dbcc4dfa51f18c523ea677699a0399dcf0c7551492800835587c1cec7848c3b1

Sharing

Copy URL

Twitter E-mail

General

Target

dbcc4dfa51f18c523ea677699a0399dcf0c7551492800835587c1cec7848c3b1
Size

5.8MB
MD5

13b3860a2827e505cb6de1418f640b16
SHA1

d48f434491b197234337d6751166ac539e9dc650
SHA256

dbcc4dfa51f18c523ea677699a0399dcf0c7551492800835587c1cec7848c3b1
SHA512

1a3e74879ecf8ea503d56a871eb8a526dbd3e145521b0ca21530b58e30c566ea64bc4ca2991ac16a975341e888357f40ab76912f1c684fbcd2226f280bca1f63
SSDEEP

98304:1ALz1JdBgUZrjJeVcqdYwyQ50Fk8ou3xUEBS9/RZJUGXjZvYHiUYDt:1AzPzgUZrt54Yj20Fk8oLEBSZRfUGT6I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
dbcc4dfa51f18c523ea677699a0399dcf0c7551492800835587c1cec7848c3b1

Files

dbcc4dfa51f18c523ea677699a0399dcf0c7551492800835587c1cec7848c3b1
.exe windows:4 windows x86 arch:x86

24f4223e271413c25abad52fd456a9bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
SetCurrentDirectoryW
GetFileAttributesW
SetEnvironmentVariableW
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
GetVersion
SetErrorMode
lstrlenW
lstrcpynW
CopyFileW
MoveFileW
GlobalLock
CreateThread
GetLastError
CreateDirectoryW
CreateProcessW
RemoveDirectoryW
lstrcmpiA
GetTempFileNameW
WriteFile
lstrcpyA
MoveFileExW
lstrcatW
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
lstrcmpiW
lstrcmpW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
ExpandEnvironmentStringsW
GlobalFree
GlobalUnlock
GetDiskFreeSpaceW
GlobalAlloc
DeleteFileW
FindFirstFileW
FindNextFileW
FindClose
SetFilePointer
ReadFile
MulDiv
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
WritePrivateProfileStringW
FreeLibrary
GetPrivateProfileStringW
GetModuleHandleW
LoadLibraryExW

user32

GetWindowRect
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongW
SetCursor
LoadCursorW
CheckDlgButton
GetMessagePos
CallWindowProcW
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
ScreenToClient
EnableMenuItem
GetDlgItem
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharPrevW
CharNextA
wsprintfA
DispatchMessageW
PeekMessageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
SystemParametersInfoW
EndDialog
RegisterClassW
DialogBoxParamW
CreateWindowExW
GetClassInfoW
DestroyWindow
CharNextW
ExitWindowsEx
SetWindowTextW
LoadImageW
SetTimer
ShowWindow
PostQuitMessage
wsprintfW
SetWindowLongW
FindWindowExW
IsWindow
CreatePopupMenu
AppendMenuW
GetSystemMetrics
DrawTextW
EndPaint
CreateDialogParamW
SendMessageTimeoutW
SetForegroundWindow

gdi32

SelectObject
SetTextColor
SetBkMode
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
GetDeviceCaps
SetBkColor

shell32

ShellExecuteExW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFileInfoW
SHFileOperationW
SHBrowseForFolderW

advapi32

AdjustTokenPrivileges
RegCreateKeyExW
RegOpenKeyExW
SetFileSecurityW
OpenProcessToken
LookupPrivilegeValueW
RegEnumValueW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegEnumKeyW

comctl32

ImageList_Create
ImageList_AddMasked
ord17
ImageList_Destroy

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 380KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/JsisPlugins.dll
.dll windows:6 windows x86 arch:x86

bcb2b0b7e3ad7db4b14b8c68c2a9f8c2

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:35:60:3f:7a:88:8a:e1:6c:05:b0:0f:15:3c:c6:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

16-09-2022 00:00

Not After

17-09-2025 23:59

Subject

CN=AVG Technologies USA\, LLC,O=AVG Technologies USA\, LLC,L=Redwood City,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

85:7e:be:bf:ad:20:4e:83:09:47:17:74:71:ee:ae:9e:47:08:b0:b0:69:9c:e1:cf:36:a4:dc:11:20:7a:1f:28
Signer

Actual PE Digest

85:7e:be:bf:ad:20:4e:83:09:47:17:74:71:ee:ae:9e:47:08:b0:b0:69:9c:e1:cf:36:a4:dc:11:20:7a:1f:28

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\work\893f00f663353e48\bin\x86\MinSizeRel\JsisPlugins.pdb

Imports

kernel32

CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
VirtualAlloc
VirtualFree
WriteFile
ResetEvent
GetCurrentThreadId
CreatePipe
CloseHandle
ReadFile
LoadLibraryW
GetProcAddress
FindResourceW
FileTimeToSystemTime
CompareFileTime
GetFileSizeEx
SizeofResource
LockResource
LoadResource
LoadLibraryExW
GetModuleHandleW
FreeLibrary
CreateFileW
InitializeCriticalSectionEx
GetLastError
RaiseException
DecodePointer
OutputDebugStringW
WideCharToMultiByte
MultiByteToWideChar
lstrcpyW
lstrcpynW
GlobalFree
GlobalAlloc
VerifyVersionInfoW
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
ReadConsoleW
GetConsoleMode
GetConsoleCP
EnumSystemLocalesW
GetUserDefaultLCID
GetACP
CreateProcessW
GetThreadPriority
SetThreadPriority
CreateEventW
WaitForSingleObject
DeleteCriticalSection
SetEvent
IsValidLocale
GetLocaleInfoW
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
ReleaseSRWLockShared
AcquireSRWLockShared
TryAcquireSRWLockExclusive
TryAcquireSRWLockShared
GetCPInfoExW
GetStringTypeW
InitOnceBeginInitialize
InitOnceComplete
WaitForSingleObjectEx
Sleep
SwitchToThread
GetExitCodeThread
GetNativeSystemInfo
QueryPerformanceCounter
QueryPerformanceFrequency
FormatMessageA
LocalFree
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
FindClose
FindFirstFileExW
FindNextFileW
GetDiskFreeSpaceExW
GetFileAttributesW
GetFileAttributesExW
GetFileInformationByHandle
GetFinalPathNameByHandleW
GetFullPathNameW
SetEndOfFile
SetFileAttributesW
SetFileInformationByHandle
SetFilePointerEx
SetFileTime
GetTempPathW
AreFileApisANSI
DeviceIoControl
CreateDirectoryExW
CopyFileW
MoveFileExW
CreateHardLinkW
GetFileInformationByHandleEx
CreateSymbolicLinkW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
InitOnceExecuteOnce
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
CreateEventExW
CreateSemaphoreExW
FlushProcessWriteBuffers
GetCurrentProcessorNumber
GetSystemTimeAsFileTime
GetTickCount64
FreeLibraryWhenCallbackReturns
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWait
EncodePointer
CompareStringEx
GetCPInfo
LCMapStringEx
GetLocaleInfoEx
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
InitializeSListHead
GetCommandLineW
GetFileTime
SetLastError
GetExitCodeProcess
GetProcessId
OpenProcess
GetSystemDirectoryW
IsWow64Process
GetModuleFileNameW
LocalAlloc
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetVolumePathNameW
GetVolumeNameForVolumeMountPointW
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
GetVersion
FindResourceExW
FlushFileBuffers
GetTickCount
GetSystemTime
SystemTimeToFileTime
GetFileSize
LockFileEx
UnlockFile
HeapCompact
GetSystemInfo
DeleteFileW
DeleteFileA
LoadLibraryA
CreateFileA
FlushViewOfFile
GetFileAttributesA
GetDiskFreeSpaceA
FormatMessageW
GetTempPathA
HeapValidate
CreateMutexW
UnlockFileEx
GetFullPathNameA
SetFilePointer
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
HeapCreate
InitializeCriticalSection
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitProcess
GetModuleHandleExW
CreateThread
ExitThread
ResumeThread
FreeLibraryAndExitThread
GetCurrentThread
SetConsoleCtrlHandler
GetStdHandle
GetFileType
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
VerSetConditionMask

user32

FindWindowExW
GetWindowThreadProcessId
SendMessageTimeoutW
UnregisterClassW
wsprintfW
IsWindowVisible
IsWindow
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
EnumWindows
GetWindowLongW
MessageBoxW
GetWindowRect
EnableMenuItem
GetSystemMenu
SetDlgItemTextW
GetDlgItem
SetWindowPos
MoveWindow
ShowWindow
PostQuitMessage
DefWindowProcW
PostMessageW
DispatchMessageW
TranslateMessage
GetMessageW
GetShellWindow
LoadCursorW
GetMonitorInfoW
MonitorFromPoint
RegisterClassExW
CreateWindowExW
SetWindowLongW
RegisterWindowMessageW

ole32

CoCreateGuid
OleInitialize
OleUninitialize
StringFromGUID2
CoCreateInstance
CoTaskMemFree

crypt32

CryptHashCertificate
CertFreeCertificateContext
CertFindCertificateInStore
CertCloseStore
CryptMsgGetParam
CryptMsgClose
CryptQueryObject

wintrust

WinVerifyTrust

shell32

ord680
SHGetKnownFolderPath
SHCreateItemFromParsingName
ShellExecuteExW

oleaut32

VariantInit
VariantCopy
SysFreeString
SysAllocString
VariantClear
VariantTimeToSystemTime

advapi32

ConvertStringSidToSidA
RegCloseKey
RegCreateKeyExW
RegCreateKeyTransactedW
RegDeleteKeyExW
RegDeleteKeyTransactedW
RegDeleteValueW
RegOpenKeyExW
RegOpenKeyTransactedW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
RegEnumKeyExW
RegEnumValueW
OpenProcessToken
AdjustTokenPrivileges
DuplicateTokenEx
LookupPrivilegeValueW
CreateProcessWithTokenW
ConvertStringSecurityDescriptorToSecurityDescriptorW
CopySid
GetLengthSid
GetTokenInformation
IsValidSid
LookupAccountNameA
ConvertSidToStringSidA

shlwapi

AssocQueryStringA

secur32

GetUserNameExW

rpcrt4

UuidToStringA
UuidCreate
UuidFromStringA

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationA

Exports

Exports

nsisBrowser_Chrome_GetActiveDaysInPeriod
nsisBrowser_Chrome_GetLastVisitTimestamp
nsisBrowser_Chrome_GetTotalVisitsInPeriod
nsisBrowser_Chrome_GetUniqueVisitsInPeriod
nsisBrowser_EdgeV2_GetActiveDaysInPeriod
nsisBrowser_EdgeV2_GetLastVisitTimestamp
nsisBrowser_EdgeV2_GetTotalVisitsInPeriod
nsisBrowser_EdgeV2_GetUniqueVisitsInPeriod
nsisBrowser_Edge_GetSearchEngines
nsisBrowser_Mozilla_GetActiveDaysInPeriod
nsisBrowser_Mozilla_GetLastVisitTimestamp
nsisBrowser_Mozilla_GetTotalVisitsInPeriod
nsisBrowser_Mozilla_GetUniqueVisitsInPeriod
nsisBrowser_Mozilla_Mozlz4DecompressFileToFile
nsisBrowser_Msie_GetActiveDaysInPeriod
nsisBrowser_Msie_GetLastVisitTimestamp
nsisBrowser_Msie_GetTotalVisitsInPeriod
nsisBrowser_Msie_GetUniqueVisitsInPeriod
nsisBrowser_Opera_GetActiveDaysInPeriod
nsisBrowser_Opera_GetLastVisitTimestamp
nsisBrowser_Opera_GetTotalVisitsInPeriod
nsisBrowser_Opera_GetUniqueVisitsInPeriod
nsisBrowser_SafeZone_GetActiveDaysInPeriod
nsisBrowser_SafeZone_GetLastVisitTimestamp
nsisBrowser_SafeZone_GetLogActivityCount
nsisBrowser_SafeZone_GetTotalVisitsInPeriod
nsisBrowser_SafeZone_GetUniqueVisitsInPeriod
nsisPlugin_GetLoggingSeverity
nsisPlugin_Help
nsisPlugin_Init
nsisPlugin_RegisterLoggingCallback
nsisPlugin_SetLoggingSeverity
nsisPlugin_TestLoggingCallback
nsisSciterUI_AnimateBuffers
nsisSciterUI_AppendValue
nsisSciterUI_CenterWindowOnPrimaryDisplay
nsisSciterUI_ChangeDefaultValue
nsisSciterUI_ChangeLanguage
nsisSciterUI_ChangeOverrideValue
nsisSciterUI_ChangeProgressTask
nsisSciterUI_ChangeValue
nsisSciterUI_HideWindow
nsisSciterUI_HideWindowBorder
nsisSciterUI_Init
nsisSciterUI_LoadPage
nsisSciterUI_MessageBox
nsisSciterUI_MinimizeWindow
nsisSciterUI_Reset
nsisSciterUI_RestoreWindow
nsisSciterUI_ShowWindow
nsisSciterUI_ShowWindowBorder
nsisSciterUI_Shutdown
nsisSciterUI_SwapBuffers
nsisSciterUI_TriggerUpdate
nsisSciterUI_WaitForSingleEvent
nsisSystem_Hardware_GetMidexUuid
nsisSystem_Process_Close
nsisSystem_Process_Count
nsisSystem_Process_DeleteSelf
nsisSystem_Process_DeleteSelfEx
nsisSystem_Process_Exists
nsisSystem_Process_Terminate
nsisSystem_SchTasks_Process
nsisUtilities_OSUtils_CreateProcess
nsisUtilities_OSUtils_CreateProcessFromTrustedExecutable
nsisUtilities_OSUtils_CreateProcessFromTrustedExecutableEx
nsisUtilities_OSUtils_CreateProcessUnelevated
nsisUtilities_OSUtils_CreateRestrictedFolder
nsisUtilities_OSUtils_GetOsBuild
nsisUtilities_OSUtils_GetOsFullVersion
nsisUtilities_OSUtils_GetOsVersion
nsisUtilities_OSUtils_HasVisibleWindow
nsisUtilities_OSUtils_IsPinnedToTaskbar
nsisUtilities_OSUtils_UnpinShortcut
nsisUtilities_OSUtils_VerifyTrust
nsisUtilities_OSUtils_VerifyTrustEx
nsisUtilities_TagData_Extract

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 458KB - Virtual size: 457KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/Midex.dll
.dll windows:5 windows x86 arch:x86

a41019eae6c79e0cc9e9c9ed3b9687a0

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:35:60:3f:7a:88:8a:e1:6c:05:b0:0f:15:3c:c6:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

16-09-2022 00:00

Not After

17-09-2025 23:59

Subject

CN=AVG Technologies USA\, LLC,O=AVG Technologies USA\, LLC,L=Redwood City,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

51:0f:0f:22:2d:1f:b2:3b:b3:81:89:4a:45:ed:05:78:e4:55:11:3a:ab:ce:8d:a7:de:9b:89:b0:2a:2a:07:f3
Signer

Actual PE Digest

51:0f:0f:22:2d:1f:b2:3b:b3:81:89:4a:45:ed:05:78:e4:55:11:3a:ab:ce:8d:a7:de:9b:89:b0:2a:2a:07:f3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\work\3db0bf373ac3fc9b\Release Midex\Midex.pdb

Imports

kernel32

lstrcpynW
MultiByteToWideChar
GlobalAlloc
WideCharToMultiByte
HeapFree
EnterCriticalSection
DeviceIoControl
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetVolumePathNameW
CreateFileW
GetSystemDirectoryW
UnmapViewOfFile
HeapSize
GetVersion
GetVolumeNameForVolumeMountPointW
GetLastError
HeapReAlloc
CloseHandle
RaiseException
HeapAlloc
DecodePointer
HeapDestroy
GetProcAddress
DeleteCriticalSection
GetProcessHeap
GetModuleHandleW
MapViewOfFile
WriteConsoleW
FlushFileBuffers
SetFilePointerEx
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
RtlUnwind
InterlockedFlushSList
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetACP
GetStdHandle
GetFileType
GetStringTypeW
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
WriteFile
GetConsoleCP
GetConsoleMode

user32

wsprintfW

Exports

Exports

midex

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/jsis.dll
.dll windows:5 windows x86 arch:x86

5809b57e871b146bd3a9782d4448492e

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:35:60:3f:7a:88:8a:e1:6c:05:b0:0f:15:3c:c6:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

16-09-2022 00:00

Not After

17-09-2025 23:59

Subject

CN=AVG Technologies USA\, LLC,O=AVG Technologies USA\, LLC,L=Redwood City,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

64:64:0a:3c:52:c6:78:7d:6f:c3:96:63:6a:df:f6:cc:9f:07:dc:b7:2a:1d:98:80:ae:c1:d6:8e:d3:36:f3:56
Signer

Actual PE Digest

64:64:0a:3c:52:c6:78:7d:6f:c3:96:63:6a:df:f6:cc:9f:07:dc:b7:2a:1d:98:80:ae:c1:d6:8e:d3:36:f3:56

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\work\f369f300b8043bce\plugins\src\jsis\build\Release Unicode\jsis.pdb

Imports

uxtheme

SetWindowTheme

shlwapi

StrStrA
StrStrIW
StrStrIA
StrStrW

wininet

InternetQueryOptionW
InternetReadFile
HttpQueryInfoW
HttpSendRequestW
HttpOpenRequestW
InternetSetOptionW
InternetCrackUrlW
InternetCloseHandle
InternetOpenW
InternetConnectW

kernel32

lstrlenW
CreateFileW
GetFileAttributesW
MultiByteToWideChar
WideCharToMultiByte
lstrcpynW
lstrcpyW
GetStdHandle
AllocConsole
FreeConsole
AttachConsole
ExitProcess
SetUnhandledExceptionFilter
SetErrorMode
SetFilePointer
GetLocalTime
lstrcmpW
FindClose
FindFirstFileW
FindNextFileW
GetLocaleInfoW
GetUserDefaultUILanguage
CloseHandle
DeleteFileW
FreeLibrary
GetProcAddress
GetVersion
LocalAlloc
LocalFree
GetCurrentProcess
GetExitCodeProcess
GetProcessId
WaitForSingleObject
GetTickCount
lstrcmpiW
LoadLibraryW
CreateProcessW
WTSGetActiveConsoleSessionId
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetLongPathNameW
OpenProcess
ReleaseMutex
GetSystemTime
SystemTimeToFileTime
CreateMutexW
GetModuleFileNameW
GetModuleHandleW
GetCommandLineW
GetTempPathW
GetTempFileNameW
SetCurrentDirectoryW
GetCurrentDirectoryW
MoveFileExW
GetVersionExA
IsWow64Process
GetGeoInfoW
ReadFile
lstrlenA
SetLastError
IsDebuggerPresent
CheckRemoteDebuggerPresent
WriteFile
GetFileSize
lstrcatW
GetLastError
GlobalFree
GlobalReAlloc
GlobalAlloc
lstrcpynA
GetUserGeoID

user32

SetFocus
GetSystemMetrics
GetSystemMenu
EnableMenuItem
SetForegroundWindow
LockSetForegroundWindow
GetWindowTextW
GetClientRect
GetWindowRect
SetCursor
HideCaret
GetWindowLongW
SetWindowLongW
LoadCursorW
DestroyIcon
LoadImageW
SystemParametersInfoW
CharUpperW
GetCursorPos
DestroyCaret
ScreenToClient
DefWindowProcW
CallWindowProcW
IsWindow
DrawTextExW
GetDC
ReleaseDC
MapWindowPoints
MapDialogRect
GetWindowPlacement
IsWindowVisible
GetParent
SendMessageW
MessageBoxW
wsprintfW
wsprintfA
wvsprintfW
SetWindowPos
ShowWindow
SendMessageTimeoutW
TrackMouseEvent
CharLowerW
GetWindowThreadProcessId
EnumWindows
GetKeyState
AllowSetForegroundWindow

gdi32

GetCharWidthW
SelectObject
GetTextExtentPoint32W
GetDeviceCaps
DeleteObject

advapi32

LookupAccountNameW
LookupAccountSidW
FreeSid
AllocateAndInitializeSid
IsValidSid
CreateWellKnownSid
GetTokenInformation
OpenProcessToken
RegQueryValueExW
RegEnumKeyW
GetUserNameW
RegSetValueExW
RegCreateKeyW
ConvertStringSidToSidW
ConvertSidToStringSidW
CheckTokenMembership
DuplicateTokenEx
CreateProcessAsUserW
RegCloseKey
RegOpenKeyExW

shell32

SHGetFolderPathW
ShellExecuteExW

ole32

CoCreateGuid
StringFromGUID2

Exports

Exports

Int64Op
nsAddExStyle
nsAddFatalTrackingParam
nsAddInternalLogAnonymizeRule
nsAddInternalLogFilter
nsAddStyle
nsBumpWindow
nsCharCodeAt
nsCharLower
nsCharUpper
nsClearFatalTrackingParams
nsClearInternalLog
nsClearLoadedText
nsCloseLog
nsCloseTrace
nsConsoleAppend
nsConsoleAttach
nsConsoleDetach
nsConsoleLog
nsCrash
nsCreateMutex
nsDamm
nsDebugEnter
nsDebugLeave
nsDestructureMsgfilter
nsDetectVM
nsDu2px
nsEnableClose
nsEscapeNonAscii
nsExecAsync
nsExecAsyncClose
nsExecAsyncGetExitCode
nsExecAsyncGetPid
nsExecLogonUser
nsExtractTagData
nsFatal
nsFindProcessWindow
nsFreeBitmap
nsFreeIcon
nsGetClientSize
nsGetCommandLine
nsGetCurSelText
nsGetCurrentDirectory
nsGetCurrentProcess
nsGetDPI
nsGetDiskUsage
nsGetGeoCountryCode
nsGetInternalLogMessage
nsGetLocalTime
nsGetLocaleInfo
nsGetLogonSid
nsGetLongPathName
nsGetOwnerSid
nsGetParentWindow
nsGetPosition
nsGetProcessInfo
nsGetScreenSize
nsGetSize
nsGetSystemTime
nsGetTextExtent
nsGetUnixTimeString
nsGetUnixTimeStringLocal
nsGetUserDefaultGeoName
nsGetUserDefaultUILanguage
nsGetUserNameFromSid
nsGetUtcTimeString
nsGetWindowLong
nsGetWindowPos
nsGetWindowSize
nsGetWindowText
nsGetWindowsVersion
nsGetWorkArea
nsHideCaret
nsI18nAddSupportedLanguage
nsI18nChooseLcid
nsI18nGetChromiumLocale
nsI18nGetComboBoxSelectedLanguage
nsI18nLcidToLocale
nsI18nPopulateComboBox
nsI18nSortLanguagesByName
nsI18nTranslateLangName
nsInetAddParam
nsInetAddRawPostData
nsInetReset
nsInetSend
nsInit
nsInitLog
nsInitTrace
nsIsElevated
nsIsMaximized
nsIsMinimized
nsIsVisible
nsIsWow64Process
nsJsisStashLocalVars
nsJsisUnstashLocalVars
nsJsonify
nsLoadAndSetImage
nsLoadRichEdit
nsLoadTextFromFile
nsLockSetForegroundWindow
nsLogMessage
nsLogNsisStack
nsLstrcmp
nsLstrcmpi
nsMaximize
nsMessageBox
nsMinimize
nsMoveFileEx
nsMuiLoadImage
nsOwnerIsAdmin
nsPostInternalLog
nsPx2du
nsRelaunch
nsRelaunchClose
nsRelaunchWait
nsReleaseMutex
nsRemoveExStyle
nsRemoveStyle
nsRemoveWindowTheme
nsReopenLog
nsReopenTrace
nsReplaceInLoadedText
nsRestore
nsRichEditBuilderAddLink
nsRichEditBuilderAddText
nsRichEditBuilderEnd
nsRichEditBuilderLoadString
nsRichEditBuilderSetAlignment
nsRichEditBuilderSetColor
nsRichEditBuilderSetColorHex
nsRichEditBuilderSetFontSize
nsRichEditBuilderSetHighlight
nsRichEditBuilderSetHighlightHex
nsRichEditBuilderStart
nsRichEditClearSelection
nsRichEditDisableTextSelection
nsRichEditLoadFile
nsRichEditSetLinkHandler
nsRichEditSupportTabOrder
nsSaveLoadedText
nsSetClientSize
nsSetCurrentDirectory
nsSetFatalExitCode
nsSetFatalMessage
nsSetFatalTrackingUrl
nsSetFocus
nsSetInternalLogLevel
nsSetMouseCursor
nsSetPosition
nsSetSize
nsSetStretchedButtonImage
nsSetStretchedImage
nsSetWindowCursor
nsSetWindowLong
nsSetWindowPos
nsStackDelete
nsStackInsert
nsStackRead
nsStackSize
nsSubclass
nsSuppressCrashDialog
nsTrackMouseEvent
nsUnsubclass
nsUuid
nsWaitForProcess
nsWriteRegMultiSz

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsJSON.dll
.dll windows:5 windows x86 arch:x86

8338bb74c0af59997e6958029dda6f79

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:35:60:3f:7a:88:8a:e1:6c:05:b0:0f:15:3c:c6:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

16-09-2022 00:00

Not After

17-09-2025 23:59

Subject

CN=AVG Technologies USA\, LLC,O=AVG Technologies USA\, LLC,L=Redwood City,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

26:33:54:9e:86:6e:c8:c2:95:00:b6:34:25:0d:80:73:62:93:29:ac:29:51:e6:ae:bd:d6:a0:ae:74:4e:11:df
Signer

Actual PE Digest

26:33:54:9e:86:6e:c8:c2:95:00:b6:34:25:0d:80:73:62:93:29:ac:29:51:e6:ae:bd:d6:a0:ae:74:4e:11:df

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\work\7c64e6304ba228bc\Plugins\nsJSON.pdb

Imports

wininet

HttpSendRequestW
InternetOpenW
InternetQueryDataAvailable
InternetCloseHandle
InternetConnectW
InternetSetOptionW
InternetReadFile
HttpAddRequestHeadersW
InternetCrackUrlW
HttpQueryInfoW
HttpOpenRequestW

kernel32

lstrcmpW
lstrcpynW
GetExitCodeProcess
CreateProcessW
CreateThread
lstrcatW
GetLastError
FormatMessageW
GetModuleHandleA
WaitForSingleObject
CreatePipe
SetHandleInformation
ReadFile
lstrlenW
WriteFile
lstrlenA
CreateFileW
MultiByteToWideChar
GlobalAlloc
GlobalFree
CloseHandle
GetFileSize
WideCharToMultiByte
lstrcpyW
lstrcmpiW
GlobalReAlloc

user32

MsgWaitForMultipleObjectsEx
TranslateMessage
IsCharAlphaNumericW
wsprintfW
PeekMessageW
PostMessageW
DispatchMessageW

ole32

StringFromGUID2
CoCreateGuid

Exports

Exports

Delete
Get
GetJsisMember
JsisArrayPush
JsisArrayToStack
JsisCreateHandle
JsisInit
Quote
Serialize
Set
SetEscape
SetJsisMembers
Sort
Wait

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_106_
.dll windows:6 windows x86 arch:x86

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:35:60:3f:7a:88:8a:e1:6c:05:b0:0f:15:3c:c6:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

16-09-2022 00:00

Not After

17-09-2025 23:59

Subject

CN=AVG Technologies USA\, LLC,O=AVG Technologies USA\, LLC,L=Redwood City,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e0:2c:a4:34:4a:2d:ad:38:04:38:1d:bc:13:dd:6b:4e:a1:ed:ea:ee:ab:59:9c:39:8e:54:08:43:93:92:13:cc
Signer

Actual PE Digest

e0:2c:a4:34:4a:2d:ad:38:04:38:1d:bc:13:dd:6b:4e:a1:ed:ea:ee:ab:59:9c:39:8e:54:08:43:93:92:13:cc

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\work\d58bb94b48143cdc\Contrib\build\out\x86\MinSizeRel\sciterui.pdb

Sections

.rdata
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24f4223e271413c25abad52fd456a9bc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 128KB

.ndata Size: - Virtual size: 380KB

.rsrc Size: 131KB - Virtual size: 130KB

bcb2b0b7e3ad7db4b14b8c68c2a9f8c2

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

04:35:60:3f:7a:88:8a:e1:6c:05:b0:0f:15:3c:c6:fcCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

85:7e:be:bf:ad:20:4e:83:09:47:17:74:71:ee:ae:9e:47:08:b0:b0:69:9c:e1:cf:36:a4:dc:11:20:7a:1f:28Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

ole32

crypt32

wintrust

shell32

oleaut32

advapi32

shlwapi

secur32

rpcrt4

wtsapi32

Exports

Exports

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 458KB - Virtual size: 457KB

.data Size: 49KB - Virtual size: 60KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 72KB - Virtual size: 72KB

a41019eae6c79e0cc9e9c9ed3b9687a0

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

04:35:60:3f:7a:88:8a:e1:6c:05:b0:0f:15:3c:c6:fcCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 128KB

.ndata
Size: - Virtual size: 380KB

.rsrc
Size: 131KB - Virtual size: 130KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

04:35:60:3f:7a:88:8a:e1:6c:05:b0:0f:15:3c:c6:fc
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

85:7e:be:bf:ad:20:4e:83:09:47:17:74:71:ee:ae:9e:47:08:b0:b0:69:9c:e1:cf:36:a4:dc:11:20:7a:1f:28
Signer

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 458KB - Virtual size: 457KB

.data
Size: 49KB - Virtual size: 60KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 72KB - Virtual size: 72KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

04:35:60:3f:7a:88:8a:e1:6c:05:b0:0f:15:3c:c6:fc
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

51:0f:0f:22:2d:1f:b2:3b:b3:81:89:4a:45:ed:05:78:e4:55:11:3a:ab:ce:8d:a7:de:9b:89:b0:2a:2a:07:f3
Signer

.text
Size: 78KB - Virtual size: 78KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

04:35:60:3f:7a:88:8a:e1:6c:05:b0:0f:15:3c:c6:fc
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

64:64:0a:3c:52:c6:78:7d:6f:c3:96:63:6a:df:f6:cc:9f:07:dc:b7:2a:1d:98:80:ae:c1:d6:8e:d3:36:f3:56
Signer

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 32KB - Virtual size: 38KB

.rsrc
Size: 1024B - Virtual size: 704B

.reloc
Size: 6KB - Virtual size: 6KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

04:35:60:3f:7a:88:8a:e1:6c:05:b0:0f:15:3c:c6:fc
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate