5b58b332b740bed667113f03145ecc75763850c1ec95a477931189e46c4542b1_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

5b58b332b740bed667113f03145ecc75763850c1ec95a477931189e46c4542b1_NeikiAnalytics.exe
Size

6.3MB
MD5

bb40d935c401113be18fbc567883d5f0
SHA1

221ea090eb578c74cb64a74df75bae06623b9c18
SHA256

5b58b332b740bed667113f03145ecc75763850c1ec95a477931189e46c4542b1
SHA512

02a56a8774a0c75627af79d5810105a9d7620f936b833193b6491056228b07adca8b0902ab8d62d94a882ea93413da7779ffe0fcf131db05cb95d44129f7b72f
SSDEEP

49152:mw4jwKBUvd8JzttyVY81DasilJoaT20MFoc5+OcoP1xbaHdLHkJEZ11QAfloTpca:jO81DaLlJoaT8Focpj+DheTph

Score

1^/10

Malware Config

Signatures

Files

5b58b332b740bed667113f03145ecc75763850c1ec95a477931189e46c4542b1_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

93ffcb11e00042f780ec00944ba0db03

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:1d:ab:11:da:c4:02:a1:66:27:ba
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

04/04/2006, 17:44

Not After

26/04/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:46:9e:cb:00:04:00:00:00:65
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/04/2006, 19:43

Not After

04/10/2007, 19:53

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

f1:db:3e:b0:95:47:72:25:35:a0:69:03:16:47:61:1e:bb:64:09:60
Signer

Actual PE Digest

f1:db:3e:b0:95:47:72:25:35:a0:69:03:16:47:61:1e:bb:64:09:60

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_DLL

PDB Paths

t:\setupexe\x86\ship\0\osetup.pdb

Imports

advapi32

RegCloseKey
RegSetValueExW
RegCreateKeyExW
CloseServiceHandle
ChangeServiceConfigW
OpenServiceW
OpenSCManagerW
QueryServiceConfigW
RegFlushKey
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegQueryValueExW
OpenProcessToken
RegOpenKeyExW
RegEnumKeyExW
RegEnumValueW
CreateProcessAsUserW
FreeSid
AllocateAndInitializeSid
ConvertSidToStringSidW
LookupAccountNameW
EqualSid
IsValidSid
CheckTokenMembership
ConvertSidToStringSidA
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
GetTokenInformation
CopySid
InitializeAcl
AddAccessDeniedAce
AddAccessAllowedAce
GetLengthSid
RegQueryInfoKeyA
RegEnumValueA
RegDeleteValueA
RegEnumKeyW
IsTextUnicode
StartServiceW
QueryServiceStatus
RegOpenKeyExA
RegQueryValueExA
CreateWellKnownSid
OpenThreadToken

kernel32

SetErrorMode
CloseHandle
lstrlenW
GetVolumeInformationW
VerSetConditionMask
VerifyVersionInfoW
GetCurrentThread
WaitForSingleObject
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
DeleteCriticalSection
HeapReAlloc
HeapAlloc
GetProcessHeap
HeapFree
lstrcmpW
FindNextFileW
RemoveDirectoryW
OpenMutexW
CreateThread
GetExitCodeThread
SetEvent
CreateEventW
GlobalFree
SetEnvironmentVariableW
GetCurrentDirectoryW
GetComputerNameW
IsValidLocale
TlsGetValue
TlsSetValue
TlsAlloc
TlsFree
GetTempPathW
GetVersionExW
GetPriorityClass
CreateProcessW
OpenProcess
GetExitCodeProcess
CopyFileW
DeleteFileW
SetFileAttributesW
GetTempFileNameW
GetFileAttributesExW
ReadFile
lstrlenA
WriteFile
CreateFileW
SetFilePointer
GetThreadLocale
GetSystemDirectoryA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
InterlockedExchange
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
SetHandleCount
InterlockedDecrement
InterlockedIncrement
ExitProcess
VirtualQuery
VirtualProtect
GetConsoleMode
GetConsoleCP
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCommandLineA
ReleaseSemaphore
GetSystemInfo
GetOEMCP
GetUserDefaultLangID
MapViewOfFile
DuplicateHandle
UnmapViewOfFile
CreateProcessA
TerminateProcess
HeapValidate
HeapSize
GetSystemDefaultLangID
GetModuleFileNameA
FindFirstFileW
LoadLibraryExW
FreeLibrary
GetCurrentProcess
CompareStringW
CompareStringA
FormatMessageW
LocalFree
ExpandEnvironmentStringsW
GetTimeZoneInformation
GetSystemTime
SystemTimeToTzSpecificLocalTime
MultiByteToWideChar
WideCharToMultiByte
SystemTimeToFileTime
GetDriveTypeW
GetSystemDirectoryW
GetDiskFreeSpaceExW
GetUserDefaultLCID
GetCurrentThreadId
GetTickCount
Sleep
OutputDebugStringA
GetModuleFileNameW
SetLastError
LoadLibraryW
GetVersion
GetFileAttributesW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetCurrentProcessId
GetLastError
FindClose
LocalAlloc
GetFileSize
FreeResource
LockResource
LoadResource
FindResourceW
SizeofResource
lstrcpyA
GetLocalTime
GetVolumeInformationA
GlobalMemoryStatus
DeviceIoControl
QueryDosDeviceW
QueryPerformanceCounter
InitializeCriticalSection
GetSystemDefaultLCID
IsDBCSLeadByte
FindResourceA
GetStringTypeExW
GetACP
IsValidCodePage
EnumUILanguagesW
EnumSystemLocalesW
GetLocaleInfoW
GetCalendarInfoW
GlobalAlloc
GetUserDefaultUILanguage
LoadLibraryA
MulDiv
OpenEventW
CreateDirectoryW
CreateFileA
GetStdHandle
FindAtomW
RaiseException
GetAtomNameW
GlobalLock
AddAtomW
DeleteAtom
SetProcessWorkingSetSize
GlobalDeleteAtom
GlobalAddAtomW
HeapCreate
HeapDestroy
FlushInstructionCache
VirtualAlloc
GetVersionExA
IsProcessorFeaturePresent
VirtualFree
ReleaseMutex
GetSystemTimeAsFileTime
FlushFileBuffers
GetFileType
GetProcessTimes
CreateMutexA
OpenMutexA
CreateSemaphoreA
CreateFileMappingA
CreateEventA
GetShortPathNameA

ole32

CoTaskMemFree
OleUninitialize
CreateStreamOnHGlobal
RevokeDragDrop
OleDraw
CoLockObjectExternal
CLSIDFromString
CoDisconnectObject
CoRegisterClassObject
CoRevokeClassObject
CoCreateInstance
CoInitializeEx
CoUninitialize
OleRun
CLSIDFromProgID

oleaut32

SysStringLen
VariantCopy
VariantChangeType
VariantChangeTypeEx
VarDecAdd
SysAllocStringByteLen
SysStringByteLen
GetErrorInfo
VarDecSu
VarDecMul
VarDecCmp
VarDecInt
OleCreateFontIndirect
VariantClear
VariantInit
SysFreeString
SysAllocString
VarDecRound
VarDecDiv
VarCmp
VarDecFromR8
VarDecFromI4
SysAllocStringLen

shell32

SHGetSpecialFolderPathW
SHCreateDirectoryExW
SHBindToParent
SHGetFolderLocation
SHBrowseForFolderW
ShellExecuteW
SHChangeNotify
SHGetFolderPathW

user32

LoadImageW
EnableMenuItem
GetSystemMenu
MoveWindow
GetClientRect
PostMessageW
TranslateMessage
UnregisterClassW
RegisterClassExW
CreateWindowExW
DestroyMenu
TrackPopupMenu
GetSubMenu
LoadMenuW
DestroyWindow
DefWindowProcW
IsChild
SetActiveWindow
LoadCursorW
LoadIconW
FindWindowW
ReleaseDC
GetDC
GetSysColor
CopyRect
SetRect
SetCursor
GetFocus
SetTimer
KillTimer
GetCursorPos
GetKeyState
GetCapture
VkKeyScanExW
GetKeyboardLayout
GetSysColorBrush
CreateIconIndirect
GetIconInfo
DestroyIcon
EqualRect
FillRect
IntersectRect
GetWindowPlacement
OffsetRect
DrawIconEx
DrawFocusRect
MapWindowPoints
DrawFrameControl
ScreenToClient
GetDoubleClickTime
GetAsyncKeyState
WindowFromPoint
ClientToScreen
GetParent
NotifyWinEvent
AdjustWindowRectEx
SetWindowPos
GetClassInfoExW
GetWindowRect
RegisterWindowMessageW
TrackPopupMenuEx
InvalidateRect
PtInRect
SetCapture
ReleaseCapture
IsZoomed
wsprintfW
InflateRect
GetSystemMetrics
InvertRect
SetRectEmpty
CallWindowProcW
UpdateWindow
DeferWindowPos
SetWindowRgn
IsRectEmpty
TrackMouseEvent
GetMessageTime
SetParent
FrameRect
AppendMenuW
CreatePopupMenu
GetWindow
EndPaint
BeginPaint
RegisterClassW
GetClassLongW
SetLayeredWindowAttributes
GetPropW
SetPropW
RemovePropW
UnionRect
PeekMessageW
PeekMessageA
MonitorFromWindow
MonitorFromRect
MonitorFromPoint
GetMonitorInfoW
GetMessagePos
DrawEdge
EndDeferWindowPos
BeginDeferWindowPos
FindWindowExW
GetKeyboardState
MsgWaitForMultipleObjects
DrawTextW
SystemParametersInfoA
GetClassNameW
GetMonitorInfoA
EnumDisplayMonitors
LoadBitmapA
GetKeyboardLayoutNameW
GetMenuCheckMarkDimensions
GetWindowThreadProcessId
CharNextA
IsWindowVisible
EnumWindows
GetAncestor
CharNextW
wsprintfA
GetWindowTextLengthW
GetWindowTextW
LoadStringW
ExitWindowsEx
PostThreadMessageW
CharLowerW
CharLowerA
CharUpperW
CharUpperA
ShowWindow
GetDlgItem
SendMessageW
DialogBoxParamW
SetForegroundWindow
GetMessageW
DispatchMessageW
IsWindow
PostQuitMessage
MessageBoxW
SystemParametersInfoW
GetDesktopWindow
EndDialog
SetFocus
SetWindowTextW
SetDlgItemTextW
GetWindowLongW
SetWindowLongW
MessageBeep
DispatchMessageA
EnableWindow

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shlwapi

StrRetToBufW
wnsprintfA
PathFileExistsW
PathGetDriveNumberW
PathGetCharTypeW
wnsprintfW
wvnsprintfW

wintrust

WinVerifyTrust

msi

ord116
ord141
ord113
ord111
ord179
ord92
ord78
ord150
ord17
ord160
ord125
ord121
ord118
ord120
ord148
ord65
ord31
ord95
ord180
ord172
ord67
ord91
ord117
ord189
ord174
ord77
ord110
ord194
ord168
ord136
ord181
ord45
ord137
ord70
ord215
ord129
ord14
ord211
ord169
ord190
ord88
ord159
ord32
ord71
ord8

secur32

GetUserNameExW

dbghelp

SymGetSymFromAddr64
SymGetLineFromAddr64
SymInitialize

psapi

EnumProcesses
GetModuleFileNameExW
GetModuleBaseNameW
EnumProcessModules

gdi32

SelectObject
DeleteDC
CreateCompatibleDC
CreateDIBSection
SetDIBColorTable
StretchBlt
BitBlt
GetObjectW
CreateFontIndirectW
SetBrushOrgEx
GetBrushOrgEx
RealizePalette
SelectPalette
CreateCompatibleBitmap
GetDeviceCaps
GetDIBits
CreateSolidBrush
CreatePatternBrush
GetPixel
GetEnhMetaFileHeader
GetObjectType
DeleteEnhMetaFile
SetBkColor
StretchDIBits
GetClipRgn
CreateRectRgn
CreateDCW
PlayEnhMetaFile
IntersectClipRect
SetTextColor
RestoreDC
SaveDC
DPtoLP
LPtoDP
ExcludeClipRect
LineTo
MoveToEx
CreatePen
ExtTextOutW
EqualRgn
OffsetRgn
CombineRgn
SetRectRgn
Ellipse
CreateDIBPatternBrushPt
PatBlt
GetTextExtentPoint32W
GetTextMetricsW
SetMapMode
SelectClipRgn
GetClipBox
CreateBitmap
GetTextColor
GetBkColor
GetCurrentObject
SetWindowOrgEx
GetWindowOrgEx
CreatePolygonRgn
GetSystemPaletteEntries
SetBkMode
SetStretchBltMode
DeleteObject
TranslateCharsetInfo
SetTextAlign
ExtSelectClipRgn
GetObjectA
CreateDCA
RectVisible
GetDIBColorTable
GetStockObject
GetPaletteEntries

rpcrt4

RpcStringBindingComposeW
UuidCreate
UuidToStringW
NdrClientCall2
RpcBindingFree
RpcStringFreeW
RpcBindingFromStringBindingW

oleacc

AccessibleObjectFromWindow
LresultFromObject

msimg32

AlphaBlend
GradientFill
TransparentBlt

gdiplus

GdipCreateBitmapFromStream
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectRect
GdipDrawImagePointRectI
GdipFillRectangle
GdipDeleteRegion
GdipSetClipRect
GdipSetClipRegion
GdipGetClip
GdipIsClipEmpty
GdipCreateRegion
GdipSetPixelOffsetMode
GdipCreateFromHDC
GdipDeleteMatrix
GdipTranslateRegionI
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromScan0
GdipCreateMatrix
GdipGetDC
GdipReleaseDC
GdipSetCompositingMode
GdipCreateBitmapFromHBITMAP
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipGetCompositingMode
GdipSetCompositingQuality
GdipGetCompositingQuality
GdipDrawImageRectRectI
GdipCloneImage
GdipImageRotateFlip
GdipSetTextRenderingHint
GdipGetTextRenderingHint
GdipSetTextContrast
GdipGetTextContrast
GdipGetInterpolationMode
GdipSetInterpolationMode
GdipGetSmoothingMode
GdipSetWorldTransform
GdipGetWorldTransform
GdipCreateMatrix2
GdipResetWorldTransform
GdipSaveGraphics
GdipRestoreGraphics
GdipBitmapGetPixel
GdipCloneBitmapAreaI
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetSmoothingMode
GdipGetPixelOffsetMode
GdipDeletePen
GdipSetImageAttributesColorKeys

comctl32

ImageList_DrawEx

imm32

ImmAssociateContext

hlink

ord8

Exports

Exports

??2@YAPAXI@Z
??3@YAXPAX@Z
?AddRef@BaseValue@NetUI@@QAEXXZ
?AutomateDataSource@FlexUI@@YGXPAUIDataSource@1@@Z
?CreateAtom@FlexValue@FlexUI@@SG_NPB_WAAVFlexValueSP@2@@Z
?CreateBoolean@FlexValue@FlexUI@@SG_N_NAAVFlexValueSP@2@@Z
?CreateByte@FlexValue@FlexUI@@SG_NEAAVFlexValueSP@2@@Z
?CreateChar@FlexValue@FlexUI@@SG_NDAAVFlexValueSP@2@@Z
?CreateDataSource@FlexValue@FlexUI@@SG_NPAUIDataSource@2@AAVFlexValueSP@2@@Z
?CreateDataSourceProxy@FlexUI@@YGPAUIFlexUIDataSourceProxy@@PAUIDataSource@1@@Z
?CreateDecimal@FlexValue@FlexUI@@SG_NPBUtagDEC@@AAVFlexValueSP@2@@Z
?CreateDouble@FlexValue@FlexUI@@SG_NNAAVFlexValueSP@2@@Z
?CreateFlexEvent@FlexValue@FlexUI@@SG_NAAVFlexValueSP@2@@Z
?CreateFlexListProxy@FlexUI@@YGPAUIFlexListProxy@@PAUIFlexList@1@@Z
?CreateInt16@FlexValue@FlexUI@@SG_NFAAVFlexValueSP@2@@Z
?CreateInt32@FlexValue@FlexUI@@SG_NHAAVFlexValueSP@2@@Z
?CreateInt64@FlexValue@FlexUI@@SG_N_JAAVFlexValueSP@2@@Z
?CreateLength@FlexValue@FlexUI@@SG_NPBUtagDEC@@W4FlexLengthType@2@AAVFlexValueSP@2@@Z
?CreateSByte@FlexValue@FlexUI@@SG_NCAAVFlexValueSP@2@@Z
?CreateSingle@FlexValue@FlexUI@@SG_NMAAVFlexValueSP@2@@Z
?CreateString@FlexValue@FlexUI@@SG_NPB_WAAVFlexValueSP@2@@Z
?CreateUInt16@FlexValue@FlexUI@@SG_NGAAVFlexValueSP@2@@Z
?CreateUInt32@FlexValue@FlexUI@@SG_NIAAVFlexValueSP@2@@Z
?CreateUInt64@FlexValue@FlexUI@@SG_N_KAAVFlexValueSP@2@@Z
?EnsureDataSourceState@@YGXPAUIDataSource@FlexUI@@@Z
?GetAtom@FlexValue@FlexUI@@QBEGXZ
?GetBoolean@FlexValue@FlexUI@@QBE_NXZ
?GetByte@FlexValue@FlexUI@@QBEEXZ
?GetChar@FlexValue@FlexUI@@QBE_WXZ
?GetDataSource@FlexValue@FlexUI@@QBEPAUIDataSource@2@XZ
?GetDecimal@FlexValue@FlexUI@@QBE?AUtagDEC@@XZ
?GetDouble@FlexValue@FlexUI@@QBENXZ
?GetInt16@FlexValue@FlexUI@@QBEFXZ
?GetInt32@FlexValue@FlexUI@@QBEHXZ
?GetInt64@FlexValue@FlexUI@@QBE_JXZ
?GetLength@FlexValue@FlexUI@@QBE?AUFlexLength@2@XZ
?GetList@FlexValue@FlexUI@@QBEPAUIFlexList@2@XZ
?GetSByte@FlexValue@FlexUI@@QBECXZ
?GetSingle@FlexValue@FlexUI@@QBEMXZ
?GetString@FlexValue@FlexUI@@QBEPB_WXZ
?GetType@FlexValue@FlexUI@@QBE?AW4FlexValueType@2@XZ
?GetUInt16@FlexValue@FlexUI@@QBEGXZ
?GetUInt32@FlexValue@FlexUI@@QBEIXZ
?GetUInt64@FlexValue@FlexUI@@QBE_KXZ
?HAlloc@NetUI@@YGPAXK@Z
?HFree@NetUI@@YGXPAX@Z
?IsDataSourceSubclassOf@FlexUI@@YG_NPAUIDataSourceDescription@1@I@Z
?Release@BaseValue@NetUI@@QAEXXZ
?ReleaseDataSource@FlexUI@@YGXPAUIFlexUIDataSourceProxy@@@Z
?ReleaseFlexList@FlexUI@@YGXPAUIFlexListProxy@@@Z
RunDevSetup
RunSetup

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 290KB - Virtual size: 338KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93ffcb11e00042f780ec00944ba0db03

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88Certificate

Extended Key Usages

Key Usages

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

6a:0b:99:4f:c0:00:1d:ab:11:da:c4:02:a1:66:27:baCertificate

Extended Key Usages

Key Usages

61:46:9e:cb:00:04:00:00:00:65Certificate

Extended Key Usages

Key Usages

f1:db:3e:b0:95:47:72:25:35:a0:69:03:16:47:61:1e:bb:64:09:60Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

ole32

oleaut32

shell32

user32

version

shlwapi

wintrust

msi

secur32

dbghelp

psapi

gdi32

rpcrt4

oleacc

msimg32

gdiplus

comctl32

imm32

hlink

Exports

Exports

Sections

.text Size: 2.9MB - Virtual size: 2.9MB

.data Size: 290KB - Virtual size: 338KB

.rsrc Size: 2.9MB - Virtual size: 2.9MB

.reloc Size: 141KB - Virtual size: 140KB

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

6a:0b:99:4f:c0:00:1d:ab:11:da:c4:02:a1:66:27:ba
Certificate

61:46:9e:cb:00:04:00:00:00:65
Certificate

f1:db:3e:b0:95:47:72:25:35:a0:69:03:16:47:61:1e:bb:64:09:60
Signer

.text
Size: 2.9MB - Virtual size: 2.9MB

.data
Size: 290KB - Virtual size: 338KB

.rsrc
Size: 2.9MB - Virtual size: 2.9MB

.reloc
Size: 141KB - Virtual size: 140KB