSAFEARRAY_UserFree
BSTR_UserUnmarshal64
SysFreeString
LPSAFEARRAY_UserSize
BSTR_UserFree
SafeArrayPutElement
LoadTypeLibEx
BSTR_UserSize

rpcrt4

CStdStubBuffer_DebugServerQueryInterface
NdrOleFree
NdrStubForwardingFunction
CStdStubBuffer_Invoke
NdrCStdStubBuffer_Release
CStdStubBuffer_AddRef
IUnknown_Release_Proxy
CStdStubBuffer_CountRefs
CStdStubBuffer_QueryInterface
NdrOleAllocate
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_Disconnect
IUnknown_QueryInterface_Proxy
NdrStubCall3
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Connect
RpcServerUseProtseqEpW
NdrCStdStubBuffer2_Release
NdrServerCall2
RpcServerRegisterIf3
RpcServerInqBindings
RpcServerListen
RpcEpRegisterW
RpcServerUnregisterIf
RpcEpUnregister
RpcBindingVectorFree
IUnknown_AddRef_Proxy
NdrServerCallAll
NdrClientCall3

api-ms-win-core-com-l1-1-0

CoCreateInstance
PropVariantClear
CoInitializeEx
CoUninitialize
CoRevokeClassObject
StringFromGUID2
CoSetProxyBlanket
CoInitializeSecurity
CoTaskMemFree
CLSIDFromString
StringFromCLSID
CoRegisterClassObject
CoFreeUnusedLibrariesEx

api-ms-win-core-heap-l1-1-0

HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
HeapDestroy

api-ms-win-core-string-obsolete-l1-1-0

lstrcpyW
lstrlenW
lstrcmpW
lstrcmpA

api-ms-win-core-file-l1-1-0

QueryDosDeviceW
CreateFileW
WriteFile
FileTimeToLocalFileTime
DeleteFileW
ReadFile
GetFileAttributesW

api-ms-win-core-timezone-l1-1-0

SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetTimeZoneInformation

api-ms-win-core-datetime-l1-1-0

GetTimeFormatW
GetDateFormatW

api-ms-win-core-libraryloader-l1-2-0

FindResourceExW
LockResource
SizeofResource
LoadLibraryExW
GetProcAddress
FreeLibrary
LoadResource
GetModuleHandleW
GetModuleFileNameW
LoadStringW
GetModuleHandleA

api-ms-win-core-synch-l1-1-0

CreateEventW
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
CancelWaitableTimer
SetWaitableTimer
SetEvent
ResetEvent
LeaveCriticalSection
CreateMutexW
CreateEventExW
TryEnterCriticalSection
EnterCriticalSection
WaitForSingleObject
InitializeCriticalSectionEx
DeleteCriticalSection
InitializeCriticalSection

api-ms-win-core-libraryloader-l1-2-1

FindResourceW
LoadLibraryW

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetLocalTime
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetSystemTime

api-ms-win-core-string-l1-1-0

GetStringTypeW
WideCharToMultiByte
MultiByteToWideChar

api-ms-win-core-processthreads-l1-1-1

OpenProcess
IsProcessorFeaturePresent

api-ms-win-core-processthreads-l1-1-0

SwitchToThread
GetCurrentProcess
TlsAlloc
OpenProcessToken
CreateThread
CreateProcessAsUserW
TlsSetValue
GetCurrentProcessId
ProcessIdToSessionId
GetStartupInfoW
GetExitCodeProcess
CreateProcessW
TlsFree
GetCurrentThreadId
TerminateProcess
SetProcessShutdownParameters
TlsGetValue

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-errorhandling-l1-1-0

GetLastError
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RaiseException

api-ms-win-core-registry-l1-1-0

RegDeleteValueW
RegQueryInfoKeyW
RegGetValueW
RegOpenKeyExW
RegCloseKey
RegNotifyChangeKeyValue
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegSetKeySecurity
RegGetKeySecurity
RegEnumValueW

api-ms-win-core-registry-l2-1-0

RegDeleteKeyW
RegCreateKeyW

api-ms-win-devices-config-l1-1-1

CM_Open_DevNode_Key
CM_Get_Parent
CM_Locate_DevNodeW
CM_Get_Device_ID_ListW
CM_Get_Device_ID_List_SizeW

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
IsDebuggerPresent
OutputDebugStringA

api-ms-win-core-synch-l1-2-0

Sleep

ext-ms-win-shell32-shellfolders-l1-1-0

SHGetFolderPathW
SHGetSpecialFolderPathW

api-ms-win-core-privateprofile-l1-1-0

GetProfileIntW

api-ms-win-core-file-l1-2-0

GetTempPathW

api-ms-win-core-localization-l1-2-0

FormatMessageW
LCMapStringW

api-ms-win-core-heap-l2-1-0

LocalFree
LocalAlloc

api-ms-win-core-heap-obsolete-l1-1-0

LocalSize

api-ms-win-core-kernel32-legacy-l1-1-0

GetSystemPowerStatus
WTSGetActiveConsoleSessionId

api-ms-win-core-synch-l1-2-1

CreateWaitableTimerW
WaitForMultipleObjects

api-ms-win-security-base-l1-1-0

SetTokenInformation
DuplicateTokenEx
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
GetSecurityDescriptorDacl
AdjustTokenPrivileges
AllocateAndInitializeSid
FreeSid
AddAce
GetAce
AddAccessAllowedAceEx
CreateWellKnownSid
GetAclInformation
GetLengthSid
InitializeAcl

api-ms-win-core-namedpipe-l1-1-0

DisconnectNamedPipe
ConnectNamedPipe
CreateNamedPipeW

api-ms-win-security-sddl-l1-1-0

ConvertSidToStringSidW

api-ms-win-core-io-l1-1-0

DeviceIoControl

api-ms-win-security-base-l1-2-2

DeriveCapabilitySidsFromName

api-ms-win-security-provider-l1-1-0

SetEntriesInAclW

api-ms-win-core-registry-l1-1-1

RegSetKeyValueW

bcrypt

BCryptDestroyKey
BCryptOpenAlgorithmProvider
BCryptImportKeyPair
BCryptEncrypt
BCryptCloseAlgorithmProvider

api-ms-win-service-core-l1-1-0

SetServiceStatus
RegisterServiceCtrlHandlerExW
StartServiceCtrlDispatcherW

api-ms-win-service-management-l1-1-0

DeleteService
CloseServiceHandle
CreateServiceW
OpenSCManagerW
OpenServiceW

api-ms-win-service-winsvc-l1-1-0

ControlService
QueryServiceStatus

api-ms-win-service-management-l2-1-0

QueryServiceStatusEx

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-appmodel-runtime-l1-1-1

FindPackagesByPackageFamily

api-ms-win-mm-misc-l1-1-0

mmioWrite
mmioSetInfo
mmioAdvance
mmioGetInfo
mmioOpenW
mmioCreateChunk
mmioRead
mmioSeek
mmioAscend
mmioClose
mmioDescend

api-ms-win-core-toolhelp-l1-1-0

Process32FirstW
Process32NextW
CreateToolhelp32Snapshot

api-ms-win-security-lsalookup-l2-1-0

LookupPrivilegeValueW

userenv

CreateEnvironmentBlock

api-ms-win-core-psapi-l1-1-0

QueryFullProcessImageNameW

api-ms-win-core-memory-l1-1-0

ReadProcessMemory

crypt32

CryptMsgGetParam
CryptQueryObject
CertFreeCertificateContext
CryptDecodeObject
CertGetNameStringW
CertCloseStore
CertFindCertificateInStore
CryptMsgClose

api-ms-win-core-threadpool-l1-2-0

CreateThreadpoolWork
SubmitThreadpoolWork

api-ms-win-eventing-classicprovider-l1-1-0

GetTraceEnableLevel
GetTraceLoggerHandle
GetTraceEnableFlags
TraceMessage
RegisterTraceGuidsW

setupapi

SetupDiGetDevicePropertyW
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInstanceIdW
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo

wtsapi32

WTSQueryUserToken
WTSRegisterSessionNotification

kernel32

WriteProfileStringW
WinExec

user32

SetWindowsHookExW
SendInput
ShowWindow
FindWindowExW
DefWindowProcW
SendMessageW
LoadIconW
GetMessageW
TranslateMessage
DispatchMessageW
UnhookWinEvent
SetWinEventHook
GetClassNameA
KillTimer
SetTimer
RegisterDeviceNotificationW
CreateWindowExW
UnregisterDeviceNotification
RegisterClassW
CallNextHookEx
UnhookWindowsHookEx
LoadCursorW

advapi32

DeregisterEventSource
ReportEventW
RegisterEventSourceW
GetUserNameW

ole32

CoInitialize

avrt

AvRevertMmThreadCharacteristics
AvSetMmThreadCharacteristicsW

ntdll

NtQueryInformationProcess

wininet

InternetOpenW
InternetOpenUrlW
InternetReadFile
InternetCloseHandle

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo
_errno
abort
_initterm
_exit
_get_wide_winmain_command_line
_initialize_wide_environment
exit
_register_onexit_function
_register_thread_local_exe_atexit_callback
_configure_wide_argv
_initterm_e
_set_app_type
_invalid_parameter_noinfo_noreturn
_crt_atexit
_seh_filter_exe
_c_exit
_initialize_onexit_table
_resetstkoflw
_cexit
terminate

api-ms-win-crt-string-l1-1-0

_wcsupr_s
islower
_wcsicmp
wcscpy_s
wmemcpy_s
wcsncmp
__strncnt
wcsnlen
towupper
wcsspn
strcspn
isupper
wcscspn
wcstok_s
wcscat_s
iswspace
_wcsdup
strcpy_s

api-ms-win-crt-stdio-l1-1-0

fgetpos
fwrite
_flushall
__stdio_common_vsprintf_s
__stdio_common_vsprintf
__p__commode
fsetpos
_fseeki64
fputs
fflush
fputws
fgetc
setvbuf
ungetc
fgetwc
fputwc
ungetwc
_get_stream_buffer_pointers
__acrt_iob_func
__stdio_common_vfwprintf
__stdio_common_vfprintf_s
fread
__stdio_common_vswprintf
__stdio_common_vfprintf
_wfopen_s
_set_fmode
fputc
__stdio_common_vswprintf_s
_wfsopen
fseek
fgets
fclose

api-ms-win-crt-heap-l1-1-0

malloc
free
_recalloc
realloc
_callnewh
calloc
_set_new_mode

api-ms-win-crt-convert-l1-1-0

_wtoi
_itow_s
wcstoul
wcstol

api-ms-win-crt-math-l1-1-0

asinf
powf
frexp
log10f
atan2f
__setusermatherr

api-ms-win-crt-locale-l1-1-0

_unlock_locales
___lc_locale_name_func
___lc_codepage_func
___mb_cur_max_func
__pctype_func
setlocale
_configthreadlocale
localeconv
_lock_locales

api-ms-win-crt-multibyte-l1-1-0

_mbschr
_mbsstr

shlwapi

PathFileExistsW

api-ms-win-core-rtlsupport-l1-1-0

RtlUnwind
RtlUnwindEx
RtlPcToFileHeader
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file

Sections

.text
Size: 615KB - Virtual size: 614KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 353KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df2ea6e79fdcca00da7f6201e488c744

Code Sign

61:20:4d:b4:00:00:00:00:00:27Certificate

Key Usages

05:59:58:f8:a9:0b:14:fa:25:43:6b:89:fb:30:76:60Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6dCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

33:00:00:00:98:13:94:6f:a0:74:32:60:ca:00:00:00:00:00:98Certificate

Extended Key Usages

61:0b:aa:c1:00:00:00:00:00:09Certificate

Key Usages

8f:c8:60:66:b8:b6:e1:84:35:18:7d:a0:26:77:08:48:04:33:1c:32:92:22:61:3a:83:aa:56:6a:79:16:0a:96Signer

8f:c8:60:66:b8:b6:e1:84:35:18:7d:a0:26:77:08:48:04:33:1c:32:92:22:61:3a:83:aa:56:6a:79:16:0a:96Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

oleaut32

rpcrt4

api-ms-win-core-com-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-string-obsolete-l1-1-0

api-ms-win-core-file-l1-1-0

api-ms-win-core-timezone-l1-1-0

api-ms-win-core-datetime-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-libraryloader-l1-2-1

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-processthreads-l1-1-1

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-registry-l1-1-0

api-ms-win-core-registry-l2-1-0

api-ms-win-devices-config-l1-1-1

api-ms-win-core-debug-l1-1-0

api-ms-win-core-synch-l1-2-0

ext-ms-win-shell32-shellfolders-l1-1-0

api-ms-win-core-privateprofile-l1-1-0

api-ms-win-core-file-l1-2-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-heap-l2-1-0

api-ms-win-core-heap-obsolete-l1-1-0

api-ms-win-core-kernel32-legacy-l1-1-0

api-ms-win-core-synch-l1-2-1

api-ms-win-security-base-l1-1-0

api-ms-win-core-namedpipe-l1-1-0

api-ms-win-security-sddl-l1-1-0

api-ms-win-core-io-l1-1-0

api-ms-win-security-base-l1-2-2

api-ms-win-security-provider-l1-1-0

api-ms-win-core-registry-l1-1-1

bcrypt

api-ms-win-service-core-l1-1-0

api-ms-win-service-management-l1-1-0

api-ms-win-service-winsvc-l1-1-0

api-ms-win-service-management-l2-1-0

api-ms-win-core-util-l1-1-0

api-ms-win-appmodel-runtime-l1-1-1

api-ms-win-mm-misc-l1-1-0

api-ms-win-core-toolhelp-l1-1-0

api-ms-win-security-lsalookup-l2-1-0

userenv

61:20:4d:b4:00:00:00:00:00:27
Certificate

05:59:58:f8:a9:0b:14:fa:25:43:6b:89:fb:30:76:60
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

33:00:00:00:98:13:94:6f:a0:74:32:60:ca:00:00:00:00:00:98
Certificate

61:0b:aa:c1:00:00:00:00:00:09
Certificate

8f:c8:60:66:b8:b6:e1:84:35:18:7d:a0:26:77:08:48:04:33:1c:32:92:22:61:3a:83:aa:56:6a:79:16:0a:96
Signer

8f:c8:60:66:b8:b6:e1:84:35:18:7d:a0:26:77:08:48:04:33:1c:32:92:22:61:3a:83:aa:56:6a:79:16:0a:96
Signer

.text
Size: 615KB - Virtual size: 614KB

.orpc
Size: 512B - Virtual size: 148B

.rdata
Size: 353KB - Virtual size: 352KB

.data
Size: 15KB - Virtual size: 25KB

.pdata
Size: 27KB - Virtual size: 27KB

.rsrc
Size: 139KB - Virtual size: 138KB

.reloc
Size: 7KB - Virtual size: 7KB