69a4faf57beddfb44d64fa88db7e2c50_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

69a4faf57beddfb44d64fa88db7e2c50_NeikiAnalytics.exe
Size

1.8MB
MD5

69a4faf57beddfb44d64fa88db7e2c50
SHA1

a406a27e78373c0ab8ae1a3d5d59f9bab9f28df7
SHA256

89cab31bffade7f32da11dcae9ee8ea7188d068ea0d49268bcb15f7bf342b10a
SHA512

87ff0651e898bdd2753fc69488515f95a114e74127dc7d5ddedc883e521fa25b0486739a9288478a07c838792a9e564a6aa5b3de343a841fc98976fa60a27139
SSDEEP

24576:+dVzJv5XXORlp5P6Rk0PZWw+d7di1zNiDVaSBZN25iAKu2f5Kq6I6397Szdxfawy:sE90BGKNsfAmKqB6397Szdv0fGTW

Score

1^/10

Malware Config

Signatures

Files

69a4faf57beddfb44d64fa88db7e2c50_NeikiAnalytics.exe
.dll windows:6 windows x64 arch:x64

f6444cd8b00f7b259ecc779ee4740ff5

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

59:dd:d2:bf:a6:72:e1:01:5a:f0:0f:f1
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

16/05/2024, 13:07

Not After

17/05/2025, 13:07

Subject

SERIALNUMBER=556821-8225,CN=Coffee Stain Studios AB,O=Coffee Stain Studios AB,STREET=Hertig Johans Gata 6,L=Skövde,ST=Västra Götaland,C=SE,1.2.840.113549.1.9.1=#0c14637373697440636f66666565737461696e2e7365,1.3.6.1.4.1.311.60.2.1.3=#13025345,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e2:ce:75:29:92:f3:e3:2e:25:6d:a1:cd:bb:cf:3c:93:62:11:1f:4c:00:1f:de:3d:f3:b4:7b:fd:a6:a7:7a:04
Signer

Actual PE Digest

e2:ce:75:29:92:f3:e3:2e:25:6d:a1:cd:bb:cf:3c:93:62:11:1f:4c:00:1f:de:3d:f3:b4:7b:fd:a6:a7:7a:04

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\temp\Built\Int\rel-pub\windows-desktop-win7-x64\Shared\GCD\Modules\NsightAftermath\GFSDK_Aftermath_Lib.x64.pdb

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
VerSetConditionMask
GetFileAttributesW
GetFullPathNameW
CloseHandle
GetLastError
SetLastError
GetSystemDirectoryW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
LoadLibraryExW
LocalAlloc
LocalFree
VerifyVersionInfoW
InitializeCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetCurrentProcess
K32EnumProcessModules
K32GetModuleInformation
Sleep
GetThreadErrorMode
SetThreadErrorMode
FormatMessageA
FormatMessageW
WideCharToMultiByte
AreFileApisANSI
MultiByteToWideChar
LoadLibraryW
GetModuleHandleExW
SetEvent
ResetEvent
InitializeCriticalSectionAndSpinCount
InitOnceComplete
EnterCriticalSection
InitOnceBeginInitialize
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
CreateEventW
WaitForSingleObjectEx

ole32

CoUninitialize
CoInitializeEx

oleaut32

SysFreeString

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

msvcp140

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
?uncaught_exception@std@@YA_NXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Xbad_function_call@std@@YAXXZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAADD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
_Strcoll
_Strxfrm
??0_Locinfo@std@@QEAA@PEBD@Z
??1_Locinfo@std@@QEAA@XZ
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
??0facet@locale@std@@IEAA@_K@Z
??1facet@locale@std@@MEAA@XZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
?tolower@?$ctype@D@std@@QEBADD@Z
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?id@?$ctype@D@std@@2V0locale@2@A
?id@?$collate@D@std@@2V0locale@2@A
?always_noconv@codecvt_base@std@@QEBA_NXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Syserror_map@std@@YAPEBDH@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@V?$fpos@U_Mbstatet@@@2@@Z
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@F@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
?out@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEB_W1AEAPEB_WPEAD3AEAPEAD@Z
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Locimp_Addfac@_Locimp@locale@std@@CAXPEAV123@PEAVfacet@23@_K@Z
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
??Bid@locale@std@@QEAA_KXZ
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
_Cnd_signal
_Cnd_broadcast
_Cnd_wait
_Cnd_destroy_in_situ
_Cnd_init_in_situ
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Throw_C_error@std@@YAXH@Z
_Mtx_unlock
_Mtx_lock
_Mtx_destroy_in_situ
_Mtx_init_in_situ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ

vcruntime140

__current_exception
strstr
__C_specific_handler
__current_exception_context
__std_type_info_compare
memchr
wcsstr
wcsrchr
strchr
memcmp
__RTDynamicCast
__std_terminate
_purecall
memmove
memcpy
__std_type_info_destroy_list
_CxxThrowException
__std_exception_destroy
__std_exception_copy
memset

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_cexit
_initterm
_crt_atexit
terminate
abort
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_errno
_seh_filter_dll
_initterm_e
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn
_execute_onexit_table

api-ms-win-crt-heap-l1-1-0

realloc
_callnewh
malloc
free

api-ms-win-crt-string-l1-1-0

_wcsnicmp
_wcsicmp
strncmp
isalpha
islower
strnlen
isalnum
isdigit
strcmp
_stricmp
strncpy
isxdigit

api-ms-win-crt-utility-l1-1-0

bsearch

api-ms-win-crt-convert-l1-1-0

strtol
strtoll

api-ms-win-crt-math-l1-1-0

pow
log
_fdclass
_dsign
_dclass

api-ms-win-crt-stdio-l1-1-0

ungetc
getchar
fwrite
_fseeki64
fsetpos
fread
fputc
fgetpos
fgetc
fflush
fclose
_get_stream_buffer_pointers
__stdio_common_vsprintf
putchar
setvbuf
__stdio_common_vswprintf_s
__stdio_common_vsscanf

api-ms-win-crt-locale-l1-1-0

localeconv

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file
_wsplitpath_s

Exports

Exports

GFSDK_Aftermath_DX11_CreateContextHandle
GFSDK_Aftermath_DX11_Initialize
GFSDK_Aftermath_DX12_CreateContextHandle
GFSDK_Aftermath_DX12_Initialize
GFSDK_Aftermath_DX12_RegisterResource
GFSDK_Aftermath_DX12_UnregisterResource
GFSDK_Aftermath_DisableGpuCrashDumps
GFSDK_Aftermath_EnableGpuCrashDumps
GFSDK_Aftermath_GetContextError
GFSDK_Aftermath_GetCrashDumpStatus
GFSDK_Aftermath_GetData
GFSDK_Aftermath_GetDeviceStatus
GFSDK_Aftermath_GetPageFaultInformation
GFSDK_Aftermath_GetShaderDebugInfoIdentifier
GFSDK_Aftermath_GetShaderDebugName
GFSDK_Aftermath_GetShaderDebugNameSpirv
GFSDK_Aftermath_GetShaderHash
GFSDK_Aftermath_GetShaderHashForShaderInfo
GFSDK_Aftermath_GetShaderHashSpirv
GFSDK_Aftermath_GpuCrashDump_CreateDecoder
GFSDK_Aftermath_GpuCrashDump_DestroyDecoder
GFSDK_Aftermath_GpuCrashDump_GenerateJSON
GFSDK_Aftermath_GpuCrashDump_GetActiveShadersInfo
GFSDK_Aftermath_GpuCrashDump_GetActiveShadersInfoCount
GFSDK_Aftermath_GpuCrashDump_GetBaseInfo
GFSDK_Aftermath_GpuCrashDump_GetDescription
GFSDK_Aftermath_GpuCrashDump_GetDescriptionSize
GFSDK_Aftermath_GpuCrashDump_GetDeviceInfo
GFSDK_Aftermath_GpuCrashDump_GetEventMarkersInfo
GFSDK_Aftermath_GpuCrashDump_GetEventMarkersInfoCount
GFSDK_Aftermath_GpuCrashDump_GetGpuInfo
GFSDK_Aftermath_GpuCrashDump_GetGpuInfoCount
GFSDK_Aftermath_GpuCrashDump_GetJSON
GFSDK_Aftermath_GpuCrashDump_GetPageFaultInfo
GFSDK_Aftermath_GpuCrashDump_GetSystemInfo
GFSDK_Aftermath_ReleaseContextHandle
GFSDK_Aftermath_SetEventMarker
GetShaderDebugName
GetShaderDebugNameSpirv
GetShaderHashForShaderInfo
GetShaderHashSpirv

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 490KB - Virtual size: 489KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 125KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6444cd8b00f7b259ecc779ee4740ff5

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

59:dd:d2:bf:a6:72:e1:01:5a:f0:0f:f1Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

e2:ce:75:29:92:f3:e3:2e:25:6d:a1:cd:bb:cf:3c:93:62:11:1f:4c:00:1f:de:3d:f3:b4:7b:fd:a6:a7:7a:04Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

kernel32

ole32

oleaut32

advapi32

msvcp140

vcruntime140

vcruntime140_1

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 490KB - Virtual size: 489KB

.data Size: 125KB - Virtual size: 161KB

.pdata Size: 37KB - Virtual size: 36KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 13KB - Virtual size: 13KB

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

59:dd:d2:bf:a6:72:e1:01:5a:f0:0f:f1
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

e2:ce:75:29:92:f3:e3:2e:25:6d:a1:cd:bb:cf:3c:93:62:11:1f:4c:00:1f:de:3d:f3:b4:7b:fd:a6:a7:7a:04
Signer

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 490KB - Virtual size: 489KB

.data
Size: 125KB - Virtual size: 161KB

.pdata
Size: 37KB - Virtual size: 36KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 13KB - Virtual size: 13KB