854162a9cd2ee149fea14a95c8656a20_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

854162a9cd2ee149fea14a95c8656a20_NeikiAnalytics.exe
Size

739KB
MD5

854162a9cd2ee149fea14a95c8656a20
SHA1

a0b3dcce559177ae24dd1fd1b7bc79992a3512ed
SHA256

2cf53e17733d8ed81aba22f9e18d3954f1dbdaa311d853826ee68a04958ea82c
SHA512

10f6244ce692d1ae8aed621c7a0c9dc1cffd50c064d5f6e16d14397045b8e19a9996d2f49386b6aa2625e60c43975ff7b8cf3502d3603c7f22a47f807e73ebed
SSDEEP

12288:solwTeDvMWdpf0L6iaOsXdUhSaoXF+VKzx4n:kif0LHvsXEKzin

Score

1^/10

Malware Config

Signatures

Files

854162a9cd2ee149fea14a95c8656a20_NeikiAnalytics.exe
.exe windows:6 windows x64 arch:x64

ec69b0891b244df60ad31ec02cd93162

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

20:9b:db:ea:f1:6c:06:f5:54:4a:b9:a1:bf:d3:2c:38
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

29/10/2013, 00:00

Not After

27/01/2017, 23:59

Subject

CN=Samsung Electronics CO.\, LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Samsung Electronics CO.\, LTD.,L=Suwon,ST=Kyungki-Do,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d6:c8:d5:69:4e:bc:47:74:b6:71:56:72:8c:82:fe:94:51:0d:44:85
Signer

Actual PE Digest

d6:c8:d5:69:4e:bc:47:74:b6:71:56:72:8c:82:fe:94:51:0d:44:85

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\SVN\CodeTrunkReleaseWin32-x64\Output\x64\Release\SLSign.pdb

Imports

msvcr120

_initterm_e
memset
_wdupenv_s
_initterm
__C_specific_handler
_wcmdln
_fmode
_commode
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
__crt_debugger_hook
floorf
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__crtSetUnhandledExceptionFilter
__crtCapturePreviousContext
__crtCaptureCurrentContext
__crtTerminateProcess
__setusermatherr
_configthreadlocale
_cexit
_exit
exit
__set_app_type
__wgetmainargs
_amsg_exit
__crtGetShowWindowMode
_XcptFilter
memcpy
__CxxFrameHandler3
_CxxThrowException
memchr
_vsnwprintf_s
_vscwprintf
toupper
tolower
wcsncmp
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?_NewCollection@_AsyncTaskCollection@details@Concurrency@@SAPEAV123@PEAV_CancellationTokenState@23@@Z
?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPEAX@Z0@Z
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?_GetCurrentInlineDepth@_StackGuard@details@Concurrency@@CAAEA_KXZ
?_Schedule@_TaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@@Z
?_Cancel@_TaskCollection@details@Concurrency@@QEAAXXZ
?_RunAndWait@_TaskCollection@details@Concurrency@@QEAA?AW4_TaskCollectionStatus@23@PEAV_UnrealizedChore@23@@Z
?Free@Concurrency@@YAXPEAX@Z
??0event@Concurrency@@QEAA@XZ
??1event@Concurrency@@QEAA@XZ
?wait@event@Concurrency@@QEAA_KI@Z
?set@event@Concurrency@@QEAAXXZ
??0invalid_operation@Concurrency@@QEAA@PEBD@Z
??0critical_section@Concurrency@@QEAA@XZ
??1critical_section@Concurrency@@QEAA@XZ
??0scoped_lock@critical_section@Concurrency@@QEAA@AEAV12@@Z
??1scoped_lock@critical_section@Concurrency@@QEAA@XZ
?Alloc@Concurrency@@YAPEAX_K@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
_resetstkoflw
?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
??0exception@std@@QEAA@AEBV01@@Z
??0exception@std@@QEAA@AEBQEBDH@Z
??0exception@std@@QEAA@XZ
??1exception@std@@UEAA@XZ
?what@exception@std@@UEBAPEBDXZ
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
wcscpy_s
wcscat_s
memcpy_s
_recalloc
wcsstr
malloc
wcsncpy_s
_wtoi
?terminate@@YAXXZ
_purecall
??_U@YAPEAX_K@Z
memmove
??2@YAPEAX_K@Z
??_V@YAXPEAX@Z
??3@YAXPEAX@Z
free
__crtUnhandledException
memcmp

mfc120u

ord8612
ord10584
ord10958
ord10044
ord3266
ord3265
ord3029
ord480
ord3713
ord6222
ord4681
ord6152
ord2145
ord3670
ord7720
ord1086
ord8782
ord2655
ord13256
ord5902
ord11687
ord10607
ord1088
ord875
ord1364
ord6189
ord450
ord11729
ord8807
ord7123
ord2472
ord4313
ord7925
ord13620
ord8389
ord13626
ord7080
ord2302
ord5144
ord3130
ord4987
ord8990
ord13932
ord961
ord1425
ord7066
ord7281
ord5267
ord5455
ord8922
ord5243
ord296
ord1498
ord1496
ord4652
ord14136
ord261
ord11957
ord258
ord3101
ord6405
ord2861
ord13886
ord8043
ord8298
ord4541
ord12313
ord2218
ord473
ord4682
ord13723
ord6744
ord4035
ord3014
ord8698
ord6153
ord1050
ord4052
ord3122
ord8707
ord6488
ord1419
ord3556
ord12991
ord8937
ord5141
ord4455
ord8331
ord1108
ord6205
ord6516
ord4291
ord1154
ord6244
ord8703
ord3054
ord2865
ord3705
ord2647
ord4918
ord2673
ord13058
ord7434
ord8949
ord9040
ord7282
ord5024
ord2372
ord7940
ord2433
ord6215
ord12652
ord4677
ord6164
ord4401
ord2274
ord7600
ord1445
ord2249
ord2231
ord2180
ord2170
ord937
ord11775
ord11807
ord7802
ord11795
ord5608
ord3688
ord6946
ord2136
ord2233
ord12968
ord3685
ord13404
ord6024
ord14147
ord6025
ord14148
ord6023
ord14146
ord7603
ord12082
ord13947
ord11539
ord11538
ord1969
ord11583
ord7552
ord12495
ord3906
ord3968
ord8970
ord14074
ord7534
ord14068
ord12093
ord12092
ord2397
ord5087
ord7905
ord12414
ord12476
ord10005
ord11803
ord7966
ord8049
ord9822
ord5458
ord365
ord1056
ord280
ord2879
ord285
ord5611
ord3908
ord2228
ord4612
ord1636
ord286
ord1030
ord2308
ord2304
ord7071
ord987
ord11724
ord3236
ord3237
ord3161
ord3769
ord11680
ord2587
ord5625
ord13213
ord11280
ord6527
ord14075
ord7535
ord14069
ord2925
ord4308
ord9265
ord5484
ord4316
ord4748
ord4713
ord4706
ord4744
ord4771
ord4722
ord4755
ord4767
ord4730
ord4734
ord4738
ord4726
ord4759
ord4718
ord1714
ord1705
ord1709
ord1701
ord1689
ord11813
ord11815
ord13372
ord3131
ord8828
ord10571
ord6625
ord11776
ord8537
ord14067
ord11499
ord3675
ord11645
ord8711
ord11289
ord11288
ord5355
ord9860
ord9856
ord9858
ord9859
ord9857
ord1449
ord980
ord939
ord2656
ord7795
ord9827
ord3167
ord3170
ord13260
ord5904
ord5818
ord8781
ord7804
ord2328
ord5131
ord7337
ord7347
ord7346
ord4970
ord5133
ord4990
ord4299

kernel32

MultiByteToWideChar
GetProcAddress
lstrcmpiW
GetUserDefaultLocaleName
SetEvent
GetCurrentThreadId
GetPrivateProfileStringW
GetUserDefaultUILanguage
GetModuleHandleExA
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
CloseHandle
GetCommandLineW
CreateMutexW
OpenProcess
GetExitCodeProcess
TerminateProcess
K32EnumProcesses
K32GetModuleBaseNameW
SizeofResource
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
EncodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleW
LoadLibraryExW
LoadResource
FreeLibrary
WaitForSingleObject
FindResourceW
GetModuleFileNameW
DeleteCriticalSection
DecodePointer
EnterCriticalSection
GetLastError
RaiseException
InitializeCriticalSectionEx
LeaveCriticalSection
GetProcessHeap
HeapAlloc
LockResource
OutputDebugStringW
LocalFree
SetUnhandledExceptionFilter
CreateFileW
GetCurrentProcess
GetLocalTime
GetFileAttributesW
CreateDirectoryW
HeapFree

user32

SetRect
SetParent
GetSystemMenu
IsIconic
AttachThreadInput
DrawIcon
GetClientRect
GetForegroundWindow
LoadIconW
SystemParametersInfoW
EnableMenuItem
GetSystemMetrics
SendMessageW
GetWindowThreadProcessId
CharNextW
PostMessageW
CallWindowProcW
GetPropW
GetParent
GetWindow
SetForegroundWindow
BringWindowToTop
GetDC
ReleaseDC
InvalidateRect
UpdateWindow
SetTimer
KillTimer
CopyRect
IsWindow
CloseWindow
GetFocus
GetWindowLongPtrW
SetPropW
IsWindowUnicode
SetWindowLongPtrW
EnableWindow
DefWindowProcW
SetWindowLongPtrA
MessageBoxW
FindWindowW
RemovePropW

gdi32

GetDeviceCaps
DeleteObject
GetStockObject
CreateFontIndirectW

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW

shell32

SHGetKnownFolderPath
ShellExecuteW
SHGetFolderPathW
SHCreateDirectoryExW

comctl32

InitCommonControlsEx

shlwapi

ord191

ole32

CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoTaskMemRealloc
CoCreateInstance

oleaut32

SysFreeString
DispCallFunc
SysStringLen
VariantClear
LoadTypeLi
VariantInit
LoadRegTypeLi
SysAllocString
SafeArrayAccessData
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayDestroyData
UnRegisterTypeLi
VarUI4FromStr
RegisterTypeLi
SysAllocStringLen
VariantCopy
VariantChangeType

gdiplus

GdipSetTextRenderingHint
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetPixelOffsetMode
GdipSetInterpolationMode
GdipDrawRectangleI
GdipGetPenWidth
GdipFillRectangle
GdipDrawRectangle
GdiplusStartup
GdipCreateFromHDC
GdipDeleteGraphics
GdipCreateStringFormat
GdipDeleteStringFormat
GdipCreateSolidFill
GdipDeleteBrush
GdipFree
GdipAlloc
GdipCloneBrush
GdipDrawString
GdipCreateFromHWND
GdipGetLogFontW
GdipCreateFont
GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipMeasureString
GdipDeleteFont
GdipDisposeImage
GdipCloneImage
GdipCreateBitmapFromGraphics
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGraphicsClear
GdipCreatePen1
GdipDeletePen
GdipSetStringFormatAlign
GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipDrawImageRect
GdipDrawImageI
GdipLoadImageFromStream

msvcp120

?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?_Winerror_map@std@@YAPEBDH@Z
?_Throw_Cpp_error@std@@YAXH@Z
?_Throw_C_error@std@@YAXH@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Release@_Pad@std@@QEAAXXZ
?_Launch@_Pad@std@@QEAAXPEAU_Thrd_imp_t@@@Z
??1_Pad@std@@QEAA@XZ
??0_Pad@std@@QEAA@XZ
?_Xlength_error@std@@YAXPEBD@Z
_Thrd_detach
?_BADOFF@std@@3_JB
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??Bid@locale@std@@QEAA_KXZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
??0?$codecvt@_WDH@std@@QEAA@_K@Z
?_Getcat@?$codecvt@_WDH@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA_N_N@Z
?id@?$codecvt@_WDH@std@@2V0locale@2@A
??_7?$codecvt@_WDH@std@@6B@
??_7codecvt_base@std@@6B@
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
??_7facet@locale@std@@6B@
??_7_Facet_base@std@@6B@
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@N@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
_Mtx_init
_Mtx_lock
_Cnd_wait
_Cnd_broadcast
_Mtx_unlock
_Mtx_destroy
_Cnd_unregister_at_thread_exit
_Cnd_register_at_thread_exit
_Cnd_destroy
?_Rethrow_future_exception@std@@YAXVexception_ptr@1@@Z
?_Future_error_map@std@@YAPEBDH@Z
?_Throw_future_error@std@@YAXAEBVerror_code@1@@Z
?_Xbad_function_call@std@@YAXXZ
_Cnd_init
?_Orphan_all@_Container_base0@std@@QEAAXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ

dbghelp

MiniDumpWriteDump

Sections

.text
Size: 304KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 216KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec69b0891b244df60ad31ec02cd93162

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

20:9b:db:ea:f1:6c:06:f5:54:4a:b9:a1:bf:d3:2c:38Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

d6:c8:d5:69:4e:bc:47:74:b6:71:56:72:8c:82:fe:94:51:0d:44:85Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcr120

mfc120u

kernel32

user32

gdi32

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

msvcp120

dbghelp

Sections

.text Size: 304KB - Virtual size: 304KB

.rdata Size: 145KB - Virtual size: 145KB

.data Size: 24KB - Virtual size: 30KB

.pdata Size: 36KB - Virtual size: 36KB

.rsrc Size: 216KB - Virtual size: 216KB

.reloc Size: 5KB - Virtual size: 5KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

20:9b:db:ea:f1:6c:06:f5:54:4a:b9:a1:bf:d3:2c:38
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

d6:c8:d5:69:4e:bc:47:74:b6:71:56:72:8c:82:fe:94:51:0d:44:85
Signer

.text
Size: 304KB - Virtual size: 304KB

.rdata
Size: 145KB - Virtual size: 145KB

.data
Size: 24KB - Virtual size: 30KB

.pdata
Size: 36KB - Virtual size: 36KB

.rsrc
Size: 216KB - Virtual size: 216KB

.reloc
Size: 5KB - Virtual size: 5KB