c76d2a8c1c8865b1aa6512e13b77cbc7446022b7be3378f7233c5ca4a5e58116

Sharing

Copy URL

Twitter E-mail

General

Target

c76d2a8c1c8865b1aa6512e13b77cbc7446022b7be3378f7233c5ca4a5e58116
Size

3.3MB
MD5

376f28fb0aa650d6220a9d722cdb108d
SHA1

c7b4b97369a2ca77e916d5175d162dc2b823763b
SHA256

c76d2a8c1c8865b1aa6512e13b77cbc7446022b7be3378f7233c5ca4a5e58116
SHA512

12250e130625d863d9c4188ad85979724c1f25a2cda7e7162454002ec3b4322ce28ff9fa7c0b4db7933a860acd0e88fee63647d30f9f7a39c1f429172b8f6dff
SSDEEP

98304:npxgAPDbLLMdcWklXOFTsKVuVpwsSiqN5AcK:pxgA7I4ouf7l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c76d2a8c1c8865b1aa6512e13b77cbc7446022b7be3378f7233c5ca4a5e58116

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

c76d2a8c1c8865b1aa6512e13b77cbc7446022b7be3378f7233c5ca4a5e58116
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$TEMP/_wrar51b2.exe
.exe windows:5 windows x86 arch:x86

e5b5aa8fc53135b7c557867cd2dccb6b

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07-06-2005 08:09

Not After

30-05-2020 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24-08-2011 00:00

Not After

30-05-2020 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

43:9d:ac:f2:0b:41:eb:1d:86:06:96:25:92:0d:2b:41
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2013 00:00

Not After

24-12-2016 23:59

Subject

CN=C4 Security,O=C4 Security,POSTALCODE=67442,STREET=13 Noach Mozes St,L=Tel aviv,ST=Gush Dan,C=IL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

c8:63:51:46:e6:b7:d3:cb:23:3f:6f:bf:7e:b7:22:0d:8a:2e:12:e8
Signer

Actual PE Digest

c8:63:51:46:e6:b7:d3:cb:23:3f:6f:bf:7e:b7:22:0d:8a:2e:12:e8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathA

kernel32

FindResourceA
GetModuleHandleExA
LoadResource
GetCurrentProcess
WriteFile
InitializeCriticalSectionAndSpinCount
SizeofResource
CreateProcessA
GetLastError
LockResource
GetVersionExA
CreateFileA
GetTempPathA
FindFirstFileA
FindNextFileA
ExpandEnvironmentStringsA
WideCharToMultiByte
GetFileSize
SetFilePointer
ReadFile
MoveFileExA
GetTempFileNameA
SetStdHandle
CloseHandle
GetModuleHandleA
ReadConsoleW
SetEnvironmentVariableA
LoadLibraryW
OutputDebugStringW
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
Sleep
MultiByteToWideChar
GetStringTypeW
CreateDirectoryW
CreateFileW
DeleteFileW
GetFileAttributesW
RemoveDirectoryW
SetEndOfFile
SetFilePointerEx
SetLastError
DeviceIoControl
WriteConsoleW
GetProcAddress
CopyFileW
AreFileApisANSI
LocalFree
FormatMessageA
HeapFree
GetCommandLineA
RaiseException
RtlUnwind
HeapAlloc
GetCPInfo
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsDebuggerPresent
ExitProcess
GetModuleHandleExW
HeapSize
GetStdHandle
GetModuleFileNameW
GetFileType
GetProcessHeap
FlushFileBuffers
GetConsoleCP
GetConsoleMode
GetCurrentThreadId
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetACP
IsValidCodePage
GetOEMCP
HeapReAlloc
GetTimeZoneInformation
LoadLibraryExW

advapi32

OpenProcessToken
GetTokenInformation

ole32

CoCreateInstance
CoUninitialize
CoInitializeEx

Sections

.text
Size: 274KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/wrar51b2.exe
.exe windows:5 windows x86 arch:x86

5047c37ff0bbdaa2226452f568711388

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07-06-2005 08:09

Not After

30-05-2020 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24-08-2011 00:00

Not After

30-05-2020 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

75:95:3f:a5:4d:d1:2d:d9:ca:6b:94:8c:17:bf:d6:7c
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

13-06-2013 00:00

Not After

13-06-2015 23:59

Subject

CN=win.rar GmbH,O=win.rar GmbH,POSTALCODE=10117,STREET=Schumannstr. 17,L=Berlin,ST=Berlin,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

90:3b:b7:2d:f1:91:88:81:d5:51:5c:0a:f6:dc:e7:1a:01:52:87:4c
Signer

Actual PE Digest

90:3b:b7:2d:f1:91:88:81:d5:51:5c:0a:f6:dc:e7:1a:01:52:87:4c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\WinRAR\SFX\setup\build\sfxrar32\Release\sfxrar.pdb

Imports

comctl32

InitCommonControlsEx

shlwapi

SHAutoComplete

kernel32

ReadFile
FlushFileBuffers
GetFileAttributesW
SetFileAttributesW
FindClose
FindNextFileW
FindFirstFileW
GetCurrentDirectoryW
GetFullPathNameW
GetModuleFileNameW
FindResourceW
GetModuleHandleW
FreeLibrary
GetProcAddress
LoadLibraryW
GetCurrentProcessId
GetLocaleInfoW
GetNumberFormatW
ExpandEnvironmentStringsW
WaitForSingleObject
GetDateFormatW
GetTimeFormatW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetExitCodeProcess
GetTempPathW
MoveFileExW
Sleep
UnmapViewOfFile
MapViewOfFile
GetCommandLineW
CreateFileMappingW
GetTickCount
SetEnvironmentVariableW
OpenFileMappingW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateThread
GetProcessAffinityMask
CreateEventW
CreateSemaphoreW
ReleaseSemaphore
ResetEvent
SetEvent
SetThreadPriority
SystemTimeToFileTime
GetSystemTime
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
WideCharToMultiByte
SetFileTime
GetFileType
IsDBCSLeadByte
GetCPInfo
GlobalAlloc
SetCurrentDirectoryW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleHandleA
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetModuleFileNameA
ExitProcess
HeapSize
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
VirtualFree
HeapCreate
InterlockedDecrement
GetCurrentThreadId
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
SetEndOfFile
SetFilePointer
WriteFile
GetStdHandle
GetLongPathNameW
GetShortPathNameW
CompareStringW
MoveFileW
CreateFileW
CreateDirectoryW
DeviceIoControl
RemoveDirectoryW
DeleteFileW
CreateHardLinkW
GetCurrentProcess
CloseHandle
SetLastError
GetLastError
CreateFileA
MultiByteToWideChar
GetCommandLineA
RaiseException
GetSystemTimeAsFileTime
HeapAlloc
HeapReAlloc
HeapFree
RtlUnwind

user32

EnableWindow
GetDlgItem
ShowWindow
SetWindowLongW
FindWindowExW
GetParent
MapWindowPoints
CreateWindowExW
UpdateWindow
LoadCursorW
RegisterClassExW
DefWindowProcW
DestroyWindow
CopyRect
IsWindow
OemToCharBuffA
LoadIconW
LoadBitmapW
PostMessageW
SetForegroundWindow
MessageBoxW
WaitForInputIdle
IsWindowVisible
DialogBoxParamW
DestroyIcon
SetFocus
GetClassNameW
SendDlgItemMessageW
EndDialog
GetDlgItemTextW
SetDlgItemTextW
wvsprintfW
SendMessageW
GetDC
ReleaseDC
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
LoadStringW
GetWindowRect
GetClientRect
SetWindowPos
GetWindowTextW
SetWindowTextW
GetSystemMetrics
GetWindow
GetWindowLongW
GetSysColor

gdi32

GetObjectW
DeleteObject
GetDeviceCaps
CreateDIBSection

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
SetFileSecurityW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetFileInfoW
ShellExecuteExW
SHChangeNotify
SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW

ole32

CLSIDFromString
CoCreateInstance
OleInitialize
OleUninitialize
CreateStreamOnHGlobal

oleaut32

VariantInit

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 32KB

.rsrc Size: 6KB - Virtual size: 6KB

e5b5aa8fc53135b7c557867cd2dccb6b

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4bCertificate

Key Usages

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bbCertificate

Extended Key Usages

Key Usages

43:9d:ac:f2:0b:41:eb:1d:86:06:96:25:92:0d:2b:41Certificate

Extended Key Usages

Key Usages

c8:63:51:46:e6:b7:d3:cb:23:3f:6f:bf:7e:b7:22:0d:8a:2e:12:e8Signer

Headers

DLL Characteristics

File Characteristics

Imports

shell32

kernel32

advapi32

ole32

Sections

.text Size: 274KB - Virtual size: 274KB

.rdata Size: 71KB - Virtual size: 70KB

.data Size: 14KB - Virtual size: 23KB

.rsrc Size: 4.7MB - Virtual size: 4.7MB

.reloc Size: 49KB - Virtual size: 49KB

5047c37ff0bbdaa2226452f568711388

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4bCertificate

Key Usages

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate

Extended Key Usages

Key Usages

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bbCertificate

Extended Key Usages

Key Usages

75:95:3f:a5:4d:d1:2d:d9:ca:6b:94:8c:17:bf:d6:7cCertificate

Extended Key Usages

Key Usages

90:3b:b7:2d:f1:91:88:81:d5:51:5c:0a:f6:dc:e7:1a:01:52:87:4cSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 160KB - Virtual size: 160KB

.rdata Size: 20KB - Virtual size: 19KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 32KB

.rsrc
Size: 6KB - Virtual size: 6KB

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

43:9d:ac:f2:0b:41:eb:1d:86:06:96:25:92:0d:2b:41
Certificate

c8:63:51:46:e6:b7:d3:cb:23:3f:6f:bf:7e:b7:22:0d:8a:2e:12:e8
Signer

.text
Size: 274KB - Virtual size: 274KB

.rdata
Size: 71KB - Virtual size: 70KB

.data
Size: 14KB - Virtual size: 23KB

.rsrc
Size: 4.7MB - Virtual size: 4.7MB

.reloc
Size: 49KB - Virtual size: 49KB

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

75:95:3f:a5:4d:d1:2d:d9:ca:6b:94:8c:17:bf:d6:7c
Certificate

90:3b:b7:2d:f1:91:88:81:d5:51:5c:0a:f6:dc:e7:1a:01:52:87:4c
Signer

.text
Size: 160KB - Virtual size: 160KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 5KB - Virtual size: 134KB

.rsrc
Size: 26KB - Virtual size: 25KB