58717ef76a329ab78547f71b6fe9985439d9b4999b859e60283a117ddc408b5f_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

58717ef76a329ab78547f71b6fe9985439d9b4999b859e60283a117ddc408b5f_NeikiAnalytics.exe
Size

3.2MB
MD5

98968462236a2c42934e128282fea6f0
SHA1

884052a32f47108a240f9c60a67c331b7352b7e8
SHA256

58717ef76a329ab78547f71b6fe9985439d9b4999b859e60283a117ddc408b5f
SHA512

b969f194b2ea3f63811449649889bdc5d9114a3cea8e001b82da2246a09ce2d907c8da6b0b409b6f8153674e95186b32a10ce8e7c8afd1b84f248f623a434b73
SSDEEP

49152:mgGZyVXDH3y1zOpuCULJXe6YjKVJOVH/MVNeL6KJ897rElBz1IKP66NA:jVT2Xe6YGMJ8dEvzjCT

Score

1^/10

Malware Config

Signatures

Files

58717ef76a329ab78547f71b6fe9985439d9b4999b859e60283a117ddc408b5f_NeikiAnalytics.exe
.exe windows:5 windows x64 arch:x64

283f4ce510df26dff8de5f0d08db43d0

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

03:7e:56:a1:9d:56:78:8e:01:f1:26:30:95:1b:f5:cc
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

12/09/2018, 00:00

Not After

11/09/2021, 23:59

Subject

CN=HP Inc,OU=Print Software Platform,O=HP Inc,L=Palo Alto,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:6d:9d:a5:3e:87:00:9d:33:49:00:00:00:00:00:6d
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/09/2018, 19:45

Not After

20/09/2019, 19:45

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:23:9a:71:8f:d9:dc:21:b5:50:b1:71:4d:63:a7:b4:33:8c:40:0b:47:df:f0:b2:e1:2e:ee:5d:42:76:16:61
Signer

Actual PE Digest

2b:23:9a:71:8f:d9:dc:21:b5:50:b1:71:4d:63:a7:b4:33:8c:40:0b:47:df:f0:b2:e1:2e:ee:5d:42:76:16:61

Digest Algorithm

sha256

PE Digest Matches

true

c2:a5:20:64:ff:24:14:79:cc:57:97:6c:29:22:4d:21:9d:7a:59:91
Signer

Actual PE Digest

c2:a5:20:64:ff:24:14:79:cc:57:97:6c:29:22:4d:21:9d:7a:59:91

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

f:\jnks\workspace\K24_CXP_Production_Build\build2682\SxS\src\x64\Release\HPInstallerExe.pdb

Imports

kernel32

HeapSize
GetLastError
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
GetCurrentThread
GetCurrentThreadId
GetVersionExW
FreeLibrary
GetModuleFileNameW
LoadLibraryExW
LoadResource
LockResource
WritePrivateProfileStringA
GetPrivateProfileStringA
GetSystemDefaultLCID
GetUserDefaultLangID
ProcessIdToSessionId
GetComputerNameExW
WaitNamedPipeW
CreateNamedPipeW
MoveFileExW
CreateDirectoryW
GetDiskFreeSpaceExW
SetCurrentDirectoryW
GetEnvironmentVariableW
CreateProcessW
OpenFileMappingW
OpenEventW
OpenMutexW
FlushViewOfFile
PeekNamedPipe
DisconnectNamedPipe
ConnectNamedPipe
CreatePipe
GetLocalTime
GetSystemTime
DeviceIoControl
WaitForMultipleObjects
TryEnterCriticalSection
GetExitCodeThread
TerminateThread
GetExitCodeProcess
GlobalMemoryStatusEx
SizeofResource
LeaveCriticalSection
UnmapViewOfFile
ReleaseMutex
MapViewOfFile
CreateFileMappingW
CreateMutexW
GetLongPathNameW
OpenProcess
ExpandEnvironmentStringsW
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
GetStringTypeW
EnumSystemLocalesW
IsValidLocale
LCMapStringW
GetTimeFormatW
GetDateFormatW
GetACP
ExitProcess
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
RtlUnwindEx
RtlPcToFileHeader
OutputDebugStringW
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
GlobalAlloc
CreateEventW
GlobalLock
GlobalDeleteAtom
lstrcmpA
lstrcmpW
FindResourceW
MultiByteToWideChar
WideCharToMultiByte
CompareStringA
CloseHandle
SetEvent
WaitForSingleObject
HeapFree
SetThreadPriority
ResumeThread
GetModuleHandleW
GetProcAddress
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GlobalAddAtomW
GetCurrentProcessId
OutputDebugStringA
SetLastError
FreeResource
GetModuleHandleExW
GlobalUnlock
GlobalFree
LoadLibraryW
CreateActCtxW
ActivateActCtx
DeactivateActCtx
FindActCtxSectionStringW
QueryActCtxW
EncodePointer
GetSystemDirectoryW
GlobalFindAtomW
GlobalSize
LocalFree
MulDiv
FormatMessageW
CopyFileW
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
GetCurrentDirectoryW
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
DeleteFileW
GlobalGetAtomNameW
VerSetConditionMask
lstrcpyW
VerifyVersionInfoW
CreateFileW
GetFileAttributesW
GetFileSize
FindClose
FindFirstFileW
FlushFileBuffers
GetFullPathNameW
GetShortPathNameW
GetVolumeInformationW
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
GetCurrentProcess
lstrcmpiW
VirtualProtect
FileTimeToSystemTime
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesExW
GetFileSizeEx
GetFileTime
SetFileAttributesW
SystemTimeToTzSpecificLocalTime
SearchPathW
GetTempFileNameW
GetTempPathW
GetTickCount
GetProfileIntW
Sleep
GetWindowsDirectoryW
FindResourceExW
GetUserDefaultLCID
ResetEvent
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW

user32

DestroyAcceleratorTable
CreateAcceleratorTableW
MapVirtualKeyW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
PostThreadMessageW
ModifyMenuW
NotifyWinEvent
InflateRect
SetWindowRgn
GetSystemMenu
GetAsyncKeyState
CharUpperW
TrackMouseEvent
IsRectEmpty
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
GetSysColorBrush
SetLayeredWindowAttributes
MonitorFromPoint
MessageBeep
RedrawWindow
IsZoomed
GetLastActivePopup
IsWindow
DestroyWindow
CreateDialogIndirectParamW
EndDialog
SetParent
GetSystemMetrics
ReuseDDElParam
UnpackDDElParam
LoadImageW
DestroyIcon
IntersectRect
SetRectEmpty
CopyAcceleratorTableW
DestroyMenu
CreatePopupMenu
LoadMenuW
TranslateAcceleratorW
LoadAcceleratorsW
RegisterClipboardFormatW
LockWindowUpdate
SetClassLongPtrW
SendDlgItemMessageA
GetMenuItemInfoW
MapDialogRect
GetKeyNameTextW
UnionRect
SetRect
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
BringWindowToTop
FillRect
SetCursorPos
CharUpperBuffW
UpdateLayeredWindow
EnableScrollBar
GetMenuDefaultItem
SetMenuDefaultItem
CopyIcon
FrameRect
GetDlgItem
GetNextDlgTabItem
SetActiveWindow
GetDesktopWindow
RegisterWindowMessageW
PostQuitMessage
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
IsClipboardFormatAvailable
DrawMenuBar
InsertMenuItemW
EnumChildWindows
DefFrameProcW
DefMDIChildProcW
GetClassInfoExW
CreateWindowExW
IsMenu
IsChild
AllowSetForegroundWindow
MsgWaitForMultipleObjects
SendMessageCallbackW
ExitWindowsEx
GetProcessWindowStation
SetProcessWindowStation
CloseWindowStation
OpenWindowStationW
GetThreadDesktop
CloseDesktop
SetThreadDesktop
OpenDesktopW
MsgWaitForMultipleObjectsEx
WaitForInputIdle
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsIconic
GetDlgCtrlID
SetFocus
GetCapture
GetMenu
SetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
TrackPopupMenu
UpdateWindow
GetForegroundWindow
SetForegroundWindow
BeginPaint
EndPaint
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropW
GetPropW
RemovePropW
GetWindowTextW
GetWindowTextLengthW
GetClientRect
TranslateMDISysAccel
IsCharLowerW
MapVirtualKeyExW
SubtractRect
GetUpdateRect
PostMessageW
GetWindowRect
AdjustWindowRectEx
FlashWindowEx
wsprintfW
ScreenToClient
MapWindowPoints
GetSysColor
CopyRect
EqualRect
GetWindowThreadProcessId
PtInRect
SetWindowLongW
GetWindowLongPtrW
SetWindowLongPtrW
GetClassLongPtrW
GetDoubleClickTime
GetIconInfo
CreateMenu
DestroyCursor
GetNextDlgGroupItem
GetComboBoxInfo
DrawIcon
GetWindowRgn
HideCaret
InvertRect
GetWindowLongW
MessageBoxW
IsWindowEnabled
SetCursor
ShowOwnedPopups
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
LoadBitmapW
GetParent
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
SystemParametersInfoW
OffsetRect
GetClassNameW
GetTopWindow
GetWindow
UnhookWindowsHookEx
LoadIconW
SetScrollInfo
GetScrollInfo
WinHelpW
MonitorFromWindow
GetMonitorInfoW
ShowWindow
MoveWindow
CheckDlgButton
SetWindowTextW
IsDialogMessageW
WaitMessage
SetCapture
ReleaseCapture
ClientToScreen
WindowFromPoint
LoadCursorW
GetMenuStringW
GetMenuState
SendMessageW
UnregisterClassW
GetMessagePos
EnableWindow
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
InsertMenuW
AppendMenuW
GrayStringW
DrawTextExW
DrawTextW
InvalidateRect
KillTimer
SetTimer
RealChildWindowFromPoint
DeleteMenu
CopyImage
RemoveMenu

gdi32

SetPixelV
GetTextFaceW
GetSystemPaletteEntries
GetNearestPaletteIndex
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
SetPaletteEntries
ExtFloodFill
GetPaletteEntries
CreatePalette
RoundRect
EnumFontFamiliesExW
Rectangle
Polyline
Polygon
CreatePolygonRgn
Ellipse
CreateEllipticRgn
GetBkColor
DPtoLP
SetRectRgn
GetTextExtentPoint32W
GetTextColor
OffsetRgn
GetRgnBox
CreateRoundRectRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
RealizePalette
PatBlt
GetDIBits
CombineRgn
GetTextMetricsW
GetTextCharsetInfo
EnumFontFamiliesW
CreateRectRgnIndirect
CreateFontIndirectW
CreateDIBitmap
CreateCompatibleBitmap
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateDCW
CopyMetaFileW
GetObjectW
SetTextColor
SetBkColor
CreateBitmap
DeleteObject
DeleteDC

msimg32

TransparentBlt
GradientFill
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

SetEntriesInAclW
StartServiceW
QueryServiceStatus
QueryServiceConfigW
OpenServiceW
OpenSCManagerW
ControlService
CloseServiceHandle
ChangeServiceConfigW
CreateProcessAsUserW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
FreeSid
AllocateAndInitializeSid
OpenEventLogW
CloseEventLog
BackupEventLogW
RegQueryInfoKeyW
GetUserNameW
CheckTokenMembership
OpenProcessToken
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegCloseKey

shell32

DragFinish
CommandLineToArgvW
SHGetSpecialFolderPathW
DragQueryFileW
SHGetFolderPathW
SHAppBarMessage
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
ExtractIconW
ShellExecuteExW
ShellExecuteW
SHGetFileInfoW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW
PathIsFileSpecW
PathFindFileNameW

uxtheme

GetThemePartSize
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
DrawThemeText
DrawThemeParentBackground
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
OpenThemeData
CloseThemeData
GetThemeColor
IsAppThemed

ole32

RevokeDragDrop
CoLockObjectExternal
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
OleLockRunning
OleGetClipboard
DoDragDrop
CLSIDFromString
StringFromGUID2
CoDisconnectObject
CreateStreamOnHGlobal
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoInitializeSecurity
CoSetProxyBlanket
CoCreateInstance
CoCreateGuid
CoUninitialize
OleInitialize
OleUninitialize
RegisterDragDrop

oleaut32

VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
LoadTypeLi
SysStringLen
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
SysAllocString

gdiplus

GdipCloneImage
GdipLoadImageFromStream
GdipDisposeImage
GdipAlloc
GdipFree
GdiplusShutdown
GdipCreateBitmapFromStream
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdiplusStartup
GdipCreateHBITMAPFromBitmap

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

psapi

GetModuleFileNameExW
EnumProcesses
EnumProcessModules
GetModuleBaseNameW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

secur32

GetUserNameExW

msi

ord94
ord141
ord8
ord72

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 730KB - Virtual size: 729KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

283f4ce510df26dff8de5f0d08db43d0

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

03:7e:56:a1:9d:56:78:8e:01:f1:26:30:95:1b:f5:ccCertificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

33:00:00:00:6d:9d:a5:3e:87:00:9d:33:49:00:00:00:00:00:6dCertificate

Extended Key Usages

61:0b:aa:c1:00:00:00:00:00:09Certificate

Key Usages

2b:23:9a:71:8f:d9:dc:21:b5:50:b1:71:4d:63:a7:b4:33:8c:40:0b:47:df:f0:b2:e1:2e:ee:5d:42:76:16:61Signer

c2:a5:20:64:ff:24:14:79:cc:57:97:6c:29:22:4d:21:9d:7a:59:91Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

psapi

version

secur32

msi

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 730KB - Virtual size: 729KB

.data Size: 32KB - Virtual size: 87KB

.pdata Size: 93KB - Virtual size: 93KB

.gfids Size: 105KB - Virtual size: 104KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 144KB - Virtual size: 143KB

.reloc Size: 62KB - Virtual size: 62KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

03:7e:56:a1:9d:56:78:8e:01:f1:26:30:95:1b:f5:cc
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

33:00:00:00:6d:9d:a5:3e:87:00:9d:33:49:00:00:00:00:00:6d
Certificate

61:0b:aa:c1:00:00:00:00:00:09
Certificate

2b:23:9a:71:8f:d9:dc:21:b5:50:b1:71:4d:63:a7:b4:33:8c:40:0b:47:df:f0:b2:e1:2e:ee:5d:42:76:16:61
Signer

c2:a5:20:64:ff:24:14:79:cc:57:97:6c:29:22:4d:21:9d:7a:59:91
Signer

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 730KB - Virtual size: 729KB

.data
Size: 32KB - Virtual size: 87KB

.pdata
Size: 93KB - Virtual size: 93KB

.gfids
Size: 105KB - Virtual size: 104KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 144KB - Virtual size: 143KB

.reloc
Size: 62KB - Virtual size: 62KB