[CRACKED BY L1nc0In] BLTools v2[.]8[.]3[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

[CRACKED BY L1nc0In] BLTools v2.8.3.rar
Size

12.2MB
MD5

3f6c60db6c879899f8ba0e3673de0d97
SHA1

83e0f109fc2e632202f6a872e2be4e0f277ec9f9
SHA256

b10783f6998f224557e32866d34413926bd6a2022f0c653e8b2ad04b733322df
SHA512

a6c2806010c58e14a18dbe6aa7dcca56bc11a89e5181e1e5d9ef90b8e9affde85ea3a95facdfdf9ea1de8dcd95b075f58fef42f6885c47cc4459cc87793bf1a1
SSDEEP

393216:gUvJocDMnTlXUE9/X+UFg9IFLI2NmBahvyaCV:gVcDMnp9/OckIu2SoaaCV

Score

7^/10

themida

Malware Config

Signatures

Themida packer 2 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
static1/unpack001/[CRACKED BY L1nc0In] BLTools v2.8.3/BLTools.exe	themida
static1/unpack001/[CRACKED BY L1nc0In] BLTools v2.8.3/CookiesCreator v1.2.exe	themida

Unsigned PE 8 IoCs

Checks for missing Authenticode signature.

resource
unpack001/[CRACKED BY L1nc0In] BLTools v2.8.3/AlphaFS.dll
unpack001/[CRACKED BY L1nc0In] BLTools v2.8.3/BLTools Patcher by L1nc0In.exe
unpack001/[CRACKED BY L1nc0In] BLTools v2.8.3/BLTools.exe
unpack001/[CRACKED BY L1nc0In] BLTools v2.8.3/CookiesCreator v1.2.exe
unpack001/[CRACKED BY L1nc0In] BLTools v2.8.3/Extreme.Net.dll
unpack001/[CRACKED BY L1nc0In] BLTools v2.8.3/MaterialDesignColors.dll
unpack001/[CRACKED BY L1nc0In] BLTools v2.8.3/MaterialDesignThemes.Wpf.dll
unpack001/[CRACKED BY L1nc0In] BLTools v2.8.3/Ookii.Dialogs.Wpf.dll

Files

[CRACKED BY L1nc0In] BLTools v2.8.3.rar
.rar

Password: L1nc0In
[CRACKED BY L1nc0In] BLTools v2.8.3/AlphaFS.dll
.dll windows:4 windows x86 arch:x86

Password: L1nc0In

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\jjangli\Documents\GitHub\AlphaFS\AlphaFS\obj\Net452\AlphaFS.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 356KB - Virtual size: 356KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[CRACKED BY L1nc0In] BLTools v2.8.3/BLTools Patcher by L1nc0In.exe
.exe windows:6 windows x64 arch:x64

Password: L1nc0In

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Marat
Size: - Virtual size: 3.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Vova
Size: 126KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

L1nc0In
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
[CRACKED BY L1nc0In] BLTools v2.8.3/BLTools.exe
.exe windows:4 windows x86 arch:x86

Password: L1nc0In

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 1.4MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 91KB - Virtual size: 550KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 1.0MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 20KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 6.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
[CRACKED BY L1nc0In] BLTools v2.8.3/CookiesCreator v1.2.exe
.exe windows:4 windows x86 arch:x86

Password: L1nc0In

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 39KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 13KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 5.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
[CRACKED BY L1nc0In] BLTools v2.8.3/Extreme.Net.dll
.dll windows:4 windows x86 arch:x86

Password: L1nc0In

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\scarf\source\repos\Extreme.Net\obj\Debug\Extreme.Net.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[CRACKED BY L1nc0In] BLTools v2.8.3/License.dll
[CRACKED BY L1nc0In] BLTools v2.8.3/MaterialDesignColors.dll
.dll windows:4 windows x86 arch:x86

Password: L1nc0In

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\MaterialDesignInXamlToolkit\MaterialDesignInXamlToolkit\MaterialDesignColors.Wpf\obj\Release\net462\MaterialDesignColors.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 293KB - Virtual size: 292KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[CRACKED BY L1nc0In] BLTools v2.8.3/MaterialDesignThemes.Wpf.dll
.dll windows:4 windows x86 arch:x86

Password: L1nc0In

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\MaterialDesignInXamlToolkit\MaterialDesignInXamlToolkit\MaterialDesignThemes.Wpf\obj\Release\net462\MaterialDesignThemes.Wpf.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 9.1MB - Virtual size: 9.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[CRACKED BY L1nc0In] BLTools v2.8.3/Microsoft.Xaml.Behaviors.dll
.dll windows:4 windows x86 arch:x86

Password: L1nc0In

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:03:4e:b5:3c:7a:c1:84:6f:eb:2b:00:00:00:00:03:4e
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/03/2023, 18:43

Not After

14/03/2024, 18:43

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b2:63:8a:cb:ae:08:38:57:4d:ee:95:eb:a6:58:3b:10:80:3d:86:3e:1c:8f:0d:12:62:f5:87:f8:01:ae:17:30
Signer

Actual PE Digest

b2:63:8a:cb:ae:08:38:57:4d:ee:95:eb:a6:58:3b:10:80:3d:86:3e:1c:8f:0d:12:62:f5:87:f8:01:ae:17:30

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\src\Microsoft.Xaml.Behaviors\obj\Release\net462\Microsoft.Xaml.Behaviors.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[CRACKED BY L1nc0In] BLTools v2.8.3/Ookii.Dialogs.Wpf.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\ookii-dialogs-wpf\ookii-dialogs-wpf\src\Ookii.Dialogs.Wpf\obj\Release\net462\Ookii.Dialogs.Wpf.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[CRACKED BY L1nc0In] BLTools v2.8.3/Projects/2dehands.be.proj
[CRACKED BY L1nc0In] BLTools v2.8.3/Projects/2ememain.be.proj
[CRACKED BY L1nc0In] BLTools v2.8.3/Projects/Ebay.proj
[CRACKED BY L1nc0In] BLTools v2.8.3/Projects/Etsy.proj
[CRACKED BY L1nc0In] BLTools v2.8.3/Projects/GitHub.proj
[CRACKED BY L1nc0In] BLTools v2.8.3/Projects/KLEINANZEIGEN.proj
[CRACKED BY L1nc0In] BLTools v2.8.3/Projects/Microsoft365.proj
[CRACKED BY L1nc0In] BLTools v2.8.3/Projects/Office365.proj
[CRACKED BY L1nc0In] BLTools v2.8.3/Projects/Willhaben.proj
[CRACKED BY L1nc0In] BLTools v2.8.3/Projects/capmonster.cloud.proj
[CRACKED BY L1nc0In] BLTools v2.8.3/Projects/carousell_MY.proj
[CRACKED BY L1nc0In] BLTools v2.8.3/Projects/carousell_SG.proj
[CRACKED BY L1nc0In] BLTools v2.8.3/Projects/dba.dk.proj
[CRACKED BY L1nc0In] BLTools v2.8.3/Projects/finn.no.proj
[CRACKED BY L1nc0In] BLTools v2.8.3/Projects/marktplaats.nl.proj
[CRACKED BY L1nc0In] BLTools v2.8.3/Projects/nebenan.de.proj
[CRACKED BY L1nc0In] BLTools v2.8.3/Projects/njuskalo.hr.proj
[CRACKED BY L1nc0In] BLTools v2.8.3/Projects/otto.de.proj
[CRACKED BY L1nc0In] BLTools v2.8.3/Projects/poshmark.com.proj
[CRACKED BY L1nc0In] BLTools v2.8.3/Projects/rucaptcha.com.proj
[CRACKED BY L1nc0In] BLTools v2.8.3/Projects/shpock.com.proj
[CRACKED BY L1nc0In] BLTools v2.8.3/Projects/subito.it.proj
[CRACKED BY L1nc0In] BLTools v2.8.3/Projects/zalando.de2.proj
[CRACKED BY L1nc0In] BLTools v2.8.3/Settings.ini

Sharing

General

Malware Config

Signatures

Files

Password: L1nc0In

Password: L1nc0In

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 356KB - Virtual size: 356KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

Password: L1nc0In

Headers

DLL Characteristics

File Characteristics

Sections

Marat Size: - Virtual size: 3.2MB

Vova Size: 126KB - Virtual size: 128KB

L1nc0In Size: 50KB - Virtual size: 52KB

Password: L1nc0In

Headers

DLL Characteristics

File Characteristics

Sections

Size: 1.4MB - Virtual size: 1.8MB

Size: 91KB - Virtual size: 550KB

Size: 1.0MB - Virtual size: 1.7MB

Size: 20KB - Virtual size: 67KB

Size: 512B - Virtual size: 12B

.idata Size: 512B - Virtual size: 8KB

.rsrc Size: 68KB - Virtual size: 68KB

.themida Size: - Virtual size: 6.6MB

.boot Size: 3.9MB - Virtual size: 3.9MB

Password: L1nc0In

Headers

DLL Characteristics

File Characteristics

Sections

Size: 39KB - Virtual size: 120KB

Size: 13KB - Virtual size: 67KB

Size: 512B - Virtual size: 12B

.idata Size: 512B - Virtual size: 8KB

.rsrc Size: 68KB - Virtual size: 68KB

.themida Size: - Virtual size: 5.5MB

.boot Size: 3.2MB - Virtual size: 3.2MB

Password: L1nc0In

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 118KB - Virtual size: 118KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

Password: L1nc0In

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 293KB - Virtual size: 292KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

Password: L1nc0In

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

.text
Size: 356KB - Virtual size: 356KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

Marat
Size: - Virtual size: 3.2MB

Vova
Size: 126KB - Virtual size: 128KB

L1nc0In
Size: 50KB - Virtual size: 52KB

.idata
Size: 512B - Virtual size: 8KB

.rsrc
Size: 68KB - Virtual size: 68KB

.themida
Size: - Virtual size: 6.6MB

.boot
Size: 3.9MB - Virtual size: 3.9MB

.idata
Size: 512B - Virtual size: 8KB

.rsrc
Size: 68KB - Virtual size: 68KB

.themida
Size: - Virtual size: 5.5MB

.boot
Size: 3.2MB - Virtual size: 3.2MB

.text
Size: 118KB - Virtual size: 118KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 293KB - Virtual size: 292KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 9.1MB - Virtual size: 9.1MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

33:00:00:03:4e:b5:3c:7a:c1:84:6f:eb:2b:00:00:00:00:03:4e
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

b2:63:8a:cb:ae:08:38:57:4d:ee:95:eb:a6:58:3b:10:80:3d:86:3e:1c:8f:0d:12:62:f5:87:f8:01:ae:17:30
Signer

.text
Size: 130KB - Virtual size: 130KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B