7d9440162589eda19104db7b80df8296daf1676a3826be845429de54be3b3833_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

7d9440162589eda19104db7b80df8296daf1676a3826be845429de54be3b3833_NeikiAnalytics.exe
Size

1.7MB
MD5

2e5066e114f59c8d120a86144abf57f0
SHA1

8fd45eb3b323d9dda2a9cb038e73d89908c1d4e3
SHA256

7d9440162589eda19104db7b80df8296daf1676a3826be845429de54be3b3833
SHA512

3de3ca9800ecb99dff39c883f7a94971053d03a7b1260d053fb26b649f6e6a7fb10fc6416445ef387f58302c803ac2620e9b5e1004e098561e0232d338527410
SSDEEP

24576:yBcAUsWoJyqCjIUvtzEDJ+JdZjYvEcAFINffUPnNDRYRcUCroTMWc6:yOAUsW0CUkhEDsJdZjYvE/mffsNqRbF

Score

1^/10

Malware Config

Signatures

Files

7d9440162589eda19104db7b80df8296daf1676a3826be845429de54be3b3833_NeikiAnalytics.exe
.dll windows:6 windows x64 arch:x64

f6f32a8193f145687dbece0ce1473007

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:55:f9:45:96:13:df:a4:09:d8:3e:84:d9:65:70:40
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

02/04/2024, 00:00

Not After

01/04/2027, 23:59

Subject

SERIALNUMBER=23638777,CN=ASUSTeK COMPUTER INC.,O=ASUSTeK COMPUTER INC.,L=Beitou District,ST=Taipei City,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:09:5e:de:a2:12:7e:92:81:cc:00:00:00:00:01:09
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

14/09/2023, 19:14

Not After

04/09/2024, 19:14

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4c:f3:b9:3a:c5:03:36:ef:bb:83:22:14:85:8e:5c:14:1b:b0:53:a1:e0:10:96:b9:41:87:dd:c4:ba:87:35:67
Signer

Actual PE Digest

4c:f3:b9:3a:c5:03:36:ef:bb:83:22:14:85:8e:5c:14:1b:b0:53:a1:e0:10:96:b9:41:87:dd:c4:ba:87:35:67

Digest Algorithm

sha256

PE Digest Matches

true

4c:f3:b9:3a:c5:03:36:ef:bb:83:22:14:85:8e:5c:14:1b:b0:53:a1:e0:10:96:b9:41:87:dd:c4:ba:87:35:67
Signer

Actual PE Digest

4c:f3:b9:3a:c5:03:36:ef:bb:83:22:14:85:8e:5c:14:1b:b0:53:a1:e0:10:96:b9:41:87:dd:c4:ba:87:35:67

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Project\AsusSystemAnalysis\AsusSystemAnalysisService\x64\Release\AsusWinDll\AsusWinIO64.pdb

Imports

kernel32

LocalFree
GetConsoleMode
GetConsoleOutputCP
WriteFile
FlushFileBuffers
Sleep
GetSystemTimes
GetStdHandle
WriteConsoleW
GetSystemPowerStatus
GetCurrentProcess
GetFileAttributesA
ReadFile
GetFirmwareEnvironmentVariableW
SetFirmwareEnvironmentVariableW
HeapReAlloc
GetFileAttributesW
lstrlenW
SetFilePointerEx
GetFileSizeEx
GetTimeZoneInformation
CreateDirectoryW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
WaitForSingleObject
CreateMutexW
GetModuleFileNameW
GetExitCodeProcess
GetFileAttributesExW
CreatePipe
SetConsoleCtrlHandler
FindClose
K32GetModuleFileNameExW
K32GetModuleBaseNameW
K32EnumProcessModules
FindFirstFileExW
FindNextFileW
LCMapStringW
ReleaseMutex
LoadLibraryW
IsValidCodePage
CompareStringW
GetTimeFormatW
GetDateFormatW
LocalAlloc
InitializeCriticalSectionAndSpinCount
GetACP
GetOEMCP
GetTempPathW
GetCommandLineA
GetCommandLineW
OutputDebugStringA
OutputDebugStringW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
FreeLibrary
GetModuleHandleW
GetProcAddress
GetLastError
DeviceIoControl
CreateFileW
HeapFree
GetCurrentThread
ExitProcess
GetModuleHandleExW
GetFileType
CreateProcessW
DuplicateHandle
FlsFree
HeapAlloc
GetProcessHeap
IsWow64Process2
FlsSetValue
FlsGetValue
FlsAlloc
SetLastError
GetPackagePathByFullName
GetPackagesByPackageFamily
GetModuleHandleA
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwindEx
RaiseException
CloseHandle
RtlPcToFileHeader
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
ReadConsoleW
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
MultiByteToWideChar
LoadLibraryExW
IsDebuggerPresent
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
HeapSize
SetEndOfFile
OpenProcess
WideCharToMultiByte
GetModuleFileNameA
RtlCaptureContext
GetCPInfo
CompareStringEx
LCMapStringEx
DecodePointer
CreateFileA
CreateThread
EncodePointer
GetComputerNameA
FormatMessageA
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
GetLocaleInfoEx
RtlUnwind

user32

GetAncestor
GetKeyState
IsIconic
IsWindow
GetClassNameW
EnumWindows
IsWindowEnabled
GetTitleBarInfo
GetLastActivePopup
IsWindowVisible
FindWindowExW
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
wsprintfW
GetWindowLongW

oleaut32

SafeArrayUnaccessData
VariantChangeType
SafeArrayAccessData
SysAllocStringByteLen
SysAllocString
SysFreeString
VariantClear
CreateErrorInfo
SetErrorInfo
GetErrorInfo
SafeArrayGetElement
VariantInit
SafeArrayGetLBound
SafeArrayGetUBound
SysStringLen

ole32

CoInitializeEx
CoSetProxyBlanket
CoCreateInstance
StringFromGUID2
CoUninitialize
CoInitialize
CoInitializeSecurity

advapi32

QueryServiceConfigW
RegCloseKey
RegOpenKeyExW
RegQueryInfoKeyW
ReportEventW
EventWriteTransfer
EventSetInformation
EventUnregister
EventRegister
RegisterEventSourceW
DeregisterEventSource
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
StartServiceW
QueryServiceStatus
OpenProcessToken
OpenServiceW
OpenSCManagerW
DeleteService
CreateServiceW
ControlService
CloseServiceHandle
ChangeServiceConfigW
LookupPrivilegeValueW
AdjustTokenPrivileges
RegEnumKeyExW

setupapi

SetupDiGetClassDevsW
CM_Get_Device_ID_ListW
CM_Get_Device_IDW
SetupDiEnumDeviceInfo
CM_Get_Device_ID_List_SizeW
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
CM_Connect_MachineA
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
CM_Reenumerate_DevNode_Ex
CM_Disconnect_Machine
CM_Get_DevNode_Registry_PropertyW
CM_Locate_DevNodeW
SetupDiGetDeviceRegistryPropertyW
CM_Open_DevNode_Key
CM_Locate_DevNode_ExA
CM_Get_Parent

shlwapi

ord487
PathRemoveFileSpecW
PathFileExistsW

api-ms-win-devices-config-l1-1-1

CM_Get_DevNode_PropertyW

hid

HidD_SetFeature
HidD_GetHidGuid
HidD_FreePreparsedData
HidD_GetPreparsedData
HidD_GetFeature
HidP_GetCaps

iphlpapi

FreeMibTable
GetIfTable2Ex
GetIfEntry2
GetAdaptersInfo

ext-ms-win-networking-wlanapi-l1-1-0

WlanOpenHandle
WlanEnumInterfaces
WlanFreeMemory
WlanQueryInterface

wlanapi

WlanGetNetworkBssList

bthprops.cpl

BluetoothFindFirstRadio
BluetoothFindFirstDevice
BluetoothFindDeviceClose
BluetoothFindRadioClose
BluetoothFindNextRadio
BluetoothFindNextDevice
BluetoothGetRadioInfo

Exports

Exports

Adapter_Clear_Charger_Data
Adapter_Clear_Power_Data_Flag
Adapter_Read_Charger_Information
Adapter_Read_Charger_Interrupt
Adapter_Read_Contract_PDO
Adapter_Read_PDO
Adapter_Read_PDO1
Adapter_Read_PDO2
Adapter_Read_PDO3
Adapter_Read_PDO4
Adapter_Read_PDO5
Adapter_Read_PDO6
Adapter_Read_PDO7
Adapter_Read_PDO_Watt
Adapter_Read_PD_ADO
Adapter_Read_PD_Get_Source_Cap_Extend_FWVersion
Adapter_Read_PD_Get_Source_Cap_Extend_HWVersion
Adapter_Read_PD_Get_Source_Cap_Extend_PID
Adapter_Read_PD_Get_Source_Cap_Extend_VID
Adapter_Read_PD_Get_Source_Cap_Extend_XID
Adapter_Read_PD_Get_Status_EventFlag
Adapter_Read_PD_Get_Status_Temperature
Adapter_Read_PD_IC_PN
Adapter_Read_Power_Big_Data_Config
Adapter_Read_Power_Data_Flag
AppList_CpuUsage
AppList_HardwareConfig
AppList_MemUsage
AppList_OpenWindows
App_Get_UWPApp
App_Get_Win32App
App_Get_Win32WOW6432App
BatteryHealthyTable_ACStatus
BatteryHealthyTable_BatteryError
BatteryHealthyTable_BatteryInformation
BatteryHealthyTable_CellVoltage1
BatteryHealthyTable_CellVoltage2
BatteryHealthyTable_CellVoltage3
BatteryHealthyTable_CellVoltage4
BatteryHealthyTable_ChargingVoltage
BatteryHealthyTable_Current
BatteryHealthyTable_CycleCount
BatteryHealthyTable_DesignVoltage
BatteryHealthyTable_DeviceName
BatteryHealthyTable_ECChipID
BatteryHealthyTable_ECChipName
BatteryHealthyTable_FullChargeCapacity
BatteryHealthyTable_GaugeIC
BatteryHealthyTable_LidStatus
BatteryHealthyTable_ManufactureDate
BatteryHealthyTable_ManufactureName
BatteryHealthyTable_ManufactureNameBySMBus
BatteryHealthyTable_PFStatus
BatteryHealthyTable_PackageVoltage
BatteryHealthyTable_ReadVendorType
BatteryHealthyTable_ReadVersion
BatteryHealthyTable_RemainingCapacity
BatteryHealthyTable_Rsoc
BatteryHealthyTable_SafetyStatus
BatteryHealthyTable_SerialNumber
BatteryHealthyTable_Temperature
BatteryHealthyTable_TimeoutStatus
BatteryHealthy_Check_PFalarm
BatteryHealthy_Read_LifetimeBlock1
BatteryHealthy_Read_LifetimeBlock3
BatteryHealthy_Read_LifetimeBlock4
BatteryHealthy_Read_LifetimeBlock5
BatteryHealthy_Read_MaxCellDeltaVoltage
BatteryHealthy_Read_MaxChargeCurrent
BatteryHealthy_Read_MaxDischargeCurrent
BatteryHealthy_Read_PFStatus
Battery_Get_LidStatus
Battery_Read_ASOC
Battery_Read_Capacity
Battery_Read_CapacityPercentage
Battery_Read_CellVoltage
Battery_Read_ChargingVoltage
Battery_Read_Current
Battery_Read_CycleCount
Battery_Read_DesignVoltage
Battery_Read_DesignedCapacity
Battery_Read_FullChargedCapcity
Battery_Read_ManufactureDate
Battery_Read_ManufactureName
Battery_Read_PackageVoltage
Battery_Read_Temperature
CPU_ReadCPUUsage
CPU_ReadCpuFrequency
CPU_ReadCpuId
CPU_ReadCpuMaxFrequency
CPU_ReadCpuVoltage
CPU_ReadRegCPUInfo
EC_ReadEcChipId
EC_ReadEcChipName
EC_ReadEcFwRev
EC_ReadProjectInformation
GPNV_Clear_CSC_Repair_Flag
GPNV_Get_ActivatedTime
GPNV_Get_HEAL_table
GPNV_Get_HEAL_table_CSC_Repair_Flag
GPNV_Get_ManufacturedTime
GPNV_Get_RandomUUID
GPNV_Set_ActivatedTime
GPNV_Set_ManufacturedTime
GPNV_Set_RandomUUID
GetApplist_UWP
GetApplist_x64
GetApplist_x86
GetDriverVersion
GetEEPROM_Data
GetInfVersion
GetIoDllVersion
GetNum_Key
GetRefCount
GetSENSOR_WMI_Data
GetUWPVersion
GetXgmFw
HealthyTable_FanCounts
HealthyTable_FanRPM
HealthyTable_GetFanTestMode
HealthyTable_Read_BoardTS0L_Temperature
HealthyTable_Read_Cpu_Temperature
HealthyTable_Read_Fan
HealthyTable_SetFanIndex
HealthyTable_SetFanPwmDuty
HealthyTable_SetFanTestMode
InitializeWinIo
Power_PD_Charging
Power_Read_ACDCMode
Power_Set_Monitor_PowerDropped
ProArt_Read_Cpu_Temperature
ProArt_Read_Fan
RF_AP_MAC
RF_BTConnectedNum
RF_BTConnectedType
RF_BTIsUsed
RF_Net_Connected_Type
RF_PhyMode
RF_USBHDMIIsUsed
RF_USBISTYPEC
RF_USBIsTranster
RF_USBNum
RF_USBPort
RF_USB_A_Num
RF_USB_C_Num
RF_WWAN_Access_Technology
RF_WWAN_Home_Provider
RF_WWAN_RSSI
RF_WiFiCardName
RF_WiFiChannel
RF_WiFiIsConnected
RF_WiFiMaxRate
RF_WiFiRssi
RF_WiFi_2_4G_AP_Ch_Num
RF_WiFi_2_4G_AP_Num
RF_WiFi_2_4G_AP_RSSI_Num
RF_WiFi_5G_AP_Band_Num
RF_WiFi_5G_AP_Num
RF_WiFi_5G_AP_RSSI_Num
RF_WiFi_6G_AP_NUII_Num
RF_WiFi_6G_AP_Num
RF_WiFi_6G_AP_RSSI_Num
RF_WiFi_Main_Aux_Rssi
ShutdownWinIo
StopWinIoDriver
System_Check_S_Mode
System_Read_LocalTime
System_Read_TabletMode
System_Read_VolumeLevel
Thermal_Read_ACFET_Temperature
Thermal_Read_BatteryConnector_Temperature
Thermal_Read_BoardTS0L_Temperature
Thermal_Read_BoardTS0R_Temperature
Thermal_Read_ChargerChoke_Temperature
Thermal_Read_CpuDptf_PowerLimit1
Thermal_Read_CpuDptf_PowerLimit2
Thermal_Read_CpuPackagePower
Thermal_Read_Cpu_Temperature
Thermal_Read_Fan
Thermal_Read_GpuTS1L_Temperature
Thermal_Read_GpuTS1R_Temperature
Thermal_Read_GpuVram_Temperature
Thermal_Read_GpuVrm_Temperature
Thermal_Read_UpCpu_Temperature
TraceOutput
TraceOutputCritical
UnregisterTraceLogging
Update_AsusOsLanguage
WMICheckBatteryHealthSupport
WMICheckQuietFanSupport
WMIGet90Number
WMIGetBatteryHealth
WMIGetBiosManufacture
WMIGetBiosReleaseDate
WMIGetBiosVersion
WMIGetBoardUUID
WMIGetCPUArchitecture
WMIGetCPUInfo
WMIGetCPUUsg
WMIGetCardReaderCaption
WMIGetComputerFamilyName
WMIGetExternMonitorNum
WMIGetExternMonitorPropList
WMIGetGPUInfo
WMIGetGPUUsg
WMIGetHDDCaption
WMIGetHDDInfo
WMIGetHDDList
WMIGetHDDModel
WMIGetHDDSize
WMIGetHDDTemp
WMIGetHDDUsage
WMIGetLCDModel
WMIGetMacAddress
WMIGetMemFrequency
WMIGetMemInfo
WMIGetMemManufacture
WMIGetMemModel
WMIGetMemSize
WMIGetModelName
WMIGetMonitorBrightness
WMIGetOSInfo
WMIGetPhysicalDiskInfo
WMIGetProductName
WMIGetQuietFan
WMIGetSDCardCaption
WMIGetSDCardSize
WMIGetSN
WMIGetSSDList
WMIGetSSDModel
WMIGetSSDUsage
WMIGetSystemChassisTypes
WMIGetType2SN
WMIGetWiFiBytesPersec
WMIGetWiFiCardName
WMISetAppPath
WMISetBatteryHealth
WMISetBatteryHealthToUser
WMISetQuietFan
WOA_EC_read
WOA_EC_write
wmiadd

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 275KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6f32a8193f145687dbece0ce1473007

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

06:55:f9:45:96:13:df:a4:09:d8:3e:84:d9:65:70:40Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

33:00:00:01:09:5e:de:a2:12:7e:92:81:cc:00:00:00:00:01:09Certificate

Extended Key Usages

61:0b:aa:c1:00:00:00:00:00:09Certificate

Key Usages

4c:f3:b9:3a:c5:03:36:ef:bb:83:22:14:85:8e:5c:14:1b:b0:53:a1:e0:10:96:b9:41:87:dd:c4:ba:87:35:67Signer

4c:f3:b9:3a:c5:03:36:ef:bb:83:22:14:85:8e:5c:14:1b:b0:53:a1:e0:10:96:b9:41:87:dd:c4:ba:87:35:67Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

oleaut32

ole32

advapi32

setupapi

shlwapi

api-ms-win-devices-config-l1-1-1

hid

iphlpapi

ext-ms-win-networking-wlanapi-l1-1-0

wlanapi

bthprops.cpl

Exports

Exports

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 275KB - Virtual size: 274KB

.data Size: 10KB - Virtual size: 100KB

.pdata Size: 54KB - Virtual size: 53KB

_RDATA Size: 1024B - Virtual size: 640B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 4KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

06:55:f9:45:96:13:df:a4:09:d8:3e:84:d9:65:70:40
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

33:00:00:01:09:5e:de:a2:12:7e:92:81:cc:00:00:00:00:01:09
Certificate

61:0b:aa:c1:00:00:00:00:00:09
Certificate

4c:f3:b9:3a:c5:03:36:ef:bb:83:22:14:85:8e:5c:14:1b:b0:53:a1:e0:10:96:b9:41:87:dd:c4:ba:87:35:67
Signer

4c:f3:b9:3a:c5:03:36:ef:bb:83:22:14:85:8e:5c:14:1b:b0:53:a1:e0:10:96:b9:41:87:dd:c4:ba:87:35:67
Signer

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 275KB - Virtual size: 274KB

.data
Size: 10KB - Virtual size: 100KB

.pdata
Size: 54KB - Virtual size: 53KB

_RDATA
Size: 1024B - Virtual size: 640B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB