2024-06-15_19ad28f61174608ef00b9536d981ade8_qakbot_ryuk

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-15_19ad28f61174608ef00b9536d981ade8_qakbot_ryuk
Size

1.8MB
MD5

19ad28f61174608ef00b9536d981ade8
SHA1

e09fe94d272537ad8d1a8d0c982b145dd5e4f13d
SHA256

2398d3ba89ec7b864b29df58d1ecb438418e6515f0d1ec9402b9b0e244151ab1
SHA512

3fdaf63b61c6c42dfa842b3349996497d21d7b1e60eed0c5d562a0f773d665d5af58f2129a74d913dcf41a9db3123e067987e76f26d39ec95c00a5207a41d505
SSDEEP

24576:6Ody1dxhDpGTFn/l+W2YBAgZ5eLMmt/1+75TAhUI7ckq+tf:6i6DpGpndt7AhUIl

Score

1^/10

Malware Config

Signatures

Files

2024-06-15_19ad28f61174608ef00b9536d981ade8_qakbot_ryuk
.exe windows:6 windows x64 arch:x64

b72302de00d1ce8306c5548b40469c92

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:ad:e4:6d:b0:2a:2f:78:46:2a:29:37:27:e8:d8:74
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

12/03/2021, 00:00

Not After

08/06/2024, 23:59

Subject

CN=Trend Micro\, Inc.,O=Trend Micro\, Inc.,L=Da’an District,ST=Taipei City,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

54:98:d2:d1:d4:5b:19:95:48:13:79:c8:11:c0:87:99
Certificate

Issuer

CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US

Not Before

16/04/2020, 18:36

Not After

16/04/2045, 18:44

Subject

CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:e9:59:36:4d:3d:18:aa:9f:ca:d5:00:00:00:00:e9:59
Certificate

Issuer

CN=Microsoft ID Verified CS AOC CA 02,O=Microsoft Corporation,C=US

Not Before

17/04/2024, 16:26

Not After

20/04/2024, 16:26

Subject

CN=Trend Micro\, Inc.,O=Trend Micro\, Inc.,L=Taipei,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:e9:59:36:4d:3d:18:aa:9f:ca:d5:00:00:00:00:e9:59
Certificate

Issuer

CN=Microsoft ID Verified CS AOC CA 02,O=Microsoft Corporation,C=US

Not Before

17/04/2024, 16:26

Not After

20/04/2024, 16:26

Subject

CN=Trend Micro\, Inc.,O=Trend Micro\, Inc.,L=Taipei,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:04:96:50:4b:d2:db:ee:cb:88:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft ID Verified Code Signing PCA 2021,O=Microsoft Corporation,C=US

Not Before

13/04/2021, 17:31

Not After

13/04/2026, 17:31

Subject

CN=Microsoft ID Verified CS AOC CA 02,O=Microsoft Corporation,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:07:87:a3:34:a3:7b:a5:8e:1c:00:00:00:00:00:07
Certificate

Issuer

CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US

Not Before

01/04/2021, 20:05

Not After

01/04/2036, 20:15

Subject

CN=Microsoft ID Verified Code Signing PCA 2021,O=Microsoft Corporation,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:05:e5:cf:0f:ff:66:2e:c9:87:00:00:00:00:00:05
Certificate

Issuer

CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US

Not Before

19/11/2020, 20:32

Not After

19/11/2035, 20:42

Subject

CN=Microsoft Public RSA Timestamping CA 2020,O=Microsoft Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:30:22:4f:a1:2d:c5:34:eb:4b:00:00:00:00:00:30
Certificate

Issuer

CN=Microsoft Public RSA Timestamping CA 2020,O=Microsoft Corporation,C=US

Not Before

15/06/2023, 19:38

Not After

14/06/2024, 19:38

Subject

CN=Microsoft Public RSA Time Stamping Authority,OU=Microsoft Ireland Operations Limited+OU=Thales TSS ESN:F5D6-96D6-909E,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

72:aa:81:60:ef:cc:38:1f:6c:d2:a4:4b:ae:cc:f6:c1:8e:1b:d8:d0:90:f9:f6:52:02:bd:0c:38:e5:af:7c:db
Signer

Actual PE Digest

72:aa:81:60:ef:cc:38:1f:6c:d2:a4:4b:ae:cc:f6:c1:8e:1b:d8:d0:90:f9:f6:52:02:bd:0c:38:e5:af:7c:db

Digest Algorithm

sha256

PE Digest Matches

true

72:aa:81:60:ef:cc:38:1f:6c:d2:a4:4b:ae:cc:f6:c1:8e:1b:d8:d0:90:f9:f6:52:02:bd:0c:38:e5:af:7c:db
Signer

Actual PE Digest

72:aa:81:60:ef:cc:38:1f:6c:d2:a4:4b:ae:cc:f6:c1:8e:1b:d8:d0:90:f9:f6:52:02:bd:0c:38:e5:af:7c:db

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Jenkins\workspace\build_nginx_master\nginx\objs\nginx.pdb

Imports

kernel32

SetStdHandle
GetCurrentThreadId
GetFileInformationByHandle
SetLastError
SwitchToThread
Sleep
FormatMessageA
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
GetDiskFreeSpaceW
GetDiskFreeSpaceExW
GetFileAttributesExW
GetLongPathNameW
ReadFile
RemoveDirectoryW
SetEndOfFile
SetFilePointerEx
SetFileTime
WriteFile
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
MoveFileW
LoadLibraryA
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetCommandLineA
ResetEvent
OpenEventA
TerminateProcess
GetExitCodeProcess
CreateProcessA
GetModuleFileNameA
WaitForMultipleObjects
CreateThread
GetEnvironmentVariableA
GetSystemInfo
GetVersionExA
GetModuleHandleA
SetEnvironmentVariableA
SetEvent
ReleaseMutex
WaitForSingleObject
CreateMutexA
CreateEventA
OpenMutexA
FreeConsole
SetConsoleCtrlHandler
CreateIoCompletionPort
GetQueuedCompletionStatus
WriteConsoleW
GetConsoleMode
GetProcAddress
FreeLibrary
GetCurrentProcessId
GetLastError
CloseHandle
MapViewOfFileEx
GetStdHandle
GetConsoleCP
FlushFileBuffers
HeapReAlloc
HeapSize
GetProcessHeap
GetStringTypeW
GetFileType
FindNextFileA
FindFirstFileExW
FindFirstFileExA
OutputDebugStringW
OutputDebugStringA
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetCurrentThread
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
HeapAlloc
HeapFree
GetACP
GetCommandLineW
GetModuleFileNameW
GetModuleHandleExW
ExitProcess
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwindEx
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
QueryPerformanceCounter
IsProcessorFeaturePresent
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RaiseException

user32

CharToOemBuffA

advapi32

RegCreateKeyExA
RegCloseKey
ReportEventA
RegisterEventSourceA
DeregisterEventSource
RegSetValueExA

ws2_32

htonl
htons
ntohl
ntohs
getaddrinfo
freeaddrinfo
bind
closesocket
getsockname
getsockopt
listen
setsockopt
WSAGetLastError
WSASocketW
gethostname
connect
accept
ioctlsocket
WSAGetOverlappedResult
WSARecv
WSASend
WSAStartup
WSAIoctl
__WSAFDIsSet
select
recv
shutdown
WSASetLastError

libssl-3-x64

SSL_CTX_set_alpn_protos
SSL_CTX_set_cert_cb
SSL_CTX_set_alpn_select_cb
SSL_select_next_proto
SSL_SESSION_free
SSL_set_SSL_CTX
SSL_CTX_get_verify_callback
SSL_CTX_get_verify_depth
SSL_set_verify_depth
SSL_set_verify
SSL_clear_options
SSL_CTX_get_options
SSL_get0_verified_chain
SSL_get_SSL_CTX
SSL_get_certificate
SSL_SESSION_set_timeout
OPENSSL_init_ssl
SSL_CONF_cmd_value_type
SSL_CONF_cmd
SSL_CONF_CTX_set_ssl_ctx
SSL_CONF_CTX_set_flags
SSL_CONF_CTX_free
SSL_CONF_CTX_finish
SSL_CONF_CTX_new
SSL_session_reused
SSL_CIPHER_find
SSL_CTX_get_ex_data
SSL_CTX_set_ex_data
SSL_get_ex_data
SSL_set_ex_data
SSL_get_verify_result
SSL_get1_session
SSL_get_session
SSL_CTX_load_verify_locations
SSL_version
SSL_get_shutdown
SSL_set_shutdown
SSL_set_quiet_shutdown
SSL_set_accept_state
SSL_SESSION_get_timeout
SSL_SESSION_set_time
SSL_SESSION_get_time
SSL_load_client_CA_file
SSL_use_certificate
SSL_use_PrivateKey
SSL_get_wbio
SSL_get_rbio
SSL_set_fd
SSL_CIPHER_get_name
SSL_get_current_cipher
SSL_CTX_get_cert_store
SSL_CTX_get_timeout
SSL_CTX_set_timeout
SSL_CTX_free
SSL_CTX_new
SSL_CTX_set_cipher_list
SSL_is_init_finished
SSL_in_init
SSL_get_servername
SSL_CTX_get_max_early_data
SSL_CTX_set_max_early_data
SSL_get0_alpn_selected
SSL_CTX_set_info_callback
SSL_CTX_sess_set_get_cb
SSL_CTX_sess_set_remove_cb
SSL_CTX_sess_set_new_cb
SSL_set_options
SSL_CTX_set_options
SSL_CTX_clear_options
SSL_get_options
SSL_set_connect_state
SSL_CTX_get_client_CA_list
SSL_CTX_set_client_CA_list
SSL_shutdown
SSL_do_handshake
TLS_method
SSL_get_version
SSL_get_error
SSL_CTX_callback_ctrl
SSL_CTX_ctrl
SSL_ctrl
SSL_write_early_data
SSL_write
SSL_read_early_data
SSL_read
SSL_free
SSL_new
SSL_CTX_set_session_id_context
SSL_CTX_use_certificate
SSL_CTX_use_PrivateKey
SSL_CTX_set_verify_depth
SSL_CTX_set_verify
SSL_CTX_get_verify_mode
SSL_get1_peer_certificate
d2i_SSL_SESSION
SSL_CTX_remove_session
SSL_set_session
i2d_SSL_SESSION
SSL_SESSION_up_ref
SSL_SESSION_get_id
SSL_SESSION_set1_id_context
SSL_get_peer_cert_chain

libcrypto-3-x64

OCSP_basic_verify
OCSP_cert_status_str
OCSP_response_status_str
i2d_OCSP_REQUEST
OCSP_REQUEST_free
OCSP_REQUEST_new
OCSP_CERTID_free
i2d_OCSP_RESPONSE
d2i_OCSP_RESPONSE
OCSP_RESPONSE_free
OCSP_RESPONSE_new
OCSP_BASICRESP_free
OCSP_check_validity
OCSP_resp_find_status
OCSP_response_get1_basic
OCSP_response_status
OCSP_request_add0_id
OCSP_cert_to_id
X509_get1_ocsp
X509_email_free
X509_check_issued
X509_chain_up_ref
X509_up_ref
X509_pubkey_digest
X509_STORE_CTX_get1_chain
X509_STORE_CTX_init
X509_STORE_CTX_free
X509_STORE_CTX_get1_issuer
X509_STORE_CTX_new
X509_verify_cert
ASN1_GENERALIZEDTIME_print
ASN1_d2i_bio
CRYPTO_malloc
OSSL_PROVIDER_available
OSSL_PROVIDER_set_default_search_path
X509_check_host
ENGINE_set_default
ENGINE_load_private_key
ENGINE_free
OpenSSL_version
OPENSSL_sk_num
OPENSSL_sk_value
OPENSSL_sk_new_null
OPENSSL_sk_pop_free
OPENSSL_sk_push
CRYPTO_get_ex_new_index
CRYPTO_free
OSSL_LIB_CTX_load_config
BIO_new_file
BIO_new
BIO_free
BIO_read
BIO_write
BIO_ctrl
BIO_int_ctrl
BIO_s_mem
BIO_new_mem_buf
i2a_ASN1_INTEGER
ASN1_TIME_print
OBJ_nid2sn
EVP_default_properties_enable_fips
EVP_CIPHER_get_iv_length
EVP_MD_CTX_new
EVP_MD_CTX_free
EVP_DigestInit_ex
EVP_DigestUpdate
EVP_DigestFinal_ex
EVP_EncryptInit_ex
EVP_DecryptInit_ex
EVP_sha1
EVP_sha256
EVP_aes_128_cbc
EVP_aes_256_cbc
EVP_PKEY_free
DH_free
X509_STORE_set_flags
X509_STORE_add_lookup
X509_LOOKUP_file
X509_LOOKUP_ctrl
X509_verify_cert_error_string
X509_digest
X509_NAME_digest
X509_free
X509_set_ex_data
X509_get_ex_data
X509_NAME_oneline
X509_get_serialNumber
X509_get_issuer_name
X509_get_subject_name
X509_get0_notBefore
X509_get0_notAfter
X509_NAME_print_ex
PEM_read_bio_X509
PEM_write_bio_X509
PEM_read_bio_X509_AUX
PEM_read_bio_DHparams
PEM_read_bio_PrivateKey
HMAC_Init_ex
ERR_get_error
ERR_peek_error
ERR_peek_error_data
ERR_peek_last_error
ERR_clear_error
ERR_error_string_n
RAND_bytes
ENGINE_by_id

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 131KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 1024B - Virtual size: 707B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 283B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b72302de00d1ce8306c5548b40469c92

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

05:ad:e4:6d:b0:2a:2f:78:46:2a:29:37:27:e8:d8:74Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

54:98:d2:d1:d4:5b:19:95:48:13:79:c8:11:c0:87:99Certificate

Key Usages

33:00:00:e9:59:36:4d:3d:18:aa:9f:ca:d5:00:00:00:00:e9:59Certificate

Extended Key Usages

Key Usages

33:00:00:e9:59:36:4d:3d:18:aa:9f:ca:d5:00:00:00:00:e9:59Certificate

Extended Key Usages

Key Usages

33:00:00:00:04:96:50:4b:d2:db:ee:cb:88:00:00:00:00:00:04Certificate

Key Usages

33:00:00:00:07:87:a3:34:a3:7b:a5:8e:1c:00:00:00:00:00:07Certificate

Key Usages

33:00:00:00:05:e5:cf:0f:ff:66:2e:c9:87:00:00:00:00:00:05Certificate

Extended Key Usages

Key Usages

33:00:00:00:30:22:4f:a1:2d:c5:34:eb:4b:00:00:00:00:00:30Certificate

Extended Key Usages

Key Usages

72:aa:81:60:ef:cc:38:1f:6c:d2:a4:4b:ae:cc:f6:c1:8e:1b:d8:d0:90:f9:f6:52:02:bd:0c:38:e5:af:7c:dbSigner

72:aa:81:60:ef:cc:38:1f:6c:d2:a4:4b:ae:cc:f6:c1:8e:1b:d8:d0:90:f9:f6:52:02:bd:0c:38:e5:af:7c:dbSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

ws2_32

libssl-3-x64

libcrypto-3-x64

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 260KB - Virtual size: 260KB

.data Size: 131KB - Virtual size: 216KB

.pdata Size: 64KB - Virtual size: 63KB

.idata Size: 16KB - Virtual size: 15KB

.gfids Size: 1024B - Virtual size: 707B

.00cfg Size: 512B - Virtual size: 283B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 13KB - Virtual size: 13KB

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

05:ad:e4:6d:b0:2a:2f:78:46:2a:29:37:27:e8:d8:74
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

54:98:d2:d1:d4:5b:19:95:48:13:79:c8:11:c0:87:99
Certificate

33:00:00:e9:59:36:4d:3d:18:aa:9f:ca:d5:00:00:00:00:e9:59
Certificate

33:00:00:e9:59:36:4d:3d:18:aa:9f:ca:d5:00:00:00:00:e9:59
Certificate

33:00:00:00:04:96:50:4b:d2:db:ee:cb:88:00:00:00:00:00:04
Certificate

33:00:00:00:07:87:a3:34:a3:7b:a5:8e:1c:00:00:00:00:00:07
Certificate

33:00:00:00:05:e5:cf:0f:ff:66:2e:c9:87:00:00:00:00:00:05
Certificate

33:00:00:00:30:22:4f:a1:2d:c5:34:eb:4b:00:00:00:00:00:30
Certificate

72:aa:81:60:ef:cc:38:1f:6c:d2:a4:4b:ae:cc:f6:c1:8e:1b:d8:d0:90:f9:f6:52:02:bd:0c:38:e5:af:7c:db
Signer

72:aa:81:60:ef:cc:38:1f:6c:d2:a4:4b:ae:cc:f6:c1:8e:1b:d8:d0:90:f9:f6:52:02:bd:0c:38:e5:af:7c:db
Signer

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 260KB - Virtual size: 260KB

.data
Size: 131KB - Virtual size: 216KB

.pdata
Size: 64KB - Virtual size: 63KB

.idata
Size: 16KB - Virtual size: 15KB

.gfids
Size: 1024B - Virtual size: 707B

.00cfg
Size: 512B - Virtual size: 283B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 13KB - Virtual size: 13KB