b5d476067a92b821606a0fe05b9ba20b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b5d476067a92b821606a0fe05b9ba20b_JaffaCakes118
Size

18.8MB
MD5

b5d476067a92b821606a0fe05b9ba20b
SHA1

b5f18f8983f7621d494a156bce7195d48e1ae427
SHA256

164fb7d6226b0b89b87489dd99eeddc5592f48324e5adf60436b6beac815390d
SHA512

1df0c85db77192360f04f0c24a48469b3d5a596a6cfe53eb76958bcf095c382b4238b3ba2bab586b5cc6e07d43f58eb99d91f72e45680846ac3fe40adfe878c5
SSDEEP

393216:/wNmFJXFArQ/TalvNJYBDJDEIXnEUC2DJ01fLiAUa:/wNmFJT/k/UCYq1R

Score

1^/10

Malware Config

Signatures

Files

b5d476067a92b821606a0fe05b9ba20b_JaffaCakes118
.dll windows:5 windows x86 arch:x86

3cbdc8e6651f5f06b29ead7e5037a16e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

41:da:d5:9a:6c:a7:7a:2d:24:61:25:08:38:03:46:4f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

12/04/2018, 00:00

Not After

12/07/2019, 23:59

Subject

CN=Shenzhen Thinksky Technology Co.\,Ltd,OU=R&D Dept.,O=Shenzhen Thinksky Technology Co.\,Ltd,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:da:d5:9a:6c:a7:7a:2d:24:61:25:08:38:03:46:4f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

12/04/2018, 00:00

Not After

12/07/2019, 23:59

Subject

CN=Shenzhen Thinksky Technology Co.\,Ltd,OU=R&D Dept.,O=Shenzhen Thinksky Technology Co.\,Ltd,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

98:3e:7e:3c:d9:20:8d:a9:db:8a:ad:67:3a:fc:cf:31:11:7c:00:7e:1a:74:ad:10:22:48:ac:bd:2a:77:56:da
Signer

Actual PE Digest

98:3e:7e:3c:d9:20:8d:a9:db:8a:ad:67:3a:fc:cf:31:11:7c:00:7e:1a:74:ad:10:22:48:ac:bd:2a:77:56:da

Digest Algorithm

sha256

PE Digest Matches

true

10:81:91:e2:bf:60:36:b5:44:50:93:18:8e:77:be:1d:01:fa:77:96
Signer

Actual PE Digest

10:81:91:e2:bf:60:36:b5:44:50:93:18:8e:77:be:1d:01:fa:77:96

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Program Files (x86)\Jenkins\workspace\iTools4_EN_Release\bin\IVChecker1.pdb

Imports

utilities

??1JValue@@QAE@XZ
??0JValue@@QAE@W4TYPE@0@@Z
?GetModuleFolder@CHiFile@@SA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?U2A@CHIconv@@QAE?AV?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@ATL@@PB_W@Z
?GetResourceData@CHUtil@@SAHPAUHINSTANCE__@@PB_WIAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??1CHIconv@@QAE@XZ
??0CHIconv@@QAE@XZ
??RCHTraceImplement@@QBAXPB_WZZ

tesseract40

?GetUTF8Text@TessBaseAPI@tesseract@@QAEPADXZ
?Recognize@TessBaseAPI@tesseract@@QAEHPAVETEXT_DESC@@@Z
?SetPageSegMode@TessBaseAPI@tesseract@@QAEXW4PageSegMode@2@@Z
?SetVariable@TessBaseAPI@tesseract@@QAE_NPBD0@Z
??0TessBaseAPI@tesseract@@QAE@XZ
?Init@TessBaseAPI@tesseract@@QAEHPBD0W4OcrEngineMode@2@PAPADHPBV?$GenericVector@VSTRING@@@@3_N@Z
?SetImage@TessBaseAPI@tesseract@@QAEXPBEHHHH@Z

msvcp120

?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?_Throw_C_error@std@@YAXH@Z
_Mtx_destroy
_Mtx_init
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
?_Winerror_map@std@@YAPBDH@Z
?_Syserror_map@std@@YAPBDH@Z
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
_Strcoll
_Wcscoll
_Strxfrm
_Wcsxfrm
??_7_Facet_base@std@@6B@
??_7facet@locale@std@@6B@
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Xinvalid_argument@std@@YAXPBD@Z
?_Future_error_map@std@@YAPBDH@Z
?_BADOFF@std@@3_JB
?_Orphan_all@_Container_base0@std@@QAEXXZ
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?id@?$ctype@D@std@@2V0locale@2@A
?id@?$ctype@_W@std@@2V0locale@2@A
?id@?$codecvt@DDH@std@@2V0locale@2@A
?id@?$collate@D@std@@2V0locale@2@A
?id@?$collate@_W@std@@2V0locale@2@A
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?tolower@?$ctype@_W@std@@QBEPB_WPA_WPB_W@Z
?tolower@?$ctype@_W@std@@QBE_W_W@Z
?is@?$ctype@_W@std@@QBE_NF_W@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?tolower@?$ctype@D@std@@QBEPBDPADPBD@Z
?tolower@?$ctype@D@std@@QBEDD@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
??1facet@locale@std@@MAE@XZ
??0facet@locale@std@@IAE@I@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UAEXXZ
??Bid@locale@std@@QAEIXZ
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
??1_Locinfo@std@@QAE@XZ
??0_Locinfo@std@@QAE@PBD@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?uncaught_exception@std@@YA_NXZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
??1ios_base@std@@UAE@XZ
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
??_7ios_base@std@@6B@
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??1_Container_base12@std@@QAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Swap_all@_Container_base12@std@@QAEXAAU12@@Z
?pubsetbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEPAV12@PAD_J@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
?seekp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z

kernel32

GetTickCount
OutputDebugStringW
IsDebuggerPresent
ExitProcess
GetEnvironmentVariableA
lstrcmpA
GetCurrentThreadId
SwitchToThread
InterlockedIncrement
GetSystemTimeAsFileTime
GetCurrentProcessId
IsProcessorFeaturePresent
EncodePointer
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
FindNextFileA
FindFirstFileExA
FindClose
GetFileAttributesExA
CreateFileA
CloseHandle
UnlockFileEx
LockFileEx
Sleep
GetSystemInfo
QueryPerformanceFrequency
QueryPerformanceCounter
GetTempPathA
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
FindResourceExW
FindResourceW
SizeofResource
LockResource
LoadResource
DeleteCriticalSection
DecodePointer
HeapSize
GetLastError
RaiseException
MultiByteToWideChar
HeapDestroy
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc

msvcr120

fgets
__CxxLongjmpUnwind
_setjmp3
__libm_sse2_log
strtol
fputs
_unlink
_mkdir
_rmdir
frexp
sscanf
isxdigit
_strdup
strncpy_s
_wcsdup
abort
isprint
ceil
qsort
vfprintf
strtok
exit
floor
tmpfile
strerror
_snprintf
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
_except1
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_except_handler4_common
__clean_type_info_names_internal
_tempnam
_close
_lseek
_open
_read
_write
_libm_sse2_pow_precise
ldexp
longjmp
__libm_sse2_pow
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?_Trace_ppl_function@Concurrency@@YAXABU_GUID@@EW4ConcRT_EventType@1@@Z
?_Confirm_cancel@_Cancellation_beacon@details@Concurrency@@QAE_NXZ
??3@YAXPAX@Z
memmove_s
memmove
free
wcsrchr
??_V@YAXPAX@Z
_purecall
memcpy_s
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
_errno
strtoul
wcstoul
sprintf_s
wmemcpy_s
wcsstr
realloc
_wcsicmp
_vscwprintf
vswprintf_s
fclose
fflush
fgetc
fputc
ungetc
?what@exception@std@@UBEPBDXZ
_lock_file
_unlock_file
fwrite
_fseeki64
fgetpos
fsetpos
setvbuf
memchr
??0bad_cast@std@@QAE@PBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
strchr
iswspace
atoi
toupper
roundf
_vsnprintf_s
fread
fprintf
ferror
fseek
atof
strncmp
isspace
isalnum
tolower
isalpha
_CxxThrowException
__CxxFrameHandler3
memcpy
malloc
memset
sprintf
__libm_sse2_cos
__libm_sse2_sin
__libm_sse2_exp
strrchr
fopen
remove
getenv
__iob_func
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
isdigit
strncpy
strstr
printf
??0exception@std@@QAE@ABQBDH@Z
?Free@Concurrency@@YAXPAX@Z
?_CurrentContext@_Context@details@Concurrency@@SA?AV123@XZ
?_Yield@_Context@details@Concurrency@@SAXXZ
?_IsSynchronouslyBlocked@_Context@details@Concurrency@@QBE_NXZ
?_GetNumberOfVirtualProcessors@_CurrentScheduler@details@Concurrency@@SAIXZ
?_UnderlyingYield@details@Concurrency@@YAXXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?Get@CurrentScheduler@Concurrency@@SAPAVScheduler@2@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IAEXXZ
??1_StructuredTaskCollection@details@Concurrency@@QAE@XZ
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
??0_Cancellation_beacon@details@Concurrency@@QAE@XZ
??1_Cancellation_beacon@details@Concurrency@@QAE@XZ

gdiplus

GdipGetImageHeight
GdipGetImagePixelFormat
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageWidth

Exports

Exports

deinitOCR
getAllName
getIVs
hasStarDust
initOCR
parsePokemonImg

Sections

.text
Size: 13.8MB - Virtual size: 13.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

IPPCODE
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3cbdc8e6651f5f06b29ead7e5037a16e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

41:da:d5:9a:6c:a7:7a:2d:24:61:25:08:38:03:46:4fCertificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

41:da:d5:9a:6c:a7:7a:2d:24:61:25:08:38:03:46:4fCertificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6Certificate

Extended Key Usages

Key Usages

98:3e:7e:3c:d9:20:8d:a9:db:8a:ad:67:3a:fc:cf:31:11:7c:00:7e:1a:74:ad:10:22:48:ac:bd:2a:77:56:daSigner

10:81:91:e2:bf:60:36:b5:44:50:93:18:8e:77:be:1d:01:fa:77:96Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

utilities

tesseract40

msvcp120

kernel32

msvcr120

gdiplus

Exports

Exports

Sections

.text Size: 13.8MB - Virtual size: 13.8MB

IPPCODE Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 2.0MB - Virtual size: 2.0MB

.data Size: 110KB - Virtual size: 245KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 228KB - Virtual size: 228KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

41:da:d5:9a:6c:a7:7a:2d:24:61:25:08:38:03:46:4f
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

41:da:d5:9a:6c:a7:7a:2d:24:61:25:08:38:03:46:4f
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

98:3e:7e:3c:d9:20:8d:a9:db:8a:ad:67:3a:fc:cf:31:11:7c:00:7e:1a:74:ad:10:22:48:ac:bd:2a:77:56:da
Signer

10:81:91:e2:bf:60:36:b5:44:50:93:18:8e:77:be:1d:01:fa:77:96
Signer

.text
Size: 13.8MB - Virtual size: 13.8MB

IPPCODE
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 2.0MB - Virtual size: 2.0MB

.data
Size: 110KB - Virtual size: 245KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 228KB - Virtual size: 228KB