0183fb0e39ef9f6f12af00e71dd896d5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0183fb0e39ef9f6f12af00e71dd896d5_JaffaCakes118
Size

1011KB
MD5

0183fb0e39ef9f6f12af00e71dd896d5
SHA1

80bab1a64f2bdbae193b193831cc3a291c9f8574
SHA256

bdcf2f919a6262e96af5d7e243b30ad1ad1168331a052671193ebd9ac415919a
SHA512

43d1279ec274975286cee05e2f90fa403cef82b01edb56985bafd54d27ec5625a4f649f914a5b5ef1990c512fa8599e23d92218f6a07d8bcd1e04ab31f1f0c59
SSDEEP

24576:RVzcQ8verXHvA62kjZZerToUPgDffbj1dT:kQwer3v32iZmMUPqvXT

Score

3^/10

Malware Config

Signatures

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Examples/Scripts/ChangeDataInFile/Project1.exe
unpack001/Examples/Scripts/DLL/Project1.exe
unpack001/Examples/Scripts/RandomSectionNames/Project1.exe
unpack001/Examples/Scripts/ScriptMessages/Project1.exe
unpack001/Examples/Scripts/VMClasses/Project1.exe
unpack001/Examples/Visual C++/VMProtectSDK64.dll

Files

0183fb0e39ef9f6f12af00e71dd896d5_JaffaCakes118
.rar
Examples/Borland C++ Builder/Project1.bpr
.xml
Examples/Borland C++ Builder/Project1.cpp
.js
Examples/Borland C++ Builder/Project1.res
Examples/Borland C++ Builder/Project1.vmp
Examples/Borland C++ Builder/Unit1.cpp
Examples/Borland C++ Builder/Unit1.dfm
Examples/Borland C++ Builder/Unit1.h
Examples/Borland C++ Builder/VMProtectSDK.h
Examples/Delphi/Project1.cfg
Examples/Delphi/Project1.dof
Examples/Delphi/Project1.dpr
Examples/Delphi/Project1.res
Examples/Delphi/Project1.vmp
Examples/Delphi/Unit1.dfm
Examples/Delphi/Unit1.pas
Examples/Delphi/VMProtectBegin.inc
Examples/Delphi/VMProtectEnd.inc
Examples/Lazarus/VMProtectBegin.inc
Examples/Lazarus/VMProtectEnd.inc
Examples/Lazarus/project1.exe.vmp
Examples/Lazarus/project1.lpi
.xml
Examples/Lazarus/project1.lpr
Examples/Lazarus/unit1.lfm
Examples/Lazarus/unit1.lrs
Examples/Lazarus/unit1.pas
Examples/MASM/Project1.asm
Examples/MASM/Project1.inc
Examples/MASM/Project1.vmp
Examples/MASM/VMProtectSDK.inc
Examples/MASM/makeit.bat
Examples/MinGW/Project1.cpp
Examples/MinGW/Project1.vmp
Examples/MinGW/Resource.rc
Examples/MinGW/VMProtectSDK.h
Examples/MinGW/makeit.bat
Examples/MinGW/resource.h
Examples/Scripts/ChangeDataInFile/Project1.exe
.exe windows:4 windows x86 arch:x86

c66dd641d26f212364bd49b09fbc0194

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItemTextA
GetDlgItem
EndDialog
DialogBoxIndirectParamA
SetFocus
MessageBoxA

kernel32

GlobalFree
GlobalAlloc
GetModuleHandleA
ExitProcess
MultiByteToWideChar

Sections

.text
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 370B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Examples/Scripts/ChangeDataInFile/Project1.vmp
Examples/Scripts/ChangeDataInFile/Project1.vms
Examples/Scripts/DLL/Project1.exe
.exe windows:4 windows x86 arch:x86

c66dd641d26f212364bd49b09fbc0194

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItemTextA
GetDlgItem
EndDialog
DialogBoxIndirectParamA
SetFocus
MessageBoxA

kernel32

GlobalFree
GlobalAlloc
GetModuleHandleA
ExitProcess
MultiByteToWideChar

Sections

.text
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 370B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Examples/Scripts/DLL/Project1.vmp
Examples/Scripts/DLL/Project1.vms
Examples/Scripts/DelphiResources/Project1.cfg
Examples/Scripts/DelphiResources/Project1.dof
Examples/Scripts/DelphiResources/Project1.dpr
Examples/Scripts/DelphiResources/Project1.res
Examples/Scripts/DelphiResources/Project1.vmp
Examples/Scripts/DelphiResources/Project1.vms
.js
Examples/Scripts/DelphiResources/Unit1.dfm
Examples/Scripts/DelphiResources/Unit1.pas
Examples/Scripts/DelphiResources/VMProtectBegin.inc
Examples/Scripts/DelphiResources/VMProtectEnd.inc
Examples/Scripts/RandomSectionNames/Project1.exe
.exe windows:4 windows x86 arch:x86

c66dd641d26f212364bd49b09fbc0194

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItemTextA
GetDlgItem
EndDialog
DialogBoxIndirectParamA
SetFocus
MessageBoxA

kernel32

GlobalFree
GlobalAlloc
GetModuleHandleA
ExitProcess
MultiByteToWideChar

Sections

.text
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 370B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Examples/Scripts/RandomSectionNames/Project1.vmp
Examples/Scripts/RandomSectionNames/Project1.vms
Examples/Scripts/ScriptMessages/Project1.exe
.exe windows:4 windows x86 arch:x86

c66dd641d26f212364bd49b09fbc0194

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItemTextA
GetDlgItem
EndDialog
DialogBoxIndirectParamA
SetFocus
MessageBoxA

kernel32

GlobalFree
GlobalAlloc
GetModuleHandleA
ExitProcess
MultiByteToWideChar

Sections

.text
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 370B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Examples/Scripts/ScriptMessages/Project1.vmp
Examples/Scripts/ScriptMessages/Project1.vms
Examples/Scripts/VMClasses/Project1.exe
.exe windows:4 windows x86 arch:x86

c66dd641d26f212364bd49b09fbc0194

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItemTextA
GetDlgItem
EndDialog
DialogBoxIndirectParamA
SetFocus
MessageBoxA

kernel32

GlobalFree
GlobalAlloc
GetModuleHandleA
ExitProcess
MultiByteToWideChar

Sections

.text
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 370B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Examples/Scripts/VMClasses/Project1.vmp
Examples/Scripts/VMClasses/Project1.vms
.js
Examples/Visual Basic/Form1.frm
.vbs
Examples/Visual Basic/Project1.vbp
Examples/Visual Basic/Project1.vbw
Examples/Visual Basic/Project1.vmp
Examples/Visual C++/Debug/Project1.vmp
Examples/Visual C++/Project1.cpp
Examples/Visual C++/Project1.dsp
Examples/Visual C++/Project1.dsw
Examples/Visual C++/Project1.ncb
Examples/Visual C++/Project1.opt
Examples/Visual C++/Project1.plg
.html
Examples/Visual C++/Resource.aps
Examples/Visual C++/Resource.rc
Examples/Visual C++/StdAfx.cpp
Examples/Visual C++/StdAfx.h
Examples/Visual C++/VMProtectSDK.h
Examples/Visual C++/VMProtectSDK64.dll
.dll windows:4 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Exports

Exports

VMProtectBegin
VMProtectEnd

Sections

.text
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 107B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Examples/Visual C++/VMProtectSDK64.lib
Examples/Visual C++/resource.h
Examples/新云软件.url
.url
Help/CN.chm
.chm
Langs/CN.lng
Langs/EN.lng
VMProtect.exe
.exe windows:1 windows x86 arch:x86

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

9d:ed:74:58:7a:50:4d:63:ea:7d:ed:b1:84:27:23:85
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

23/05/2008, 00:00

Not After

23/05/2009, 23:59

Subject

CN=Permyakov Ivan,O=Permyakov Ivan,POSTALCODE=623701,STREET=Uktusskaya str.47\, #54,L=Ekaterinburg,ST=Russia,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

8b:0c:b9:89:07:9a:c3:d9:5c:1d:d6:8c:9d:94:fa:ee:f8:fd:2f:de
Signer

Actual PE Digest

8b:0c:b9:89:07:9a:c3:d9:5c:1d:d6:8c:9d:94:fa:ee:f8:fd:2f:de

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 15KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 28B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 485KB - Virtual size: 485KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VMProtect.ini
VMProtect_Con.exe
.exe windows:1 windows x86 arch:x86

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

9d:ed:74:58:7a:50:4d:63:ea:7d:ed:b1:84:27:23:85
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

23/05/2008, 00:00

Not After

23/05/2009, 23:59

Subject

CN=Permyakov Ivan,O=Permyakov Ivan,POSTALCODE=623701,STREET=Uktusskaya str.47\, #54,L=Ekaterinburg,ST=Russia,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

ff:b4:3e:8e:08:de:68:4f:06:f8:69:15:a5:f4:d5:99:30:23:9d:85
Signer

Actual PE Digest

ff:b4:3e:8e:08:de:68:4f:06:f8:69:15:a5:f4:d5:99:30:23:9d:85

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 663KB - Virtual size: 662KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 11KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 12B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VMProtect_Ext.dll
.dll regsvr32 windows:1 windows x86 arch:x86

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

9d:ed:74:58:7a:50:4d:63:ea:7d:ed:b1:84:27:23:85
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

23/05/2008, 00:00

Not After

23/05/2009, 23:59

Subject

CN=Permyakov Ivan,O=Permyakov Ivan,POSTALCODE=623701,STREET=Uktusskaya str.47\, #54,L=Ekaterinburg,ST=Russia,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d7:c8:c1:4f:09:a7:46:33:59:2a:12:38:c5:79:75:f6:fc:f0:28:19
Signer

Actual PE Digest

d7:c8:c1:4f:09:a7:46:33:59:2a:12:38:c5:79:75:f6:fc:f0:28:19

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 170B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
帮助.txt

Sharing

General

Malware Config

Signatures

Files

c66dd641d26f212364bd49b09fbc0194

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 1024B - Virtual size: 712B

.rdata Size: 512B - Virtual size: 370B

.data Size: 512B - Virtual size: 132B

c66dd641d26f212364bd49b09fbc0194

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 1024B - Virtual size: 712B

.rdata Size: 512B - Virtual size: 370B

.data Size: 512B - Virtual size: 132B

c66dd641d26f212364bd49b09fbc0194

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 1024B - Virtual size: 712B

.rdata Size: 512B - Virtual size: 370B

.data Size: 512B - Virtual size: 132B

c66dd641d26f212364bd49b09fbc0194

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 1024B - Virtual size: 712B

.rdata Size: 512B - Virtual size: 370B

.data Size: 512B - Virtual size: 132B

c66dd641d26f212364bd49b09fbc0194

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 1024B - Virtual size: 712B

.rdata Size: 512B - Virtual size: 370B

.data Size: 512B - Virtual size: 132B

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 512B - Virtual size: 10B

.rdata Size: 512B - Virtual size: 107B

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

9d:ed:74:58:7a:50:4d:63:ea:7d:ed:b1:84:27:23:85Certificate

Extended Key Usages

Key Usages

8b:0c:b9:89:07:9a:c3:d9:5c:1d:d6:8c:9d:94:fa:ee:f8:fd:2f:deSigner

Headers

File Characteristics

Sections

CODE Size: 1.8MB - Virtual size: 1.8MB

DATA Size: 17KB - Virtual size: 16KB

BSS Size: - Virtual size: 15KB

.idata Size: 12KB - Virtual size: 11KB

.text
Size: 1024B - Virtual size: 712B

.rdata
Size: 512B - Virtual size: 370B

.data
Size: 512B - Virtual size: 132B

.text
Size: 1024B - Virtual size: 712B

.rdata
Size: 512B - Virtual size: 370B

.data
Size: 512B - Virtual size: 132B

.text
Size: 1024B - Virtual size: 712B

.rdata
Size: 512B - Virtual size: 370B

.data
Size: 512B - Virtual size: 132B

.text
Size: 1024B - Virtual size: 712B

.rdata
Size: 512B - Virtual size: 370B

.data
Size: 512B - Virtual size: 132B

.text
Size: 1024B - Virtual size: 712B

.rdata
Size: 512B - Virtual size: 370B

.data
Size: 512B - Virtual size: 132B

.text
Size: 512B - Virtual size: 10B

.rdata
Size: 512B - Virtual size: 107B

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

9d:ed:74:58:7a:50:4d:63:ea:7d:ed:b1:84:27:23:85
Certificate

8b:0c:b9:89:07:9a:c3:d9:5c:1d:d6:8c:9d:94:fa:ee:f8:fd:2f:de
Signer

CODE
Size: 1.8MB - Virtual size: 1.8MB

DATA
Size: 17KB - Virtual size: 16KB

BSS
Size: - Virtual size: 15KB

.idata
Size: 12KB - Virtual size: 11KB

.tls
Size: - Virtual size: 28B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 485KB - Virtual size: 485KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

9d:ed:74:58:7a:50:4d:63:ea:7d:ed:b1:84:27:23:85
Certificate

ff:b4:3e:8e:08:de:68:4f:06:f8:69:15:a5:f4:d5:99:30:23:9d:85
Signer

CODE
Size: 663KB - Virtual size: 662KB

DATA
Size: 8KB - Virtual size: 7KB

BSS
Size: - Virtual size: 11KB

.idata
Size: 4KB - Virtual size: 3KB

.tls
Size: - Virtual size: 12B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 40KB - Virtual size: 39KB

.rsrc
Size: 16KB - Virtual size: 16KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

9d:ed:74:58:7a:50:4d:63:ea:7d:ed:b1:84:27:23:85
Certificate

d7:c8:c1:4f:09:a7:46:33:59:2a:12:38:c5:79:75:f6:fc:f0:28:19
Signer

CODE
Size: 69KB - Virtual size: 69KB

DATA
Size: 2KB - Virtual size: 1KB

BSS
Size: - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 170B

.reloc
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 5KB - Virtual size: 5KB